-
Notifications
You must be signed in to change notification settings - Fork 24
/
oauth_callback.php
129 lines (106 loc) · 3.73 KB
/
oauth_callback.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
<?php
/**
* OAuth callback script used by all modules that subclass OAuthModule
*/
require_once(__DIR__.'/global.php');
require_once(__DIR__.'/classes/User.php');
$current_user = User::get();
$oauth_user_id = null;
try
{
if (!array_key_exists('module', $_GET)) {
throw new StartupAPIException('module not specified');
}
if (!array_key_exists('oauth_token', $_GET) || !array_key_exists('oauth_verifier', $_GET)) {
throw new StartupAPIException('oauth_token & oauth_varifier required');
}
$module = AuthenticationModule::get($_GET['module']);
$storage = new MrClay_CookieStorage(array(
'secret' => UserConfig::$SESSION_SECRET,
'mode' => MrClay_CookieStorage::MODE_ENCRYPT,
'path' => UserConfig::$SITEROOTURL,
'httponly' => true
));
$oauth_user_id = $storage->fetch(UserConfig::$oauth_user_id_key);
$storage->delete(UserConfig::$oauth_user_id_key);
if (is_null($oauth_user_id)) {
throw new StartupAPIException("can't determine OAuth User ID");
}
try
{
$module->getAccessToken($oauth_user_id);
}
catch (OAuthException2 $e)
{
throw new StartupAPIException('problem getting access token: '.$e->getMessage());
}
try
{
$identity = $module->getIdentity($oauth_user_id);
}
catch (OAuthException2 $e)
{
throw new StartupAPIException('problem getting user identity: '.$e->getMessage());
}
if (is_null($identity)) {
throw new StartupAPIException('no identity returned');
}
#error_log(
# '$identity = '.var_export($identity, true).
# '$oauth_user_id = '.$oauth_user_id
#);
$user = $module->getUserByOAuthIdentity($identity, $oauth_user_id);
if (is_null($current_user)) {
// if user is not logged in yet, it means we're logging them in
if (is_null($user)) {
// This user doesn't exist yet, registering them
$new_user = User::createNewWithoutCredentials(
$module,
$identity['name'],
array_key_exists('email', $identity) ? $identity['email'] : null
);
$module->addUserOAuthIdentity($new_user, $identity, $oauth_user_id);
$new_user->setSession(true);
$module->recordRegistrationActivity($new_user);
} else {
$user->setSession(true);
$module->recordLoginActivity($user);
}
} else {
// otherwise, we're adding their credential to an existing user
if (!is_null($user)) {
throw new StartupAPIException('another user is already connected with this account');
}
$module->addUserOAuthIdentity($current_user, $identity, $oauth_user_id);
$module->recordAddActivity($current_user);
}
} catch (Exception $e) {
error_log($e->getMessage());
// we should delete temporary OAuth User ID
if (!is_null($oauth_user_id)) {
$module->deleteOAuthUser($oauth_user_id);
}
if (is_null($current_user)) {
header('Location: '.UserConfig::$USERSROOTURL.'/login.php?'.
(array_key_exists('module', $_GET) ? 'module='.$_GET['module'].'&' : '').
'error=failed');
} else {
header('Location: '.UserConfig::$USERSROOTURL.'/edit.php?'.
(array_key_exists('module', $_GET) ? 'module='.$_GET['module'].'&' : '').
'error=failed');
}
exit;
}
$return = User::getReturn();
User::clearReturn();
if (is_null($return) && !is_null($current_user)) {
$return = UserConfig::$USERSROOTURL.'/edit.php' . (array_key_exists('module', $_GET) ? '?module='.$_GET['module'] : '');
}
if (!is_null($return))
{
header('Location: '.$return);
}
else
{
header('Location: '.UserConfig::$DEFAULTLOGINRETURN);
}