function autoCreateUser($providerUserId, $provider)
{
$provider->setInitialRegistration();
$profile = $provider->profile->fetchProfile($providerUserId, array('first_name', 'last_name', 'email', 'full_name'));
if ($profile == null || $profile->get('email') == null) {
# not enough information returned to auto-create account
return false;
}
$newEmail = $profile->get('email');
$fullname = $profile->get('full_name');
$user['fullname'] = $fullname;
$user['email'] = $newEmail;
// Create random password for FB User Only, but save so we can email to the user on account creation
if (JFBCFactory::config()->getSetting('generate_random_password')) {
$this->_newUserPassword = JUserHelper::genRandomPassword();
$user['password_clear'] = $this->_newUserPassword;
// Check for Joomla 3.2.1's new hashPassword functions and use those, if exist
if (method_exists('JUserHelper', 'hashPassword')) {
$user['password'] = JUserHelper::hashPassword($this->_newUserPassword);
} else {
$salt = JUserHelper::genRandomPassword(32);
$crypt = JUserHelper::getCryptedPassword($this->_newUserPassword, $salt);
$user['password'] = $crypt . ':' . $salt;
}
} else {
$user['password_clear'] = "";
$this->_newUserPassword = '';
}
$lang = JRequest::getVar(JApplication::getHash('language'), '', 'COOKIE');
$user['language'] = $lang;
$usernamePrefixFormat = JFBCFactory::config()->getSetting('auto_username_format');
$username = SCUserUtilities::getAutoUsername($profile->get('first_name'), $profile->get('last_name'), $profile->get('email'), $provider->usernamePrefix, $providerUserId, $usernamePrefixFormat);
$user['username'] = $username;
$useractivation = $this->getActivationMode();
$jUser = $this->getBlankUser($user, $useractivation);
if ($jUser && $jUser->get('id', null)) {
$this->onAfterRegister($provider, $jUser);
SCSocialUtilities::clearJFBCNewMappingEnabled();
if (JFBCFactory::usermap()->map($jUser->get('id'), $providerUserId, $provider->systemName, $provider->client->getToken())) {
JFBCFactory::log(JText::sprintf('COM_JFBCONNECT_MAP_USER_SUCCESS', $provider->name));
return true;
} else {
JFBCFactory::log(JText::sprintf('COM_JFBCONNECT_MAP_USER_FAIL', $provider->name));
}
}
return false;
// User creation failed for some reason
}
function login($provider = null)
{
if (!is_object($provider)) {
$provider = JFBCFactory::provider(JRequest::getCmd('provider'));
}
// Let the provider do anything it wants before we try to login.
$provider->onBeforeLogin();
$loginRegisterModel = $this->getModel('LoginRegister', 'JFBConnectModel');
// Set a cookie to prevent auto-logging in for the remainder of the session time
$config = JFactory::getConfig();
$lifetime = $config->get('lifetime', 15);
setcookie('jfbconnect_autologin_disable', 1, time() + $lifetime * 60);
// Not a perfect solution, but fixes autologin loops..
$app = JFactory::getApplication();
$providerUserId = $provider->getProviderUserId();
if (!$providerUserId) {
# Facebook isn't returning information about this user. Redirect them.
JFBCFactory::log(JText::sprintf('COM_JFBCONNECT_UNABLE_TO_RETRIEVE_USER', $provider->name));
$app->redirect('index.php');
}
$userMapModel = JFBCFactory::usermap();
$jUser = JFactory::getUser();
if (!$jUser->guest) {
SCSocialUtilities::clearJFBCNewMappingEnabled();
if ($userMapModel->map($jUser->get('id'), $providerUserId, strtolower($provider->name), $provider->client->getToken())) {
JFBCFactory::log(JText::sprintf('COM_JFBCONNECT_MAP_USER_SUCCESS', $provider->name));
} else {
JFBCFactory::log(JText::sprintf('COM_JFBCONNECT_MAP_USER_FAIL', $provider->name));
}
$return = $loginRegisterModel->getLoginRedirect($provider);
$app->redirect($return);
}
// They're not logged in. Check if they have a Joomla user and log that user in. If not, create them one
$jUserId = $userMapModel->getJoomlaUserId($providerUserId, strtolower($provider->name));
if (!$jUserId) {
$profile = $provider->profile->fetchProfile($providerUserId, array('email'));
$providerEmail = $profile->get('email', null);
# Check if automatic email mapping is allowed, and see if that email is registered
# AND the Facebook user doesn't already have a Joomla account
if (!$provider->initialRegistration && JFBCFactory::config()->getSetting('facebook_auto_map_by_email')) {
if ($providerEmail != null) {
$jUserEmailId = $userMapModel->getJoomlaUserIdFromEmail($providerEmail);
if (!empty($jUserEmailId)) {
// Found a user with the same email address
// do final check to make sure there isn't a FB account already mapped to it
$tempId = $userMapModel->getProviderUserId($jUserEmailId, strtolower($provider->name));
if (!$tempId) {
SCSocialUtilities::clearJFBCNewMappingEnabled();
if ($userMapModel->map($jUserEmailId, $providerUserId, strtolower($provider->name), $provider->client->getToken())) {
JFBCFactory::log(JText::sprintf('COM_JFBCONNECT_MAP_USER_SUCCESS', $provider->name));
$jUserId = $jUserEmailId;
// Update the temp jId so that we login below
} else {
JFBCFactory::log(JText::sprintf('COM_JFBCONNECT_MAP_USER_FAIL', $provider->name));
}
}
}
}
}
// Check if no mapping, and Automatic Registration is set. If so, auto-create the new user.
if (!$jUserId && JFBCFactory::config()->getSetting('automatic_registration')) {
# User is not in system, should create their account automatically
if ($loginRegisterModel->autoCreateUser($providerUserId, $provider)) {
$jUserId = $userMapModel->getJoomlaUserId($providerUserId, strtolower($provider->name));
}
}
// At this point, we have nothing left to do but redirect the user to the registration page
if (!$jUserId) {
$return = $loginRegisterModel->getLoginRedirect($provider);
$app = JFactory::getApplication();
$regComponent = JFBCFactory::config()->get('registration_component');
if ($regComponent == 'jfbconnect') {
$app->redirect(JRoute::_('index.php?option=com_jfbconnect&view=loginregister&provider=' . strtolower($provider->name) . '&return=' . base64_encode($return), false));
} else {
$app->setUserState('com_jfbconnect.registration.alternateflow', true);
$app->setUserState('com_jfbconnect.registration.provider.name', strtolower($provider->name));
$app->setUserState('com_jfbconnect.registration.provider.user_id', $providerUserId);
$plugins = $app->triggerEvent('socialProfilesGetPlugins');
foreach ($plugins as $plugin) {
if ($plugin->getName() == $regComponent) {
$redirect = $plugin->registration_url;
}
}
if ($redirect) {
$app->redirect(JRoute::_($redirect, false));
}
}
}
}
$jUser = JUser::getInstance($jUserId);
$loginSuccess = false;
// Try to log the user, but not if blocked and initial registration (then there will be a pretty message on how to activate)
if (!$provider->initialRegistration || $jUser->get('block') == 0 && $provider->initialRegistration) {
$options = array('silent' => 1, 'provider' => $provider, 'provider_user_id' => $providerUserId);
// Disable other authentication messages
// hack for J3.2.0 bug. Should remove after 3.2.1 is available.
$password = $provider->secretKey;
$loginSuccess = $app->login(array('username' => $provider->appId, 'password' => $password), $options);
}
if ($loginSuccess) {
// lets update the user's access token with whatever we just received
$jUser = JFactory::getUser();
$userMapModel->updateUserToken($jUser->get('id'), $provider->systemName, $provider->client->getToken());
// Store Profile URL and Avatar URL
$userModel = JFBConnectModelUserMap::getUser($jUser->get('id'), $provider->name);
$userModel->saveParameter('profile_url', JFBCFactory::provider($provider->name)->profile->getProfileUrl($providerUserId));
$avatarSettings = new JRegistry();
$avatarSettings->set('width', 50);
$avatarSettings->set('height', 50);
$userModel->saveParameter('avatar_thumb', JFBCFactory::provider($provider->name)->profile->getAvatarUrl($providerUserId, false, $avatarSettings));
if (!$provider->initialRegistration) {
$args = array(strtolower($provider->name), $jUser->get('id'), $providerUserId);
$app->triggerEvent('socialProfilesOnLogin', $args);
}
}
JFactory::getApplication()->setUserState('com_jfbconnect.' . strtolower($provider->name) . '.checkForNewMapping', null);
$allProviders = JFBCFactory::getAllProviders();
foreach ($allProviders as $p) {
$p->checkNewMapping();
}
$redirect = $loginRegisterModel->getLoginRedirect($provider);
// Clear the 'alternate flow' session bit to prevent further alterations to reg pages for this user/session
$app->setUserState('com_jfbconnect.registration.alternateflow', false);
$app->redirect($redirect);
}