public function buildToken(Request $req, $firewallName) { $token = $this->provider->getAccessToken('authorization_code', ['code' => $req->query->get('code')]); $providerKey = $req->attributes->get('provider'); // We got an access token, let's now get the user's details /** @var \League\OAuth2\Client\Entity\User */ $userDetails = $this->provider->getUserDetails($token); $internToken = new Token($firewallName, $providerKey, $userDetails->uid, [self::IDENTIFIED]); $internToken->setAttribute('nickname', $userDetails->name); $internToken->setAttribute('gender', ($userDetails->gender = 'male') ? 'xy' : 'xx'); $this->logger->debug('facebook', $userDetails->getArrayCopy()); return $internToken; }
/** * @param Request $request * @param array $routeParams * @return \Psr\Http\Message\ResponseInterface|RedirectResponse */ public function handle(Request $request, array $routeParams = []) { session_start(); $provider = new Facebook(['clientId' => $this->settings->get('flarum-auth-facebook.app_id'), 'clientSecret' => $this->settings->get('flarum-auth-facebook.app_secret'), 'redirectUri' => $this->url->toRoute('auth.facebook'), 'graphApiVersion' => 'v2.4']); if (!isset($_GET['code'])) { $authUrl = $provider->getAuthorizationUrl(['scope' => ['email']]); $_SESSION['oauth2state'] = $provider->getState(); return new RedirectResponse($authUrl); } elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) { unset($_SESSION['oauth2state']); echo 'Invalid state.'; exit; } $token = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]); $owner = $provider->getResourceOwner($token); $email = $owner->getEmail(); $username = preg_replace('/[^a-z0-9-_]/i', '', $owner->getName()); return $this->authenticate(compact('email'), compact('username')); }
/** * It will return uid, token and information user to save database * * @return array */ public function authorize() { $this->view->disable(); $provider = new Facebook(['clientId' => $this->clientId, 'clientSecret' => $this->clientSecret, 'redirectUri' => $this->redirectUriAuthorize]); $code = $this->request->getQuery('code'); $state = $this->request->getQuery('state'); if (!isset($code)) { // If we don't have an authorization code then get one $authUrl = $provider->getAuthorizationUrl(); $this->session->set('oauth2state', $provider->state); return $this->response->redirect($authUrl); // Check given state against previously stored one to mitigate CSRF attack } elseif (empty($state) || $state !== $this->session->get('oauth2state')) { $this->session->remove('oauth2state'); exit('Invalid state'); } else { // Try to get an access token (using the authorization code grant) $token = $provider->getAccessToken('authorization_code', ['code' => $code]); $uid = $provider->getUserUid($token); $userDetails = $provider->getUserDetails($token); return array($uid, $token, $userDetails); } }
public function getFeedUncached() { $provider = new Facebook(['clientId' => $this->FacebookAppID, 'clientSecret' => $this->FacebookAppSecret, 'graphApiVersion' => 'v2.6']); // For an App Access Token we can just use our App ID and App Secret pipped together // https://developers.facebook.com/docs/facebook-login/access-tokens#apptokens $accessToken = $this->AccessToken ? $this->AccessToken : $this->siteConfig->SocialFeedFacebookAppID . '|' . $this->siteConfig->SocialFeedFacebookAppSecret; // Setup query params for FB query $queryParameters = array('date_format' => 'U', 'fields' => 'from,message,message_tags,story,story_tags,full_picture,source,link,object_id,name,caption,description,icon,privacy,type,status_type,created_time,updated_time,shares,is_hidden,is_expired,likes,comments', 'access_token' => $accessToken); $queryParameters = http_build_query($queryParameters); // Get all data for the FB page switch ($this->FacebookType) { case self::POSTS_AND_COMMENTS: $request = $provider->getRequest('GET', 'https://graph.facebook.com/' . $this->FacebookPageID . '/feed?' . $queryParameters); break; case self::POSTS_ONLY: $request = $provider->getRequest('GET', 'https://graph.facebook.com/' . $this->FacebookPageID . '/posts?' . $queryParameters); break; default: throw new Exception('Invalid FacebookType (' . $this->FacebookType . ')'); break; } $result = $provider->getResponse($request); return $result['data']; }
public function testUserData() { $postResponse = m::mock('Guzzle\\Http\\Message\\Response'); $postResponse->shouldReceive('getBody')->times(1)->andReturn('access_token=mock_access_token&expires=3600&refresh_token=mock_refresh_token&uid=1'); $getResponse = m::mock('Guzzle\\Http\\Message\\Response'); $getResponse->shouldReceive('getBody')->andReturn('{"id": 12345, "name": "mock_name", "username": "******", "first_name": "mock_first_name", "last_name": "mock_last_name", "email": "mock_email", "Location": "mock_home", "bio": "mock_description", "link": "mock_facebook_url"}'); $getResponse->shouldReceive('getInfo')->andReturn(['url' => 'mock_image_url']); $client = m::mock('Guzzle\\Service\\Client'); $client->shouldReceive('setBaseUrl')->times(5); $client->shouldReceive('post->send')->times(1)->andReturn($postResponse); $client->shouldReceive('get->send')->andReturn($getResponse); $this->provider->setHttpClient($client); $token = $this->provider->getAccessToken('authorization_code', ['code' => 'mock_authorization_code']); $user = $this->provider->getUserDetails($token); $this->assertEquals(12345, $this->provider->getUserUid($token)); $this->assertEquals(['mock_first_name', 'mock_last_name'], $this->provider->getUserScreenName($token)); $this->assertEquals('mock_email', $this->provider->getUserEmail($token)); $this->assertEquals('mock_email', $user->email); }
public function testProperlyHandlesErrorResponses() { $postResponse = m::mock('Psr\\Http\\Message\\ResponseInterface'); $postResponse->shouldReceive('getHeader')->times(1)->andReturn('application/json'); $postResponse->shouldReceive('getBody')->times(1)->andReturn('{"error":{"message":"Foo auth error","type":"OAuthException","code":191}}'); $client = m::mock('GuzzleHttp\\ClientInterface'); $client->shouldReceive('send')->times(1)->andReturn($postResponse); $this->provider->setHttpClient($client); $errorMessage = ''; $errorCode = 0; try { $this->provider->getAccessToken('authorization_code', ['code' => 'mock_authorization_code']); } catch (IdentityProviderException $e) { $errorMessage = $e->getMessage(); $errorCode = $e->getCode(); } $this->assertEquals('OAuthException: Foo auth error', $errorMessage); $this->assertEquals(191, $errorCode); }
/** * Generates tokens for facebook social login * @param Request $request * @return static */ public function authenticateFacebook(Request $request) { # Get access token from request #$accessToken = new AccessToken(array('access_token' => $request->input('access_token'))); $accessToken = new AccessToken(array('access_token' => 'CAAFNoAIv7IMBAA7nXuT2WCoLrHN7Sfi96SizcjlIweZBjQZAA2Rzwj6es97hbZBfON4dIlmarqaIFZAZBMyCOe06wi13i19GlaZCFZCgVjPIk7aYaYa0CC1XVnN3jeAG3oJzur9x9ld2oMLT26VsR6ZBvkuaIaPt0uMQspZBgc6ZAvZCTZCPqsDQEwn4cmvo0IRwwZA5AWIeCENZCpUgZDZD')); # Create a new provider which takes values from config file $provider = new Facebook(['clientId' => config('easyauth.facebook.clientId'), 'clientSecret' => config('easyauth.facebook.clientSecret'), 'redirectUri' => config('easyauth.facebook.redirectUri'), 'graphApiVersion' => config('easyauth.facebook.graphApiVersion')]); try { # We got an access token, let's now get the owner details $ownerDetails = $provider->getResourceOwner($accessToken); $profile = array('provider_key' => $ownerDetails->getId(), 'first_name' => $ownerDetails->getFirstName(), 'last_name' => $ownerDetails->getLastName(), 'email' => $ownerDetails->getEmail(), 'avatar' => $ownerDetails->getPictureUrl(), 'provider' => 'Facebook'); # Use these details to create a new profile or return a token in case the user exists return $this->authenticateOrCreateUser($profile); } catch (Exception $e) { # Failed to get user details exit('Something went wrong: ' . $e->getMessage()); } }
/** * Get Facebook User Details * @return UserDetails */ public function getUserDetails(AccessToken $token) { return $this->facebookProvider->getUserDetails($token); }