public function execute($request) { $form = new OAuthClientRegistrationForm(); if ($request->isMethod(sfWebRequest::POST)) { $form->bind($request->getPostParameter($form->getName())); if ($form->isValid()) { // code to handle form submission $values = $form->getValues(); $client = new OAuthClient(); $client->setClientId($values['client_id']); $client->setClientSecret($values['client_secret']); $client->setRedirectUri($values['redirect_uri']); try { $client->save(); $this->getUser()->setFlash("success", __("OAuth Client Saved Successfully"), false); } catch (Exception $e) { if ($e->getCode() == 23000) { // ER_DUP_ENTRY : duplicate client_id. client may already registered $this->getUser()->setFlash("warning", __("given Client ID is already in the database"), false); } else { die($e->getMessage()); } } } } if ($this->authorized) { $this->form = $form; } }
/** * returns an access token * * @param ApiClient $pApiClient * @return OAuthToken */ public static function getAccess($pApiClient, $pUser = null) { if ($pUser) { $lUser = $pUser; } else { $lUser = sfContext::getInstance()->getUser()->getUser(); } $lAccessToken = OAuthServiceTokenPeer::getAccessToken($lUser->getId(), $pApiClient->getId()); if ($lAccessToken) { $lAccessToken = $lAccessToken->convert(); } else { $lServiceRegistry = $pApiClient->getOAuthServiceRegistry(); $lRequest = sfContext::getInstance()->getRequest(); $lOAuthKey = $lRequest->getParameter('oauth_token'); $lRequestToken = OAuthServiceTokenPeer::getRequestToken($lUser->getId(), $lOAuthKey); // check if a request token is available if ($lRequestToken) { // delete request token $lRequestToken->delete(); } else { throw new OAuthException('no valid request token'); } $lOAuthConsumer = new OAuthConsumer($lServiceRegistry->getConsumerKey(), $lServiceRegistry->getConsumerSecret(), null); // @todo better http error code handling try { $lAccessToken = OAuthClient::getAccessToken($lOAuthConsumer, $lServiceRegistry->getAccessUri(), $lRequestToken->convert(), $lServiceRegistry->getHttpMethod(), $lServiceRegistry->getScope(), self::getSignature($lServiceRegistry->getSignatureMethods())); } catch (Exception $e) { throw new OAuthException('request token seems to be invalid'); } OAuthServiceTokenPeer::saveAccessToken($lAccessToken, $lUser->getId(), $lServiceRegistry->getId()); } return $lAccessToken; }
public function unbind($req, $res) {/*{{{*/ if (false == $this->user->isNull()) { OAuthClient::getInstance()->unBindWeiXinUser($this->user); $res->setRedirect($res->router->urlfor('weixin/message', array('message' => '取消绑定成功'))); } else { $res->setRedirect($res->router->urlfor('weixin/message', array('message' => '您没有登陆好大夫账号'))); } }/*}}}*/
/** * Sends the message to the configured network * * @param string $pPostBody * @return mixed */ protected function send($pPostBody) { $this->onlineIdentity->scheduleImportJob(); $lToken = $this->getAuthToken(); $lKey = sfConfig::get("app_" . $this->classToIdentifier() . "_oauth_token"); $lSecret = sfConfig::get("app_" . $this->classToIdentifier() . "_oauth_secret"); $lPostApi = sfConfig::get("app_" . $this->classToIdentifier() . "_post_api"); $lPostRealm = sfConfig::get("app_" . $this->classToIdentifier() . "_post_realm"); $lPostType = ($pt = sfConfig::get("app_" . $this->classToIdentifier() . "_post_type")) ? array($pt) : null; $lConsumer = new OAuthConsumer($lKey, $lSecret); return OAuthClient::post($lConsumer, $lToken->getTokenKey(), $lToken->getTokenSecret(), $lPostApi, $pPostBody, null, $lPostType, $lPostRealm); }
/** * import twitter contacts * * @author Matthias Pfefferle * @author Karina Mies */ public static function importContacts($pOnlineIdentity) { $lToken = AuthTokenTable::getByUserAndOnlineIdentity($pOnlineIdentity->getUserId(), $pOnlineIdentity->getId()); // get api informations if (!$lToken) { $pOnlineIdentity->deactivate(); throw new Exception('damn theres no token!', '666'); } $lConsumer = new OAuthConsumer(sfConfig::get("app_xing_oauth_token"), sfConfig::get("app_xing_oauth_secret")); $lJson = OAuthClient::get($lConsumer, $lToken->getTokenKey(), $lToken->getTokenSecret(), "https://api.xing.com/v1/users/me/contact_ids.json"); $lJsonFriendsObject = json_decode($lJson, true); sfContext::getInstance()->getLogger()->notice(print_r($lJsonFriendsObject, true)); self::importFriends($pOnlineIdentity, $lJsonFriendsObject); }
/** * import twitter contacts * * @author Matthias Pfefferle * @author Karina Mies */ public static function importContacts($pOnlineIdentity) { $lToken = AuthTokenTable::getByUserAndOnlineIdentity($pOnlineIdentity->getUserId(), $pOnlineIdentity->getId()); // get api informations if (!$lToken) { $pOnlineIdentity->deactivate(); throw new Exception('damn theres no token!', '666'); } $lConsumer = new OAuthConsumer(sfConfig::get("app_linkedin_oauth_token"), sfConfig::get("app_linkedin_oauth_secret")); $lXml = OAuthClient::get($lConsumer, $lToken->getTokenKey(), $lToken->getTokenSecret(), "http://api.linkedin.com/v1/people/~/connections:(id)"); $lFriendObject = simplexml_load_string($lXml); $lXml = OAuthClient::get($lConsumer, $lToken->getTokenKey(), $lToken->getTokenSecret(), "http://api.linkedin.com/v1/people/~:(id,site-standard-profile-request,summary,picture-url,first-name,last-name,date-of-birth,location)"); $lProfileArray = XmlUtils::XML2Array($lXml); @self::importFriends($pOnlineIdentity, $lFriendObject); @self::updateIdentity($pOnlineIdentity, $lProfileArray); }
/** * import twitter contacts * * @author Matthias Pfefferle * @author Karina Mies */ public static function importContacts($pOnlineIdentity) { $lToken = AuthTokenTable::getByUserAndOnlineIdentity($pOnlineIdentity->getUserId(), $pOnlineIdentity->getId()); // get api informations if (!$lToken) { $pOnlineIdentity->deactivate(); throw new Exception('damn theres no token!', '666'); } $lConsumer = new OAuthConsumer(sfConfig::get("app_twitter_oauth_token"), sfConfig::get("app_twitter_oauth_secret")); $lJson = OAuthClient::get($lConsumer, $lToken->getTokenKey(), $lToken->getTokenSecret(), "http://api.twitter.com/1.1/followers/ids.json?id=" . $pOnlineIdentity->getOriginalId()); $lJsonFriendsObject = json_decode($lJson); // get api informations $lJson = OAuthClient::get($lConsumer, $lToken->getTokenKey(), $lToken->getTokenSecret(), "http://api.twitter.com/1.1/users/show.json?user_id=" . $pOnlineIdentity->getOriginalId()); $lJsonUserObject = json_decode($lJson); self::importFriends($pOnlineIdentity, $lJsonFriendsObject); self::updateIdentity($pOnlineIdentity, $lJsonUserObject); }
public function relieveTencentOauth($request, $response) { if ($this->_newUser->isNull() || $this->_newUser->id != $this->_newSpace->id) { $this->message('你没有权限操作! ', $response); return false; } $m = OAuthClient::getInstance()->relieveTencentOauth($this->_newSpace->id); if($m) $response->setRedirect($response->router->urlfor('webmessage/setuptencent')); else $this->message('解除关联失败', $response); }
/** * ask twitter for an access token * * @author Matthias Pfefferle * @param string $pTokenKey */ public function getAccessToken($pOAuthToken) { $lAccessToken = OAuthClient::getAccessToken($this->getConsumer(), "https://api.xing.com/v1/access_token", $pOAuthToken, "POST", array("oauth_verifier" => $pOAuthToken->verifier)); return $lAccessToken; }
* along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA * in your development cycle save you a lot of time by preventing you having to rewrite<br> * major documentation parts to generate some usable form of documentation. */ session_start(); require_once dirname(__FILE__) . '/config.php'; require_once 'library/OAuthClient.php'; /** * Check if there is an error present */ if (isset($_GET["error"])) { die(@$_GET["error_description"]); } // Load the client class $client = new OAuthClient($config); /** * EXAMPLE - LISTENING FOR A AUTHORIZE CODE AND GETTING AN ACCESS TOKEN * * If there is a $_GET parameter "code", we must assume that the user has been authoricated and that * the OAuth Server is giving us an "Access Code" that we can use to abtain an access token. * * Once we have an Access Code present we can simply request an access_token. * - Access Codes are only valid for a maximum of 10 minutes. Please refer to the OAuth Server for it spcific speficatons. */ if (isset($_GET['code'])) { // Get the access token along with other information from the server as well $feedback = $client->_getAccessToken(); /** OPTION but RECOMMENDED - STORAGE */ // Store the access token, refresh token as well as exiration from information gathered from the // OAuth Server. Here the example simple adds the entire respose from the OAuth Server into a
<?php session_start(); require_once '../OAuthClient.class.php'; $CLIENT_ID = '262048643983887'; $CLIENT_SECRET = 'ff6440811c9834222fd8cbc60efd1ccd'; $AUTH_URL = 'https://graph.facebook.com/oauth/authorize'; $TOKEN_URL = 'https://graph.facebook.com/oauth/access_token'; $facebook = new OAuthClient(); $facebook->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($facebook->authenticate($_GET['code']) == true) { $redirectUrl = $facebook->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($facebook->getAccessToken() == null) { $authUrl = $facebook->getAuthenticationUrl(); header('location:' . $authUrl); exit; } ?> <html lang="ko"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=1000"> <title>SimpleOAuth2Client Examples - Facebook</title> </head> <body> <pre>
function doProcess($action) { $results = new stdClass(); $values = new stdClass(); if ($action == 'check') { $name = Request('name'); $value = Request('value'); if ($name == 'email') { $siteType = $this->IM->getSites($this->IM->domain)->member; if (CheckEmail($value) == true) { if ($this->db()->select($this->table->member)->where('email', $value)->where('idx', $this->getLogged(), '!=')->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('email', $value)->where('idx', $this->getLogged(), '!=')->where('type', 'ADMINISTRATOR')->has() == true) { $results->success = false; $results->message = $this->getLanguage('signup/help/email/duplicated'); } else { $results->success = true; } } else { $results->success = false; $results->message = $this->getLanguage('signup/help/email/error'); } } if ($name == 'name') { if (strlen($value) > 0) { $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('signup/help/name/error'); } } if ($name == 'nickname') { $siteType = $this->IM->getSites($this->IM->domain)->member; if (CheckNickname($value) == true) { if ($this->db()->select($this->table->member)->where('nickname', $value)->where('idx', $this->getLogged(), '!=')->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('nickname', $value)->where('idx', $this->getLogged(), '!=')->where('type', 'ADMINISTRATOR')->has() == true) { $results->success = false; $results->message = $this->getLanguage('signup/help/nickname/duplicated'); } else { $results->success = true; } } else { $results->success = false; $results->message = $this->getLanguage('signup/help/nickname/error'); } } if ($name == 'old_password') { if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } else { $mHash = new Hash(); if ($mHash->password_validate($value, $this->getMember()->password) == true) { $results->success = true; $results->message = $this->getLanguage('password/help/old_password/success'); } else { $results->success = false; $results->message = $this->getLanguage('password/help/old_password/error'); } } } } if ($action == 'forceLogin') { $code = Decoder(Request('code')); if ($code === false) { $results->success = false; $results->message = $this->getLanguage('error/invalidCode'); } else { $data = json_decode($code); if ($data != null && $data->ip == $_SERVER['REMOTE_ADDR']) { $this->login($data->idx); $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('error/invalidCode'); } } } if ($action == 'login') { $mHash = new Hash(); $email = Request('email'); $password = Request('password'); $results->errors = array(); $loginFail = Request('loginFail', 'session') != null && is_array(Request('loginFail', 'session')) == true ? Request('loginFail', 'session') : array('count' => 0, 'time' => 0); if ($loginFail['time'] > time()) { $results->success = false; $results->message = $this->getLanguage('login/error/login'); } else { $siteType = $this->IM->getSites($this->IM->domain)->member; if ($siteType == 'MERGE') { $check = $this->db()->select($this->table->member)->where('email', $email)->where('domain', '*')->getOne(); } else { $check = $this->db()->select($this->table->member)->where('email', $email)->where('domain', $this->IM->domain)->getOne(); } // not found member, search ADMINISTRATOR if ($check == null) { $check = $this->db()->select($this->table->member)->where('email', $email)->where('type', 'ADMINISTRATOR')->getOne(); } if ($check == null) { $results->success = false; $results->errors['email'] = $this->getLanguage('login/error/email'); $loginFail['count']++; if ($loginFail['count'] == 5) { $loginFail['count'] = 0; $loginFail['time'] = time() + 60 * 60 * 5; } $values->email = $email; $values->password = $password; } elseif ($mHash->password_validate($password, $check->password) == false) { $results->success = false; $results->errors['password'] = $this->getLanguage('login/error/password'); $loginFail['count']++; if ($loginFail['count'] == 5) { $loginFail['count'] = 0; $loginFail['time'] = time() + 60 * 60 * 5; } $values->email = $email; $values->password = $password; } else { if ($check->status == 'ACTIVE') { $this->db()->update($this->table->member, array('last_login' => time()))->where('idx', $check->idx)->execute(); $this->login($check->idx); $results->success = true; } elseif ($check->status == 'VERIFYING') { $_SESSION['MEMBER_REGISTER_IDX'] = Encoder($check->idx); $page = $this->getMemberPage('signup'); $results->success = false; $results->redirect = $this->IM->getUrl($page->menu, $page->page, 'verify'); } else { $results->success = false; $results->message = $this->getLanguage('error/' . $check->status); } } } $_SESSION['loginFail'] = $loginFail; } if ($action == 'logout') { unset($_SESSION['MEMBER_LOGGED']); $results->success = true; } if ($action == 'cert') { $results->success = true; } if ($action == 'signup') { $siteType = $this->IM->getSites($this->IM->domain)->member; $errors = array(); $email = CheckEmail(Request('email')) == true ? Request('email') : ($errors['email'] = $this->getLanguage('signup/help/email/error')); $password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error')); if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) { $errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error'); } $name = CheckNickname(Request('name')) == true ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error')); $nickname = CheckNickname(Request('nickname')) == true ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error')); if ($this->db()->select($this->table->member)->where('email', $email)->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('email', $email)->where('type', 'ADMINISTRATOR')->has() == true) { $errors['email'] = $this->getLanguage('signup/help/email/duplicated'); } if ($this->db()->select($this->table->member)->where('nickname', $nickname)->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('nickname', $nickname)->where('type', 'ADMINISTRATOR')->has() == true) { $errors['nickname'] = $this->getLanguage('signup/help/nickname/duplicated'); } if (empty($errors) == true) { $mHash = new Hash(); $insert = array(); $insert['email'] = $email; $insert['domain'] = $siteType == 'MERGE' ? '*' : $this->IM->domain; $insert['password'] = $mHash->password_hash($password); $insert['name'] = $name; $insert['nickname'] = $nickname; $insert['status'] = 'VERIFYING'; $insert['reg_date'] = time(); $idx = $this->db()->insert($this->table->member, $insert)->execute(); if ($idx !== false) { $results->success = true; $_SESSION['MEMBER_REGISTER_IDX'] = Encoder($idx); $this->sendVerifyEmail($idx); unset($_SESSION['registerGIDX']); } else { $results->success = false; } } else { $results->success = false; $results->errors = $errors; } } if ($action == 'verifyEmail') { $registerIDX = Request('registerIDX'); if ($registerIDX == null) { $results->success = false; } else { $email = Request('email'); $email_verify_code = Request('email_verify_code'); $check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne(); if ($check == null) { $results->success = false; $results->errors = array('email' => $this->getLanguage('verifyEmail/help/email/notFound')); } elseif ($check->code == $email_verify_code) { $this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $registerIDX)->where('email', $email)->execute(); $this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute(); $results->success = true; } else { $results->success = false; $results->errors = array('email_verify_code' => $this->getLanguage('verifyEmail/help/email_verify_code/error')); } } } if ($action == 'sendVerifyEmail') { $registerIDX = Request('registerIDX'); $email = Request('email'); if ($this->isLogged() == true) { if (CheckEmail($email) == false) { $results->success = false; $results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/error')); } elseif ($this->db()->select($this->table->member)->where('email', $email)->count() == 1) { $results->success = false; $results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/duplicated')); } else { $check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne(); if ($check == null || $check->status != 'SENDING' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) { $this->db()->delete($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->execute(); $status = $this->sendVerifyEmail($this->getLogged(), $email); $results->success = true; $results->message = $this->getLanguage('verifyEmail/sending'); } else { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/sending'); } } } elseif ($registerIDX != null) { $member = $this->db()->select($this->table->member)->where('idx', $registerIDX)->getOne(); if ($member == null || $member->status != 'VERIFYING') { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/target'); } else { if (CheckEmail($email) == false) { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/email'); } else { $check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne(); if ($check->status == 'VERIFIED') { $signupPage = $this->getMemberPage('signup'); $results->success = true; $this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute(); $results->redirect = $this->IM->getUrl($signupPage->menu, $signupPage->page, 'complete'); } elseif ($check == null || $check->status == 'CANCELED' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) { $this->db()->delete($this->table->email)->where('midx', $registerIDX)->where('email', $email)->execute(); $status = $this->sendVerifyEmail($registerIDX, $email); $results->success = true; $results->message = $this->getLanguage('verifyEmail/sending'); } else { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/sending'); } } } } else { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } } if ($action == 'photoEdit') { $templet = Request('templet'); if ($this->isLogged() == true) { $results->success = true; $results->modalHtml = $this->getPhotoEdit($templet); $results->photo = $this->getMember()->photo; } else { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } } if ($action == 'photoUpload') { $photo = Request('photo'); if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } else { if (preg_match('/^data:image\\/(.*?);base64,(.*?)$/', $photo, $match) == true) { $bytes = base64_decode($match[2]); file_put_contents($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $bytes); $this->IM->getModule('attachment')->createThumbnail($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', 250, 250, false, 'jpg'); $results->success = true; $results->message = $this->getLanguage('photoEdit/success'); } else { $results->success = false; $results->message = $this->getLanguage('photoEdit/error'); } } } if ($action == 'modifyEmail') { $confirm = Request('confirm'); if ($confirm == 'TRUE') { $email = Request('email'); $code = Request('code'); $check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne(); if ($check == null || $check->code != $code) { $results->success = false; $results->errors = array('code' => $this->getLanguage('modifyEmail/help/code/error')); } else { $this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $this->getLogged())->where('email', $email)->execute(); $this->db()->update($this->table->member, array('email' => $email))->where('idx', $this->getLogged())->execute(); $results->success = true; $results->message = $this->getLanguage('modifyEmail/success'); } } else { $templet = Request('templet'); if ($this->isLogged() == true) { $results->success = true; $results->modalHtml = $this->getModifyEmail($templet); } else { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } } } if ($action == 'modify') { $step = Request('step'); if ($step == 'verify') { $member = $this->getMember(); $password = Request('password'); $mHash = new Hash(); if ($mHash->password_validate($password, $member->password) == true) { $results->success = true; $results->password = Encoder($password); } else { $results->success = false; $results->errors = array('password' => $this->getLanguage('verify/help/password/error')); } } if ($step == 'modify') { $errors = array(); $values->name = Request('name') ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error')); $values->nickname = Request('nickname') ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error')); if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLangauge('error/notLogged'); } elseif (count($errors) == 0) { $insert = array(); $insert['name'] = $values->name; $insert['nickname'] = $values->nickname; $this->db()->update($this->table->member, $insert)->where('idx', $this->getLogged())->execute(); $results->success = true; $results->message = $this->getLanguage('modify/success'); } else { $results->success = false; $results->errors = $errors; } } } if ($action == 'password') { $errors = array(); $password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error')); if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) { $errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error'); } if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLangauge('error/notLogged'); } else { $mHash = new Hash(); if (strlen($this->getMember()->password) == 65) { $old_password = Request('old_password'); if ($old_password == '' || $mHash->password_validate($old_password, $this->getMember()->password) == false) { $errors['old_password'] = $this->getLanguage('password/help/old_password/error'); } } if (count($errors) == 0) { $password = $mHash->password_hash($password); $this->db()->update($this->table->member, array('password' => $password))->where('idx', $this->getLogged())->execute(); $results->success = true; $results->message = $this->getLanguage('password/success'); } else { $results->success = false; $results->errors = $errors; } } } if ($action == 'facebook') { $OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne(); if ($OAUTH == null) { $this->IM->printError('OAUTH_DOMAIN_ERROR'); } $CLIENT_ID = $OAUTH->client_id; $CLIENT_SECRET = $OAUTH->client_secret; $AUTH_URL = 'https://graph.facebook.com/oauth/authorize'; $TOKEN_URL = 'https://graph.facebook.com/oauth/access_token'; if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } $facebook = new OAuthClient(); $facebook->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('public_profile,email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($facebook->authenticate($_GET['code']) == true) { $redirectUrl = $facebook->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($facebook->getAccessToken() == null) { $authUrl = $facebook->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $facebook->get('https://graph.facebook.com/me', array('fields' => 'id,email,name')); if ($data === false || empty($data->email) == true) { $this->IM->printError('OAUTH_API_ERROR'); } $accessToken = $facebook->getAccessToken(); $refreshToken = $facebook->getRefreshToken() == null ? '' : $facebook->getRefreshToken(); $this->socialLogin('facebook', $data->id, $data->name, $data->email, 'https://graph.facebook.com/' . $data->id . '/picture?width=250&height=250', $accessToken, $refreshToken); } if ($action == 'google') { $OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne(); if ($OAUTH == null) { $this->IM->printError('OAUTH_DOMAIN_ERROR'); } $CLIENT_ID = $OAUTH->client_id; $CLIENT_SECRET = $OAUTH->client_secret; $AUTH_URL = 'https://accounts.google.com/o/oauth2/auth'; $TOKEN_URL = 'https://accounts.google.com/o/oauth2/token'; if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } $google = new OAuthClient(); $google->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($google->authenticate($_GET['code']) == true) { $redirectUrl = $google->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($google->getAccessToken() == null) { $authUrl = $google->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $google->get('https://www.googleapis.com/plus/v1/people/me'); if ($data === false || empty($data->emails) == true) { $this->IM->printError('OAUTH_API_ERROR'); } for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) { if ($data->emails[$i]->type == 'account') { $data->email = $data->emails[$i]->value; break; } } $data->photo = str_replace('sz=50', 'sz=250', $data->image->url); $accessToken = $google->getAccessToken(); $refreshToken = $google->getRefreshToken() == null ? '' : $google->getRefreshToken(); $this->socialLogin('google', $data->id, $data->displayName, $data->email, $data->photo, $accessToken, $refreshToken); } if ($action == 'youtube') { $OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne(); if ($OAUTH == null) { $this->IM->printError('OAUTH_DOMAIN_ERROR'); } $CLIENT_ID = $OAUTH->client_id; $CLIENT_SECRET = $OAUTH->client_secret; $AUTH_URL = 'https://accounts.google.com/o/oauth2/auth'; $TOKEN_URL = 'https://accounts.google.com/o/oauth2/token'; if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } if ($this->isLogged() == false) { die($this->getError('NOT_LOGGED')); } $youtube = new OAuthClient(); $youtube->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/youtube.upload https://www.googleapis.com/auth/youtubepartner https://www.googleapis.com/auth/youtube.force-ssl')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($youtube->authenticate($_GET['code']) == true) { $redirectUrl = $youtube->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($youtube->getAccessToken() == null) { $authUrl = $youtube->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $youtube->get('https://www.googleapis.com/plus/v1/people/me'); if ($data === false || empty($data->emails) == true) { $this->IM->printError('OAUTH_API_ERROR'); } for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) { if ($data->emails[$i]->type == 'account') { $data->email = $data->emails[$i]->value; break; } } $accessToken = $youtube->getAccessToken(); $refreshToken = $youtube->getRefreshToken() == null ? '' : $youtube->getRefreshToken(); $check = $this->db()->select($this->table->social_token)->where('midx', $this->getLogged())->where('code', 'youtube')->getOne(); if ($check == null) { $this->db()->insert($this->table->social_token, array('midx' => $this->getLogged(), 'code' => 'youtube', 'user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->execute(); } else { $this->db()->update($this->table->social_token, array('user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->where('midx', $this->getLogged())->where('code', 'youtube')->execute(); } unset($_SESSION['OAUTH_ACCESS_TOKEN']); unset($_SESSION['OAUTH_REFRESH_TOKEN']); $redirectUrl = Request('SOCIAL_REDIRECT_URL', 'session') != null ? Request('SOCIAL_REDIRECT_URL', 'session') : '/'; unset($_SESSION['SOCIAL_REDIRECT_URL']); header('location:' . $redirectUrl); } if ($action == 'github') { $OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne(); if ($OAUTH == null) { $this->IM->printError('OAUTH_DOMAIN_ERROR'); } $CLIENT_ID = $OAUTH->client_id; $CLIENT_SECRET = $OAUTH->client_secret; $AUTH_URL = 'https://github.com/login/oauth/authorize'; $TOKEN_URL = 'https://github.com/login/oauth/access_token'; if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } $github = new OAuthClient(); $github->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setAuthUrl($AUTH_URL)->setScope('user')->setAccessType('offline')->setUserAgent('Awesome-Octocat-App')->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($github->authenticate($_GET['code']) == true) { $redirectUrl = $github->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($github->getAccessToken() == null) { $authUrl = $github->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $github->get('https://api.github.com/user'); if ($data === false || empty($data->email) == true) { $this->IM->printError('OAUTH_API_ERROR'); } $accessToken = $github->getAccessToken(); $refreshToken = $github->getRefreshToken() == null ? '' : $github->getRefreshToken(); $this->socialLogin('github', $data->id, $data->name, $data->email, $data->avatar_url, $accessToken, $refreshToken); } $this->IM->fireEvent('afterDoProcess', 'member', $action, $values, $results); return $results; }
$consumer = new OAuthConsumer($ECC_CONSUMER_KEY, $ECC_CONSUMER_SECRET, $APP_CALLBACK_URL); if (isset($_GET['logout'])) { /* Remove session variables. Useful mostly for the demo */ unset($_SESSION['request_token']); unset($_SESSION['access_token']); header('Location: ' . $APP_CALLBACK_URL); die; } /* Do we have an access token? if not, we need to get one */ if (!isset($_SESSION['access_token'])) { /* Construct api */ $api = new OAuthClient(new EccServiceProvider(), $consumer); /* Two possible conditions: either we're returning from the authorize request or not */ /* Callback from authorize? */ if (!(isset($_SESSION['request_token']) && isset($_GET['oauth_verifier']))) { /* No, we have no access token, we need to get one by generating a request token then asking the user to authorize it */ /* Get request token */ $request_token = $api->getRequestToken($ECC_ACCESS, $APP_CALLBACK_URL); #print_r($request_token); # Useful if you're not sure you've got one $_SESSION['request_token'] = serialize($request_token); /* Redirect user to authorize URL (in this case, it'll be somewhere on entrecredits.com) */ header("Location: " . $api->getAuthorizeUrl($request_token));
/** * ask linkedin for an access token * * @author Matthias Pfefferle * @param string $pTokenKey */ public function getAccessToken($pOAuthToken) { $lAccessToken = OAuthClient::getAccessToken($this->getConsumer(), "https://api.linkedin.com/uas/oauth/accessToken", $pOAuthToken, "GET", array("oauth_verifier" => $pOAuthToken->verifier)); return $lAccessToken; }
<?php session_start(); require_once '../OAuthClient.class.php'; $CLIENT_ID = 'b3f954eccc5378afbacf'; $CLIENT_SECRET = '4507787bbac2f89382c5b29dc07017bbc776c218'; $AUTH_URL = 'https://github.com/login/oauth/authorize'; $TOKEN_URL = 'https://github.com/login/oauth/access_token'; $github = new OAuthClient(); $github->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setAuthUrl($AUTH_URL)->setScope('user')->setUserAgent('Awesome-Octocat-App')->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($github->authenticate($_GET['code']) == true) { $redirectUrl = $github->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($github->getAccessToken() == null) { $authUrl = $github->getAuthenticationUrl(); header('location:' . $authUrl); exit; } ?> <html lang="ko"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=1000"> <title>SimpleOAuth2Client Examples - GitHub</title> </head> <body> <pre>
function getWriteTypeContext($parent, $type) { ob_start(); $type = Request('type'); $parent = Request('parent'); $subject = $this->getSubject($parent); $lms = $this->getLms($subject->lid); $templetPath = $lms->templetPath; $templetDir = $lms->templetDir; if ($type == 'video') { $token = $this->IM->getModule('member')->getSocialAuth('youtube'); if ($token == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = '/class/all/write?parent=' . $parent . '&type=video'; $message = '우리는 유튜브를 사용합니다.<br>유튜브 계정연결이 필요합니다. <a href="/process/member/youtube">이곳을 눌러 유튜브 계정을 연동하여 주십시오.</a>'; return $message; } else { $youtube = new OAuthClient(); $youtube->setClientId($this->youtube->client_id)->setClientSecret($this->youtube->client_secret)->setScope('https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/youtube.upload https://www.googleapis.com/auth/youtubepartner https://www.googleapis.com/auth/youtube.force-ssl')->setRefreshToken($token->refresh_token)->setAuthUrl($this->youtube->auth_url)->setTokenUrl($this->youtube->token_url); // echo $youtube->getAccessToken(); echo '<input type="hidden" name="access_token" value="' . $youtube->getAccessToken() . '">' . PHP_EOL; } } if (file_exists($this->Module->getPath() . '/scripts/lms.' . $type . '.js') == true) { $this->IM->addSiteHeader('script', $this->Module->getDir() . '/scripts/lms.' . $type . '.js'); } $default = new stdClass(); $idx = Request('idx'); if ($idx !== null) { $post = $this->getPost($idx); if ($post == null) { header("HTTP/1.1 404 Not Found"); return $this->getError($this->getLangauge('error/notFound')); } if ($this->checkPermission('post_modify') == false && $post->midx != $this->IM->getModule('member')->getLogged()) { header("HTTP/1.1 403 Forfidden"); return $this->getError($this->getLanguage('error/forbidden')); } if ($lms->use_label != 'NONE') { $post->labels = $this->db()->select($this->table->class_label)->where('idx', $post->idx)->get(); for ($i = 0, $loop = count($post->labels); $i < $loop; $i++) { $post->labels[$i] = $post->labels[$i]->label; } } else { $post->labels = array(); } $post->content = $this->getArticleContent($post->content); $post->attachments = $this->db()->select($this->table->attachment)->where('parent', $idx)->where('type', 'POST')->get(); for ($i = 0, $loop = count($post->attachments); $i < $loop; $i++) { $post->attachments[$i] = $post->attachments[$i]->idx; } } else { if (isset($config->label) == true) { $default->label = $config->label; } $post = null; } $IM = $this->IM; $Module = $this; if (file_exists($templetPath . '/write.' . $type . '.php') == true) { include $templetPath . '/write.' . $type . '.php'; } $context = ob_get_contents(); ob_end_clean(); return $context; }
function getAccessTokenProxy($consumerKey, $consumerSecret, $requestToken, $verifier) { global $YahooConfig; $request_url = sprintf("https://%s/oauth/v2/get_token", $YahooConfig["OAUTH_HOSTNAME"]); $consumer = new OAuthConsumer($consumerKey, $consumerSecret); $parameters = array(); if(!$requestToken){ return false; } if(property_exists($requestToken, "sessionHandle")) { $parameters["oauth_session_handle"] = $requestToken->sessionHandle; } if(!is_null($verifier)) { $parameters["oauth_verifier"] = $verifier; } $client = new OAuthClient($consumer, $requestToken, OAUTH_PARAMS_IN_POST_BODY); $response = $client->post($request_url, "application/x-www-form-urlencoded", $parameters); if(is_null($response)) { YahooLogger::error("OAuth call to get access token failed"); return NULL; } parse_str($response["responseBody"], $token); if($response["code"] != 200) { YahooLogger::error("Failed to fetch access token: " . $token["oauth_problem"]); return NULL; } $now = time(); $accessToken = new stdclass(); $accessToken->key = $token["oauth_token"]; $accessToken->secret = $token["oauth_token_secret"]; $accessToken->guid = $token["xoauth_yahoo_guid"]; $accessToken->consumer = $consumerKey; $accessToken->sessionHandle = $token["oauth_session_handle"]; // Check to see if the access token ever expires. YahooLogger::debug('AT expires in '.$token['oauth_expires_in'].'; ASH expires in '.$token["oauth_authorization_expires_in"]); if(array_key_exists("oauth_expires_in", $token)) { $accessToken->tokenExpires = $now + $token["oauth_expires_in"]; } else { $accessToken->tokenExpires = -1; } // Check to see if the access session handle ever expires. if(array_key_exists("oauth_authorization_expires_in", $token)) { $accessToken->handleExpires = $now + $token["oauth_authorization_expires_in"]; } else { $accessToken->handleExpires = -1; } return $accessToken; }
require 'secure.inc'; $storage = new Netdb($netdbUid, $netdbSecret); $storageKey = 'yahoo-' . $input['consumerKey']; $response = $storage->get($storageKey); $value = json_decode($response->value); // session store interface defined in Yahoo! SDK $yahooSdkSessionStore = new CustomSessionStore($storage, $storageKey); //use oauth consumer to sign request for access token $consumer = new OAuthConsumer($value->consumerKey, $value->consumerSecret); //format request token as expected by oauth lib $requestToken = new stdclass(); $requestToken->key = $input['requestToken']; //ref: http://step2.googlecode.com/svn/spec/openid_oauth_extension/latest/openid_oauth_extension.html#AuthTokenReq $requestToken->secret = ''; //client defined in Yahoo! SDK $client = new OAuthClient($consumer, $requestToken, OAUTH_PARAMS_IN_POST_BODY); //$YahooConfig["OAUTH_HOSTNAME"] defined in Yahoo! SDK $uri = sprintf("https://%s/oauth/v2/get_token", $YahooConfig["OAUTH_HOSTNAME"]); $response = $client->post($uri); parse_str($response["responseBody"], $params); $now = time(); $accessToken = new stdclass(); //note: key is oauth access token. //kludge: suspecting php bug - 1st array elem inaccesible by key. $accessToken->key = array_shift($params); $accessToken->secret = $params["oauth_token_secret"]; $accessToken->guid = $params["xoauth_yahoo_guid"]; //note: consumer is the app key $accessToken->consumer = $value->consumerKey; $accessToken->sessionHandle = $params["oauth_session_handle"]; // Check to see if the access token ever expires.
<title>Callback Landing Page</title> </head> <body> <?php require_once 'OAuth\\AppConfig.php'; require_once 'OAuth\\OAuthClient.php'; // THIS ONLY APPLIES FOR 3rd PARTY APPLICATIONS // Get the "authenticated" request token here. The Service provider will append this token to the query string when // redirecting the user's browser to the Callback page $oauth_token = $_GET["oauth_token"]; // The is the token secret which you got when you requested the request_token // You should get this because you appended this token secret when you got redirected to the // Service Provider's login screen $token_secret = $_GET["oauth_token_secret"]; print 'oauth_token is: ' . $oauth_token . ", oauth_token_secret: " . $token_secret . '<br/>'; $apiConsumer = new OAuthClient(AppConfig::$base_url, AppConfig::$consumer_key, AppConfig::$consumer_secret); $success = $apiConsumer->getAccessToken($oauth_token, $token_secret); $access_token = $apiConsumer->getToken(); $token_secret = $apiConsumer->getTokenSecret(); print "Access token: " . $access_token . ", Token Secret: " . $token_secret . '<br/>'; // STORE THE ACCESS TOKEN AND TOKEN SECRET HERE // This may be database or session or some other mechanism based on what you choose // If we get the access token successfully, the response header includes the url to get the authenticated user. $responseHeaders = $apiConsumer->getResponseHeader(); print "Response Header: " . implode("<br/>", $responseHeaders); // Iterate over the response headers to find the current logged in person foreach ($responseHeaders as $val) { $start = 'Content-Location:'; $contentLocation = substr($val, 0, 17); if ($contentLocation == $start) { $personLocation = str_replace($start, "", $val);
function doProcess($action) { $results = new stdClass(); $values = new stdClass(); if ($action == 'check') { $name = Request('name'); $value = Request('value'); if ($name == 'email') { if (CheckEmail($value) == true) { if ($this->db()->select($this->table->member)->where('email', $value)->has() == true) { $results->success = false; $results->message = $this->getLanguage('signup/help/email/duplicated'); } else { $results->success = true; } } else { $results->success = false; $results->message = $this->getLanguage('signup/help/email/error'); } } if ($name == 'name') { if (strlen($value) > 0) { $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('signup/help/name/error'); } } if ($name == 'nickname') { if (CheckNickname($value) == true) { if ($this->db()->select($this->table->member)->where('nickname', $value)->where('idx', $this->getLogged(), '!=')->has() == true) { $results->success = false; $results->message = $this->getLanguage('signup/help/nickname/duplicated'); } else { $results->success = true; } } else { $results->success = false; $results->message = $this->getLanguage('signup/help/nickname/error'); } } if ($name == 'old_password') { if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } else { $mHash = new Hash(); if ($mHash->password_validate($value, $this->getMember()->password) == true) { $results->success = true; $results->message = $this->getLanguage('password/help/old_password/success'); } else { $results->success = false; $results->message = $this->getLanguage('password/help/old_password/error'); } } } } if ($action == 'forceLogin') { $code = Decoder(Request('code')); if ($code === false) { $results->success = false; $results->message = $this->getLanguage('error/invalidCode'); } else { $data = json_decode($code); if ($data != null && $data->ip == $_SERVER['REMOTE_ADDR']) { $this->login($data->idx); $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('error/invalidCode'); } } } if ($action == 'login') { $mHash = new Hash(); $email = Request('email'); $password = Request('password'); $results->errors = array(); $loginFail = Request('loginFail', 'session') != null && is_array(Request('loginFail', 'session')) == true ? Request('loginFail', 'session') : array('count' => 0, 'time' => 0); if ($loginFail['time'] > time()) { $results->success = false; $results->message = $this->getLanguage('login/error/login'); } else { $check = $this->db()->select($this->table->member)->where('email', $email)->getOne(); if ($check == null) { $results->success = false; $results->errors['email'] = $this->getLanguage('login/error/email'); $loginFail['count']++; if ($loginFail['count'] == 5) { $loginFail['count'] = 0; $loginFail['time'] = time() + 60 * 60 * 5; } $values->email = $email; $values->password = $password; } elseif ($mHash->password_validate($password, $check->password) == false) { $results->success = false; $results->errors['password'] = $this->getLanguage('login/error/password'); $loginFail['count']++; if ($loginFail['count'] == 5) { $loginFail['count'] = 0; $loginFail['time'] = time() + 60 * 60 * 5; } $values->email = $email; $values->password = $password; } else { if ($check->status == 'ACTIVE') { $this->db()->update($this->table->member, array('last_login' => time()))->where('idx', $check->idx)->execute(); $this->login($check->idx); $results->success = true; } elseif ($check->status == 'VERIFYING') { $_SESSION['MEMBER_REGISTER_IDX'] = Encoder($check->idx); $page = $this->getMemberPage('signup'); $results->success = false; $results->redirect = $this->IM->getUrl($page->menu, $page->page, 'verify'); } else { $results->success = false; $results->message = $this->getLanguage('error/' . $check->status); } } } $_SESSION['loginFail'] = $loginFail; } if ($action == 'logout') { unset($_SESSION['MEMBER_LOGGED']); $results->success = true; } if ($action == 'cert') { $results->success = true; } if ($action == 'signup') { $errors = array(); $email = CheckEmail(Request('email')) == true ? Request('email') : ($errors['email'] = $this->getLanguage('signup/help/email/error')); $password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error')); if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) { $errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error'); } $name = CheckNickname(Request('name')) == true ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error')); $nickname = CheckNickname(Request('nickname')) == true ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error')); if ($this->db()->select($this->table->member)->where('email', $email)->has() == true) { $errors['email'] = $this->getLanguage('signup/help/email/duplicated'); } if ($this->db()->select($this->table->member)->where('nickname', $nickname)->has() == true) { $errors['nickname'] = $this->getLanguage('signup/help/nickname/duplicated'); } if (empty($errors) == true) { $mHash = new Hash(); $insert = array(); $insert['gidx'] = Request('registerGIDX', 'session'); $insert['email'] = $email; $insert['password'] = $mHash->password_hash($password); $insert['name'] = $name; $insert['nickname'] = $nickname; $insert['status'] = 'VERIFYING'; $idx = $this->db()->insert($this->table->member, $insert)->execute(); if ($idx !== false) { $results->success = true; $_SESSION['MEMBER_REGISTER_IDX'] = Encoder($idx); $this->sendVerifyEmail($idx); unset($_SESSION['registerGIDX']); } else { $results->success = false; } } else { $results->success = false; $results->errors = $errors; } } if ($action == 'verifyEmail') { $registerIDX = Request('registerIDX'); if ($registerIDX == null) { $results->success = false; } else { $email = Request('email'); $email_verify_code = Request('email_verify_code'); $check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne(); if ($check == null) { $results->success = false; $results->errors = array('email' => $this->getLanguage('verifyEmail/help/email/notFound')); } elseif ($check->code == $email_verify_code) { $this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $registerIDX)->where('email', $email)->execute(); $this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute(); $results->success = true; } else { $results->success = false; $results->errors = array('email_verify_code' => $this->getLanguage('verifyEmail/help/email_verify_code/error')); } } } if ($action == 'sendVerifyEmail') { $registerIDX = Request('registerIDX'); $email = Request('email'); if ($this->isLogged() == true) { if (CheckEmail($email) == false) { $results->success = false; $results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/error')); } elseif ($this->db()->select($this->table->member)->where('email', $email)->count() == 1) { $results->success = false; $results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/duplicated')); } else { $check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne(); if ($check == null || $check->status != 'SENDING' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) { $this->db()->delete($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->execute(); $status = $this->sendVerifyEmail($this->getLogged(), $email); $results->success = true; $results->message = $this->getLanguage('verifyEmail/sending'); } else { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/sending'); } } } elseif ($registerIDX != null) { $member = $this->db()->select($this->table->member)->where('idx', $registerIDX)->getOne(); if ($member == null || $member->status != 'VERIFYING') { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/target'); } else { if (CheckEmail($email) == false) { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/email'); } else { $check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne(); if ($check->status == 'VERIFIED') { $signupPage = $this->getMemberPage('signup'); $results->success = true; $this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute(); $results->redirect = $this->IM->getUrl($signupPage->menu, $signupPage->page, 'complete'); } elseif ($check == null || $check->status == 'CANCELED' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) { $this->db()->delete($this->table->email)->where('midx', $registerIDX)->where('email', $email)->execute(); $status = $this->sendVerifyEmail($registerIDX, $email); $results->success = true; $results->message = $this->getLanguage('verifyEmail/sending'); } else { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/sending'); } } } } else { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } } if ($action == 'photoEdit') { $templet = Request('templet'); if ($this->isLogged() == true) { $results->success = true; $results->modalHtml = $this->getPhotoEdit($templet); $results->photo = $this->getMember()->photo; } else { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } } if ($action == 'photoUpload') { $photo = Request('photo'); if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } else { if (preg_match('/^data:image\\/(.*?);base64,(.*?)$/', $photo, $match) == true) { $bytes = base64_decode($match[2]); file_put_contents($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $bytes); $this->IM->getModule('attachment')->createThumbnail($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', 250, 250, false, 'jpg'); $results->success = true; $results->message = $this->getLanguage('photoEdit/success'); } else { $results->success = false; $results->message = $this->getLanguage('photoEdit/error'); } } } if ($action == 'modifyEmail') { $confirm = Request('confirm'); if ($confirm == 'TRUE') { $email = Request('email'); $code = Request('code'); $check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne(); if ($check == null || $check->code != $code) { $results->success = false; $results->errors = array('code' => $this->getLanguage('modifyEmail/help/code/error')); } else { $this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $this->getLogged())->where('email', $email)->execute(); $this->db()->update($this->table->member, array('email' => $email))->where('idx', $this->getLogged())->execute(); $results->success = true; $results->message = $this->getLanguage('modifyEmail/success'); } } else { $templet = Request('templet'); if ($this->isLogged() == true) { $results->success = true; $results->modalHtml = $this->getModifyEmail($templet); } else { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } } } if ($action == 'modify') { $step = Request('step'); if ($step == 'verify') { $member = $this->getMember(); $password = Request('password'); $mHash = new Hash(); if ($mHash->password_validate($password, $member->password) == true) { $results->success = true; $results->password = Encoder($password); } else { $results->success = false; $results->errors = array('password' => $this->getLanguage('verify/help/password/error')); } } if ($step == 'modify') { $errors = array(); $values->name = Request('name') ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error')); $values->nickname = Request('nickname') ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error')); if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLangauge('error/notLogged'); } elseif (count($errors) == 0) { $insert = array(); $insert['name'] = $values->name; $insert['nickname'] = $values->nickname; $this->db()->update($this->table->member, $insert)->where('idx', $this->getLogged())->execute(); $results->success = true; $results->message = $this->getLanguage('modify/success'); } else { $results->success = false; $results->errors = $errors; } } } if ($action == 'password') { $errors = array(); $password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error')); if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) { $errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error'); } if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLangauge('error/notLogged'); } else { $mHash = new Hash(); if (strlen($this->getMember()->password) == 65) { $old_password = Request('old_password'); if ($old_password == '' || $mHash->password_validate($old_password, $this->getMember()->password) == false) { $errors['old_password'] = $this->getLanguage('password/help/old_password/error'); } } if (count($errors) == 0) { $password = $mHash->password_hash($password); $this->db()->update($this->table->member, array('password' => $password))->where('idx', $this->getLogged())->execute(); $results->success = true; $results->message = $this->getLanguage('password/success'); } else { $results->success = false; $results->errors = $errors; } } } if ($action == 'facebook') { if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } if ($this->IM->domain == 'www.arzz.com') { $CLIENT_ID = '985851538105124'; $CLIENT_SECRET = 'c6b74ae32d4786b440bb878c46ee2998'; } elseif ($this->IM->domain == 'www.minitalk.kr') { $CLIENT_ID = '418845248317025'; $CLIENT_SECRET = '5850c198f8f4b0b254a53ae7f9049600'; } else { $CLIENT_ID = '985851538105124'; $CLIENT_SECRET = 'c6b74ae32d4786b440bb878c46ee2998'; } $AUTH_URL = 'https://graph.facebook.com/oauth/authorize'; $TOKEN_URL = 'https://graph.facebook.com/oauth/access_token'; $facebook = new OAuthClient(); $facebook->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('public_profile,email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($facebook->authenticate($_GET['code']) == true) { $redirectUrl = $facebook->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($facebook->getAccessToken() == null) { $authUrl = $facebook->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $facebook->get('https://graph.facebook.com/me', array('fields' => 'id,email,name')); if ($data === false || empty($data->email) == true) { $this->IM->printError('API ERROR'); } $accessToken = $facebook->getAccessToken(); $refreshToken = $facebook->getRefreshToken() == null ? '' : $facebook->getRefreshToken(); $this->socialLogin('facebook', $data->id, $data->name, $data->email, 'https://graph.facebook.com/' . $data->id . '/picture?width=250&height=250', $accessToken, $refreshToken); } if ($action == 'google') { if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } if ($this->IM->domain == 'www.arzz.com') { $CLIENT_ID = '367657130146-m9ojilvf3kbsv6j24uieartls0ols8t8.apps.googleusercontent.com'; $CLIENT_SECRET = 'GVgWL29VdBiSQIuRTlL5RZDc'; } elseif ($this->IM->domain == 'www.minitalk.kr') { $CLIENT_ID = '476101389490-mug55vcsit7af2sd095m3c8fhd3agssu.apps.googleusercontent.com'; $CLIENT_SECRET = 'CJKMFEkaWkiasXWIj42WY4HU'; } else { $CLIENT_ID = '995059916144-2odfvfoh0h18fhfsid1lh25d1vpunm5n.apps.googleusercontent.com'; $CLIENT_SECRET = 'A3G-GgF_2rsWXUuvmU1hPLOv'; } $AUTH_URL = 'https://accounts.google.com/o/oauth2/auth'; $TOKEN_URL = 'https://accounts.google.com/o/oauth2/token'; $google = new OAuthClient(); $google->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($google->authenticate($_GET['code']) == true) { $redirectUrl = $google->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($google->getAccessToken() == null) { $authUrl = $google->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $google->get('https://www.googleapis.com/plus/v1/people/me'); if ($data === false || empty($data->emails) == true) { $this->IM->printError('API ERROR'); } for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) { if ($data->emails[$i]->type == 'account') { $data->email = $data->emails[$i]->value; break; } } $data->photo = str_replace('sz=50', 'sz=250', $data->image->url); $accessToken = $google->getAccessToken(); $refreshToken = $google->getRefreshToken() == null ? '' : $google->getRefreshToken(); $this->socialLogin('google', $data->id, $data->displayName, $data->email, $data->photo, $accessToken, $refreshToken); } if ($action == 'youtube') { if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } if ($this->isLogged() == false) { die($this->getError('NOT_LOGGED')); } $CLIENT_ID = '995059916144-2odfvfoh0h18fhfsid1lh25d1vpunm5n.apps.googleusercontent.com'; $CLIENT_SECRET = 'A3G-GgF_2rsWXUuvmU1hPLOv'; $AUTH_URL = 'https://accounts.google.com/o/oauth2/auth'; $TOKEN_URL = 'https://accounts.google.com/o/oauth2/token'; $youtube = new OAuthClient(); $youtube->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/youtube.upload https://www.googleapis.com/auth/youtubepartner https://www.googleapis.com/auth/youtube.force-ssl')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($youtube->authenticate($_GET['code']) == true) { $redirectUrl = $youtube->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($youtube->getAccessToken() == null) { $authUrl = $youtube->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $youtube->get('https://www.googleapis.com/plus/v1/people/me'); if ($data === false || empty($data->emails) == true) { $this->IM->printError('API ERROR'); } for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) { if ($data->emails[$i]->type == 'account') { $data->email = $data->emails[$i]->value; break; } } $accessToken = $youtube->getAccessToken(); $refreshToken = $youtube->getRefreshToken() == null ? '' : $youtube->getRefreshToken(); $check = $this->db()->select($this->table->social)->where('midx', $this->getLogged())->where('code', 'youtube')->getOne(); if ($check == null) { $this->db()->insert($this->table->social, array('midx' => $this->getLogged(), 'code' => 'youtube', 'user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->execute(); } else { $this->db()->update($this->table->social, array('user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->where('midx', $this->getLogged())->where('code', 'youtube')->execute(); } unset($_SESSION['OAUTH_ACCESS_TOKEN']); unset($_SESSION['OAUTH_REFRESH_TOKEN']); $redirectUrl = Request('SOCIAL_REDIRECT_URL', 'session') != null ? Request('SOCIAL_REDIRECT_URL', 'session') : '/'; unset($_SESSION['SOCIAL_REDIRECT_URL']); header('location:' . $redirectUrl); } if ($action == 'github') { if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } if ($this->IM->domain == 'www.arzz.com') { $CLIENT_ID = 'b3f954eccc5378afbacf'; $CLIENT_SECRET = '4507787bbac2f89382c5b29dc07017bbc776c218'; } elseif ($this->IM->domain == 'www.minitalk.kr') { $CLIENT_ID = 'a5b5c360b237ed9de0c7'; $CLIENT_SECRET = '0f5e658a0d05f83ee918da13cfe070ff5bc42e60'; } else { $CLIENT_ID = 'b3f954eccc5378afbacf'; $CLIENT_SECRET = '4507787bbac2f89382c5b29dc07017bbc776c218'; } $AUTH_URL = 'https://github.com/login/oauth/authorize'; $TOKEN_URL = 'https://github.com/login/oauth/access_token'; $github = new OAuthClient(); $github->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setAuthUrl($AUTH_URL)->setScope('user')->setAccessType('offline')->setUserAgent('Awesome-Octocat-App')->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($github->authenticate($_GET['code']) == true) { $redirectUrl = $github->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($github->getAccessToken() == null) { $authUrl = $github->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $github->get('https://api.github.com/user'); if ($data === false || empty($data->email) == true) { $this->IM->printError('API ERROR'); } $accessToken = $github->getAccessToken(); $refreshToken = $github->getRefreshToken() == null ? '' : $github->getRefreshToken(); $this->socialLogin('github', $data->id, $data->name, $data->email, $data->avatar_url, $accessToken, $refreshToken); } $this->IM->fireEvent('afterDoProcess', 'member', $action, $values, $results); return $results; }
function __construct($consumer_key, $consumer_secret, $store = "MySQL", $user_id = 1, $extra_options = array()) { $this->user_id = $user_id; OAuthClient::storeInstance(OAuthClient::merge_options($consumer_key, $consumer_secret, $extra_options), $store); }
<?php include '../oauth.php'; include '../sql.php'; include '../file.php'; $extra_options = array('server' => 'localhost', 'database' => 'mydatabase', 'username' => 'myusername', 'password' => 'mypassword'); $user_id = 1; if (empty($_GET["oauth_token"])) { $url = OAuthClient::getAuthURL("myconsumerkey", "myconsumersecret", "MySQL", $user_id, "http://mydomain.com/samples/oauth_example.php", $extra_options); header($url); } else { $oauth_token = $_GET['oauth_token']; $verifier = $_GET['oauth_verifier']; OAuthClient::authorize("myconsumerkey", "myconsumersecret", $oauth_token, $verifier, "MySQL", $user_id, $extra_options); $oauthClient = new FTOAuthClient("myconsumerkey", "myconsumersecret", "MySQL", $user_id, $extra_options); echo $oauthClient->query(SQLBuilder::showTables()); echo $oauthClient->query(SQLBuilder::select(197026)); echo FileUploader::uploadCSV($oauthClient, "testcsv.csv"); }
function __construct($server, $consumerKey, $secret) { parent::__construct($consumerKey, $secret); $this->server = $server; }
/** * Fetches an access token from Twitter * * @param string $verifier 1.0a verifier * * @return OAuthToken $token the access token */ function getAccessToken($verifier = null) { return parent::getAccessToken(self::$accessTokenURL, $verifier); }
/** * ask tumblr for an access token * * @author Matthias Pfefferle * @param string $pTokenKey */ public function getAccessToken($pOAuthToken) { $lAccessToken = OAuthClient::getAccessToken($this->getConsumer(), "http://www.tumblr.com/oauth/access_token", $pOAuthToken, "GET", array("oauth_verifier" => $pOAuthToken->verifier)); return $lAccessToken; }
<?php require_once 'OAuth\\AppConfig.php'; require_once 'OAuth\\OAuthClient.php'; /********************Third party Aothentication**********************/ $apiConsumer = new OAuthClient(AppConfig::$base_url, AppConfig::$consumer_key, AppConfig::$consumer_secret); $data = $apiConsumer->authenticateUser(); /*********************2nd party authentication**************************/ $oauth_token = ""; $token_secret = ""; $username = ""; $password = ""; $apiConsumer = new OAuthClient(AppConfig::$base_url, AppConfig::$consumer_key, AppConfig::$consumer_secret); // 2nd party consumer skips getting the request token part // To authenticate the user and get the access token, the consumer posts the credentials to the service provider $requestURL = sprintf("%s%s", $apiConsumer->getBaseUrl(), AppConfig::$accesstoken_path); // SET the username and password $requestBody = Util::urlencode_rfc3986(base64_encode(sprintf("%s %s", $username, $password))); // This is important. If we dont set this, the post will be sent using Content-Type: application/x-www-form-urlencoded (curl will do this automatically) // Per OAuth specification, if the Content-Type is application/x-www-form-urlencoded, then all the post parameters also need to be part of the base signature string // To override this, we need to set Content-type to something other than application/x-www-form-urlencoded $getContentType = array("Accept: application/json", "Content-type: application/json"); $requestBody = $apiConsumer->postRequest($requestURL, $requestBody, $getContentType, 200); preg_match("~oauth_token\\=([^\\&]+)\\&oauth_token_secret\\=([^\\&]+)~i", $requestBody, $tokens); if (!isset($tokens[1]) || !isset($tokens[2])) { print 'Tokens are not set'; // Token are not set } $access_token = $tokens[1]; $token_secret = $tokens[2]; print 'Access Tokens: ' . $access_token . ', token secret: ' . $token_secret;
/** * ask twitter for an access token * * @author Matthias Pfefferle * @param string $pTokenKey */ public function getAccessToken($pOAuthToken) { $lAccessToken = OAuthClient::getAccessToken($this->getConsumer(), "http://api.yigg.local/oauth/1/access", $pOAuthToken, "GET", array("oauth_verifier" => $pOAuthToken->verifier)); return $lAccessToken; }
<?php session_start(); require_once '../OAuthClient.class.php'; $CLIENT_ID = '995059916144-2odfvfoh0h18fhfsid1lh25d1vpunm5n.apps.googleusercontent.com'; $CLIENT_SECRET = 'A3G-GgF_2rsWXUuvmU1hPLOv'; $AUTH_URL = 'https://accounts.google.com/o/oauth2/auth'; $TOKEN_URL = 'https://accounts.google.com/o/oauth2/token'; $google = new OAuthClient(); $google->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($google->authenticate($_GET['code']) == true) { $redirectUrl = $google->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($google->getAccessToken() == null) { $authUrl = $google->getAuthenticationUrl(); header('location:' . $authUrl); exit; } ?> <html lang="ko"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=1000"> <title>SimpleOAuth2Client Examples - Google</title> </head> <body> <pre>
public function relieveTencentOauth($request, $response) { /*{{{*/ DBC::requireTrue(false == $this->user->isNull() && $this->isSpaceLogin(), '你没有权限操作!'); $res = OAuthClient::getInstance()->relieveTencentOauth($this->space->id); if ($res) { $response->setRedirect($response->router->urlfor('webmessage/setuptencent')); } else { $this->message('解除关联失败', $response); } }