/**
* Verify the Facebook credentials.
*
* @throws Kohana_Exception
* @param string the service name
* @return boolean
*/
public function verify($service = MMI_API::SERVICE_FACEBOOK)
{
$access_token = NULL;
if (!array_key_exists('fragment', $_GET)) {
$this->_convert_fragment_to_parameter();
} else {
$fragment = urldecode(Security::xss_clean($_GET['fragment']));
parse_str($fragment, $parms);
$access_token = Arr::get($parms, 'access_token');
unset($parms);
}
// Ensure the access token is set
if (empty($access_token)) {
MMI_Log::log_error(__METHOD__, __LINE__, 'Access token parameter missing');
throw new Kohana_Exception('Access token parameter missing in :method.', array(':method' => __METHOD__));
}
// Load existing data from the database
$auth_config = $this->_auth_config;
$username = Arr::get($auth_config, 'username');
$model;
if (!empty($username)) {
$model = Model_MMI_API_Tokens::select_by_service_and_username($service, $username, FALSE);
} else {
$consumer_key = Arr::get($auth_config, 'api_key');
$model = Model_MMI_API_Tokens::select_by_service_and_consumer_key($service, $consumer_key, FALSE);
}
$success = FALSE;
$previously_verified = FALSE;
if ($model->loaded()) {
// Check if the credentials were previously verified
$previously_verified = $model->verified;
$success = $previously_verified;
}
if (!$previously_verified) {
// Create an access token
$token = new OAuthToken($access_token, $service . '-' . time());
// Update the token credentials in the database
$svc = MMI_API::factory($service);
if (isset($token) and $svc->is_valid_token($token)) {
$encrypt = Encrypt::instance();
$model->service = $service;
$model->consumer_key = 'consumer-' . $service;
$model->consumer_secret = $encrypt->encode($service . '-' . time());
$model->token_key = $token->key;
$model->token_secret = $encrypt->encode($token->secret);
unset($encrypt);
$model->verified = 1;
$model->verification_code = $service . '-' . time();
$model->username = $username;
if (array_key_exists('expires_in', $_GET)) {
$model->attributes = array('expires_in' => urldecode(Security::xss_clean($_GET['expires_in'])));
}
$success = MMI_Jelly::save($model, $errors);
if (!$success and $this->_debug) {
MMI_Debug::dead($errors);
}
}
}
return $success;
}
/**
* Verify the Flickr credentials.
*
* @throws Kohana_Exception
* @return boolean
*/
public function verify()
{
// Set the service
$service = $this->_service;
if (empty($service)) {
MMI_Log::log_error(__METHOD__, __LINE__, 'Service not set');
throw new Kohana_Exception('Service not set in :method.', array(':method' => __METHOD__));
}
// Ensure the frob is set
$frob = NULL;
if (array_key_exists('frob', $_GET)) {
$frob = urldecode(Security::xss_clean($_GET['frob']));
}
if (empty($frob)) {
MMI_Log::log_error(__METHOD__, __LINE__, 'Frob parameter missing');
throw new Kohana_Exception('Frob parameter missing in :method.', array(':method' => __METHOD__));
}
// Load existing data from the database
$auth_config = $this->_auth_config;
$username = Arr::get($auth_config, 'username');
$model;
if (!empty($username)) {
$model = Model_MMI_API_Tokens::select_by_service_and_username($service, $username, FALSE);
} else {
$model = Jelly::factory('MMI_API_Tokens');
}
$success = FALSE;
if ($model->loaded()) {
// Check if the credentials were previously verified
$previously_verified = $model->verified;
if ($previously_verified) {
$success = TRUE;
} else {
// Create a dummy verification code
$verification_code = $service . '-' . time();
}
// Do database update
if (!$previously_verified) {
// Get an access token
$svc = MMI_API::factory($service);
$token = $svc->get_access_token($verification_code, array('token_key' => $frob, 'token_secret' => $service . '-' . time()));
// Update the token credentials in the database
if (isset($token) and $svc->is_valid_token($token)) {
$model->token_key = $token->key;
$model->token_secret = Encrypt::instance()->encode($token->secret);
$model->verified = 1;
$model->verification_code = $verification_code;
if (!empty($token->attributes)) {
$model->attributes = $token->attributes;
}
$success = MMI_Jelly::save($model, $errors);
if (!$success and $this->_debug) {
MMI_Debug::dead($errors);
}
}
}
}
return $success;
}
/**
* Update the OAuth credentials.
*
* @param OAuthToken the OAuth token object
* @param boolean save the extended token attributes?
* @return boolean
*/
protected function _update_token($token, $save_attributes = TRUE)
{
if (!$token instanceof OAuthToken) {
return FALSE;
}
$this->_token = new OAuthToken($token->key, $token->secret);
// Load the data model
$model = $this->_model;
if (!$model instanceof Jelly_Model) {
$model = $this->_get_db_model();
}
if (!$model->loaded()) {
$model = $this->_init_model($model);
}
// Update the data model
$model->token_key = $token->key;
$model->token_secret = Encrypt::instance()->encode($token->secret);
if ($save_attributes and !empty($token->attributes)) {
$model->attributes = $token->attributes;
$this->_token->attributes = $token->attributes;
}
$success = MMI_Jelly::save($model, $errors);
if (!$success and $this->_debug) {
MMI_Debug::dead($errors);
}
$this->_model = $model;
// Update the token's verified flag
if ($success) {
$this->_token->verified = $model->verified;
}
return $success;
}
/**
* Save the cookie and user modhash to the database.
*
* @param string the cookie value
* @param string the user modhash value
* @return boolean
*/
protected function _save_cookie_to_db($cookie, $usermodhash)
{
$service = $this->_service;
$model = $this->_model;
if (!$model instanceof Jelly_Model) {
$model = $this->_get_db_model();
}
if ($model instanceof Jelly_Model) {
$encrypt = Encrypt::instance();
$username = $this->_username;
$model->service = $service;
$model->consumer_key = 'consumer-' . $service;
$model->consumer_secret = $encrypt->encode($service . '-' . time());
if (!empty($username)) {
$model->username = $username;
}
$model->token_key = $cookie;
$model->token_secret = $encrypt->encode($usermodhash);
$model->verified = TRUE;
$model->verification_code = $service . '-' . time();
unset($encrypt);
}
$success = MMI_Jelly::save($model, $errors);
if (!$success and $this->_debug) {
MMI_Debug::dead($errors);
}
$this->_model = $model;
return $success;
}