protected function _bdApiConsumer_tryExternalPasswordResetRequest(array $user)
{
if (!bdApiConsumer_Option::get('takeOver', 'login')) {
return false;
}
$userModel = $this->getModelFromCache('XenForo_Model_User');
$authentication = $userModel->getUserAuthenticationObjectByUserId($user['user_id']);
if ($authentication->hasPassword()) {
return false;
}
$userExternalModel = $this->getModelFromCache('XenForo_Model_UserExternal');
$auths = $userExternalModel->bdApiConsumer_getExternalAuthAssociations($user['user_id']);
if (empty($auths)) {
return false;
}
foreach ($auths as $auth) {
$provider = bdApiConsumer_Option::getProviderByCode($auth['provider']);
if (empty($provider)) {
continue;
}
$accessToken = $userExternalModel->bdApiConsumer_getAccessTokenFromAuth($provider, $auth);
if (empty($accessToken)) {
continue;
}
bdApiConsumer_Helper_Api::postPasswordResetRequest($provider, $accessToken);
}
return true;
}
public function bdApiConsumer_updateExternalAuthAssociation(array $provider, $providerKey, $userId, array $extra)
{
$providerCode = $this->bdApiConsumer_getProviderCode($provider);
if (!empty($extra['token']['expires_in']) and empty($extra['token']['expire_date'])) {
// use time() instead of XenForo_Application::$time to avoid issues
// when script is running for a long time in the background / CLI
$extra['token']['expire_date'] = time() + $extra['token']['expires_in'];
}
if (!empty($extra['token']['_headers'])) {
unset($extra['token']['_headers']);
}
if (!empty($extra['token']['_responseStatus'])) {
unset($extra['token']['_responseStatus']);
}
if (bdApiConsumer_Option::get('takeOver', 'avatar')) {
$avatarUrl = bdApiConsumer_Helper_Avatar::getAvatarUrlFromAuthExtra($extra);
if (!empty($avatarUrl)) {
$this->getModelFromCache('XenForo_Model_Avatar')->bdApiConsumer_applyAvatar($userId, $avatarUrl);
}
}
if (XenForo_Application::$versionId >= 1030000) {
return $this->updateExternalAuthAssociation($providerCode, $providerKey, $userId, $extra);
} else {
return $this->updateExternalAuthAssociation($providerCode, $providerKey, $userId, $this->bdApiConsumer_getUserProfileField(), $extra);
}
}
public function actionExternalAccountsDisassociate()
{
if (bdApiConsumer_Option::get('_is130+')) {
return parent::actionExternalAccountsDisassociate();
}
$this->_assertPostOnly();
$visitor = XenForo_Visitor::getInstance();
$auth = $this->_getUserModel()->getUserAuthenticationObjectByUserId($visitor['user_id']);
if (!$auth) {
return $this->responseNoPermission();
}
/** @var bdApiConsumer_XenForo_Model_UserExternal $externalAuthModel */
$externalAuthModel = $this->getModelFromCache('XenForo_Model_UserExternal');
$input = $this->_input->filter(array('disassociate' => XenForo_Input::STRING, 'account' => XenForo_Input::STRING));
if ($input['disassociate'] && $input['account']) {
$externalAuths = $externalAuthModel->bdApiConsumer_getExternalAuthAssociations($visitor['user_id']);
foreach ($externalAuths as $externalAuth) {
if ($externalAuth['provider'] === $input['account']) {
$externalAuthModel->bdApiConsumer_deleteExternalAuthAssociation($externalAuth['provider'], $externalAuth['provider_key'], $visitor['user_id']);
}
}
if (!$auth->hasPassword() && !$externalAuthModel->getExternalAuthAssociationsForUser($visitor['user_id'])) {
/** @var XenForo_Model_UserConfirmation $userConfirmationModel */
$userConfirmationModel = $this->getModelFromCache('XenForo_Model_UserConfirmation');
$userConfirmationModel->resetPassword($visitor['user_id']);
}
}
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, XenForo_Link::buildPublicLink('account/external-accounts'));
}
public function getAlertsForUser($userId, $fetchMode, array $fetchOptions = array(), array $viewingUser = null)
{
$this->standardizeViewingUserReference($viewingUser);
$shouldWork = (bdApiConsumer_Option::get('displayExternalNotifications') and $userId == $viewingUser['user_id']);
if ($shouldWork) {
// only check external server when in recent mode
// for popup mode, only check if subscription is not confirmed
$alwaysCheck = false;
if ($fetchMode == XenForo_Model_Alert::FETCH_MODE_RECENT) {
if (empty($fetchOptions['page']) or $fetchOptions['page'] == 1) {
$alwaysCheck = true;
}
}
$this->_bdApiConsumer_getExternalAlertsForUser($viewingUser, $alwaysCheck);
}
$alerts = parent::getAlertsForUser($userId, $fetchMode, $fetchOptions, $viewingUser);
if ($shouldWork and !empty($alerts['alerts'])) {
foreach ($alerts['alerts'] as $alert) {
if (empty($alert['view_date']) and !empty($alert['content_type']) and !empty($alert['action'])) {
if ($alert['content_type'] == 'bdapi_consumer') {
$this->_bdApiConsumer_unreadAlertProviders[$userId][$alert['action']] = true;
}
}
}
}
return $alerts;
}
public function actionExternal()
{
$this->_assertPostOnly();
$providerCode = $this->_input->filterSingle('provider', XenForo_Input::STRING);
$provider = bdApiConsumer_Option::getProviderByCode($providerCode);
if (empty($provider)) {
return $this->responseNoPermission();
}
$externalUserId = $this->_input->filterSingle('external_user_id', XenForo_Input::UINT);
if (empty($externalUserId)) {
return $this->responseNoPermission();
}
if (!bdApiConsumer_Helper_Api::verifyJsSdkSignature($provider, $_REQUEST)) {
return $this->responseNoPermission();
}
$userModel = $this->_getUserModel();
/** @var bdApiConsumer_XenForo_Model_UserExternal $userExternalModel */
$userExternalModel = $this->getModelFromCache('XenForo_Model_UserExternal');
$existingAssoc = $userExternalModel->getExternalAuthAssociation($userExternalModel->bdApiConsumer_getProviderCode($provider), $externalUserId);
if (!empty($existingAssoc)) {
$accessToken = $userExternalModel->bdApiConsumer_getAccessTokenFromAuth($provider, $existingAssoc);
if (empty($accessToken)) {
// no access token in the auth, consider no auth at all
$existingAssoc = null;
}
}
if (empty($existingAssoc)) {
$autoRegister = bdApiConsumer_Option::get('autoRegister');
if ($autoRegister === 'on' or $autoRegister === 'id_sync') {
// we have to do a refresh here
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, XenForo_Link::buildPublicLink('canonical:register/external', null, array('provider' => $providerCode, 'reg' => 1, 'redirect' => $this->getDynamicRedirect())), new XenForo_Phrase('bdapi_consumer_being_auto_login_auto_register_x', array('provider' => $provider['name'])));
}
}
if (!$existingAssoc) {
return $this->responseError(new XenForo_Phrase('bdapi_consumer_auto_login_with_x_failed', array('provider' => $provider['name'])));
}
$user = $userModel->getFullUserById($existingAssoc['user_id']);
if (empty($user)) {
return $this->responseError(new XenForo_Phrase('requested_user_not_found'));
}
if (XenForo_Application::$versionId > 1050000) {
/** @var XenForo_ControllerHelper_Login $loginHelper */
$loginHelper = $this->getHelper('Login');
if ($loginHelper->userTfaConfirmationRequired($user)) {
$loginHelper->setTfaSessionCheck($user['user_id']);
return $this->responseMessage(new XenForo_Phrase('bdapi_consumer_auto_login_user_x_requires_tfa', array('username' => $user['username'], 'twoStepLink' => XenForo_Link::buildPublicLink('login/two-step', null, array('redirect' => $this->getDynamicRedirect(), 'remember' => 1)))));
}
}
$userModel->setUserRememberCookie($user['user_id']);
XenForo_Model_Ip::log($user['user_id'], 'user', $user['user_id'], 'login_api_consumer');
$userModel->deleteSessionActivity(0, $this->_request->getClientIp(false));
if (XenForo_Application::$versionId < 1050000) {
XenForo_Application::getSession()->changeUserId($user['user_id']);
XenForo_Visitor::setup($user['user_id']);
} else {
$visitor = XenForo_Visitor::setup($user['user_id']);
XenForo_Application::getSession()->userLogin($user['user_id'], $visitor['password_date']);
}
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, $this->getDynamicRedirect(), new XenForo_Phrase('bdapi_consumer_auto_login_with_x_succeeded_y', array('provider' => $provider['name'], 'username' => $user['username'])));
}
public function validateAuthentication($nameOrEmail, $password, &$error = '')
{
$userId = parent::validateAuthentication($nameOrEmail, $password, $error);
if (empty($userId) and strpos($nameOrEmail, '@') === false and bdApiConsumer_Option::get('takeOver', 'login')) {
// try to login with external providers
$providers = bdApiConsumer_Option::getProviders();
foreach ($providers as $provider) {
$externalToken = bdApiConsumer_Helper_Api::getAccessTokenFromUsernamePassword($provider, $nameOrEmail, $password);
if (empty($externalToken)) {
continue;
}
$externalVisitor = bdApiConsumer_Helper_Api::getVisitor($provider, $externalToken['access_token']);
if (empty($externalVisitor)) {
continue;
}
/** @var bdApiConsumer_XenForo_Model_UserExternal $userExternalModel */
$userExternalModel = $this->getModelFromCache('XenForo_Model_UserExternal');
$existingAssoc = $userExternalModel->getExternalAuthAssociation($userExternalModel->bdApiConsumer_getProviderCode($provider), $externalVisitor['user_id']);
if (!empty($existingAssoc)) {
// yay, found an associated user!
$error = '';
$userExternalModel->bdApiConsumer_updateExternalAuthAssociation($provider, $externalVisitor['user_id'], $existingAssoc['user_id'], $externalVisitor + array('token' => $externalToken));
return $existingAssoc['user_id'];
}
$existingUser = $this->getUserByEmail($externalVisitor['user_email']);
if (!empty($existingUser)) {
// this is not good, an user with matched email
// this user will have to associate manually
continue;
}
$sameName = $this->getUserByName($externalVisitor['username']);
if (!empty($sameName)) {
// not good
continue;
}
$data = array('username' => $externalVisitor['username']);
if (bdApiConsumer_Option::get('autoRegister') === 'id_sync') {
// additionally look for user with same ID
$sameId = $this->getUserById($externalVisitor['user_id']);
if (!empty($sameId)) {
// not good
continue;
}
$data['user_id'] = $externalVisitor['user_id'];
}
$user = bdApiConsumer_Helper_AutoRegister::createUser($data, $provider, $externalToken, $externalVisitor, $userExternalModel);
if (!empty($user)) {
$error = '';
return $user['user_id'];
}
}
}
return $userId;
}
public function actionPingPong()
{
$results = array();
$raw = file_get_contents('php://input');
$json = @json_decode($raw, true);
if (!is_array($json)) {
throw new XenForo_Exception('Unable to parse JSON: ' . $raw);
}
$providers = $providers = bdApiConsumer_Option::get('providers');
$providerPings = array();
foreach ($json as $ping) {
if (empty($ping['client_id'])) {
continue;
}
$foundProviderKey = null;
foreach ($providers as $providerKey => $provider) {
if (!empty($provider['client_id']) and $provider['client_id'] == $ping['client_id']) {
$foundProviderKey = $providerKey;
break;
}
}
if (empty($foundProviderKey)) {
continue;
}
if (empty($ping['topic'])) {
continue;
}
$parts = explode('_', $ping['topic']);
$ping['topic_id'] = array_pop($parts);
$ping['topic_type'] = implode('_', $parts);
$providerPings[$providerKey][$ping['topic_type']][$ping['topic_id']] = $ping;
}
foreach ($providerPings as $providerKey => &$manyTopics) {
foreach ($manyTopics as $topicType => &$topicPings) {
$result = null;
switch ($topicType) {
case 'user':
$this->_handleUserPings($providers[$providerKey], $topicPings);
case 'user_notification':
$this->_handleUserNotificationPings($providers[$providerKey], $topicPings);
}
foreach ($topicPings as $ping) {
if (!empty($ping['result'])) {
$results[] = $ping;
}
}
}
}
echo json_encode($results);
exit;
}
public function actionMember()
{
$response = parent::actionMember();
if (bdApiConsumer_Option::get('takeOver', 'profile')) {
if ($response instanceof XenForo_ControllerResponse_View and !empty($response->params['user'])) {
$userExternalModel = $this->getModelFromCache('XenForo_Model_UserExternal');
$auths = $userExternalModel->bdApiConsumer_getExternalAuthAssociations($response->params['user']['user_id']);
foreach ($auths as $auth) {
if (!empty($auth['extra_data']['links']['permalink'])) {
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, $auth['extra_data']['links']['permalink']);
}
}
}
}
return $response;
}
public function actionExternal()
{
$this->_assertPostOnly();
$providerCode = $this->_input->filterSingle('provider', XenForo_Input::STRING);
$provider = bdApiConsumer_Option::getProviderByCode($providerCode);
if (empty($provider)) {
return $this->responseNoPermission();
}
$externalUserId = $this->_input->filterSingle('external_user_id', XenForo_Input::UINT);
if (empty($externalUserId)) {
return $this->responseNoPermission();
}
if (!bdApiConsumer_Helper_Api::verifyJsSdkSignature($provider, $_REQUEST)) {
return $this->responseNoPermission();
}
$userModel = $this->_getUserModel();
$userExternalModel = $this->getModelFromCache('XenForo_Model_UserExternal');
$existingAssoc = $userExternalModel->getExternalAuthAssociation($userExternalModel->bdApiConsumer_getProviderCode($provider), $externalUserId);
if (!empty($existingAssoc)) {
$accessToken = $userExternalModel->bdApiConsumer_getAccessTokenFromAuth($provider, $existingAssoc);
if (empty($accessToken)) {
// no access token in the auth, consider no auth at all
$existingAssoc = null;
}
}
if (empty($existingAssoc)) {
$autoRegister = bdApiConsumer_Option::get('autoRegister');
if ($autoRegister === 'on' or $autoRegister === 'id_sync') {
// we have to do a refresh here
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, XenForo_Link::buildPublicLink('canonical:register/external', null, array('provider' => $providerCode, 'reg' => 1, 'redirect' => $this->getDynamicRedirect())), new XenForo_Phrase('bdapi_consumer_being_auto_login_auto_register_x', array('provider' => $provider['name'])));
}
}
if ($existingAssoc and $user = $userModel->getUserById($existingAssoc['user_id'])) {
$userModel->setUserRememberCookie($user['user_id']);
XenForo_Model_Ip::log($user['user_id'], 'user', $user['user_id'], 'login_api_consumer');
$userModel->deleteSessionActivity(0, $this->_request->getClientIp(false));
$session = XenForo_Application::get('session');
$session->changeUserId($user['user_id']);
XenForo_Visitor::setup($user['user_id']);
$message = new XenForo_Phrase('bdapi_consumer_auto_login_with_x_succeeded_y', array('provider' => $provider['name'], 'username' => $user['username']));
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, $this->getDynamicRedirect(), $message);
} else {
return $this->responseError(new XenForo_Phrase('bdapi_consumer_auto_login_with_x_failed', array('provider' => $provider['name'])));
}
}
protected function _bdApiConsumer_autoRegister($provider, $externalToken, array $externalVisitor)
{
$mode = bdApiConsumer_Option::get('autoRegister');
if ($mode !== 'on' and $mode !== 'id_sync') {
// not in working mode
return false;
}
$data = array();
$sameName = $this->_getUserModel()->getUserByName($externalVisitor['username']);
if (!empty($sameName)) {
// username conflict found, too bad
return false;
}
$data['username'] = $externalVisitor['username'];
if ($mode === 'id_sync') {
// additionally look for user with same ID
$sameId = $this->_getUserModel()->getUserById($externalVisitor['user_id']);
if (!empty($sameId)) {
// ID conflict found...
return false;
}
$data['user_id'] = $externalVisitor['user_id'];
}
/** @var bdApiConsumer_XenForo_Model_UserExternal $userExternalModel */
$userExternalModel = $this->_getUserExternalModel();
$user = bdApiConsumer_Helper_AutoRegister::createUser($data, $provider, $externalToken, $externalVisitor, $userExternalModel);
if (empty($user)) {
// for some reason, the user could not be created
return false;
}
return $userExternalModel->getExternalAuthAssociation($userExternalModel->bdApiConsumer_getProviderCode($provider), $externalVisitor['user_id']);
}
protected function _handleUserNotificationPings(array $provider, array &$pings)
{
$providerKeys = array();
foreach ($pings as &$pingRef) {
$providerKeys[] = $pingRef['topic_id'];
}
/** @var bdApiConsumer_XenForo_Model_UserExternal $userExternalModel */
$userExternalModel = $this->getModelFromCache('XenForo_Model_UserExternal');
$auths = $userExternalModel->bdApiConsumer_getExternalAuthAssociationsForProviderUser($provider, $providerKeys);
$userIds = array();
foreach ($auths as &$authRef) {
$provider = bdApiConsumer_Option::getProviderByCode($authRef['provider']);
if (empty($provider)) {
continue;
}
$authRef['_provider'] = $provider;
$userIds[] = $authRef['user_id'];
}
/** @var XenForo_Model_User $userModel */
$userModel = $this->getModelFromCache('XenForo_Model_User');
$users = $userModel->getUsersByIds($userIds, array('join' => XenForo_Model_User::FETCH_USER_OPTION));
/** @var bdApiConsumer_XenForo_Model_Alert $alertModel */
$alertModel = $this->getModelFromCache('XenForo_Model_Alert');
foreach ($pings as &$pingRef) {
$auth = null;
foreach ($auths as $_auth) {
if ($_auth['provider_key'] == $pingRef['topic_id']) {
$auth = $_auth;
}
}
if (empty($auth)) {
continue;
}
$user = null;
if (!isset($users[$auth['user_id']])) {
continue;
}
$user = $users[$auth['user_id']];
if (!bdApiConsumer_Option::get('displayExternalNotifications')) {
$pingRef['result'] = 'system turned off';
} elseif ($pingRef['action'] == 'insert' && !empty($pingRef['object_data']['notification_id'])) {
if (XenForo_Model_Alert::userReceivesAlert($user, 'bdapi_consumer', $auth['provider'])) {
$alertModel->bdApiConsumer_alertUser($auth['_provider'], $user, $pingRef['object_data']);
$pingRef['result'] = 'inserted alert';
} else {
$pingRef['result'] = 'user opted out';
}
} elseif ($pingRef['action'] = 'read') {
$alertModel->bdApiConsumer_markAlertsRead($auth['_provider'], $user);
$pingRef['result'] = 'marked as read';
}
}
}
public static function template_post_render($templateName, &$content, array &$containerData, XenForo_Template_Abstract $template)
{
switch ($templateName) {
case 'login':
case 'error_with_login':
if (!bdApiConsumer_Option::get('_is120+')) {
// XenForo 1.1.x compatibility
$params = $template->getParams();
$params['providers'] = bdApiConsumer_Option::getProviders();
$params['from'] = 'login_form';
$ourTemplate = $template->create('bdapi_consumer_providers', $template->getParams());
$content .= $ourTemplate->render();
}
break;
}
}