From e787ec3887d513327aac2cef0e8bb5b376502fab Mon Sep 17 00:00:00 2001 From: Tom Homer Date: Fri, 23 Dec 2016 12:48:11 -0500 Subject: [PATCH] OAuth Twitter Email now Collected Feature #703 Also added license file and oauth config file for other oauth clients --- public_html/users.php | 13 +- public_html/usersettings.php | 10 +- system/classes/oauth/LICENSE | 37 ++ system/classes/oauth/oauth_configuration.json | 473 ++++++++++++++++++ system/classes/oauthhelper.class.php | 103 ++-- 5 files changed, 576 insertions(+), 60 deletions(-) create mode 100644 system/classes/oauth/LICENSE create mode 100644 system/classes/oauth/oauth_configuration.json diff --git a/public_html/users.php b/public_html/users.php index cd294d1c3..ee3008722 100644 --- a/public_html/users.php +++ b/public_html/users.php @@ -913,14 +913,17 @@ function resend_request() $consumer->setRedirectURL($callback_url); $oauth_userinfo = $consumer->authenticate_user(); - if ($oauth_userinfo === false) { + if ( $oauth_userinfo === false ) { COM_updateSpeedlimit('login'); COM_errorLog("OAuth Error: " . $consumer->error); - COM_redirect($_CONF['site_url'] . '/users.php?msg=110'); // OAuth authentication error + COM_redirect($_CONF['site_url'] . '/users.php?msg=111'); // OAuth authentication error } - - $consumer->doAction($oauth_userinfo); - } + + if ( $consumer->doAction($oauth_userinfo) == NULL ) { + COM_errorLog("Oauth: Error creating new user in OAuth authentication"); + COM_redirect($_CONF['site_url'] . '/users.php?msg=111'); // OAuth authentication error + } + } } else { $status = -2; // User just visited login page no error. -1 = error } diff --git a/public_html/usersettings.php b/public_html/usersettings.php index 6abb4fbea..f87a39798 100644 --- a/public_html/usersettings.php +++ b/public_html/usersettings.php @@ -1445,7 +1445,7 @@ function savepreferences($A) case 'synch': // This case is the result of a callback from an OAuth service. - // The user has made a request to resynch their glFusion user account with the remote OAuth service + // The user has made a request to resynch their Geeklog user account with the remote OAuth service if ($_CONF['user_login_method']['oauth'] && (strpos($_USER['remoteservice'], 'oauth.') === 0) && isset($_GET['oauth_login']) ) { @@ -1469,7 +1469,7 @@ function savepreferences($A) $consumer = new OAuthConsumer($service); - if ($service === 'oauth.facebook') { + if($service == 'oauth.facebook') { // facebook resynchronizations are simple to perform $oauth_userinfo = $consumer->refresh_userinfo(); if (empty($oauth_userinfo)) { @@ -1489,11 +1489,9 @@ function savepreferences($A) // COM_errorLog("callback_url={$callback_url}"); // authenticate with the remote service - if (!isset($query[$callback_query_string]) && - (empty($cancel_query_string) || !isset($query[$cancel_query_string])) - ) { + if (!isset($query[$callback_query_string]) && (empty($cancel_query_string) || !isset($query[$cancel_query_string]))) { $msg = 114; // Resynch with remote account has failed but other account information has been successfully saved - // elseif the callback query string is set, then we have successfully authenticated + // elseif the callback query string is set, then we have successfully authenticated } elseif (isset($query[$callback_query_string])) { // COM_errorLog("authenticated with remote service, retrieve userinfo"); // foreach($query as $key=>$value) { diff --git a/system/classes/oauth/LICENSE b/system/classes/oauth/LICENSE new file mode 100644 index 000000000..7078ba251 --- /dev/null +++ b/system/classes/oauth/LICENSE @@ -0,0 +1,37 @@ +PHP OAuth API - Access API authorized by the users +using the OAuth protocol + +This LICENSE is in the BSD license style. + +License Version Control: +@(#) $Id: LICENSE,v 1.2 2013/02/11 05:17:53 mlemos Exp $ + +Copyright (c) 2012-2013, Manuel Lemos +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + + Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + Neither the name of Manuel Lemos nor the names of his contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR +CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, +EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR +PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/system/classes/oauth/oauth_configuration.json b/system/classes/oauth/oauth_configuration.json new file mode 100644 index 000000000..41d745057 --- /dev/null +++ b/system/classes/oauth/oauth_configuration.json @@ -0,0 +1,473 @@ +{ + "version": "$Id: oauth_configuration.json,v 1.34 2016/10/26 10:34:49 mlemos Exp $", + "comments": [ + "The servers entry should be an object with a list of object", + "entries, one for each server type. The server object entry name is", + "the name of the server type. Each server entry is an object with", + "some mandatory properties: oauth_version, dialog_url,", + "access_token_url and request_token_url (just for Oauth 1.0 and", + "1.0a). Check the OAuth client class for the complete list of server", + "properties." + ], + "servers": + { + "37Signals": + { + "oauth_version": "2.0", + "dialog_url": "https://launchpad.37signals.com/authorization/new?type=web_server&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&state={STATE}&scope={SCOPE}", + "access_token_url": "https://launchpad.37signals.com/authorization/token?type=web_server" + }, + + "Amazon": + { + "oauth_version": "2.0", + "dialog_url": "https://www.amazon.com/ap/oa?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&scope={SCOPE}&response_type=code&state={STATE}", + "access_token_url": "https://api.amazon.com/auth/o2/token" + }, + + "AOL": + { + "oauth_version": "2.0", + "dialog_url": "https://api.screenname.aol.com/auth/authorize?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&scope={SCOPE}&response_type=code&state={STATE}", + "access_token_url": "https://api.screenname.aol.com/auth/access_token" + }, + + "Bitbucket": + { + "oauth_version": "1.0a", + "request_token_url": "https://bitbucket.org/!api/1.0/oauth/request_token", + "dialog_url": "https://bitbucket.org/!api/1.0/oauth/authenticate", + "access_token_url": "https://bitbucket.org/!api/1.0/oauth/access_token", + "url_parameters": false + }, + + "Bitly": + { + "oauth_version": "2.0", + "dialog_url": "https://bitly.com/oauth/authorize?response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&state={STATE}&scope={SCOPE}", + "access_token_url": "https://api-ssl.bitly.com/oauth/access_token" + }, + + "Box": + { + "oauth_version": "2.0", + "dialog_url": "https://www.box.com/api/oauth2/authorize?response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&state={STATE}&scope={SCOPE}", + "offline_dialog_url": "https://www.box.com/api/oauth2/authorize?response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&state={STATE}&access_type=offline&approval_prompt=force", + "access_token_url": "https://www.box.com/api/oauth2/token" + }, + + "Buffer": + { + "oauth_version": "2.0", + "dialog_url": "https://bufferapp.com/oauth2/authorize?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&response_type=code&state={STATE}&scope={SCOPE}", + "access_token_url": "https://api.bufferapp.com/1/oauth2/token.json" + }, + + "Copy": + { + "oauth_version": "1.0a", + "request_token_url": "https://api.copy.com/oauth/request", + "dialog_url": "https://www.copy.com/applications/authorize", + "access_token_url": "https://api.copy.com/oauth/access" + }, + + "Dailymotion": + { + "oauth_version": "2.0", + "dialog_url": "https://api.dailymotion.com/oauth/authorize?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&response_type=code&state={STATE}&scope={SCOPE}", + "access_token_url": "https://api.dailymotion.com/oauth/token" + }, + + "Discogs": + { + "oauth_version": "1.0a", + "request_token_url": "https://api.discogs.com/oauth/request_token", + "dialog_url": "https://www.discogs.com/oauth/authorize", + "access_token_url": "https://api.discogs.com/oauth/access_token" + }, + + "Disqus": + { + "oauth_version": "2.0", + "dialog_url": "https://disqus.com/api/oauth/2.0/authorize/?response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&scope={SCOPE}&state={STATE}", + "access_token_url": "https://disqus.com/api/oauth/2.0/access_token/" + }, + + "Dropbox": + { + "oauth_version": "1.0", + "request_token_url": "https://api.dropbox.com/1/oauth/request_token", + "dialog_url": "https://www.dropbox.com/1/oauth/authorize", + "access_token_url": "https://api.dropbox.com/1/oauth/access_token", + "authorization_header": false + }, + + "Dropbox2": + { + "oauth_version": "2.0", + "dialog_url": "https://www.dropbox.com/1/oauth2/authorize?response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&scope={SCOPE}&state={STATE}", + "access_token_url": "https://www.dropbox.com/1/oauth2/token" + }, + + "Dropbox2v2": + { + "oauth_version": "2.0", + "dialog_url": "https://api.dropbox.com/oauth2/authorize?response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&scope={SCOPE}&state={STATE}", + "access_token_url": "https://www.dropbox.com/oauth2/token" + }, + + "Etsy": + { + "oauth_version": "1.0a", + "request_token_url": "https://openapi.etsy.com/v2/oauth/request_token?scope={SCOPE}", + "dialog_url": "automatic", + "access_token_url": "https://openapi.etsy.com/v2/oauth/access_token" + }, + + "Eventful": + { + "oauth_version": "1.0a", + "request_token_url": "http://eventful.com/oauth/request_token", + "dialog_url": "http://eventful.com/oauth/authorize", + "access_token_url": "http://eventful.com/oauth/access_token", + "authorization_header": false, + "url_parameters": true, + "token_request_method": "POST" + }, + + "Evernote": + { + "oauth_version": "1.0a", + "request_token_url": "https://sandbox.evernote.com/oauth", + "dialog_url": "https://sandbox.evernote.com/OAuth.action", + "access_token_url": "https://sandbox.evernote.com/oauth", + "url_parameters": true, + "authorization_header": false + }, + + "Fitbit": + { + "oauth_version": "1.0a", + "request_token_url": "https://api.fitbit.com/oauth/request_token", + "dialog_url": "https://api.fitbit.com/oauth/authorize", + "access_token_url": "https://api.fitbit.com/oauth/access_token" + }, + + "Fitbit2": + { + "oauth_version": "2.0", + "dialog_url": "https://www.fitbit.com/oauth2/authorize?client_id={CLIENT_ID}&response_type=code&state={STATE}&redirect_uri={REDIRECT_URI}&scope={SCOPE}", + "reauthenticate_dialog_url": "https://www.fitbit.com/oauth2/authorize?client_id={CLIENT_ID}&response_type=code&state={STATE}&redirect_uri={REDIRECT_URI}&scope={SCOPE}prompt=login", + "access_token_url": "https://api.fitbit.com/oauth2/token", + "access_token_authentication": "basic" + }, + + "Flickr": + { + "oauth_version": "1.0a", + "request_token_url": "http://www.flickr.com/services/oauth/request_token", + "dialog_url": "http://www.flickr.com/services/oauth/authorize?perms={SCOPE}", + "access_token_url": "http://www.flickr.com/services/oauth/access_token", + "authorization_header": false + }, + + "Foursquare": + { + "oauth_version": "2.0", + "dialog_url": "https://foursquare.com/oauth2/authorize?client_id={CLIENT_ID}&scope={SCOPE}&response_type=code&redirect_uri={REDIRECT_URI}&state={STATE}", + "access_token_url": "https://foursquare.com/oauth2/access_token", + "access_token_parameter": "oauth_token" + }, + + "Garmin": + { + "oauth_version": "1.0a", + "request_token_url": "http://connectapitest.garmin.com/oauth-service-1.0/oauth/request_token", + "dialog_url": "http://connecttest.garmin.com/oauthConfirm", + "access_token_url": "http://connectapitest.garmin.com/oauth-service-1.0/oauth/access_token" + }, + + "Garmin2Legged": + { + "oauth_version": "1.0a", + "request_token_url": "http://gcsapitest.garmin.com/gcs-api/oauth/request_token", + "dialog_url": "2legged", + "access_token_url": "http://gcsapitest.garmin.com/gcs-api/oauth/access_token" + }, + + "Google1": + { + "oauth_version": "1.0a", + "dialog_url": "https://www.google.com/accounts/OAuthAuthorizeToken", + "access_token_url": "https://www.google.com/accounts/OAuthGetAccessToken", + "request_token_url": "https://www.google.com/accounts/OAuthGetRequestToken?scope={SCOPE}" + }, + + "imgur": + { + "oauth_version": "2.0", + "dialog_url": "https://api.imgur.com/oauth2/authorize?client_id={CLIENT_ID}&response_type=code&state={STATE}&redirect_uri={REDIRECT_URI}&scope={SCOPE}", + "pin_dialog_url": "https://api.imgur.com/oauth2/authorize?client_id={CLIENT_ID}&response_type=pin&state={STATE}&scope={SCOPE}", + "access_token_url": "https://api.imgur.com/oauth2/token" + }, + + "Infusionsoft": + { + "oauth_version": "2.0", + "dialog_url": "https://signin.infusionsoft.com/app/oauth/authorize?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&scope={SCOPE}&response_type=code&state={STATE}", + "access_token_url": "https://api.infusionsoft.com/token", + "refresh_token_authentication": "basic" + }, + + "Instagram": + { + "oauth_version": "2.0", + "dialog_url": "https://api.instagram.com/oauth/authorize/?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&scope={SCOPE}&response_type=code&state={STATE}", + "access_token_url": "https://api.instagram.com/oauth/access_token" + }, + + "Intuit": + { + "oauth_version": "1.0a", + "request_token_url": "https://oauth.intuit.com/oauth/v1/get_request_token", + "dialog_url": "https://appcenter.intuit.com/Connect/Begin", + "access_token_url": "https://oauth.intuit.com/oauth/v1/get_access_token" + }, + + "Jawbone": + { + "oauth_version": "2.0", + "dialog_url": "https://jawbone.com/auth/oauth2/auth?response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&state={STATE}&scope={SCOPE}", + "access_token_url": "https://jawbone.com/auth/oauth2/token" + }, + + "LinkedIn2": + { + "oauth_version": "2.0", + "dialog_url": "https://www.linkedin.com/uas/oauth2/authorization?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&scope={SCOPE}&response_type=code&state={STATE}", + "access_token_url": "https://www.linkedin.com/uas/oauth2/accessToken", + "default_access_token_type": "Bearer" + }, + + "Livecoding": + { + "oauth_version": "2.0", + "dialog_url": "https://www.livecoding.tv/o/authorize/?scope={SCOPE}&state={STATE}&redirect_uri={REDIRECT_URI}&response_type=code&client_id={CLIENT_ID}", + "access_token_url": "https://www.livecoding.tv/o/token/" + }, + + "MailChimp": + { + "oauth_version": "2.0", + "dialog_url": "https://login.mailchimp.com/oauth2/authorize?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&scope={SCOPE}&response_type=code&state={STATE}", + "access_token_url": "https://login.mailchimp.com/oauth2/token" + }, + + "Mavenlink": + { + "oauth_version": "2.0", + "dialog_url": "https://api.mavenlink.com/oauth/authorize?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&scope={SCOPE}&response_type=code&state={STATE}", + "access_token_url": "https://api.mavenlink.com/oauth/token" + }, + + "mail.ru": + { + "oauth_version": "2.0", + "dialog_url": "https://connect.mail.ru/oauth/authorize?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&scope={SCOPE}&response_type=code&state={STATE}", + "access_token_url": "https://connect.mail.ru/oauth/token", + "store_access_token_response": true + }, + + "Meetup": + { + "oauth_version": "2.0", + "dialog_url": "https://secure.meetup.com/oauth2/authorize?response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&scope={SCOPE}&state={STATE}", + "access_token_url": "https://secure.meetup.com/oauth2/access" + }, + "Misfit": + { + "oauth_version": "2.0", + "dialog_url": "https://api.misfitwearables.com/auth/dialog/authorize?response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&scope={SCOPE}&state={STATE}", + "access_token_url": "https://api.misfitwearables.com/auth/tokens/exchange" + }, + "oDesk": + { + "oauth_version": "1.0a", + "request_token_url": "https://www.odesk.com/api/auth/v1/oauth/token/request", + "dialog_url": "https://www.odesk.com/services/api/auth", + "access_token_url": "https://www.odesk.com/api/auth/v1/oauth/token/access", + "token_request_method": "POST" + }, + + "Paypal": + { + "oauth_version": "2.0", + "dialog_url": "https://www.paypal.com/webapps/auth/protocol/openidconnect/v1/authorize?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&response_type=code&state={STATE}&scope={SCOPE}", + "access_token_url": "https://api.paypal.com/v1/identity/openidconnect/tokenservice" + }, + + "PaypalSandbox": + { + "oauth_version": "2.0", + "dialog_url": "https://www.sandbox.paypal.com/webapps/auth/protocol/openidconnect/v1/authorize?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&response_type=code&state={STATE}&scope={SCOPE}", + "access_token_url": "https://api.sandbox.paypal.com/v1/identity/openidconnect/tokenservice" + }, + + "PaypalApplication": + { + "oauth_version": "2.0", + "dialog_url": "use Paypal OAuth 2.0 for accessing its API on behalf of a given user", + "access_token_url": "https://api.paypal.com/v1/oauth2/token", + "access_token_authentication": "basic", + "grant_type": "client_credentials" + }, + + "Rdio": + { + "oauth_version": "1.0a", + "request_token_url": "http://api.rdio.com/oauth/request_token", + "dialog_url": "https://www.rdio.com/oauth/authorize", + "access_token_url": "http://api.rdio.com/oauth/access_token" + }, + + "Reddit": + { + "oauth_version": "2.0", + "dialog_url": "https://ssl.reddit.com/api/v1/authorize?response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&scope={SCOPE}&state={STATE}", + "offline_dialog_url": "https://ssl.reddit.com/api/v1/authorize?response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&scope={SCOPE}&state={STATE}&duration=permanent", + "access_token_url": "https://ssl.reddit.com/api/v1/access_token", + "access_token_authentication": "basic" + }, + + "RightSignature": + { + "oauth_version": "1.0a", + "request_token_url": "https://rightsignature.com/oauth/request_token", + "dialog_url": "https://rightsignature.com/oauth/authorize", + "access_token_url": "https://rightsignature.com/oauth/access_token", + "authorization_header": false + }, + + "RunKeeper": + { + "oauth_version": "2.0", + "dialog_url": "https://runkeeper.com/apps/authorize?response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&state={STATE}&scope={SCOPE}", + "access_token_url": "https://runkeeper.com/apps/token" + }, + + "Salesforce": + { + "oauth_version": "2.0", + "dialog_url": "https://login.salesforce.com/services/oauth2/authorize?response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&scope={SCOPE}&state={STATE}", + "access_token_url": "https://login.salesforce.com/services/oauth2/token", + "default_access_token_type": "Bearer", + "store_access_token_response": true + }, + + "Scoop.it": + { + "oauth_version": "1.0a", + "request_token_url": "https://www.scoop.it/oauth/request", + "dialog_url": "https://www.scoop.it/oauth/authorize", + "access_token_url": "https://www.scoop.it/oauth/access", + "authorization_header": false + }, + + "StockTwits": + { + "oauth_version": "2.0", + "dialog_url": "https://api.stocktwits.com/api/2/oauth/authorize?client_id={CLIENT_ID}&response_type=code&redirect_uri={REDIRECT_URI}&scope={SCOPE}&state={STATE}", + "access_token_url": "https://api.stocktwits.com/api/2/oauth/token" + }, + + "SurveyMonkey": + { + "oauth_version": "2.0", + "dialog_url": "https://api.surveymonkey.net/oauth/authorize?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&response_type=code&state={STATE}&api_key={API_KEY}&scope={SCOPE}", + "access_token_url": "https://api.surveymonkey.net/oauth/token?api_key={API_KEY}" + }, + + "Uber": + { + "oauth_version": "2.0", + "dialog_url": "https://login.uber.com/oauth/v2/authorize?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&response_type=code&state={STATE}&api_key={API_KEY}&scope={SCOPE}", + "access_token_url": "https://login.uber.com/oauth/v2/token" + }, + + "TeamViewer": + { + "oauth_version": "2.0", + "dialog_url": "https://webapi.teamviewer.com/api/v1/oauth2/authorize?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&response_type=code&state={STATE}&api_key={API_KEY}&scope={SCOPE}", + "access_token_url": "https://webapi.teamviewer.com/api/v1/oauth2/token" + }, + + "Tumblr": + { + "oauth_version": "1.0a", + "request_token_url": "http://www.tumblr.com/oauth/request_token", + "dialog_url": "http://www.tumblr.com/oauth/authorize", + "access_token_url": "http://www.tumblr.com/oauth/access_token" + }, + + "Twitter2": + { + "oauth_version": "2.0", + "dialog_url": "use Twitter OAuth 1.0a for accessing its API on behalf of a given user", + "access_token_url": "https://api.twitter.com/oauth2/token" + }, + + "Vimeo": + { + "oauth_version": "2.0", + "dialog_url": "https://api.vimeo.com/oauth/authorize?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&response_type=code&state={STATE}&scope={SCOPE}", + "access_token_url": "https://api.vimeo.com/oauth/access_token" + }, + + "VK": + { + "oauth_version": "2.0", + "dialog_url": "https://oauth.vk.com/authorize?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&scope={SCOPE}&state={STATE}", + "access_token_url": "https://oauth.vk.com/access_token" + }, + + "Withings": + { + "oauth_version": "1.0", + "request_token_url": "https://oauth.withings.com/account/request_token", + "dialog_url": "https://oauth.withings.com/account/authorize", + "access_token_url": "https://oauth.withings.com/account/access_token", + "authorization_header": false + }, + + "Wordpress": + { + "oauth_version": "2.0", + "dialog_url": "https://public-api.wordpress.com/oauth2/authorize?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&response_type=code&state={STATE}&scope={SCOPE}", + "access_token_url": "https://public-api.wordpress.com/oauth2/token" + }, + + "Xero": + { + "oauth_version": "1.0a", + "request_token_url": "https://api.xero.com/oauth/RequestToken", + "dialog_url": "https://api.xero.com/oauth/Authorize", + "access_token_url": "https://api.xero.com/oauth/AccessToken" + }, + + "XING": + { + "oauth_version": "1.0a", + "request_token_url": "https://api.xing.com/v1/request_token", + "dialog_url": "https://api.xing.com/v1/authorize", + "access_token_url": "https://api.xing.com/v1/access_token", + "authorization_header": false + }, + + "Yandex": + { + "oauth_version": "2.0", + "dialog_url": "https://oauth.yandex.com/authorize?response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&state={STATE}&scope={SCOPE}", + "access_token_url": "https://oauth.yandex.com/token" + } + } +} \ No newline at end of file diff --git a/system/classes/oauthhelper.class.php b/system/classes/oauthhelper.class.php index 7934fa066..f6f5f8f5a 100644 --- a/system/classes/oauthhelper.class.php +++ b/system/classes/oauthhelper.class.php @@ -98,45 +98,39 @@ public function __construct($service) switch ($this->client->server) { case 'facebook' : - $api_url = 'https://graph.facebook.com/me'; - $scope = 'email,user_website,user_location,user_about_me,user_photos'; - $q_api = array(); + $api_url = 'https://graph.facebook.com/me?fields=name,email,link,id,first_name,last_name,about'; + $scope = 'email,public_profile,user_friends'; + $q_api = array(); break; - - case 'github' : - $api_url = 'https://api.github.com/user'; - $scope = 'user:email'; - $q_api = array(); - break; - case 'google' : $api_url = 'https://www.googleapis.com/oauth2/v1/userinfo'; - $scope = 'https://www.googleapis.com/auth/userinfo.email ' . 'https://www.googleapis.com/auth/userinfo.profile'; - $q_api = array(); + $scope = 'https://www.googleapis.com/auth/userinfo.email '.'https://www.googleapis.com/auth/userinfo.profile'; + $q_api = array(); break; - case 'microsoft' : $api_url = 'https://apis.live.net/v5.0/me'; - $scope = 'wl.basic wl.emails'; - $q_api = array(); + $scope = 'wl.basic wl.emails'; + $q_api = array(); break; - case 'twitter' : $api_url = 'https://api.twitter.com/1.1/account/verify_credentials.json'; - $scope = ''; - $q_api = array(); + $scope = ''; + $q_api = array('include_entities' => "true", 'skip_status' => "true", 'include_email' => "true"); break; - case 'yahoo' : $api_url = 'http://query.yahooapis.com/v1/yql'; - $scope = ''; - $q_api = array('q' => 'SELECT * FROM social.profile WHERE guid=me', 'format' => 'json'); + $scope = ''; + $q_api = array('q'=>'select * from social.profile where guid=me','format'=>'json'); break; - case 'linkedin' : $api_url = 'http://api.linkedin.com/v1/people/~:(id,first-name,last-name,location,summary,email-address,picture-url,public-profile-url)'; - $scope = 'r_fullprofile r_emailaddress'; - $q_api = array('format' => 'json'); + $scope = 'r_basicprofile r_emailaddress'; + $q_api = array('format'=>'json'); + break; + case 'github' : + $api_url = 'https://api.github.com/user'; + $scope = 'user:email'; + $q_api = array(); break; default: @@ -222,7 +216,7 @@ public function doAction($info) $users = $this->_getCreateUserInfo($info); $userInfo = $this->_getUpdateUserInfo($info); - + $sql = "SELECT uid, status FROM {$_TABLES['users']} " . "WHERE remoteusername = '" . DB_escapeString($users['remoteusername']) . "' " . "AND remoteservice = '" . DB_escapeString($users['remoteservice']) . "'"; @@ -261,6 +255,8 @@ public function doAction($info) $remote_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'"); DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ($remote_grp, $uid)"); } + + return true; } public function doSynch($info) @@ -312,37 +308,34 @@ protected function _getUpdateUserInfo($info) switch ($this->client->server) { case 'facebook' : - if (isset($info->about)) { - $userInfo['about'] = $info->about; + if ( isset($info->about) ) { + $userinfo['about'] = $info->about; } - if (isset($info->location->name)) { - $userInfo['location'] = $info->location->name; + if ( isset($info->location->name) ) { + $userinfo['location'] = $info->location->name; } break; - - case 'github' : - break; - case 'google' : break; - case 'microsoft' : break; - case 'twitter' : + if ( isset($info->email ) ) { + $userinfo['email'] = $info->email; + } break; - case 'yahoo' : if (isset($info->query->results->profile->location)) { $userInfo['location'] = $info->query->results->profile->location; } break; - case 'linkedin' : - if (isset($info->location->name)) { - $userInfo['location'] = $info->location->name; + if ( isset($info->location->name) ) { + $userinfo['location'] = $info->location->name; } break; + case 'github' : + break; } return $userInfo; @@ -361,9 +354,9 @@ protected function _getCreateUserInfo($info) 'homepage' => $info->link, 'remoteusername' => DB_escapeString($info->id), 'remoteservice' => 'oauth.facebook', - 'remotephoto' => 'http://graph.facebook.com/' . $info->id . '/picture', + 'remotephoto' => 'http://graph.facebook.com/'.$info->id.'/picture', ); - break; + break; case 'github' : $users = array( @@ -377,9 +370,17 @@ protected function _getCreateUserInfo($info) 'remoteservice' => 'oauth.github', 'remotephoto' => $info->{'avatar_url'}, ); - break; + break; case 'google' : + $homepage = $info->link; + + $plusPos = strpos($homepage,"+"); + if ( $plusPos !== false ) { + $username = substr($homepage,strlen("https://plug.google.com/+")); + } else { + $username = ""; + } $users = array( 'loginname' => (isset($info->given_name) ? $info->given_name : $info->id), 'email' => $info->email, @@ -391,21 +392,25 @@ protected function _getCreateUserInfo($info) 'remoteservice' => 'oauth.google', 'remotephoto' => $info->picture, ); - break; + break; case 'twitter' : + $mail = ''; + if ( isset($info->email)) { + $mail = $info->email; + } $users = array( 'loginname' => $info->screen_name, - 'email' => '', + 'email' => $mail, 'passwd' => '', 'passwd2' => '', 'fullname' => $info->name, - 'homepage' => 'http://twitter.com/' . $info->screen_name, + 'homepage' => 'http://twitter.com/'.$info->screen_name, 'remoteusername' => DB_escapeString($info->screen_name), 'remoteservice' => 'oauth.twitter', 'remotephoto' => $info->profile_image_url, ); - break; + break; case 'microsoft' : $users = array( @@ -420,7 +425,7 @@ protected function _getCreateUserInfo($info) 'remotephoto' => 'https://apis.live.net/v5.0/me/picture?access_token=' . $this->client->access_token, ); break; - + case 'yahoo' : $users = array( 'loginname' => (isset($info->query->results->profile->nickname) ? $info->query->results->profile->nickname : $info->query->results->profile->guid), @@ -434,14 +439,14 @@ protected function _getCreateUserInfo($info) 'remotephoto' => $info->query->results->profile->image->imageUrl, ); break; - + case 'linkedin' : $users = array( 'loginname' => (isset($info->{'firstName'}) ? $info->{'firstName'} : $info->id), 'email' => $info->{'emailAddress'}, 'passwd' => '', 'passwd2' => '', - 'fullname' => $info->{'firstName'} . ' ' . $info->{'lastName'}, + 'fullname' => $info->{'firstName'} . ' ' . $info->{'lastName'}, 'homepage' => $info->{'publicProfileUrl'}, 'remoteusername' => DB_escapeString($info->id), 'remoteservice' => 'oauth.linkedin',