/** * Clear all messages * * @param string $domain * @return void */ public function clear($domain) { Monster::bake($this->key($domain), $this->expires(0), array()); }
/** * Mark the overlay as having been viewed * * @return void */ public function _mark() { $this->view->setLayout('mark'); $member = $this->view->offering->member(User::get('id')); if ($member->get('first_visit') && $member->get('first_visit') != '0000-00-00 00:00:00') { return; } elseif (!$member->get('id')) { $cookie = \Hubzero\Utility\Cookie::eat('plugin.courses.guide'); if (!is_object($cookie) || !isset($cookie->first_visit)) { // Drop cookie $lifetime = time() + 365 * 24 * 60 * 60; \Hubzero\Utility\Cookie::bake('plugin.courses.guide', $lifetime, array('first_visit' => Date::toSql())); } } $member->set('first_visit', Date::toSql()); $member->store(); }
/** * This method should handle any authentication and report back to the subject * * @param array $credentials Array holding the user credentials * @param array $options Array of extra options * @param object $response Authentication response object * @return boolean */ public function onUserAuthenticate($credentials, $options, &$response) { // Set up the config for the sdk instance $config = array('appId' => $this->params->get('app_id'), 'secret' => $this->params->get('app_secret')); // Set defaults \Facebook\FacebookSession::setDefaultApplication($config['appId'], $config['secret']); $helper = new \Facebook\FacebookRedirectLoginHelper(self::getReturnUrl($options['return'], true)); try { $session = $helper->getSessionFromRedirect(); } catch (\Facebook\FacebookRequestException $ex) { // When Facebook returns an error } catch (\Exception $ex) { // When validation fails or other local issues } // Make sure we have a user_id (facebook returns 0 for a non-logged in user) if (isset($user_id) && $user_id > 0 || isset($session) && $session) { try { $request = new \Facebook\FacebookRequest($session, 'GET', '/me'); $user_profile = $request->execute()->getGraphObject(\Facebook\GraphUser::className()); $id = $user_profile->getId(); $fullname = $user_profile->getName(); $email = $user_profile->getProperty('email'); $username = $user_profile->getProperty('username'); } catch (\Facebook\FacebookRequestException $e) { // Error message? $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_FACEBOOK_ERROR_RETRIEVING_PROFILE', $e->getMessage()); return; } // Create the hubzero auth link $method = Component::params('com_users')->get('allowUserRegistration', false) ? 'find_or_create' : 'find'; $hzal = \Hubzero\Auth\Link::$method('authentication', 'facebook', null, $id); if ($hzal === false) { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_FACEBOOK_UNKNOWN_USER'); return; } $hzal->email = $email; // Set response variables $response->auth_link = $hzal; $response->type = 'facebook'; $response->status = \Hubzero\Auth\Status::SUCCESS; $response->fullname = $fullname; if (!empty($hzal->user_id)) { $user = User::getInstance($hzal->user_id); $response->username = $user->username; $response->email = $user->email; $response->fullname = $user->name; } else { $response->username = '******' . $hzal->id; $response->email = $response->username . '@invalid'; // Also set a suggested username for their hub account $sub_email = explode('@', $email, 2); $tmp_username = !empty($username) ? $username : $sub_email[0]; App::get('session')->set('auth_link.tmp_username', $tmp_username); } $hzal->update(); // If we have a real user, drop the authenticator cookie if (isset($user) && is_object($user)) { // Set cookie with login preference info $prefs = array('user_id' => $user->get('id'), 'user_img' => 'https://graph.facebook.com/v2.0/' . $id . '/picture?type=normal', 'authenticator' => 'facebook'); $namespace = 'authenticator'; $lifetime = time() + 365 * 24 * 60 * 60; \Hubzero\Utility\Cookie::bake($namespace, $lifetime, $prefs); } } else { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_FACEBOOK_AUTHENTICATION_FAILED'); } }
/** * This method should handle any authentication and report back to the subject * * @access public * @param array $credentials Array holding the user credentials * @param array $options Array of extra options * @param object $response Authentication response object * @return boolean * @since 1.5 */ public function onUserAuthenticate($credentials, $options, &$response) { // eppn is eduPersonPrincipalName and is the absolute lowest common // denominator for InCommon attribute exchanges. we can't really do // anything without it if (isset($options['shibboleth']['eppn'])) { $this->log('auth with', $options['shibboleth']); $method = \Component::params('com_users')->get('allowUserRegistration', FALSE) ? 'find_or_create' : 'find'; $hzal = \Hubzero\Auth\Link::$method('authentication', 'shibboleth', $options['shibboleth']['idp'], $options['shibboleth']['eppn']); if ($hzal === FALSE) { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = 'Unknown user and new user registration is not permitted.'; return; } $hzal->email = isset($options['shibboleth']['email']) ? $options['shibboleth']['email'] : NULL; $this->log('hzal', $hzal); $response->auth_link = $hzal; $response->type = 'shibboleth'; $response->status = \Hubzero\Auth\Status::SUCCESS; $response->fullname = isset($options['shibboleth']['displayName']) ? ucwords(strtolower($options['shibboleth']['displayName'])) : $options['shibboleth']['username']; if (!empty($hzal->user_id)) { $user = User::getInstance($hzal->user_id); // Bring this in line with the rest of the system $response->username = $user->username; $response->email = $user->email; $response->fullname = $user->name; } else { $response->username = '******' . $hzal->id; // The Open Group Base Specifications Issue 6, Section 3.426 $response->email = $response->username . '@invalid'; // RFC2606, section 2 // Also set a suggested username for their hub account App::get('session')->set('auth_link.tmp_username', $options['shibboleth']['username']); } $hzal->update(); // If we have a real user, drop the authenticator cookie if (isset($user) && is_object($user)) { // Set cookie with login preference info $prefs = array('user_id' => $user->get('id'), 'user_img' => \Hubzero\User\Profile::getInstance($user->get('id'))->getPicture(0, false), 'authenticator' => 'shibboleth'); $this->log('auth cookie', $prefs); $namespace = 'authenticator'; $lifetime = time() + 365 * 24 * 60 * 60; \Hubzero\Utility\Cookie::bake($namespace, $lifetime, $prefs); } } else { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = 'An error occurred verifying your credentials.'; } }
/** * This method should handle any authentication and report back to the subject * * @param array $credentials the user credentials * @param array $options any extra options * @param object $response authentication response object * @return void */ public function onUserAuthenticate($credentials, $options, &$response) { // Check for the required subject dn field if (isset($_SERVER['SSL_CLIENT_S_DN']) && $_SERVER['SSL_CLIENT_S_DN']) { $domain = $_SERVER['SSL_CLIENT_I_DN_CN']; $username = $_SERVER['SSL_CLIENT_S_DN_CN']; $method = Component::params('com_users')->get('allowUserRegistration', false) ? 'find_or_create' : 'find'; $hzal = \Hubzero\Auth\Link::$method('authentication', 'certificate', $domain, $username); if ($hzal === false) { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_CERTIFICATE_UNKNOWN_USER'); return; } $hzal->email = $_SERVER['SSL_CLIENT_S_DN_Email']; $response->auth_link = $hzal; $response->type = 'certificate'; $response->status = \Hubzero\Auth\Status::SUCCESS; $response->fullname = $username; // Try to deduce fullname from potential patern (ex: LAST.FIRST.MIDDLE.ID) if (preg_match('/([[:alpha:]]*)\\.([[:alpha:]]*)\\.([[:alpha:]]*)/', $username, $matches)) { $response->fullname = ucfirst($matches[2]) . ' ' . ucfirst($matches[3]) . ' ' . ucfirst($matches[1]); } if (!empty($hzal->user_id)) { $user = User::getInstance($hzal->user_id); $response->username = $user->get('username'); $response->email = $user->get('email'); $response->fullname = $user->get('name'); } else { $response->username = '******' . $hzal->id; $response->email = $response->username . '@invalid'; // Also set a suggested username for their hub account App::get('session')->set('auth_link.tmp_username', $username); } $hzal->update(); // If we have a real user, drop the authenticator cookie if (isset($user) && is_object($user)) { // Set cookie with login preference info $prefs = array('user_id' => $user->get('id'), 'user_img' => $user->picture(0, false), 'authenticator' => 'certificate'); $namespace = 'authenticator'; $lifetime = time() + 365 * 24 * 60 * 60; \Hubzero\Utility\Cookie::bake($namespace, $lifetime, $prefs); } } else { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_CERTIFICATE_AUTHENTICATION_FAILED'); } }
/** * This method should handle any authentication and report back to the subject * * @param array $credentials Array holding the user credentials * @param array $options Array of extra options * @param object $response Authentication response object * @return boolean */ public function onUserAuthenticate($credentials, $options, &$response) { // Make sure we have authorization $jsession = App::get('session'); if ($jsession->get('linkedin.oauth.authorized') == TRUE) { // User initiated LinkedIn connection, set up config $config = array('appKey' => $this->params->get('api_key'), 'appSecret' => $this->params->get('app_secret'), 'callbackUrl' => self::getRedirectUri('linkedin')); // Create the object $linkedin_client = new LinkedIn($config); $linkedin_client->setTokenAccess($jsession->get('linkedin.oauth.access')); // Get the linked in profile $profile = $linkedin_client->profile('~:(id,first-name,last-name,email-address,picture-urls::(original))'); $profile = $profile['linkedin']; // Parse the profile XML $profile = new SimpleXMLElement($profile); // Get the profile values $li_id = $profile->{'id'}; $first_name = $profile->{'first-name'}; $last_name = $profile->{'last-name'}; $full_name = $first_name . ' ' . $last_name; $username = (string) $li_id; // (make sure this is unique) $method = Component::params('com_users')->get('allowUserRegistration', false) ? 'find_or_create' : 'find'; $hzal = \Hubzero\Auth\Link::$method('authentication', 'linkedin', null, $username); if ($hzal === false) { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_LINKEDIN_UNKNOWN_USER'); return; } $hzal->email = (string) $profile->{'email-address'}; // Set response variables $response->auth_link = $hzal; $response->type = 'linkedin'; $response->status = \Hubzero\Auth\Status::SUCCESS; $response->fullname = $full_name; if (!empty($hzal->user_id)) { $user = User::getInstance($hzal->user_id); $response->username = $user->username; $response->email = $user->email; $response->fullname = $user->name; } else { $response->username = '******' . $hzal->id; $response->email = $response->username . '@invalid'; // Also set a suggested username for their hub account $sub_email = explode('@', (string) $profile->{'email-address'}, 2); $tmp_username = $sub_email[0]; $jsession->set('auth_link.tmp_username', $tmp_username); } $hzal->update(); // If we have a real user, drop the authenticator cookie if (isset($user) && is_object($user)) { // Set cookie with login preference info $prefs = array('user_id' => $user->get('id'), 'user_img' => (string) $profile->{'picture-urls'}->{'picture-url'}, 'authenticator' => 'linkedin'); $namespace = 'authenticator'; $lifetime = time() + 365 * 24 * 60 * 60; \Hubzero\Utility\Cookie::bake($namespace, $lifetime, $prefs); } } else { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_LINKEDIN_AUTHENTICATION_FAILED'); } }
/** * This method should handle any authentication and report back to the subject * * @param array $credentials Array holding the user credentials * @param array $options Array of extra options * @param object $response Authentication response object * @return boolean */ public function onUserAuthenticate($credentials, $options, &$response) { // Build twitter object using temp credentials saved in session $twitter = new TwitterOAuth($this->params->get('app_id'), $this->params->get('app_secret'), App::get('session')->get('twitter.oauth.token'), App::get('session')->get('twitter.oauth.token_secret')); // Request user specific (longer lasting) credentials $token_credentials = $twitter->getAccessToken(Request::getVar('oauth_verifier')); // Build new twitter object with user credentials $twitter = new TwitterOAuth($this->params->get('app_id'), $this->params->get('app_secret'), $token_credentials['oauth_token'], $token_credentials['oauth_token_secret']); // Get user account info $account = $twitter->get('account/verify_credentials'); // Make sure we have a twitter account if (!$account->errors && $account->id > 0) { // Get id as username (silly, but we cast to string, otherwise find_or_create bellow fails) $username = (string) $account->id; // Create the hubzero auth link $method = Component::params('com_users')->get('allowUserRegistration', false) ? 'find_or_create' : 'find'; $hzal = \Hubzero\Auth\Link::$method('authentication', 'twitter', null, $username); if ($hzal === false) { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_TWITTER_UNKNOWN_USER'); return; } // Set response variables $response->auth_link = $hzal; $response->type = 'twitter'; $response->status = \Hubzero\Auth\Status::SUCCESS; $response->fullname = $account->name; if (!empty($hzal->user_id)) { $user = User::getInstance($hzal->user_id); $response->username = $user->username; $response->email = $user->email; $response->fullname = $user->name; } else { $response->username = '******' . $hzal->id; $response->email = $response->username . '@invalid'; // Also set a suggested username for their hub account App::get('session')->set('auth_link.tmp_username', $account->screen_name); } $hzal->update(); // If we have a real user, drop the authenticator cookie if (isset($user) && is_object($user)) { // Set cookie with login preference info $prefs = array('user_id' => $user->get('id'), 'user_img' => str_replace('_normal', '', $account->profile_image_url_https), 'authenticator' => 'twitter'); $namespace = 'authenticator'; $lifetime = time() + 365 * 24 * 60 * 60; \Hubzero\Utility\Cookie::bake($namespace, $lifetime, $prefs); } } else { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_TWITTER_AUTHENTICATION_FAILED'); } }
/** * This method should handle any authentication and report back to the subject * * @param array $credentials Array holding the user credentials * @param array $options Array of extra options * @param object $response Authentication response object * @return boolean */ public function onUserAuthenticate($credentials, $options, &$response) { // Set up the config for the google api instance $client = new Google_Client(); $client->setClientId($this->params->get('app_id')); $client->setClientSecret($this->params->get('app_secret')); // Create OAuth2 Instance $oauth2 = new Google_Service_Oauth2($client); // Check if there's an active token in the session $jsession = App::get('session'); if ($jsession->get('google.token', NULL)) { $client->setAccessToken($jsession->get('google.token')); } // If we have an access token set, carry on if ($client->getAccessToken()) { // Get the user info $user_profile = $oauth2->userinfo->get(); // Set username to email address, which will fail and force registration update // (we have to make sure we get something unique from google) $username = $user_profile['email']; // Create the hubzero auth link $method = Component::params('com_users')->get('allowUserRegistration', false) ? 'find_or_create' : 'find'; $hzal = \Hubzero\Auth\Link::$method('authentication', 'google', null, $username); if ($hzal === false) { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_GOOGLE_UNKNOWN_USER'); return; } $hzal->email = $user_profile['email']; // Set response variables $response->auth_link = $hzal; $response->type = 'google'; $response->status = \Hubzero\Auth\Status::SUCCESS; $response->fullname = $user_profile['name']; if (!empty($hzal->user_id)) { $user = User::getInstance($hzal->user_id); $response->username = $user->username; $response->email = $user->email; $response->fullname = $user->name; } else { $response->username = '******' . $hzal->id; $response->email = $response->username . '@invalid'; // Also set a suggested username for their hub account $sub_email = explode('@', $user_profile['email'], 2); $tmp_username = $sub_email[0]; $jsession->set('auth_link.tmp_username', $tmp_username); } $hzal->update(); // If we have a real user, drop the authenticator cookie if (isset($user) && is_object($user)) { // Set cookie with login preference info $prefs = array('user_id' => $user->get('id'), 'user_img' => $user_profile['picture'] . '?sz=100', 'authenticator' => 'google'); $namespace = 'authenticator'; $lifetime = time() + 365 * 24 * 60 * 60; \Hubzero\Utility\Cookie::bake($namespace, $lifetime, $prefs); } } else { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_GOOGLE_AUTHENTICATION_FAILED'); } }
/** * This method should handle any authentication and report back to the subject * * @param array $credentials Array holding the user credentials * @param array $options Array of extra options * @param object $response Authentication response object * @return boolean */ public function onUserAuthenticate($credentials, $options, &$response) { // Set up the config for the api instance $client = new Oauth(); if ($this->params->get('environment') == 'sandbox') { $client->useSandboxEnvironment(); } $client->setClientId($this->params->get('app_id'))->setClientSecret($this->params->get('app_secret'))->setRedirectUri(self::getRedirectUri('scistarter')); if (App::get('session')->get('scistarter.token', NULL)) { $client->setAccessToken(App::get('session')->get('scistarter.token')); } // If we have an access token set, carry on if ($client->isAuthenticated()) { $account = $client->getUserData(); // Make sure we have a Scistarter account if ($account->scistarter_user_id > 0) { $username = (string) $account->email; // Create the hubzero auth link $method = Component::params('com_users')->get('allowUserRegistration', false) ? 'find_or_create' : 'find'; $hzal = \Hubzero\Auth\Link::$method('authentication', 'scistarter', null, $username); if ($hzal === false) { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_SCISTARTER_UNKNOWN_USER'); return; } $hzal->email = $account->email; // Set response variables $response->auth_link = $hzal; $response->type = 'scistarter'; $response->status = \Hubzero\Auth\Status::SUCCESS; $response->fullname = $account->email; if (!empty($hzal->user_id)) { $user = User::getInstance($hzal->user_id); $response->username = $user->username; $response->email = $user->email; $response->fullname = $user->name; } else { $response->username = '******' . $hzal->id; $response->email = $response->username . '@invalid'; // Also set a suggested username for their hub account $sub_email = explode('@', $account->email, 2); $tmp_username = $sub_email[0]; Session::set('auth_link.tmp_username', $tmp_username); } $hzal->update(); // If we have a real user, drop the authenticator cookie if (isset($user) && is_object($user)) { // Set cookie with login preference info $prefs = array('user_id' => $user->get('id'), 'user_img' => $user->picture(0, false), 'authenticator' => 'scistarter'); $namespace = 'authenticator'; $lifetime = time() + 365 * 24 * 60 * 60; \Hubzero\Utility\Cookie::bake($namespace, $lifetime, $prefs); } } else { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_SCISTARTER_AUTHENTICATION_FAILED'); } } else { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_SCISTARTER_AUTHENTICATION_FAILED'); } }
/** * This method should handle any authentication and report back to the subject * * @param array $credentials Array holding the user credentials * @param array $options Array of extra options * @param object $response Authentication response object * @return boolean */ public function onUserAuthenticate($credentials, $options, &$response) { jimport('joomla.user.helper'); // For JLog $response->type = 'hubzero'; // HUBzero does not like blank passwords if (empty($credentials['password'])) { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_HUBZERO_ERROR_EMPTY_PASS'); return false; } // Initialize variables $conditions = ''; // Get a database object $db = \App::get('db'); // Determine if attempting to log in via username or email address if (strpos($credentials['username'], '@')) { $conditions = ' WHERE email=' . $db->Quote($credentials['username']); } else { $conditions = ' WHERE username='******'username']); } $query = 'SELECT `id`, `username`, `password`' . ' FROM `#__users`' . $conditions . ' AND `block` != 1'; $db->setQuery($query); $result = $db->loadObjectList(); if (is_array($result) && count($result) > 1) { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_HUBZERO_UNKNOWN_USER'); return false; } elseif (is_array($result) && isset($result[0])) { $result = $result[0]; } // Now make sure they haven't made too many failed login attempts if (\Hubzero\User\User::oneOrFail($result->id)->hasExceededLoginLimit()) { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_HUBZERO_TOO_MANY_ATTEMPTS'); return false; } if ($result) { if (\Hubzero\User\Password::passwordMatches($result->username, $credentials['password'], true)) { $user = User::getInstance($result->id); $response->username = $user->username; $response->email = $user->email; $response->fullname = $user->name; $response->status = \Hubzero\Auth\Status::SUCCESS; $response->error_message = ''; // Check validity and age of password $password_rules = \Hubzero\Password\Rule::getRules(); $msg = \Hubzero\Password\Rule::validate($credentials['password'], $password_rules, $result->username); if (is_array($msg) && !empty($msg[0])) { App::get('session')->set('badpassword', '1'); } if (\Hubzero\User\Password::isPasswordExpired($result->username)) { App::get('session')->set('expiredpassword', '1'); } // Set cookie with login preference info $prefs = array('user_id' => $user->get('id'), 'user_img' => \Hubzero\User\Profile::getInstance($user->get('id'))->getPicture(0, false), 'authenticator' => 'hubzero'); $namespace = 'authenticator'; $lifetime = time() + 365 * 24 * 60 * 60; \Hubzero\Utility\Cookie::bake($namespace, $lifetime, $prefs); } else { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_HUBZERO_AUTHENTICATION_FAILED'); } } else { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_HUBZERO_AUTHENTICATION_FAILED'); } }
/** * This method should handle any authentication and report back to the subject * * @param array $credentials Array holding the user credentials * @param array $options Array of extra options * @param object $response Authentication response object * @return boolean */ public function onUserAuthenticate($credentials, $options, &$response) { if (Config::get('debug')) { $debug_location = $this->params->get('debug_location', '/var/log/apache2/php/phpCAS.log'); phpCAS::setDebug($debug_location); } $this->initialize(); try { $authenticated = phpCAS::isAuthenticated(); } catch (CAS_AuthenticationException $e) { throw new Exception(Lang::txt('PLG_AUTHENTICATION_PUCAS_ERROR_EXPIRED_TICKET'), 400); } $return = isset($options['return']) ? $options['return'] : ''; if ($authenticated && $this->checkBoilerkey($return)) { $username = phpCAS::getUser(); $method = Component::params('com_users')->get('allowUserRegistration', false) ? 'find_or_create' : 'find'; $hzal = \Hubzero\Auth\Link::$method('authentication', 'pucas', null, $username); if ($hzal === false) { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_PUCAS_UNKNOWN_USER'); return; } $hzal->email = $username . '@purdue.edu'; $response->auth_link = $hzal; $response->type = 'pucas'; $response->status = \Hubzero\Auth\Status::SUCCESS; $email = phpCAS::getAttribute('email'); $name = phpCAS::getAttribute('fullname'); if (!empty($email)) { $hzal->email = $email; } if (!empty($name)) { $response->fullname = ucwords(strtolower($name)); } if (!empty($hzal->user_id)) { $user = User::getInstance($hzal->user_id); // Bring this in line with the rest of the system $response->username = $user->username; $response->email = $user->email; $response->fullname = $user->name; } else { $response->username = '******' . $hzal->id; // The Open Group Base Specifications Issue 6, Section 3.426 $response->email = $response->username . '@invalid'; // RFC2606, section 2 // Also set a suggested username for their hub account App::get('session')->set('auth_link.tmp_username', $username); } $hzal->update(); // If we have a real user, drop the authenticator cookie if (isset($user) && is_object($user)) { // Set cookie with login preference info $prefs = array('user_id' => $user->get('id'), 'user_img' => \Hubzero\User\Profile::getInstance($user->get('id'))->getPicture(0, false), 'authenticator' => 'pucas'); $namespace = 'authenticator'; $lifetime = time() + 365 * 24 * 60 * 60; \Hubzero\Utility\Cookie::bake($namespace, $lifetime, $prefs); } } else { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_PUCAS_AUTHENTICATION_FAILED'); } }
/** * This method should handle any authentication and report back to the subject * * @param array $credentials Array holding the user credentials * @param array $options Array of extra options * @param object $response Authentication response object * @return boolean */ public function onUserAuthenticate($credentials, $options, &$response) { // Set up the config for the ORCID api instance $oauth = new Oauth(); $oauth->setClientId($this->params->get('client_id'))->setClientSecret($this->params->get('client_secret'))->setRedirectUri(self::getRedirectUri('orcid')); // Authenticate the user $oauth->authenticate(Request::getVar('code')); // Check for successful authentication if ($oauth->isAuthenticated()) { $orcid = new Profile($oauth); // Set username to ORCID iD $username = $orcid->id(); // Create the hubzero auth link $method = Component::params('com_users')->get('allowUserRegistration', false) ? 'find_or_create' : 'find'; $hzal = \Hubzero\Auth\Link::$method('authentication', 'orcid', null, $username); if ($hzal === false) { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_ORCID_UNKNOWN_USER'); return; } $hzal->email = $orcid->email() ? $orcid->email() : null; // Set response variables $response->auth_link = $hzal; $response->type = 'orcid'; $response->status = \Hubzero\Auth\Status::SUCCESS; $response->fullname = $orcid->fullName(); if (!empty($hzal->user_id)) { $user = User::getInstance($hzal->user_id); $response->username = $user->username; $response->email = $user->email; $response->fullname = $user->name; } else { $response->username = '******' . $hzal->id; $response->email = $response->username . '@invalid'; // Also set a suggested username for their hub account Session::set('auth_link.tmp_username', str_replace(' ', '', strtolower($response->fullname))); Session::set('auth_link.tmp_orcid', $username); } $hzal->update(); // If we have a real user, drop the authenticator cookie if (isset($user) && is_object($user)) { // Set cookie with login preference info $prefs = array('user_id' => $user->get('id'), 'user_img' => null, 'authenticator' => 'orcid'); $namespace = 'authenticator'; $lifetime = time() + 365 * 24 * 60 * 60; \Hubzero\Utility\Cookie::bake($namespace, $lifetime, $prefs); } } else { $response->status = \Hubzero\Auth\Status::FAILURE; $response->error_message = Lang::txt('PLG_AUTHENTICATION_ORCID_AUTHENTICATION_FAILED'); } }