public function onGet() { try { $token = $this->get->token('string', array(new Filter\Length(40, 40), new Filter\Xdigit())); if ($token !== false) { $handler = $this->getHandler('AmunService\\User\\Account'); $account = $handler->getRecoverByToken($token); if ($account instanceof Account\Record) { if (!empty($account->email)) { if ($_SERVER['REMOTE_ADDR'] == $account->ip) { $security = new Security($this->registry); $pw = $security->generatePw(); $date = new DateTime('NOW', $this->registry['core.default_timezone']); $account->setStatus(Account\Record::NORMAL); $account->setPw($pw); $handler->update($account); // send mail $values = array('account.name' => $account->name, 'account.pw' => $pw, 'host.name' => $this->base->getHost(), 'recover.link' => $this->page->getUrl(), 'recover.date' => $date->format($this->registry['core.format_date'])); $mail = new Mail($this->registry); $mail->send('LOGIN_RECOVER_SUCCESS', $account->email, $values); $this->template->assign('success', true); } else { throw new Exception('Recover process was requested from another IP'); } } else { throw new Exception('No public email address is set for this account'); } } else { throw new Exception('Invalid token'); } } else { throw new Exception('Token not set'); } } catch (\Exception $e) { $this->template->assign('error', $e->getMessage()); } }
public function handle($identity, $password) { $result = ldap_search($this->res, '', 'uid=' . $identity); $entries = ldap_get_entries($this->res, $result); $count = isset($entries['count']) ? $entries['count'] : 0; if ($count == 1) { $acc = $entries[0]; $mail = isset($acc['mail'][0]) ? $acc['mail'][0] : null; $name = isset($acc['givenname'][0]) ? $acc['givenname'][0] : null; $pw = isset($acc['userpassword'][0]) ? $acc['userpassword'][0] : null; if (empty($mail)) { throw new Exception('Mail not set'); } if (empty($name)) { throw new Exception('Given name not set'); } if (empty($pw)) { throw new Exception('User password not set'); } if ($this->comparePassword($pw, $password) === true) { $identity = $mail; $con = new Condition(array('identity', '=', sha1($this->config['amun_salt'] . $identity))); $userId = $this->hm->getTable('AmunService\\User\\Account')->getField('id', $con); if (empty($userId)) { // user doesnt exist so register a new user check whether // registration is enabled if (!$this->registry['login.registration_enabled']) { throw new Exception('Registration is disabled'); } // normalize name $name = $this->normalizeName($name); // create user account $security = new Security($this->registry); $handler = $this->hm->getHandler('AmunService\\User\\Account', $this->user); $account = $handler->getRecord(); $account->setGroupId($this->registry['core.default_user_group']); $account->setStatus(Account\Record::NORMAL); $account->setIdentity($identity); $account->setName($name); $account->setPw($security->generatePw()); $account = $handler->create($account); $userId = $account->id; // if the id is not set the account was probably added to // the approval table if (!empty($userId)) { $this->setUserId($userId); } else { throw new Exception('Could not create account'); } } else { $this->setUserId($userId); } return true; } else { throw new InvalidPasswordException('Invalid password'); } } }
public function callback() { // initialize openid $openid = new \PSX\OpenId($this->http, $this->config['psx_url'], $this->store); if ($openid->verify() === true) { $identity = $openid->getIdentifier(); if (!empty($identity)) { // check whether user is already registered $data = $openid->getData(); $con = new Condition(array('identity', '=', sha1($this->config['amun_salt'] . $openid->getIdentifier()))); $userId = $this->hm->getTable('AmunService\\User\\Account')->getField('id', $con); if (empty($userId)) { // user doesnt exist so register a new user check whether // registration is enabled if (!$this->registry['login.registration_enabled']) { throw new Exception('Registration is disabled'); } // get data for account $acc = $this->getAccountData($data); if (empty($acc)) { throw new Exception('No user informations provided'); } if (empty($acc['name'])) { throw new Exception('No username provided'); } $name = $this->normalizeName($acc['name']); // create user account $security = new Security($this->registry); $handler = $this->hm->getHandler('AmunService\\User\\Account', $this->user); $account = $handler->getRecord(); $account->setGroupId($this->registry['core.default_user_group']); $account->setStatus(Account\Record::NORMAL); $account->setIdentity($identity); $account->setName($name); $account->setPw($security->generatePw()); $account->setGender($acc['gender']); $account->setTimezone($acc['timezone']); $account = $handler->create($account); $userId = $account->id; // if the id is not set the account was probably added to // the approval table if (!empty($userId)) { $this->setUserId($userId); } else { throw new Exception('Could not create account'); } } else { $this->setUserId($userId); } // redirect header('Location: ' . $this->config['psx_url']); exit; } else { throw new Exception('Invalid identity'); } } else { throw new Exception('Authentication failed'); } }
/** * Is called if an user has made a friendship request on an remote website. * The website makes a call to the api/user/friend/relation inorder to * inform us that the friendship request was made. We make an webfinger * request to the host and check whether the user actually exists. If the * user exists on the remote website we create the friend as remote user * in our user account table and create a relation to this user. * * @param RecordInterface $record * @return boolean */ protected function handleRequest(RecordInterface $record) { $sql = <<<SQL SELECT \t`host`.`id` AS `hostId`, \t`host`.`name` AS `hostName`, \t`host`.`template` AS `hostTemplate` FROM \t{$this->registry['table.core_host']} `host` WHERE \t`host`.`name` = ? SQL; $row = $this->sql->getRow($sql, array($record->host)); if (!empty($row)) { // request profile url $email = $record->name . '@' . $row['hostName']; $profile = $this->getAcctProfile($email, $row['hostTemplate']); $identity = OpenId::normalizeIdentifier($profile['url']); // create remote user if not exists $con = new Condition(array('identity', '=', sha1($this->config['amun_salt'] . $identity))); $friendId = $this->sql->select($this->registry['table.user_account'], array('id'), $con, Sql::SELECT_FIELD); if (empty($friendId)) { $security = new Security($this->registry); $handler = $this->hm->getHandler('AmunService\\User\\Account', $this->user); $account = $handler->getRecord(); $account->globalId = $profile['id']; $account->setGroupId($this->registry['core.default_user_group']); $account->setHostId($row['hostId']); $account->setStatus(Account\Record::REMOTE); $account->setIdentity($identity); $account->setName($profile['name']); $account->setPw($security->generatePw()); $account = $handler->create($account); $friendId = $account->id; } // create relation $friend = $this->hm->getTable('AmunService\\User\\Friend')->getRecord(); $friend->friendId = $friendId; return $this->create($friend); } else { throw new Exception('Invalid host'); } }
public function callback() { // get access token $token = $this->session->get('oauth_login_token'); $tokenSecret = $this->session->get('oauth_login_token_secret'); $verifier = isset($_GET['oauth_verifier']) ? $_GET['oauth_verifier'] : null; if (empty($token) || empty($tokenSecret)) { throw new Exception('Token not set'); } $response = $this->oauth->accessToken(new Url(self::ACCESS_TOKEN), self::CONSUMER_KEY, self::CONSUMER_SECRET, $token, $tokenSecret, $verifier, 'HMAC-SHA1'); $token = $response->getToken(); $tokenSecret = $response->getTokenSecret(); // check access token if (empty($token) || empty($tokenSecret)) { throw new Exception('Could not request access token'); } // request user informations $url = new Url(self::VERIFY_ACCOUNT); $header = array('Authorization' => $this->oauth->getAuthorizationHeader($url, self::CONSUMER_KEY, self::CONSUMER_SECRET, $token, $tokenSecret, $method = 'HMAC-SHA1')); $request = new GetRequest($url, $header); $response = $this->http->request($request); if ($response->getCode() == 200) { $acc = Json::decode($response->getBody()); if (empty($acc)) { throw new Exception('No user informations provided'); } if (empty($acc['screen_name'])) { throw new Exception('No username provided'); } $identity = $acc['screen_name'] . '@twitter.com'; $con = new Condition(array('identity', '=', sha1($this->config['amun_salt'] . $identity))); $userId = $this->hm->getTable('AmunService\\User\\Account')->getField('id', $con); if (empty($userId)) { // user doesnt exist so register a new user check whether // registration is enabled if (!$this->registry['login.registration_enabled']) { throw new Exception('Registration is disabled'); } // normalize name $name = $this->normalizeName($acc['screen_name']); // create user account $security = new Security($this->registry); $handler = $this->hm->getHandler('AmunService\\User\\Account', $this->user); $account = $handler->getRecord(); $account->setGroupId($this->registry['core.default_user_group']); $account->setStatus(Account\Record::NORMAL); $account->setIdentity($identity); $account->setName($name); $account->setPw($security->generatePw()); $account->profileUrl = 'https://twitter.com/' . $acc['screen_name']; $account->thumbnailUrl = isset($acc['profile_image_url']) ? $acc['profile_image_url'] : null; $account = $handler->create($account); $userId = $account->id; // if the id is not set the account was probably added to // the approval table if (!empty($userId)) { $this->setUserId($userId); } else { throw new Exception('Could not create account'); } } else { $this->setUserId($userId); } // redirect header('Location: ' . $this->config['psx_url']); exit; } else { throw new Exception('Authentication failed'); } }
public function callback() { $code = new AuthorizationCode($this->http, new Url(self::ACCESS_TOKEN)); $code->setClientPassword(self::CLIENT_ID, self::CLIENT_SECRET, AuthorizationCode::AUTH_POST); $accessToken = $code->getAccessToken($this->pageUrl . '/callback/facebook'); // request user informations $url = new Url(self::VERIFY_ACCOUNT); $header = array('Authorization' => $this->oauth->getAuthorizationHeader($accessToken)); $request = new GetRequest($url, $header); $response = $this->http->request($request); if ($response->getCode() == 200) { $acc = Json::decode($response->getBody()); if (empty($acc)) { throw new Exception('No user informations provided'); } if (empty($acc['id'])) { throw new Exception('No user id provided'); } $identity = $acc['id']; $con = new Condition(array('identity', '=', sha1($this->config['amun_salt'] . $identity))); $userId = $this->hm->getTable('AmunService\\User\\Account')->getField('id', $con); if (empty($userId)) { // user doesnt exist so register a new user check whether // registration is enabled if (!$this->registry['login.registration_enabled']) { throw new Exception('Registration is disabled'); } if (empty($acc['username'])) { throw new Exception('No username provided'); } $name = $this->normalizeName($acc['username']); // create user account $security = new Security($this->registry); $handler = $this->hm->getHandler('AmunService\\User\\Account', $this->user); $account = $handler->getRecord(); $account->setGroupId($this->registry['core.default_user_group']); $account->setStatus(Account\Record::NORMAL); $account->setIdentity($identity); $account->setName($name); $account->setPw($security->generatePw()); $account->profileUrl = isset($acc['link']) ? $acc['link'] : null; $account->thumbnailUrl = 'http://graph.facebook.com/' . $identity . '/picture'; $account = $handler->create($account); $userId = $account->id; // if the id is not set the account was probably added to // the approval table if (!empty($userId)) { $this->setUserId($userId); } else { throw new Exception('Could not create account'); } } else { $this->setUserId($userId); } // redirect header('Location: ' . $this->config['psx_url']); exit; } else { throw new Exception('Authentication failed'); } }
protected function insertUser() { $count = $this->sql->count($this->registry['table.user_account']); if ($count == 0) { $this->logger->info('Create users'); $security = new Security($this->registry); $handler = new UserAccount\Handler($this->container); $validate = $this->container->get('validate'); // get name, pw and email $this->name = isset($_POST['name']) ? $_POST['name'] : null; $this->pw = isset($_POST['pw']) ? $_POST['pw'] : null; $this->email = isset($_POST['email']) ? $_POST['email'] : null; $io = $this->container->get('io'); if ($io instanceof IOInterface) { if (empty($this->name)) { $this->name = $this->untilValid(function () use($io, $handler, $validate) { $name = $io->ask('Username: '******'Password: '******'Email: '); $validate->clearError(); $handler->getRecord()->setEmail($email); return $email; }); } } // admin user $record = $handler->getRecord(); $record->setGroupId(1); $record->setStatus(UserAccount\Record::ADMINISTRATOR); $record->setIdentity($this->email); $record->setName($this->name); $record->setPw($this->pw); $record->setEmail($this->email); $record->setTimezone('UTC'); $handler->create($record); $this->logger->info('> Created administrator user'); // anonymous user $record = $handler->getRecord(); $record->setGroupId(3); $record->setStatus(UserAccount\Record::ANONYMOUS); $record->setIdentity('*****@*****.**'); $record->setName('Anonymous'); $record->setPw($security->generatePw()); $record->setTimezone('UTC'); $record = $handler->create($record); // set anonymous_user $con = new Condition(array('name', '=', 'core.anonymous_user')); $this->sql->update($this->registry['table.core_registry'], array('value' => $record->id), $con); $this->logger->info('> Created anonymous user'); } }