function onAuthenticate($credentials, $options, &$response)
{
# authentication via facebook for Joomla always uses the FB API and secret keys
# When this is present, the user's FB uid is used to look up their Joomla uid and log that user in
jimport('joomla.filesystem.file');
$configFile = JPATH_ROOT . DS . 'administrator' . DS . 'components' . DS . 'com_jfbconnect' . DS . 'models' . DS . 'config.php';
if (JFile::exists($configFile)) {
include_once JPATH_ROOT . DS . 'administrator' . DS . 'components' . DS . 'com_jfbconnect' . DS . 'models' . DS . 'config.php';
$configModel = new JFBConnectModelConfig();
# always check the secret username and password to indicate this is a JFBConnect login
#echo "Entering JFBConnectAuth<br>";
if ($credentials['username'] != $configModel->getSetting('facebook_api_key') || $credentials['password'] != $configModel->getSetting('facebook_secret_key')) {
$response->status = JAUTHENTICATE_STATUS_FAILURE;
$response->error_message = 'Facebook authentication failed';
return false;
}
#echo "Passed API/Secret key check, this is a FB login<br>";
include_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_jfbconnect' . DS . 'models' . DS . 'usermap.php';
$userMapModel = new JFBConnectModelUserMap();
include_once JPATH_ROOT . DS . 'components' . DS . 'com_jfbconnect' . DS . 'libraries' . DS . 'facebook.php';
$fbClient = JFBConnectFacebookLibrary::getInstance();
$fbUserId = $fbClient->getUserId(FALSE);
$app =& JFactory::getApplication();
#echo "Facebook user = "******"User is logged into FB<br>";
# Test if user has a Joomla mapping
$jUserId = $userMapModel->getJoomlaUserId($fbUserId);
if ($jUserId) {
#echo "User has joomla mapping<br>";
$jUser = JUser::getInstance($jUserId);
if ($jUser->id == null) {
#echo "user NOT loaded, deleting";
$userMapModel->deleteMapping($fbUserId);
return false;
}
$isAllowed = true;
# Trigger the jfbcProfile onAuthenticate to see if the user is allowed to login
if ($jUser->block) {
$isAllowed = false;
$app->enqueueMessage(JText::_('E_NOLOGIN_BLOCKED'), 'error');
} else {
JPluginHelper::importPlugin('jfbcprofiles');
$args = array($jUserId, $fbUserId);
$responses = $app->triggerEvent('jfbcProfilesOnAuthenticate', $args);
$return = base64_decode(JRequest::getVar('return'));
$isAllowed = true;
foreach ($responses as $response) {
if (is_object($response) && !$response->status) {
$isAllowed = false;
$app->enqueueMessage($response->message, 'error');
}
}
}
if ($isAllowed) {
$response->status = JAUTHENTICATE_STATUS_SUCCESS;
$response->username = $jUser->username;
if (!$configModel->getSetting('create_new_users')) {
// Update the J user's email to what it is in Facebook
$fbProfileFields = $fbClient->getUserProfile($fbUserId, array('email'));
if ($fbProfileFields != null && $fbProfileFields['email']) {
$jUser->email = $fbProfileFields['email'];
$jUser->save();
}
}
$response->email = $jUser->email;
$response->fullname = $jUser->name;
$response->error_message = '';
return true;
}
} else {
if (!$configModel->getSetting('create_new_users')) {
# User is not in system, should create their account automatically
#echo "Creating a pseudo-user<br>";
$fbUser = $fbClient->_getUserName($fbUserId);
if ($fbUser == null) {
# no information returned from FB
return false;
}
// Get the email to use from Facebook
$fbProfileFields = $fbClient->getUserProfile($fbUserId, array('email'));
if ($fbProfileFields == null || !$fbProfileFields['email']) {
$newEmail = $fbUser['first_name'] . "_" . $fbUserId . "@unknown.com";
} else {
$newEmail = $fbProfileFields['email'];
}
$fullname = $fbUser['name'];
$username = "******" . $fbUserId;
#Use the Joomla User plugin to create the User row in the database
JPluginHelper::importPlugin('user');
$user['fullname'] = $fullname;
$user['username'] = $username;
$user['password_clear'] = "";
$user['email'] = $newEmail;
$jUser = $app->triggerEvent('_getUser', array($user));
$jUser = $jUser[0];
#Map the new user
include_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_jfbconnect' . DS . 'models' . DS . 'usermap.php';
$userMapModel = new JFBConnectModelUserMap();
if ($userMapModel->mapUser($fbUserId, $jUser->get('id'))) {
$app->enqueueMessage(JText::_('MAP USER SUCCESS'));
} else {
$app->enqueueMessage(JText::_('MAP USER FAIL'));
}
$response->status = JAUTHENTICATE_STATUS_SUCCESS;
$response->email = $newEmail;
$response->fullname = $fullname;
$response->username = $username;
$response->error_message = '';
return true;
}
}
}
}
# catch everything else as an authentication failure
#echo "Authentication Failure<br>";
$response->status = JAUTHENTICATE_STATUS_FAILURE;
$response->error_message = 'Facebook authentication failed';
return false;
}
function getJoomlaUserID()
{
$userMapModel = new JFBConnectModelUserMap();
return $userMapModel->getJoomlaUserId($this->jfbcLibrary->getUserId(FALSE));
}
function loginFacebookUser()
{
$app = JFactory::getApplication();
$jfbcLibrary = JFBConnectFacebookLibrary::getInstance();
$fbUserId = $jfbcLibrary->getUserId(FALSE);
#echo "Con. Logging in FB User : "******"<br>";
require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_jfbconnect' . DS . 'models' . DS . 'usermap.php';
$userMapModel = new JFBConnectModelUserMap();
$configModel = $jfbcLibrary->configModel;
$user = JFactory::getUser();
if ($user->guest) {
# Guest: Check if they have a Joomla user and log that user in. If not, create them one
$jUserId = $userMapModel->getJoomlaUserId($fbUserId);
if (!$fbUserId) {
# Facebook isn't returning information about this user. Redirect them.
$app->enqueueMessage('We were unable to retrieve your Facebook account information. Please try again');
$app->redirect('index.php');
}
# Check if automatic email mapping is allowed, and see if that email is registered
# AND the Facebook user doesn't already have a Joomla account
if ($configModel->getSetting('facebook_auto_map_by_email') && !$jUserId) {
$fbProfileFields = $jfbcLibrary->getUserProfile($fbUserId, array('email'));
if ($fbProfileFields != null && $fbProfileFields['email']) {
$fbEmail = $fbProfileFields['email'];
$jUserEmailId = $userMapModel->getJoomlaUserIdFromEmail($fbEmail);
if ($jUserEmailId && $jUserEmailId != 0) {
// Found a user with the same email address
// do final check to make sure there isn't a FB account already mapped to it
$jUserId = $userMapModel->getFacebookUserId($jUserEmailId);
if (!$jUserId) {
if ($userMapModel->mapUser($fbUserId, $jUserEmailId)) {
$app->enqueueMessage(JText::_('MAP USER SUCCESS'));
} else {
$app->enqueueMessage(JText::_('MAP USER FAIL'));
}
$app->enqueueMessage(JText::_('MAP USER SUCCESS'));
$jUserId = $jUserEmailId;
// Update the temp jId so that we login below
}
}
}
}
if ($configModel->getSetting('create_new_users') && $jUserId == null) {
# User not in system, create new users setting enabled. Redirect to the login/register form
$app->redirect(JRoute::_('index.php?option=com_jfbconnect&view=loginregister', false));
}
#set the initial registration variable so that the user plugin knows to map user and trigger onAfterRegistration
if ($jUserId == null) {
$jfbcLibrary->setInitialRegistration();
}
require_once JPATH_COMPONENT . DS . 'controllers' . DS . 'loginregister.php';
$loginController = new JFBConnectControllerLoginRegister();
$loginController->login();
// Perform the login function
} else {
#echo "Updating mapping only";
if ($userMapModel->mapUser($fbUserId)) {
$app->enqueueMessage(JText::_('MAP USER SUCCESS'));
} else {
$app->enqueueMessage(JText::_('MAP USER FAIL'));
}
}
$return = base64_decode(JRequest::getVar('return'));
$app->redirect($return);
}
function login()
{
$app = JFactory::getApplication();
$jfbcLibrary = JFBConnectFacebookLibrary::getInstance();
$configModel = $jfbcLibrary->configModel;
$options = array('silent' => 1);
// Disable other authentication messages
$app->login(array('username' => $configModel->getSetting('facebook_api_key'), 'password' => $configModel->getSetting('facebook_secret_key')), $options);
// Fire off our profile event of logging in
$jUser =& JFactory::getUser();
$configModel = $jfbcLibrary->getConfigModel();
//if (!$jUser->guest)
//{
$fbUserId = $jfbcLibrary->getUserId(FALSE);
if ($fbUserId) {
require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_jfbconnect' . DS . 'models' . DS . 'usermap.php';
$userMapModel = new JFBConnectModelUserMap();
# Do a final check to make sure that the FB user is the same one mapped to the Joomla user, if not, they aren't the same person
# In that case, don't import their profile and expire their session
if ($userMapModel->getJoomlaUserId($fbUserId) == $jUser->get('id')) {
JPluginHelper::importPlugin('jfbcprofiles');
if ($jfbcLibrary->initialRegistration) {
# Send the new user email here. Password is blank because this path is only called if
# the user isn't required to activate, and that email doesn't show the password
$sendEmail = true;
$profileEmails = $app->triggerEvent('jfbcProfilesSendsNewUserEmails');
foreach ($profileEmails as $pe) {
if ($pe) {
$sendEmail = false;
}
}
if ($sendEmail) {
$this->_sendMail($jUser, " ");
}
# New user, set their new user status and trigger the OnRegister event
$args = array($jUser->get('id'), $fbUserId);
$app->triggerEvent('jfbcProfilesOnRegister', $args);
$jfbcLibrary->setFacebookNewUserMessage();
} else {
# This is a re-login set login status message and trigger onAfterLogin event
$app->triggerEvent('jfbcProfilesOnLogin');
$jfbcLibrary->setFacebookLoginMessage();
}
}
}
$return = base64_decode(JRequest::getVar('return'));
$redirect = "";
if ($jfbcLibrary->initialRegistration) {
$redirectId = $configModel->getSetting('facebook_new_user_redirect', 'index.php');
$redirect = JRoute::_("index.php?Itemid=" . $redirectId, false);
} else {
if ($configModel->getSetting('facebook_login_redirect_enable') && !$jfbcLibrary->initialRegistration) {
$redirectId = $configModel->getSetting('facebook_login_redirect', 'index.php');
$redirect = JRoute::_("index.php?Itemid=" . $redirectId, false);
} else {
if ($return != "") {
$redirect = $return;
} else {
$redirect = JRoute::_('index.php');
}
}
}
$app->redirect($redirect);
}
function getUserId($validateWithJoomla = TRUE)
{
$userId = null;
$cookie = $this->getCookie();
if ($cookie) {
$userId = $cookie['uid'];
if ($validateWithJoomla) {
$userMapModel = new JFBConnectModelUserMap();
jimport('joomla.user.helper');
$jUser =& JFactory::getUser();
if ($userMapModel->getJoomlaUserId($userId) != $jUser->get('id') || $jUser->guest) {
$userId = null;
}
}
}
return $userId;
#return self::$_facebook->getUser(); //Throws OAuthException if not logged in
}
function onUserAuthenticate($credentials, $options, &$response)
{
$response->type = 'JFBConnectAuth';
# authentication via facebook for Joomla always uses the FB API and secret keys
# When this is present, the user's FB uid is used to look up their Joomla uid and log that user in
jimport('joomla.filesystem.file');
$provider = null;
if (isset($options['provider'])) {
$provider = $options['provider'];
}
if (class_exists('JFBCFactory') && $provider) {
# always check the secret username and password to indicate this is a JFBConnect login
#echo "Entering JFBConnectAuth<br>";
if ($credentials['username'] != $provider->appId || $credentials['password'] != $provider->secretKey) {
$response->status = JAuthentication::STATUS_FAILURE;
return false;
}
#echo "Passed API/Secret key check, this is a FB login<br>";
include_once JPATH_ADMINISTRATOR . '/components/com_jfbconnect/models/usermap.php';
$userMapModel = new JFBConnectModelUserMap();
$providerUserId = $provider->getProviderUserId();
$app = JFactory::getApplication();
#echo "Facebook user = ".$fbUserId;
# test if user is logged into Facebook
if ($providerUserId) {
# Test if user has a Joomla mapping
$jUserId = $userMapModel->getJoomlaUserId($providerUserId, $provider->name);
if ($jUserId) {
$jUser = JUser::getInstance($jUserId);
if ($jUser->id == null) {
$userMapModel->deleteMapping($providerUserId, $provider->name);
return false;
}
if ($jUser->block) {
$isAllowed = false;
JFBCFactory::log(JText::_('JERROR_NOLOGIN_BLOCKED'), 'error');
} else {
JPluginHelper::importPlugin('socialprofiles');
$args = array($provider->name, $jUserId, $providerUserId);
$responses = $app->triggerEvent('socialProfilesOnAuthenticate', $args);
$isAllowed = true;
foreach ($responses as $prResponse) {
if (is_object($prResponse) && !$prResponse->status) {
$isAllowed = false;
JFBCFactory::log($prResponse->message, 'error');
}
}
}
if ($isAllowed) {
$response->status = JAuthentication::STATUS_SUCCESS;
$response->username = $jUser->username;
$response->language = $jUser->getParam('language');
$response->email = $jUser->email;
$response->fullname = $jUser->name;
$response->error_message = '';
return true;
}
}
}
}
# catch everything else as an authentication failure
$response->status = JAuthentication::STATUS_FAILURE;
return false;
}
