Hybrid_Auth class provide a simple way to authenticate users via OpenID and OAuth.
Generally, Hybrid_Auth is the only class you should instanciate and use throughout your application.
public function getGoogleLogin($auth = NULL)
{
if ($auth == 'auth') {
Hybrid_Endpoint::process();
}
try {
$oauth = new Hybrid_Auth(app_path() . '/config/google_auth.php');
$provider = $oauth->authenticate('Google');
$profile = $provider->getUserProfile();
} catch (exception $e) {
return $e->getMessage();
}
if ($user = User::where('email', '=', $profile->email)->first()) {
Auth::login($user, true);
return Redirect::intended('/');
}
return App::make('frontend\\UserController')->doSignUp(array('email' => $profile->email, 'login' => $profile->identifier, 'password' => "pass1234", 'f_name' => $profile->firstName, 'l_name' => $profile->lastName));
}
/**
* @return LoginProviderEntity
*/
protected function createLoginProviderEntity()
{
$type = $this->getHybridType();
//dump($this->getCallbackUrl());die($this->getCallbackUrl());
$params = array('base_url' => $this->getCallbackUrl(), 'providers' => array($type => $this->getConfig() + array('enabled' => TRUE)));
$hybridauth = new \Hybrid_Auth($params);
if (isset($_REQUEST['hauth_start']) || isset($_REQUEST['hauth_done'])) {
\Hybrid_Endpoint::process();
}
/** @var \Hybrid_User_Profile $user */
$user = $hybridauth->authenticate($this->getHybridType(), $this->authenticationParameters)->getUserProfile();
$ret = new LoginProviderEntity($user->identifier, static::getType());
return $ret;
}
public function loginWithSocial($social_provider, $action = "")
{
// check URL segment
if ($action == "auth") {
// process authentication
try {
Session::set('provider', $social_provider);
Hybrid_Endpoint::process();
} catch (Exception $e) {
// redirect back to http://URL/social/
return Redirect::route('loginWith');
}
return;
}
try {
// create a HybridAuth object
$socialAuth = new Hybrid_Auth(app_path() . '/config/hybridauth.php');
// authenticate with Provider
$provider = $socialAuth->authenticate($social_provider);
// fetch user profile
$userProfile = $provider->getUserProfile();
} catch (Exception $e) {
// exception codes can be found on HybBridAuth's web site
Session::flash('error_msg', $e->getMessage());
return Redirect::to('/login');
}
$this->createOAuthProfile($userProfile);
return Redirect::to('/');
}
function _init()
{
require_once "Hybrid/Auth.php";
if (isset($_GET['_login'])) {
switch ($_GET['_login']) {
case 'tw':
break;
case 'fb':
break;
case 'gp':
break;
}
}
$config = dirname(__FILE__) . '/config.php';
try {
$hybridauth = new Hybrid_Auth($config);
$twitter = $hybridauth->authenticate("Google");
$user_profile = $twitter->getUserProfile();
echo "Hi there! " . $user_profile->displayName;
$twitter->setUserStatus("Hello world!");
$user_contacts = $twitter->getUserContacts();
} catch (Exception $e) {
echo "Ooophs, we got an error: " . $e->getMessage();
}
}
/**
* plugin initialization
*/
function oauth_init()
{
global $conf, $page, $hybridauth_conf, $template;
load_language('plugin.lang', OAUTH_PATH);
$conf['oauth'] = safe_unserialize($conf['oauth']);
// check config
if (defined('IN_ADMIN')) {
if (empty($hybridauth_conf) and strpos(@$_GET['page'], 'plugin-oAuth') === false) {
$page['warnings'][] = '<a href="' . OAUTH_ADMIN . '">' . l10n('Social Connect: You need to configure the credentials') . '</a>';
}
if (!function_exists('curl_init')) {
$page['warnings'][] = l10n('Social Connect: PHP Curl extension is needed');
}
}
// in case of registration aborded
if (script_basename() == 'index' and ($oauth_id = pwg_get_session_var('oauth_new_user')) !== null) {
pwg_unset_session_var('oauth_new_user');
if ($oauth_id[0] == 'Persona') {
oauth_assign_template_vars(get_gallery_home_url());
$template->block_footer_script(null, 'navigator.id.logout();');
} else {
require_once OAUTH_PATH . 'include/hybridauth/Hybrid/Auth.php';
try {
$hybridauth = new Hybrid_Auth($hybridauth_conf);
$adapter = $hybridauth->getAdapter($oauth_id[0]);
$adapter->logout();
} catch (Exception $e) {
}
}
}
}
public function provider_login()
{
$setting = $this->session->data['social_login_free'];
$server = isset($_SERVER['HTTPS']) ? HTTPS_SERVER : HTTP_SERVER;
if (!isset($setting['base_url_index'])) {
$setting['base_url_index'] = false;
}
if ($setting['base_url_index']) {
$setting['base_url'] = $this->url->link('module/social_login_free/hybridauth', '', 'SSL');
} else {
$setting['base_url'] = $server . 'catalog/model/social_login_free/hybridauth.php';
}
$setting['debug_file'] = DIR_SYSTEM . "logs/social_login_free.txt";
if (isset($this->request->get['provider'])) {
$this->session->data['provider'] = $this->request->get['provider'];
}
$profile = array();
require_once DIR_APPLICATION . "model/social_login_free/hybrid/auth.php";
try {
$hybridauth = new Hybrid_Auth($setting);
$provider = $hybridauth->authenticate($this->session->data['provider']);
//get the user profile
$profile = $provider->getUserProfile();
$this->register($this->session->data['provider'], (array) $profile);
$provider->logout();
} catch (Exception $e) {
switch ($e->getCode()) {
case 0:
$json['error'] = "Unspecified error.";
break;
case 1:
$json['error'] = "Hybriauth configuration error.";
break;
case 2:
$json['error'] = "Provider not properly configured.";
break;
case 3:
$json['error'] = "Unknown or disabled provider.";
break;
case 4:
$json['error'] = "Missing provider application credentials.";
break;
case 5:
$json['error'] = "Authentification failed. " . "The user has canceled the authentication or the provider refused the connection.";
break;
case 6:
$json['error'] = "User profile request failed. Most likely the user is not connected " . "to the provider and he should authenticate again.";
$provider->logout();
case 7:
$json['error'] = "User not connected to the provider.";
$provider->logout();
case 8:
$json['error'] = "Provider does not support this feature.";
break;
}
//echo "Ooophs, we got an error: " . $e->getMessage();
$this->session->data['success'] = $json['error'] . " Ooophs, we got an error: " . $e->getMessage();
$this->response->redirect(urldecode($this->url->link('account/login', '')));
}
}
public function action_login()
{
//if user loged in redirect home
if (Auth::instance()->logged_in()) {
Auth::instance()->login_redirect();
}
Social::include_vendor();
$user = FALSE;
$config = Social::get();
if ($this->request->query('hauth_start') or $this->request->query('hauth_done')) {
try {
Hybrid_Endpoint::process($this->request->query());
} catch (Exception $e) {
Alert::set(Alert::ERROR, $e->getMessage());
$this->redirect(Route::url('default'));
}
} else {
$provider_name = $this->request->param('id');
try {
// initialize Hybrid_Auth with a given file
$hybridauth = new Hybrid_Auth($config);
// try to authenticate with the selected provider
if ($provider_name == 'openid') {
$params = array('openid_identifier' => 'https://openid.stackexchange.com/');
} else {
$params = NULL;
}
$adapter = $hybridauth->authenticate($provider_name, $params);
if ($hybridauth->isConnectedWith($provider_name)) {
//var_dump($adapter->getUserProfile());
$user_profile = $adapter->getUserProfile();
}
} catch (Exception $e) {
Alert::set(Alert::ERROR, __('Error: please try again!') . " " . $e->getMessage());
$this->redirect(Route::url('default'));
}
//try to login the user with same provider and identifier
$user = Auth::instance()->social_login($provider_name, $user_profile->identifier);
//we couldnt login create account
if ($user == FALSE) {
$email = $user_profile->emailVerified != NULL ? $user_profile->emailVerified : $user_profile->email;
$name = $user_profile->firstName != NULL ? $user_profile->firstName . ' ' . $user_profile->lastName : $user_profile->displayName;
//if not email provided
if (!Valid::email($email, TRUE)) {
Alert::set(Alert::INFO, __('We need your email address to complete'));
//redirect him to select the email to register
$this->redirect(Route::url('default', array('controller' => 'social', 'action' => 'register', 'id' => $provider_name)) . '?uid=' . $user_profile->identifier . '&name=' . $name);
} else {
//register the user in DB
Model_User::create_social($email, $name, $provider_name, $user_profile->identifier);
//log him in
Auth::instance()->social_login($provider_name, $user_profile->identifier);
}
} else {
Alert::set(Alert::SUCCESS, __('Welcome!'));
}
$this->redirect(Session::instance()->get_once('auth_redirect', Route::url('default')));
}
}
public function logout()
{
$oauth = new \Hybrid_Auth(base_path() . '/app/config/fb_Auth.php');
$oauth->logoutAllProviders();
Session::flush();
Auth::logout();
return Redirect::to("home");
}
public static function getUser($token)
{
$config = \Config::get('hybridauth');
$socialAuth = new \Hybrid_Auth($config);
$socialAuth->storage()->set("hauth_session.facebook.is_logged_in", 1);
$socialAuth->storage()->set("hauth_session.facebook.token.access_token", $token);
return SocialLoginManager::getUser('facebook');
}
public static function getUser($token, $secret)
{
$config = \Config::get('hybridauth');
$socialAuth = new \Hybrid_Auth($config);
$socialAuth->storage()->set("hauth_session.twitter.is_logged_in", 1);
$socialAuth->storage()->set("hauth_session.twitter.token.access_token", $token);
$socialAuth->storage()->set("hauth_session.twitter.token.access_token_secret", $secret);
return SocialLoginManager::getUser('twitter');
}
public function login()
{
$hybridauth = new Hybrid_Auth($this->config->item('social'));
$provider = ucfirst($this->uri->segment(3));
$adapter = $hybridauth->authenticate('Facebook');
$user_profile = $adapter->getUserProfile();
echo "<pre>";
print_r($user_profile);
echo "</pre>";
}
/**
* @param $provider
* @return \Hybrid_Provider_Adapter
*/
public static function authenticate($provider)
{
self::init();
$adapter = null;
try {
$hybridauth = new \Hybrid_Auth(self::getConfiguration());
$provider = @trim(strip_tags($provider));
$adapter = $hybridauth->authenticate($provider);
} catch (\Exception $e) {
\Logger::info($e);
}
return $adapter;
}
/**
* Prompt the User to authenticate with a social-auth provider
*
* @param $provider_name
* @param null $profile
* @return null
*/
public function auth($provider_name, &$profile = null)
{
$identifier = null;
try {
$provider = $this->hybrid_auth->authenticate($provider_name);
$userProfile = $provider->getUserProfile();
$identifier = $userProfile->identifier;
$profile = $userProfile;
} catch (\Exception $e) {
dd($e->getMessage());
}
return $identifier;
}
private function getUser($provider)
{
try {
$oauth = new \Hybrid_Auth(app_path('../config/hybridauth.php'));
$providerAuth = $oauth->authenticate($provider);
$profile = $providerAuth->getUserProfile();
$user = User::loginWithSocialNetwork($providerAuth, $profile, $oauth->getSessionData(), true);
$token = $user->setHidden($user->loginHidden);
return ['user' => $user];
} catch (\Exception $e) {
return ['error' => $e->getMessage()];
}
}
public function process()
{
$user_profile = array();
//if( !empty( $_GET["action"] ) && $_GET["action"] == 'auth' && !empty($_GET["service"]) ) {
if ($provider = $this->getProperty('provider', false)) {
try {
$config = $this->modx->modHybridAuth->getProvidersConfig();
$hybridauth = new Hybrid_Auth($config);
$adapter = $hybridauth->authenticate($provider);
$user_profile = $adapter->getUserProfile();
} catch (Exception $e) {
$error = "<b>got an error!</b> " . $e->getMessage();
$this->modx->log(xPDO::LOG_LEVEL_ERROR, '[modHybridAuth] ' . $error);
$url = $this->modx->makeUrl($this->getProperty('failure_page'), null, null, 'full');
$this->modx->sendRedirect($url);
}
// Check is loggedin
if ($this->modx->user->hasSessionContext($this->modx->context->key)) {
$redirectTo = $this->modx->getOption('site_url');
$this->modx->sendRedirect($redirectTo);
return;
}
// else
// Try to get user by social profile
$q = $this->modx->newQuery('modUser');
$q->innerJoin('modUserProfile', 'Profile');
$q->innerJoin('modHybridAuthUserProfile', 'SocialProfile');
$q->innerJoin('modHybridAuthProvider', 'Provider', "Provider.id=SocialProfile.provider");
$q->where(array("SocialProfile.identifier" => $user_profile->identifier, "Provider.name" => $provider, "modUser.active" => 1, "Profile.blocked" => 0));
$q->limit(1);
//$q->prepare();
//$this->modx->log(1, $q->toSQL());
if ($user = $this->modx->getObject('modUser', $q)) {
$user->addSessionContext($this->modx->context->key);
$redirectTo = $this->modx->getOption('site_url');
$this->modx->sendRedirect($redirectTo);
return;
}
// else return to redirect
if ($redirect_id = $this->getProperty('redirect_id') and $redirect_url = $this->modx->makeUrl($redirect_id)) {
$this->modx->sendRedirect($redirect_url);
return;
}
} else {
$response = $this->modx->runProcessor('web/endpoint', $this->getProperties(), array('processors_path' => $this->modx->modHybridAuth->getOption('processorsPath')));
return $response->getResponse();
}
return '';
}
public function getFacebook($auth = null)
{
if ($auth = 'auth') {
try {
Hybri_Endpoint::process();
} catch (Exception $e) {
return Redirect::to('fbauth');
}
return;
}
$oauth = new Hybrid_Auth(app_path() . '/config/fbauth.php');
$provider = $oauth->authenticate('Facebook');
$profile = $provider->getUserProfile();
return var_dump($profile) . '<a href="logout">Logout</a>';
}
/**
* {@inheritdoc}
*/
public function loginBegin()
{
// Initiate the Reverse Auth flow; cf. https://dev.twitter.com/docs/ios/using-reverse-auth
if (isset($_REQUEST['reverse_auth']) && $_REQUEST['reverse_auth'] == 'yes') {
$stage1 = $this->api->signedRequest($this->api->request_token_url, 'POST', array('x_auth_mode' => 'reverse_auth'));
if ($this->api->http_code != 200) {
throw new Exception("Authentication failed! {$this->providerId} returned an error. " . $this->errorMessageByStatus($this->api->http_code), 5);
}
$responseObj = array('x_reverse_auth_parameters' => $stage1, 'x_reverse_auth_target' => $this->config["keys"]["key"]);
$response = json_encode($responseObj);
header("Content-Type: application/json", true, 200);
echo $response;
die;
}
$tokens = $this->api->requestToken($this->endpoint);
// request tokens as received from provider
$this->request_tokens_raw = $tokens;
// check the last HTTP status code returned
if ($this->api->http_code != 200) {
throw new Exception("Authentication failed! {$this->providerId} returned an error. " . $this->errorMessageByStatus($this->api->http_code), 5);
}
if (!isset($tokens["oauth_token"])) {
throw new Exception("Authentication failed! {$this->providerId} returned an invalid oauth token.", 5);
}
$this->token("request_token", $tokens["oauth_token"]);
$this->token("request_token_secret", $tokens["oauth_token_secret"]);
// redirect the user to the provider authentication url with force_login
if (isset($this->config['force_login']) && $this->config['force_login'] || isset($this->config['force']) && $this->config['force'] === true) {
Hybrid_Auth::redirect($this->api->authorizeUrl($tokens, array('force_login' => true)));
}
// else, redirect the user to the provider authentication url
Hybrid_Auth::redirect($this->api->authorizeUrl($tokens));
}
/**
* begin login step
*
* simply call Facebook::require_login().
*/
function loginBegin()
{
// get the login url
$url = $this->api->getLoginUrl(array('scope' => $this->scope, 'display' => $this->display, 'redirect_uri' => $this->endpoint));
// redirect to facebook
Hybrid_Auth::redirect($url);
}
/**
* load the user profile from the IDp api client
*/
function getUserProfile()
{
// refresh tokens if needed
$this->refreshToken();
// Vkontakte requires user id, not just token for api access
$params['uid'] = Hybrid_Auth::storage()->get("hauth_session.{$this->providerId}.user_id");
$params['fields'] = 'first_name,last_name,nickname,screen_name,sex,bdate,timezone,photo_rec,photo_big';
// ask vkontakte api for user infos
$response = $this->api->api("https://api.vk.com/method/getProfiles", 'GET', $params);
if (!isset($response->response[0]) || !isset($response->response[0]->uid) || isset($response->error)) {
throw new Exception("User profile request failed! {$this->providerId} returned an invalid response.", 6);
}
$response = $response->response[0];
$this->user->profile->identifier = property_exists($response, 'uid') ? $response->uid : "";
$this->user->profile->firstName = property_exists($response, 'first_name') ? $response->first_name : "";
$this->user->profile->lastName = property_exists($response, 'last_name') ? $response->last_name : "";
$this->user->profile->displayName = property_exists($response, 'nickname') ? $response->nickname : "";
$this->user->profile->photoURL = property_exists($response, 'photo_big') ? $response->photo_big : "";
$this->user->profile->profileURL = property_exists($response, 'screen_name') ? "http://vk.com/" . $response->screen_name : "";
if (property_exists($response, 'sex')) {
switch ($response->sex) {
case 1:
$this->user->profile->gender = 'female';
break;
case 2:
$this->user->profile->gender = 'male';
break;
default:
$this->user->profile->gender = '';
break;
}
}
return $this->user->profile;
}
/**
* finish login step
*/
function loginFinish()
{
parent::loginFinish();
$uid = str_replace("http://steamcommunity.com/openid/id/", "", $this->user->profile->identifier);
if ($uid) {
$data = @file_get_contents("http://steamcommunity.com/profiles/{$uid}/?xml=1");
$data = @new SimpleXMLElement($data);
if (!is_object($data)) {
return false;
}
$this->user->profile->displayName = (string) $data->{'steamID'};
$this->user->profile->photoURL = (string) $data->{'avatarMedium'};
$this->user->profile->description = (string) $data->{'summary'};
$realname = (string) $data->{'realname'};
if ($realname) {
$this->user->profile->displayName = $realname;
}
$customURL = (string) $data->{'customURL'};
if ($customURL) {
$this->user->profile->profileURL = "http://steamcommunity.com/id/{$customURL}/";
}
// restore the user profile
Hybrid_Auth::storage()->set("hauth_session.{$this->providerId}.user", $this->user);
}
}
/**
* begin login step
*/
function loginBegin()
{
# redirect to Authorize url
//var_dump($this->api->getAuthorizeUrl());
//die();
Hybrid_Auth::redirect($this->api->getAuthorizeUrl());
}
/**
* finish login step
*/
function loginFinish()
{
parent::loginFinish();
$this->user->profile->emailVerified = $this->user->profile->email;
// restore the user profile
Hybrid_Auth::storage()->set("hauth_session.{$this->providerId}.user", $this->user);
}
function loginBegin()
{
$parameters = array('scope' => isset($this->config['scope']) ? $this->config['scope'] : $this->scope, 'response_type' => 'token', 'client_id' => $this->api->client_id, 'redirect_uri' => $this->api->redirect_uri, 'state' => isset($this->config['state']) ? $this->config['state'] : '');
if (is_array($parameters['scope'])) {
$parameters['scope'] = implode(',', $parameters['scope']);
}
Hybrid_Auth::redirect($this->api->authorizeUrl($parameters));
}
function __construct($config = array())
{
$ci =& get_instance();
$ci->load->helper('url_helper');
$config['base_url'] = site_url((config_item('index_page') == '' ? SELF : '') . $config['base_url']);
parent::__construct($config);
log_message('debug', 'HybridAuthLib Class Initalized');
}
function __construct($config = array())
{
$ci =& get_instance();
$ci->load->helper('url_helper');
$config = config_item('oauth_config');
parent::__construct($config);
// log_message('debug', 'HybridAuthLib Class Initalized');
}
/**
* begin login step
*
* simply call Renren::require_login().
*/
function loginBegin()
{
$state = uniqid(null, true);
$this->api->setPersistentData('state', $state);
// get the login url
$url = $this->api->getAuthorizeURL($this->endpoint, 'code', $state, "page");
// redirect to Renren
Hybrid_Auth::redirect($url);
}
/**
* finish login step
*/
function loginFinish()
{
parent::loginFinish();
$this->user->profile->profileURL = $this->user->profile->identifier;
// https://ru.wargaming.net/id/5069690-Steel_Master/
$this->user->profile->identifier = preg_replace('/^[^0-9]+([0-9]+)-.+$/', '$1', $this->user->profile->identifier);
// restore the user profile
Hybrid_Auth::storage()->set("hauth_session.{$this->providerId}.user", $this->user);
}
/**
* {@inheritdoc}
*/
function loginBegin()
{
$this->endpoint = $this->params['login_done'];
$helper = $this->api->getRedirectLoginHelper();
// Use re-request, because this will trigger permissions window if not all permissions are granted.
$url = $helper->getReRequestUrl($this->endpoint, $this->scope);
// Redirect to Facebook
Hybrid_Auth::redirect($url);
}
/**
* begin login step
*/
function loginBegin()
{
try {
$this->api->setRedirectURI($this->endpoint);
$url = $this->api->getAuthorizationURL();
Hybrid_Auth::redirect($url);
} catch (ViadeoException $e) {
throw new Exception("Authentication failed! An error occurred during {$this->providerId} authentication.", 5);
}
}
/**
* finish login step
*/
function loginFinish()
{
if (!$_REQUEST['dr_auth_code']) {
throw new Exception('Authentication failed! ' . $this->providerId . ' returned an invalid Token and Verifier.', 5);
}
$this->token('access_token', $_REQUEST['dr_auth_code']);
// set user as logged in
$this->setUserConnected();
Hybrid_Auth::storage()->set("hauth_session.{$this->providerId}.user", $this->user);
}