/**
* get url redirect to a specified opi
*/
public static function get($opi = false, $redirect_url = false)
{
if (!$opi) {
$opi = OAuthConfig::getOpi();
}
if (!$opi) {
throw new Exception("You must pass OPI as param, or define it in <data> part of oauthconf.xml");
}
$params = array("id" => urlencode(UserApi::getUserLoggedOid()), "sc" => urlencode(OAuthConfig::getBrand()), "carry_url" => urlencode($redirect_url));
$info = UserApi::getUserLogged();
$opi_age = false;
$opi_gender = false;
try {
$birthday = isset($info->user->user_data->birthday) ? $info->user->user_data->birthday->value : null;
if ($birthday != null) {
$birthday = explode("/", $birthday);
$age = date("md", date("U", mktime(0, 0, 0, $birthday[2], $birthday[1], $birthday[0]))) > date("md") ? date("Y") - $birthday[2] - 1 : date("Y") - $birthday[2];
if (18 <= $age && $age <= 24) {
$opi_age = 1;
} else {
if (25 <= $age && $age <= 34) {
$opi_age = 2;
}
}
if (35 <= $age && $age <= 44) {
$opi_age = 3;
}
if (45 <= $age && $age <= 64) {
$opi_age = 4;
}
}
} catch (Exception $e) {
}
try {
$gender = isset($info->user->user_data->gender) ? $info->user->user_data->gender->vid : null;
if ($gender == 1) {
$opi_gender = 2;
} else {
if ($gender == 2) {
$opi_gender = 1;
}
}
} catch (Exception $e) {
}
if ($opi_age) {
$params["carry_edad"] = $opi_age;
}
if ($opi_gender) {
$params["carry_sexo"] = $opi_gender;
}
$query = array();
foreach ($params as $param => $value) {
$query[] = "{$param}={$value}";
}
return OAuthConfig::getApiUrl('opi', 'base_url') . OAuthConfig::getApiUrl('opi', 'rules') . "/" . $opi . "?" . implode('&', $query);
}
/**
* Checks if the user needs to accept terms and conditions for that section.
*
* The "scope" (section) is a group of fields configured in DruID for
* a web client.
*
* A section can be also defined as a "part" (section) of the website
* (web client) that only can be accessed by a user who have filled a
* set of personal information configured in DruID.
*
* @param $scope string Section-key identifier of the web client. The
* section-key is located in "oauthconf.xml" file.
* @throws \Exception
* @return boolean TRUE if the user need to accept terms and conditions, FALSE if it has
* already accepted them.
*/
public static function checkUserNeedAcceptTerms($scope)
{
$status = false;
try {
self::$logger->info('Checking if the user has accepted terms and conditions for this section:' . $scope);
if (self::isConnected()) {
$status = OAuth::doCheckUserNeedAcceptTerms(OAuthConfig::getApiUrl('api.user', 'base_url') . OauthConfig::getApiUrl('api.user', 'user'), $scope);
}
} catch (Exception $e) {
self::$logger->error($e->getMessage());
}
return $status;
}
/**
* Returns the user data stored trough the Genetsis ID personal identifier.
* The identifiers could be: id (ckusid), screenName, email, dni
* Sample: array('id'=>'XXXX','screenName'=>'xxxx');
*
* @param array The Genetsis IDs identifier to search, 'identifier' => 'value'
* @return array A vector of {@link User} objects with user's
* personal data. The array could be empty.
* @throws /Exception
*/
public static function getUsers($identifiers)
{
$druid_user = array();
if (is_array($identifiers)) {
try {
if (!($druid_user_data = FileCache::get('user-' . reset($identifiers)))) {
Identity::getLogger()->debug('Identifier: ' . reset($identifiers) . ' is Not in Cache System');
$client_token = Identity::getThings()->getClientToken();
if (is_null($client_token)) {
throw new Exception('The clientToken is empty');
}
/**
* Parameters:
* oauth_token: client token
* s (select): dynamic user data to be returned
* f (from): User
* w (where): param with OR w.param1&w.param2...
*/
$params = array();
$params['oauth_token'] = $client_token->getValue();
$params['s'] = "*";
$params['f'] = "User";
foreach ($identifiers as $key => $val) {
$params['w.' . $key] = $val;
}
$base = OAuthConfig::getApiUrl('api.user', 'base_url');
$api = OAuthConfig::getApiUrl('api.user', 'user');
$response = Request::execute($base . $api, $params, Request::HTTP_POST);
if ($response['code'] != 200 || !isset($response['result']->data) || $response['result']->count == '0') {
throw new Exception('The data retrieved is empty');
}
$druid_user = $response['result']->data;
FileCache::set('user-' . reset($identifiers), $druid_user, self::USER_TTL);
} else {
Identity::getLogger()->debug('Identifier: ' . reset($identifiers) . ' is in Cache System');
$druid_user = json_decode(json_encode($druid_user_data));
}
} catch (Exception $e) {
Identity::getLogger()->error($e->getMessage());
}
}
return $druid_user;
}
/**
* @param string $url Endpoint where the request is sent. Without params.
* @param array $parameters mixed Associative vector with request params. Use key as param name, and value as value. The values shouldn't be prepared.
* @param string $http_method string HTTP method. One of them:
* - {@link self::HTTP_GET}
* - {@link self::HTTP_POST}
* - {@link self::HTTP_METHOD_HEAD}
* - {@link self::HTTP_METHOD_PUT}
* - {@link self::HTTP_METHOD_DELETE}
* @param bool $credentials If true, client_id and client_secret are included in params
* @param array $http_headers A vector of strings with HTTP headers or FALSE if no additional headers to sent.
* @param array $cookies A vector of strings with cookie data or FALSE if no cookies to sent. One line per cookie ("key=value"), without trailing semicolon.
* @return array An associative array with that items:
* - result: An string or array on success, or FALSE if there is no result.
* - code: HTTP code.
* - content-type: Content-type related to result
* @throws \Exception If there is an error.
*/
public static function execute($url, $parameters = array(), $http_method = self::HTTP_GET, $credentials = self::NOT_SECURED, $http_headers = array(), $cookies = array())
{
if (!extension_loaded('curl')) {
throw new Exception('The PHP extension curl must be installed to use this library.');
}
if (($url = trim($url)) == '') {
return array('result' => false, 'code' => 0, 'content_type' => '');
}
$is_ssl = preg_match('#^https#Usi', $url) ? true : false;
$curl_options = array(CURLOPT_RETURNTRANSFER => true, CURLOPT_CUSTOMREQUEST => $http_method, CURLOPT_USERAGENT => $_SERVER['HTTP_USER_AGENT']);
if ($is_ssl) {
$curl_options[CURLOPT_SSL_VERIFYPEER] = false;
$curl_options[CURLOPT_SSL_VERIFYHOST] = 0;
} else {
$curl_options[CURLOPT_SSL_VERIFYPEER] = true;
}
if ($credentials) {
$parameters['client_id'] = OAuthConfig::getClientId();
$parameters['client_secret'] = OAuthConfig::getClientSecret();
}
switch ($http_method) {
case self::HTTP_POST:
$curl_options[CURLOPT_POST] = true;
// Check if parameters must to be in json format
if (isset($http_headers['Content-Type']) && $http_headers['Content-Type'] == 'application/json' && !empty($parameters) && is_array($parameters)) {
//echo (json_encode($parameters));
$curl_options[CURLOPT_POSTFIELDS] = json_encode($parameters);
} else {
$curl_options[CURLOPT_POSTFIELDS] = http_build_query($parameters);
}
break;
case self::HTTP_PUT:
$curl_options[CURLOPT_POSTFIELDS] = http_build_query($parameters);
break;
case self::HTTP_HEAD:
$curl_options[CURLOPT_NOBODY] = true;
/* No break */
/* No break */
case self::HTTP_DELETE:
// Check if parameters are in json
if (isset($http_headers['Content-Type']) && $http_headers['Content-Type'] == 'application/json' && !empty($parameters) && is_array($parameters)) {
$curl_options[CURLOPT_POSTFIELDS] = json_encode($parameters);
} else {
$url .= '?' . http_build_query($parameters, null, '&');
}
break;
case self::HTTP_GET:
if (!empty($parameters)) {
$url .= '?' . http_build_query($parameters, null, '&');
}
break;
default:
break;
}
$curl_options[CURLOPT_URL] = $url;
// Cookies.
if (is_array($cookies) && !empty($cookies)) {
// Removes trailing semicolons, if exists.
foreach ($cookies as $key => $value) {
$cookies[$key] = rtrim($value, ';');
}
$curl_options[CURLOPT_COOKIE] = implode('; ', $cookies);
}
// Prepare headers.
if (is_array($http_headers) && !empty($http_headers)) {
$header = array();
foreach ($http_headers as $key => $parsed_urlvalue) {
$header[] = "{$key}: {$parsed_urlvalue}";
}
$curl_options[CURLOPT_HTTPHEADER] = $header;
}
// Send request.
$ch = curl_init();
curl_setopt_array($ch, $curl_options);
$result = curl_exec($ch);
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$content_type = curl_getinfo($ch, CURLINFO_CONTENT_TYPE);
$total_time = curl_getinfo($ch, CURLINFO_TOTAL_TIME);
curl_close($ch);
Identity::getLogger()->debug('### BEGIN REQUEST ###');
Identity::getLogger()->debug(sprintf('URL -> [%s][%s] %s', $http_method, $is_ssl ? 'ssl' : 'no ssl', var_export($url, true)));
Identity::getLogger()->debug('Params -> ' . var_export($parameters, true));
Identity::getLogger()->debug('Headers -> ' . var_export($http_headers, true));
Identity::getLogger()->debug(sprintf("Response -> [%s][%s]\n%s", $content_type, $http_code, var_export($result, true)));
Identity::getLogger()->debug('Total Time -> ' . var_export($total_time, true));
Identity::getLogger()->debug('### END REQUEST ###');
return array('result' => $content_type === 'application/json' ? null === json_decode($result) ? $result : json_decode($result) : $result, 'code' => $http_code, 'content_type' => $content_type);
}
/**
* Builds the URL to login process.
*
* @param string $endpoint_url The endpoint. Normally the 'authorization_endpoint' of
* OAuth server.
* @param string $redirect_url Where the user will be redirected, even on success or
* not.
* @param string $scope Section-key identifier of the web client. The
* section-key is located in "oauthconf.xml" file.
* @param string $social Social - to force login with social network. Optional. Values 'facebook', 'twitter'
* @return string The URL generated.
* @throws \Exception If there is an error.
*/
private static function buildLoginUrl($endpoint_url, $redirect_url, $scope = null, $social = null)
{
try {
if (self::checkParam($endpoint_url)) {
throw new Exception('Endpoint URL is empty');
}
if (self::checkParam($redirect_url)) {
throw new Exception('Redirect URL is empty');
}
$endpoint_url = rtrim($endpoint_url, '?');
$params = array();
$params['client_id'] = OAuthConfig::getClientid();
$params['redirect_uri'] = $redirect_url;
$params['response_type'] = 'code';
if (!is_null($scope)) {
$params['scope'] = $scope;
}
if ($social != null) {
$params['ck_auth_provider'] = $social;
}
return $endpoint_url . '?' . http_build_query($params, null, '&');
} catch (Exception $e) {
Identity::getLogger()->debug('Error [' . __FUNCTION__ . '] - ' . $e->getMessage());
}
}
/**
* Returns a specific stored token.
* SESSION has more priority than COOKIE.
*
* @param string $name The token we want to recover. Are defined in {@link iTokenTypes}
* @return bool|AccessToken|ClientToken|RefreshToken|mixed|string An instance of {@link StoredToken} or FALSE if we
* can't recover it.
* @throws \Exception
*/
public static function getStoredToken($name)
{
if (($name = trim((string) $name)) == '') {
throw new Exception('Token type not exist');
}
$encryption = new Encryption(OAuthConfig::getClientId());
if (isset($_COOKIE[$name])) {
return StoredToken::factory($name, $encryption->decode($_COOKIE[$name]), 0, 0, '/');
} else {
return null;
}
}
