public function init() { $this->req->components->Account->onAuth(function ($result) { if (!$this->req->account['logged']) { $this->req->redirectToLogin(); return; } $job = $this->req->job = new ComplexJob(function ($job) { $this->tplvars = $job->results; $this->runTemplate(); }); $job('currentTokenId', function ($jobname, $job) { $this->req->appInstance->externalAuthTokens->findByIntToken(Request::getString($_REQUEST['i']), function ($token) use($job, $jobname) { if (!$token) { $job->setResult($jobname, null); return; } if (isset($token['uid']) && $token['uid'] != $this->req->account['_id']) { $job->setResult($jobname, null); return; } if (!isset($token['uid'])) { $token['uid'] = $this->req->account['_id']; $this->req->appInstance->externalAuthTokens->save(['extTokenHash' => $token['extTokenHash'], 'uid' => $token['uid']]); } $job->setResult($jobname, (string) $token['_id']); }); }); $job(); }); }
public function redirect() { if (!$this->checkReferer('api.twitter.com')) { $this->req->status(400); $this->req->setResult([]); return; } $url = 'https://api.twitter.com/oauth/access_token'; $this->appInstance->httpclient->post($url, ['oauth_verifier' => Request::getString($_GET['oauth_verifier'])], ['headers' => ['Authorization: ' . $this->getAuthorizationHeader($url, ['oauth_token' => Request::getString($_GET['oauth_token'])])], 'resultcb' => function ($conn, $success) { if (!$success) { $this->req->status(403); $this->req->setResult(['error' => 'request declined']); return; } parse_str($conn->body, $response); $user_id = Request::getString($response['user_id']); if ($user_id === '') { $this->req->status(400); $this->req->setResult(['error' => 'no user_id']); return; } $data = []; if (isset($response['screen_name'])) { $data['name'] = Request::getString($response['screen_name']); } $this->req->components->account->acceptUserAuthentication('twitter', $user_id, $data, function () { $this->finalRedirect(); }); }]); }
public function getCallbackURL() { $params = ['agent' => ClassFinder::getClassBasename($this)]; if (isset($_GET['external_token'])) { $params['external_token'] = Request::getString($_GET['external_token']); } if (isset($this->backUrl)) { $params['backurl'] = $this->backUrl; } return $this->req->getBaseUrl() . '/component/Account/ExternalAuthRedirect/json?' . http_build_query($params); }
public function redirect() { if (!$this->checkReferer($this->appInstance->config->domain->value)) { $this->req->setResult(['error' => 'Wrong referer']); return; } $code = Request::getString($_GET['code']); if ($code === '') { Daemon::log('Authentication failed'); $this->req->status(401); $this->req->setResult(['error' => 'Authenticaion failed']); return; } $this->appInstance->httpclient->get(['https://graph.facebook.com/oauth/access_token', 'client_id' => $this->cmp->config->facebook_app_key->value, 'redirect_uri' => $this->req->getBaseUrl() . $_SERVER['REQUEST_URI'], 'client_secret' => $this->cmp->config->facebook_app_secret->value, 'code' => $code], function ($conn, $success) { if (!$success) { $this->req->status(400); $this->req->setResult(['error' => 'request declined']); return; } parse_str($conn->body, $response); if (!isset($response['access_token'])) { $json_response = json_decode($conn->body, true); $err_message = 'no access_token'; if (isset($json_response['error']['message'])) { $err_message = $json_response['error']['message']; } $this->req->status(403); $this->req->setResult(['error' => $err_message]); return; } $this->appInstance->httpclient->get(['https://graph.facebook.com/me', 'fields' => 'id,name,email', 'format' => 'json', 'access_token' => $response['access_token']], function ($conn, $success) { $response = json_decode($conn->body, true); $id = Request::getString($response['id']); if (!$success || !is_array($response) || empty($id)) { $this->req->redirectTo('/'); return; } $data = []; if (isset($response['name'])) { $data['username'] = Request::getString($response['name']); } if (isset($response['email'])) { $data['email'] = Request::getString($response['email']); } if (isset($_REQUEST['external_token'])) { $data['external_token'] = Request::getString($_REQUEST['external_token']); } $this->req->components->account->acceptUserAuthentication('facebook', $id, $data, function () { $this->finalRedirect(); }); }); }); }
public function perform() { $this->appInstance->captcha->get(Request::getString($_REQUEST['token']), function ($token) { if (!isset($token['img'])) { // @TODO: show mock } else { $this->req->header('Content-Type: image/png'); echo $token['img']->bin; } $this->req->finish(); }); }
/** * */ public function runTemplate() { $this->req->onWakeup(); if (isset($this->template)) { $this->executeTemplate(); $this->getNestedBlocks(); } $req = $this->req; if ($this->readyBlocks >= $this->numBlocks) { $this->execute(); } $req->onSleep(); }
public function perform() { if ($_SERVER['REQUEST_METHOD'] !== 'POST') { $this->req->setResult(['success' => false, 'err' => 'POST_METHOD_REQUIRED']); return; } $this->cmp->onAuth(function ($result) { if (!$this->req->account['logged']) { $this->req->setResult(['success' => false, 'goLoginPage' => true]); return; } try { if (isset($_REQUEST['idText'])) { $this->appInstance->sms->getMessage()->setPhone(Request::getString($_REQUEST['phone']))->setIdText(Request::getString($_REQUEST['idText']))->attr('accountId', $this->req->account['_id'])->checkCode(Request::getString($_REQUEST['code']), function ($msg, $success, $tries = null) { if (!$success) { $this->req->setResult(['success' => false, 'tries' => $tries]); return; } $this->req->account->setPhone($msg['phone'])->pushToRecoverySequence('phone', $this->req->account['phone'], function ($account, $success) { if (!$success) { $this->req->setResult(['success' => false]); return; } $account->save(function () { $this->req->setResult(['success' => true]); }); }); }); return; } $this->appInstance->sms->newMessage()->setPhone(Request::getString($_REQUEST['phone']))->genId(function ($msg) { $msg->setMTAN('#%s Account binding request code: %s. Please ignore this message if unexpected.')->attr('accountId', $this->req->account['_id'])->antiflood(function ($msg, $flood) { if ($flood) { $this->req->setResult(['success' => false, 'errcode' => 'TOO_FAST', 'error' => 'Too fast']); return; } $msg->send(function ($msg, $success) { $this->req->setResult($success ? ['success' => true, 'idText' => $msg['idText']] : ['success' => false, 'errcode' => 'SMSGATE_ERR', 'error' => 'SMS gateway error']); }); }); }); } catch (\Exception $e) { $this->req->setResult(['success' => false, 'error' => $e->getMessage()]); } }); }
public function redirect() { if (!$this->checkReferer($this->appInstance->config->domain->value)) { $this->req->setResult(['error' => 'Wrong referer']); return; } $code = Request::getString($_GET['code']); if ($code === '') { Daemon::log('Authentication failed'); $this->req->status(401); $this->req->setResult(['error' => 'Authenticaion failed']); return; } $this->appInstance->httpclient->get($get = ['https://api.vk.com/oauth/access_token', 'client_id' => $this->cmp->config->vk_app_key->value, 'redirect_uri' => HTTPClient::buildUrl([$this->req->getBaseUrl() . '/component/Account/ExternalAuthRedirect/json', 'agent' => 'VK', 'backurl' => $this->getBackurl(true)]), 'client_secret' => $this->cmp->config->vk_app_secret->value, 'code' => $code], function ($conn, $success) use(&$get) { if (!$success) { $this->req->status(400); $this->req->setResult(['error' => 'request declined']); return; } Daemon::log(Debug::dump($get)); Daemon::log(Debug::dump($conn->body)); $response = json_decode(rtrim($conn->body), true); $user_id = isset($response['user_id']) ? (int) $response['user_id'] : 0; $access_token = Request::getString($response['access_token']); if ($user_id === 0 || $access_token === '') { $this->req->status(403); $this->req->setResult(['error' => 'no access token or user id']); return; } $this->appInstance->httpclient->get(['https://api.vk.com/method/users.get', 'uids' => $user_id, 'fields' => 'screen_name', 'access_token' => $access_token], function ($conn, $success) use($user_id) { $response = json_decode($conn->body, true); if (!$success || !is_array($response) || empty($user_id)) { $this->req->redirectTo($this->req->getBaseUrl(), false); $this->req->setResult(['error' => 'Unrecognized response']); return; } $data = []; if (isset($response['screen_name'])) { $data['username'] = Request::getString($response['screen_name']); } $this->req->components->account->acceptUserAuthentication('VK', $user_id, $data, [$this, 'finalRedirect']); }); }); }
public static function checkJob($req, $invalidate = true) { $token = Request::getString($req->attrs->request['captcha_token']); $text = Request::getString($req->attrs->request['captcha_text']); return function ($jobname, $job) use($token, $text, $req, $invalidate) { Daemon::log(Debug::dump([$token, $text, $invalidate])); if ($token === '') { $job->setResult($jobname, ['captcha' => 'need']); return; } $req->appInstance->captcha->check($token, $text, $invalidate, function ($result) use($jobname, $job) { $errors = []; if ($result !== 'ok') { $errors['captcha'] = $result; } $job->setResult($jobname, $errors); }); }; }
/** * URI parser. * @return void. */ public function dispatch() { $this->dispatched = true; $e = explode('/', substr($_SERVER['DOCUMENT_URI'], 1), 2); if ($e[0] === 'component' && isset($e[1])) { $this->locale = Request::getString($this->attrs->request['LC']); if (!in_array($this->locale, $this->appInstance->locales, true)) { $this->locale = $this->appInstance->config->defaultlocale->value; } $e = explode('/', substr($_SERVER['DOCUMENT_URI'], 1), 5); ++$this->jobTotal; $this->cmpName = $e[1]; $this->controller = isset($e[2]) ? $e[2] : ''; $this->dataType = isset($e[3]) ? $e[3] : 'json'; $this->extra = isset($e[4]) ? $e[4] : null; if ($cmp = $this->components->{$this->cmpName}) { $method = $this->controller . 'Controller'; if (!$cmp->checkReferer()) { $this->setResult(array('errmsg' => 'Unacceptable referer.')); return; } if (method_exists($cmp, $method)) { $cmp->{$method}(); } else { $cmp->defaultControllerHandler($this->controller); } } else { $this->setResult(array('errmsg' => 'Unknown component.')); } return; } if (strlen($e[0]) > 2) { $this->locale = $this->appInstance->config->defaultlocale->value; // @TODO $this->path = $_SERVER['DOCUMENT_URI']; } else { $this->locale = $e[0]; $this->path = '/' . (isset($e[1]) ? $e[1] : ''); if (!in_array($this->locale, $this->appInstance->locales, true)) { $this->locale = $this->appInstance->config->defaultlocale->value; if ($this->path !== '/') { try { $this->redirectTo('/' . $this->locale . $this->path); } catch (RequestHeadersAlreadySent $e) { } return; } } } $this->pjax = isset($_SERVER['HTTP_X_PJAX']) || isset($_REQUEST['_pjax']); $this->path = preg_replace_callback('~/([a-z\\d]{24})(?=/|$)~', function ($m) { $type = ''; $value = null; if (isset($m[1]) && $m[1] !== '') { $type = 'id'; $value = $m[1]; } $this->pathArgType[] = $type; $this->pathArg[] = $value; return '/%' . $type; }, $this->path); ++$this->jobTotal; $this->appInstance->blocks->getBlock(array('theme' => $this->theme, 'path' => $this->path), array($this, 'loadPage')); }
/** * @return bool */ public function checkReferer() { return $this->req->checkDomainMatch(); }