/**
* Log in a user referred from Twitter's OAuth API
*
* If the user has already linked their account with Twitter, it is a seamless
* login. If this is a first time login (or a user from deprecated twitter login
* plugin), we create a new account (update the account).
*
* If a plugin wants to be notified when someone logs in with twitter or a new
* twitter user signs up, register for the standard login or create user events
* and check for 'twitter_api' context.
*
* The user has to be redirected from Twitter for this to work. It depends on
* the Twitter OAuth data.
*/
function twitter_api_login()
{
// sanity check
if (!twitter_api_allow_sign_on_with_twitter()) {
forward();
}
$session = elgg_get_session();
$token = twitter_api_get_access_token(get_input('oauth_verifier'));
$persistent = false;
$forward = '';
// fetch login metadata from session
$login_metadata = $session->get('twitter_api_login_metadata');
$session->remove('twitter_api_login_metadata');
if (!empty($login_metadata['persistent'])) {
$persistent = true;
}
if (!empty($login_metadata['forward'])) {
$forward = $login_metadata['forward'];
}
if (!isset($token['oauth_token']) || !isset($token['oauth_token_secret'])) {
register_error(elgg_echo('twitter_api:login:error'));
forward();
}
// attempt to find user and log them in.
// else, create a new user.
$options = array('type' => 'user', 'plugin_id' => 'twitter_api', 'plugin_user_setting_name_value_pairs' => array('access_key' => $token['oauth_token'], 'access_secret' => $token['oauth_token_secret']), 'limit' => 0);
$users = elgg_get_entities_from_plugin_user_settings($options);
if ($users) {
if (count($users) == 1 && login($users[0], $persistent)) {
system_message(elgg_echo('twitter_api:login:success'));
forward($forward);
} else {
register_error(elgg_echo('twitter_api:login:error'));
forward();
}
} else {
$api = twitter_api_get_api_object($token['oauth_token'], $token['oauth_token_secret']);
$twitter = $api->get('account/verify_credentials');
// backward compatibility for deprecated Twitter Login plugin
$user = FALSE;
if ($twitter_user = get_user_by_username($token['screen_name'])) {
if (($screen_name = $twitter_user->twitter_screen_name) && $screen_name == $token['screen_name']) {
// convert existing account
$user = $twitter_user;
$forward = '';
}
}
// create new user
if (!$user) {
$user = twitter_api_create_user($twitter);
$site_name = elgg_get_site_entity()->name;
system_message(elgg_echo('twitter_api:login:email', array($site_name)));
$forward = "twitter_api/interstitial";
}
// set twitter services tokens
elgg_set_plugin_user_setting('twitter_name', $token['screen_name'], $user->guid, 'twitter_api');
elgg_set_plugin_user_setting('access_key', $token['oauth_token'], $user->guid, 'twitter_api');
elgg_set_plugin_user_setting('access_secret', $token['oauth_token_secret'], $user->guid, 'twitter_api');
// pull in Twitter icon
twitter_api_update_user_avatar($user, $twitter->profile_image_url);
// login new user
if (login($user)) {
system_message(elgg_echo('twitter_api:login:success'));
} else {
system_message(elgg_echo('twitter_api:login:error'));
}
forward($forward, 'twitter_api');
}
// register login error
register_error(elgg_echo('twitter_api:login:error'));
forward();
}
/**
* Log in a user with twitter.
*/
function twitter_api_login()
{
// sanity check
if (!twitter_api_allow_sign_on_with_twitter()) {
forward();
}
$token = twitter_api_get_access_token(get_input('oauth_verifier'));
if (!isset($token['oauth_token']) or !isset($token['oauth_token_secret'])) {
register_error(elgg_echo('twitter_api:login:error'));
forward();
}
// attempt to find user and log them in.
// else, create a new user.
$options = array('type' => 'user', 'plugin_user_setting_name_value_pairs' => array('access_key' => $token['oauth_token'], 'access_secret' => $token['oauth_token_secret']), 'limit' => 0);
$users = elgg_get_entities_from_plugin_user_settings($options);
if ($users) {
if (count($users) == 1 && login($users[0])) {
system_message(elgg_echo('twitter_api:login:success'));
// trigger login hook
elgg_trigger_plugin_hook('login', 'twitter_api', array('user' => $users[0]));
} else {
system_message(elgg_echo('twitter_api:login:error'));
}
forward();
} else {
// need Twitter account credentials
elgg_load_library('twitter_oauth');
$consumer_key = elgg_get_plugin_setting('consumer_key', 'twitter_api');
$consumer_secret = elgg_get_plugin_setting('consumer_secret', 'twitter_api');
$api = new TwitterOAuth($consumer_key, $consumer_secret, $token['oauth_token'], $token['oauth_token_secret']);
$twitter = $api->get('account/verify_credentials');
// backward compatibility for stalled-development Twitter Login plugin
$user = FALSE;
if ($twitter_user = get_user_by_username($token['screen_name'])) {
if (($screen_name = $twitter_user->twitter_screen_name) && $screen_name == $token['screen_name']) {
// convert existing account
$user = $twitter_user;
$forward = '';
}
}
// create new user
if (!$user) {
// check new registration allowed
if (!twitter_api_allow_new_users_with_twitter()) {
register_error(elgg_echo('registerdisabled'));
forward();
}
// trigger a hook for plugin authors to intercept
if (!elgg_trigger_plugin_hook('new_twitter_user', 'twitter_service', array('account' => $twitter), TRUE)) {
// halt execution
register_error(elgg_echo('twitter_api:login:error'));
forward();
}
// Elgg-ify Twitter credentials
$username = $twitter->screen_name;
while (get_user_by_username($username)) {
$username = $twitter->screen_name . '_' . rand(1000, 9999);
}
$password = generate_random_cleartext_password();
$name = $twitter->name;
$user = new ElggUser();
$user->username = $username;
$user->name = $name;
$user->access_id = ACCESS_PUBLIC;
$user->salt = generate_random_cleartext_password();
$user->password = generate_user_password($user, $password);
$user->owner_guid = 0;
$user->container_guid = 0;
if (!$user->save()) {
register_error(elgg_echo('registerbad'));
forward();
}
// @todo require email address?
$site_name = elgg_get_site_entity()->name;
system_message(elgg_echo('twitter_api:login:email', array($site_name)));
$forward = "settings/user/{$user->username}";
}
// set twitter services tokens
elgg_set_plugin_user_setting('twitter_name', $token['screen_name'], $user->guid);
elgg_set_plugin_user_setting('access_key', $token['oauth_token'], $user->guid);
elgg_set_plugin_user_setting('access_secret', $token['oauth_token_secret'], $user->guid);
// pull in Twitter icon
twitter_api_update_user_avatar($user, $twitter->profile_image_url);
// login new user
if (login($user)) {
system_message(elgg_echo('twitter_api:login:success'));
// trigger login hook for new user
elgg_trigger_plugin_hook('first_login', 'twitter_api', array('user' => $user));
} else {
system_message(elgg_echo('twitter_api:login:error'));
}
forward($forward, 'twitter_api');
}
// register login error
register_error(elgg_echo('twitter_api:login:error'));
forward();
}