{ $is_valid = isset($_SESSION['state']) && strlen($_SESSION['state']) > 0 && $_SESSION['state'] == $state; unset($_SESSION['state']); if (!$is_valid) { header('HTTP/1.0 403 Forbidden'); echo "The state parameter didn't match what was passed in to the Clef button."; exit; } return $is_valid; } if (!session_id()) { session_start(); } if (isset($_GET["code"]) && $_GET["code"] != "") { validate_state($_GET["state"]); \Clef\Clef::initialize(APP_ID, APP_SECRET); try { $response = \Clef\Clef::get_login_information($_GET["code"]); $result = $response->info; // reset the user's session if (isset($result->id) && $result->id != '') { //remove all the variables in the session session_unset(); // destroy the session session_destroy(); if (!session_id()) { session_start(); } $clef_id = $result->id; $_SESSION['name'] = $result->first_name . ' ' . $result->last_name; $_SESSION['email'] = $result->email;
$is_valid = isset($_SESSION['state']) && strlen($_SESSION['state']) > 0 && $_SESSION['state'] == $state; if (!$is_valid) { header('HTTP/1.0 403 Forbidden'); echo "The state parameter didn't match what was passed in to the Clef button."; exit; } else { unset($_SESSION['state']); } return $is_valid; } if (!session_id()) { session_start(); } if (isset($_GET["code"]) && $_GET["code"] != "") { validate_state($_GET["state"]); \Clef\Clef::initialize(CLEF_ID, CLEF_SECRET); try { $response = \Clef\Clef::get_login_information($_GET["code"]); $result = $response->info; // reset the user's session if (isset($result->id) && $result->id != '') { //remove all the variables in the session session_unset(); // destroy the session session_destroy(); if (!session_id()) { session_start(); } $clef_id = $result->id; $clef_email = $result->email; require_once 'classes/user.php';
function logout(&$args) { $args->retval = false; error_log('log out requested'); \Clef\Clef::initialize(AUTH_APPID, AUTH_SECRET); if (isset($_POST['logout_token'])) { try { $id = \Clef\Clef::get_logout_information($_POST['logout_token']); $user =& $this->_find_user($id); if ($user !== NULL) { $user['logged_out_at'] = time(); /* updated model so save */ // XXX: this isn't multi user safe - we write in once hit $this->_teapot->put_model('users', $this->_users); error_log('logged out via Clef: ' . $user['id'] . ', ' . $user['email']); } $args->retval = true; } catch (Exception $e) { /* pass */ } } else { /* not the result of a oauth logout - check session */ if ($_SESSION[Auth::AUTHORIZED] === true) { $this->_user['logged_out_at'] = time(); session_destroy(); // this session is done, discard session_start(); // new shiny session $this->_clear_session(); /* updated model so save */ // XXX: this isn't multi user safe - we write in once hit $this->_teapot->put_model('users', $this->_users); $args->retval = true; error_log('logged out: ' . $this->_user['id'] . ', ' . $this->_user['email']); } } }