/**
* Get data of the request
*
* @param Request $request
* @return array
*/
public function getData(Request $request)
{
$data = $request->data('attributes');
if ($request->data('id')) {
$data['id'] = $request->data('id');
}
return $data;
}
/**
* {@inheritDoc}
*/
public function val($field, $options = [])
{
$options += ['default' => null, 'schemaDefault' => true];
$val = $this->_request->data($field);
if ($val !== null) {
return $val;
}
return $options['default'];
}
/**
* Authenticate a user based on the request information.
*
* @param Request $request Request to get authentication information from.
* @param Response $response A response object that can have headers added.
* @return array|bool User array on success, false on failure.
*/
public function authenticate(Request $request, Response $response)
{
$fields = $this->_config['fields'];
if (!$request->data($fields['provider'])) {
return $this->getUser($request);
}
$provider = $this->_checkFields($request, $fields);
if (!$provider) {
return false;
}
if ($this->_config['hauth_return_to']) {
$returnTo = Router::url($this->_config['hauth_return_to'], true);
} else {
$returnTo = Router::url(['plugin' => 'ADmad/HybridAuth', 'controller' => 'HybridAuth', 'action' => 'authenticated'], true);
}
$params = ['hauth_return_to' => $returnTo];
if ($provider === 'OpenID') {
$params['openid_identifier'] = $request->data[$fields['openid_identifier']];
}
$this->_init($request);
$adapter = $this->hybridAuth->authenticate($provider, $params);
if ($adapter) {
return $this->_getUser($provider, $adapter);
}
return false;
}
/**
* Get the value for a given path.
*
* Traverses the entity data and finds the value for $path.
*
* @param string $field The dot separated path to the value.
* @param array $options Options:
* - `default`: Default value to return if no value found in request
* data or entity.
* - `schemaDefault`: Boolen indicating whether default value from table
* schema should be used if it's not explicitly provided.
* @return mixed The value of the field or null on a miss.
*/
public function val($field, $options = [])
{
$options += ['default' => null, 'schemaDefault' => true];
$val = $this->_request->data($field);
if ($val !== null) {
return $val;
}
if (empty($this->_context['entity'])) {
return $options['default'];
}
$parts = explode('.', $field);
$entity = $this->entity($parts);
if (end($parts) === '_ids' && !empty($entity)) {
return $this->_extractMultiple($entity, $parts);
}
if ($entity instanceof EntityInterface) {
$part = array_pop($parts);
$val = $entity->get($part);
if ($val !== null) {
return $val;
}
if ($options['default'] !== null || !$options['schemaDefault'] || !$entity->isNew()) {
return $options['default'];
}
return $this->_schemaDefault($part, $entity);
}
if (is_array($entity)) {
$key = array_pop($parts);
return isset($entity[$key]) ? $entity[$key] : null;
}
return null;
}
/**
* Checks the fields to ensure they are supplied.
*
* @param \Cake\Network\Request $request The request that contains login information.
* @param array $fields The fields to be checked.
* @return bool False if the fields have not been supplied. True if they exist.
*/
protected function _checkFields(Request $request, array $fields)
{
foreach ([$fields['username'], $fields['password']] as $field) {
$value = $request->data($field);
if (empty($value) || !is_string($value)) {
return false;
}
}
return true;
}
/**
* Get the current value for a given field.
*
* This method will coalesce the current request data and the 'defaults'
* array.
*
* @param string $field A dot separated path to the field a value
* is needed for.
* @return mixed
*/
public function val($field)
{
$val = $this->_request->data($field);
if ($val !== null) {
return $val;
}
if (empty($this->_context['defaults']) || !is_array($this->_context['defaults'])) {
return null;
}
return Hash::get($this->_context['defaults'], $field);
}
/**
* Get user's credentials (username and password) from either session or request data
*
* @param Request $request Request instance
* @return array|bool
*/
protected function _getCredentials(Request $request)
{
$credentials = [];
foreach (['username', 'password'] as $field) {
if (!($credentials[$field] = $request->data($this->_config['fields'][$field]))) {
$credentials[$field] = $this->_decrypt($request->session()->read('TwoFactorAuth.credentials.' . $field));
}
if (empty($credentials[$field]) || !is_string($credentials[$field])) {
return false;
}
}
return $credentials;
}
/**
* {@inheritDoc}
*/
public function val($field)
{
$val = $this->_request->data($field);
if ($val !== null) {
return $val;
}
if (empty($this->_context['entity'])) {
return null;
}
$parts = explode('.', $field);
$entity = $this->entity($parts);
if ($entity instanceof Document) {
return $entity->get(array_pop($parts));
}
}
/**
* Get the current value for a given field.
*
* This method will coalesce the current request data and the 'defaults'
* array.
*
* @param string $field A dot separated path to the field a value
* is needed for.
* @param array $options Options:
* - `default`: Default value to return if no value found in request
* data or context record.
* - `schemaDefault`: Boolean indicating whether default value from
* context's schema should be used if it's not explicitly provided.
* @return mixed
*/
public function val($field, $options = [])
{
$options += ['default' => null, 'schemaDefault' => true];
$val = $this->_request->data($field);
if ($val !== null) {
return $val;
}
if ($options['default'] !== null || !$options['schemaDefault']) {
return $options['default'];
}
if (empty($this->_context['defaults']) || !is_array($this->_context['defaults'])) {
return null;
}
return Hash::get($this->_context['defaults'], $field);
}
/**
* {@inheritDoc}
*/
public function validate(Request $request)
{
if ($request->is('post')) {
// The (User's) Remote Address
$whatRemoteIP = env('REMOTE_ADDR') ? '&remoteip=' . env('REMOTE_ADDR') : '';
// The reCAPTCHA data is extracted from Request
$gRecaptchaResponse = $request->data('g-recaptcha-response');
// Verify reCAPTCHA data
$response = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret=' . $this->config('secretKey') . '&response=' . $gRecaptchaResponse . $whatRemoteIP);
$response = json_decode($response, true);
// We return the Google server's response 'success' value
return (bool) $response['success'];
}
return false;
}
/**
* Authenticate callback
*
* @param Request $request Cake request object.
* @param Response $response Cake response object.
* @return bool|mixed
*/
public function authenticate(Request $request, Response $response)
{
$data = $request->session()->read(Configure::read('Users.Key.Session.social'));
if (empty($data)) {
return false;
}
$socialMail = Hash::get((array) $data->info, Configure::read('Users.Key.Data.email'));
if (!empty($socialMail)) {
$data->email = $socialMail;
$data->validated = true;
} else {
$data->email = $request->data(Configure::read('Users.Key.Data.email'));
$data->validated = false;
}
$user = $this->_findOrCreateUser($data);
return $user;
}
/**
* Get the value for a given path.
*
* Traverses the entity data and finds the value for $path.
*
* @param string $field The dot separated path to the value.
* @return mixed The value of the field or null on a miss.
*/
public function val($field)
{
$val = $this->_request->data($field);
if ($val !== null) {
return $val;
}
if (empty($this->_context['entity'])) {
return null;
}
$parts = explode('.', $field);
$entity = $this->_getEntity($parts);
if (end($parts) === '_ids' && !empty($entity)) {
return $this->_extractMultiple($entity, $parts);
}
if ($entity instanceof Entity) {
return $entity->get(array_pop($parts));
}
return null;
}
/**
* Get the value for a given path.
*
* Traverses the entity data and finds the value for $path.
*
* @param string $field The dot separated path to the value.
* @return mixed The value of the field or null on a miss.
*/
public function val($field)
{
$val = $this->_request->data($field);
if ($val !== null) {
return $val;
}
if (empty($this->_context['entity'])) {
return null;
}
$parts = explode('.', $field);
$entity = $this->entity($parts);
if (end($parts) === '_ids' && !empty($entity)) {
return $this->_extractMultiple($entity, $parts);
}
if ($entity instanceof EntityInterface) {
return $entity->get(array_pop($parts));
} elseif (is_array($entity)) {
$key = array_pop($parts);
return isset($entity[$key]) ? $entity[$key] : null;
}
return null;
}
/**
* Validate the request data against the cookie token.
*
* @param \Cake\Network\Request $request The request to validate against.
* @throws \Cake\Network\Exception\InvalidCsrfTokenException when the CSRF token is invalid or missing.
* @return void
*/
protected function _validateToken(Request $request)
{
$cookie = $request->cookie($this->_config['cookieName']);
$post = $request->data($this->_config['field']);
$header = $request->header('X-CSRF-Token');
if (empty($cookie)) {
throw new InvalidCsrfTokenException(__d('cake', 'Missing CSRF token cookie'));
}
if ($post !== $cookie && $header !== $cookie) {
throw new InvalidCsrfTokenException(__d('cake', 'CSRF token mismatch.'));
}
}
/**
* Test writing falsey values.
*
* @return void
*/
public function testDataWritingFalsey()
{
$request = new Request();
$request->data('Post.null', null);
$this->assertNull($request->data['Post']['null']);
$request->data('Post.false', false);
$this->assertFalse($request->data['Post']['false']);
$request->data('Post.zero', 0);
$this->assertSame(0, $request->data['Post']['zero']);
$request->data('Post.empty', '');
$this->assertSame('', $request->data['Post']['empty']);
}
/**
* Get a user based on information in the request.
*
* @param \Cake\Network\Request $request Request object.
* @return mixed Either false or an array of user information
* @throws \RuntimeException If the `CakeDC/Users/OAuth2.newUser` event is missing or returns empty.
*/
public function getUser(Request $request)
{
$data = $request->session()->read(Configure::read('Users.Key.Session.social'));
$requestDataEmail = $request->data('email');
if (!empty($data) && (!empty($data['email']) || !empty($requestDataEmail))) {
if (!empty($requestDataEmail)) {
$data['email'] = $requestDataEmail;
}
$user = $data;
$request->session()->delete(Configure::read('Users.Key.Session.social'));
} else {
if (empty($data) && !($rawData = $this->_authenticate($request))) {
return false;
}
if (empty($rawData)) {
$rawData = $data;
}
$provider = $this->_getProviderName($request);
$user = $this->_mapUser($provider, $rawData);
if ($user['provider'] === SocialAccountsTable::PROVIDER_TWITTER) {
$request->session()->write(Configure::read('Users.Key.Session.social'), $user);
}
}
if (!$user || !$this->config('userModel')) {
return false;
}
if (!($result = $this->_touch($user))) {
return false;
}
if ($request->session()->check(Configure::read('Users.Key.Session.social'))) {
$request->session()->delete(Configure::read('Users.Key.Session.social'));
}
return $result;
}
/**
* Get data of the request
*
* @param Request $request
* @return array
*/
public function getData(Request $request)
{
return $request->data('data');
}
/**
* {@inheritDoc}
*/
public function val($field)
{
return $this->_request->data($field);
}
/**
* Validate the request data against the cookie token.
*
* @param \Cake\Network\Request $request The request to validate against.
* @throws \Cake\Network\Exception\ForbiddenException when the CSRF token is invalid or missing.
* @return void
*/
protected function _validateToken(Request $request)
{
$cookie = $request->cookie($this->_config['cookieName']);
$post = $request->data($this->_config['field']);
$header = $request->header('X-CSRF-Token');
if ($post !== $cookie && $header !== $cookie) {
throw new ForbiddenException(__d('cake', 'Invalid CSRF token.'));
}
}
/**
* Get a user based on information in the request.
*
* @param \Cake\Network\Request $request Request object.
* @return mixed Either false or an array of user information
* @throws \RuntimeException If the `Muffin/OAuth2.newUser` event is missing or returns empty.
*/
public function getUser(Request $request)
{
$data = $request->session()->read(Configure::read('Users.Key.Session.social'));
if (!empty($data) && !empty($data['email'] || !empty($request->data('email')))) {
if (!empty($request->data('email'))) {
$data['email'] = $request->data('email');
}
$user = $data;
$request->session()->delete(Configure::read('Users.Key.Session.social'));
} else {
if (empty($data) && !($rawData = $this->_authenticate($request))) {
return false;
}
if (empty($rawData)) {
$rawData = $data;
}
$provider = $this->_getProviderName($request);
$user = $this->_mapUser($provider, $rawData);
}
if (!$user || !$this->config('userModel')) {
return false;
}
if (!($result = $this->_touch($user))) {
return false;
}
return $result;
}
