function onAuthenticate($credentials, $options, &$response) { # authentication via facebook for Joomla always uses the FB API and secret keys # When this is present, the user's FB uid is used to look up their Joomla uid and log that user in jimport('joomla.filesystem.file'); $configFile = JPATH_ROOT . DS . 'administrator' . DS . 'components' . DS . 'com_jfbconnect' . DS . 'models' . DS . 'config.php'; if (JFile::exists($configFile)) { include_once JPATH_ROOT . DS . 'administrator' . DS . 'components' . DS . 'com_jfbconnect' . DS . 'models' . DS . 'config.php'; $configModel = new JFBConnectModelConfig(); # always check the secret username and password to indicate this is a JFBConnect login #echo "Entering JFBConnectAuth<br>"; if ($credentials['username'] != $configModel->getSetting('facebook_api_key') || $credentials['password'] != $configModel->getSetting('facebook_secret_key')) { $response->status = JAUTHENTICATE_STATUS_FAILURE; $response->error_message = 'Facebook authentication failed'; return false; } #echo "Passed API/Secret key check, this is a FB login<br>"; include_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_jfbconnect' . DS . 'models' . DS . 'usermap.php'; $userMapModel = new JFBConnectModelUserMap(); include_once JPATH_ROOT . DS . 'components' . DS . 'com_jfbconnect' . DS . 'libraries' . DS . 'facebook.php'; $fbClient = JFBConnectFacebookLibrary::getInstance(); $fbUserId = $fbClient->getUserId(FALSE); $app =& JFactory::getApplication(); #echo "Facebook user = "******"User is logged into FB<br>"; # Test if user has a Joomla mapping $jUserId = $userMapModel->getJoomlaUserId($fbUserId); if ($jUserId) { #echo "User has joomla mapping<br>"; $jUser = JUser::getInstance($jUserId); if ($jUser->id == null) { #echo "user NOT loaded, deleting"; $userMapModel->deleteMapping($fbUserId); return false; } $isAllowed = true; # Trigger the jfbcProfile onAuthenticate to see if the user is allowed to login if ($jUser->block) { $isAllowed = false; $app->enqueueMessage(JText::_('E_NOLOGIN_BLOCKED'), 'error'); } else { JPluginHelper::importPlugin('jfbcprofiles'); $args = array($jUserId, $fbUserId); $responses = $app->triggerEvent('jfbcProfilesOnAuthenticate', $args); $return = base64_decode(JRequest::getVar('return')); $isAllowed = true; foreach ($responses as $response) { if (is_object($response) && !$response->status) { $isAllowed = false; $app->enqueueMessage($response->message, 'error'); } } } if ($isAllowed) { $response->status = JAUTHENTICATE_STATUS_SUCCESS; $response->username = $jUser->username; if (!$configModel->getSetting('create_new_users')) { // Update the J user's email to what it is in Facebook $fbProfileFields = $fbClient->getUserProfile($fbUserId, array('email')); if ($fbProfileFields != null && $fbProfileFields['email']) { $jUser->email = $fbProfileFields['email']; $jUser->save(); } } $response->email = $jUser->email; $response->fullname = $jUser->name; $response->error_message = ''; return true; } } else { if (!$configModel->getSetting('create_new_users')) { # User is not in system, should create their account automatically #echo "Creating a pseudo-user<br>"; $fbUser = $fbClient->_getUserName($fbUserId); if ($fbUser == null) { # no information returned from FB return false; } // Get the email to use from Facebook $fbProfileFields = $fbClient->getUserProfile($fbUserId, array('email')); if ($fbProfileFields == null || !$fbProfileFields['email']) { $newEmail = $fbUser['first_name'] . "_" . $fbUserId . "@unknown.com"; } else { $newEmail = $fbProfileFields['email']; } $fullname = $fbUser['name']; $username = "******" . $fbUserId; #Use the Joomla User plugin to create the User row in the database JPluginHelper::importPlugin('user'); $user['fullname'] = $fullname; $user['username'] = $username; $user['password_clear'] = ""; $user['email'] = $newEmail; $jUser = $app->triggerEvent('_getUser', array($user)); $jUser = $jUser[0]; #Map the new user include_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_jfbconnect' . DS . 'models' . DS . 'usermap.php'; $userMapModel = new JFBConnectModelUserMap(); if ($userMapModel->mapUser($fbUserId, $jUser->get('id'))) { $app->enqueueMessage(JText::_('MAP USER SUCCESS')); } else { $app->enqueueMessage(JText::_('MAP USER FAIL')); } $response->status = JAUTHENTICATE_STATUS_SUCCESS; $response->email = $newEmail; $response->fullname = $fullname; $response->username = $username; $response->error_message = ''; return true; } } } } # catch everything else as an authentication failure #echo "Authentication Failure<br>"; $response->status = JAUTHENTICATE_STATUS_FAILURE; $response->error_message = 'Facebook authentication failed'; return false; }
function onUserAuthenticate($credentials, $options, &$response) { $response->type = 'JFBConnectAuth'; # authentication via facebook for Joomla always uses the FB API and secret keys # When this is present, the user's FB uid is used to look up their Joomla uid and log that user in jimport('joomla.filesystem.file'); $provider = null; if (isset($options['provider'])) { $provider = $options['provider']; } if (class_exists('JFBCFactory') && $provider) { # always check the secret username and password to indicate this is a JFBConnect login #echo "Entering JFBConnectAuth<br>"; if ($credentials['username'] != $provider->appId || $credentials['password'] != $provider->secretKey) { $response->status = JAuthentication::STATUS_FAILURE; return false; } #echo "Passed API/Secret key check, this is a FB login<br>"; include_once JPATH_ADMINISTRATOR . '/components/com_jfbconnect/models/usermap.php'; $userMapModel = new JFBConnectModelUserMap(); $providerUserId = $provider->getProviderUserId(); $app = JFactory::getApplication(); #echo "Facebook user = ".$fbUserId; # test if user is logged into Facebook if ($providerUserId) { # Test if user has a Joomla mapping $jUserId = $userMapModel->getJoomlaUserId($providerUserId, $provider->name); if ($jUserId) { $jUser = JUser::getInstance($jUserId); if ($jUser->id == null) { $userMapModel->deleteMapping($providerUserId, $provider->name); return false; } if ($jUser->block) { $isAllowed = false; JFBCFactory::log(JText::_('JERROR_NOLOGIN_BLOCKED'), 'error'); } else { JPluginHelper::importPlugin('socialprofiles'); $args = array($provider->name, $jUserId, $providerUserId); $responses = $app->triggerEvent('socialProfilesOnAuthenticate', $args); $isAllowed = true; foreach ($responses as $prResponse) { if (is_object($prResponse) && !$prResponse->status) { $isAllowed = false; JFBCFactory::log($prResponse->message, 'error'); } } } if ($isAllowed) { $response->status = JAuthentication::STATUS_SUCCESS; $response->username = $jUser->username; $response->language = $jUser->getParam('language'); $response->email = $jUser->email; $response->fullname = $jUser->name; $response->error_message = ''; return true; } } } } # catch everything else as an authentication failure $response->status = JAuthentication::STATUS_FAILURE; return false; }