/** * Step 2 in oAuth process * this is when linkedin redirected the user back * to our callback url, which calls this controller * @return object $this * * @throws Exception in case something goes wrong with oAuth class */ protected function step2() { try { /** * This is a callback (redirected back from linkedin page * after user authorized us) * In this case we must: create account or update account * in USER table * Re-create oViewer object * send cookie to remember user * and then send out HTML with js instruction to close the popup window */ d('Looks like we are at step 2 of authentication. Request: ' . print_r($_REQUEST, 1)); /** * @todo check first to make sure we do have oauth_token * on REQUEST, else close the window */ $this->oAuth->setToken($this->Request['oauth_token'], $_SESSION['linkedin_oauth']['oauth_token_secret']); $ver = $this->Registry->Request->get('oauth_verifier', 's', ''); d(' $ver: ' . $ver); $url = empty($var) ? self::ACCESS_TOKEN_URL : self::ACCESS_TOKEN_URL . '?oauth_verifier=' . $ver; d('url: ' . $url); $this->aAccessToken = $this->oAuth->getAccessToken($url); d('$this->aAccessToken: ' . print_r($this->aAccessToken, 1)); unset($_SESSION['linkedin_oauth']); $this->oAuth->setToken($this->aAccessToken['oauth_token'], $this->aAccessToken['oauth_token_secret']); $this->oAuth->fetch(self::PROFILE_URL); $resp = $this->oAuth->getLastResponse(); $this->parseXML($resp); $this->createOrUpdate(); if (!$this->bConnect) { \Lampcms\Cookie::sendLoginCookie($this->Registry->Viewer->getUid(), $this->User->rs); } else { /** * The b_li flag in Viewer is necessary * for the social checkboxes to set * the checkbox to 'checked' state * */ $this->Registry->Viewer['b_li'] = true; } $this->closeWindow(); } catch (\OAuthException $e) { e('OAuthException: ' . $e->getMessage() . ' ' . print_r($e, 1)); $err = 'Something went wrong during authorization. Please try again later' . $e->getMessage(); throw new \Exception($err); } return $this; }
/** * Step 2 in oAuth process * this is when Twitter redirected the user back * to our callback url, which calls this controller * @return object $this * * @throws Exception in case something goes wrong with oAuth class */ protected function finishOauthDance() { try { /** * This is a callback (redirected back from twitter page * after user authorized us) * In this case we must: create account or update account * in USER table * Re-create oViewer object * send cookie to remember user * and then send out HTML with js instruction to close the popup window */ d('Looks like we are at step 2 of authentication. Request: ' . print_r($_REQUEST, 1)); // State 1 - Handle callback from Twitter and get and store an access token /** * @todo check first to make sure we do have oauth_token * on REQUEST, else close the window */ $this->oAuth->setToken($this->Request['oauth_token'], $_SESSION['oauth']['oauth_token_secret']); $aAccessToken = $this->oAuth->getAccessToken(self::ACCESS_TOKEN_URL); d('$aAccessToken: ' . print_r($aAccessToken, 1)); unset($_SESSION['oauth']); /** * @todo * there is a slight possibility that * we don't get the oData back like if * request for verify_credentials with token/secret fails * This should not happend because user has just authorized us - this * is a callback url after all. * But still, what if... what if Twitter hickups and does not * return valid response, then what should be do? * * Probably throw some generic exception telling user to try * again in a few minutes * * So basically we should delegate this whole process to * the Twitter->verifyCredentials() * */ $this->oAuth->setToken($aAccessToken['oauth_token'], $aAccessToken['oauth_token_secret']); $this->oAuth->fetch('http://api.twitter.com/1/account/verify_credentials.json'); if (false === ($this->aUserData = \json_decode($this->oAuth->getLastResponse(), true))) { e('Unable to json_decode data returned by Twitter API: ' . $this->oAuth->getLastResponse()); $this->closeWindow(); exit; } if (isset($this->aUserData['status'])) { unset($this->aUserData['status']); } d('json: ' . var_export($this->aUserData, true)); $aDebug = $this->oAuth->getLastResponseInfo(); d('debug: ' . print_r($aDebug, 1)); $this->aUserData = array_merge($this->aUserData, $aAccessToken); d('$this->aUserData ' . print_r($this->aUserData, 1)); $this->aUserData['_id'] = !empty($this->aUserData['id_str']) ? $this->aUserData['id_str'] : (string) $this->aUserData['id']; unset($this->aUserData['user_id']); $this->updateTwitterUserRecord(); $this->createOrUpdate(); if (!$this->bConnect) { Cookie::sendLoginCookie($this->Registry->Viewer->getUid(), $this->User->rs); } else { /** * Set flag to session indicating that user just * connected Twitter Account */ $this->Registry->Viewer['b_tw'] = true; } $this->closeWindow(); } catch (\OAuthException $e) { e('OAuthException: ' . $e->getMessage() . ' ' . print_r($e, 1)); // throw new \Lampcms\Exception('Something went wrong during authorization. Please try again later'.$e->getMessage()); /* /** * Cannot throw exception because then it would be * displayed as regular page, with login block * but the currently opened window is a popup window * for showing twitter oauth page and we don't need * a login form or any other elements of regular page there */ $err = 'Something went wrong during authorization. Please try again later' . $e->getMessage(); exit(\Lampcms\Responder::makeErrorPage($err)); } return $this; }
public function main() { /** * Will not check for the valid 'form token' * in this form because potential * hacher has nothing to gain by * exploiting CSRF of a login form because * the user using this form is be definition * 'not yet logged in', so there is really * nothing to gain by tricking someonw to login */ $bRemember = isset($this->Request['chkRemember']) ? (bool) $this->Request['chkRemember'] : false; d('$bRemember ' . $bRemember . ' $this->Request ' . print_r($this->Request->getArrayCopy(), 1)); try { $oCheckLogin = new UserAuth($this->Registry); $User = $oCheckLogin->validateLogin($this->Request['login'], $this->Request['pwd']); /** * If user logged in that means he got the email * with password, * thus we confirmed email address * and can activate user */ $User->activate(); } catch (\Lampcms\LoginException $e) { /** * @todo may add extra setting to !config.ini to send login errors * to special dedicated email address that will receive all security (hacking attempts) * related errors. */ d('Login error: ' . $e->getMessage() . ' in file: ' . $e->getFile() . ' on line: ' . $e->getLine()); if (Request::isAjax()) { Responder::sendJSON(array('error' => $e->getMessage())); } $_SESSION['login_error'] = $e->getMessage(); d('$_SESSION[login_error] ' . $_SESSION['login_error']); Responder::redirectToPage(); } d('User: '******'onUserLogin'); if ($bRemember) { \Lampcms\Cookie::sendLoginCookie($User->getUid(), $User['rs']); } Responder::redirectToPage(); }
/** * Based on value of email address in the data received * from Google API * Login existing user or create a new account * and login the new user * */ protected function createOrUpdate() { $User = null; $this->email = \mb_strtolower($this->userInfo['email']); /** * @todo this can be refactored for php 5.4 * Search EMAILS collection * try to find user that has this email address */ $res = $this->Registry->Mongo->EMAILS->findOne(array(Schema::EMAIL => $this->email), array('i_uid' => true)); if (!empty($res) && !empty($res['i_uid'])) { d('found user id by email address. uid: ' . $res['i_uid']); $aUser = $this->Registry->Mongo->USERS->findOne(array(Schema::PRIMARY => $res['i_uid'])); $User = User::userFactory($this->Registry, $aUser); $this->updateUser($User); } /** * Was Not able to find user by search EMAILS collection * Search USERS collection by email address */ if (null === $User) { $a = $this->Registry->Mongo->USERS->findOne(array(Schema::EMAIL => $this->email)); if (!empty($a)) { d('found user id by email address. uid: ' . $a['_id']); $User = User::userFactory($this->Registry, $a); $this->updateUser($User); } } if (null === $User) { $User = $this->createUser(); } try { $this->processLogin($User); Cookie::sendLoginCookie($User->getUid(), $User->rs); $this->Registry->Dispatcher->post($this, 'onGoogleLogin'); $this->closeWindow(); } catch (\Lampcms\LoginException $e) { /** * re-throw as regular exception * so that it can be caught and shown in popup window */ e('Unable to process login: ' . $e->getMessage()); exit(\Lampcms\Responder::makeErrorPage($e->getMessage())); } }
/** * Step 2 in oAuth process * this is when linkedin redirected the user back * to our callback url, which calls this controller * * @throws \Exception in case something goes wrong with oAuth class * @return object $this */ protected function step2() { try { /** * This is a callback (redirected back from linkedin page * after user authorized us) * In this case we must: create account or update account * in USER table * Re-create oViewer object * send cookie to remember user * and then send out HTML with js instruction to close the popup window */ d('We are at step 2 of authentication. $_REQUEST: ' . print_r($_REQUEST, 1)); $token = $this->Request['oauth_token']; d('$token: ' . $token); /** * @todo check first to make sure we do have oauth_token * on REQUEST, else close the window */ $this->oAuth->setToken($token, $_SESSION['linkedin_oauth']['oauth_token_secret']); /** * Get 'oauth_verifier' request param which was sent from LinkedIn */ $ver = $this->Registry->Request->get('oauth_verifier', 's', ''); d('$ver: ' . $ver); if (empty($ver)) { $ver = null; } $url = self::ACCESS_TOKEN_URL; d('url: ' . $url); $this->aAccessToken = $this->oAuth->getAccessToken($url, null, $ver); d('$this->aAccessToken: ' . \print_r($this->aAccessToken, 1)); $this->setTokenExpirationTime(); unset($_SESSION['linkedin_oauth']); $this->oAuth->setToken($this->aAccessToken['oauth_token'], $this->aAccessToken['oauth_token_secret']); d('getting profile from PROFILE_URL'); $this->oAuth->fetch(self::PROFILE_URL, null, OAUTH_HTTP_METHOD_GET, array('Connection' => 'close')); $aDebug = $this->oAuth->getLastResponseInfo(); d('debug: ' . \print_r($aDebug, 1)); $resp = $this->oAuth->getLastResponse(); $this->parseXML($resp); $this->getEmailAddress(); $this->createOrUpdate(); if (!$this->bConnect) { \Lampcms\Cookie::sendLoginCookie($this->Registry->Viewer->getUid(), $this->User->rs); } else { /** * The b_li flag in Viewer is necessary * for the social checkboxes to set * the checkbox to 'checked' state * */ $this->Registry->Viewer['b_li'] = true; } $this->closeWindow(); } catch (\OAuthException $e) { e('OAuthException: ' . $e->getMessage()); $aDebug = $this->oAuth->getLastResponseInfo(); d('debug: ' . print_r($aDebug, 1)); $err = '@@Something went wrong during authorization. Please try again later@@ ' . $e->getMessage(); throw new \Exception($err); } return $this; }