/**
* @param \RainLoop\Model\Account $oAccount
* @param string $sCode
*
* @return bool
*/
private function removeBackupCodeFromTwoFactorInfo($oAccount, $sCode)
{
if (!$oAccount || empty($sCode)) {
return false;
}
$sData = $this->StorageProvider()->Get($oAccount, \RainLoop\Providers\Storage\Enumerations\StorageType::CONFIG, 'two_factor');
if ($sData) {
$mData = \RainLoop\Utils::DecodeKeyValues($sData);
if (!empty($mData['BackupCodes'])) {
$sBackupCodes = \preg_replace('/[^\\d]+/', ' ', ' ' . $mData['BackupCodes'] . ' ');
$sBackupCodes = \str_replace(' ' . $sCode . ' ', '', $sBackupCodes);
$mData['BackupCodes'] = \trim(\preg_replace('/[^\\d]+/', ' ', $sBackupCodes));
return $this->StorageProvider()->Put($oAccount, \RainLoop\Providers\Storage\Enumerations\StorageType::CONFIG, 'two_factor', \RainLoop\Utils::EncodeKeyValues($mData));
}
}
return false;
}
/**
* @return string
*/
public function TwitterPopupService()
{
$sResult = '';
$sLoginUrl = '';
$sSocialName = '';
$bLogin = false;
$iErrorCode = \RainLoop\Notifications::UnknownError;
$sRedirectUrl = $this->oHttp->GetFullUrl() . '?SocialTwitter';
if (0 < strlen($this->oActions->GetSpecAuthToken())) {
$sRedirectUrl .= '&rlah=' . $this->oActions->GetSpecAuthToken();
} else {
if ($this->oHttp->HasQuery('rlah')) {
$this->oActions->SetSpecAuthToken($this->oHttp->GetQuery('rlah', ''));
$sRedirectUrl .= '&rlah=' . $this->oActions->GetSpecAuthToken();
}
}
try {
$oTwitter = $this->TwitterConnector();
if ($oTwitter) {
$sSessionKey = \implode('_', array('twitter', \md5($oTwitter->config['consumer_secret']), \md5(\RainLoop\Utils::GetConnectionToken()), 'AuthSessionData'));
$oAccount = $this->oActions->GetAccount();
if ($oAccount) {
if (isset($_REQUEST['oauth_verifier'])) {
$sAuth = $this->oActions->Cacher()->Get($sSessionKey);
$oAuth = $sAuth ? \json_decode($sAuth, true) : null;
if ($oAuth && !empty($oAuth['oauth_token']) && !empty($oAuth['oauth_token_secret'])) {
$oTwitter->config['user_token'] = $oAuth['oauth_token'];
$oTwitter->config['user_secret'] = $oAuth['oauth_token_secret'];
$iCode = $oTwitter->request('POST', $oTwitter->url('oauth/access_token', ''), array('oauth_callback' => $sRedirectUrl, 'oauth_verifier' => $_REQUEST['oauth_verifier']));
if (200 === $iCode && isset($oTwitter->response['response'])) {
$this->oActions->Logger()->WriteDump($oTwitter->response['response']);
$aAccessToken = $oTwitter->extract_params($oTwitter->response['response']);
$this->oActions->Logger()->WriteDump($aAccessToken);
if ($aAccessToken && isset($aAccessToken['oauth_token']) && !empty($aAccessToken['user_id'])) {
$oTwitter->config['user_token'] = $aAccessToken['oauth_token'];
$oTwitter->config['user_secret'] = $aAccessToken['oauth_token_secret'];
$sSocialName = !empty($aAccessToken['screen_name']) ? '@' . $aAccessToken['screen_name'] : $aAccessToken['user_id'];
$sSocialName = \trim($sSocialName);
$aUserData = array('Email' => $oAccount->Email(), 'Password' => $oAccount->Password());
$oSettings = $this->oActions->SettingsProvider()->Load($oAccount);
$oSettings->SetConf('TwitterAccessToken', \RainLoop\Utils::EncodeKeyValues($aAccessToken));
$oSettings->SetConf('TwitterSocialName', $sSocialName);
$this->oActions->SettingsProvider()->Save($oAccount, $oSettings);
$this->oActions->StorageProvider()->Put(null, \RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY, $this->TwitterUserLoginStorageKey($oTwitter, $aAccessToken['user_id']), \RainLoop\Utils::EncodeKeyValues($aUserData));
$iErrorCode = 0;
}
}
}
} else {
$aParams = array('oauth_callback' => $sRedirectUrl, 'x_auth_access_type' => 'read');
$iCode = $oTwitter->request('POST', $oTwitter->url('oauth/request_token', ''), $aParams);
if (200 === $iCode && isset($oTwitter->response['response'])) {
$oAuth = $oTwitter->extract_params($oTwitter->response['response']);
if (!empty($oAuth['oauth_token'])) {
$this->oActions->Cacher()->Set($sSessionKey, \json_encode($oAuth));
$sLoginUrl = $oTwitter->url('oauth/authenticate', '') . '?oauth_token=' . $oAuth['oauth_token'];
}
}
}
} else {
$bLogin = true;
if (isset($_REQUEST['oauth_verifier'])) {
$sAuth = $this->oActions->Cacher()->Get($sSessionKey);
$oAuth = $sAuth ? \json_decode($sAuth, true) : null;
if ($oAuth && !empty($oAuth['oauth_token']) && !empty($oAuth['oauth_token_secret'])) {
$oTwitter->config['user_token'] = $oAuth['oauth_token'];
$oTwitter->config['user_secret'] = $oAuth['oauth_token_secret'];
$iCode = $oTwitter->request('POST', $oTwitter->url('oauth/access_token', ''), array('oauth_callback' => $sRedirectUrl, 'oauth_verifier' => $_REQUEST['oauth_verifier']));
if (200 === $iCode && isset($oTwitter->response['response'])) {
$aAccessToken = $oTwitter->extract_params($oTwitter->response['response']);
if ($aAccessToken && isset($aAccessToken['oauth_token']) && !empty($aAccessToken['user_id'])) {
$sUserData = $this->oActions->StorageProvider()->Get(null, \RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY, $this->TwitterUserLoginStorageKey($oTwitter, $aAccessToken['user_id']));
$aUserData = \RainLoop\Utils::DecodeKeyValues($sUserData);
if ($aUserData && \is_array($aUserData) && !empty($aUserData['Email']) && isset($aUserData['Password'])) {
$oAccount = $this->oActions->LoginProcess($aUserData['Email'], $aUserData['Password']);
if ($oAccount instanceof \RainLoop\Account) {
$this->oActions->AuthProcess($oAccount);
$iErrorCode = 0;
}
} else {
$iErrorCode = \RainLoop\Notifications::SocialTwitterLoginAccessDisable;
}
$this->oActions->Cacher()->Delete($sSessionKey);
}
}
}
} else {
$aParams = array('oauth_callback' => $sRedirectUrl, 'x_auth_access_type' => 'read');
$iCode = $oTwitter->request('POST', $oTwitter->url('oauth/request_token', ''), $aParams);
if (200 === $iCode && isset($oTwitter->response['response'])) {
$oAuth = $oTwitter->extract_params($oTwitter->response['response']);
if (!empty($oAuth['oauth_token'])) {
$this->oActions->Cacher()->Set($sSessionKey, \json_encode($oAuth));
$sLoginUrl = $oTwitter->url('oauth/authenticate', '') . '?oauth_token=' . $oAuth['oauth_token'];
}
}
}
}
}
} catch (\Exception $oException) {
$this->oActions->Logger()->WriteException($oException, \MailSo\Log\Enumerations\Type::ERROR);
}
if ($sLoginUrl) {
$this->oActions->Location($sLoginUrl);
} else {
@\header('Content-Type: text/html; charset=utf-8');
$sCallBackType = $bLogin ? '_login' : '';
$sConnectionFunc = 'rl_' . \md5(\RainLoop\Utils::GetConnectionToken()) . '_twitter' . $sCallBackType . '_service';
$sResult = '<script type="text/javascript" data-cfasync="false">opener && opener.' . $sConnectionFunc . ' && opener.' . $sConnectionFunc . '(' . $iErrorCode . '); self && self.close && self.close();</script>';
}
return $sResult;
}
/**
* @return string
*/
public function ServiceSso()
{
$oException = null;
$oAccount = null;
$bLogout = true;
$sSsoHash = $this->oHttp->GetRequest('hash', '');
if (!empty($sSsoHash)) {
$mData = null;
$sSsoSubData = $this->Cacher()->Get(\RainLoop\KeyPathHelper::SsoCacherKey($sSsoHash));
if (!empty($sSsoSubData)) {
$mData = \RainLoop\Utils::DecodeKeyValues($sSsoSubData);
$this->Cacher()->Delete(\RainLoop\KeyPathHelper::SsoCacherKey($sSsoHash));
if (\is_array($mData) && !empty($mData['Email']) && isset($mData['Password'], $mData['Time']) && (0 === $mData['Time'] || \time() - 10 < $mData['Time'])) {
$sEmail = \trim($mData['Email']);
$sPassword = $mData['Password'];
try {
$oAccount = $this->oActions->LoginProcess($sEmail, $sPassword);
$this->oActions->AuthProcess($oAccount);
$bLogout = !$oAccount instanceof \RainLoop\Account;
} catch (\Exception $oException) {
$this->oActions->Logger()->WriteException($oException);
}
}
}
}
if ($bLogout) {
$this->oActions->SetAuthLogoutToken();
}
$this->oActions->Location('./');
return '';
}
/**
* @return string
*/
public function ServiceSso()
{
$oException = null;
$oAccount = null;
$bLogout = true;
$sSsoHash = $this->oHttp->GetRequest('hash', '');
if (!empty($sSsoHash)) {
$mData = null;
$sSsoSubData = $this->Cacher()->Get(\RainLoop\KeyPathHelper::SsoCacherKey($sSsoHash));
if (!empty($sSsoSubData)) {
$mData = \RainLoop\Utils::DecodeKeyValues($sSsoSubData);
$this->Cacher()->Delete(\RainLoop\KeyPathHelper::SsoCacherKey($sSsoHash));
if (\is_array($mData) && !empty($mData['Email']) && isset($mData['Password'], $mData['Time']) && (0 === $mData['Time'] || \time() - 10 < $mData['Time'])) {
$sEmail = \trim($mData['Email']);
$sPassword = $mData['Password'];
$aAdditionalOptions = isset($mData['AdditionalOptions']) && \is_array($mData['AdditionalOptions']) && 0 < \count($mData['AdditionalOptions']) ? $mData['AdditionalOptions'] : null;
try {
$oAccount = $this->oActions->LoginProcess($sEmail, $sPassword);
if ($oAccount instanceof \RainLoop\Model\Account && $aAdditionalOptions) {
$bNeedToSettings = false;
$oSettings = $this->SettingsProvider()->Load($oAccount);
if ($oSettings) {
$sLanguage = isset($aAdditionalOptions['Language']) ? $aAdditionalOptions['Language'] : '';
if ($sLanguage) {
$sLanguage = $this->oActions->ValidateLanguage($sLanguage);
if ($sLanguage !== $oSettings->GetConf('Language', '')) {
$bNeedToSettings = true;
$oSettings->SetConf('Language', $sLanguage);
}
}
}
if ($bNeedToSettings) {
$this->SettingsProvider()->Save($oAccount, $oSettings);
}
}
$this->oActions->AuthToken($oAccount);
$bLogout = !$oAccount instanceof \RainLoop\Model\Account;
} catch (\Exception $oException) {
$this->oActions->Logger()->WriteException($oException);
}
}
}
}
if ($bLogout) {
$this->oActions->SetAuthLogoutToken();
}
$this->oActions->Location('./');
return '';
}
/**
* @param string $sRawKey
*
* @return array | false
*/
private function getDecodedRawKeyValue($sRawKey)
{
$bResult = false;
if (!empty($sRawKey)) {
$aValues = \RainLoop\Utils::DecodeKeyValues($sRawKey);
if (is_array($aValues)) {
$bResult = $aValues;
}
}
return $bResult;
}