/** * get url redirect to a specified opi */ public static function get($opi = false, $redirect_url = false) { if (!$opi) { $opi = OAuthConfig::getOpi(); } if (!$opi) { throw new Exception("You must pass OPI as param, or define it in <data> part of oauthconf.xml"); } $params = array("id" => urlencode(UserApi::getUserLoggedOid()), "sc" => urlencode(OAuthConfig::getBrand()), "carry_url" => urlencode($redirect_url)); $info = UserApi::getUserLogged(); $opi_age = false; $opi_gender = false; try { $birthday = isset($info->user->user_data->birthday) ? $info->user->user_data->birthday->value : null; if ($birthday != null) { $birthday = explode("/", $birthday); $age = date("md", date("U", mktime(0, 0, 0, $birthday[2], $birthday[1], $birthday[0]))) > date("md") ? date("Y") - $birthday[2] - 1 : date("Y") - $birthday[2]; if (18 <= $age && $age <= 24) { $opi_age = 1; } else { if (25 <= $age && $age <= 34) { $opi_age = 2; } } if (35 <= $age && $age <= 44) { $opi_age = 3; } if (45 <= $age && $age <= 64) { $opi_age = 4; } } } catch (Exception $e) { } try { $gender = isset($info->user->user_data->gender) ? $info->user->user_data->gender->vid : null; if ($gender == 1) { $opi_gender = 2; } else { if ($gender == 2) { $opi_gender = 1; } } } catch (Exception $e) { } if ($opi_age) { $params["carry_edad"] = $opi_age; } if ($opi_gender) { $params["carry_sexo"] = $opi_gender; } $query = array(); foreach ($params as $param => $value) { $query[] = "{$param}={$value}"; } return OAuthConfig::getApiUrl('opi', 'base_url') . OAuthConfig::getApiUrl('opi', 'rules') . "/" . $opi . "?" . implode('&', $query); }
/** * Checks if the user needs to accept terms and conditions for that section. * * The "scope" (section) is a group of fields configured in DruID for * a web client. * * A section can be also defined as a "part" (section) of the website * (web client) that only can be accessed by a user who have filled a * set of personal information configured in DruID. * * @param $scope string Section-key identifier of the web client. The * section-key is located in "oauthconf.xml" file. * @throws \Exception * @return boolean TRUE if the user need to accept terms and conditions, FALSE if it has * already accepted them. */ public static function checkUserNeedAcceptTerms($scope) { $status = false; try { self::$logger->info('Checking if the user has accepted terms and conditions for this section:' . $scope); if (self::isConnected()) { $status = OAuth::doCheckUserNeedAcceptTerms(OAuthConfig::getApiUrl('api.user', 'base_url') . OauthConfig::getApiUrl('api.user', 'user'), $scope); } } catch (Exception $e) { self::$logger->error($e->getMessage()); } return $status; }
/** * Returns the user data stored trough the Genetsis ID personal identifier. * The identifiers could be: id (ckusid), screenName, email, dni * Sample: array('id'=>'XXXX','screenName'=>'xxxx'); * * @param array The Genetsis IDs identifier to search, 'identifier' => 'value' * @return array A vector of {@link User} objects with user's * personal data. The array could be empty. * @throws /Exception */ public static function getUsers($identifiers) { $druid_user = array(); if (is_array($identifiers)) { try { if (!($druid_user_data = FileCache::get('user-' . reset($identifiers)))) { Identity::getLogger()->debug('Identifier: ' . reset($identifiers) . ' is Not in Cache System'); $client_token = Identity::getThings()->getClientToken(); if (is_null($client_token)) { throw new Exception('The clientToken is empty'); } /** * Parameters: * oauth_token: client token * s (select): dynamic user data to be returned * f (from): User * w (where): param with OR w.param1&w.param2... */ $params = array(); $params['oauth_token'] = $client_token->getValue(); $params['s'] = "*"; $params['f'] = "User"; foreach ($identifiers as $key => $val) { $params['w.' . $key] = $val; } $base = OAuthConfig::getApiUrl('api.user', 'base_url'); $api = OAuthConfig::getApiUrl('api.user', 'user'); $response = Request::execute($base . $api, $params, Request::HTTP_POST); if ($response['code'] != 200 || !isset($response['result']->data) || $response['result']->count == '0') { throw new Exception('The data retrieved is empty'); } $druid_user = $response['result']->data; FileCache::set('user-' . reset($identifiers), $druid_user, self::USER_TTL); } else { Identity::getLogger()->debug('Identifier: ' . reset($identifiers) . ' is in Cache System'); $druid_user = json_decode(json_encode($druid_user_data)); } } catch (Exception $e) { Identity::getLogger()->error($e->getMessage()); } } return $druid_user; }
/** * @param string $url Endpoint where the request is sent. Without params. * @param array $parameters mixed Associative vector with request params. Use key as param name, and value as value. The values shouldn't be prepared. * @param string $http_method string HTTP method. One of them: * - {@link self::HTTP_GET} * - {@link self::HTTP_POST} * - {@link self::HTTP_METHOD_HEAD} * - {@link self::HTTP_METHOD_PUT} * - {@link self::HTTP_METHOD_DELETE} * @param bool $credentials If true, client_id and client_secret are included in params * @param array $http_headers A vector of strings with HTTP headers or FALSE if no additional headers to sent. * @param array $cookies A vector of strings with cookie data or FALSE if no cookies to sent. One line per cookie ("key=value"), without trailing semicolon. * @return array An associative array with that items: * - result: An string or array on success, or FALSE if there is no result. * - code: HTTP code. * - content-type: Content-type related to result * @throws \Exception If there is an error. */ public static function execute($url, $parameters = array(), $http_method = self::HTTP_GET, $credentials = self::NOT_SECURED, $http_headers = array(), $cookies = array()) { if (!extension_loaded('curl')) { throw new Exception('The PHP extension curl must be installed to use this library.'); } if (($url = trim($url)) == '') { return array('result' => false, 'code' => 0, 'content_type' => ''); } $is_ssl = preg_match('#^https#Usi', $url) ? true : false; $curl_options = array(CURLOPT_RETURNTRANSFER => true, CURLOPT_CUSTOMREQUEST => $http_method, CURLOPT_USERAGENT => $_SERVER['HTTP_USER_AGENT']); if ($is_ssl) { $curl_options[CURLOPT_SSL_VERIFYPEER] = false; $curl_options[CURLOPT_SSL_VERIFYHOST] = 0; } else { $curl_options[CURLOPT_SSL_VERIFYPEER] = true; } if ($credentials) { $parameters['client_id'] = OAuthConfig::getClientId(); $parameters['client_secret'] = OAuthConfig::getClientSecret(); } switch ($http_method) { case self::HTTP_POST: $curl_options[CURLOPT_POST] = true; // Check if parameters must to be in json format if (isset($http_headers['Content-Type']) && $http_headers['Content-Type'] == 'application/json' && !empty($parameters) && is_array($parameters)) { //echo (json_encode($parameters)); $curl_options[CURLOPT_POSTFIELDS] = json_encode($parameters); } else { $curl_options[CURLOPT_POSTFIELDS] = http_build_query($parameters); } break; case self::HTTP_PUT: $curl_options[CURLOPT_POSTFIELDS] = http_build_query($parameters); break; case self::HTTP_HEAD: $curl_options[CURLOPT_NOBODY] = true; /* No break */ /* No break */ case self::HTTP_DELETE: // Check if parameters are in json if (isset($http_headers['Content-Type']) && $http_headers['Content-Type'] == 'application/json' && !empty($parameters) && is_array($parameters)) { $curl_options[CURLOPT_POSTFIELDS] = json_encode($parameters); } else { $url .= '?' . http_build_query($parameters, null, '&'); } break; case self::HTTP_GET: if (!empty($parameters)) { $url .= '?' . http_build_query($parameters, null, '&'); } break; default: break; } $curl_options[CURLOPT_URL] = $url; // Cookies. if (is_array($cookies) && !empty($cookies)) { // Removes trailing semicolons, if exists. foreach ($cookies as $key => $value) { $cookies[$key] = rtrim($value, ';'); } $curl_options[CURLOPT_COOKIE] = implode('; ', $cookies); } // Prepare headers. if (is_array($http_headers) && !empty($http_headers)) { $header = array(); foreach ($http_headers as $key => $parsed_urlvalue) { $header[] = "{$key}: {$parsed_urlvalue}"; } $curl_options[CURLOPT_HTTPHEADER] = $header; } // Send request. $ch = curl_init(); curl_setopt_array($ch, $curl_options); $result = curl_exec($ch); $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); $content_type = curl_getinfo($ch, CURLINFO_CONTENT_TYPE); $total_time = curl_getinfo($ch, CURLINFO_TOTAL_TIME); curl_close($ch); Identity::getLogger()->debug('### BEGIN REQUEST ###'); Identity::getLogger()->debug(sprintf('URL -> [%s][%s] %s', $http_method, $is_ssl ? 'ssl' : 'no ssl', var_export($url, true))); Identity::getLogger()->debug('Params -> ' . var_export($parameters, true)); Identity::getLogger()->debug('Headers -> ' . var_export($http_headers, true)); Identity::getLogger()->debug(sprintf("Response -> [%s][%s]\n%s", $content_type, $http_code, var_export($result, true))); Identity::getLogger()->debug('Total Time -> ' . var_export($total_time, true)); Identity::getLogger()->debug('### END REQUEST ###'); return array('result' => $content_type === 'application/json' ? null === json_decode($result) ? $result : json_decode($result) : $result, 'code' => $http_code, 'content_type' => $content_type); }
/** * Builds the URL to login process. * * @param string $endpoint_url The endpoint. Normally the 'authorization_endpoint' of * OAuth server. * @param string $redirect_url Where the user will be redirected, even on success or * not. * @param string $scope Section-key identifier of the web client. The * section-key is located in "oauthconf.xml" file. * @param string $social Social - to force login with social network. Optional. Values 'facebook', 'twitter' * @return string The URL generated. * @throws \Exception If there is an error. */ private static function buildLoginUrl($endpoint_url, $redirect_url, $scope = null, $social = null) { try { if (self::checkParam($endpoint_url)) { throw new Exception('Endpoint URL is empty'); } if (self::checkParam($redirect_url)) { throw new Exception('Redirect URL is empty'); } $endpoint_url = rtrim($endpoint_url, '?'); $params = array(); $params['client_id'] = OAuthConfig::getClientid(); $params['redirect_uri'] = $redirect_url; $params['response_type'] = 'code'; if (!is_null($scope)) { $params['scope'] = $scope; } if ($social != null) { $params['ck_auth_provider'] = $social; } return $endpoint_url . '?' . http_build_query($params, null, '&'); } catch (Exception $e) { Identity::getLogger()->debug('Error [' . __FUNCTION__ . '] - ' . $e->getMessage()); } }
/** * Returns a specific stored token. * SESSION has more priority than COOKIE. * * @param string $name The token we want to recover. Are defined in {@link iTokenTypes} * @return bool|AccessToken|ClientToken|RefreshToken|mixed|string An instance of {@link StoredToken} or FALSE if we * can't recover it. * @throws \Exception */ public static function getStoredToken($name) { if (($name = trim((string) $name)) == '') { throw new Exception('Token type not exist'); } $encryption = new Encryption(OAuthConfig::getClientId()); if (isset($_COOKIE[$name])) { return StoredToken::factory($name, $encryption->decode($_COOKIE[$name]), 0, 0, '/'); } else { return null; } }