public function testGetOAuthTokensWithAndWithoutSSL() { $gpc = new GooglePlusCrawler($this->profile1_instance, 'fauxaccesstoken', 10); //test getting token with HTTPS $_SERVER['SERVER_NAME'] = 'test'; $_SERVER['HTTPS'] = 'y'; $cfg = Config::getInstance(); $cfg->setValue('site_root_path', '/'); $redirect_uri = urlencode(Utils::getApplicationURL() . 'account/?p=google%2B'); $tokens = $gpc->getOAuthTokens('ci', 'cs', 'tc1', 'authorization_code', $redirect_uri); $this->assertEqual($tokens->access_token, 'faux-access-token-with-https'); $this->assertEqual($tokens->refresh_token, 'faux-refresh-token-with-https'); //test getting token without HTTPS $_SERVER['HTTPS'] = null; $redirect_uri = urlencode(Utils::getApplicationURL() . 'account/?p=google%2B'); $tokens = $gpc->getOAuthTokens('ci', 'cs', 'tc1', 'authorization_code', $redirect_uri); $this->assertEqual($tokens->access_token, 'faux-access-token-without-https'); $this->assertEqual($tokens->refresh_token, 'faux-refresh-token-without-https'); }
/** * Add user auth link or process incoming auth requests. * @param array $options Plugin options array */ protected function setUpGPlusInteractions(array $options) { //get options $client_id = $options['google_plus_client_id']->option_value; $client_secret = $options['google_plus_client_secret']->option_value; //prep redirect URI $config = Config::getInstance(); $site_root_path = $config->getValue('site_root_path'); $redirect_uri = urlencode(Utils::getApplicationURL() . 'account/?p=google%2B'); //create OAuth link $oauth_link = "https://accounts.google.com/o/oauth2/auth?client_id=" . $client_id . "&redirect_uri=" . $redirect_uri . "&scope=https://www.googleapis.com/auth/plus.me&response_type=code&access_type=offline&approval_prompt=force"; $this->addToView('oauth_link', $oauth_link); // Google provided a code to get an access token if (isset($_GET['code'])) { $code = $_GET['code']; $crawler_plugin_registrar = new GooglePlusCrawler(null, null); $tokens = $crawler_plugin_registrar->getOAuthTokens($client_id, $client_secret, $code, 'authorization_code', $redirect_uri); if (isset($tokens->error)) { $this->addErrorMessage("Oops! Something went wrong while obtaining OAuth tokens.<br>Google says \"" . $tokens->error . ".\" Please double-check your settings and try again.", 'authorization'); } else { if (isset($tokens->access_token) && isset($tokens->access_token)) { //Get user data $gplus_api_accessor = new GooglePlusAPIAccessor(); $gplus_user = $gplus_api_accessor->apiRequest('people/me', $tokens->access_token, null); if (isset($gplus_user->error)) { if ($gplus_user->error->code == "403" && $gplus_user->error->message == 'Access Not Configured') { $this->addErrorMessage("Oops! Looks like Google+ API access isn't turned on. " . "<a href=\"http://code.google.com/apis/console#access\">In the Google APIs console</a>, " . "in Services, flip the Google+ API Status switch to 'On' and try again.", 'authorization'); } else { $this->addErrorMessage("Oops! Something went wrong querying the Google+ API.<br>" . "Google says \"" . $gplus_user->error->code . ": " . $gplus_user->error->message . ".\" Please double-check your settings and try again.", 'authorization'); } } else { if (isset($gplus_user->id) && isset($gplus_user->displayName)) { $gplus_user_id = $gplus_user->id; $gplus_username = $gplus_user->displayName; //Process tokens $this->saveAccessTokens($gplus_user_id, $gplus_username, $tokens->access_token, $tokens->refresh_token); } else { $this->addErrorMessage("Oops! Something went wrong querying the Google+ API.<br>" . "Google says \"" . Utils::varDumpToString($gplus_user) . ".\" Please double-check your settings and try again.", 'authorization'); } } } else { $this->addErrorMessage("Oops! Something went wrong while obtaining OAuth tokens.<br>Google says \"" . Utils::varDumpToString($tokens) . ".\" Please double-check your settings and try again.", 'authorization'); } } } $instance_dao = DAOFactory::getDAO('InstanceDAO'); $owner_instances = $instance_dao->getByOwnerAndNetwork($this->owner, 'google+'); $this->addToView('owner_instances', $owner_instances); }
public function testGetOAuthTokensWithAndWithoutSSL() { $gpc = new GooglePlusCrawler($this->profile1_instance, 'fauxaccesstoken', 10); //test getting token with HTTPS $_SERVER['SERVER_NAME'] = 'dev.thinkup.com'; $_SERVER['HTTPS'] = 'y'; $site_root_path = ''; $ssl = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != '' ? 's' : ''; $redirect_uri = urlencode('http' . $ssl . '://' . $_SERVER['SERVER_NAME'] . $site_root_path . 'account/?p=google%2B'); $tokens = $gpc->getOAuthTokens('test-client-id', 'test-client-secret', 'test-code1', 'authorization_code', $redirect_uri); $this->assertEqual($tokens->access_token, 'faux-access-token-with-https'); $this->assertEqual($tokens->refresh_token, 'faux-refresh-token-with-https'); //test getting token without HTTPS $_SERVER['HTTPS'] = ''; $ssl = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != '' ? 's' : ''; $redirect_uri = urlencode('http' . $ssl . '://' . $_SERVER['SERVER_NAME'] . $site_root_path . 'account/?p=google%2B'); $tokens = $gpc->getOAuthTokens('test-client-id', 'test-client-secret', 'test-code1', 'authorization_code', $redirect_uri); $this->assertEqual($tokens->access_token, 'faux-access-token-without-https'); $this->assertEqual($tokens->refresh_token, 'faux-refresh-token-without-https'); }