function onAuthenticate($credentials, $options, &$response) { # authentication via facebook for Joomla always uses the FB API and secret keys # When this is present, the user's FB uid is used to look up their Joomla uid and log that user in jimport('joomla.filesystem.file'); $configFile = JPATH_ROOT . DS . 'administrator' . DS . 'components' . DS . 'com_jfbconnect' . DS . 'models' . DS . 'config.php'; if (JFile::exists($configFile)) { include_once JPATH_ROOT . DS . 'administrator' . DS . 'components' . DS . 'com_jfbconnect' . DS . 'models' . DS . 'config.php'; $configModel = new JFBConnectModelConfig(); # always check the secret username and password to indicate this is a JFBConnect login #echo "Entering JFBConnectAuth<br>"; if ($credentials['username'] != $configModel->getSetting('facebook_api_key') || $credentials['password'] != $configModel->getSetting('facebook_secret_key')) { $response->status = JAUTHENTICATE_STATUS_FAILURE; $response->error_message = 'Facebook authentication failed'; return false; } #echo "Passed API/Secret key check, this is a FB login<br>"; include_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_jfbconnect' . DS . 'models' . DS . 'usermap.php'; $userMapModel = new JFBConnectModelUserMap(); include_once JPATH_ROOT . DS . 'components' . DS . 'com_jfbconnect' . DS . 'libraries' . DS . 'facebook.php'; $fbClient = JFBConnectFacebookLibrary::getInstance(); $fbUserId = $fbClient->getUserId(FALSE); $app =& JFactory::getApplication(); #echo "Facebook user = "******"User is logged into FB<br>"; # Test if user has a Joomla mapping $jUserId = $userMapModel->getJoomlaUserId($fbUserId); if ($jUserId) { #echo "User has joomla mapping<br>"; $jUser = JUser::getInstance($jUserId); if ($jUser->id == null) { #echo "user NOT loaded, deleting"; $userMapModel->deleteMapping($fbUserId); return false; } $isAllowed = true; # Trigger the jfbcProfile onAuthenticate to see if the user is allowed to login if ($jUser->block) { $isAllowed = false; $app->enqueueMessage(JText::_('E_NOLOGIN_BLOCKED'), 'error'); } else { JPluginHelper::importPlugin('jfbcprofiles'); $args = array($jUserId, $fbUserId); $responses = $app->triggerEvent('jfbcProfilesOnAuthenticate', $args); $return = base64_decode(JRequest::getVar('return')); $isAllowed = true; foreach ($responses as $response) { if (is_object($response) && !$response->status) { $isAllowed = false; $app->enqueueMessage($response->message, 'error'); } } } if ($isAllowed) { $response->status = JAUTHENTICATE_STATUS_SUCCESS; $response->username = $jUser->username; if (!$configModel->getSetting('create_new_users')) { // Update the J user's email to what it is in Facebook $fbProfileFields = $fbClient->getUserProfile($fbUserId, array('email')); if ($fbProfileFields != null && $fbProfileFields['email']) { $jUser->email = $fbProfileFields['email']; $jUser->save(); } } $response->email = $jUser->email; $response->fullname = $jUser->name; $response->error_message = ''; return true; } } else { if (!$configModel->getSetting('create_new_users')) { # User is not in system, should create their account automatically #echo "Creating a pseudo-user<br>"; $fbUser = $fbClient->_getUserName($fbUserId); if ($fbUser == null) { # no information returned from FB return false; } // Get the email to use from Facebook $fbProfileFields = $fbClient->getUserProfile($fbUserId, array('email')); if ($fbProfileFields == null || !$fbProfileFields['email']) { $newEmail = $fbUser['first_name'] . "_" . $fbUserId . "@unknown.com"; } else { $newEmail = $fbProfileFields['email']; } $fullname = $fbUser['name']; $username = "******" . $fbUserId; #Use the Joomla User plugin to create the User row in the database JPluginHelper::importPlugin('user'); $user['fullname'] = $fullname; $user['username'] = $username; $user['password_clear'] = ""; $user['email'] = $newEmail; $jUser = $app->triggerEvent('_getUser', array($user)); $jUser = $jUser[0]; #Map the new user include_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_jfbconnect' . DS . 'models' . DS . 'usermap.php'; $userMapModel = new JFBConnectModelUserMap(); if ($userMapModel->mapUser($fbUserId, $jUser->get('id'))) { $app->enqueueMessage(JText::_('MAP USER SUCCESS')); } else { $app->enqueueMessage(JText::_('MAP USER FAIL')); } $response->status = JAUTHENTICATE_STATUS_SUCCESS; $response->email = $newEmail; $response->fullname = $fullname; $response->username = $username; $response->error_message = ''; return true; } } } } # catch everything else as an authentication failure #echo "Authentication Failure<br>"; $response->status = JAUTHENTICATE_STATUS_FAILURE; $response->error_message = 'Facebook authentication failed'; return false; }
function getJoomlaUserID() { $userMapModel = new JFBConnectModelUserMap(); return $userMapModel->getJoomlaUserId($this->jfbcLibrary->getUserId(FALSE)); }
function loginFacebookUser() { $app = JFactory::getApplication(); $jfbcLibrary = JFBConnectFacebookLibrary::getInstance(); $fbUserId = $jfbcLibrary->getUserId(FALSE); #echo "Con. Logging in FB User : "******"<br>"; require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_jfbconnect' . DS . 'models' . DS . 'usermap.php'; $userMapModel = new JFBConnectModelUserMap(); $configModel = $jfbcLibrary->configModel; $user = JFactory::getUser(); if ($user->guest) { # Guest: Check if they have a Joomla user and log that user in. If not, create them one $jUserId = $userMapModel->getJoomlaUserId($fbUserId); if (!$fbUserId) { # Facebook isn't returning information about this user. Redirect them. $app->enqueueMessage('We were unable to retrieve your Facebook account information. Please try again'); $app->redirect('index.php'); } # Check if automatic email mapping is allowed, and see if that email is registered # AND the Facebook user doesn't already have a Joomla account if ($configModel->getSetting('facebook_auto_map_by_email') && !$jUserId) { $fbProfileFields = $jfbcLibrary->getUserProfile($fbUserId, array('email')); if ($fbProfileFields != null && $fbProfileFields['email']) { $fbEmail = $fbProfileFields['email']; $jUserEmailId = $userMapModel->getJoomlaUserIdFromEmail($fbEmail); if ($jUserEmailId && $jUserEmailId != 0) { // Found a user with the same email address // do final check to make sure there isn't a FB account already mapped to it $jUserId = $userMapModel->getFacebookUserId($jUserEmailId); if (!$jUserId) { if ($userMapModel->mapUser($fbUserId, $jUserEmailId)) { $app->enqueueMessage(JText::_('MAP USER SUCCESS')); } else { $app->enqueueMessage(JText::_('MAP USER FAIL')); } $app->enqueueMessage(JText::_('MAP USER SUCCESS')); $jUserId = $jUserEmailId; // Update the temp jId so that we login below } } } } if ($configModel->getSetting('create_new_users') && $jUserId == null) { # User not in system, create new users setting enabled. Redirect to the login/register form $app->redirect(JRoute::_('index.php?option=com_jfbconnect&view=loginregister', false)); } #set the initial registration variable so that the user plugin knows to map user and trigger onAfterRegistration if ($jUserId == null) { $jfbcLibrary->setInitialRegistration(); } require_once JPATH_COMPONENT . DS . 'controllers' . DS . 'loginregister.php'; $loginController = new JFBConnectControllerLoginRegister(); $loginController->login(); // Perform the login function } else { #echo "Updating mapping only"; if ($userMapModel->mapUser($fbUserId)) { $app->enqueueMessage(JText::_('MAP USER SUCCESS')); } else { $app->enqueueMessage(JText::_('MAP USER FAIL')); } } $return = base64_decode(JRequest::getVar('return')); $app->redirect($return); }
function login() { $app = JFactory::getApplication(); $jfbcLibrary = JFBConnectFacebookLibrary::getInstance(); $configModel = $jfbcLibrary->configModel; $options = array('silent' => 1); // Disable other authentication messages $app->login(array('username' => $configModel->getSetting('facebook_api_key'), 'password' => $configModel->getSetting('facebook_secret_key')), $options); // Fire off our profile event of logging in $jUser =& JFactory::getUser(); $configModel = $jfbcLibrary->getConfigModel(); //if (!$jUser->guest) //{ $fbUserId = $jfbcLibrary->getUserId(FALSE); if ($fbUserId) { require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_jfbconnect' . DS . 'models' . DS . 'usermap.php'; $userMapModel = new JFBConnectModelUserMap(); # Do a final check to make sure that the FB user is the same one mapped to the Joomla user, if not, they aren't the same person # In that case, don't import their profile and expire their session if ($userMapModel->getJoomlaUserId($fbUserId) == $jUser->get('id')) { JPluginHelper::importPlugin('jfbcprofiles'); if ($jfbcLibrary->initialRegistration) { # Send the new user email here. Password is blank because this path is only called if # the user isn't required to activate, and that email doesn't show the password $sendEmail = true; $profileEmails = $app->triggerEvent('jfbcProfilesSendsNewUserEmails'); foreach ($profileEmails as $pe) { if ($pe) { $sendEmail = false; } } if ($sendEmail) { $this->_sendMail($jUser, " "); } # New user, set their new user status and trigger the OnRegister event $args = array($jUser->get('id'), $fbUserId); $app->triggerEvent('jfbcProfilesOnRegister', $args); $jfbcLibrary->setFacebookNewUserMessage(); } else { # This is a re-login set login status message and trigger onAfterLogin event $app->triggerEvent('jfbcProfilesOnLogin'); $jfbcLibrary->setFacebookLoginMessage(); } } } $return = base64_decode(JRequest::getVar('return')); $redirect = ""; if ($jfbcLibrary->initialRegistration) { $redirectId = $configModel->getSetting('facebook_new_user_redirect', 'index.php'); $redirect = JRoute::_("index.php?Itemid=" . $redirectId, false); } else { if ($configModel->getSetting('facebook_login_redirect_enable') && !$jfbcLibrary->initialRegistration) { $redirectId = $configModel->getSetting('facebook_login_redirect', 'index.php'); $redirect = JRoute::_("index.php?Itemid=" . $redirectId, false); } else { if ($return != "") { $redirect = $return; } else { $redirect = JRoute::_('index.php'); } } } $app->redirect($redirect); }
function getUserId($validateWithJoomla = TRUE) { $userId = null; $cookie = $this->getCookie(); if ($cookie) { $userId = $cookie['uid']; if ($validateWithJoomla) { $userMapModel = new JFBConnectModelUserMap(); jimport('joomla.user.helper'); $jUser =& JFactory::getUser(); if ($userMapModel->getJoomlaUserId($userId) != $jUser->get('id') || $jUser->guest) { $userId = null; } } } return $userId; #return self::$_facebook->getUser(); //Throws OAuthException if not logged in }
function onUserAuthenticate($credentials, $options, &$response) { $response->type = 'JFBConnectAuth'; # authentication via facebook for Joomla always uses the FB API and secret keys # When this is present, the user's FB uid is used to look up their Joomla uid and log that user in jimport('joomla.filesystem.file'); $provider = null; if (isset($options['provider'])) { $provider = $options['provider']; } if (class_exists('JFBCFactory') && $provider) { # always check the secret username and password to indicate this is a JFBConnect login #echo "Entering JFBConnectAuth<br>"; if ($credentials['username'] != $provider->appId || $credentials['password'] != $provider->secretKey) { $response->status = JAuthentication::STATUS_FAILURE; return false; } #echo "Passed API/Secret key check, this is a FB login<br>"; include_once JPATH_ADMINISTRATOR . '/components/com_jfbconnect/models/usermap.php'; $userMapModel = new JFBConnectModelUserMap(); $providerUserId = $provider->getProviderUserId(); $app = JFactory::getApplication(); #echo "Facebook user = ".$fbUserId; # test if user is logged into Facebook if ($providerUserId) { # Test if user has a Joomla mapping $jUserId = $userMapModel->getJoomlaUserId($providerUserId, $provider->name); if ($jUserId) { $jUser = JUser::getInstance($jUserId); if ($jUser->id == null) { $userMapModel->deleteMapping($providerUserId, $provider->name); return false; } if ($jUser->block) { $isAllowed = false; JFBCFactory::log(JText::_('JERROR_NOLOGIN_BLOCKED'), 'error'); } else { JPluginHelper::importPlugin('socialprofiles'); $args = array($provider->name, $jUserId, $providerUserId); $responses = $app->triggerEvent('socialProfilesOnAuthenticate', $args); $isAllowed = true; foreach ($responses as $prResponse) { if (is_object($prResponse) && !$prResponse->status) { $isAllowed = false; JFBCFactory::log($prResponse->message, 'error'); } } } if ($isAllowed) { $response->status = JAuthentication::STATUS_SUCCESS; $response->username = $jUser->username; $response->language = $jUser->getParam('language'); $response->email = $jUser->email; $response->fullname = $jUser->name; $response->error_message = ''; return true; } } } } # catch everything else as an authentication failure $response->status = JAuthentication::STATUS_FAILURE; return false; }