/** * Finish the authentication process * * Steps: * 1. Get the user profile from provider * 2. Create new wordpress user if he didn't exist in database * 3. Store his Hybridauth profile, contacts and BP mapping * 4. Authenticate the user within wordpress */ function wsl_process_login_end() { // HOOKABLE: do_action("wsl_process_login_end_start"); // HOOKABLE: set a custom Redirect URL $redirect_to = wsl_process_login_get_redirect_to(); // HOOKABLE: selected provider name $provider = wsl_process_login_get_selected_provider(); // authentication mode $auth_mode = wsl_process_login_get_auth_mode(); $is_new_user = false; // is it a new or returning user $user_id = ''; // wp user id $adapter = ''; // hybriauth adapter for the selected provider $hybridauth_user_profile = ''; // hybriauth user profile $requested_user_login = ''; // username typed by users in Profile Completion $requested_user_email = ''; // email typed by users in Profile Completion // provider is enabled? if (!get_option('wsl_settings_' . $provider . '_enabled')) { return wsl_process_login_render_notice_page(_wsl__("Unknown or disabled provider.", 'wordpress-social-login')); } if ('test' == $auth_mode) { $redirect_to = admin_url('options-general.php?page=wordpress-social-login&wslp=auth-paly&provider=' . $provider); return wp_safe_redirect($redirect_to); } if ('link' == $auth_mode) { // a social account cant be associated with more than one wordpress account. $hybridauth_user_profile = wsl_process_login_request_user_social_profile($provider); $adapter = wsl_process_login_get_provider_adapter($provider); $user_id = (int) wsl_get_stored_hybridauth_user_id_by_provider_and_provider_uid($provider, $hybridauth_user_profile->identifier); if ($user_id && $user_id != get_current_user_id()) { return wsl_process_login_render_notice_page(sprintf(_wsl__("Your <b>%s ID</b> is already linked to another account on this website.", 'wordpress-social-login'), $provider)); } $user_id = get_current_user_id(); // doesn't hurt to double check if (!$user_id) { return wsl_process_login_render_notice_page(_wsl__("Sorry, we couldn't link your account.", 'wordpress-social-login')); } } elseif ('login' != $auth_mode) { return wsl_process_login_render_notice_page(_wsl__('Bouncer says no.', 'wordpress-social-login')); } if ('login' == $auth_mode) { // returns user data after he authenticate via hybridauth list($user_id, $adapter, $hybridauth_user_profile, $requested_user_login, $requested_user_email, $wordpress_user_id) = wsl_process_login_get_user_data($provider, $redirect_to); // if no associated user were found in wslusersprofiles, create new WordPress user if (!$wordpress_user_id) { $user_id = wsl_process_login_create_wp_user($provider, $hybridauth_user_profile, $requested_user_login, $requested_user_email); $is_new_user = true; } else { $user_id = $wordpress_user_id; $is_new_user = false; } } // if user is found in wslusersprofiles but the associated WP user account no longer exist // > this should never happen! but just in case: we delete the user wslusersprofiles/wsluserscontacts entries and we reset the process $wp_user = get_userdata($user_id); if (!$wp_user) { wsl_delete_stored_hybridauth_user_data($user_id); return wsl_process_login_render_notice_page(sprintf(_wsl__("Sorry, we couldn't connect you. <a href=\"%s\">Please try again</a>.", 'wordpress-social-login'), site_url('wp-login.php', 'login_post'))); } // store user hybridauth profile (wslusersprofiles), contacts (wsluserscontacts) and buddypress mapping wsl_process_login_update_wsl_user_data($is_new_user, $user_id, $provider, $adapter, $hybridauth_user_profile, $wp_user); // finally create a wordpress session for the user wsl_process_login_authenticate_wp_user($user_id, $provider, $redirect_to, $adapter, $hybridauth_user_profile, $wp_user); }
function wsl_process_login_hybridauth_authenticate($provider, $redirect_to) { try { # Hybrid_Auth already used? if (class_exists('Hybrid_Auth', false)) { return wsl_render_notices_pages(_wsl__("Error: Another plugin seems to be using HybridAuth Library and made WordPress Social Login unusable. We recommand to find this plugin and to kill it with fire!", 'wordpress-social-login')); } // load hybridauth require_once WORDPRESS_SOCIAL_LOGIN_ABS_PATH . "/hybridauth/Hybrid/Auth.php"; // build required configuratoin for this provider if (!get_option('wsl_settings_' . $provider . '_enabled')) { throw new Exception('Unknown or disabled provider'); } $config = array(); $config["providers"] = array(); $config["providers"][$provider] = array(); $config["providers"][$provider]["enabled"] = true; // provider application id ? if (get_option('wsl_settings_' . $provider . '_app_id')) { $config["providers"][$provider]["keys"]["id"] = get_option('wsl_settings_' . $provider . '_app_id'); } // provider application key ? if (get_option('wsl_settings_' . $provider . '_app_key')) { $config["providers"][$provider]["keys"]["key"] = get_option('wsl_settings_' . $provider . '_app_key'); } // provider application secret ? if (get_option('wsl_settings_' . $provider . '_app_secret')) { $config["providers"][$provider]["keys"]["secret"] = get_option('wsl_settings_' . $provider . '_app_secret'); } // create an instance for Hybridauth $hybridauth = new Hybrid_Auth($config); // try to authenticate the selected $provider if ($hybridauth->isConnectedWith($provider)) { $adapter = $hybridauth->getAdapter($provider); $hybridauth_user_profile = $adapter->getUserProfile(); // check hybridauth user email $hybridauth_user_id = (int) wsl_get_user_by_meta($provider, $hybridauth_user_profile->identifier); $hybridauth_user_email = sanitize_email($hybridauth_user_profile->email); $hybridauth_user_login = sanitize_user($hybridauth_user_profile->displayName); $request_user_login = ""; $request_user_email = ""; # {{{ linking new accounts // Bouncer :: Accounts Linking is enabled if (get_option('wsl_settings_bouncer_linking_accounts_enabled') == 1) { // if user is linking account // . we DO import contacts // . we DO store the user profile // // . we DONT create another entry on user table // . we DONT create nor update his data on usermeata table if ($_REQUEST['action'] == "wordpress_social_link") { global $current_user; get_currentuserinfo(); $user_id = $current_user->ID; return wsl_process_login_authenticate_wp_user_linked_account($user_id, $provider, $redirect_to, $adapter, $hybridauth_user_profile); } // check if connected user is linked account $linked_account = wsl_get_user_linked_account_by_provider_and_identifier($provider, $hybridauth_user_profile->identifier); // if linked account found, we connect the actual user if ($linked_account) { if (count($linked_account) > 1) { return wsl_render_notices_pages(_wsl__("This {$provider} is linked to many accounts!", 'wordpress-social-login')); } $user_id = $linked_account[0]->user_id; if (!$user_id) { return wsl_render_notices_pages(_wsl__("Something wrong!", 'wordpress-social-login')); } return wsl_process_login_authenticate_wp_user($user_id, $provider, $redirect_to, $adapter, $hybridauth_user_profile); } } # }}} linking new accounts # {{{ module Bouncer // Bouncer :: Filters by emails domains name if (get_option('wsl_settings_bouncer_new_users_restrict_domain_enabled') == 1) { if (empty($hybridauth_user_email)) { return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_domain_text_bounce')); } $list = get_option('wsl_settings_bouncer_new_users_restrict_domain_list'); $list = preg_split('/$\\R?^/m', $list); $current = strstr($hybridauth_user_email, '@'); $shall_pass = false; foreach ($list as $item) { if (trim(strtolower("@{$item}")) == strtolower($current)) { $shall_pass = true; } } if (!$shall_pass) { return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_domain_text_bounce')); } } // Bouncer :: Filters by e-mails addresses if (get_option('wsl_settings_bouncer_new_users_restrict_email_enabled') == 1) { if (empty($hybridauth_user_email)) { return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_email_text_bounce')); } $list = get_option('wsl_settings_bouncer_new_users_restrict_email_list'); $list = preg_split('/$\\R?^/m', $list); $shall_pass = false; foreach ($list as $item) { if (trim(strtolower($item)) == strtolower($hybridauth_user_email)) { $shall_pass = true; } } if (!$shall_pass) { return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_email_text_bounce')); } } // Bouncer :: Filters by profile urls if (get_option('wsl_settings_bouncer_new_users_restrict_profile_enabled') == 1) { $list = get_option('wsl_settings_bouncer_new_users_restrict_profile_list'); $list = preg_split('/$\\R?^/m', $list); $shall_pass = false; foreach ($list as $item) { if (trim(strtolower($item)) == strtolower($hybridauth_user_profile->profileURL)) { $shall_pass = true; } } if (!$shall_pass) { return wsl_render_notices_pages(get_option('wsl_settings_bouncer_new_users_restrict_profile_text_bounce')); } } // if user do not exist if (!$hybridauth_user_id) { // Bouncer :: Accept new registrations if (get_option('wsl_settings_bouncer_registration_enabled') == 2) { return wsl_render_notices_pages(_wsl__("registration is now closed!", 'wordpress-social-login')); } // Bouncer :: Profile Completion if (get_option('wsl_settings_bouncer_profile_completion_require_email') == 1 && empty($hybridauth_user_email) || get_option('wsl_settings_bouncer_profile_completion_change_username') == 1) { do { list($shall_pass, $request_user_login, $request_user_email) = wsl_process_login_complete_registration($provider, $redirect_to, $hybridauth_user_email, $hybridauth_user_login); } while (!$shall_pass); } } # }}} module Bouncer } else { throw new Exception('User not connected with ' . $provider . '!'); } } catch (Exception $e) { return wsl_render_notices_pages(sprintf(_wsl__("Unspecified error. #%d", 'wordpress-social-login'), $e->getCode())); } $user_id = null; // if the user email is verified, then try to map to legacy account if exist // > Currently only Facebook, Google, Yahaoo and Foursquare do provide the verified user email. if (!empty($hybridauth_user_profile->emailVerified)) { $user_id = (int) email_exists($hybridauth_user_profile->emailVerified); } // try to get user by meta if not if (!$user_id) { $user_id = (int) wsl_get_user_by_meta($provider, $hybridauth_user_profile->identifier); } return array($user_id, $adapter, $hybridauth_user_profile, $hybridauth_user_id, $hybridauth_user_email, $request_user_login, $request_user_email); }