public function getValidAccessToken($params) { $CLIENT_ID = isset($params[self::CLIENT_ID]) ? $params[self::CLIENT_ID] : null; $CLIENT_SECRET = isset($params[self::CLIENT_SECRET]) ? $params[self::CLIENT_SECRET] : null; $USER_ID = isset($params[self::USER_ID]) ? $params[self::USER_ID] : null; $MEDIA_ID = isset($params[self::MEDIA_ID]) ? $params[self::MEDIA_ID] : null; $ACCESS_TOKEN = isset($params[self::AUTH_TOKEN]) ? $params[self::AUTH_TOKEN] : null; $REFRESH_TOKEN = isset($params[self::AUTH_REFRESH_TOKEN]) ? $params[self::AUTH_REFRESH_TOKEN] : null; if (!isset($CLIENT_ID) || !isset($CLIENT_SECRET)) { $oMediaClients = new \Av\ClientCredentialsModel(); $params_credentials = array(\Av\ClientCredentialsModel::MEDIA_ID => $MEDIA_ID); $credential = $oMediaClients->GetCredentials($params_credentials); if ($credential === false) { throw new \Google_Exception('You must fill out the CLIENT credentials'); } $CLIENT_ID = isset($credential[\Av\ClientCredentialsModel::CLIENT_ID]) ? $credential[\Av\ClientCredentialsModel::CLIENT_ID] : null; $CLIENT_SECRET = isset($credential[\Av\ClientCredentialsModel::CLIENT_SECRET]) ? $credential[\Av\ClientCredentialsModel::CLIENT_SECRET] : null; } // 2. Find authorization credentials for given user/media $oMediaUserMapper = new \Av\MediaUserModel(); if (empty($ACCESS_TOKEN)) { // 3. if access token is not set - this call is made by server, without user contenst if (empty($USER_ID) || empty($MEDIA_ID)) { throw new \Google_Exception('You must passt the USER ID and MEDIA ID parameter to get access and refresh tokens from DB'); } $params_user_credentials = array(\Av\MediaUserModel::MEDIA_ID => $MEDIA_ID, \Av\MediaUserModel::USER_ID => $USER_ID); $arrUserCredentials = $oMediaUserMapper->GetCredentials($params_user_credentials); if (empty($arrUserCredentials[\Av\MediaUserModel::REFRESH_TOKEN])) { throw new \Google_Exception("Refresh token is not set for user id {$USER_ID} "); } if (empty($arrUserCredentials[\Av\MediaUserModel::ACCESS_TOKEN])) { throw new \Google_Exception("Access token is not set for user id {$USER_ID} "); } // 3. Extract access token $ACCESS_TOKEN = $arrUserCredentials[\Av\MediaUserModel::ACCESS_TOKEN]; $REFRESH_TOKEN = $arrUserCredentials[\Av\MediaUserModel::REFRESH_TOKEN]; } // 4. check if the access token valid $client = new \Google_Client(); $client->setClientId($CLIENT_ID); $client->setClientSecret($CLIENT_SECRET); $client->setAccessToken($ACCESS_TOKEN); if ($client->isAccessTokenExpired()) { // 4.1 Old access token is not valid - get new access token if (isset($REFRESH_TOKEN)) { $client->refreshToken($REFRESH_TOKEN); } else { throw new \Google_Exception("Invalid refresh token."); } // 4.2 save new access token in DB $ACCESS_TOKEN = $client->getAccessToken(); if (isset($ACCESS_TOKEN)) { if (empty($USER_ID) || empty($MEDIA_ID)) { throw new \Google_Exception('You must passt the USER ID and MEDIA ID parameter to get access and refresh tokens from DB'); } $params_new_credentials = array(\Av\MediaUserModel::ACCESS_TOKEN => $ACCESS_TOKEN, \Av\MediaUserModel::MEDIA_ID => $MEDIA_ID, \Av\MediaUserModel::USER_ID => $USER_ID); $oMediaUserMapper->SaveCredentials($params_new_credentials); } else { throw new \Google_Exception("Could not refresh access token."); } } return $ACCESS_TOKEN; }
public function SaveUser($params) { $MEDIA_ID = isset($params[\Av\MediaUserModel::MEDIA_ID]) ? $params[\Av\MediaUserModel::MEDIA_ID] : null; $USER_ID = isset($params[\Av\MediaUserModel::USER_ID]) ? $params[\Av\MediaUserModel::USER_ID] : null; $SOCIAL_USER_ID = isset($params[\Av\MediaUserModel::SOCIAL_USER_ID]) ? $params[\Av\MediaUserModel::SOCIAL_USER_ID] : null; $STATUS = isset($params[\Av\MediaUserModel::STATUS]) ? $params[\Av\MediaUserModel::STATUS] : \Av\MediaUserModel::STATUS_ACTIVE; $ACCESS_TOKEN = isset($params[\Av\MediaUserModel::ACCESS_TOKEN]) ? $params[\Av\MediaUserModel::ACCESS_TOKEN] : null; $REFRESH_TOKEN = isset($params[\Av\MediaUserModel::REFRESH_TOKEN]) ? $params[\Av\MediaUserModel::REFRESH_TOKEN] : null; $ROLE_ID = isset($params[\Av\UserModel::ROLE_ID]) ? $params[\Av\UserModel::ROLE_ID] : null; $EMAIL = isset($params[\Av\UserModel::USER_EMAIL]) ? $params[\Av\UserModel::USER_EMAIL] : null; $DISPLAY_NAME = isset($params[\Av\UserModel::DISPLAY_NAME]) ? $params[\Av\UserModel::DISPLAY_NAME] : null; $oUserMapper = new \Av\UserModel(); $oMediaUserMapper = new \Av\MediaUserModel(); // 1. If USER_ID is not set - it is initial login or signup if (empty($USER_ID)) { //1.1 Check by EMAIL if user exists in "user" table if (empty($EMAIL)) { return false; } // $this->AddDebug(__METHOD__ . " #" . __LINE__ . " email:" . print_r($EMAIL, true)); $params_user = array(\Av\UserModel::USER_EMAIL => $EMAIL); $user_info = $oUserMapper->GetUserInfo($params_user); // $this->AddDebug(__METHOD__ . " #" . __LINE__ . " user_info:" . print_r($user_info, true)); if ($user_info === false) { //1.2 User does not exist. Create new. $params_user[\Av\UserModel::DISPLAY_NAME] = $DISPLAY_NAME; $params_user[\Av\UserModel::ROLE_ID] = $ROLE_ID; $params_user[\Av\UserModel::USER_STATUS] = $STATUS; $USER_ID = $oUserMapper->SaveUserInfo($params_user); // $this->AddDebug(__METHOD__ . " #" . __LINE__ . " saved user_id {} params:" . print_r($params_user, true)); if (empty($USER_ID) || $USER_ID === false) { return false; } } else { $ROLE_ID = isset($user_info[\Av\UserModel::ROLE_ID]) ? $user_info[\Av\UserModel::ROLE_ID] : null; $USER_ID = isset($user_info[\Av\UserModel::USER_ID]) ? $user_info[\Av\UserModel::USER_ID] : null; $DISPLAY_NAME = isset($user_info[\Av\UserModel::DISPLAY_NAME]) ? $user_info[\Av\UserModel::DISPLAY_NAME] : null; } } $params_media_user = array(\Av\MediaUserModel::MEDIA_ID => (int) $MEDIA_ID, \Av\MediaUserModel::USER_ID => (int) $USER_ID, \Av\MediaUserModel::ACCESS_TOKEN => $ACCESS_TOKEN, \Av\MediaUserModel::SOCIAL_USER_ID => isset($SOCIAL_USER_ID) ? $SOCIAL_USER_ID : 'n/a', \Av\MediaUserModel::STATUS => $STATUS, \Av\MediaUserModel::REFRESH_TOKEN => isset($REFRESH_TOKEN) ? $REFRESH_TOKEN : null); // 2. Save new social media user credentials $bSaved = $oMediaUserMapper->SaveCredentials($params_media_user); $this->AddDebug(__METHOD__ . " #" . __LINE__ . " is user saved with success {$bSaved}"); // 3. return authenticated user credentials if ($bSaved !== false) { // 3. Save to auth object and ssession $params_login = array(\Av\AuthController::USER_ID => (int) $USER_ID, \Av\AuthController::USER_NAME => $DISPLAY_NAME, \Av\AuthController::USER_ROLE_ID => (int) $ROLE_ID); \Av\AuthController::LogIn($params_login); } else { return false; } }