/**
* @param $redirect_url
* @return string|Facebook\GraphUser Login URL or GraphUser
*/
function connect($redirect_url)
{
FacebookSession::setDefaultApplication($this->appId, $this->appSecret);
$helper = new FacebookRedirectLoginHelper($redirect_url);
if (isset($_SESSION) && isset($_SESSION['fb_token'])) {
$session = new FacebookSession($_SESSION['fb_token']);
} else {
$session = $helper->getSessionFromRedirect();
}
if ($session) {
try {
$_SESSION['fb_token'] = $session->getToken();
$request = new FacebookRequest($session, 'GET', '/me');
$profile = $request->execute()->getGraphObject('Facebook\\GraphUser');
if ($profile->getEmail() === null) {
throw new \Exception('L\'email n\'est pas disponible');
}
return $profile;
} catch (\Exception $e) {
unset($_SESSION['fb_token']);
return $helper->getReRequestUrl(['email']);
}
} else {
return $helper->getLoginUrl(['email']);
}
}
public function testReRequestUrlContainsState()
{
$helper = new FacebookRedirectLoginHelper(self::REDIRECT_URL, FacebookTestCredentials::$appId, FacebookTestCredentials::$appSecret);
$helper->disableSessionStatusCheck();
$reRequestUrl = $helper->getReRequestUrl();
$state = $_SESSION['FBRLH_state'];
$this->assertContains('state=' . urlencode($state), $reRequestUrl);
}
function handle_rerequest_permission()
{
render_boilerplate();
// Simplification: always assume we are not logged in!
$helper = new FacebookRedirectLoginHelper(MY_URL . 'fb_callback/');
// We do want to publish to the user's wall!
$scope = array('publish_actions');
$fb_login_url = $helper->getReRequestUrl($scope);
Flight::render('rerequest_permission', array('fburl' => $fb_login_url));
}
/**
* @return string|Facebook\GraphUser Login URL or GraphUser
*/
public function connect()
{
$helper = new FacebookRedirectLoginHelper($this->redirectUrl);
if (isset($_SESSION) && isset($_SESSION['fb_token'])) {
$this->setSession(new FacebookSession($_SESSION['fb_token']));
} else {
$this->setSession($helper->getSessionFromRedirect());
}
if ($this->getSession()) {
try {
$_SESSION['fb_token'] = $this->getSession()->getToken();
$profile = $this->getUser();
if ($profile->getEmail() === null) {
throw new \Exception("L'email n'est pas disponible");
}
return $profile;
} catch (\Exception $e) {
unset($_SESSION['fb_token']);
return $helper->getReRequestUrl($this->scope);
}
} else {
return $helper->getLoginUrl($this->scope);
}
}
public function reRequest()
{
$helper = new FacebookRedirectLoginHelper("http://local.dev/projets/zoneroot/fbconnect/test.php");
echo '<a href="' . $helper->getReRequestUrl(['email']) . '">rerequest</a>';
}
/**
* Callback from Facebook.
*
* When user goes through the Facebook oAuth 2.0 process
* of login in, after he has logged into Facebook, he/she is redirected to this
* this action. Here he/she is authenticated to the system and if that works the user
* is logged in. If this does not work, the user is asked it this is his first time logging
* in via Facebook and if he/she is sure that he/she has an account.
*
* @return \Zend\Http\Response|ViewModel
* @throws \Exception
*/
public function callbackLoginFacebookAction()
{
//GET SERVER
// this check has to be done for instances where this
// is not run as an web-application
$server = isset($_SERVER['HTTP_HOST']) ? "http://" . $_SERVER['HTTP_HOST'] : 'http://0.0.0.0';
//FACEBOOK CONFIG
// get config and use it to cnfigure facebook session
// and login functionality
$config = $this->getServiceLocator()->get('Config');
FacebookSession::setDefaultApplication($config['facebook']['appId'], $config['facebook']['secret']);
//TODO should this be in a global space
//ERROR
$error = $this->params()->fromQuery('error');
if ($error == 'access_denied') {
return new ViewModel(['error' => 'access_denied']);
}
//KEY
// check if there is a query parameter called $key along
// for the ride. If so; then the user is trying to connect old account
// to Facebook.
$key = $this->params()->fromQuery('key');
//TODO validate this key
//CONNECTING OLD ACCOUNT
// if $key is present, then the callback from Facebook will contain it and
// we have to reflect it in the callback validation
$helper = new FacebookRedirectLoginHelper($key ? $server . AuthController::LOGIN_CALLBACK_FACEBOOK . '?key=' . $key : $server . AuthController::LOGIN_CALLBACK_FACEBOOK);
//LOGIN
// try to log in user
try {
//FACEBOOK OBJECT
// get user object/properties from facebook graph
$session = $helper->getSessionFromRedirect();
if (!$session) {
throw new \Exception("Facebook session was NULL, key[{$key}], url[{$helper->getReRequestUrl()}]");
}
$me = (new FacebookRequest($session, 'GET', '/me'))->execute()->getGraphObject(GraphUser::className())->asArray();
//CONNECT OLD ACCOUNT CUT-IN
// if $key is set, then the user is trying to connect old account to his
// Facebook. What we do here is to find the user based on the hash that we got
// back from facebook, then we inject the Facebook Auth-ID into his table just
// in time so that '$auth = new AuthenticationService();' line of code will pick
// it up and authenticate the user. This is just a little detour to quickly connect
// the user to a facebook account just before we authenticate him.
if ($key) {
$sm = $this->getServiceLocator();
$userService = $sm->get('Stjornvisi\\Service\\User');
/** @var $userService \Stjornvisi\Service\User */
if (($user = $userService->getByHash($key)) != null) {
$userService->setOauth($user->id, $me['id'], 'facebook', $me['gender']);
//USER NOT FOUND
// can't find the user based on hash
} else {
return new ViewModel(['error' => 'user_undefined']);
}
}
//AUTHENTICATE
// try to authenticate user against user database
$auth = new AuthenticationService();
$sm = $this->getServiceLocator();
$authAdapter = $sm->get('Stjornvisi\\Auth\\Facebook');
$authAdapter->setKey($me['id']);
$result = $auth->authenticate($authAdapter);
//VALID
// user has logged in before via Facebook
if ($result->isValid()) {
$sessionManager = new SessionManager();
$sessionManager->rememberMe(21600000);
//250 days
return $this->redirect()->toRoute('home');
//INVALID
// user hasn't logged in with facebook before. We have
// to initialize the connection process.
} else {
return new ViewModel(['error' => 'user_disconnected']);
}
//CAN'T LOGIN USER
// Facebook login library issues exception.
// Facebook returns an error
} catch (FacebookRequestException $ex) {
// When Facebook returns an error
return new ViewModel(['error' => $ex->getMessage()]);
//ERROR
// There was a more generic error
// When validation fails or other local issues
}
/*catch(\Exception $ex) {
return new ViewModel(array(
'error' => $ex->getMessage()
));
}*/
}
