/**
* Login
*
* @param \Zend\Http\Request $request
* @param \Zend\Http\Response $response
* @return null|array|\Zend\Http\Response
*/
public function login(array $options, HttpRequest $request, HttpResponse $response = null)
{
if (null === $response) {
$response = new PhpResponse();
}
$session = $this->getSessionContainer();
$code = $request->getQuery('code');
if (empty($options['redirect_uri'])) {
$options['redirect_uri'] = $request->getUri()->getScheme() . '://' . $this->getSiteInfo()->getFulldomain() . $request->getRequestUri();
}
if (empty($code)) {
$session['state'] = String::generateRandom(32);
$session['redirect_uri'] = $options['redirect_uri'];
$response->setContent('')->setStatusCode(302)->getHeaders()->clearHeaders()->addHeaderLine('Location', static::DIALOG_URI . '?' . http_build_query(array('client_id' => $options['client_id'], 'redirect_uri' => $options['redirect_uri'], 'state' => $session['state'], 'scope' => 'email')));
if ($response instanceof PhpResponse) {
$response->send();
exit;
} else {
return $response;
}
}
$state = $request->getQuery('state');
if (empty($session['state']) || $state !== $session['state']) {
return null;
}
$client = $this->getHttpClient();
$params = null;
@parse_str($client->setMethod('GET')->setUri(static::ACCESS_URI)->setParameterGet(array('client_id' => $options['client_id'], 'redirect_uri' => $session['redirect_uri'], 'client_secret' => $options['client_secret'], 'code' => $code))->send()->getBody(), $params);
unset($session['state']);
unset($session['redirect_uri']);
if (empty($params['access_token'])) {
return null;
}
return @json_decode($client->setMethod('GET')->setUri(static::API_URI)->setParameterGet(array('access_token' => $params['access_token']))->send()->getBody(), true);
}
/**
* Request an auto-login token
*
* @param string $email
* @return string token
*/
public function create($email)
{
$store = $this->getCacheStorage();
do {
$token = String::generateRandom(self::TOKEN_LENGTH, null, true);
} while ($store->hasItem($token));
$store->setItem($token, $email);
return $token;
}
/**
* Request a password-change
*
* @param string $email
* @return string hash
*/
public function create($email)
{
$store = $this->getCacheStorage();
do {
$hash = String::generateRandom(self::HASH_LENGTH, null, true);
} while ($store->hasItem($hash));
$store->setItem($hash, $email);
return $hash;
}
/**
* Add file to uploads
*
* @param string $file
* @param string $dest evaulates in sprintf, adds a random &
* an extension part to the destination
* @return string
*/
protected function addFile($file, $dest)
{
$file = $this->validateFile($file);
if (empty($file)) {
return null;
}
$public = realpath('./public');
if (is_file($public . $file)) {
if (preg_match('#^/uploads/#', $file)) {
return $file;
}
if (preg_match('#^/tmp/#', $file)) {
$length = 8;
$ext = pathinfo($public . $file, PATHINFO_EXTENSION);
$dest = sprintf($dest, String::generateRandom($length), $ext);
$schema = $this->getSiteInfo()->getSchema();
$path = '/uploads/' . $schema . '/' . $dest;
while (is_file($public . $path)) {
if ($length > 24) {
@unlink($public . $file);
return null;
}
$dest = sprintf($dest, String::generateRandom(++$length), $ext);
$path = '/uploads/' . $schema . '/' . $dest;
}
$moveFr = $public . $file;
$moveTo = $public . $path;
$movDir = dirname($moveTo);
if (!is_dir($movDir)) {
@mkdir($movDir, 0777, true);
}
if (@rename($moveFr, $moveTo)) {
return $path;
}
}
}
return null;
}
/**
* Performs an authentication attempt
*
* @return \Zend\Authentication\Result
* @throws \Zend\Authentication\Adapter\Exception\ExceptionInterface
* If authentication cannot be performed
*/
public function authenticate()
{
$registered = false;
$model = $this->getModel();
$mode = $this->openid_mode;
$openId = $this->openid_identity;
$consumer = new Consumer\FederatedConsumer();
$ax = new Extension\Ax(array('email' => true, 'firstname' => false, 'lastname' => false, 'language' => false));
$consumer->setHttpClient($this->getServiceLocator()->get('Zend\\Http\\Client'));
$success = $mode == 'id_res' ? $consumer->verify((array) $this->getOptions(), $openId, $ax) : $consumer->login($openId, null, null, $ax, $this->getServiceLocator()->get('Response'));
if (!$success) {
return new Result(Result::FAILURE_CREDENTIAL_INVALID, null, array((string) $consumer->getError()));
}
$data = $ax->getProperties();
if (empty($data['email'])) {
return new Result(Result::FAILURE_CREDENTIAL_INVALID, null);
}
$email = $data['email'];
$user = $model->findByEmail($email);
if (empty($user)) {
if (!$this->isRegistrationEnabled()) {
return new Result(Result::FAILURE_IDENTITY_NOT_FOUND, null);
}
$displayName = null;
if (!empty($data['firstname']) && !empty($data['lastname'])) {
$displayName = $data['firstname'] . ' ' . $data['lastname'];
} else {
if (!empty($data['firstname'])) {
$displayName = $data['firstname'];
} else {
if (!empty($data['lastname'])) {
$displayName = $data['lastname'];
} else {
$displayName = preg_replace('/@.*$/', '', $email);
}
}
}
$i = 1;
$displayName = UserStructure::trimDisplayName($displayName);
$originalName = $displayName;
while (!$model->isDisplayNameAvailable($displayName)) {
$displayName = $originalName . ' ' . ++$i;
}
$user = $model->create(array('confirmed' => true, 'status' => 'active', 'displayName' => $displayName, 'email' => $email, 'locale' => !empty($data['language']) ? $data['language'] : (string) $this->getServiceLocator()->get('Locale'), 'password' => String::generateRandom(10)));
if ($user->save()) {
$registered = true;
$user = $model->findByEmail($email);
} else {
return new Result(Result::FAILURE_UNCATEGORIZED, null);
}
}
if (empty($user) || empty($user->id) || $user->isBanned()) {
return new Result(Result::FAILURE_CREDENTIAL_INVALID, null);
} else {
if ($user->isInactive()) {
$user->makeActive();
if (!$user->save()) {
return new Result(Result::FAILURE_UNCATEGORIZED, null);
}
}
}
$model->associateIdentity($user->id, $openId);
return new Result(Result::SUCCESS, $user, array('loginWith' => 'openid', 'registered' => $registered));
}
/**
* Upload index
*/
public function indexAction()
{
$auth = $this->getServiceLocator()->get('Zend\\Authentication\\AuthenticationService');
if (!$auth->hasIdentity()) {
return array('success' => false);
}
$request = $this->getRequest();
$types = strip_tags($request->getPost('types', $request->getQuery('types')));
$pattern = strip_tags($request->getPost('pattern', $request->getQuery('pattern')));
$form = $this->getForm($types, $pattern);
if ($request->isPost()) {
$form->setData(ArrayUtils::merge($request->getPost()->toArray(), $request->getFiles()->toArray()));
if ($form->isValid()) {
$data = $form->getData();
$file = $data['file'];
$ext = pathinfo($file['name'], PATHINFO_EXTENSION);
if (!is_dir(self::TEMP_PATH)) {
@mkdir(self::TEMP_PATH, static::UPLOAD_MOD, true);
}
if ('php' === strtolower($ext)) {
$ext = 'phps';
}
do {
$newName = sprintf($pattern, String::generateRandom(null, null, true), $ext);
$moveTo = self::TEMP_PATH . DIRECTORY_SEPARATOR . $newName;
} while (is_file($moveTo));
if (@move_uploaded_file($file['tmp_name'], $moveTo)) {
@chmod($moveTo, static::UPLOAD_MOD);
return array('success' => true, 'file' => self::TEMP_URL . '/' . $newName);
} else {
return array('success' => false, 'messages' => array('File move failed' . PHP_EOL . $file['tmp_name'] . PHP_EOL . $moveTo));
}
} else {
return array('success' => false, 'messages' => $form->getMessages());
}
}
return array('form' => $form);
}
/**
* Performs an authentication attempt
*
* @return \Zend\Authentication\Result
* @throws \Zend\Authentication\Adapter\Exception\ExceptionInterface
* If authentication cannot be performed
*/
public function authenticate()
{
$registered = false;
$model = $this->getModel();
$settings = $this->getServiceLocator()->get('Grid\\Facebook\\Model\\ApplicationSettings\\AdapterFactory')->factory(array('application' => 'login'));
$appId = $settings->getSetting('appId');
$appSecret = $settings->getSetting('appSecret');
if (empty($appId) || empty($appSecret)) {
return new Result(Result::FAILURE_UNCATEGORIZED, null, array('appId and/or appSecret not set'));
}
$service = $this->getServiceLocator();
$client = new OAuth\Client($service->get('Zend\\Http\\Client'), $this->getSessionManager(), $service->get('Zork\\Db\\SiteInfo'));
$data = $client->login(array('client_id' => $appId, 'client_secret' => $appSecret), $service->get('Request'), $service->get('Response'));
if (empty($data) || empty($data['email'])) {
return new Result(Result::FAILURE_CREDENTIAL_INVALID, null, array('Cannot parse graph response or email not sent'));
}
$email = $data['email'];
$user = $model->findByEmail($email);
if (empty($user)) {
if (!$this->isRegistrationEnabled()) {
return new Result(Result::FAILURE_IDENTITY_NOT_FOUND, null);
}
$displayName = empty($data['name']) ? preg_replace('/@.*$/', '', $email) : $data['name'];
$i = 1;
$displayName = UserStructure::trimDisplayName($displayName);
$originalName = $displayName;
while (!$model->isDisplayNameAvailable($displayName)) {
$displayName = $originalName . ' ' . ++$i;
}
$user = $model->create(array('confirmed' => true, 'status' => 'active', 'displayName' => $displayName, 'email' => $email, 'locale' => !empty($data['language']) ? $data['language'] : (string) $this->getServiceLocator()->get('Locale'), 'password' => String::generateRandom(10)));
if ($user->save()) {
$registered = true;
$user = $model->findByEmail($email);
} else {
return new Result(Result::FAILURE_UNCATEGORIZED, null);
}
}
if (empty($user) || empty($user->id) || $user->isBanned()) {
return new Result(Result::FAILURE_CREDENTIAL_INVALID, null);
} else {
if ($user->isInactive()) {
$user->makeActive();
if (!$user->save()) {
return new Result(Result::FAILURE_UNCATEGORIZED, null);
}
}
}
$model->associateIdentity($user->id, empty($data['link']) ? 'urn:facebook:' . (empty($data['id']) ? $email : $data['id']) : $data['link']);
return new Result(Result::SUCCESS, $user, array('loginWith' => 'facebook', 'registered' => $registered));
}
/**
* Test generate random
*/
public function testGenerateRandom()
{
$this->assertNotEquals(String::generateRandom(), String::generateRandom());
}
/**
* Get RowSet's ID
*
* @return string
*/
public function getId()
{
if (empty($this->id)) {
if ($this->getColumnsUseTranslation()) {
$id = trim($this->getColumnTranslatePrefix() . '.' . $this->getColumnTranslatePostfix(), '.');
if (!empty($id)) {
return str_replace('.', '_', $id);
}
}
$this->id = String::generateRandom();
}
return $this->id;
}
