/** * @param Request $request * @return \Psr\Http\Message\ResponseInterface|RedirectResponse */ public function handle(Request $request) { $redirectUri = (string) $request->getAttribute('originalUri', $request->getUri())->withQuery(''); $server = new Twitter(['identifier' => $this->settings->get('flarum-auth-twitter.api_key'), 'secret' => $this->settings->get('flarum-auth-twitter.api_secret'), 'callback_uri' => $redirectUri]); $session = $request->getAttribute('session'); $queryParams = $request->getQueryParams(); $oAuthToken = array_get($queryParams, 'oauth_token'); $oAuthVerifier = array_get($queryParams, 'oauth_verifier'); if (!$oAuthToken || !$oAuthVerifier) { $temporaryCredentials = $server->getTemporaryCredentials(); $session->set('temporary_credentials', serialize($temporaryCredentials)); $session->save(); // Second part of OAuth 1.0 authentication is to redirect the // resource owner to the login screen on the server. $server->authorize($temporaryCredentials); exit; } // Retrieve the temporary credentials we saved before $temporaryCredentials = unserialize($session->get('temporary_credentials')); // We will now retrieve token credentials from the server $tokenCredentials = $server->getTokenCredentials($temporaryCredentials, $oAuthToken, $oAuthVerifier); $user = $server->getUserDetails($tokenCredentials); $identification = ['twitter_id' => $user->uid]; $suggestions = ['username' => $user->nickname, 'avatarUrl' => str_replace('_normal', '', $user->imageUrl)]; return $this->authResponse->make($request, $identification, $suggestions); }
public function prepareApiAttributes(PrepareApiAttributes $event) { if ($event->isSerializer(ForumSerializer::class)) { $event->attributes['logo_url'] = $this->settings->get('santiagobiali-logo.logo_url'); $event->attributes['logo_css'] = $this->settings->get('santiagobiali-logo.logo_css'); } }
/** * {@inheritdoc} */ public function data(ServerRequestInterface $request, Document $document) { $this->assertAdmin($request->getAttribute('actor')); $file = array_get($request->getUploadedFiles(), 'favicon'); $tmpFile = tempnam($this->app->storagePath() . '/tmp', 'favicon'); $file->moveTo($tmpFile); $extension = pathinfo($file->getClientFilename(), PATHINFO_EXTENSION); if ($extension !== 'ico') { $manager = new ImageManager(); $encodedImage = $manager->make($tmpFile)->resize(64, 64, function ($constraint) { $constraint->aspectRatio(); $constraint->upsize(); })->encode('png'); file_put_contents($tmpFile, $encodedImage); $extension = 'png'; } $mount = new MountManager(['source' => new Filesystem(new Local(pathinfo($tmpFile, PATHINFO_DIRNAME))), 'target' => new Filesystem(new Local($this->app->publicPath() . '/assets'))]); if (($path = $this->settings->get('favicon_path')) && $mount->has($file = "target://{$path}")) { $mount->delete($file); } $uploadName = 'favicon-' . Str::lower(Str::quickRandom(8)) . '.' . $extension; $mount->move('source://' . pathinfo($tmpFile, PATHINFO_BASENAME), "target://{$uploadName}"); $this->settings->set('favicon_path', $uploadName); return parent::data($request, $document); }
/** * @param PrepareApiAttributes $event */ public function prepareApiAttributes(PrepareApiAttributes $event) { if ($event->isSerializer(ForumSerializer::class)) { $event->attributes['minPrimaryTags'] = $this->settings->get('flarum-tags.min_primary_tags'); $event->attributes['maxPrimaryTags'] = $this->settings->get('flarum-tags.max_primary_tags'); $event->attributes['minSecondaryTags'] = $this->settings->get('flarum-tags.min_secondary_tags'); $event->attributes['maxSecondaryTags'] = $this->settings->get('flarum-tags.max_secondary_tags'); } }
/** * @param User $actor * @param Discussion $discussion * @return bool|null */ public function rename(User $actor, Discussion $discussion) { if ($discussion->start_user_id == $actor->id) { $allowRenaming = $this->settings->get('allow_renaming'); if ($allowRenaming === '-1' || $allowRenaming === 'reply' && $discussion->participants_count <= 1 || $discussion->start_time->diffInMinutes(new Carbon()) < $allowRenaming) { return true; } } }
/** * {@inheritdoc} */ protected function getView(ServerRequestInterface $request) { $view = parent::getView($request); $settings = $this->settings->all(); $this->events->fire(new PrepareUnserializedSettings($settings)); $view->setVariable('settings', $settings); $view->setVariable('permissions', Permission::map()); $view->setVariable('extensions', $this->extensions->getExtensions()->toArray()); return $view; }
/** * @param PrepareApiAttributes $event */ public function prepareApiAttributes(PrepareApiAttributes $event) { if ($event->isSerializer(ForumSerializer::class)) { $attributes = array('vovayatsyuk-auth-magento' => array('store_name' => 'Magento', 'background_color' => '#ef672f')); foreach ($attributes as $namespace => $keys) { foreach ($keys as $key => $default) { $event->attributes[$namespace . '.' . $key] = $this->settings->get($namespace . '.' . $key) ?: $default; } } } }
/** * {@inheritdoc} */ protected function delete(ServerRequestInterface $request) { $this->assertAdmin($request->getAttribute('actor')); $path = $this->settings->get('favicon_path'); $this->settings->set('favicon_path', null); $uploadDir = new Filesystem(new Local($this->app->publicPath() . '/assets')); if ($uploadDir->has($path)) { $uploadDir->delete($path); } return new EmptyResponse(204); }
/** * @param ServerRequestInterface $request * @return EmptyResponse|JsonResponse */ public function handle(ServerRequestInterface $request) { $userChannel = 'private-user' . $request->getAttribute('actor')->id; $body = $request->getParsedBody(); if (array_get($body, 'channel_name') === $userChannel) { $pusher = new Pusher($this->settings->get('flarum-pusher.app_key'), $this->settings->get('flarum-pusher.app_secret'), $this->settings->get('flarum-pusher.app_id'), ['cluster' => $this->settings->get('flarum-pusher.app_cluster')]); $payload = json_decode($pusher->socket_auth($userChannel, array_get($body, 'socket_id')), true); return new JsonResponse($payload); } return new EmptyResponse(403); }
/** * {@inheritdoc} */ public function handle(ServerRequestInterface $request) { $this->assertAdmin($request->getAttribute('actor')); $settings = $request->getParsedBody(); foreach ($settings as $k => $v) { $this->dispatcher->fire(new PrepareSerializedSetting($k, $v)); $this->settings->set($k, $v); $this->dispatcher->fire(new SettingWasSet($k, $v)); } return new EmptyResponse(204); }
public function addAssets(ConfigureClientView $event) { if ($event->isAdmin()) { $event->addAssets([__DIR__ . '/../../js/admin/dist/extension.js']); $event->addBootstrapper('sijad/google/analytics/main'); } if ($event->isForum() && ($code = $this->settings->get('sijad-google-analytics.tracking_code'))) { $event->view->addFootString($code); $event->addAssets([__DIR__ . '/../../js/forum/dist/extension.js']); $event->addBootstrapper('sijad/google/analytics/main'); } }
/** * @param User $actor * @param Post $post * @return bool|null */ public function edit(User $actor, Post $post) { // A post is allowed to be edited if the user has permission to moderate // the discussion which it's in, or if they are the author and the post // hasn't been deleted by someone else. if ($post->user_id == $actor->id && (!$post->hide_time || $post->hide_user_id == $actor->id)) { $allowEditing = $this->settings->get('allow_post_editing'); if ($allowEditing === '-1' || $allowEditing === 'reply' && $post->number >= $post->discussion->last_post_number || $post->time->diffInMinutes(new Carbon()) < $allowEditing) { return true; } } }
/** * @param RegisterUser $command * @throws PermissionDeniedException if signup is closed and the actor is * not an administrator. * @throws \Flarum\Core\Exception\InvalidConfirmationTokenException if an * email confirmation token is provided but is invalid. * @return User */ public function handle(RegisterUser $command) { $actor = $command->actor; $data = $command->data; if (!$this->settings->get('allow_sign_up')) { $this->assertAdmin($actor); } $username = array_get($data, 'attributes.username'); $email = array_get($data, 'attributes.email'); $password = array_get($data, 'attributes.password'); // If a valid authentication token was provided as an attribute, // then we won't require the user to choose a password. if (isset($data['attributes']['token'])) { $token = AuthToken::validOrFail($data['attributes']['token']); $password = $password ?: str_random(20); } $user = User::register($username, $email, $password); // If a valid authentication token was provided, then we will assign // the attributes associated with it to the user's account. If this // includes an email address, then we will activate the user's account // from the get-go. if (isset($token)) { foreach ($token->payload as $k => $v) { $user->{$k} = $v; } if (isset($token->payload['email'])) { $user->activate(); } } if ($actor->isAdmin() && array_get($data, 'attributes.isActivated')) { $user->activate(); } $this->events->fire(new UserWillBeSaved($user, $actor, $data)); $this->validator->assertValid(array_merge($user->getAttributes(), compact('password'))); if ($avatarUrl = array_get($data, 'attributes.avatarUrl')) { $validation = $this->validatorFactory->make(compact('avatarUrl'), ['avatarUrl' => 'url']); if ($validation->fails()) { throw new ValidationException($validation); } try { $this->saveAvatarFromUrl($user, $avatarUrl); } catch (Exception $e) { // } } $user->save(); if (isset($token)) { $token->delete(); } $this->dispatchEventsFor($user, $actor); return $user; }
/** * Uploads raw contents to the service. * * @param string $contents * @return array The meta of the file. */ public function uploadContents($name, $contents) { $this->filesystem->write($name, $contents); $meta = $this->filesystem->getMetadata($name); $urlGenerator = app('Flarum\\Forum\\UrlGenerator'); if (empty($this->settings->get('flagrow.image-upload.cdnUrl'))) { // if there is no cdnUrl $meta['url'] = $urlGenerator->toPath('assets/images/' . $name); } else { // if there is $meta['url'] = $this->settings->get('flagrow.image-upload.cdnUrl') . 'assets/images/' . $name; } return $meta; }
/** * Handles the command execution. * * @param UploadImage $command * @return null|string * * @todo check permission */ public function handle(UploadImage $command) { // check if the user can upload images, otherwise return $this->assertCan($command->actor, 'flagrow.image.upload'); $tmpFile = tempnam($this->app->storagePath() . '/tmp', 'image'); $command->file->moveTo($tmpFile); $file = new UploadedFile($tmpFile, $command->file->getClientFilename(), $command->file->getClientMediaType(), $command->file->getSize(), $command->file->getError(), true); // validate the file $this->validator->maxFileSize = $this->settings->get('flagrow.image-upload.maxFileSize', 2048); $this->validator->assertValid(['image' => $file]); // resize if enabled if ($this->settings->get('flagrow.image-upload.mustResize')) { $manager = new ImageManager(); $manager->make($tmpFile)->fit($this->settings->get('flagrow.image-upload.resizeMaxWidth', 100), $this->settings->get('flagrow.image-upload.resizeMaxHeight', 100))->save(); } $image = (new Image())->forceFill(['user_id' => $command->actor->id, 'upload_method' => $this->settings->get('flagrow.image-upload.uploadMethod', 'local'), 'created_at' => Carbon::now(), 'file_name' => sprintf('%d-%s.%s', $command->actor->id, Str::quickRandom(), $file->guessExtension() ?: 'jpg'), 'file_size' => $file->getSize()]); // fire the Event ImageWillBeSaved, which can be extended and/or modified elsewhere $this->events->fire(new ImageWillBeSaved($command->actor, $image, $file)); $tmpFilesystem = new Filesystem(new Local(pathinfo($tmpFile, PATHINFO_DIRNAME))); $meta = $this->upload->uploadContents($image->file_name, $tmpFilesystem->readAndDelete(pathinfo($tmpFile, PATHINFO_BASENAME))); if ($meta) { $image->file_url = array_get($meta, 'url'); if ($image->isDirty()) { $image->save(); } return $image; } return false; }
/** * @param RequestPasswordReset $command * @return \Flarum\Core\User * @throws ModelNotFoundException */ public function handle(RequestPasswordReset $command) { $user = $this->users->findByEmail($command->email); if (!$user) { throw new ModelNotFoundException(); } $token = PasswordToken::generate($user->id); $token->save(); $data = ['{username}' => $user->username, '{url}' => $this->url->toRoute('resetPassword', ['token' => $token->id]), '{forum}' => $this->settings->get('forum_title')]; $body = $this->translator->trans('core.email.reset_password.body', $data); $this->mailer->raw($body, function (Message $message) use($user, $data) { $message->to($user->email); $message->subject('[' . $data['{forum}'] . '] ' . $this->translator->trans('core.email.reset_password.subject')); }); return $user; }
/** * @param PrepareApiAttributes $event */ public function prepareApiAttributes(PrepareApiAttributes $event) { if ($event->isSerializer(ForumSerializer::class)) { $event->attributes['canViewFlags'] = $event->actor->hasPermissionLike('discussion.viewFlags'); if ($event->attributes['canViewFlags']) { $event->attributes['flagsCount'] = (int) $this->getFlagsCount($event->actor); } $event->attributes['guidelinesUrl'] = $this->settings->get('flarum-flags.guidelines_url'); } if ($event->isSerializer(CurrentUserSerializer::class)) { $event->attributes['newFlagsCount'] = (int) $this->getNewFlagsCount($event->model); } if ($event->isSerializer(PostSerializer::class)) { $event->attributes['canFlag'] = $event->actor->can('flag', $event->model); } }
/** * @param $count * @throws ValidationException */ protected function validateSecondaryTagCount($count) { $min = $this->settings->get('flarum-tags.min_secondary_tags'); $max = $this->settings->get('flarum-tags.max_secondary_tags'); if ($count < $min || $count > $max) { throw new ValidationException(['tags' => sprintf('Discussion must have between %d and %d secondary tags.', $min, $max)]); } }
/** * {@inheritdoc} */ protected function getDefaultAttributes($model) { $gate = $this->gate->forUser($this->actor); $attributes = ['title' => $this->settings->get('forum_title'), 'description' => $this->settings->get('forum_description'), 'baseUrl' => $url = $this->app->url(), 'basePath' => parse_url($url, PHP_URL_PATH) ?: '', 'debug' => $this->app->inDebugMode(), 'apiUrl' => $this->app->url('api'), 'welcomeTitle' => $this->settings->get('welcome_title'), 'welcomeMessage' => $this->settings->get('welcome_message'), 'themePrimaryColor' => $this->settings->get('theme_primary_color'), 'allowSignUp' => (bool) $this->settings->get('allow_sign_up'), 'defaultRoute' => $this->settings->get('default_route'), 'canViewDiscussions' => $gate->allows('viewDiscussions'), 'canStartDiscussion' => $gate->allows('startDiscussion')]; if ($gate->allows('administrate')) { $attributes['adminUrl'] = $this->app->url('admin'); $attributes['version'] = $this->app->version(); } return $attributes; }
public function subscribe(Dispatcher $event) { if (static::$called) { return; } // only actively do something in case the default cache driver has been changed if ($this->settings->get('hyn.cache.driver', 'file') != 'file') { /** @var \Illuminate\Contracts\Config\Repository $config */ $config = $this->application->make('config'); $cacheConfig = ['driver' => $this->settings->get('hyn.cache.driver')]; switch ($this->settings->get('hyn.cache.driver')) { case 'database': $merge = ['table' => $this->settings->get('hyn.cache.table', 'cache'), 'connection' => $this->settings->get('hyn.cache.connection')]; break; case 'redis': $merge = ['connection' => $this->settings->get('hyn.cache.connection')]; break; case 'memcached': // @todo.. break; default: $merge = []; } // merges driver specific settings into the config $cacheConfig = array_merge($cacheConfig, $merge); // sets the cache store $config->set('cache.stores.hyn-cache', $cacheConfig); $config->set('cache.driver', 'hyn-cache'); } }
/** * This method checks, if the user is still allowed to edit the tags * based on the configuration item. * * @param User $actor * @param Discussion $discussion * @return bool */ public function tag(User $actor, Discussion $discussion) { if ($discussion->start_user_id == $actor->id) { $allowEditTags = $this->settings->get('allow_tag_change'); if ($allowEditTags === '-1' || $allowEditTags === 'reply' && $discussion->participants_count <= 1 || $discussion->start_time->diffInMinutes(new Carbon()) < $allowEditTags) { return true; } } }
/** * {@inheritdoc} */ public function handle(ServerRequestInterface $request) { $id = array_get($request->getQueryParams(), 'id'); $actor = $request->getAttribute('actor'); $this->assertRegistered($actor); if ($actor->id != $id || $actor->is_activated) { throw new PermissionDeniedException(); } $token = EmailToken::generate($actor->email, $actor->id); $token->save(); $data = ['{username}' => $actor->username, '{url}' => $this->url->toRoute('confirmEmail', ['token' => $token->id]), '{forum}' => $this->settings->get('forum_title')]; $body = $this->translator->trans('core.email.activate_account.body', $data); $this->mailer->raw($body, function (Message $message) use($actor, $data) { $message->to($actor->email); $message->subject('[' . $data['{forum}'] . '] ' . $this->translator->trans('core.email.activate_account.subject')); }); return new EmptyResponse(); }
/** * @param SettingsRepositoryInterface $settings * @param boolean $throw * @throws SingleSOException * @return array */ public static function settingsAuth(SettingsRepositoryInterface $settings, $throw) { // Add all auth settings to array. $data = []; foreach (static::$settingsAuthKeys as $key => $required) { $val = $settings->get('singleso-singleso-flarum.' . $key); // Throw exception if any required settings are missing. if ($required && !$val) { // Throw on missing values or just return null. if ($throw) { throw new SingleSOException(['Not fully configured.']); } return null; } $data[$key] = $val; } return $data; }
/** * @param Request $request * @param array $routeParams * @return \Psr\Http\Message\ResponseInterface|RedirectResponse */ public function handle(Request $request, array $routeParams = []) { session_start(); $provider = new Facebook(['clientId' => $this->settings->get('flarum-auth-facebook.app_id'), 'clientSecret' => $this->settings->get('flarum-auth-facebook.app_secret'), 'redirectUri' => $this->url->toRoute('auth.facebook'), 'graphApiVersion' => 'v2.4']); if (!isset($_GET['code'])) { $authUrl = $provider->getAuthorizationUrl(['scope' => ['email']]); $_SESSION['oauth2state'] = $provider->getState(); return new RedirectResponse($authUrl); } elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) { unset($_SESSION['oauth2state']); echo 'Invalid state.'; exit; } $token = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]); $owner = $provider->getResourceOwner($token); $email = $owner->getEmail(); $username = preg_replace('/[^a-z0-9-_]/i', '', $owner->getName()); return $this->authenticate(compact('email'), compact('username')); }
/** * @param string $type * @param int $count * @throws ValidationException */ protected function validateTagCount($type, $count) { $min = $this->settings->get('flarum-tags.min_' . $type . '_tags'); $max = $this->settings->get('flarum-tags.max_' . $type . '_tags'); $key = 'tag_count_' . $type; $validator = $this->validator->make([$key => $count], [$key => ['numeric', $min === $max ? "size:{$min}" : "between:{$min},{$max}"]]); if ($validator->fails()) { throw new ValidationException([], ['tags' => $validator->getMessageBag()->first($key)]); } }
/** * @param Request $request * @param array $routeParams * @return \Psr\Http\Message\ResponseInterface|RedirectResponse */ public function handle(Request $request, array $routeParams = []) { session_start(); $server = new Twitter(array('identifier' => $this->settings->get('flarum-auth-twitter.api_key'), 'secret' => $this->settings->get('flarum-auth-twitter.api_secret'), 'callback_uri' => $this->url->toRoute('auth.twitter'))); if (!isset($_GET['oauth_token']) || !isset($_GET['oauth_verifier'])) { $temporaryCredentials = $server->getTemporaryCredentials(); $_SESSION['temporary_credentials'] = serialize($temporaryCredentials); session_write_close(); // Second part of OAuth 1.0 authentication is to redirect the // resource owner to the login screen on the server. $server->authorize($temporaryCredentials); exit; } // Retrieve the temporary credentials we saved before $temporaryCredentials = unserialize($_SESSION['temporary_credentials']); // We will now retrieve token credentials from the server $tokenCredentials = $server->getTokenCredentials($temporaryCredentials, $_GET['oauth_token'], $_GET['oauth_verifier']); $user = $server->getUserDetails($tokenCredentials); return $this->authenticate(['twitter_id' => $user->uid], ['username' => $user->nickname]); }
/** * @param Request $request * @param array $routeParams * @return \Psr\Http\Message\ResponseInterface|RedirectResponse */ public function handle(Request $request, array $routeParams = []) { session_start(); $provider = new Qq(['clientId' => $this->settings->get('lazyboywu-auth-qq.client_id'), 'clientSecret' => $this->settings->get('lazyboywu-auth-qq.client_secret'), 'redirectUri' => $this->url->toRoute('auth.qq')]); if (!isset($_GET['code'])) { $authUrl = $provider->getAuthorizationUrl(); $_SESSION['oauth2state'] = $provider->getState(); return new RedirectResponse($authUrl); } elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) { unset($_SESSION['oauth2state']); echo 'Invalid state.'; exit; } $token = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]); $owner = $provider->getResourceOwner($token); $qqopenid = $owner->getOpenId(); $username = preg_replace('/[^a-z0-9-_]/i', '', $owner->getNickname()); $avatar_path = $owner->getFigureUrl(); return $this->authenticate(compact('qqopenid'), compact('username')); }
/** * @param Request $request * @param array $routeParams * @return \Psr\Http\Message\ResponseInterface|RedirectResponse */ public function handle(Request $request, array $routeParams = []) { session_start(); $provider = new QQ(['clientId' => $this->settings->get('azonwan-auth-qq.client_id'), 'clientSecret' => $this->settings->get('azonwan-auth-qq.client_secret'), 'redirectUri' => $this->url->toRoute('auth.qq')]); if (!isset($_GET['code'])) { $authUrl = $provider->getAuthorizationUrl(['grant_type' => ['authorization_code']]); $_SESSION['oauth2state'] = $provider->getState(); return new RedirectResponse($authUrl); } elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) { unset($_SESSION['oauth2state']); echo 'Invalid state.'; exit; } $token = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]); $openid = $provider->getAccessOpenId('authorization_code', ['access_token' => $token->getToken(), 'code' => $_GET['code']]); $options = ['openid' => $openid, 'access_token' => $token->getToken(), 'oauth_consumer_key' => $this->settings->get('azonwan-auth-qq.client_id')]; $owner = $provider->getResourceOwner($token, $options); $username = preg_replace('/[^a-z0-9-_]/i', '', $owner->getName()) . "_qq"; return $this->authenticate(compact('username')); }
/** * @param Request $request * @param array $routeParams * @return \Psr\Http\Message\ResponseInterface|RedirectResponse */ public function handle(Request $request, array $routeParams = []) { session_start(); $server = new Magento(array('host' => $this->settings->get('vovayatsyuk-auth-magento.store_url'), 'identifier' => $this->settings->get('vovayatsyuk-auth-magento.api_key'), 'secret' => $this->settings->get('vovayatsyuk-auth-magento.api_secret'), 'callback_uri' => $this->url->toRoute('auth.magento'))); if (!isset($_GET['oauth_token']) || !isset($_GET['oauth_verifier'])) { $temporaryCredentials = $server->getTemporaryCredentials(); $_SESSION['temporary_credentials'] = serialize($temporaryCredentials); session_write_close(); // Second part of OAuth 1.0 authentication is to redirect the // resource owner to the login screen on the server. $server->authorize($temporaryCredentials); exit; } // Retrieve the temporary credentials we saved before $temporaryCredentials = unserialize($_SESSION['temporary_credentials']); // We will now retrieve token credentials from the server $tokenCredentials = $server->getTokenCredentials($temporaryCredentials, $_GET['oauth_token'], $_GET['oauth_verifier']); $user = $server->getUserDetails($tokenCredentials); $email = $user->email; $username = preg_replace('/[^a-z0-9-_]/i', '', $user->firstName . $user->lastName); return $this->authenticate(compact('email'), compact('username')); }
/** * @param Request $request * @return \Psr\Http\Message\ResponseInterface|RedirectResponse */ public function handle(Request $request) { $redirectUri = $request->getOriginalRequest()->getUri()->withQuery(''); $session = $request->getAttribute('session'); $queryParams = $request->getQueryParams(); $oidSig = array_get($queryParams, 'openid_sig'); if (!$oidSig) { return new RedirectResponse((string) (new Uri(SteamAuthController::LOGIN_URL))->withQuery(http_build_query(['openid.ns' => 'http://specs.openid.net/auth/2.0', 'openid.mode' => 'checkid_setup', 'openid.identity' => 'http://specs.openid.net/auth/2.0/identifier_select', 'openid.claimed_id' => 'http://specs.openid.net/auth/2.0/identifier_select', 'openid.return_to' => (string) $redirectUri, 'openid.realm' => (string) $redirectUri->withPath('')]))); } $query = ['openid.ns' => 'http://specs.openid.net/auth/2.0', 'openid.sig' => array_get($queryParams, 'openid_sig')]; foreach (explode(',', array_get($queryParams, 'openid_signed')) as $param) { $query['openid.' . $param] = array_get($queryParams, 'openid_' . $param); } // do not let overwrite this one via openid_signed $query['openid.mode'] = 'check_authentication'; $client = new Client(); try { $res = $client->request('POST', SteamAuthController::LOGIN_URL, ['form_params' => $query]); } catch (Exception $e) { return new Response("Can't Verify OpenID", 500); } if ($res->getStatusCode() === 200 and preg_match("/^is_valid:true+\$/im", (string) $res->getBody()) === 1) { if ($steam_id = array_get($queryParams, 'openid_claimed_id') and $steam_id = basename($steam_id) and is_numeric($steam_id)) { try { $res = $client->request('GET', SteamAuthController::API_URL, ['query' => ['key' => $this->settings->get('sijad-auth-steam.api_key'), 'steamids' => $steam_id]]); } catch (Exception $e) { return new Response("Can't Get User Info", 500); } if ($info = json_decode((string) $res->getBody(), true)) { $identification = ['steam_id' => $steam_id]; $suggestions = ['username' => $info['response']['players'][0]['personaname'], 'avatarUrl' => $info['response']['players'][0]['avatarfull']]; return $this->authResponse->make($request, $identification, $suggestions); } } } return new Response("Can't Get User Info", 500); }