/** * @param $redirect_url * @return string|Facebook\GraphUser Login URL or GraphUser */ function connect($redirect_url) { FacebookSession::setDefaultApplication($this->appId, $this->appSecret); $helper = new FacebookRedirectLoginHelper($redirect_url); if (isset($_SESSION) && isset($_SESSION['fb_token'])) { $session = new FacebookSession($_SESSION['fb_token']); } else { $session = $helper->getSessionFromRedirect(); } if ($session) { try { $_SESSION['fb_token'] = $session->getToken(); $request = new FacebookRequest($session, 'GET', '/me'); $profile = $request->execute()->getGraphObject('Facebook\\GraphUser'); if ($profile->getEmail() === null) { throw new \Exception('L\'email n\'est pas disponible'); } return $profile; } catch (\Exception $e) { unset($_SESSION['fb_token']); return $helper->getReRequestUrl(['email']); } } else { return $helper->getLoginUrl(['email']); } }
public function testReRequestUrlContainsState() { $helper = new FacebookRedirectLoginHelper(self::REDIRECT_URL, FacebookTestCredentials::$appId, FacebookTestCredentials::$appSecret); $helper->disableSessionStatusCheck(); $reRequestUrl = $helper->getReRequestUrl(); $state = $_SESSION['FBRLH_state']; $this->assertContains('state=' . urlencode($state), $reRequestUrl); }
function handle_rerequest_permission() { render_boilerplate(); // Simplification: always assume we are not logged in! $helper = new FacebookRedirectLoginHelper(MY_URL . 'fb_callback/'); // We do want to publish to the user's wall! $scope = array('publish_actions'); $fb_login_url = $helper->getReRequestUrl($scope); Flight::render('rerequest_permission', array('fburl' => $fb_login_url)); }
/** * @return string|Facebook\GraphUser Login URL or GraphUser */ public function connect() { $helper = new FacebookRedirectLoginHelper($this->redirectUrl); if (isset($_SESSION) && isset($_SESSION['fb_token'])) { $this->setSession(new FacebookSession($_SESSION['fb_token'])); } else { $this->setSession($helper->getSessionFromRedirect()); } if ($this->getSession()) { try { $_SESSION['fb_token'] = $this->getSession()->getToken(); $profile = $this->getUser(); if ($profile->getEmail() === null) { throw new \Exception("L'email n'est pas disponible"); } return $profile; } catch (\Exception $e) { unset($_SESSION['fb_token']); return $helper->getReRequestUrl($this->scope); } } else { return $helper->getLoginUrl($this->scope); } }
public function reRequest() { $helper = new FacebookRedirectLoginHelper("http://local.dev/projets/zoneroot/fbconnect/test.php"); echo '<a href="' . $helper->getReRequestUrl(['email']) . '">rerequest</a>'; }
/** * Callback from Facebook. * * When user goes through the Facebook oAuth 2.0 process * of login in, after he has logged into Facebook, he/she is redirected to this * this action. Here he/she is authenticated to the system and if that works the user * is logged in. If this does not work, the user is asked it this is his first time logging * in via Facebook and if he/she is sure that he/she has an account. * * @return \Zend\Http\Response|ViewModel * @throws \Exception */ public function callbackLoginFacebookAction() { //GET SERVER // this check has to be done for instances where this // is not run as an web-application $server = isset($_SERVER['HTTP_HOST']) ? "http://" . $_SERVER['HTTP_HOST'] : 'http://0.0.0.0'; //FACEBOOK CONFIG // get config and use it to cnfigure facebook session // and login functionality $config = $this->getServiceLocator()->get('Config'); FacebookSession::setDefaultApplication($config['facebook']['appId'], $config['facebook']['secret']); //TODO should this be in a global space //ERROR $error = $this->params()->fromQuery('error'); if ($error == 'access_denied') { return new ViewModel(['error' => 'access_denied']); } //KEY // check if there is a query parameter called $key along // for the ride. If so; then the user is trying to connect old account // to Facebook. $key = $this->params()->fromQuery('key'); //TODO validate this key //CONNECTING OLD ACCOUNT // if $key is present, then the callback from Facebook will contain it and // we have to reflect it in the callback validation $helper = new FacebookRedirectLoginHelper($key ? $server . AuthController::LOGIN_CALLBACK_FACEBOOK . '?key=' . $key : $server . AuthController::LOGIN_CALLBACK_FACEBOOK); //LOGIN // try to log in user try { //FACEBOOK OBJECT // get user object/properties from facebook graph $session = $helper->getSessionFromRedirect(); if (!$session) { throw new \Exception("Facebook session was NULL, key[{$key}], url[{$helper->getReRequestUrl()}]"); } $me = (new FacebookRequest($session, 'GET', '/me'))->execute()->getGraphObject(GraphUser::className())->asArray(); //CONNECT OLD ACCOUNT CUT-IN // if $key is set, then the user is trying to connect old account to his // Facebook. What we do here is to find the user based on the hash that we got // back from facebook, then we inject the Facebook Auth-ID into his table just // in time so that '$auth = new AuthenticationService();' line of code will pick // it up and authenticate the user. This is just a little detour to quickly connect // the user to a facebook account just before we authenticate him. if ($key) { $sm = $this->getServiceLocator(); $userService = $sm->get('Stjornvisi\\Service\\User'); /** @var $userService \Stjornvisi\Service\User */ if (($user = $userService->getByHash($key)) != null) { $userService->setOauth($user->id, $me['id'], 'facebook', $me['gender']); //USER NOT FOUND // can't find the user based on hash } else { return new ViewModel(['error' => 'user_undefined']); } } //AUTHENTICATE // try to authenticate user against user database $auth = new AuthenticationService(); $sm = $this->getServiceLocator(); $authAdapter = $sm->get('Stjornvisi\\Auth\\Facebook'); $authAdapter->setKey($me['id']); $result = $auth->authenticate($authAdapter); //VALID // user has logged in before via Facebook if ($result->isValid()) { $sessionManager = new SessionManager(); $sessionManager->rememberMe(21600000); //250 days return $this->redirect()->toRoute('home'); //INVALID // user hasn't logged in with facebook before. We have // to initialize the connection process. } else { return new ViewModel(['error' => 'user_disconnected']); } //CAN'T LOGIN USER // Facebook login library issues exception. // Facebook returns an error } catch (FacebookRequestException $ex) { // When Facebook returns an error return new ViewModel(['error' => $ex->getMessage()]); //ERROR // There was a more generic error // When validation fails or other local issues } /*catch(\Exception $ex) { return new ViewModel(array( 'error' => $ex->getMessage() )); }*/ }