From b3066c9cc93dc9a80ec136794cefd4f68318096c Mon Sep 17 00:00:00 2001 From: yuklia Date: Thu, 26 Feb 2015 18:58:31 +0200 Subject: [PATCH 01/46] mailer --- application/configs/default/mailer.php | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/application/configs/default/mailer.php b/application/configs/default/mailer.php index 669dc52a..abea52e2 100644 --- a/application/configs/default/mailer.php +++ b/application/configs/default/mailer.php @@ -13,6 +13,16 @@ "name" => "Bluz" ], "settings" => [ - "CharSet" => "UTF-8" + "CharSet" => "UTF-8", + "Mailer" => "smtp", // mail, sendmail, smtp, qmail + "Host" => "10.10.0.114", + "Port" => "2525" + ], + + // Custom Headers + "headers" => [ + "PROJECT" => "Bluz", + 'EMAILS' => 'y.kostrikova@nixsolutions.com, baziak@nixsolutions.com', + 'EXTERNAL' => false ], ); From df5545c8c0fc31dd315b220853a21e2ea3a2dbfc Mon Sep 17 00:00:00 2001 From: yuklia Date: Tue, 5 May 2015 17:55:35 +0300 Subject: [PATCH 02/46] hybrid auth --- application/configs/default/hybridauth.php | 38 ++++++++ application/configs/default/opauth.php | 47 ++++++++++ application/modules/auth/controllers/auth.php | 22 +++++ .../modules/index/controllers/index.php | 18 ++++ composer.json | 94 ++++++++++--------- 5 files changed, 174 insertions(+), 45 deletions(-) create mode 100644 application/configs/default/hybridauth.php create mode 100644 application/configs/default/opauth.php create mode 100644 application/modules/auth/controllers/auth.php diff --git a/application/configs/default/hybridauth.php b/application/configs/default/hybridauth.php new file mode 100644 index 00000000..b5fa9e09 --- /dev/null +++ b/application/configs/default/hybridauth.php @@ -0,0 +1,38 @@ + "http://sk.com/auth/auth", + + "providers" => array( + // google + /* "Google" => array( // 'id' is your google client id + "enabled" => true, + "keys" => array("id" => "", "secret" => "") + ),*/ + + // facebook + /*"Facebook" => array( // 'id' is your facebook application id + "enabled" => true, + "keys" => array("id" => "1413483462306154", "secret" => "0911925061bdb04a3d8c41129f672065"), + "scope" => "email, user_about_me, user_birthday, user_hometown", // optional + ),*/ + + // twitter + "Twitter" => array( // 'key' is your twitter application consumer key + "enabled" => true, + "keys" => array("key" => "eOMvWh3ODqk4A1MHEeolm0Cfv", "secret" => "aJSrRzFlJxZp60IhTPnsOetwYVZ6XBZmcd4wQbPwyc7hgIYg0M") + ) + ), + + "debug_mode" => false, + + // to enable logging, set 'debug_mode' to true, then provide here a path of a writable file + "debug_file" => "", + ); \ No newline at end of file diff --git a/application/configs/default/opauth.php b/application/configs/default/opauth.php new file mode 100644 index 00000000..3442dd30 --- /dev/null +++ b/application/configs/default/opauth.php @@ -0,0 +1,47 @@ + '/', + + /** + * Callback URL: redirected to after authentication, successful or otherwise + */ + 'callback_url' => '{path}callback.php', + + /** + * A random string used for signing of $auth response. + */ + 'security_salt' => 'LDFmiilYf8Fyw5W10rx4W1KsVrieQCnpBzzpTBWA5vJidQKDx8pMJbmw28R1C4m', + + /** + * Strategy + * Refer to individual strategy's documentation on configuration requirements. + * + * eg. + * 'Strategy' => array( + * + * 'Facebook' => array( + * 'app_id' => 'APP ID', + * 'app_secret' => 'APP_SECRET' + * ), + * + * ) + * + */ + 'Strategy' => array( + // Define strategies and their respective configs here + + ), +); \ No newline at end of file diff --git a/application/modules/auth/controllers/auth.php b/application/modules/auth/controllers/auth.php new file mode 100644 index 00000000..4d13db92 --- /dev/null +++ b/application/modules/auth/controllers/auth.php @@ -0,0 +1,22 @@ +authenticate( "Twitter" ); + + if ($twitter->isUserConnected()) { + $user_profile = $twitter->getUserProfile(); + echo "Hi there! " . $user_profile->displayName; + } + + } + catch( Exception $e ){ + echo "Ooophs, we got an error: " . $e->getMessage(); + } }; diff --git a/composer.json b/composer.json index ec2a6a38..e60834e1 100644 --- a/composer.json +++ b/composer.json @@ -1,49 +1,53 @@ { - "name": "bluzphp/skeleton", - "description": "Skeleton application for Bluz, a lightweight PHP framework", - "minimum-stability": "dev", - "type": "library", - "require": { - "php": ">=5.4", - "bluzphp/framework": "~0.9", - "phpmailer/phpmailer": "~5.2", - "guzzle/guzzle": "~3.8", - "zircote/swagger-php": "~0.9" + "name": "bluzphp/skeleton", + "description": "Skeleton application for Bluz, a lightweight PHP framework", + "minimum-stability": "dev", + "type": "library", + "require": { + "php": ">=5.4", + "bluzphp/framework": "~0.9", + "phpmailer/phpmailer": "~5.2", + "guzzle/guzzle": "~3.8", + "zircote/swagger-php": "~0.9" + }, + "require-dev": { + "phpunit/phpunit": "~4.4", + "satooshi/php-coveralls": "~0.6", + "squizlabs/php_codesniffer": "~2.0", + "zendframework/zend-dom": "~2.3", + "hybridauth/hybridauth": "dev-master", + "opauth/opauth": "*", + "opauth/facebook": "*", + "opauth/twitter": "*" + }, + "config": { + "vendor-dir": "vendor" + }, + "autoload": { + "psr-0": { + "": "application/library" }, - "require-dev": { - "phpunit/phpunit": "~4.4", - "satooshi/php-coveralls": "~0.6", - "squizlabs/php_codesniffer": "~2.0", - "zendframework/zend-dom": "~2.3" + "psr-4": { + "Application\\": "application/models", + "Application\\Tests\\": "tests/library" }, - "config": { - "vendor-dir": "vendor" - }, - "autoload": { - "psr-0": { - "": "application/library" - }, - "psr-4": { - "Application\\": "application/models", - "Application\\Tests\\": "tests/library" - }, - "files": [ - "application/_functions.php", - "application/_loader.php" - ] - }, - "scripts": { - "post-install-cmd": "php bin/install.php" - }, - "authors": [ - { - "name": "Bluz Skeleton Contributors", - "homepage": "https://github.com/bluzphp/skeleton/graphs/contributors" - } - ], - "support": { - "issues": "https://github.com/bluzphp/skeleton/issues", - "wiki": "https://github.com/bluzphp/skeleton/wiki" - }, - "license": "MIT" + "files": [ + "application/_functions.php", + "application/_loader.php" + ] + }, + "scripts": { + "post-install-cmd": "php bin/install.php" + }, + "authors": [ + { + "name": "Bluz Skeleton Contributors", + "homepage": "https://github.com/bluzphp/skeleton/graphs/contributors" + } + ], + "support": { + "issues": "https://github.com/bluzphp/skeleton/issues", + "wiki": "https://github.com/bluzphp/skeleton/wiki" + }, + "license": "MIT" } From 3652a36db659c8ff7b47fedaa598802525f7a8a5 Mon Sep 17 00:00:00 2001 From: yuklia Date: Tue, 5 May 2015 18:15:00 +0300 Subject: [PATCH 03/46] hotfix --- application/configs/default/hybridauth.php | 8 ++++---- application/modules/index/controllers/index.php | 4 +++- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/application/configs/default/hybridauth.php b/application/configs/default/hybridauth.php index b5fa9e09..889f5cda 100644 --- a/application/configs/default/hybridauth.php +++ b/application/configs/default/hybridauth.php @@ -12,17 +12,17 @@ "providers" => array( // google - /* "Google" => array( // 'id' is your google client id + "Google" => array( // 'id' is your google client id "enabled" => true, "keys" => array("id" => "", "secret" => "") - ),*/ + ), // facebook - /*"Facebook" => array( // 'id' is your facebook application id + "Facebook" => array( // 'id' is your facebook application id "enabled" => true, "keys" => array("id" => "1413483462306154", "secret" => "0911925061bdb04a3d8c41129f672065"), "scope" => "email, user_about_me, user_birthday, user_hometown", // optional - ),*/ + ), // twitter "Twitter" => array( // 'key' is your twitter application consumer key diff --git a/application/modules/index/controllers/index.php b/application/modules/index/controllers/index.php index 7b992693..a695bfe6 100644 --- a/application/modules/index/controllers/index.php +++ b/application/modules/index/controllers/index.php @@ -26,13 +26,15 @@ function () { try{ $hybridauth = new \Hybrid_Auth( $config ); - $twitter = $hybridauth->authenticate( "Twitter" ); + $twitter = $hybridauth->authenticate( "Facebook" ); if ($twitter->isUserConnected()) { $user_profile = $twitter->getUserProfile(); echo "Hi there! " . $user_profile->displayName; + $twitter->logout(); } + } catch( Exception $e ){ echo "Ooophs, we got an error: " . $e->getMessage(); From ab80d90b831218e30952076fb7c79e7a24db1621 Mon Sep 17 00:00:00 2001 From: yuklia Date: Tue, 5 May 2015 18:41:15 +0300 Subject: [PATCH 04/46] test --- application/configs/default/auth.php | 4 +- application/configs/default/hybridauth.php | 2 +- application/modules/auth/controllers/auth.php | 37 ++++++++++++++++++- .../modules/auth/controllers/endpoint.php | 22 +++++++++++ .../modules/index/controllers/index.php | 18 --------- 5 files changed, 61 insertions(+), 22 deletions(-) create mode 100644 application/modules/auth/controllers/endpoint.php diff --git a/application/configs/default/auth.php b/application/configs/default/auth.php index eecc4782..8286aca9 100644 --- a/application/configs/default/auth.php +++ b/application/configs/default/auth.php @@ -12,8 +12,8 @@ } ), "facebook" => array( - "appId" => "%%appId%%", - "secret" => "%%secret%%", + "appId" => "1413483462306154", + "secret" => "0911925061bdb04a3d8c41129f672065", ), "twitter" => array( "consumer_key" => "%%consumerKey%%", diff --git a/application/configs/default/hybridauth.php b/application/configs/default/hybridauth.php index 889f5cda..ecb1f93f 100644 --- a/application/configs/default/hybridauth.php +++ b/application/configs/default/hybridauth.php @@ -8,7 +8,7 @@ return array( //"base_url" the url that point to HybridAuth Endpoint (where index.php and config.php are found) - "base_url" => "http://sk.com/auth/auth", + "base_url" => "http://sk.com/auth/endpoint", "providers" => array( // google diff --git a/application/modules/auth/controllers/auth.php b/application/modules/auth/controllers/auth.php index 4d13db92..1166a1f6 100644 --- a/application/modules/auth/controllers/auth.php +++ b/application/modules/auth/controllers/auth.php @@ -9,6 +9,8 @@ namespace Application; use Application\Users; +use Bluz\Proxy\Messages; +use Bluz\Proxy\Request; return /** @@ -18,5 +20,38 @@ */ function () { - include PATH_VENDOR."/"."hybridauth/hybridauth/hybridauth/index.php"; + try{ + $provider = Request::getParam('provider'); + $auth = new AuthFactory(); + $auth->setProvider($provider); + $auth->setResponse($this); + $auth->setService($this->getService()); + $auth->setIdentity($this->user()); + $auth->authProcess(); + }catch (Exception $e) { + Messages::addError($e->getMessage()); + } + return + function () { + return false; + }; + + /** + * $config = Config::getData('hybridauth'); + + try{ + $hybridauth = new \Hybrid_Auth( $config ); + + $twitter = $hybridauth->authenticate( "Facebook" ); + + if ($twitter->isUserConnected()) { + $user_profile = $twitter->getUserProfile(); + echo "Hi there! " . $user_profile->displayName; + $twitter->logout(); + } + } + catch( Exception $e ){ + echo "Ooophs, we got an error: " . $e->getMessage(); + } + */ }; diff --git a/application/modules/auth/controllers/endpoint.php b/application/modules/auth/controllers/endpoint.php new file mode 100644 index 00000000..4d13db92 --- /dev/null +++ b/application/modules/auth/controllers/endpoint.php @@ -0,0 +1,22 @@ +authenticate( "Facebook" ); - - if ($twitter->isUserConnected()) { - $user_profile = $twitter->getUserProfile(); - echo "Hi there! " . $user_profile->displayName; - $twitter->logout(); - } - - - } - catch( Exception $e ){ - echo "Ooophs, we got an error: " . $e->getMessage(); - } }; From 765927baa42a89cd2dadce4a71f46899fe07dfe3 Mon Sep 17 00:00:00 2001 From: yuklia Date: Tue, 5 May 2015 18:54:51 +0300 Subject: [PATCH 05/46] hotfix --- application/modules/auth/controllers/auth.php | 7 +------ application/modules/users/views/signin.phtml | 6 +++--- public/js/bluz.auth.js | 17 +++++++++++++++++ 3 files changed, 21 insertions(+), 9 deletions(-) create mode 100644 public/js/bluz.auth.js diff --git a/application/modules/auth/controllers/auth.php b/application/modules/auth/controllers/auth.php index 1166a1f6..f16fd069 100644 --- a/application/modules/auth/controllers/auth.php +++ b/application/modules/auth/controllers/auth.php @@ -22,12 +22,7 @@ function () { try{ $provider = Request::getParam('provider'); - $auth = new AuthFactory(); - $auth->setProvider($provider); - $auth->setResponse($this); - $auth->setService($this->getService()); - $auth->setIdentity($this->user()); - $auth->authProcess(); + }catch (Exception $e) { Messages::addError($e->getMessage()); } diff --git a/application/modules/users/views/signin.phtml b/application/modules/users/views/signin.phtml index 65e2dfd4..08363085 100644 --- a/application/modules/users/views/signin.phtml +++ b/application/modules/users/views/signin.phtml @@ -34,13 +34,13 @@
- widget('twitter', 'auth')?> +
- widget('facebook', 'auth')?> +
- widget('google', 'auth')?> +
diff --git a/public/js/bluz.auth.js b/public/js/bluz.auth.js new file mode 100644 index 00000000..79b45a6b --- /dev/null +++ b/public/js/bluz.auth.js @@ -0,0 +1,17 @@ +/** + * Created by yuklia on 04.03.15. + */ +define(['jquery'], function ($) { + "use strict"; + $(function(){ + $('.provider').on('click', function(event){ + event.preventDefault(); + var provider = $(this).data('provider'); + $.ajax({ + type: "POST", + url: "auth/auth", + data: { provider: provider } + }); + }) + }) +}); From 0ddedd81dbf5f56da36e37502150ecc562358830 Mon Sep 17 00:00:00 2001 From: yuklia Date: Wed, 6 May 2015 08:18:44 +0300 Subject: [PATCH 06/46] test --- application/models/Auth/AbstractAuth.php | 250 ++++++++++++++++++ application/models/Auth/AuthFactory.php | 68 +++++ application/models/Auth/AuthInterface.php | 52 ++++ application/models/Auth/Facebook.php | 89 +++++++ application/models/Auth/Google.php | 147 ++++++++++ application/modules/auth/controllers/auth.php | 16 +- 6 files changed, 618 insertions(+), 4 deletions(-) create mode 100644 application/models/Auth/AbstractAuth.php create mode 100644 application/models/Auth/AuthFactory.php create mode 100644 application/models/Auth/AuthInterface.php create mode 100644 application/models/Auth/Facebook.php create mode 100644 application/models/Auth/Google.php diff --git a/application/models/Auth/AbstractAuth.php b/application/models/Auth/AbstractAuth.php new file mode 100644 index 00000000..c6f23600 --- /dev/null +++ b/application/models/Auth/AbstractAuth.php @@ -0,0 +1,250 @@ +hybridauth = new \Hybrid_Auth($this->getOptions()); + } + + /** + * @param mixed $hybridauth + */ + public function setHybridauth($hybridauth) + { + $this->hybridauth = $hybridauth; + } + + /** + * @param \Bluz\Http\Response $response + */ + public function setResponse($response) + { + $this->response = $response; + } + + /** + * @return \Bluz\Http\Response + */ + public function getResponse() + { + return $this->response; + } + + /** + * @param \Application\AbstractService $service + */ + public function setService($service) + { + $this->service = $service; + } + + /** + * @return \Application\AbstractService + */ + public function getService() + { + return $this->service; + } + + /** + * @param \Application\Users\Entity\User $identity + */ + public function setIdentity($identity) + { + $this->identity = $identity; + } + + /** + * @return \Application\Users\Entity\User + */ + public function getIdentity() + { + return $this->identity; + } + + /** + * @param \Application\Auth\AuthService $authService + */ + public function setAuthService($authService) + { + $this->authService = $authService; + } + + /** + * @return \Application\Auth\AuthService + */ + public function getAuthService() + { + return $this->authService; + } + + /** + * @param \Application\Users\UserService $userService + */ + public function setUserService($userService) + { + $this->userService = $userService; + } + + /** + * @return \Application\Users\UserService + */ + public function getUserService() + { + return $this->userService; + } + + + /** + * @param array $data + * @param \Application\Users\Entity\User $user + * @return void + */ + public function registration($data, $user) + { + // TODO: Implement registration() method. + } + + /** + * @return void + */ + public function authProcess() + { + $elements = explode('\\', get_class($this)); + $providerName = end($elements); + $profile = $this->getProfile(); + + if (!$profile) { + /** + * If user doesn't allow application yet, redirect him to fb page for this. + * After this operation we will returned to this file. + * Is user declined app, we get param 'error' => 'access_denied' + */ + + // if user declined + if ('access_denied' == Request::getParam('error', null)) { + $this->response->redirectTo('users', 'signin'); + } + } + + /* if ( \Bluz\Proxy\Auth::getIdentity()) { + $this->response->redirectTo('index', 'index'); + }*/ + + /** + * @var Auth\Table $authTable + */ + $authTable = Auth\Table::getInstance(); + $auth = $authTable->getAuthRow(strtolower($providerName), $profile['id']); + + if ($auth) { + // if user has been registered + $user = Users\Table::findRow($auth->userId); + + $user->login(); + + if ($user->status != Users\Table::STATUS_ACTIVE) { + Messages::addError('User is not active'); + } + + $this->response->redirectTo('index', 'index'); + } else { + // sign up user + + // continue with registration + /** + * Write facebook response to session + */ + Session::set('facebook', $profile); + Messages::addNotice('To finish your registration fill the form'); + $this->redirectTo('users', 'signup'); + + + } + /* if ($this->identity) { + if ($auth) { + Messages::addNotice(sprintf('You have already linked to %s', $providerName)); + $this->response->redirectTo('users', 'profile', ['id' => $this->identity->getId()]); + } else { + $user = $this->userService->readOne($this->identity->getId()); + $this->registration($profile, $user); + } + } + + if ($auth) { + $this->alreadyRegisteredLogic($auth); //need to be not a proxy object + } else { + Messages::addError('You need to sign up via Ldap first'); + $this->response->redirectTo('users', 'signin'); + }*/ + + } + + /** + * @return array + * @throws \Application\Exception + */ + private function getOptions() + { + + } + + /** + * @return void + */ + public function redirectLogic() + { + // TODO: Implement redirectLogic() method. + } + + /** + * @param Auth $auth + * @return mixed + */ + public function alreadyRegisteredLogic(Auth $auth) + { + // TODO: Implement alreadyRegisteredLogic() method. + } + + /** + * @return array + */ + public function getProfile() + { + // TODO: Implement getProfile() method. + } + + public function setProvider($provider) + { + // TODO: Implement setProvider() method. + } + + /** + * @return mixed + */ + public function getProvider() + { + // TODO: Implement getProvider() method. + } +} \ No newline at end of file diff --git a/application/models/Auth/AuthFactory.php b/application/models/Auth/AuthFactory.php new file mode 100644 index 00000000..be03ec3a --- /dev/null +++ b/application/models/Auth/AuthFactory.php @@ -0,0 +1,68 @@ +authType = new $className(); + } + + + /** + * @param \Bluz\Http\Response $response + */ + public function setResponse($response) + { + $this->authType->setResponse($response); + } + + + /** + * @param mixed $identity + */ + public function setIdentity($identity) + { + $this->authType->setIdentity($identity); + } + + /** + * delegate to type + */ + public function authProcess(){ + + $this->authType->authProcess(); + } + + public function getProvider(){ + + return $this->authType; + } +} \ No newline at end of file diff --git a/application/models/Auth/AuthInterface.php b/application/models/Auth/AuthInterface.php new file mode 100644 index 00000000..40de5409 --- /dev/null +++ b/application/models/Auth/AuthInterface.php @@ -0,0 +1,52 @@ +setForeignKey($profile['id']); + $auth->setProvider(Auth::PROVIDER_FACEBOOK); + $auth->setToken($this->facebook->getAccessToken()); + $auth->setTokenType(AuthTable::TYPE_ACCESS); + $auth->setUser($user); + $auth->setTokenSecret(0); + $this->authService->saveObject($auth); + Messages::addNotice('Your account was linked to Facebook successfully !'); + $this->response->redirectTo('users', 'profile', ['id' => $user->getId()]); + + } + + /** + * @return array + */ + public function getProfile() + { + /** @var \Hybrid_Auth $hybridauth */ + $hybridauth = $this->getHybridauth(); + + $facebook = $hybridauth->authenticate( "Facebook" ); + + return $facebook->getUserProfile(); + } + + /** + * void + */ + public function redirectLogic() + { + $facebookConf = Config::getData('auth', 'facebook'); + //todo::need to be wrapped in plugin + $scheme = Request::getScheme() . '://'; + $host = Request::getHttpHost(); + $url = $facebookConf['redirect-uri']; + + // if user declined + if ('access_denied' == Request::getParam('error', null)) { + $this->response->redirectTo('users', 'profile', ['id' => $this->identity->getId()]); + } + $login_url = $this->facebook->getLoginUrl(array( + 'scope' => 'email', + 'redirect_uri' => $scheme . $host . '/' . $url)); + $this->response->redirect($login_url); + } + + /** + * @param Auth $auth + * @throws \Bluz\Auth\AuthException + * @throws \Exception + */ + public function alreadyRegisteredLogic(Auth $auth) + { + $auth->setToken($this->facebook->getAccessToken()); + $this->authService->updateObject($auth); + $user = $auth->getUser(); + + if ($user->getStatus() != User::STATUS_ACTIVE) { + Messages::addError('User is not active'); + } + + $this->userService->login($user); + $this->response->redirectTo('index', 'index'); + } + +} \ No newline at end of file diff --git a/application/models/Auth/Google.php b/application/models/Auth/Google.php new file mode 100644 index 00000000..69060aa9 --- /dev/null +++ b/application/models/Auth/Google.php @@ -0,0 +1,147 @@ +response->redirect($googleAuth->getAuthUrl($redirectUri)); + } + + $this->code = $code; + } + + /** + * @return mixed + */ + public function getCode() + { + return $this->code; + } + + /** + * @param $profile + * @param $user + */ + public function registration($profile, $user) + { + $auth = new \Application\Auth\Entity\Auth(); + $auth->setForeignKey($profile['id']); + $auth->setProvider(\Application\Auth\Entity\Auth::PROVIDER_GOOGLE); + $auth->setToken($this->google->accessToken); + if($this->google->refreshToken){ + $auth->setRefreshToken($this->google->refreshToken); + } + $auth->setTokenType('access'); + $auth->setUser($user); + $auth->setTokenSecret(0); + $this->authService->saveObject($auth); + Messages::addNotice('Your account was linked to Google successfully !'); + $this->response->redirectTo('users', 'profile', ['id' => $user->getId()]); + + } + + + /** + * @return array|mixed + * @throws \Exception + */ + public function getOptions() + { + $options = Config::getData('auth', 'google'); + if (!$options || !isset($options['client_id'], $options['client_secret']) + || empty($options['client_id']) || empty($options['client_secret']) + ) { + throw new \Exception('Google authorization is not configured'); + } + return $options; + } + + /** + * @return void + */ + public function redirectLogic() + { + $login_url = $this->google->getAuthUrl(Router::getFullUrl('google', 'redirect_uri')); + $this->response->redirect($login_url); + } + + /** + * @param Auth $auth + * @throws \Bluz\Auth\AuthException + * @throws \Exception + */ + public function alreadyRegisteredLogic(Auth $auth) + { + $user = $auth->getUser(); + + if ($user->getStatus() != User::STATUS_ACTIVE) { + Messages::addError('User is not active'); + } + + $this->userService->login($user); + $this->response->redirectTo('index', 'index'); + + } + + /** + * @return array + */ + public function getProfile() + { + //extend access_token live or get new one + $options = $this->getOptions(); + $this->google = new Client($options); + $config = Config::getData('auth', 'google'); + //todo::need to be wrapped in plugin + $scheme = Request::getScheme() . '://'; + $host = Request::getHttpHost(); + $url = $config['redirect-uri']; + $redirectUri = $scheme . $host . '/' . $url; + $this->google->getOauthAccessToken($this->code, $redirectUri); //getting temporary token + $userGoogle = $this->google->getUserInfo(); + if ($userGoogle) { + return $userGoogle; + } + /** + * If user doesn't allow application yet, redirect him to fb page for this. + * After this operation we will returned to this file. + * Is user declined app, we get param 'error' => 'access_denied' + */ + $this->redirectLogic(); + + } + + +} \ No newline at end of file diff --git a/application/modules/auth/controllers/auth.php b/application/modules/auth/controllers/auth.php index f16fd069..db7a7258 100644 --- a/application/modules/auth/controllers/auth.php +++ b/application/modules/auth/controllers/auth.php @@ -8,6 +8,7 @@ namespace Application; +use Application\Auth\AuthFactory; use Application\Users; use Bluz\Proxy\Messages; use Bluz\Proxy\Request; @@ -20,9 +21,16 @@ */ function () { + /** + * @var Bootstrap $this + */ try{ $provider = Request::getParam('provider'); - + $auth = new AuthFactory(); + $auth->setProvider($provider); + $auth->setResponse($this); + $auth->setIdentity($this->user()); + $auth->authProcess(); }catch (Exception $e) { Messages::addError($e->getMessage()); } @@ -31,8 +39,8 @@ function () { return false; }; - /** - * $config = Config::getData('hybridauth'); + + // $config = Config::getData('hybridauth'); try{ $hybridauth = new \Hybrid_Auth( $config ); @@ -48,5 +56,5 @@ function () { catch( Exception $e ){ echo "Ooophs, we got an error: " . $e->getMessage(); } - */ + }; From 3e259b603e2280c13225ce48c57f47fb1f77d008 Mon Sep 17 00:00:00 2001 From: yuklia Date: Wed, 6 May 2015 13:28:01 +0300 Subject: [PATCH 07/46] sign in via twitter --- application/configs/default/hybridauth.php | 10 +- application/models/Auth/AbstractAuth.php | 181 +++++------------- application/models/Auth/AuthFactory.php | 8 +- application/models/Auth/AuthInterface.php | 8 +- application/models/Auth/Twitter.php | 54 ++++++ application/modules/auth/controllers/auth.php | 6 +- application/modules/users/views/profile.phtml | 54 ++++-- application/modules/users/views/signin.phtml | 5 + 8 files changed, 167 insertions(+), 159 deletions(-) create mode 100644 application/models/Auth/Twitter.php diff --git a/application/configs/default/hybridauth.php b/application/configs/default/hybridauth.php index ecb1f93f..a4e151bf 100644 --- a/application/configs/default/hybridauth.php +++ b/application/configs/default/hybridauth.php @@ -6,6 +6,9 @@ * Time: 14:04 */ +/** + * You must define provider class inside providers scope + */ return array( //"base_url" the url that point to HybridAuth Endpoint (where index.php and config.php are found) "base_url" => "http://sk.com/auth/endpoint", @@ -14,7 +17,8 @@ // google "Google" => array( // 'id' is your google client id "enabled" => true, - "keys" => array("id" => "", "secret" => "") + "keys" => array("id" => "", "secret" => ""), + "provider" => 'Application\Auth\Google' ), // facebook @@ -22,12 +26,14 @@ "enabled" => true, "keys" => array("id" => "1413483462306154", "secret" => "0911925061bdb04a3d8c41129f672065"), "scope" => "email, user_about_me, user_birthday, user_hometown", // optional + "provider" => 'Application\Auth\Facebook' ), // twitter "Twitter" => array( // 'key' is your twitter application consumer key "enabled" => true, - "keys" => array("key" => "eOMvWh3ODqk4A1MHEeolm0Cfv", "secret" => "aJSrRzFlJxZp60IhTPnsOetwYVZ6XBZmcd4wQbPwyc7hgIYg0M") + "keys" => array("key" => "eOMvWh3ODqk4A1MHEeolm0Cfv", "secret" => "aJSrRzFlJxZp60IhTPnsOetwYVZ6XBZmcd4wQbPwyc7hgIYg0M"), + "provider" => 'Application\Auth\Twitter' ) ), diff --git a/application/models/Auth/AbstractAuth.php b/application/models/Auth/AbstractAuth.php index c6f23600..4648d2cf 100644 --- a/application/models/Auth/AbstractAuth.php +++ b/application/models/Auth/AbstractAuth.php @@ -2,38 +2,25 @@ namespace Application\Auth; +use Bluz\Proxy\Config; use Bluz\Proxy\Messages; use Application\Auth; use Application\Users; -use Bluz\Proxy\Request; -use Bluz\Proxy\Session; -class AbstractAuth implements AuthInterface +abstract class AbstractAuth implements AuthInterface { - /** @var \Bluz\Http\Response */ protected $response; - /** @var \Application\Users\Entity\User $identity */ + /** @var \Application\Users\Row $identity */ protected $identity; - private $hybridauth; + /** @var \Hybrid_Auth $hybridauth */ + protected $hybridauth; - /** - * @return \Hybrid_Auth - */ - public function getHybridauth() - { - return $this->hybridauth = new \Hybrid_Auth($this->getOptions()); - } + /** @var \Hybrid_Provider_Adapter $authAdapter*/ + protected $authAdapter; - /** - * @param mixed $hybridauth - */ - public function setHybridauth($hybridauth) - { - $this->hybridauth = $hybridauth; - } /** * @param \Bluz\Http\Response $response @@ -52,23 +39,7 @@ public function getResponse() } /** - * @param \Application\AbstractService $service - */ - public function setService($service) - { - $this->service = $service; - } - - /** - * @return \Application\AbstractService - */ - public function getService() - { - return $this->service; - } - - /** - * @param \Application\Users\Entity\User $identity + * @param \\Application\Users\Row $user $identity */ public function setIdentity($identity) { @@ -76,7 +47,7 @@ public function setIdentity($identity) } /** - * @return \Application\Users\Entity\User + * @return \Application\Users\Row $user */ public function getIdentity() { @@ -84,41 +55,8 @@ public function getIdentity() } /** - * @param \Application\Auth\AuthService $authService - */ - public function setAuthService($authService) - { - $this->authService = $authService; - } - - /** - * @return \Application\Auth\AuthService - */ - public function getAuthService() - { - return $this->authService; - } - - /** - * @param \Application\Users\UserService $userService - */ - public function setUserService($userService) - { - $this->userService = $userService; - } - - /** - * @return \Application\Users\UserService - */ - public function getUserService() - { - return $this->userService; - } - - - /** - * @param array $data - * @param \Application\Users\Entity\User $user + * @param \Hybrid_User_Profile $data + * @param \Application\Users\Row $user $user * @return void */ public function registration($data, $user) @@ -131,83 +69,49 @@ public function registration($data, $user) */ public function authProcess() { - $elements = explode('\\', get_class($this)); - $providerName = end($elements); - $profile = $this->getProfile(); - - if (!$profile) { - /** - * If user doesn't allow application yet, redirect him to fb page for this. - * After this operation we will returned to this file. - * Is user declined app, we get param 'error' => 'access_denied' - */ - - // if user declined - if ('access_denied' == Request::getParam('error', null)) { - $this->response->redirectTo('users', 'signin'); - } - } - - /* if ( \Bluz\Proxy\Auth::getIdentity()) { - $this->response->redirectTo('index', 'index'); - }*/ + $providerName = $this->getProviderName(); + $profile = $this->getProfile(); //? /** * @var Auth\Table $authTable */ $authTable = Auth\Table::getInstance(); - $auth = $authTable->getAuthRow(strtolower($providerName), $profile['id']); - - if ($auth) { - // if user has been registered - $user = Users\Table::findRow($auth->userId); - - $user->login(); - - if ($user->status != Users\Table::STATUS_ACTIVE) { - Messages::addError('User is not active'); + $auth = $authTable->getAuthRow(strtolower($providerName), $profile->identifier); + + if ($this->identity) { + if ($auth) { + Messages::addNotice(sprintf('You have already linked to %s', $providerName)); + $this->response->redirectTo('users', 'profile', ['id' => $this->identity->id]); + } else { + $user = Users\Table::findRow($this->identity->id); + $this->registration($profile, $user); } + } - $this->response->redirectTo('index', 'index'); + if ($auth) { + $this->alreadyRegisteredLogic($auth); } else { - // sign up user - - // continue with registration - /** - * Write facebook response to session - */ - Session::set('facebook', $profile); - Messages::addNotice('To finish your registration fill the form'); - $this->redirectTo('users', 'signup'); - - + Messages::addError('You need to sign in first'); + $this->response->redirectTo('users', 'signin'); } - /* if ($this->identity) { - if ($auth) { - Messages::addNotice(sprintf('You have already linked to %s', $providerName)); - $this->response->redirectTo('users', 'profile', ['id' => $this->identity->getId()]); - } else { - $user = $this->userService->readOne($this->identity->getId()); - $this->registration($profile, $user); - } - } - - if ($auth) { - $this->alreadyRegisteredLogic($auth); //need to be not a proxy object - } else { - Messages::addError('You need to sign up via Ldap first'); - $this->response->redirectTo('users', 'signin'); - }*/ + } + /** + * @return string + */ + private function getProviderName(){ + + $elements = explode('\\', get_class($this)); + return end($elements); } /** * @return array * @throws \Application\Exception */ - private function getOptions() + public function getOptions() { - + return Config::getData('hybridauth'); } /** @@ -222,17 +126,22 @@ public function redirectLogic() * @param Auth $auth * @return mixed */ - public function alreadyRegisteredLogic(Auth $auth) + public function alreadyRegisteredLogic($auth) { // TODO: Implement alreadyRegisteredLogic() method. } /** - * @return array + * @return \Hybrid_User_Profile */ public function getProfile() { - // TODO: Implement getProfile() method. + $this->hybridauth = new \Hybrid_Auth($this->getOptions()); + + /** @var \Hybrid_Provider_Adapter $authProvider */ + $this->authAdapter= $this->hybridauth->authenticate($this->getProviderName()); + + return $this->authAdapter->getUserProfile(); } public function setProvider($provider) diff --git a/application/models/Auth/AuthFactory.php b/application/models/Auth/AuthFactory.php index be03ec3a..ab10f98d 100644 --- a/application/models/Auth/AuthFactory.php +++ b/application/models/Auth/AuthFactory.php @@ -24,11 +24,13 @@ class AuthFactory extends AbstractAuth */ public function setProvider($provider){ - $options = Config::getData('hybridauth'); - if(empty($options['provider'])){ + $options = Config::getData('hybridauth','providers'); + $provider = $options[ucfirst($provider)]['provider']; + + if(empty($provider)){ throw new Exception('No provider was found !'); } - $className = $options['provider']; + $className = $provider; if (!class_exists($className)) { throw new Exception(sprintf('Class with name %s not found !', $className)); } diff --git a/application/models/Auth/AuthInterface.php b/application/models/Auth/AuthInterface.php index 40de5409..1a1b59a4 100644 --- a/application/models/Auth/AuthInterface.php +++ b/application/models/Auth/AuthInterface.php @@ -5,8 +5,8 @@ interface AuthInterface{ /** - * @param array $data - * @param \Application\Users\Entity\User $user + * @param \Hybrid_User_Profile $data + * @param \Application\Users\Row $user * @return void */ public function registration($data, $user); @@ -28,10 +28,10 @@ public function getOptions(); public function redirectLogic(); /** - * @param Auth $auth + * @param \Application\Auth\Row $auth * @return mixed */ - public function alreadyRegisteredLogic(Auth $auth); + public function alreadyRegisteredLogic($auth); /** * @return array diff --git a/application/models/Auth/Twitter.php b/application/models/Auth/Twitter.php new file mode 100644 index 00000000..84ad5fd6 --- /dev/null +++ b/application/models/Auth/Twitter.php @@ -0,0 +1,54 @@ +userId = $user->id; + $twitterRow->provider = Auth\Table::PROVIDER_TWITTER; + + $twitterRow->foreignKey = $profile->identifier; + $twitterRow->token = $this->authAdapter->getAccessToken()['access_token']; + $twitterRow->tokenSecret = $this->authAdapter->getAccessToken()['access_token_secret']; + $twitterRow->tokenType = Auth\Table::TYPE_ACCESS; + $twitterRow->save(); + + Messages::addNotice('Your account was linked to Twitter successfully !'); + $this->response->redirectTo('users', 'profile', ['id' => $user->id]); + } + + /** + * @param \Application\Auth\Row $auth + * @return mixed + */ + public function alreadyRegisteredLogic($auth){ + + $user = Users\Table::findRow($auth->userId); + + if ($user->status != Users\Table::STATUS_ACTIVE) { + Messages::addError('User is not active'); + } + + $user->login(); + $this->response->redirectTo('index', 'index'); + } + +} diff --git a/application/modules/auth/controllers/auth.php b/application/modules/auth/controllers/auth.php index db7a7258..9cb2ac78 100644 --- a/application/modules/auth/controllers/auth.php +++ b/application/modules/auth/controllers/auth.php @@ -37,10 +37,10 @@ function () { return function () { return false; - }; + }; - // $config = Config::getData('hybridauth'); + /* $config = Config::getData('hybridauth'); try{ $hybridauth = new \Hybrid_Auth( $config ); @@ -55,6 +55,6 @@ function () { } catch( Exception $e ){ echo "Ooophs, we got an error: " . $e->getMessage(); - } + }*/ }; diff --git a/application/modules/users/views/profile.phtml b/application/modules/users/views/profile.phtml index 68ad32e6..6700fb7b 100644 --- a/application/modules/users/views/profile.phtml +++ b/application/modules/users/views/profile.phtml @@ -4,19 +4,51 @@ * @var \Bluz\View\View $this */ ?> + + +

- + user()->id == $user->id) : ?> - ahref(__('Change email'), ['users', 'change-email'], ['class'=>'btn btn-mini pull-right'])?> - ahref(__('Change password'), ['users', 'change-password'], ['class'=>'btn btn-mini pull-right'])?> + ahref(__('Change email'), ['users', 'change-email'], ['class' => 'btn btn-mini pull-right']) ?> + ahref(__('Change password'), ['users', 'change-password'], ['class' => 'btn btn-mini pull-right']) ?>

-
-
-
login?>
-
-
email?>
-
-
status?>
-
+ +
+
+
+ + avatar + +
+
+ + + + + + + + + + + + + + + +
email ?>
status ?>
+ + + +
+
+
+
diff --git a/application/modules/users/views/signin.phtml b/application/modules/users/views/signin.phtml index 08363085..d3b8fc7c 100644 --- a/application/modules/users/views/signin.phtml +++ b/application/modules/users/views/signin.phtml @@ -4,6 +4,11 @@ * @var \Bluz\View\View $this */ ?> + + +

From fc2566a4c18dd6599df9d3f9bd2aa24cf912139b Mon Sep 17 00:00:00 2001 From: yuklia Date: Wed, 6 May 2015 13:37:24 +0300 Subject: [PATCH 08/46] hotfix --- application/modules/auth/controllers/auth.php | 18 ------------------ composer.json | 1 - 2 files changed, 19 deletions(-) diff --git a/application/modules/auth/controllers/auth.php b/application/modules/auth/controllers/auth.php index 9cb2ac78..6b03dce6 100644 --- a/application/modules/auth/controllers/auth.php +++ b/application/modules/auth/controllers/auth.php @@ -39,22 +39,4 @@ function () { return false; }; - - /* $config = Config::getData('hybridauth'); - - try{ - $hybridauth = new \Hybrid_Auth( $config ); - - $twitter = $hybridauth->authenticate( "Facebook" ); - - if ($twitter->isUserConnected()) { - $user_profile = $twitter->getUserProfile(); - echo "Hi there! " . $user_profile->displayName; - $twitter->logout(); - } - } - catch( Exception $e ){ - echo "Ooophs, we got an error: " . $e->getMessage(); - }*/ - }; diff --git a/composer.json b/composer.json index e60834e1..1a7bc495 100644 --- a/composer.json +++ b/composer.json @@ -16,7 +16,6 @@ "squizlabs/php_codesniffer": "~2.0", "zendframework/zend-dom": "~2.3", "hybridauth/hybridauth": "dev-master", - "opauth/opauth": "*", "opauth/facebook": "*", "opauth/twitter": "*" }, From 6b18359f807ee12991c12839b0d0d851d9c0f2b3 Mon Sep 17 00:00:00 2001 From: yuklia Date: Wed, 6 May 2015 15:48:16 +0300 Subject: [PATCH 09/46] facebook/google --- application/configs/default/hybridauth.php | 6 +- application/models/Auth/AbstractAuth.php | 15 +- application/models/Auth/AuthInterface.php | 5 - application/models/Auth/Facebook.php | 89 ++++------- application/models/Auth/Google.php | 143 +++--------------- .../modules/auth/controllers/endpoint.php | 2 - .../modules/index/controllers/index.php | 18 +++ public/js/bluz.auth.js | 1 + 8 files changed, 81 insertions(+), 198 deletions(-) diff --git a/application/configs/default/hybridauth.php b/application/configs/default/hybridauth.php index a4e151bf..7445043b 100644 --- a/application/configs/default/hybridauth.php +++ b/application/configs/default/hybridauth.php @@ -7,6 +7,7 @@ */ /** + * @link http://hybridauth.sourceforge.net/userguide/Configuration.html * You must define provider class inside providers scope */ return array( @@ -17,7 +18,8 @@ // google "Google" => array( // 'id' is your google client id "enabled" => true, - "keys" => array("id" => "", "secret" => ""), + "keys" => array("id" => "422236904670-r9jmuh7q4kc2vqpkscqtv9i1898mer4u.apps.googleusercontent.com", + "secret" => "3krFP90YB6F6xIADFG-Nzr1Q"), "provider" => 'Application\Auth\Google' ), @@ -25,7 +27,7 @@ "Facebook" => array( // 'id' is your facebook application id "enabled" => true, "keys" => array("id" => "1413483462306154", "secret" => "0911925061bdb04a3d8c41129f672065"), - "scope" => "email, user_about_me, user_birthday, user_hometown", // optional + "scope" => "email, user_about_me, user_birthday, user_hometown, publish_actions", // optional "provider" => 'Application\Auth\Facebook' ), diff --git a/application/models/Auth/AbstractAuth.php b/application/models/Auth/AbstractAuth.php index 4648d2cf..98a64a7a 100644 --- a/application/models/Auth/AbstractAuth.php +++ b/application/models/Auth/AbstractAuth.php @@ -64,11 +64,16 @@ public function registration($data, $user) // TODO: Implement registration() method. } + /** * @return void */ public function authProcess() { + if($this->hybridauth){ + $this->hybridauth->logoutAllProviders(); + } + $providerName = $this->getProviderName(); $profile = $this->getProfile(); //? @@ -114,14 +119,6 @@ public function getOptions() return Config::getData('hybridauth'); } - /** - * @return void - */ - public function redirectLogic() - { - // TODO: Implement redirectLogic() method. - } - /** * @param Auth $auth * @return mixed @@ -141,7 +138,7 @@ public function getProfile() /** @var \Hybrid_Provider_Adapter $authProvider */ $this->authAdapter= $this->hybridauth->authenticate($this->getProviderName()); - return $this->authAdapter->getUserProfile(); + return $this->authAdapter->getUserProfile(); } public function setProvider($provider) diff --git a/application/models/Auth/AuthInterface.php b/application/models/Auth/AuthInterface.php index 1a1b59a4..5e26ba89 100644 --- a/application/models/Auth/AuthInterface.php +++ b/application/models/Auth/AuthInterface.php @@ -22,11 +22,6 @@ public function authProcess(); */ public function getOptions(); - /** - * @return void - */ - public function redirectLogic(); - /** * @param \Application\Auth\Row $auth * @return mixed diff --git a/application/models/Auth/Facebook.php b/application/models/Auth/Facebook.php index 22c1cd81..9c10220f 100644 --- a/application/models/Auth/Facebook.php +++ b/application/models/Auth/Facebook.php @@ -1,89 +1,54 @@ setForeignKey($profile['id']); - $auth->setProvider(Auth::PROVIDER_FACEBOOK); - $auth->setToken($this->facebook->getAccessToken()); - $auth->setTokenType(AuthTable::TYPE_ACCESS); - $auth->setUser($user); - $auth->setTokenSecret(0); - $this->authService->saveObject($auth); - Messages::addNotice('Your account was linked to Facebook successfully !'); - $this->response->redirectTo('users', 'profile', ['id' => $user->getId()]); - - } - - /** - * @return array - */ - public function getProfile() - { - /** @var \Hybrid_Auth $hybridauth */ - $hybridauth = $this->getHybridauth(); + $twitterRow = new Auth\Row(); + $twitterRow->userId = $user->id; + $twitterRow->provider = Auth\Table::PROVIDER_FACEBOOK; - $facebook = $hybridauth->authenticate( "Facebook" ); + $twitterRow->foreignKey = $profile->identifier; + $twitterRow->token = $this->authAdapter->getAccessToken()['access_token']; + $twitterRow->tokenSecret = ($this->authAdapter->getAccessToken()['access_token_secret'])? $this->authAdapter->getAccessToken()['access_token_secret']: '' ; + $twitterRow->tokenType = Auth\Table::TYPE_ACCESS; + $twitterRow->save(); - return $facebook->getUserProfile(); + Messages::addNotice('Your account was linked to Facebook successfully !'); + $this->response->redirectTo('users', 'profile', ['id' => $user->id]); } /** - * void + * @param \Application\Auth\Row $auth + * @return mixed */ - public function redirectLogic() - { - $facebookConf = Config::getData('auth', 'facebook'); - //todo::need to be wrapped in plugin - $scheme = Request::getScheme() . '://'; - $host = Request::getHttpHost(); - $url = $facebookConf['redirect-uri']; - - // if user declined - if ('access_denied' == Request::getParam('error', null)) { - $this->response->redirectTo('users', 'profile', ['id' => $this->identity->getId()]); - } - $login_url = $this->facebook->getLoginUrl(array( - 'scope' => 'email', - 'redirect_uri' => $scheme . $host . '/' . $url)); - $this->response->redirect($login_url); - } + public function alreadyRegisteredLogic($auth){ - /** - * @param Auth $auth - * @throws \Bluz\Auth\AuthException - * @throws \Exception - */ - public function alreadyRegisteredLogic(Auth $auth) - { - $auth->setToken($this->facebook->getAccessToken()); - $this->authService->updateObject($auth); - $user = $auth->getUser(); + $user = Users\Table::findRow($auth->userId); - if ($user->getStatus() != User::STATUS_ACTIVE) { + if ($user->status != Users\Table::STATUS_ACTIVE) { Messages::addError('User is not active'); } - $this->userService->login($user); + $user->login(); $this->response->redirectTo('index', 'index'); } -} \ No newline at end of file +} diff --git a/application/models/Auth/Google.php b/application/models/Auth/Google.php index 69060aa9..d84b6392 100644 --- a/application/models/Auth/Google.php +++ b/application/models/Auth/Google.php @@ -2,146 +2,53 @@ /** * Created by PhpStorm. * User: yuklia - * Date: 2/17/15 - * Time: 11:06 AM + * Date: 06.05.15 + * Time: 11:02 */ namespace Application\Auth; -use Bluz\Proxy\Config; +use Application\Auth; +use Application\Users; use Bluz\Proxy\Messages; -use Bluz\Proxy\Request; -use Bluz\Proxy\Router; -use Google\Client; -class Google extends AbstractAuth{ - - /** @var Client/Google */ - private $google; - - /** @var */ - private $code; - - - /** - * @param mixed $code - */ - public function setCode($code) - { - if (!$code) { - $config = Config::getData('auth', 'google'); - $googleAuth = new Client($config); - //todo::need to be wrapped in plugin - $scheme = Request::getScheme() . '://'; - $host = Request::getHttpHost(); - $url = $config['redirect-uri']; - $redirectUri = $scheme . $host . '/' . $url; - $this->response->redirect($googleAuth->getAuthUrl($redirectUri)); - } - - $this->code = $code; - } +class Google extends AbstractAuth +{ /** - * @return mixed - */ - public function getCode() - { - return $this->code; - } - - /** - * @param $profile - * @param $user + * @param \Hybrid_User_Profile $profile + * @param \Application\Users\Row $user */ public function registration($profile, $user) { - $auth = new \Application\Auth\Entity\Auth(); - $auth->setForeignKey($profile['id']); - $auth->setProvider(\Application\Auth\Entity\Auth::PROVIDER_GOOGLE); - $auth->setToken($this->google->accessToken); - if($this->google->refreshToken){ - $auth->setRefreshToken($this->google->refreshToken); - } - $auth->setTokenType('access'); - $auth->setUser($user); - $auth->setTokenSecret(0); - $this->authService->saveObject($auth); - Messages::addNotice('Your account was linked to Google successfully !'); - $this->response->redirectTo('users', 'profile', ['id' => $user->getId()]); - - } + $twitterRow = new Auth\Row(); + $twitterRow->userId = $user->id; + $twitterRow->provider = Auth\Table::PROVIDER_GOOGLE; + $twitterRow->foreignKey = $profile->identifier; + $twitterRow->token = $this->authAdapter->getAccessToken()['access_token']; + $twitterRow->tokenSecret = ($this->authAdapter->getAccessToken()['access_token_secret'])? $this->authAdapter->getAccessToken()['access_token_secret']: '' ; + $twitterRow->tokenType = Auth\Table::TYPE_ACCESS; + $twitterRow->save(); - /** - * @return array|mixed - * @throws \Exception - */ - public function getOptions() - { - $options = Config::getData('auth', 'google'); - if (!$options || !isset($options['client_id'], $options['client_secret']) - || empty($options['client_id']) || empty($options['client_secret']) - ) { - throw new \Exception('Google authorization is not configured'); - } - return $options; + Messages::addNotice('Your account was linked to Google successfully !'); + $this->response->redirectTo('users', 'profile', ['id' => $user->id]); } /** - * @return void + * @param \Application\Auth\Row $auth + * @return mixed */ - public function redirectLogic() - { - $login_url = $this->google->getAuthUrl(Router::getFullUrl('google', 'redirect_uri')); - $this->response->redirect($login_url); - } + public function alreadyRegisteredLogic($auth){ - /** - * @param Auth $auth - * @throws \Bluz\Auth\AuthException - * @throws \Exception - */ - public function alreadyRegisteredLogic(Auth $auth) - { - $user = $auth->getUser(); + $user = Users\Table::findRow($auth->userId); - if ($user->getStatus() != User::STATUS_ACTIVE) { + if ($user->status != Users\Table::STATUS_ACTIVE) { Messages::addError('User is not active'); } - $this->userService->login($user); + $user->login(); $this->response->redirectTo('index', 'index'); - - } - - /** - * @return array - */ - public function getProfile() - { - //extend access_token live or get new one - $options = $this->getOptions(); - $this->google = new Client($options); - $config = Config::getData('auth', 'google'); - //todo::need to be wrapped in plugin - $scheme = Request::getScheme() . '://'; - $host = Request::getHttpHost(); - $url = $config['redirect-uri']; - $redirectUri = $scheme . $host . '/' . $url; - $this->google->getOauthAccessToken($this->code, $redirectUri); //getting temporary token - $userGoogle = $this->google->getUserInfo(); - if ($userGoogle) { - return $userGoogle; - } - /** - * If user doesn't allow application yet, redirect him to fb page for this. - * After this operation we will returned to this file. - * Is user declined app, we get param 'error' => 'access_denied' - */ - $this->redirectLogic(); - } - -} \ No newline at end of file +} diff --git a/application/modules/auth/controllers/endpoint.php b/application/modules/auth/controllers/endpoint.php index 4d13db92..76abb158 100644 --- a/application/modules/auth/controllers/endpoint.php +++ b/application/modules/auth/controllers/endpoint.php @@ -12,8 +12,6 @@ return /** - * @param int $id User UID - * @param string $code * @return \closure */ function () { diff --git a/application/modules/index/controllers/index.php b/application/modules/index/controllers/index.php index 611edf8d..129ad090 100644 --- a/application/modules/index/controllers/index.php +++ b/application/modules/index/controllers/index.php @@ -21,4 +21,22 @@ */ function () { + /* try{ + $hybridauth = new \Hybrid_Auth( Config::getData('hybridauth') ); + + $twitter = $hybridauth->authenticate( "Facebook" ); + + $user_profile = $twitter->getUserProfile(); + + echo "Hi there! " . $user_profile->displayName; + + $twitter->setUserStatus( "Hello world!" ); + + $user_contacts = $twitter->getUserContacts(); + $hybridauth->logoutAllProviders(); + } + catch( Exception $e ){ + echo "Ooophs, we got an error: " . $e->getMessage(); + }*/ + }; diff --git a/public/js/bluz.auth.js b/public/js/bluz.auth.js index 79b45a6b..381e5b31 100644 --- a/public/js/bluz.auth.js +++ b/public/js/bluz.auth.js @@ -2,6 +2,7 @@ * Created by yuklia on 04.03.15. */ define(['jquery'], function ($) { + console.log('test'); "use strict"; $(function(){ $('.provider').on('click', function(event){ From 49d9069cee0db3d7e5df4b0b121b5a49fcd943f9 Mon Sep 17 00:00:00 2001 From: yuklia Date: Wed, 6 May 2015 16:03:23 +0300 Subject: [PATCH 10/46] config modified --- application/configs/default/hybridauth.php | 3 +++ application/models/Auth/AbstractAuth.php | 4 ---- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/application/configs/default/hybridauth.php b/application/configs/default/hybridauth.php index 7445043b..743acdef 100644 --- a/application/configs/default/hybridauth.php +++ b/application/configs/default/hybridauth.php @@ -18,6 +18,7 @@ // google "Google" => array( // 'id' is your google client id "enabled" => true, + "wrapper" => array( "path" => "Providers/Google.php", "class" => "Hybrid_Providers_Google" ), "keys" => array("id" => "422236904670-r9jmuh7q4kc2vqpkscqtv9i1898mer4u.apps.googleusercontent.com", "secret" => "3krFP90YB6F6xIADFG-Nzr1Q"), "provider" => 'Application\Auth\Google' @@ -26,6 +27,7 @@ // facebook "Facebook" => array( // 'id' is your facebook application id "enabled" => true, + "wrapper" => array( "path" => "Providers/Facebook.php", "class" => "Hybrid_Providers_Facebook" ), "keys" => array("id" => "1413483462306154", "secret" => "0911925061bdb04a3d8c41129f672065"), "scope" => "email, user_about_me, user_birthday, user_hometown, publish_actions", // optional "provider" => 'Application\Auth\Facebook' @@ -34,6 +36,7 @@ // twitter "Twitter" => array( // 'key' is your twitter application consumer key "enabled" => true, + "wrapper" => array( "path" => "Providers/Twitter.php", "class" => "Hybrid_Providers_Twitter" ), "keys" => array("key" => "eOMvWh3ODqk4A1MHEeolm0Cfv", "secret" => "aJSrRzFlJxZp60IhTPnsOetwYVZ6XBZmcd4wQbPwyc7hgIYg0M"), "provider" => 'Application\Auth\Twitter' ) diff --git a/application/models/Auth/AbstractAuth.php b/application/models/Auth/AbstractAuth.php index 98a64a7a..fd574a20 100644 --- a/application/models/Auth/AbstractAuth.php +++ b/application/models/Auth/AbstractAuth.php @@ -70,10 +70,6 @@ public function registration($data, $user) */ public function authProcess() { - if($this->hybridauth){ - $this->hybridauth->logoutAllProviders(); - } - $providerName = $this->getProviderName(); $profile = $this->getProfile(); //? From 38056ee527b4c2c5bb478cf9ce972fe8228b6001 Mon Sep 17 00:00:00 2001 From: yuklia Date: Wed, 6 May 2015 16:18:00 +0300 Subject: [PATCH 11/46] change prov --- application/models/Auth/AuthFactory.php | 4 +- .../{AbstractAuth.php => AuthProvider.php} | 43 ++++++++++++++----- application/modules/auth/controllers/auth.php | 3 +- 3 files changed, 37 insertions(+), 13 deletions(-) rename application/models/Auth/{AbstractAuth.php => AuthProvider.php} (68%) diff --git a/application/models/Auth/AuthFactory.php b/application/models/Auth/AuthFactory.php index ab10f98d..f7bf1eda 100644 --- a/application/models/Auth/AuthFactory.php +++ b/application/models/Auth/AuthFactory.php @@ -24,7 +24,7 @@ class AuthFactory extends AbstractAuth */ public function setProvider($provider){ - $options = Config::getData('hybridauth','providers'); + /* $options = Config::getData('hybridauth','providers'); $provider = $options[ucfirst($provider)]['provider']; if(empty($provider)){ @@ -34,7 +34,7 @@ public function setProvider($provider){ if (!class_exists($className)) { throw new Exception(sprintf('Class with name %s not found !', $className)); } - $this->authType = new $className(); + $this->authType = new $className();*/ } diff --git a/application/models/Auth/AbstractAuth.php b/application/models/Auth/AuthProvider.php similarity index 68% rename from application/models/Auth/AbstractAuth.php rename to application/models/Auth/AuthProvider.php index fd574a20..75a49dc3 100644 --- a/application/models/Auth/AbstractAuth.php +++ b/application/models/Auth/AuthProvider.php @@ -7,7 +7,7 @@ use Application\Auth; use Application\Users; -abstract class AbstractAuth implements AuthInterface +class AuthProvider implements AuthInterface { /** @var \Bluz\Http\Response */ protected $response; @@ -21,7 +21,12 @@ abstract class AbstractAuth implements AuthInterface /** @var \Hybrid_Provider_Adapter $authAdapter*/ protected $authAdapter; + protected $providerName; + public function __construct($providerName){ + + $this->providerName = $providerName; + } /** * @param \Bluz\Http\Response $response */ @@ -61,7 +66,18 @@ public function getIdentity() */ public function registration($data, $user) { - // TODO: Implement registration() method. + $twitterRow = new Auth\Row(); + $twitterRow->userId = $user->id; + $twitterRow->provider = strtolower($this->providerName); + + $twitterRow->foreignKey = $data->identifier; + $twitterRow->token = $this->authAdapter->getAccessToken()['access_token']; + $twitterRow->tokenSecret = ($this->authAdapter->getAccessToken()['access_token_secret'])? $this->authAdapter->getAccessToken()['access_token_secret']: '' ; + $twitterRow->tokenType = Auth\Table::TYPE_ACCESS; + $twitterRow->save(); + + Messages::addNotice('Your account was linked to Facebook successfully !'); + $this->response->redirectTo('users', 'profile', ['id' => $user->id]); } @@ -70,18 +86,18 @@ public function registration($data, $user) */ public function authProcess() { - $providerName = $this->getProviderName(); + //$providerName = $this->getProviderName(); $profile = $this->getProfile(); //? /** * @var Auth\Table $authTable */ $authTable = Auth\Table::getInstance(); - $auth = $authTable->getAuthRow(strtolower($providerName), $profile->identifier); + $auth = $authTable->getAuthRow(strtolower($this->providerName), $profile->identifier); if ($this->identity) { if ($auth) { - Messages::addNotice(sprintf('You have already linked to %s', $providerName)); + Messages::addNotice(sprintf('You have already linked to %s', ucfirst($this->providerName))); $this->response->redirectTo('users', 'profile', ['id' => $this->identity->id]); } else { $user = Users\Table::findRow($this->identity->id); @@ -100,11 +116,11 @@ public function authProcess() /** * @return string */ - private function getProviderName(){ + /* private function getProviderName(){ $elements = explode('\\', get_class($this)); return end($elements); - } + }*/ /** * @return array @@ -116,12 +132,19 @@ public function getOptions() } /** - * @param Auth $auth + * @param $auth * @return mixed */ public function alreadyRegisteredLogic($auth) { - // TODO: Implement alreadyRegisteredLogic() method. + $user = Users\Table::findRow($auth->userId); + + if ($user->status != Users\Table::STATUS_ACTIVE) { + Messages::addError('User is not active'); + } + + $user->login(); + $this->response->redirectTo('index', 'index'); } /** @@ -132,7 +155,7 @@ public function getProfile() $this->hybridauth = new \Hybrid_Auth($this->getOptions()); /** @var \Hybrid_Provider_Adapter $authProvider */ - $this->authAdapter= $this->hybridauth->authenticate($this->getProviderName()); + $this->authAdapter= $this->hybridauth->authenticate($this->providerName); return $this->authAdapter->getUserProfile(); } diff --git a/application/modules/auth/controllers/auth.php b/application/modules/auth/controllers/auth.php index 6b03dce6..8fb29897 100644 --- a/application/modules/auth/controllers/auth.php +++ b/application/modules/auth/controllers/auth.php @@ -9,6 +9,7 @@ namespace Application; use Application\Auth\AuthFactory; +use Application\Auth\AuthProvider; use Application\Users; use Bluz\Proxy\Messages; use Bluz\Proxy\Request; @@ -26,7 +27,7 @@ function () { */ try{ $provider = Request::getParam('provider'); - $auth = new AuthFactory(); + $auth = new AuthProvider($provider); $auth->setProvider($provider); $auth->setResponse($this); $auth->setIdentity($this->user()); From 74e47a79b7a2156b0c3cb90d01efd27f2c04de37 Mon Sep 17 00:00:00 2001 From: yuklia Date: Wed, 6 May 2015 17:24:46 +0300 Subject: [PATCH 12/46] auth providers --- application/models/Auth/AuthInterface.php | 47 ----------------------- 1 file changed, 47 deletions(-) delete mode 100644 application/models/Auth/AuthInterface.php diff --git a/application/models/Auth/AuthInterface.php b/application/models/Auth/AuthInterface.php deleted file mode 100644 index 5e26ba89..00000000 --- a/application/models/Auth/AuthInterface.php +++ /dev/null @@ -1,47 +0,0 @@ - Date: Wed, 6 May 2015 17:25:08 +0300 Subject: [PATCH 13/46] auth providers --- application/configs/default/hybridauth.php | 4 +-- application/models/Auth/AuthProvider.php | 36 +++++-------------- application/modules/auth/controllers/auth.php | 2 -- .../modules/index/controllers/index.php | 17 --------- .../modules/users/controllers/profile.php | 1 + application/modules/users/views/profile.phtml | 8 ++--- application/modules/users/views/signin.phtml | 11 ++---- 7 files changed, 19 insertions(+), 60 deletions(-) diff --git a/application/configs/default/hybridauth.php b/application/configs/default/hybridauth.php index 743acdef..21dc3859 100644 --- a/application/configs/default/hybridauth.php +++ b/application/configs/default/hybridauth.php @@ -42,8 +42,8 @@ ) ), - "debug_mode" => false, + "debug_mode" => true, // to enable logging, set 'debug_mode' to true, then provide here a path of a writable file - "debug_file" => "", + "debug_file" => PATH_ROOT.'/data/logs/hybrid.log' ); \ No newline at end of file diff --git a/application/models/Auth/AuthProvider.php b/application/models/Auth/AuthProvider.php index 75a49dc3..8d143db2 100644 --- a/application/models/Auth/AuthProvider.php +++ b/application/models/Auth/AuthProvider.php @@ -7,7 +7,7 @@ use Application\Auth; use Application\Users; -class AuthProvider implements AuthInterface +class AuthProvider { /** @var \Bluz\Http\Response */ protected $response; @@ -21,6 +21,9 @@ class AuthProvider implements AuthInterface /** @var \Hybrid_Provider_Adapter $authAdapter*/ protected $authAdapter; + /** + * @var string + */ protected $providerName; public function __construct($providerName){ @@ -72,11 +75,12 @@ public function registration($data, $user) $twitterRow->foreignKey = $data->identifier; $twitterRow->token = $this->authAdapter->getAccessToken()['access_token']; - $twitterRow->tokenSecret = ($this->authAdapter->getAccessToken()['access_token_secret'])? $this->authAdapter->getAccessToken()['access_token_secret']: '' ; + $twitterRow->tokenSecret = ($this->authAdapter->getAccessToken()['access_token_secret'])? + $this->authAdapter->getAccessToken()['access_token_secret']: '' ; $twitterRow->tokenType = Auth\Table::TYPE_ACCESS; $twitterRow->save(); - Messages::addNotice('Your account was linked to Facebook successfully !'); + Messages::addNotice(sprintf('Your account was linked to %s successfully !', ucfirst($this->providerName))); $this->response->redirectTo('users', 'profile', ['id' => $user->id]); } @@ -86,8 +90,7 @@ public function registration($data, $user) */ public function authProcess() { - //$providerName = $this->getProviderName(); - $profile = $this->getProfile(); //? + $profile = $this->getProfile(); /** * @var Auth\Table $authTable @@ -113,15 +116,6 @@ public function authProcess() } } - /** - * @return string - */ - /* private function getProviderName(){ - - $elements = explode('\\', get_class($this)); - return end($elements); - }*/ - /** * @return array * @throws \Application\Exception @@ -155,21 +149,9 @@ public function getProfile() $this->hybridauth = new \Hybrid_Auth($this->getOptions()); /** @var \Hybrid_Provider_Adapter $authProvider */ - $this->authAdapter= $this->hybridauth->authenticate($this->providerName); + $this->authAdapter= $this->hybridauth->authenticate(ucfirst($this->providerName)); return $this->authAdapter->getUserProfile(); } - public function setProvider($provider) - { - // TODO: Implement setProvider() method. - } - - /** - * @return mixed - */ - public function getProvider() - { - // TODO: Implement getProvider() method. - } } \ No newline at end of file diff --git a/application/modules/auth/controllers/auth.php b/application/modules/auth/controllers/auth.php index 8fb29897..95b20c3e 100644 --- a/application/modules/auth/controllers/auth.php +++ b/application/modules/auth/controllers/auth.php @@ -8,7 +8,6 @@ namespace Application; -use Application\Auth\AuthFactory; use Application\Auth\AuthProvider; use Application\Users; use Bluz\Proxy\Messages; @@ -28,7 +27,6 @@ function () { try{ $provider = Request::getParam('provider'); $auth = new AuthProvider($provider); - $auth->setProvider($provider); $auth->setResponse($this); $auth->setIdentity($this->user()); $auth->authProcess(); diff --git a/application/modules/index/controllers/index.php b/application/modules/index/controllers/index.php index 129ad090..edfe2385 100644 --- a/application/modules/index/controllers/index.php +++ b/application/modules/index/controllers/index.php @@ -21,22 +21,5 @@ */ function () { - /* try{ - $hybridauth = new \Hybrid_Auth( Config::getData('hybridauth') ); - - $twitter = $hybridauth->authenticate( "Facebook" ); - - $user_profile = $twitter->getUserProfile(); - - echo "Hi there! " . $user_profile->displayName; - - $twitter->setUserStatus( "Hello world!" ); - - $user_contacts = $twitter->getUserContacts(); - $hybridauth->logoutAllProviders(); - } - catch( Exception $e ){ - echo "Ooophs, we got an error: " . $e->getMessage(); - }*/ }; diff --git a/application/modules/users/controllers/profile.php b/application/modules/users/controllers/profile.php index c4cad2c7..0ae55ac9 100644 --- a/application/modules/users/controllers/profile.php +++ b/application/modules/users/controllers/profile.php @@ -8,6 +8,7 @@ namespace Application; use Application\Users; +use Bluz\Proxy\Config; use Bluz\Proxy\Layout; return diff --git a/application/modules/users/views/profile.phtml b/application/modules/users/views/profile.phtml index 6700fb7b..0e8bf57d 100644 --- a/application/modules/users/views/profile.phtml +++ b/application/modules/users/views/profile.phtml @@ -6,7 +6,7 @@ ?>

@@ -38,11 +38,11 @@ - - - diff --git a/application/modules/users/views/signin.phtml b/application/modules/users/views/signin.phtml index d3b8fc7c..70de4d73 100644 --- a/application/modules/users/views/signin.phtml +++ b/application/modules/users/views/signin.phtml @@ -4,11 +4,6 @@ * @var \Bluz\View\View $this */ ?> - - -

@@ -39,13 +34,13 @@
- +
- +
- +
From eb565bef994b2578f62fdae7615b69714e6b93a2 Mon Sep 17 00:00:00 2001 From: yuklia Date: Wed, 6 May 2015 17:47:49 +0300 Subject: [PATCH 14/46] unused classes were removed --- application/configs/default/hybridauth.php | 10 ++-- application/models/Auth/AuthFactory.php | 70 ---------------------- application/models/Auth/Facebook.php | 54 ----------------- application/models/Auth/Google.php | 54 ----------------- application/models/Auth/Twitter.php | 54 ----------------- 5 files changed, 5 insertions(+), 237 deletions(-) delete mode 100644 application/models/Auth/AuthFactory.php delete mode 100644 application/models/Auth/Facebook.php delete mode 100644 application/models/Auth/Google.php delete mode 100644 application/models/Auth/Twitter.php diff --git a/application/configs/default/hybridauth.php b/application/configs/default/hybridauth.php index 21dc3859..7dc45f81 100644 --- a/application/configs/default/hybridauth.php +++ b/application/configs/default/hybridauth.php @@ -8,7 +8,6 @@ /** * @link http://hybridauth.sourceforge.net/userguide/Configuration.html - * You must define provider class inside providers scope */ return array( //"base_url" the url that point to HybridAuth Endpoint (where index.php and config.php are found) @@ -21,7 +20,10 @@ "wrapper" => array( "path" => "Providers/Google.php", "class" => "Hybrid_Providers_Google" ), "keys" => array("id" => "422236904670-r9jmuh7q4kc2vqpkscqtv9i1898mer4u.apps.googleusercontent.com", "secret" => "3krFP90YB6F6xIADFG-Nzr1Q"), - "provider" => 'Application\Auth\Google' + "scope" => "https://www.googleapis.com/auth/userinfo.profile ". // optional + "https://www.googleapis.com/auth/userinfo.email" , // optional + "access_type" => "offline", // optional + "approval_prompt" => "force", // optional ), // facebook @@ -30,15 +32,13 @@ "wrapper" => array( "path" => "Providers/Facebook.php", "class" => "Hybrid_Providers_Facebook" ), "keys" => array("id" => "1413483462306154", "secret" => "0911925061bdb04a3d8c41129f672065"), "scope" => "email, user_about_me, user_birthday, user_hometown, publish_actions", // optional - "provider" => 'Application\Auth\Facebook' ), // twitter "Twitter" => array( // 'key' is your twitter application consumer key "enabled" => true, "wrapper" => array( "path" => "Providers/Twitter.php", "class" => "Hybrid_Providers_Twitter" ), - "keys" => array("key" => "eOMvWh3ODqk4A1MHEeolm0Cfv", "secret" => "aJSrRzFlJxZp60IhTPnsOetwYVZ6XBZmcd4wQbPwyc7hgIYg0M"), - "provider" => 'Application\Auth\Twitter' + "keys" => array("key" => "eOMvWh3ODqk4A1MHEeolm0Cfv", "secret" => "aJSrRzFlJxZp60IhTPnsOetwYVZ6XBZmcd4wQbPwyc7hgIYg0M") ) ), diff --git a/application/models/Auth/AuthFactory.php b/application/models/Auth/AuthFactory.php deleted file mode 100644 index f7bf1eda..00000000 --- a/application/models/Auth/AuthFactory.php +++ /dev/null @@ -1,70 +0,0 @@ -authType = new $className();*/ - } - - - /** - * @param \Bluz\Http\Response $response - */ - public function setResponse($response) - { - $this->authType->setResponse($response); - } - - - /** - * @param mixed $identity - */ - public function setIdentity($identity) - { - $this->authType->setIdentity($identity); - } - - /** - * delegate to type - */ - public function authProcess(){ - - $this->authType->authProcess(); - } - - public function getProvider(){ - - return $this->authType; - } -} \ No newline at end of file diff --git a/application/models/Auth/Facebook.php b/application/models/Auth/Facebook.php deleted file mode 100644 index 9c10220f..00000000 --- a/application/models/Auth/Facebook.php +++ /dev/null @@ -1,54 +0,0 @@ -userId = $user->id; - $twitterRow->provider = Auth\Table::PROVIDER_FACEBOOK; - - $twitterRow->foreignKey = $profile->identifier; - $twitterRow->token = $this->authAdapter->getAccessToken()['access_token']; - $twitterRow->tokenSecret = ($this->authAdapter->getAccessToken()['access_token_secret'])? $this->authAdapter->getAccessToken()['access_token_secret']: '' ; - $twitterRow->tokenType = Auth\Table::TYPE_ACCESS; - $twitterRow->save(); - - Messages::addNotice('Your account was linked to Facebook successfully !'); - $this->response->redirectTo('users', 'profile', ['id' => $user->id]); - } - - /** - * @param \Application\Auth\Row $auth - * @return mixed - */ - public function alreadyRegisteredLogic($auth){ - - $user = Users\Table::findRow($auth->userId); - - if ($user->status != Users\Table::STATUS_ACTIVE) { - Messages::addError('User is not active'); - } - - $user->login(); - $this->response->redirectTo('index', 'index'); - } - -} diff --git a/application/models/Auth/Google.php b/application/models/Auth/Google.php deleted file mode 100644 index d84b6392..00000000 --- a/application/models/Auth/Google.php +++ /dev/null @@ -1,54 +0,0 @@ -userId = $user->id; - $twitterRow->provider = Auth\Table::PROVIDER_GOOGLE; - - $twitterRow->foreignKey = $profile->identifier; - $twitterRow->token = $this->authAdapter->getAccessToken()['access_token']; - $twitterRow->tokenSecret = ($this->authAdapter->getAccessToken()['access_token_secret'])? $this->authAdapter->getAccessToken()['access_token_secret']: '' ; - $twitterRow->tokenType = Auth\Table::TYPE_ACCESS; - $twitterRow->save(); - - Messages::addNotice('Your account was linked to Google successfully !'); - $this->response->redirectTo('users', 'profile', ['id' => $user->id]); - } - - /** - * @param \Application\Auth\Row $auth - * @return mixed - */ - public function alreadyRegisteredLogic($auth){ - - $user = Users\Table::findRow($auth->userId); - - if ($user->status != Users\Table::STATUS_ACTIVE) { - Messages::addError('User is not active'); - } - - $user->login(); - $this->response->redirectTo('index', 'index'); - } - -} diff --git a/application/models/Auth/Twitter.php b/application/models/Auth/Twitter.php deleted file mode 100644 index 84ad5fd6..00000000 --- a/application/models/Auth/Twitter.php +++ /dev/null @@ -1,54 +0,0 @@ -userId = $user->id; - $twitterRow->provider = Auth\Table::PROVIDER_TWITTER; - - $twitterRow->foreignKey = $profile->identifier; - $twitterRow->token = $this->authAdapter->getAccessToken()['access_token']; - $twitterRow->tokenSecret = $this->authAdapter->getAccessToken()['access_token_secret']; - $twitterRow->tokenType = Auth\Table::TYPE_ACCESS; - $twitterRow->save(); - - Messages::addNotice('Your account was linked to Twitter successfully !'); - $this->response->redirectTo('users', 'profile', ['id' => $user->id]); - } - - /** - * @param \Application\Auth\Row $auth - * @return mixed - */ - public function alreadyRegisteredLogic($auth){ - - $user = Users\Table::findRow($auth->userId); - - if ($user->status != Users\Table::STATUS_ACTIVE) { - Messages::addError('User is not active'); - } - - $user->login(); - $this->response->redirectTo('index', 'index'); - } - -} From c2113942281bddb49623b8a3fca984bfea1a2b06 Mon Sep 17 00:00:00 2001 From: yuklia Date: Wed, 6 May 2015 17:51:57 +0300 Subject: [PATCH 15/46] hotfix --- application/modules/users/views/profile.phtml | 4 ---- public/js/bluz.auth.js | 18 ------------------ 2 files changed, 22 deletions(-) delete mode 100644 public/js/bluz.auth.js diff --git a/application/modules/users/views/profile.phtml b/application/modules/users/views/profile.phtml index 0e8bf57d..f2e1cd3b 100644 --- a/application/modules/users/views/profile.phtml +++ b/application/modules/users/views/profile.phtml @@ -5,10 +5,6 @@ */ ?> - -

user()->id == $user->id) : ?> diff --git a/public/js/bluz.auth.js b/public/js/bluz.auth.js deleted file mode 100644 index 381e5b31..00000000 --- a/public/js/bluz.auth.js +++ /dev/null @@ -1,18 +0,0 @@ -/** - * Created by yuklia on 04.03.15. - */ -define(['jquery'], function ($) { - console.log('test'); - "use strict"; - $(function(){ - $('.provider').on('click', function(event){ - event.preventDefault(); - var provider = $(this).data('provider'); - $.ajax({ - type: "POST", - url: "auth/auth", - data: { provider: provider } - }); - }) - }) -}); From 5f5f397cae6c79991a2e3a92aaf52d9a395d9706 Mon Sep 17 00:00:00 2001 From: yuklia Date: Wed, 6 May 2015 18:14:10 +0300 Subject: [PATCH 16/46] enpoint fix --- .../modules/auth/controllers/endpoint.php | 2 +- .../modules/facebook/controllers/auth.php | 114 --------------- .../modules/google/controllers/auth.php | 20 --- .../modules/google/controllers/callback.php | 81 ----------- .../modules/twitter/controllers/auth.php | 45 ------ .../modules/twitter/controllers/callback.php | 130 ------------------ 6 files changed, 1 insertion(+), 391 deletions(-) delete mode 100644 application/modules/facebook/controllers/auth.php delete mode 100644 application/modules/google/controllers/auth.php delete mode 100644 application/modules/google/controllers/callback.php delete mode 100644 application/modules/twitter/controllers/auth.php delete mode 100644 application/modules/twitter/controllers/callback.php diff --git a/application/modules/auth/controllers/endpoint.php b/application/modules/auth/controllers/endpoint.php index 76abb158..f7c2bb70 100644 --- a/application/modules/auth/controllers/endpoint.php +++ b/application/modules/auth/controllers/endpoint.php @@ -16,5 +16,5 @@ */ function () { - include PATH_VENDOR."/"."hybridauth/hybridauth/hybridauth/index.php"; + \Hybrid_Endpoint::process(); }; diff --git a/application/modules/facebook/controllers/auth.php b/application/modules/facebook/controllers/auth.php deleted file mode 100644 index 57ca8dfb..00000000 --- a/application/modules/facebook/controllers/auth.php +++ /dev/null @@ -1,114 +0,0 @@ - - * @created 22.05.2013 13:12 - */ - -/** - * @namespace - */ -namespace Application; - -use Application\Auth; -use Application\Facebook; -use Application\Users; -use Bluz\Proxy\Config; -use Bluz\Proxy\Messages; -use Bluz\Proxy\Request; -use Bluz\Proxy\Session; - -return -/** - * @throws Exception - * @return void - */ -function () { - /** - * @var Bootstrap $this - */ - $options = Config::getData('auth', 'facebook'); - if (!$options || !isset($options['appId'], $options['secret']) - || empty($options['appId']) || empty($options['secret'])) { - throw new Exception('Facebook authorization is not configured'); - } - - // redirect sign in user to index page and init session - if ($this->user()) { - $this->redirectTo('index', 'index'); - } - - $facebook = new Facebook\Facebook( - array( - 'appId' => $options['appId'], - 'secret' => $options['secret'], - ) - ); - /** - * Should be return id of user, if he allows application. - * In false returned 0. - */ - - $facebook->destroySession(); - $user = $facebook->getUser(); - - if ($user) { - // Proceed knowing you have a logged in user who's authenticated. - $profile = $facebook->api('/me'); - - /** - * @var Auth\Table $authTable - */ - $authTable = Auth\Table::getInstance(); - $row = $authTable->getAuthRow(Auth\Table::PROVIDER_FACEBOOK, $profile['id']); - - if ($row) { - // if user has been registered - $user = Users\Table::findRow($row->userId); - - if ($user->status != Users\Table::STATUS_ACTIVE) { - Messages::addError('User is not active'); - $this->redirectTo('index', 'index'); - } - - $user->login(); - } else { - // sign up user - - if (!$user = $this->user()) { - /** - * Write facebook response to session - */ - Session::set('facebook', $profile); - Messages::addNotice('To finish your registration fill the form'); - $this->redirectTo('users', 'signup'); - } else { - $row = new Auth\Row(); - $row->userId = $user->id; - $row->provider = Auth\Table::PROVIDER_FACEBOOK; - $row->foreignKey = $profile['id']; - $row->token = $facebook->getAccessToken(); - $row->tokenSecret = 0; - $row->tokenType = Auth\Table::TYPE_ACCESS; - $row->save(); - } - } - } else { - /** - * If user doesn't allow application yet, redirect him to fb page for this. - * After this operation we will returned to this file. - * Is user declined app, we get param 'error' => 'access_denied' - */ - - // if user declined - if ('access_denied' == Request::getParam('error', null)) { - $this->redirectTo('users', 'signin'); - } - - $login_url = $facebook->getLoginUrl(array('scope' => 'email')); - $this->redirect($login_url); - } - - $this->redirectTo('index', 'index'); -}; diff --git a/application/modules/google/controllers/auth.php b/application/modules/google/controllers/auth.php deleted file mode 100644 index 6f0180e4..00000000 --- a/application/modules/google/controllers/auth.php +++ /dev/null @@ -1,20 +0,0 @@ -redirect($googleAuth->getAuthUrl($callbackUrl)); -}; diff --git a/application/modules/google/controllers/callback.php b/application/modules/google/controllers/callback.php deleted file mode 100644 index a91dca37..00000000 --- a/application/modules/google/controllers/callback.php +++ /dev/null @@ -1,81 +0,0 @@ -getOauthAccessToken($code, $callbackUrl); - $result = $googleAuth->getUserInfo(); - - $authTable = Auth\Table::getInstance(); - $row = $authTable->getAuthRow(Auth\Table::PROVIDER_GOOGLE, $result['id']); - - if ($row) { - $user = Users\Table::findRow($row->userId); - - /** - * Check the status of the user - */ - if ($user->status != Users\Table::STATUS_ACTIVE) { - Messages::addError('User is not active'); - $this->redirectTo('index', 'index'); - } - - /** - * Update tokens - */ - $row->token = $googleAuth->accessToken; - $row->save(); - - $user->login(); - } else { - if (!$user = $this->user()) { - /** - * Write twitter response to session - */ - $result['access_token'] = $googleAuth->accessToken; - Session::set('google', $result); - Messages::addNotice('To finish your registration fill the form'); - $this->redirectTo('users', 'signup'); - } else { - /** - * @var Auth\Row $row - * Users exists - save user info. - */ - $row = new Auth\Row(); - $row->userId = $user->id; - $row->provider = Auth\Table::PROVIDER_GOOGLE; - $row->foreignKey = $result['id']; - $row->token = $googleAuth->accessToken; - $row->tokenSecret = 0; - $row->tokenType = Auth\Table::TYPE_ACCESS; - $row->save(); - } - } - - Messages::addNotice('You are signed'); - $this->redirectTo('index', 'index'); - } catch (GuzzleException $e) { - Messages::addError($e->getMessage()); - $this->redirectTo('index', 'index'); - } -}; diff --git a/application/modules/twitter/controllers/auth.php b/application/modules/twitter/controllers/auth.php deleted file mode 100644 index cfa42712..00000000 --- a/application/modules/twitter/controllers/auth.php +++ /dev/null @@ -1,45 +0,0 @@ -getOauthRequestToken($callbackUrl); - $this->redirect('https://api.twitter.com/oauth/authenticate?oauth_token='.$token); - } catch (GuzzleException $e) { - Messages::addError($e->getMessage()); - } -}; diff --git a/application/modules/twitter/controllers/callback.php b/application/modules/twitter/controllers/callback.php deleted file mode 100644 index 4a56eaec..00000000 --- a/application/modules/twitter/controllers/callback.php +++ /dev/null @@ -1,130 +0,0 @@ - string - * 'oauth_token_secret' => string - * 'user_id' => string - * 'screen_name' => string - * ) - * Try to sign in - */ - try { - $result = $twitterAuth->getOauthAccessToken($oauthToken, $oauthVerifier, $oauthTokenSecret); - - /** - * @var Auth\Table $authTable - */ - $authTable = Auth\Table::getInstance(); - - /** - * Try to load previous information - * @var \Application\Auth\Row $row - */ - $row = $authTable->getAuthRow(Auth\Table::PROVIDER_TWITTER, $result['user_id']); - - if ($row) { - /** - * Try to sign in - * @var Users\Row $user - */ - $user = Users\Table::findRow($row->userId); - - /** - * Check the status of the user - */ - if ($user->status != Users\Table::STATUS_ACTIVE) { - Messages::addError('User is not active'); - $this->redirectTo('index', 'index'); - } - - /** - * Update tokens - */ - $row->token = $result['oauth_token']; - $row->tokenSecret = $result['oauth_token_secret']; - $row->tokenType = Auth\Table::TYPE_ACCESS; - $row->save(); - - /** - * sign in. - */ - $user->login(); - } else { - /** - * if user already signed - link new auth provider to account - * another - create new user - */ - if (!$user = $this->user()) { - /** - * Write twitter response to session - */ - Session::set('twitter', $result); - Messages::addNotice('To finish your registration fill the form'); - $this->redirectTo('users', 'signup'); - } else { - /** - * @var Auth\Row $row - * Users exists - save user info. - */ - $row = new Auth\Row(); - $row->userId = $user->id; - $row->provider = Auth\Table::PROVIDER_TWITTER; - $row->foreignKey = $result['user_id']; - $row->token = $result['oauth_token']; - $row->tokenSecret = $result['oauth_token_secret']; - $row->tokenType = Auth\Table::TYPE_ACCESS; - $row->save(); - } - } - - Messages::addNotice('You are signed'); - $this->redirectTo('index', 'index'); - } catch (GuzzleException $e) { - Messages::addError($e->getMessage()); - $this->redirectTo('index', 'index'); - } - - return false; -}; From 1632ce62130b54b6a0d607e591ba7f5baeaf5cf9 Mon Sep 17 00:00:00 2001 From: yuklia Date: Wed, 6 May 2015 18:34:24 +0300 Subject: [PATCH 17/46] hotfix --- application/models/Auth/AuthProvider.php | 18 ++++++++---------- .../modules/users/controllers/signout.php | 2 ++ 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/application/models/Auth/AuthProvider.php b/application/models/Auth/AuthProvider.php index 8d143db2..a096734a 100644 --- a/application/models/Auth/AuthProvider.php +++ b/application/models/Auth/AuthProvider.php @@ -29,6 +29,7 @@ class AuthProvider public function __construct($providerName){ $this->providerName = $providerName; + $this->hybridauth = new \Hybrid_Auth($this->getOptions()); } /** * @param \Bluz\Http\Response $response @@ -47,7 +48,7 @@ public function getResponse() } /** - * @param \\Application\Users\Row $user $identity + * @param \Application\Users\Row $identity */ public function setIdentity($identity) { @@ -67,7 +68,7 @@ public function getIdentity() * @param \Application\Users\Row $user $user * @return void */ - public function registration($data, $user) + protected function registration($data, $user) { $twitterRow = new Auth\Row(); $twitterRow->userId = $user->id; @@ -90,6 +91,8 @@ public function registration($data, $user) */ public function authProcess() { + /** @var \Hybrid_Provider_Adapter $authProvider */ + $this->authAdapter= $this->hybridauth->authenticate(ucfirst($this->providerName)); $profile = $this->getProfile(); /** @@ -120,7 +123,7 @@ public function authProcess() * @return array * @throws \Application\Exception */ - public function getOptions() + protected function getOptions() { return Config::getData('hybridauth'); } @@ -129,7 +132,7 @@ public function getOptions() * @param $auth * @return mixed */ - public function alreadyRegisteredLogic($auth) + protected function alreadyRegisteredLogic($auth) { $user = Users\Table::findRow($auth->userId); @@ -144,13 +147,8 @@ public function alreadyRegisteredLogic($auth) /** * @return \Hybrid_User_Profile */ - public function getProfile() + protected function getProfile() { - $this->hybridauth = new \Hybrid_Auth($this->getOptions()); - - /** @var \Hybrid_Provider_Adapter $authProvider */ - $this->authAdapter= $this->hybridauth->authenticate(ucfirst($this->providerName)); - return $this->authAdapter->getUserProfile(); } diff --git a/application/modules/users/controllers/signout.php b/application/modules/users/controllers/signout.php index 3e05613c..fe4a55a0 100644 --- a/application/modules/users/controllers/signout.php +++ b/application/modules/users/controllers/signout.php @@ -21,6 +21,8 @@ function () use ($view) { * @var Bootstrap $this * @var \Bluz\View\View $view */ + + \Hybrid_Auth::logoutAllProviders(); AppAuth\Table::getInstance()->removeCookieToken($this->user()->id); Auth::clearIdentity(); Messages::addNotice('You are signout'); From 5dec51ac836a18404a5f6369b158d352498b0250 Mon Sep 17 00:00:00 2001 From: yuklia Date: Wed, 6 May 2015 18:38:11 +0300 Subject: [PATCH 18/46] hotfix --- application/models/Auth/AuthProvider.php | 2 +- application/modules/users/controllers/signout.php | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/application/models/Auth/AuthProvider.php b/application/models/Auth/AuthProvider.php index a096734a..44def960 100644 --- a/application/models/Auth/AuthProvider.php +++ b/application/models/Auth/AuthProvider.php @@ -114,7 +114,7 @@ public function authProcess() if ($auth) { $this->alreadyRegisteredLogic($auth); } else { - Messages::addError('You need to sign in first'); + Messages::addError(sprintf('First you need to be linked to %s', ucfirst($this->providerName))); $this->response->redirectTo('users', 'signin'); } } diff --git a/application/modules/users/controllers/signout.php b/application/modules/users/controllers/signout.php index fe4a55a0..355517e0 100644 --- a/application/modules/users/controllers/signout.php +++ b/application/modules/users/controllers/signout.php @@ -22,7 +22,6 @@ function () use ($view) { * @var \Bluz\View\View $view */ - \Hybrid_Auth::logoutAllProviders(); AppAuth\Table::getInstance()->removeCookieToken($this->user()->id); Auth::clearIdentity(); Messages::addNotice('You are signout'); From d5c248d3b008ea52513dae5109fb7a425c891a16 Mon Sep 17 00:00:00 2001 From: yuklia Date: Wed, 6 May 2015 19:05:27 +0300 Subject: [PATCH 19/46] provider cheking --- application/models/Auth/AuthInterface.php | 42 +++++++++++++++++++++++ application/models/Auth/AuthProvider.php | 40 ++++++++++++++------- 2 files changed, 70 insertions(+), 12 deletions(-) create mode 100644 application/models/Auth/AuthInterface.php diff --git a/application/models/Auth/AuthInterface.php b/application/models/Auth/AuthInterface.php new file mode 100644 index 00000000..15ce6900 --- /dev/null +++ b/application/models/Auth/AuthInterface.php @@ -0,0 +1,42 @@ +getAvailableProviders())) { + throw new ApplicationException(sprintf('Provider % is not defined in configuration file', ucfirst($providerName))); + } $this->providerName = $providerName; $this->hybridauth = new \Hybrid_Auth($this->getOptions()); } + /** * @param \Bluz\Http\Response $response */ @@ -65,10 +72,10 @@ public function getIdentity() /** * @param \Hybrid_User_Profile $data - * @param \Application\Users\Row $user $user + * @param \Application\Users\Row $user * @return void */ - protected function registration($data, $user) + public function registration($data, $user) { $twitterRow = new Auth\Row(); $twitterRow->userId = $user->id; @@ -76,8 +83,8 @@ protected function registration($data, $user) $twitterRow->foreignKey = $data->identifier; $twitterRow->token = $this->authAdapter->getAccessToken()['access_token']; - $twitterRow->tokenSecret = ($this->authAdapter->getAccessToken()['access_token_secret'])? - $this->authAdapter->getAccessToken()['access_token_secret']: '' ; + $twitterRow->tokenSecret = ($this->authAdapter->getAccessToken()['access_token_secret']) ? + $this->authAdapter->getAccessToken()['access_token_secret'] : ''; $twitterRow->tokenType = Auth\Table::TYPE_ACCESS; $twitterRow->save(); @@ -92,7 +99,7 @@ protected function registration($data, $user) public function authProcess() { /** @var \Hybrid_Provider_Adapter $authProvider */ - $this->authAdapter= $this->hybridauth->authenticate(ucfirst($this->providerName)); + $this->authAdapter = $this->hybridauth->authenticate(ucfirst($this->providerName)); $profile = $this->getProfile(); /** @@ -123,16 +130,25 @@ public function authProcess() * @return array * @throws \Application\Exception */ - protected function getOptions() + public function getOptions() { - return Config::getData('hybridauth'); + return Config::getData('hybridauth'); + } + + /** + * @return array + */ + protected function getAvailableProviders() + { + + return array_keys(Config::getData('hybridauth')['providers']); } /** * @param $auth * @return mixed */ - protected function alreadyRegisteredLogic($auth) + public function alreadyRegisteredLogic($auth) { $user = Users\Table::findRow($auth->userId); @@ -147,7 +163,7 @@ protected function alreadyRegisteredLogic($auth) /** * @return \Hybrid_User_Profile */ - protected function getProfile() + public function getProfile() { return $this->authAdapter->getUserProfile(); } From 2fd9b287a90e5810fddba6b686e8cee583a02137 Mon Sep 17 00:00:00 2001 From: yuklia Date: Thu, 7 May 2015 10:20:15 +0300 Subject: [PATCH 20/46] hotfix --- application/models/Auth/AuthProvider.php | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/application/models/Auth/AuthProvider.php b/application/models/Auth/AuthProvider.php index aa4c6e5d..3125eb3b 100644 --- a/application/models/Auth/AuthProvider.php +++ b/application/models/Auth/AuthProvider.php @@ -2,7 +2,6 @@ namespace Application\Auth; -use Bluz\Application\Exception\ApplicationException; use Bluz\Proxy\Config; use Bluz\Proxy\Messages; use Application\Auth; @@ -29,10 +28,9 @@ class AuthProvider implements AuthInterface public function __construct($providerName) { - if (!in_array(ucfirst($providerName), $this->getAvailableProviders())) { - throw new ApplicationException(sprintf('Provider % is not defined in configuration file', ucfirst($providerName))); + throw new \Exception(sprintf('Provider % is not defined in configuration file', ucfirst($providerName))); } $this->providerName = $providerName; $this->hybridauth = new \Hybrid_Auth($this->getOptions()); @@ -140,7 +138,6 @@ public function getOptions() */ protected function getAvailableProviders() { - return array_keys(Config::getData('hybridauth')['providers']); } From ebf4a1fba0dbb1ea23b0def86cec5227d6e840b3 Mon Sep 17 00:00:00 2001 From: yuklia Date: Thu, 7 May 2015 11:34:59 +0300 Subject: [PATCH 21/46] hotfix --- application/configs/testing/db.php | 21 +++++++++++++++++++++ composer.json | 4 +--- 2 files changed, 22 insertions(+), 3 deletions(-) create mode 100644 application/configs/testing/db.php diff --git a/application/configs/testing/db.php b/application/configs/testing/db.php new file mode 100644 index 00000000..7be4e3cf --- /dev/null +++ b/application/configs/testing/db.php @@ -0,0 +1,21 @@ + array( + "type" => "mysql", + "host" => "localhost", + "name" => "bluz", + "user" => "root", + "pass" => "", + "unix_socket" => "/opt/lampp/var/mysql/mysql.sock", + "options" => array( + \PDO::ATTR_PERSISTENT => true, + \PDO::MYSQL_ATTR_INIT_COMMAND => "SET CHARACTER SET utf8" + ) + ) +); diff --git a/composer.json b/composer.json index 1a7bc495..35ffa7ce 100644 --- a/composer.json +++ b/composer.json @@ -15,9 +15,7 @@ "satooshi/php-coveralls": "~0.6", "squizlabs/php_codesniffer": "~2.0", "zendframework/zend-dom": "~2.3", - "hybridauth/hybridauth": "dev-master", - "opauth/facebook": "*", - "opauth/twitter": "*" + "hybridauth/hybridauth": "dev-master" }, "config": { "vendor-dir": "vendor" From b81e5c0671dcac80f3d945383494406444275fb6 Mon Sep 17 00:00:00 2001 From: yuklia Date: Thu, 7 May 2015 13:35:38 +0300 Subject: [PATCH 22/46] tests --- application/models/Auth/AuthProvider.php | 22 +++++++-- tests/bootstrap.php | 1 + tests/models/Auth/AuthProviderTest.php | 51 +++++++++++++++++++++ tests/modules/auth/controllers/AuthTest.php | 28 +++++++++++ tests/phpunit.xml | 0 5 files changed, 99 insertions(+), 3 deletions(-) create mode 100644 tests/models/Auth/AuthProviderTest.php create mode 100644 tests/modules/auth/controllers/AuthTest.php create mode 100644 tests/phpunit.xml diff --git a/application/models/Auth/AuthProvider.php b/application/models/Auth/AuthProvider.php index 3125eb3b..d1e1cc2b 100644 --- a/application/models/Auth/AuthProvider.php +++ b/application/models/Auth/AuthProvider.php @@ -96,8 +96,7 @@ public function registration($data, $user) */ public function authProcess() { - /** @var \Hybrid_Provider_Adapter $authProvider */ - $this->authAdapter = $this->hybridauth->authenticate(ucfirst($this->providerName)); + $this->authAdapter = $this->authenticate(ucfirst($this->providerName)); $profile = $this->getProfile(); /** @@ -124,6 +123,23 @@ public function authProcess() } } + /** + * @param $provider string + * @return \Hybrid_Provider_Adapter + * @throws \Exception + */ + public function authenticate($provider){ + + /** @var \Hybrid_Provider_Adapter $authProvider */ + $authAdapter = $this->hybridauth->authenticate($provider); + + if (! $authAdapter->isUserConnected()) { + throw new \Exception('Cannot connect to current provider !'); + } + + return $authAdapter; + } + /** * @return array * @throws \Application\Exception @@ -136,7 +152,7 @@ public function getOptions() /** * @return array */ - protected function getAvailableProviders() + public function getAvailableProviders() { return array_keys(Config::getData('hybridauth')['providers']); } diff --git a/tests/bootstrap.php b/tests/bootstrap.php index 00dd1682..34d5dc79 100644 --- a/tests/bootstrap.php +++ b/tests/bootstrap.php @@ -2,6 +2,7 @@ // Environment error_reporting(E_ALL | E_STRICT); ini_set('display_errors', 1); +chdir(__DIR__); // Emulate session $_SESSION = array(); diff --git a/tests/models/Auth/AuthProviderTest.php b/tests/models/Auth/AuthProviderTest.php new file mode 100644 index 00000000..5f2bef32 --- /dev/null +++ b/tests/models/Auth/AuthProviderTest.php @@ -0,0 +1,51 @@ +assertInstanceOf('\Hybrid_Provider_Adapter', $provider->authenticate('Facebook')); + } + + /** + * @expectedException \Exception + */ + public function testFailureHybridProvider(){ + + $provider = new AuthProvider('olo'); + $this->assertInstanceOf('\Hybrid_Provider_Adapter', $provider->authenticate('olo')); + } + + public function testOptions(){ + $provider = new AuthProvider('Facebook'); + $this->assertNotEmpty($provider->getOptions()); + + } + + + public function testAvailableProviders() { + + $provider = new AuthProvider('Facebook'); + $this->assertContains("Facebook", $provider->getAvailableProviders()); + } + +} \ No newline at end of file diff --git a/tests/modules/auth/controllers/AuthTest.php b/tests/modules/auth/controllers/AuthTest.php new file mode 100644 index 00000000..4fa22aa6 --- /dev/null +++ b/tests/modules/auth/controllers/AuthTest.php @@ -0,0 +1,28 @@ +assertEquals(0, count($stack)); + + array_push($stack, 'foo'); + $this->assertEquals('foo', $stack[count($stack)-1]); + $this->assertEquals(1, count($stack)); + + $this->assertEquals('foo', array_pop($stack)); + $this->assertEquals(0, count($stack)); + } + +} \ No newline at end of file diff --git a/tests/phpunit.xml b/tests/phpunit.xml new file mode 100644 index 00000000..e69de29b From 46c907864120eb5e91b93e640b8dab33eb393e4b Mon Sep 17 00:00:00 2001 From: yuklia Date: Thu, 7 May 2015 14:10:08 +0300 Subject: [PATCH 23/46] hybrid auth outside --- application/configs/default/hybridauth.php | 4 ++-- application/models/Auth/AuthProvider.php | 16 ++++++++++++++-- tests/models/Auth/AuthProviderTest.php | 6 ------ 3 files changed, 16 insertions(+), 10 deletions(-) diff --git a/application/configs/default/hybridauth.php b/application/configs/default/hybridauth.php index 7dc45f81..3277ee07 100644 --- a/application/configs/default/hybridauth.php +++ b/application/configs/default/hybridauth.php @@ -42,8 +42,8 @@ ) ), - "debug_mode" => true, + "debug_mode" => false, // to enable logging, set 'debug_mode' to true, then provide here a path of a writable file - "debug_file" => PATH_ROOT.'/data/logs/hybrid.log' + // "debug_file" => PATH_ROOT.'/data/logs/hybrid.log' ); \ No newline at end of file diff --git a/application/models/Auth/AuthProvider.php b/application/models/Auth/AuthProvider.php index d1e1cc2b..67a1177a 100644 --- a/application/models/Auth/AuthProvider.php +++ b/application/models/Auth/AuthProvider.php @@ -33,9 +33,21 @@ public function __construct($providerName) throw new \Exception(sprintf('Provider % is not defined in configuration file', ucfirst($providerName))); } $this->providerName = $providerName; - $this->hybridauth = new \Hybrid_Auth($this->getOptions()); } + + /** + * @return \Hybrid_Auth + */ + public function getHybridauth() + { + if(!$this->hybridauth){ + $this->hybridauth = new \Hybrid_Auth($this->getOptions()); + } + return $this->hybridauth; + } + + /** * @param \Bluz\Http\Response $response */ @@ -131,7 +143,7 @@ public function authProcess() public function authenticate($provider){ /** @var \Hybrid_Provider_Adapter $authProvider */ - $authAdapter = $this->hybridauth->authenticate($provider); + $authAdapter = $this->getHybridauth()->authenticate($provider); if (! $authAdapter->isUserConnected()) { throw new \Exception('Cannot connect to current provider !'); diff --git a/tests/models/Auth/AuthProviderTest.php b/tests/models/Auth/AuthProviderTest.php index 5f2bef32..0dd00a88 100644 --- a/tests/models/Auth/AuthProviderTest.php +++ b/tests/models/Auth/AuthProviderTest.php @@ -20,12 +20,6 @@ public function testProviderNotFound() $provider = new AuthProvider('test'); } - public function testHybridProvider(){ - - $provider = new AuthProvider('Facebook'); - $this->assertInstanceOf('\Hybrid_Provider_Adapter', $provider->authenticate('Facebook')); - } - /** * @expectedException \Exception */ From fe83121e3cded3dddec967eebae4491e7f0b5b1e Mon Sep 17 00:00:00 2001 From: yuklia Date: Thu, 7 May 2015 19:02:22 +0300 Subject: [PATCH 24/46] test --- application/configs/testing/db.php | 2 +- application/models/Auth/AuthProvider.php | 79 ++++++++---- application/modules/auth/controllers/auth.php | 6 +- phpunit.xml | 27 ++++ tests/models/Auth/AuthProviderTest.php | 116 +++++++++++++++++- tests/modules/auth/controllers/AuthTest.php | 19 +-- tests/phpunit.xml | 0 7 files changed, 212 insertions(+), 37 deletions(-) create mode 100644 phpunit.xml delete mode 100644 tests/phpunit.xml diff --git a/application/configs/testing/db.php b/application/configs/testing/db.php index 7be4e3cf..5fc7306d 100644 --- a/application/configs/testing/db.php +++ b/application/configs/testing/db.php @@ -9,7 +9,7 @@ "connect" => array( "type" => "mysql", "host" => "localhost", - "name" => "bluz", + "name" => "bluz_test", "user" => "root", "pass" => "", "unix_socket" => "/opt/lampp/var/mysql/mysql.sock", diff --git a/application/models/Auth/AuthProvider.php b/application/models/Auth/AuthProvider.php index 67a1177a..230f4331 100644 --- a/application/models/Auth/AuthProvider.php +++ b/application/models/Auth/AuthProvider.php @@ -22,6 +22,7 @@ class AuthProvider implements AuthInterface protected $authAdapter; /** + * the same name as was mentioned in hybridauth config section providers * @var string */ protected $providerName; @@ -32,7 +33,7 @@ public function __construct($providerName) throw new \Exception(sprintf('Provider % is not defined in configuration file', ucfirst($providerName))); } - $this->providerName = $providerName; + $this->providerName = ucfirst($providerName); } @@ -41,12 +42,17 @@ public function __construct($providerName) */ public function getHybridauth() { - if(!$this->hybridauth){ + if (!$this->hybridauth) { $this->hybridauth = new \Hybrid_Auth($this->getOptions()); } return $this->hybridauth; } + public function setHybridauth($hybridauth) + { + $this->hybridauth = $hybridauth; + } + /** * @param \Bluz\Http\Response $response @@ -80,6 +86,50 @@ public function getIdentity() return $this->identity; } + /** + * @return string + */ + public function getProviderName() + { + return $this->providerName; + } + + /** + * @param string $providerName + */ + public function setProviderName($providerName) + { + $this->providerName = $providerName; + } + + /** + * @return \Hybrid_Provider_Adapter + * @throws \Exception + */ + public function getAuthAdapter() + { + if (!$this->authAdapter) { + + /** @var \Hybrid_Provider_Adapter $authProvider */ + $this->authAdapter = $this->getHybridauth()->authenticate($this->providerName); + + if (!$this->authAdapter->isUserConnected()) { + throw new \Exception('Cannot connect to current provider !'); + } + + } + return $this->authAdapter; + } + + /** + * @param \Hybrid_Provider_Adapter $authAdapter + */ + public function setAuthAdapter($authAdapter) + { + $this->authAdapter = $authAdapter; + } + + /** * @param \Hybrid_User_Profile $data * @param \Application\Users\Row $user @@ -108,14 +158,16 @@ public function registration($data, $user) */ public function authProcess() { - $this->authAdapter = $this->authenticate(ucfirst($this->providerName)); + $this->authAdapter = $this->getAuthAdapter(); $profile = $this->getProfile(); + $auth = Auth\Table::findRowWhere([strtolower($this->providerName)=> $profile->identifier]); + /** * @var Auth\Table $authTable */ - $authTable = Auth\Table::getInstance(); - $auth = $authTable->getAuthRow(strtolower($this->providerName), $profile->identifier); + // $authTable = Auth\Table::getInstance(); + // $auth = $authTable->getAuthRow(strtolower($this->providerName), $profile->identifier); if ($this->identity) { if ($auth) { @@ -135,23 +187,6 @@ public function authProcess() } } - /** - * @param $provider string - * @return \Hybrid_Provider_Adapter - * @throws \Exception - */ - public function authenticate($provider){ - - /** @var \Hybrid_Provider_Adapter $authProvider */ - $authAdapter = $this->getHybridauth()->authenticate($provider); - - if (! $authAdapter->isUserConnected()) { - throw new \Exception('Cannot connect to current provider !'); - } - - return $authAdapter; - } - /** * @return array * @throws \Application\Exception diff --git a/application/modules/auth/controllers/auth.php b/application/modules/auth/controllers/auth.php index 95b20c3e..682f71ea 100644 --- a/application/modules/auth/controllers/auth.php +++ b/application/modules/auth/controllers/auth.php @@ -15,17 +15,15 @@ return /** - * @param int $id User UID - * @param string $code + * @param string $provider * @return \closure */ - function () { + function ($provider = '') { /** * @var Bootstrap $this */ try{ - $provider = Request::getParam('provider'); $auth = new AuthProvider($provider); $auth->setResponse($this); $auth->setIdentity($this->user()); diff --git a/phpunit.xml b/phpunit.xml new file mode 100644 index 00000000..09a06e2d --- /dev/null +++ b/phpunit.xml @@ -0,0 +1,27 @@ + + + + ./tests/modules + + + + + + + + ./application/ + + ./application/ + ./application/configs + + + + ./vendor + + + \ No newline at end of file diff --git a/tests/models/Auth/AuthProviderTest.php b/tests/models/Auth/AuthProviderTest.php index 0dd00a88..fe42680d 100644 --- a/tests/models/Auth/AuthProviderTest.php +++ b/tests/models/Auth/AuthProviderTest.php @@ -9,17 +9,92 @@ namespace Application\Tests\Auth; use Application\Auth\AuthProvider; +use Application\Auth\Row; +use Application\Tests\ControllerTestCase; +use Bluz\Application\Exception\RedirectException; +use Bluz\Proxy\Auth; +use Bluz\Proxy\Db; +use Bluz\Proxy\Messages; -class AuthProviderTest extends \PHPUnit_Framework_TestCase{ +class AuthProviderTest extends ControllerTestCase{ + + protected function setUp() + { + parent::setUp(); + + Auth::setIdentity(new \Application\Users\Row()); + } + + public static function setUpBeforeClass() + { + Db::insert('users')->setArray( + [ + 'id' => 1, + 'login' => 'Donatello', + 'email' => 'donatello@turtles.org', + 'status' => 'pending' + ] + )->execute(); + + Db::insert('users')->setArray( + [ + 'id' => 2, + 'login' => 'Bill', + 'email' => 'bill@turtles.org', + 'status' => 'active' + ] + )->execute(); + + Db::insert('auth')->setArray( + [ + 'provider' => 'facebook', + 'userId'=> 2, + 'foreignKey'=> 112233 + ] + )->execute(); + } + + public static function tearDownAfterClass() + { + Db::delete('users')->where('id IN (?)', [1,2])->execute(); + Db::delete('auth')->where('userId IN (?)', [2])->execute(); + } /** * @expectedException \Exception */ public function testProviderNotFound() { - $provider = new AuthProvider('test'); + new AuthProvider('fake_data'); } + /** + * @expectedException \Bluz\Auth\AuthException + */ + public function testUserStatusNotActive(){ + + $provider = new AuthProvider('Facebook'); + $authRow = new Row(); + $authRow->userId = 1; + $provider->alreadyRegisteredLogic($authRow); + } + + public function testUserStatusActive(){ + + $provider = new AuthProvider('Facebook'); + $provider->setResponse($this->getApp()); + $authRow = new Row(); + $authRow->userId = 2; + try{ + $provider->alreadyRegisteredLogic($authRow); + }catch(RedirectException $e){ + + } + $this->assertNotNull(Auth::getIdentity()); + + } + + /** * @expectedException \Exception */ @@ -42,4 +117,41 @@ public function testAvailableProviders() { $this->assertContains("Facebook", $provider->getAvailableProviders()); } + public function testUserAlreadyLinkedTo(){ + + $identity = new \Application\Users\Row(); + $identity->id = 2; + + $userProfile = new \Hybrid_User_Profile(); + $userProfile->identifier = 112233; + + $hybridAuthMock = $this->getMockBuilder('\Hybrid_Auth') + ->disableOriginalConstructor() + ->getMock(); + + $authAdapterMock = $this->getMockBuilder('\Hybrid_Provider_Adapter') + ->disableOriginalConstructor() + ->getMock(); + + $authAdapterMock->method('getUserProfile') + ->willReturn(new \Hybrid_Provider_Adapter); + + $hybridAuthMock->method('authenticate') + ->willReturn($userProfile); + + $this->assertInstanceOf('\Hybrid_Auth', $hybridAuthMock); + + $provider = new AuthProvider('Facebook'); + $provider->setIdentity($identity); + $provider->setHybridauth($hybridAuthMock); + $provider->setAuthAdapter($authAdapterMock); + try{ + $provider->authProcess(); + $this->assertEquals(1, Messages::count()); + }catch(RedirectException $red){} + + + } + + } \ No newline at end of file diff --git a/tests/modules/auth/controllers/AuthTest.php b/tests/modules/auth/controllers/AuthTest.php index 4fa22aa6..02f3aa60 100644 --- a/tests/modules/auth/controllers/AuthTest.php +++ b/tests/modules/auth/controllers/AuthTest.php @@ -8,21 +8,24 @@ namespace Application\Tests\Auth; +use Application\Auth\AuthProvider; use Application\Tests\ControllerTestCase; class AuthTest extends ControllerTestCase{ - public function testPushAndPop() + /** + * Test user with correct password + */ + public function testProviderLink() { - $stack = array(); - $this->assertEquals(0, count($stack)); + $provider = 'Facebook'; + $mock = $this->getMockBuilder('\Hybrid_Auth') + ->disableOriginalConstructor() + ->getMock(); + + $this->assertInstanceOf('\Hybrid_Auth', $mock); - array_push($stack, 'foo'); - $this->assertEquals('foo', $stack[count($stack)-1]); - $this->assertEquals(1, count($stack)); - $this->assertEquals('foo', array_pop($stack)); - $this->assertEquals(0, count($stack)); } } \ No newline at end of file diff --git a/tests/phpunit.xml b/tests/phpunit.xml deleted file mode 100644 index e69de29b..00000000 From 719964b76f7343e9df0ee057817d354db995989f Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 00:26:50 +0300 Subject: [PATCH 25/46] linked to test --- application/models/Auth/AuthProvider.php | 8 +-- tests/library/TestCase.php | 1 + tests/models/Auth/AuthProviderTest.php | 68 ++++++++++++++++-------- 3 files changed, 50 insertions(+), 27 deletions(-) diff --git a/application/models/Auth/AuthProvider.php b/application/models/Auth/AuthProvider.php index 230f4331..6bb7806a 100644 --- a/application/models/Auth/AuthProvider.php +++ b/application/models/Auth/AuthProvider.php @@ -161,17 +161,17 @@ public function authProcess() $this->authAdapter = $this->getAuthAdapter(); $profile = $this->getProfile(); - $auth = Auth\Table::findRowWhere([strtolower($this->providerName)=> $profile->identifier]); + // $auth = Auth\Table::findRowWhere([strtolower($this->providerName)=> $profile->identifier]); /** * @var Auth\Table $authTable */ - // $authTable = Auth\Table::getInstance(); - // $auth = $authTable->getAuthRow(strtolower($this->providerName), $profile->identifier); + $authTable = Auth\Table::getInstance(); + $auth = $authTable->getAuthRow(strtolower($this->providerName), $profile->identifier); if ($this->identity) { if ($auth) { - Messages::addNotice(sprintf('You have already linked to %s', ucfirst($this->providerName))); + Messages::addNotice(sprintf('You have already linked to %s', $this->providerName)); $this->response->redirectTo('users', 'profile', ['id' => $this->identity->id]); } else { $user = Users\Table::findRow($this->identity->id); diff --git a/tests/library/TestCase.php b/tests/library/TestCase.php index 8a711ae7..1a10a51e 100644 --- a/tests/library/TestCase.php +++ b/tests/library/TestCase.php @@ -23,6 +23,7 @@ * @author Anton Shevchuk * @created 04.08.11 20:01 */ + class TestCase extends BluzTest { /** diff --git a/tests/models/Auth/AuthProviderTest.php b/tests/models/Auth/AuthProviderTest.php index fe42680d..ebb3056e 100644 --- a/tests/models/Auth/AuthProviderTest.php +++ b/tests/models/Auth/AuthProviderTest.php @@ -16,17 +16,13 @@ use Bluz\Proxy\Db; use Bluz\Proxy\Messages; -class AuthProviderTest extends ControllerTestCase{ +class AuthProviderTest extends ControllerTestCase +{ protected function setUp() { parent::setUp(); - Auth::setIdentity(new \Application\Users\Row()); - } - - public static function setUpBeforeClass() - { Db::insert('users')->setArray( [ 'id' => 1, @@ -48,21 +44,35 @@ public static function setUpBeforeClass() Db::insert('auth')->setArray( [ 'provider' => 'facebook', - 'userId'=> 2, - 'foreignKey'=> 112233 + 'userId' => 2, + 'foreignKey' => 112233 ] )->execute(); + + Auth::setIdentity(new \Application\Users\Row()); } - public static function tearDownAfterClass() + protected function tearDown() { - Db::delete('users')->where('id IN (?)', [1,2])->execute(); + Db::delete('users')->where('id IN (?)', [1, 2])->execute(); Db::delete('auth')->where('userId IN (?)', [2])->execute(); + Messages::popAll(); } + public static function setUpBeforeClass() + { + } + + + public static function tearDownAfterClass() + { + } + + /** * @expectedException \Exception */ + public function testProviderNotFound() { new AuthProvider('fake_data'); @@ -71,7 +81,8 @@ public function testProviderNotFound() /** * @expectedException \Bluz\Auth\AuthException */ - public function testUserStatusNotActive(){ + public function testUserStatusNotActive() + { $provider = new AuthProvider('Facebook'); $authRow = new Row(); @@ -79,15 +90,16 @@ public function testUserStatusNotActive(){ $provider->alreadyRegisteredLogic($authRow); } - public function testUserStatusActive(){ + public function testUserStatusActive() + { $provider = new AuthProvider('Facebook'); $provider->setResponse($this->getApp()); $authRow = new Row(); $authRow->userId = 2; - try{ + try { $provider->alreadyRegisteredLogic($authRow); - }catch(RedirectException $e){ + } catch (RedirectException $e) { } $this->assertNotNull(Auth::getIdentity()); @@ -98,26 +110,30 @@ public function testUserStatusActive(){ /** * @expectedException \Exception */ - public function testFailureHybridProvider(){ + public function testFailureHybridProvider() + { $provider = new AuthProvider('olo'); $this->assertInstanceOf('\Hybrid_Provider_Adapter', $provider->authenticate('olo')); } - public function testOptions(){ + public function testOptions() + { $provider = new AuthProvider('Facebook'); $this->assertNotEmpty($provider->getOptions()); } - public function testAvailableProviders() { + public function testAvailableProviders() + { $provider = new AuthProvider('Facebook'); $this->assertContains("Facebook", $provider->getAvailableProviders()); } - public function testUserAlreadyLinkedTo(){ + public function testUserAlreadyLinkedTo() + { $identity = new \Application\Users\Row(); $identity->id = 2; @@ -126,30 +142,36 @@ public function testUserAlreadyLinkedTo(){ $userProfile->identifier = 112233; $hybridAuthMock = $this->getMockBuilder('\Hybrid_Auth') + ->setMethods(['authenticate']) ->disableOriginalConstructor() ->getMock(); $authAdapterMock = $this->getMockBuilder('\Hybrid_Provider_Adapter') + ->setMethods(['getUserProfile']) ->disableOriginalConstructor() ->getMock(); $authAdapterMock->method('getUserProfile') - ->willReturn(new \Hybrid_Provider_Adapter); + ->willReturn($userProfile); $hybridAuthMock->method('authenticate') - ->willReturn($userProfile); + ->willReturn(new \Hybrid_Provider_Adapter); $this->assertInstanceOf('\Hybrid_Auth', $hybridAuthMock); $provider = new AuthProvider('Facebook'); + $provider->setResponse($this->getApp()); $provider->setIdentity($identity); $provider->setHybridauth($hybridAuthMock); $provider->setAuthAdapter($authAdapterMock); - try{ + try { $provider->authProcess(); - $this->assertEquals(1, Messages::count()); - }catch(RedirectException $red){} + } + catch (RedirectException $red) {} + catch (\Exception $e) {} + $message = Messages::pop(); + $this->assertEquals("You have already linked to Facebook", $message->text ); } From dedae84001853cff780585993a8946174af26610 Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 00:56:30 +0300 Subject: [PATCH 26/46] fix --- application/models/Auth/AuthProvider.php | 2 +- tests/models/Auth/AuthProviderTest.php | 35 +++++++++++++++++++++++- 2 files changed, 35 insertions(+), 2 deletions(-) diff --git a/application/models/Auth/AuthProvider.php b/application/models/Auth/AuthProvider.php index 6bb7806a..abd95e98 100644 --- a/application/models/Auth/AuthProvider.php +++ b/application/models/Auth/AuthProvider.php @@ -182,7 +182,7 @@ public function authProcess() if ($auth) { $this->alreadyRegisteredLogic($auth); } else { - Messages::addError(sprintf('First you need to be linked to %s', ucfirst($this->providerName))); + Messages::addError(sprintf('First you need to be linked to %s', $this->providerName)); $this->response->redirectTo('users', 'signin'); } } diff --git a/tests/models/Auth/AuthProviderTest.php b/tests/models/Auth/AuthProviderTest.php index ebb3056e..78ce180b 100644 --- a/tests/models/Auth/AuthProviderTest.php +++ b/tests/models/Auth/AuthProviderTest.php @@ -132,7 +132,7 @@ public function testAvailableProviders() $this->assertContains("Facebook", $provider->getAvailableProviders()); } - public function testUserAlreadyLinkedTo() + /* public function testUserAlreadyLinkedTo() { $identity = new \Application\Users\Row(); @@ -173,6 +173,39 @@ public function testUserAlreadyLinkedTo() $message = Messages::pop(); $this->assertEquals("You have already linked to Facebook", $message->text ); + }*/ + + public function testUserNotLinkedTo() + { + $hybridAuthMock = $this->getMockBuilder('\Hybrid_Auth') + ->setMethods(['authenticate']) + ->disableOriginalConstructor() + ->getMock(); + + $authAdapterMock = $this->getMockBuilder('\Hybrid_Provider_Adapter') + ->setMethods(['getUserProfile']) + ->disableOriginalConstructor() + ->getMock(); + + $hybridAuthMock->method('authenticate') + ->willReturn(new \Hybrid_Provider_Adapter); + + + $this->assertInstanceOf('\Hybrid_Auth', $hybridAuthMock); + + $provider = new AuthProvider('Facebook'); + $provider->setResponse($this->getApp()); + $provider->setHybridauth($hybridAuthMock); + $provider->setAuthAdapter($authAdapterMock); + try { + $provider->authProcess(); + } + catch (RedirectException $red) {} + catch (\Exception $e) {} + + $message = Messages::pop(); + $this->assertEquals("First you need to be linked to Facebook", $message->text ); + } From 69124b7272be9958cb1520140a86cd9725d1f5ab Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 10:26:33 +0300 Subject: [PATCH 27/46] tests --- tests/models/Auth/AuthProviderTest.php | 101 ------------------ tests/modules/auth/controllers/AuthTest.php | 110 ++++++++++++++++++-- 2 files changed, 103 insertions(+), 108 deletions(-) diff --git a/tests/models/Auth/AuthProviderTest.php b/tests/models/Auth/AuthProviderTest.php index 78ce180b..a884c499 100644 --- a/tests/models/Auth/AuthProviderTest.php +++ b/tests/models/Auth/AuthProviderTest.php @@ -41,34 +41,15 @@ protected function setUp() ] )->execute(); - Db::insert('auth')->setArray( - [ - 'provider' => 'facebook', - 'userId' => 2, - 'foreignKey' => 112233 - ] - )->execute(); - Auth::setIdentity(new \Application\Users\Row()); } protected function tearDown() { Db::delete('users')->where('id IN (?)', [1, 2])->execute(); - Db::delete('auth')->where('userId IN (?)', [2])->execute(); Messages::popAll(); } - public static function setUpBeforeClass() - { - } - - - public static function tearDownAfterClass() - { - } - - /** * @expectedException \Exception */ @@ -83,7 +64,6 @@ public function testProviderNotFound() */ public function testUserStatusNotActive() { - $provider = new AuthProvider('Facebook'); $authRow = new Row(); $authRow->userId = 1; @@ -92,7 +72,6 @@ public function testUserStatusNotActive() public function testUserStatusActive() { - $provider = new AuthProvider('Facebook'); $provider->setResponse($this->getApp()); $authRow = new Row(); @@ -112,7 +91,6 @@ public function testUserStatusActive() */ public function testFailureHybridProvider() { - $provider = new AuthProvider('olo'); $this->assertInstanceOf('\Hybrid_Provider_Adapter', $provider->authenticate('olo')); } @@ -121,92 +99,13 @@ public function testOptions() { $provider = new AuthProvider('Facebook'); $this->assertNotEmpty($provider->getOptions()); - } public function testAvailableProviders() { - $provider = new AuthProvider('Facebook'); $this->assertContains("Facebook", $provider->getAvailableProviders()); } - /* public function testUserAlreadyLinkedTo() - { - - $identity = new \Application\Users\Row(); - $identity->id = 2; - - $userProfile = new \Hybrid_User_Profile(); - $userProfile->identifier = 112233; - - $hybridAuthMock = $this->getMockBuilder('\Hybrid_Auth') - ->setMethods(['authenticate']) - ->disableOriginalConstructor() - ->getMock(); - - $authAdapterMock = $this->getMockBuilder('\Hybrid_Provider_Adapter') - ->setMethods(['getUserProfile']) - ->disableOriginalConstructor() - ->getMock(); - - $authAdapterMock->method('getUserProfile') - ->willReturn($userProfile); - - $hybridAuthMock->method('authenticate') - ->willReturn(new \Hybrid_Provider_Adapter); - - $this->assertInstanceOf('\Hybrid_Auth', $hybridAuthMock); - - $provider = new AuthProvider('Facebook'); - $provider->setResponse($this->getApp()); - $provider->setIdentity($identity); - $provider->setHybridauth($hybridAuthMock); - $provider->setAuthAdapter($authAdapterMock); - try { - $provider->authProcess(); - } - catch (RedirectException $red) {} - catch (\Exception $e) {} - - $message = Messages::pop(); - $this->assertEquals("You have already linked to Facebook", $message->text ); - - }*/ - - public function testUserNotLinkedTo() - { - $hybridAuthMock = $this->getMockBuilder('\Hybrid_Auth') - ->setMethods(['authenticate']) - ->disableOriginalConstructor() - ->getMock(); - - $authAdapterMock = $this->getMockBuilder('\Hybrid_Provider_Adapter') - ->setMethods(['getUserProfile']) - ->disableOriginalConstructor() - ->getMock(); - - $hybridAuthMock->method('authenticate') - ->willReturn(new \Hybrid_Provider_Adapter); - - - $this->assertInstanceOf('\Hybrid_Auth', $hybridAuthMock); - - $provider = new AuthProvider('Facebook'); - $provider->setResponse($this->getApp()); - $provider->setHybridauth($hybridAuthMock); - $provider->setAuthAdapter($authAdapterMock); - try { - $provider->authProcess(); - } - catch (RedirectException $red) {} - catch (\Exception $e) {} - - $message = Messages::pop(); - $this->assertEquals("First you need to be linked to Facebook", $message->text ); - - } - - } \ No newline at end of file diff --git a/tests/modules/auth/controllers/AuthTest.php b/tests/modules/auth/controllers/AuthTest.php index 02f3aa60..3476b26a 100644 --- a/tests/modules/auth/controllers/AuthTest.php +++ b/tests/modules/auth/controllers/AuthTest.php @@ -10,21 +10,117 @@ use Application\Auth\AuthProvider; use Application\Tests\ControllerTestCase; +use Bluz\Application\Exception\RedirectException; +use Bluz\Proxy\Auth; +use Bluz\Proxy\Db; +use Bluz\Proxy\Messages; class AuthTest extends ControllerTestCase{ - /** - * Test user with correct password - */ - public function testProviderLink() + protected function setUp() { - $provider = 'Facebook'; - $mock = $this->getMockBuilder('\Hybrid_Auth') + parent::setUp(); + + Db::insert('users')->setArray( + [ + 'id' => 2, + 'login' => 'Bill', + 'email' => 'bill@turtles.org', + 'status' => 'active' + ] + )->execute(); + + Db::insert('auth')->setArray( + [ + 'provider' => 'facebook', + 'userId' => 2, + 'foreignKey' => 112233 + ] + )->execute(); + + Auth::setIdentity(new \Application\Users\Row()); + } + + protected function tearDown() + { + Db::delete('users')->where('id IN (?)', [2])->execute(); + Db::delete('auth')->where('userId IN (?)', [2])->execute(); + Messages::popAll(); + } + + public function testUserAlreadyLinkedTo() + { + + $identity = new \Application\Users\Row(); + $identity->id = 2; + + $userProfile = new \Hybrid_User_Profile(); + $userProfile->identifier = 112233; + + $hybridAuthMock = $this->getMockBuilder('\Hybrid_Auth') + ->setMethods(['authenticate']) + ->disableOriginalConstructor() + ->getMock(); + + $authAdapterMock = $this->getMockBuilder('\Hybrid_Provider_Adapter') + ->setMethods(['getUserProfile']) + ->disableOriginalConstructor() + ->getMock(); + + $authAdapterMock->method('getUserProfile') + ->willReturn($userProfile); + + $hybridAuthMock->method('authenticate') + ->willReturn(new \Hybrid_Provider_Adapter); + + $this->assertInstanceOf('\Hybrid_Auth', $hybridAuthMock); + + $provider = new AuthProvider('Facebook'); + $provider->setResponse($this->getApp()); + $provider->setIdentity($identity); + $provider->setHybridauth($hybridAuthMock); + $provider->setAuthAdapter($authAdapterMock); + try { + $provider->authProcess(); + } + catch (RedirectException $red) {} + catch (\Exception $e) {} + + $message = Messages::pop(); + $this->assertEquals("You have already linked to Facebook", $message->text ); + + } + + public function testUserNotLinkedTo() + { + $hybridAuthMock = $this->getMockBuilder('\Hybrid_Auth') + ->setMethods(['authenticate']) + ->disableOriginalConstructor() + ->getMock(); + + $authAdapterMock = $this->getMockBuilder('\Hybrid_Provider_Adapter') + ->setMethods(['getUserProfile']) ->disableOriginalConstructor() ->getMock(); - $this->assertInstanceOf('\Hybrid_Auth', $mock); + $hybridAuthMock->method('authenticate') + ->willReturn(new \Hybrid_Provider_Adapter); + + + $this->assertInstanceOf('\Hybrid_Auth', $hybridAuthMock); + + $provider = new AuthProvider('Facebook'); + $provider->setResponse($this->getApp()); + $provider->setHybridauth($hybridAuthMock); + $provider->setAuthAdapter($authAdapterMock); + try { + $provider->authProcess(); + } + catch (RedirectException $red) {} + catch (\Exception $e) {} + $message = Messages::pop(); + $this->assertEquals("First you need to be linked to Facebook", $message->text ); } From deebdbdeee42ca2ae3311892a83d66922485742b Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 10:27:32 +0300 Subject: [PATCH 28/46] hotfix --- application/models/Auth/AuthProvider.php | 2 -- 1 file changed, 2 deletions(-) diff --git a/application/models/Auth/AuthProvider.php b/application/models/Auth/AuthProvider.php index abd95e98..42a7349b 100644 --- a/application/models/Auth/AuthProvider.php +++ b/application/models/Auth/AuthProvider.php @@ -161,8 +161,6 @@ public function authProcess() $this->authAdapter = $this->getAuthAdapter(); $profile = $this->getProfile(); - // $auth = Auth\Table::findRowWhere([strtolower($this->providerName)=> $profile->identifier]); - /** * @var Auth\Table $authTable */ From 96dc8dd9ef9bd99dbfe7203046cea54ad241467f Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 10:38:56 +0300 Subject: [PATCH 29/46] old functionality --- application/models/Users/Crud.php | 38 ------------------------------- 1 file changed, 38 deletions(-) diff --git a/application/models/Users/Crud.php b/application/models/Users/Crud.php index 2b13d591..de6afcbd 100644 --- a/application/models/Users/Crud.php +++ b/application/models/Users/Crud.php @@ -63,44 +63,6 @@ public function createOne($data) // create auth Auth\Table::getInstance()->generateEquals($row, $password); - //check if user tried to sign in via oauth before - if ($twitter = Session::get('twitter')) { - Session::delete('twitter'); - - $twitterRow = new Auth\Row(); - $twitterRow->userId = $userId; - $twitterRow->provider = Auth\Table::PROVIDER_TWITTER; - $twitterRow->foreignKey = $twitter['user_id']; - $twitterRow->token = $twitter['oauth_token']; - $twitterRow->tokenSecret = $twitter['oauth_token_secret']; - $twitterRow->tokenType = Auth\Table::TYPE_ACCESS; - $twitterRow->save(); - } - if ($facebook = Session::get('facebook')) { - Session::delete('facebook'); - - $facebookRow = new Auth\Row(); - $facebookRow->userId = $userId; - $facebookRow->provider = Auth\Table::PROVIDER_FACEBOOK; - $facebookRow->foreignKey = $facebook['id']; - $facebookRow->token = 0; - $facebookRow->tokenSecret = 0; - $facebookRow->tokenType = Auth\Table::TYPE_ACCESS; - $facebookRow->save(); - } - if ($google = Session::get('google')) { - Session::delete('google'); - - $googleRow = new Auth\Row(); - $googleRow->userId = $userId; - $googleRow->provider = Auth\Table::PROVIDER_GOOGLE; - $googleRow->foreignKey = $google['id']; - $googleRow->token = $google['access_token']; - $googleRow->tokenSecret = 0; - $googleRow->tokenType = Auth\Table::TYPE_ACCESS; - $googleRow->save(); - } - // create activation token // valid for 5 days $actionRow = UsersActions\Table::getInstance()->generate($userId, UsersActions\Table::ACTION_ACTIVATION, 5); From ae3b702682bc273bb8a01bc515a9347c9b6415dd Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 11:20:21 +0300 Subject: [PATCH 30/46] mailer config was restored --- application/configs/default/mailer.php | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/application/configs/default/mailer.php b/application/configs/default/mailer.php index abea52e2..72b006cb 100644 --- a/application/configs/default/mailer.php +++ b/application/configs/default/mailer.php @@ -13,16 +13,6 @@ "name" => "Bluz" ], "settings" => [ - "CharSet" => "UTF-8", - "Mailer" => "smtp", // mail, sendmail, smtp, qmail - "Host" => "10.10.0.114", - "Port" => "2525" + "CharSet" => "UTF-8" ], - - // Custom Headers - "headers" => [ - "PROJECT" => "Bluz", - 'EMAILS' => 'y.kostrikova@nixsolutions.com, baziak@nixsolutions.com', - 'EXTERNAL' => false - ], -); +); \ No newline at end of file From 36bc319a8125f8daddd6fbd6759deb3059a95366 Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 11:34:26 +0300 Subject: [PATCH 31/46] phpunit.xml was added to .gitignore/hybridauth.php was restored --- .gitignore | 1 + application/configs/default/auth.php | 12 ---------- application/configs/default/hybridauth.php | 10 ++++---- phpunit.xml | 27 ---------------------- 4 files changed, 6 insertions(+), 44 deletions(-) delete mode 100644 phpunit.xml diff --git a/.gitignore b/.gitignore index b62cb81d..4b27fc43 100644 --- a/.gitignore +++ b/.gitignore @@ -8,3 +8,4 @@ nbproject composer.lock composer.phar /vendor/* +phpunit.xml \ No newline at end of file diff --git a/application/configs/default/auth.php b/application/configs/default/auth.php index 8286aca9..19d2ddcb 100644 --- a/application/configs/default/auth.php +++ b/application/configs/default/auth.php @@ -10,17 +10,5 @@ "encryptFunction" => function ($password, $salt) { return md5(md5($password) . $salt); } - ), - "facebook" => array( - "appId" => "1413483462306154", - "secret" => "0911925061bdb04a3d8c41129f672065", - ), - "twitter" => array( - "consumer_key" => "%%consumerKey%%", - "consumer_secret" => "%%consumerSecret%%" - ), - "google" => array( - 'client_id' => "%%client_id%%", - 'client_secret' => '%%client_secret%%' ) ); diff --git a/application/configs/default/hybridauth.php b/application/configs/default/hybridauth.php index 3277ee07..9b2b0b65 100644 --- a/application/configs/default/hybridauth.php +++ b/application/configs/default/hybridauth.php @@ -18,8 +18,8 @@ "Google" => array( // 'id' is your google client id "enabled" => true, "wrapper" => array( "path" => "Providers/Google.php", "class" => "Hybrid_Providers_Google" ), - "keys" => array("id" => "422236904670-r9jmuh7q4kc2vqpkscqtv9i1898mer4u.apps.googleusercontent.com", - "secret" => "3krFP90YB6F6xIADFG-Nzr1Q"), + "keys" => array("id" => "%%client_id%%", + "secret" => "%%client_secret%%"), "scope" => "https://www.googleapis.com/auth/userinfo.profile ". // optional "https://www.googleapis.com/auth/userinfo.email" , // optional "access_type" => "offline", // optional @@ -30,7 +30,7 @@ "Facebook" => array( // 'id' is your facebook application id "enabled" => true, "wrapper" => array( "path" => "Providers/Facebook.php", "class" => "Hybrid_Providers_Facebook" ), - "keys" => array("id" => "1413483462306154", "secret" => "0911925061bdb04a3d8c41129f672065"), + "keys" => array("id" => "%%appId%%", "secret" => "%%secret%%"), "scope" => "email, user_about_me, user_birthday, user_hometown, publish_actions", // optional ), @@ -38,12 +38,12 @@ "Twitter" => array( // 'key' is your twitter application consumer key "enabled" => true, "wrapper" => array( "path" => "Providers/Twitter.php", "class" => "Hybrid_Providers_Twitter" ), - "keys" => array("key" => "eOMvWh3ODqk4A1MHEeolm0Cfv", "secret" => "aJSrRzFlJxZp60IhTPnsOetwYVZ6XBZmcd4wQbPwyc7hgIYg0M") + "keys" => array("key" => "%%consumerKey%%", "secret" => "%%consumerSecret%%") ) ), "debug_mode" => false, // to enable logging, set 'debug_mode' to true, then provide here a path of a writable file - // "debug_file" => PATH_ROOT.'/data/logs/hybrid.log' + "debug_file" =>'' ); \ No newline at end of file diff --git a/phpunit.xml b/phpunit.xml deleted file mode 100644 index 09a06e2d..00000000 --- a/phpunit.xml +++ /dev/null @@ -1,27 +0,0 @@ - - - - ./tests/modules - - - - - - - - ./application/ - - ./application/ - ./application/configs - - - - ./vendor - - - \ No newline at end of file From c98418029c2fa15ede117b0ea6bbe00b4b472400 Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 11:36:32 +0300 Subject: [PATCH 32/46] hybridauth/hybridauth was replaced to require section --- composer.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/composer.json b/composer.json index 35ffa7ce..ea437b57 100644 --- a/composer.json +++ b/composer.json @@ -8,14 +8,14 @@ "bluzphp/framework": "~0.9", "phpmailer/phpmailer": "~5.2", "guzzle/guzzle": "~3.8", - "zircote/swagger-php": "~0.9" + "zircote/swagger-php": "~0.9", + "hybridauth/hybridauth": "dev-master" }, "require-dev": { "phpunit/phpunit": "~4.4", "satooshi/php-coveralls": "~0.6", "squizlabs/php_codesniffer": "~2.0", - "zendframework/zend-dom": "~2.3", - "hybridauth/hybridauth": "dev-master" + "zendframework/zend-dom": "~2.3" }, "config": { "vendor-dir": "vendor" From 67e220bbb1d79f96e86f5a9d61b2c02bd8994a28 Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 11:37:34 +0300 Subject: [PATCH 33/46] hotfix --- application/configs/default/hybridauth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/application/configs/default/hybridauth.php b/application/configs/default/hybridauth.php index 9b2b0b65..250f2e4d 100644 --- a/application/configs/default/hybridauth.php +++ b/application/configs/default/hybridauth.php @@ -11,7 +11,7 @@ */ return array( //"base_url" the url that point to HybridAuth Endpoint (where index.php and config.php are found) - "base_url" => "http://sk.com/auth/endpoint", + "base_url" => "[http|https][your.domain]/auth/endpoint", "providers" => array( // google From 0a44eaab0ab54c7ae9b20c63b2cdb3603f62d0b3 Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 11:45:24 +0300 Subject: [PATCH 34/46] hotfix --- application/configs/default/opauth.php | 47 -------------------------- application/configs/testing/db.php | 2 +- 2 files changed, 1 insertion(+), 48 deletions(-) delete mode 100644 application/configs/default/opauth.php diff --git a/application/configs/default/opauth.php b/application/configs/default/opauth.php deleted file mode 100644 index 3442dd30..00000000 --- a/application/configs/default/opauth.php +++ /dev/null @@ -1,47 +0,0 @@ - '/', - - /** - * Callback URL: redirected to after authentication, successful or otherwise - */ - 'callback_url' => '{path}callback.php', - - /** - * A random string used for signing of $auth response. - */ - 'security_salt' => 'LDFmiilYf8Fyw5W10rx4W1KsVrieQCnpBzzpTBWA5vJidQKDx8pMJbmw28R1C4m', - - /** - * Strategy - * Refer to individual strategy's documentation on configuration requirements. - * - * eg. - * 'Strategy' => array( - * - * 'Facebook' => array( - * 'app_id' => 'APP ID', - * 'app_secret' => 'APP_SECRET' - * ), - * - * ) - * - */ - 'Strategy' => array( - // Define strategies and their respective configs here - - ), -); \ No newline at end of file diff --git a/application/configs/testing/db.php b/application/configs/testing/db.php index 5fc7306d..046d06b3 100644 --- a/application/configs/testing/db.php +++ b/application/configs/testing/db.php @@ -12,7 +12,7 @@ "name" => "bluz_test", "user" => "root", "pass" => "", - "unix_socket" => "/opt/lampp/var/mysql/mysql.sock", + "unix_socket" => "", "options" => array( \PDO::ATTR_PERSISTENT => true, \PDO::MYSQL_ATTR_INIT_COMMAND => "SET CHARACTER SET utf8" From 4d8fdeb718162cb8c7eb9f3819bddd9bd14ec7e1 Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 11:48:05 +0300 Subject: [PATCH 35/46] controller index.php was restored --- .../modules/index/controllers/index.php | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/application/modules/index/controllers/index.php b/application/modules/index/controllers/index.php index edfe2385..14ed15ef 100644 --- a/application/modules/index/controllers/index.php +++ b/application/modules/index/controllers/index.php @@ -6,20 +6,14 @@ * @created 06.07.11 18:39 * @return \Closure */ - /** * @namespace */ namespace Application; - -use Bluz\Proxy\Config; - return -/** - * @var Bootstrap $this - * @return void - */ -function () { - - -}; + /** + * @var Bootstrap $this + * @return void + */ + function () { + }; \ No newline at end of file From c303055eb909635914c1a383a84cc1bed0dcbcf2 Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 11:50:34 +0300 Subject: [PATCH 36/46] unused attribute data-provider was removed from profile.phtml --- application/modules/users/views/profile.phtml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/application/modules/users/views/profile.phtml b/application/modules/users/views/profile.phtml index f2e1cd3b..c0a24199 100644 --- a/application/modules/users/views/profile.phtml +++ b/application/modules/users/views/profile.phtml @@ -34,11 +34,11 @@ - - - From 6f0b893abf45409fc9f7de6a1fd8631ad2a9d8df Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 11:54:15 +0300 Subject: [PATCH 37/46] hotfix --- tests/bootstrap.php | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/tests/bootstrap.php b/tests/bootstrap.php index 34d5dc79..e63dbddc 100644 --- a/tests/bootstrap.php +++ b/tests/bootstrap.php @@ -2,15 +2,10 @@ // Environment error_reporting(E_ALL | E_STRICT); ini_set('display_errors', 1); -chdir(__DIR__); - // Emulate session $_SESSION = array(); $_COOKIE[session_name()] = uniqid(); - require_once dirname(__DIR__) . '/vendor/autoload.php'; - $env = getenv('BLUZ_ENV') ?: 'testing'; - $app = \Application\Tests\BootstrapTest::getInstance(); -$app->init($env); +$app->init($env); \ No newline at end of file From 05983a43ba6b12c305be0668d724487e735bb1c8 Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 12:39:49 +0300 Subject: [PATCH 38/46] single blank line for mailer.php --- application/configs/default/mailer.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/application/configs/default/mailer.php b/application/configs/default/mailer.php index 72b006cb..669dc52a 100644 --- a/application/configs/default/mailer.php +++ b/application/configs/default/mailer.php @@ -15,4 +15,4 @@ "settings" => [ "CharSet" => "UTF-8" ], -); \ No newline at end of file +); From aaf0e5ca1e255deef7af1e2ed5e52423166d2472 Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 15:04:56 +0300 Subject: [PATCH 39/46] psr2 --- application/configs/testing/db.php | 21 ------------ application/modules/auth/controllers/auth.php | 7 ++-- tests/models/Auth/AuthProviderTest.php | 4 +-- tests/modules/auth/controllers/AuthTest.php | 34 +++++++++++-------- 4 files changed, 25 insertions(+), 41 deletions(-) delete mode 100644 application/configs/testing/db.php diff --git a/application/configs/testing/db.php b/application/configs/testing/db.php deleted file mode 100644 index 046d06b3..00000000 --- a/application/configs/testing/db.php +++ /dev/null @@ -1,21 +0,0 @@ - array( - "type" => "mysql", - "host" => "localhost", - "name" => "bluz_test", - "user" => "root", - "pass" => "", - "unix_socket" => "", - "options" => array( - \PDO::ATTR_PERSISTENT => true, - \PDO::MYSQL_ATTR_INIT_COMMAND => "SET CHARACTER SET utf8" - ) - ) -); diff --git a/application/modules/auth/controllers/auth.php b/application/modules/auth/controllers/auth.php index 682f71ea..987c2f54 100644 --- a/application/modules/auth/controllers/auth.php +++ b/application/modules/auth/controllers/auth.php @@ -23,17 +23,18 @@ function ($provider = '') { /** * @var Bootstrap $this */ - try{ + try { $auth = new AuthProvider($provider); $auth->setResponse($this); $auth->setIdentity($this->user()); $auth->authProcess(); - }catch (Exception $e) { + } catch (Exception $e) { Messages::addError($e->getMessage()); } + return function () { return false; - }; + }; }; diff --git a/tests/models/Auth/AuthProviderTest.php b/tests/models/Auth/AuthProviderTest.php index a884c499..45b7a223 100644 --- a/tests/models/Auth/AuthProviderTest.php +++ b/tests/models/Auth/AuthProviderTest.php @@ -79,7 +79,6 @@ public function testUserStatusActive() try { $provider->alreadyRegisteredLogic($authRow); } catch (RedirectException $e) { - } $this->assertNotNull(Auth::getIdentity()); @@ -107,5 +106,4 @@ public function testAvailableProviders() $provider = new AuthProvider('Facebook'); $this->assertContains("Facebook", $provider->getAvailableProviders()); } - -} \ No newline at end of file +} diff --git a/tests/modules/auth/controllers/AuthTest.php b/tests/modules/auth/controllers/AuthTest.php index 3476b26a..d4703bdb 100644 --- a/tests/modules/auth/controllers/AuthTest.php +++ b/tests/modules/auth/controllers/AuthTest.php @@ -1,11 +1,13 @@ setAuthAdapter($authAdapterMock); try { $provider->authProcess(); + } catch (RedirectException $red) { + } catch (\Exception $e) { } - catch (RedirectException $red) {} - catch (\Exception $e) {} $message = Messages::pop(); - $this->assertEquals("You have already linked to Facebook", $message->text ); + $this->assertEquals("You have already linked to Facebook", $message->text); } @@ -115,13 +122,12 @@ public function testUserNotLinkedTo() $provider->setAuthAdapter($authAdapterMock); try { $provider->authProcess(); + } catch (RedirectException $red) { + } catch (\Exception $e) { } - catch (RedirectException $red) {} - catch (\Exception $e) {} $message = Messages::pop(); - $this->assertEquals("First you need to be linked to Facebook", $message->text ); + $this->assertEquals("First you need to be linked to Facebook", $message->text); } - -} \ No newline at end of file +} From dbdaada1ce6e2cd4e99746828b3a78399d1a6a9c Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 15:16:37 +0300 Subject: [PATCH 40/46] psr2 --- application/configs/default/hybridauth.php | 2 +- application/models/Auth/AuthInterface.php | 7 +++---- application/models/Auth/AuthProvider.php | 8 +++----- application/modules/index/controllers/index.php | 3 ++- 4 files changed, 9 insertions(+), 11 deletions(-) diff --git a/application/configs/default/hybridauth.php b/application/configs/default/hybridauth.php index 250f2e4d..7c43e739 100644 --- a/application/configs/default/hybridauth.php +++ b/application/configs/default/hybridauth.php @@ -46,4 +46,4 @@ // to enable logging, set 'debug_mode' to true, then provide here a path of a writable file "debug_file" =>'' - ); \ No newline at end of file + ); diff --git a/application/models/Auth/AuthInterface.php b/application/models/Auth/AuthInterface.php index 15ce6900..c2441c2b 100644 --- a/application/models/Auth/AuthInterface.php +++ b/application/models/Auth/AuthInterface.php @@ -7,8 +7,8 @@ */ namespace Application\Auth; -interface AuthInterface{ - +interface AuthInterface +{ /** * @param array $data * @param \Application\Users\Row $user @@ -38,5 +38,4 @@ public function alreadyRegisteredLogic($auth); * @return array */ public function getProfile(); - -} \ No newline at end of file +} diff --git a/application/models/Auth/AuthProvider.php b/application/models/Auth/AuthProvider.php index 42a7349b..b25e6ad2 100644 --- a/application/models/Auth/AuthProvider.php +++ b/application/models/Auth/AuthProvider.php @@ -30,7 +30,6 @@ class AuthProvider implements AuthInterface public function __construct($providerName) { if (!in_array(ucfirst($providerName), $this->getAvailableProviders())) { - throw new \Exception(sprintf('Provider % is not defined in configuration file', ucfirst($providerName))); } $this->providerName = ucfirst($providerName); @@ -45,6 +44,7 @@ public function getHybridauth() if (!$this->hybridauth) { $this->hybridauth = new \Hybrid_Auth($this->getOptions()); } + return $this->hybridauth; } @@ -109,15 +109,14 @@ public function setProviderName($providerName) public function getAuthAdapter() { if (!$this->authAdapter) { - /** @var \Hybrid_Provider_Adapter $authProvider */ $this->authAdapter = $this->getHybridauth()->authenticate($this->providerName); if (!$this->authAdapter->isUserConnected()) { throw new \Exception('Cannot connect to current provider !'); } - } + return $this->authAdapter; } @@ -225,5 +224,4 @@ public function getProfile() { return $this->authAdapter->getUserProfile(); } - -} \ No newline at end of file +} diff --git a/application/modules/index/controllers/index.php b/application/modules/index/controllers/index.php index 14ed15ef..6554dbcd 100644 --- a/application/modules/index/controllers/index.php +++ b/application/modules/index/controllers/index.php @@ -10,10 +10,11 @@ * @namespace */ namespace Application; + return /** * @var Bootstrap $this * @return void */ function () { - }; \ No newline at end of file + }; From 49daa811d5b15d4dffcbdaa2d290175b202f5f35 Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 16:00:44 +0300 Subject: [PATCH 41/46] test testUserNotLinkedTo was fixed --- application/models/Auth/AuthProvider.php | 5 +- tests/modules/auth/controllers/AuthTest.php | 61 +++++++++++---------- 2 files changed, 37 insertions(+), 29 deletions(-) diff --git a/application/models/Auth/AuthProvider.php b/application/models/Auth/AuthProvider.php index b25e6ad2..ed0306d8 100644 --- a/application/models/Auth/AuthProvider.php +++ b/application/models/Auth/AuthProvider.php @@ -157,6 +157,7 @@ public function registration($data, $user) */ public function authProcess() { + $this->authAdapter = $this->getAuthAdapter(); $profile = $this->getProfile(); @@ -164,7 +165,8 @@ public function authProcess() * @var Auth\Table $authTable */ $authTable = Auth\Table::getInstance(); - $auth = $authTable->getAuthRow(strtolower($this->providerName), $profile->identifier); + $auth = $authTable->getAuthRow(strtolower($this->providerName),$profile->identifier); + if ($this->identity) { if ($auth) { @@ -179,6 +181,7 @@ public function authProcess() if ($auth) { $this->alreadyRegisteredLogic($auth); } else { + Messages::addError(sprintf('First you need to be linked to %s', $this->providerName)); $this->response->redirectTo('users', 'signin'); } diff --git a/tests/modules/auth/controllers/AuthTest.php b/tests/modules/auth/controllers/AuthTest.php index d4703bdb..3c831c9d 100644 --- a/tests/modules/auth/controllers/AuthTest.php +++ b/tests/modules/auth/controllers/AuthTest.php @@ -24,10 +24,30 @@ class AuthTest extends ControllerTestCase { + /** + * @var \Hybrid_Auth + */ + protected $hybridAuthMock; + + /** + * @var \Hybrid_Provider_Adapter + */ + protected $authAdapterMock; + protected function setUp() { parent::setUp(); + $this->hybridAuthMock = $this->getMockBuilder('\Hybrid_Auth') + ->setMethods(['authenticate']) + ->disableOriginalConstructor() + ->getMock(); + + $this->authAdapterMock = $this->getMockBuilder('\Hybrid_Provider_Adapter') + ->setMethods(['getUserProfile']) + ->disableOriginalConstructor() + ->getMock(); + Db::insert('users')->setArray( [ 'id' => 2, @@ -64,29 +84,19 @@ public function testUserAlreadyLinkedTo() $userProfile = new \Hybrid_User_Profile(); $userProfile->identifier = 112233; - $hybridAuthMock = $this->getMockBuilder('\Hybrid_Auth') - ->setMethods(['authenticate']) - ->disableOriginalConstructor() - ->getMock(); - - $authAdapterMock = $this->getMockBuilder('\Hybrid_Provider_Adapter') - ->setMethods(['getUserProfile']) - ->disableOriginalConstructor() - ->getMock(); - - $authAdapterMock->method('getUserProfile') + $this->authAdapterMock->method('getUserProfile') ->willReturn($userProfile); - $hybridAuthMock->method('authenticate') + $this->hybridAuthMock->method('authenticate') ->willReturn(new \Hybrid_Provider_Adapter); - $this->assertInstanceOf('\Hybrid_Auth', $hybridAuthMock); + $this->assertInstanceOf('\Hybrid_Auth', $this->hybridAuthMock); $provider = new AuthProvider('Facebook'); $provider->setResponse($this->getApp()); $provider->setIdentity($identity); - $provider->setHybridauth($hybridAuthMock); - $provider->setAuthAdapter($authAdapterMock); + $provider->setHybridauth($this->hybridAuthMock); + $provider->setAuthAdapter($this->authAdapterMock); try { $provider->authProcess(); } catch (RedirectException $red) { @@ -100,26 +110,21 @@ public function testUserAlreadyLinkedTo() public function testUserNotLinkedTo() { - $hybridAuthMock = $this->getMockBuilder('\Hybrid_Auth') - ->setMethods(['authenticate']) - ->disableOriginalConstructor() - ->getMock(); - - $authAdapterMock = $this->getMockBuilder('\Hybrid_Provider_Adapter') - ->setMethods(['getUserProfile']) - ->disableOriginalConstructor() - ->getMock(); + $userProfile = new \Hybrid_User_Profile(); + $userProfile->identifier = null; - $hybridAuthMock->method('authenticate') + $this->hybridAuthMock->method('authenticate') ->willReturn(new \Hybrid_Provider_Adapter); + $this->authAdapterMock->method('getUserProfile') + ->willReturn($userProfile); - $this->assertInstanceOf('\Hybrid_Auth', $hybridAuthMock); + $this->assertInstanceOf('\Hybrid_Auth', $this->hybridAuthMock); $provider = new AuthProvider('Facebook'); $provider->setResponse($this->getApp()); - $provider->setHybridauth($hybridAuthMock); - $provider->setAuthAdapter($authAdapterMock); + $provider->setHybridauth($this->hybridAuthMock); + $provider->setAuthAdapter($this->authAdapterMock); try { $provider->authProcess(); } catch (RedirectException $red) { From d68cd71efbab9573d212b7e31f3deab4e6d35a08 Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 16:07:46 +0300 Subject: [PATCH 42/46] old facebook/controlles was remowed --- .../modules/facebook/controllers/AuthTest.php | 47 ------------------- 1 file changed, 47 deletions(-) delete mode 100644 tests/modules/facebook/controllers/AuthTest.php diff --git a/tests/modules/facebook/controllers/AuthTest.php b/tests/modules/facebook/controllers/AuthTest.php deleted file mode 100644 index a51fd2d2..00000000 --- a/tests/modules/facebook/controllers/AuthTest.php +++ /dev/null @@ -1,47 +0,0 @@ -dispatchRouter('/facebook/auth/'); - */ - - // Remove the following lines when you implement this test. - // Need to refactoring Facebook library for avoid used global dependency - $this->markTestIncomplete( - 'This test has not been implemented yet.' - ); - } - - /** - * If user already signed - redirect to homepage - */ - public function testControllerPageWithUser() - { - $this->setupSuperUserIdentity(); - - $this->dispatchRouter('/facebook/auth/'); - $this->assertRedirect('index', 'index'); - } -} From e0ad5ce94c98bea9d93177f59cbc5820332d5107 Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 16:12:06 +0300 Subject: [PATCH 43/46] hotfix --- application/models/Auth/AuthProvider.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/application/models/Auth/AuthProvider.php b/application/models/Auth/AuthProvider.php index ed0306d8..4527cd74 100644 --- a/application/models/Auth/AuthProvider.php +++ b/application/models/Auth/AuthProvider.php @@ -136,18 +136,18 @@ public function setAuthAdapter($authAdapter) */ public function registration($data, $user) { - $twitterRow = new Auth\Row(); - $twitterRow->userId = $user->id; - $twitterRow->provider = strtolower($this->providerName); + $row = new Auth\Row(); + $row->userId = $user->id; + $row->provider = strtolower($this->providerName); - $twitterRow->foreignKey = $data->identifier; - $twitterRow->token = $this->authAdapter->getAccessToken()['access_token']; - $twitterRow->tokenSecret = ($this->authAdapter->getAccessToken()['access_token_secret']) ? + $row->foreignKey = $data->identifier; + $row->token = $this->authAdapter->getAccessToken()['access_token']; + $row->tokenSecret = ($this->authAdapter->getAccessToken()['access_token_secret']) ? $this->authAdapter->getAccessToken()['access_token_secret'] : ''; - $twitterRow->tokenType = Auth\Table::TYPE_ACCESS; - $twitterRow->save(); + $row->tokenType = Auth\Table::TYPE_ACCESS; + $row->save(); - Messages::addNotice(sprintf('Your account was linked to %s successfully !', ucfirst($this->providerName))); + Messages::addNotice(sprintf('Your account was linked to %s successfully !', $this->providerName)); $this->response->redirectTo('users', 'profile', ['id' => $user->id]); } From 98fec4cf2e25d5f7377ebb44bc252c056cc1d048 Mon Sep 17 00:00:00 2001 From: yuklia Date: Fri, 8 May 2015 16:26:14 +0300 Subject: [PATCH 44/46] psr2 --- application/models/Auth/AuthProvider.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/application/models/Auth/AuthProvider.php b/application/models/Auth/AuthProvider.php index 4527cd74..f7bc1248 100644 --- a/application/models/Auth/AuthProvider.php +++ b/application/models/Auth/AuthProvider.php @@ -165,7 +165,7 @@ public function authProcess() * @var Auth\Table $authTable */ $authTable = Auth\Table::getInstance(); - $auth = $authTable->getAuthRow(strtolower($this->providerName),$profile->identifier); + $auth = $authTable->getAuthRow(strtolower($this->providerName), $profile->identifier); if ($this->identity) { @@ -181,7 +181,6 @@ public function authProcess() if ($auth) { $this->alreadyRegisteredLogic($auth); } else { - Messages::addError(sprintf('First you need to be linked to %s', $this->providerName)); $this->response->redirectTo('users', 'signin'); } From 0c8465f20b2fb3660a5c04b827c6225f80112939 Mon Sep 17 00:00:00 2001 From: yuklia Date: Wed, 13 May 2015 15:12:47 +0300 Subject: [PATCH 45/46] guzzle, google,twitter,facebook libs were removed --- application/configs/default/hybridauth.php | 2 +- application/library/Google/Client.php | 111 -- application/library/Twitter/Client.php | 127 -- application/models/Auth/AuthInterface.php | 5 +- application/models/Auth/AuthProvider.php | 15 +- application/models/Facebook/BaseFacebook.php | 1484 ----------------- application/models/Facebook/Facebook.php | 174 -- .../models/Facebook/FacebookApiException.php | 96 -- composer.json | 1 - 9 files changed, 16 insertions(+), 1999 deletions(-) delete mode 100644 application/library/Google/Client.php delete mode 100644 application/library/Twitter/Client.php delete mode 100644 application/models/Facebook/BaseFacebook.php delete mode 100644 application/models/Facebook/Facebook.php delete mode 100644 application/models/Facebook/FacebookApiException.php diff --git a/application/configs/default/hybridauth.php b/application/configs/default/hybridauth.php index 7c43e739..4653c3f2 100644 --- a/application/configs/default/hybridauth.php +++ b/application/configs/default/hybridauth.php @@ -11,7 +11,7 @@ */ return array( //"base_url" the url that point to HybridAuth Endpoint (where index.php and config.php are found) - "base_url" => "[http|https][your.domain]/auth/endpoint", + "base_url" => "%%domain%%/auth/endpoint", "providers" => array( // google diff --git a/application/library/Google/Client.php b/application/library/Google/Client.php deleted file mode 100644 index 0e36d9b5..00000000 --- a/application/library/Google/Client.php +++ /dev/null @@ -1,111 +0,0 @@ -domain, $config); - } - - /** - * @param $callbackUrl - * @return \Guzzle\Http\Url|string - */ - public function getAuthUrl($callbackUrl) - { - $request = $this->get( - $this->requestCode, - null, - [ - 'query' => [ - 'redirect_uri' => $callbackUrl, - 'response_type' => 'code', - 'client_id' => $this->getConfig('client_id'), - 'scope' => 'https://www.googleapis.com/auth/userinfo.email' . - ' https://www.googleapis.com/auth/userinfo.profile' - ] - ] - ); - - return $request->getUrl(); - } - - /** - * @param $code - * @param $callbackUrl - */ - public function getOauthAccessToken($code, $callbackUrl) - { - if (!isset($code)) { - throw new BadResponseException('Authorization failed'); - } - - $request = $this->post( - $this->requestAccessToken, - null, - [ - 'client_id' => $this->getConfig('client_id'), - 'client_secret' => $this->getConfig('client_secret'), - 'redirect_uri' => $callbackUrl, - 'grant_type' => 'authorization_code', - 'code' => $code - ] - ); - - $response = $request->send(); - $result = json_decode($response->getBody()->__toString(), true); - if (isset($result['access_token'])) { - $this->accessToken = $result['access_token']; - } else { - throw new BadResponseException('Authorization failed'); - } - } - - /** - * @return array - */ - public function getUserInfo() - { - if (!isset($this->accessToken)) { - throw new BadResponseException('Access token is missed'); - } - - $request = $this->get( - 'https://www.googleapis.com/oauth2/v1/userinfo', - null, - [ - 'query' => [ - 'access_token' => $this->accessToken - ] - ] - ); - - $response = $request->send(); - $result = json_decode($response->getBody()->__toString(), true); - if (isset($result['id'])) { - return $result; - } else { - throw new BadResponseException('Invalid access token'); - } - - } -} diff --git a/application/library/Twitter/Client.php b/application/library/Twitter/Client.php deleted file mode 100644 index a9d0ef0b..00000000 --- a/application/library/Twitter/Client.php +++ /dev/null @@ -1,127 +0,0 @@ -domain); - - /** - * Create Object. - * - * @param array $config - * @return OauthPlugin - */ - $this->oauthPlugin = new OauthPlugin($config); - $this->addSubscriber($this->oauthPlugin); - } - - /** - * Get request token from API - * - * $callbackUrl = Router::getFullUrl('twitter', 'callback'); - * $oauthRequestToken = $twitterAuth->getOauthRequestToken($callbackUrl); * - * - * @param string $callbackUrl - * @throws \Exception - * @return array - */ - public function getOauthRequestToken($callbackUrl) - { - $request = $this->get( - $this->requestToken, - null, - array( - 'query' => array( - 'oauth_callback' => $callbackUrl - ) - ) - ); - - - $response = $request->send(); - parse_str($response->getBody(), $result); - - if (!$result || !isset($result['oauth_token']) || empty($result['oauth_token'])) { - throw new \Exception("System can't retrieve token. Please check configuration of Twitter authorization"); - } - - return $result['oauth_token']; - } - - /** - * getOauthAccessToken - * - * $oauthToken = Request::getParam('oauth_token'); - * $oauthVerifier = Request::getParam('oauth_verifier'); - * $oauthTokenSecret = Session::get('oauthTokenSecret'); - * $oauthRequestToken = $twitterAuth->getOauthAccessToken($oauthToken, $oauthVerifier, $oauthTokenSecret); - * - * @param string $oauthToken - * @param string $oauthVerifier - * @param string $oauthTokenSecret - * @throws \Exception - * @return array - */ - public function getOauthAccessToken($oauthToken, $oauthVerifier, $oauthTokenSecret) - { - $request = $this->get( - $this->accessToken, - null, - array( - 'query' => array( - 'oauth_token' => $oauthToken, - 'oauth_verifier' => $oauthVerifier, - 'oauth_consumer_key' => $oauthTokenSecret - ) - ) - ); - - $response = $request->send(); - parse_str($response->getBody(), $result); - if (!$result || !isset($result['user_id']) || empty($result['user_id'])) { - throw new \Exception('User data is not received'); - } - - return $result; - } -} diff --git a/application/models/Auth/AuthInterface.php b/application/models/Auth/AuthInterface.php index c2441c2b..5c57cfd9 100644 --- a/application/models/Auth/AuthInterface.php +++ b/application/models/Auth/AuthInterface.php @@ -7,6 +7,10 @@ */ namespace Application\Auth; +/** + * Interface AuthInterface + * @package Application\Auth + */ interface AuthInterface { /** @@ -27,7 +31,6 @@ public function authProcess(); */ public function getOptions(); - /** * @param \Application\Auth\Row $auth * @return mixed diff --git a/application/models/Auth/AuthProvider.php b/application/models/Auth/AuthProvider.php index f7bc1248..9c910491 100644 --- a/application/models/Auth/AuthProvider.php +++ b/application/models/Auth/AuthProvider.php @@ -1,12 +1,21 @@ + */ namespace Application\Auth; +use Bluz\Application\Exception\ApplicationException; use Bluz\Proxy\Config; use Bluz\Proxy\Messages; use Application\Auth; use Application\Users; +/** + * Class AuthProvider + * @package Application\Auth + */ class AuthProvider implements AuthInterface { /** @var \Bluz\Http\Response */ @@ -30,7 +39,7 @@ class AuthProvider implements AuthInterface public function __construct($providerName) { if (!in_array(ucfirst($providerName), $this->getAvailableProviders())) { - throw new \Exception(sprintf('Provider % is not defined in configuration file', ucfirst($providerName))); + throw new ApplicationException(sprintf('Provider % is not defined in configuration file', ucfirst($providerName))); } $this->providerName = ucfirst($providerName); } @@ -142,8 +151,7 @@ public function registration($data, $user) $row->foreignKey = $data->identifier; $row->token = $this->authAdapter->getAccessToken()['access_token']; - $row->tokenSecret = ($this->authAdapter->getAccessToken()['access_token_secret']) ? - $this->authAdapter->getAccessToken()['access_token_secret'] : ''; + $row->tokenSecret = ($this->authAdapter->getAccessToken()['access_token_secret']) ? : ''; $row->tokenType = Auth\Table::TYPE_ACCESS; $row->save(); @@ -157,7 +165,6 @@ public function registration($data, $user) */ public function authProcess() { - $this->authAdapter = $this->getAuthAdapter(); $profile = $this->getProfile(); diff --git a/application/models/Facebook/BaseFacebook.php b/application/models/Facebook/BaseFacebook.php deleted file mode 100644 index c0f48f4b..00000000 --- a/application/models/Facebook/BaseFacebook.php +++ /dev/null @@ -1,1484 +0,0 @@ - - */ -abstract class BaseFacebook -{ - /** - * Version. - */ - const VERSION = '3.2.2'; - - /** - * Signed Request Algorithm. - */ - const SIGNED_REQUEST_ALGORITHM = 'HMAC-SHA256'; - - /** - * Default options for curl. - */ - public static $CURL_OPTS = array( - CURLOPT_CONNECTTIMEOUT => 10, - CURLOPT_RETURNTRANSFER => true, - CURLOPT_TIMEOUT => 60, - CURLOPT_USERAGENT => 'facebook-php-3.2', - ); - - /** - * List of query parameters that get automatically dropped when rebuilding - * the current URL. - */ - protected static $DROP_QUERY_PARAMS = array( - 'code', - 'state', - 'signed_request', - ); - - /** - * Maps aliases to Facebook domains. - */ - public static $DOMAIN_MAP = array( - 'api' => 'https://api.facebook.com/', - 'api_video' => 'https://api-video.facebook.com/', - 'api_read' => 'https://api-read.facebook.com/', - 'graph' => 'https://graph.facebook.com/', - 'graph_video' => 'https://graph-video.facebook.com/', - 'www' => 'https://www.facebook.com/', - ); - - /** - * The Application ID. - * - * @var string - */ - protected $appId; - - /** - * The Application App Secret. - * - * @var string - */ - protected $appSecret; - - /** - * The ID of the Facebook user, or 0 if the user is logged out. - * - * @var integer - */ - protected $user; - - /** - * The data from the signed_request token. - * - * @var array - */ - protected $signedRequest; - - /** - * A CSRF state variable to assist in the defense against CSRF attacks. - */ - protected $state; - - /** - * The OAuth access token received in exchange for a valid authorization - * code. null means the access token has yet to be determined. - * - * @var string - */ - protected $accessToken = null; - - /** - * Indicates if the CURL based @ syntax for file uploads is enabled. - * - * @var boolean - */ - protected $fileUploadSupport = false; - - /** - * Indicates if we trust HTTP_X_FORWARDED_* headers. - * - * @var boolean - */ - protected $trustForwarded = false; - - /** - * Initialize a Facebook Application. - * - * The configuration: - * - appId: the application ID - * - secret: the application secret - * - fileUpload: (optional) boolean indicating if file uploads are enabled - * - * @param array $config The application configuration - */ - public function __construct($config) - { - $this->setAppId($config['appId']); - $this->setAppSecret($config['secret']); - if (isset($config['fileUpload'])) { - $this->setFileUploadSupport($config['fileUpload']); - } - if (isset($config['trustForwarded']) && $config['trustForwarded']) { - $this->trustForwarded = true; - } - $state = $this->getPersistentData('state'); - if (!empty($state)) { - $this->state = $state; - } - } - - /** - * Set the Application ID. - * - * @param string $appId The Application ID - * @return BaseFacebook - */ - public function setAppId($appId) - { - $this->appId = $appId; - return $this; - } - - /** - * Get the Application ID. - * - * @return string the Application ID - */ - public function getAppId() - { - return $this->appId; - } - - /** - * Set the App Secret. - * - * @param string $apiSecret The App Secret - * @return BaseFacebook - * @deprecated - */ - public function setApiSecret($apiSecret) - { - $this->setAppSecret($apiSecret); - return $this; - } - - /** - * Set the App Secret. - * - * @param string $appSecret The App Secret - * @return BaseFacebook - */ - public function setAppSecret($appSecret) - { - $this->appSecret = $appSecret; - return $this; - } - - /** - * Get the App Secret. - * - * @return string the App Secret - * @deprecated - */ - public function getApiSecret() - { - return $this->getAppSecret(); - } - - /** - * Get the App Secret. - * - * @return string the App Secret - */ - public function getAppSecret() - { - return $this->appSecret; - } - - /** - * Set the file upload support status. - * - * @param boolean $fileUploadSupport The file upload support status. - * @return BaseFacebook - */ - public function setFileUploadSupport($fileUploadSupport) - { - $this->fileUploadSupport = $fileUploadSupport; - return $this; - } - - /** - * Get the file upload support status. - * - * @return boolean true if and only if the server supports file upload. - */ - public function getFileUploadSupport() - { - return $this->fileUploadSupport; - } - - /** - * DEPRECATED! Please use getFileUploadSupport instead. - * - * Get the file upload support status. - * - * @return boolean true if and only if the server supports file upload. - */ - public function useFileUploadSupport() - { - return $this->getFileUploadSupport(); - } - - /** - * Sets the access token for api calls. Use this if you get - * your access token by other means and just want the SDK - * to use it. - * - * @param string $access_token an access token. - * @return BaseFacebook - */ - public function setAccessToken($access_token) - { - $this->accessToken = $access_token; - return $this; - } - - /** - * Extend an access token, while removing the short-lived token that might - * have been generated via client-side flow. Thanks to http://bit.ly/b0Pt0H - * for the workaround. - * - * @return bool - */ - public function setExtendedAccessToken() - { - try { - // need to circumvent json_decode by calling _oauthRequest - // directly, since response isn't JSON format. - $access_token_response = $this->oauthRequest( - $this->getUrl('graph', '/oauth/access_token'), - $params = array( - 'client_id' => $this->getAppId(), - 'client_secret' => $this->getAppSecret(), - 'grant_type' => 'fb_exchange_token', - 'fb_exchange_token' => $this->getAccessToken(), - ) - ); - } catch (FacebookApiException $e) { - // most likely that user very recently revoked authorization. - // In any event, we don't have an access token, so say so. - return false; - } - - if (empty($access_token_response)) { - return false; - } - - $response_params = array(); - parse_str($access_token_response, $response_params); - - if (!isset($response_params['access_token'])) { - return false; - } - - $this->destroySession(); - - $this->setPersistentData( - 'access_token', - $response_params['access_token'] - ); - return true; - } - - /** - * Determines the access token that should be used for API calls. - * The first time this is called, $this->accessToken is set equal - * to either a valid user access token, or it's set to the application - * access token if a valid user access token wasn't available. Subsequent - * calls return whatever the first call returned. - * - * @return string The access token - */ - public function getAccessToken() - { - if ($this->accessToken !== null) { - // we've done this already and cached it. Just return. - return $this->accessToken; - } - - // first establish access token to be the application - // access token, in case we navigate to the /oauth/access_token - // endpoint, where SOME access token is required. - $this->setAccessToken($this->getApplicationAccessToken()); - $user_access_token = $this->getUserAccessToken(); - if ($user_access_token) { - $this->setAccessToken($user_access_token); - } - - return $this->accessToken; - } - - /** - * Determines and returns the user access token, first using - * the signed request if present, and then falling back on - * the authorization code if present. The intent is to - * return a valid user access token, or false if one is determined - * to not be available. - * - * @return string A valid user access token, or false if one - * could not be determined. - */ - protected function getUserAccessToken() - { - // first, consider a signed request if it's supplied. - // if there is a signed request, then it alone determines - // the access token. - $signed_request = $this->getSignedRequest(); - if ($signed_request) { - // apps.facebook.com hands the access_token in the signed_request - if (array_key_exists('oauth_token', $signed_request)) { - $access_token = $signed_request['oauth_token']; - $this->setPersistentData('access_token', $access_token); - return $access_token; - } - - // the JS SDK puts a code in with the redirect_uri of '' - if (array_key_exists('code', $signed_request)) { - $code = $signed_request['code']; - if ($code && $code == $this->getPersistentData('code')) { - // short-circuit if the code we have is the same as the one presented - return $this->getPersistentData('access_token'); - } - - $access_token = $this->getAccessTokenFromCode($code, ''); - if ($access_token) { - $this->setPersistentData('code', $code); - $this->setPersistentData('access_token', $access_token); - return $access_token; - } - } - - // signed request states there's no access token, so anything - // stored should be cleared. - $this->clearAllPersistentData(); - return false; // respect the signed request's data, even - // if there's an authorization code or something else - } - - $code = $this->getCode(); - if ($code && $code != $this->getPersistentData('code')) { - $access_token = $this->getAccessTokenFromCode($code); - if ($access_token) { - $this->setPersistentData('code', $code); - $this->setPersistentData('access_token', $access_token); - return $access_token; - } - - // code was bogus, so everything based on it should be invalidated. - $this->clearAllPersistentData(); - return false; - } - - // as a fallback, just return whatever is in the persistent - // store, knowing nothing explicit (signed request, authorization - // code, etc.) was present to shadow it (or we saw a code in $_REQUEST, - // but it's the same as what's in the persistent store) - return $this->getPersistentData('access_token'); - } - - /** - * Retrieve the signed request, either from a request parameter or, - * if not present, from a cookie. - * - * @return array the signed request, if available, or null otherwise. - */ - public function getSignedRequest() - { - if (!$this->signedRequest) { - if (!empty($_REQUEST['signed_request'])) { - $this->signedRequest = $this->parseSignedRequest( - $_REQUEST['signed_request'] - ); - } else { - if (!empty($_COOKIE[$this->getSignedRequestCookieName()])) { - $this->signedRequest = $this->parseSignedRequest( - $_COOKIE[$this->getSignedRequestCookieName()] - ); - } - } - } - return $this->signedRequest; - } - - /** - * Get the UID of the connected user, or 0 - * if the Facebook user is not connected. - * - * @return integer the UID if available. - */ - public function getUser() - { - if ($this->user !== null) { - // we've already determined this and cached the value. - return $this->user; - } - - return $this->user = $this->getUserFromAvailableData(); - } - - /** - * Determines the connected user by first examining any signed - * requests, then considering an authorization code, and then - * falling back to any persistent store storing the user. - * - * @return integer The id of the connected Facebook user, - * or 0 if no such user exists. - */ - protected function getUserFromAvailableData() - { - // if a signed request is supplied, then it solely determines - // who the user is. - $signed_request = $this->getSignedRequest(); - if ($signed_request) { - if (array_key_exists('user_id', $signed_request)) { - $user = $signed_request['user_id']; - - if ($user != $this->getPersistentData('user_id')) { - $this->clearAllPersistentData(); - } - - $this->setPersistentData('user_id', $signed_request['user_id']); - return $user; - } - - // if the signed request didn't present a user id, then invalidate - // all entries in any persistent store. - $this->clearAllPersistentData(); - return 0; - } - - $user = $this->getPersistentData('user_id', $default = 0); - $persisted_access_token = $this->getPersistentData('access_token'); - - // use access_token to fetch user id if we have a user access_token, or if - // the cached access token has changed. - $access_token = $this->getAccessToken(); - if ($access_token && - $access_token != $this->getApplicationAccessToken() && - !($user && $persisted_access_token == $access_token) - ) { - $user = $this->getUserFromAccessToken(); - if ($user) { - $this->setPersistentData('user_id', $user); - } else { - $this->clearAllPersistentData(); - } - } - - return $user; - } - - /** - * Get a Login URL for use with redirects. By default, full page redirect is - * assumed. If you are using the generated URL with a window.open() call in - * JavaScript, you can pass in display=popup as part of the $params. - * - * The parameters: - * - redirect_uri: the url to go to after a successful login - * - scope: comma separated list of requested extended perms - * - * @param array $params Provide custom parameters - * @return string The URL for the login flow - */ - public function getLoginUrl($params = array()) - { - $this->establishCSRFTokenState(); - $currentUrl = $this->getCurrentUrl(); - - // if 'scope' is passed as an array, convert to comma separated list - $scopeParams = isset($params['scope']) ? $params['scope'] : null; - if ($scopeParams && is_array($scopeParams)) { - $params['scope'] = implode(',', $scopeParams); - } - - return $this->getUrl( - 'www', - 'dialog/oauth', - array_merge( - array( - 'client_id' => $this->getAppId(), - 'redirect_uri' => $currentUrl, // possibly overwritten - 'state' => $this->state - ), - $params - ) - ); - } - - /** - * Get a Logout URL suitable for use with redirects. - * - * The parameters: - * - next: the url to go to after a successful logout - * - * @param array $params Provide custom parameters - * @return string The URL for the logout flow - */ - public function getLogoutUrl($params = array()) - { - return $this->getUrl( - 'www', - 'logout.php', - array_merge( - array( - 'next' => $this->getCurrentUrl(), - 'access_token' => $this->getUserAccessToken(), - ), - $params - ) - ); - } - - /** - * Get a login status URL to fetch the status from Facebook. - * - * The parameters: - * - ok_session: the URL to go to if a session is found - * - no_session: the URL to go to if the user is not connected - * - no_user: the URL to go to if the user is not signed into facebook - * - * @param array $params Provide custom parameters - * @return string The URL for the logout flow - */ - public function getLoginStatusUrl($params = array()) - { - return $this->getUrl( - 'www', - 'extern/login_status.php', - array_merge( - array( - 'api_key' => $this->getAppId(), - 'no_session' => $this->getCurrentUrl(), - 'no_user' => $this->getCurrentUrl(), - 'ok_session' => $this->getCurrentUrl(), - 'session_version' => 3, - ), - $params - ) - ); - } - - /** - * Make an API call. - * - * @return mixed The decoded response - */ - public function api() - { - $args = func_get_args(); - if (is_array($args[0])) { - return $this->restServer($args[0]); - } else { - return call_user_func_array(array($this, 'graph'), $args); - } - } - - /** - * Constructs and returns the name of the cookie that - * potentially houses the signed request for the app user. - * The cookie is not set by the BaseFacebook class, but - * it may be set by the JavaScript SDK. - * - * @return string the name of the cookie that would house - * the signed request value. - */ - protected function getSignedRequestCookieName() - { - return 'fbsr_' . $this->getAppId(); - } - - /** - * Constructs and returns the name of the coookie that potentially contain - * metadata. The cookie is not set by the BaseFacebook class, but it may be - * set by the JavaScript SDK. - * - * @return string the name of the cookie that would house metadata. - */ - protected function getMetadataCookieName() - { - return 'fbm_' . $this->getAppId(); - } - - /** - * Get the authorization code from the query parameters, if it exists, - * and otherwise return false to signal no authorization code was - * discoverable. - * - * @return mixed The authorization code, or false if the authorization - * code could not be determined. - */ - protected function getCode() - { - if (isset($_REQUEST['code'])) { - if ($this->state !== null && - isset($_REQUEST['state']) && - $this->state === $_REQUEST['state'] - ) { - // CSRF state has done its job, so clear it - $this->state = null; - $this->clearPersistentData('state'); - return $_REQUEST['code']; - } else { - self::errorLog('CSRF state token does not match one provided.'); - return false; - } - } - - return false; - } - - /** - * Retrieves the UID with the understanding that - * $this->accessToken has already been set and is - * seemingly legitimate. It relies on Facebook's Graph API - * to retrieve user information and then extract - * the user ID. - * - * @return integer Returns the UID of the Facebook user, or 0 - * if the Facebook user could not be determined. - */ - protected function getUserFromAccessToken() - { - try { - $user_info = $this->api('/me'); - return $user_info['id']; - } catch (FacebookApiException $e) { - return 0; - } - } - - /** - * Returns the access token that should be used for logged out - * users when no authorization code is available. - * - * @return string The application access token, useful for gathering - * public information about users and applications. - */ - protected function getApplicationAccessToken() - { - return $this->appId . '|' . $this->appSecret; - } - - /** - * Lays down a CSRF state token for this process. - * - * @return void - */ - protected function establishCSRFTokenState() - { - if ($this->state === null) { - $this->state = md5(uniqid(mt_rand(), true)); - $this->setPersistentData('state', $this->state); - } - } - - /** - * Retrieves an access token for the given authorization code - * (previously generated from www.facebook.com on behalf of - * a specific user). The authorization code is sent to graph.facebook.com - * and a legitimate access token is generated provided the access token - * and the user for which it was generated all match, and the user is - * either logged in to Facebook or has granted an offline access permission. - * - * @param string $code An authorization code. - * @param string $redirect_uri - * @return mixed An access token exchanged for the authorization code, or - * false if an access token could not be generated. - */ - protected function getAccessTokenFromCode($code, $redirect_uri = null) - { - if (empty($code)) { - return false; - } - - if ($redirect_uri === null) { - $redirect_uri = $this->getCurrentUrl(); - } - - try { - // need to circumvent json_decode by calling _oauthRequest - // directly, since response isn't JSON format. - $access_token_response = - $this->oauthRequest( - $this->getUrl('graph', '/oauth/access_token'), - $params = array( - 'client_id' => $this->getAppId(), - 'client_secret' => $this->getAppSecret(), - 'redirect_uri' => $redirect_uri, - 'code' => $code - ) - ); - } catch (FacebookApiException $e) { - // most likely that user very recently revoked authorization. - // In any event, we don't have an access token, so say so. - return false; - } - - if (empty($access_token_response)) { - return false; - } - - $response_params = array(); - parse_str($access_token_response, $response_params); - if (!isset($response_params['access_token'])) { - return false; - } - - return $response_params['access_token']; - } - - /** - * Invoke the old restserver.php endpoint. - * - * @param array $params Method call object - * - * @return mixed The decoded response object - * @throws FacebookApiException - */ - protected function restServer($params) - { - // generic application level parameters - $params['api_key'] = $this->getAppId(); - $params['format'] = 'json-strings'; - - $result = json_decode( - $this->oauthRequest( - $this->getApiUrl($params['method']), - $params - ), - true - ); - - // results are returned, errors are thrown - if (is_array($result) && isset($result['error_code'])) { - $this->throwAPIException($result); - // @codeCoverageIgnoreStart - } - // @codeCoverageIgnoreEnd - - $method = strtolower($params['method']); - if ($method === 'auth.expiresession' || - $method === 'auth.revokeauthorization' - ) { - $this->destroySession(); - } - - return $result; - } - - /** - * Return true if this is video post. - * - * @param string $path The path - * @param string $method The http method (default 'GET') - * - * @return boolean true if this is video post - */ - protected function isVideoPost($path, $method = 'GET') - { - if ($method == 'POST' && preg_match("/^(\/)(.+)(\/)(videos)$/", $path)) { - return true; - } - return false; - } - - /** - * Invoke the Graph API. - * - * @param string $path The path (required) - * @param string $method The http method (default 'GET') - * @param array $params The query/post data - * - * @return mixed The decoded response object - * @throws FacebookApiException - */ - protected function graph($path, $method = 'GET', $params = array()) - { - if (is_array($method) && empty($params)) { - $params = $method; - $method = 'GET'; - } - $params['method'] = $method; // method override as we always do a POST - - if ($this->isVideoPost($path, $method)) { - $domainKey = 'graph_video'; - } else { - $domainKey = 'graph'; - } - - $result = json_decode( - $this->oauthRequest( - $this->getUrl($domainKey, $path), - $params - ), - true - ); - - // results are returned, errors are thrown - if (is_array($result) && isset($result['error'])) { - $this->throwAPIException($result); - // @codeCoverageIgnoreStart - } - // @codeCoverageIgnoreEnd - - return $result; - } - - /** - * Make a OAuth Request. - * - * @param string $url The path (required) - * @param array $params The query/post data - * - * @return string The decoded response object - * @throws FacebookApiException - */ - protected function oauthRequest($url, $params) - { - if (!isset($params['access_token'])) { - $params['access_token'] = $this->getAccessToken(); - } - - if (isset($params['access_token'])) { - $params['appsecret_proof'] = $this->getAppSecretProof($params['access_token']); - } - - // json_encode all params values that are not strings - foreach ($params as $key => $value) { - if (!is_string($value)) { - $params[$key] = json_encode($value); - } - } - - return $this->makeRequest($url, $params); - } - - /** - * Generate a proof of App Secret - * This is required for all API calls originating from a server - * It is a sha256 hash of the access_token made using the app secret - * - * @param string $access_token The access_token to be hashed (required) - * - * @return string The sha256 hash of the access_token - */ - protected function getAppSecretProof($access_token) - { - return hash_hmac('sha256', $access_token, $this->getAppSecret()); - } - - /** - * Makes an HTTP request. This method can be overridden by subclasses if - * developers want to do fancier things or use something other than curl to - * make the request. - * - * @param string $url The URL to make the request to - * @param array $params The parameters to use for the POST body - * @param resource $ch Initialized curl handle - * - * @throws FacebookApiException - * @return string The response text - */ - protected function makeRequest($url, $params, $ch = null) - { - if (!$ch) { - $ch = curl_init(); - } - - $opts = self::$CURL_OPTS; - if ($this->getFileUploadSupport()) { - $opts[CURLOPT_POSTFIELDS] = $params; - } else { - $opts[CURLOPT_POSTFIELDS] = http_build_query($params, null, '&'); - } - $opts[CURLOPT_URL] = $url; - - // disable the 'Expect: 100-continue' behaviour. This causes CURL to wait - // for 2 seconds if the server does not support this header. - if (isset($opts[CURLOPT_HTTPHEADER])) { - $existing_headers = $opts[CURLOPT_HTTPHEADER]; - $existing_headers[] = 'Expect:'; - $opts[CURLOPT_HTTPHEADER] = $existing_headers; - } else { - $opts[CURLOPT_HTTPHEADER] = array('Expect:'); - } - - curl_setopt_array($ch, $opts); - $result = curl_exec($ch); - - if (curl_errno($ch) == 60) { -// CURLE_SSL_CACERT - self::errorLog( - 'Invalid or no certificate authority found, ' . - 'using bundled information' - ); - curl_setopt( - $ch, - CURLOPT_CAINFO, - dirname(__FILE__) . '/fb_ca_chain_bundle.crt' - ); - $result = curl_exec($ch); - } - - // With dual stacked DNS responses, it's possible for a server to - // have IPv6 enabled but not have IPv6 connectivity. If this is - // the case, curl will try IPv4 first and if that fails, then it will - // fall back to IPv6 and the error EHOSTUNREACH is returned by the - // operating system. - if ($result === false && empty($opts[CURLOPT_IPRESOLVE])) { - $matches = array(); - $regex = '/Failed to connect to ([^:].*): Network is unreachable/'; - if (preg_match($regex, curl_error($ch), $matches)) { - if (strlen(@inet_pton($matches[1])) === 16) { - self::errorLog( - 'Invalid IPv6 configuration on server, ' . - 'Please disable or get native IPv6 on your server.' - ); - self::$CURL_OPTS[CURLOPT_IPRESOLVE] = CURL_IPRESOLVE_V4; - curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4); - $result = curl_exec($ch); - } - } - } - - if ($result === false) { - $e = new FacebookApiException( - array( - 'error_code' => curl_errno($ch), - 'error' => array( - 'message' => curl_error($ch), - 'type' => 'CurlException', - ), - ) - ); - curl_close($ch); - /** @var $e FacebookApiException */ - throw $e; - } - curl_close($ch); - return $result; - } - - /** - * Parses a signed_request and validates the signature. - * - * @param string $signed_request A signed token - * @return array The payload inside it or null if the sig is wrong - */ - protected function parseSignedRequest($signed_request) - { - list($encoded_sig, $payload) = explode('.', $signed_request, 2); - - // decode the data - $sig = self::base64UrlDecode($encoded_sig); - $data = json_decode(self::base64UrlDecode($payload), true); - - if (strtoupper($data['algorithm']) !== self::SIGNED_REQUEST_ALGORITHM) { - self::errorLog( - 'Unknown algorithm. Expected ' . self::SIGNED_REQUEST_ALGORITHM - ); - return null; - } - - // check sig - $expected_sig = hash_hmac( - 'sha256', - $payload, - $this->getAppSecret(), - $raw = true - ); - if ($sig !== $expected_sig) { - self::errorLog('Bad Signed JSON signature!'); - return null; - } - - return $data; - } - - /** - * Makes a signed_request blob using the given data. - * - * @param array $data The data array. - * @return string The signed request. - */ - protected function makeSignedRequest($data) - { - if (!is_array($data)) { - throw new \InvalidArgumentException( - 'makeSignedRequest expects an array. Got: ' . print_r($data, true) - ); - } - $data['algorithm'] = self::SIGNED_REQUEST_ALGORITHM; - $data['issued_at'] = time(); - $json = json_encode($data); - $b64 = self::base64UrlEncode($json); - $raw_sig = hash_hmac('sha256', $b64, $this->getAppSecret(), $raw = true); - $sig = self::base64UrlEncode($raw_sig); - return $sig . '.' . $b64; - } - - /** - * Build the URL for api given parameters. - * - * @param string $method String the method name. - * @return string The URL for the given parameters - */ - protected function getApiUrl($method) - { - static $READ_ONLY_CALLS = - array( - 'admin.getallocation' => 1, - 'admin.getappproperties' => 1, - 'admin.getbannedusers' => 1, - 'admin.getlivestreamvialink' => 1, - 'admin.getmetrics' => 1, - 'admin.getrestrictioninfo' => 1, - 'application.getpublicinfo' => 1, - 'auth.getapppublickey' => 1, - 'auth.getsession' => 1, - 'auth.getsignedpublicsessiondata' => 1, - 'comments.get' => 1, - 'connect.getunconnectedfriendscount' => 1, - 'dashboard.getactivity' => 1, - 'dashboard.getcount' => 1, - 'dashboard.getglobalnews' => 1, - 'dashboard.getnews' => 1, - 'dashboard.multigetcount' => 1, - 'dashboard.multigetnews' => 1, - 'data.getcookies' => 1, - 'events.get' => 1, - 'events.getmembers' => 1, - 'fbml.getcustomtags' => 1, - 'feed.getappfriendstories' => 1, - 'feed.getregisteredtemplatebundlebyid' => 1, - 'feed.getregisteredtemplatebundles' => 1, - 'fql.multiquery' => 1, - 'fql.query' => 1, - 'friends.arefriends' => 1, - 'friends.get' => 1, - 'friends.getappusers' => 1, - 'friends.getlists' => 1, - 'friends.getmutualfriends' => 1, - 'gifts.get' => 1, - 'groups.get' => 1, - 'groups.getmembers' => 1, - 'intl.gettranslations' => 1, - 'links.get' => 1, - 'notes.get' => 1, - 'notifications.get' => 1, - 'pages.getinfo' => 1, - 'pages.isadmin' => 1, - 'pages.isappadded' => 1, - 'pages.isfan' => 1, - 'permissions.checkavailableapiaccess' => 1, - 'permissions.checkgrantedapiaccess' => 1, - 'photos.get' => 1, - 'photos.getalbums' => 1, - 'photos.gettags' => 1, - 'profile.getinfo' => 1, - 'profile.getinfooptions' => 1, - 'stream.get' => 1, - 'stream.getcomments' => 1, - 'stream.getfilters' => 1, - 'users.getinfo' => 1, - 'users.getloggedinuser' => 1, - 'users.getstandardinfo' => 1, - 'users.hasapppermission' => 1, - 'users.isappuser' => 1, - 'users.isverified' => 1, - 'video.getuploadlimits' => 1 - ); - $name = 'api'; - if (isset($READ_ONLY_CALLS[strtolower($method)])) { - $name = 'api_read'; - } elseif (strtolower($method) == 'video.upload') { - $name = 'api_video'; - } - return self::getUrl($name, 'restserver.php'); - } - - /** - * Build the URL for given domain alias, path and parameters. - * - * @param string $name string The name of the domain - * @param $path string Optional path (without a leading slash) - * @param $params array Optional query parameters - * - * @return string The URL for the given parameters - */ - protected function getUrl($name, $path = '', $params = array()) - { - $url = self::$DOMAIN_MAP[$name]; - if ($path) { - if ($path[0] === '/') { - $path = substr($path, 1); - } - $url .= $path; - } - if ($params) { - $url .= '?' . http_build_query($params, null, '&'); - } - - return $url; - } - - protected function getHttpHost() - { - if ($this->trustForwarded && isset($_SERVER['HTTP_X_FORWARDED_HOST'])) { - return $_SERVER['HTTP_X_FORWARDED_HOST']; - } - return $_SERVER['HTTP_HOST']; - } - - protected function getHttpProtocol() - { - if ($this->trustForwarded && isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) { - if ($_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') { - return 'https'; - } - return 'http'; - } - /*apache + variants specific way of checking for https*/ - if (isset($_SERVER['HTTPS']) && - ($_SERVER['HTTPS'] === 'on' || $_SERVER['HTTPS'] == 1) - ) { - return 'https'; - } - /*nginx way of checking for https*/ - if (isset($_SERVER['SERVER_PORT']) && - ($_SERVER['SERVER_PORT'] === '443') - ) { - return 'https'; - } - return 'http'; - } - - /** - * Get the base domain used for the cookie. - */ - protected function getBaseDomain() - { - // The base domain is stored in the metadata cookie if not we fallback - // to the current hostname - $metadata = $this->getMetadataCookie(); - if (array_key_exists('base_domain', $metadata) && - !empty($metadata['base_domain']) - ) { - return trim($metadata['base_domain'], '.'); - } - return $this->getHttpHost(); - } - - /** - * Returns the Current URL, stripping it of known FB parameters that should - * not persist. - * - * @return string The current URL - */ - protected function getCurrentUrl() - { - $protocol = $this->getHttpProtocol() . '://'; - $host = $this->getHttpHost(); - $currentUrl = $protocol . $host . $_SERVER['REQUEST_URI']; - $parts = parse_url($currentUrl); - - $query = ''; - if (!empty($parts['query'])) { - // drop known fb params - $params = explode('&', $parts['query']); - $retained_params = array(); - foreach ($params as $param) { - if ($this->shouldRetainParam($param)) { - $retained_params[] = $param; - } - } - - if (!empty($retained_params)) { - $query = '?' . implode($retained_params, '&'); - } - } - - // use port if non default - $port = - isset($parts['port']) && - (($protocol === 'http://' && $parts['port'] !== 80) || - ($protocol === 'https://' && $parts['port'] !== 443)) - ? ':' . $parts['port'] : ''; - - // rebuild - return $protocol . $parts['host'] . $port . $parts['path'] . $query; - } - - /** - * Returns true if and only if the key or key/value pair should - * be retained as part of the query string. This amounts to - * a brute-force search of the very small list of Facebook-specific - * params that should be stripped out. - * - * @param string $param A key or key/value pair within a URL's query (e.g. - * 'foo=a', 'foo=', or 'foo'. - * - * @return boolean - */ - protected function shouldRetainParam($param) - { - foreach (self::$DROP_QUERY_PARAMS as $drop_query_param) { - if (strpos($param, $drop_query_param . '=') === 0) { - return false; - } - } - - return true; - } - - /** - * Analyzes the supplied result to see if it was thrown - * because the access token is no longer valid. If that is - * the case, then we destroy the session. - * - * @param $result array A record storing the error message returned - * by a failed API call. - * @throws FacebookApiException - */ - protected function throwAPIException($result) - { - $e = new FacebookApiException($result); - - switch ($e->getType()) { - // OAuth 2.0 Draft 00 style - case 'OAuthException': - // OAuth 2.0 Draft 10 style - case 'invalid_token': - // REST server errors are just Exceptions - case 'Exception': - $message = $e->getMessage(); - if ((strpos($message, 'Error validating access token') !== false) || - (strpos($message, 'Invalid OAuth access token') !== false) || - (strpos($message, 'An active access token must be used') !== false) - ) { - $this->destroySession(); - } - break; - } - - /** @var $e FacebookApiException */ - throw $e; - } - - - /** - * Prints to the error log if you aren't in command line mode. - * - * @param string $msg Log message - */ - protected static function errorLog($msg) - { - // disable error log if we are running in a CLI environment - // @codeCoverageIgnoreStart - if (php_sapi_name() != 'cli') { - error_log($msg); - } - // uncomment this if you want to see the errors on the page - // print 'error_log: '.$msg."\n"; - // @codeCoverageIgnoreEnd - } - - /** - * Base64 encoding that doesn't need to be urlencode()ed. - * Exactly the same as base64_encode except it uses - * - instead of + - * _ instead of / - * No padded = - * - * @param string $input base64UrlEncoded string - * @return string - */ - protected static function base64UrlDecode($input) - { - return base64_decode(strtr($input, '-_', '+/')); - } - - /** - * Base64 encoding that doesn't need to be urlencode()ed. - * Exactly the same as base64_encode except it uses - * - instead of + - * _ instead of / - * - * @param string $input string - * @return string base64Url encoded string - */ - protected static function base64UrlEncode($input) - { - $str = strtr(base64_encode($input), '+/', '-_'); - $str = str_replace('=', '', $str); - return $str; - } - - /** - * Destroy the current session - */ - public function destroySession() - { - $this->accessToken = null; - $this->signedRequest = null; - $this->user = null; - $this->clearAllPersistentData(); - - // Javascript sets a cookie that will be used in getSignedRequest that we - // need to clear if we can - $cookie_name = $this->getSignedRequestCookieName(); - if (array_key_exists($cookie_name, $_COOKIE)) { - unset($_COOKIE[$cookie_name]); - if (!headers_sent()) { - $base_domain = $this->getBaseDomain(); - setcookie($cookie_name, '', 1, '/', '.' . $base_domain); - } else { - // @codeCoverageIgnoreStart - self::errorLog( - 'There exists a cookie that we wanted to clear that we couldn\'t ' . - 'clear because headers was already sent. Make sure to do the first ' . - 'API call before outputing anything.' - ); - // @codeCoverageIgnoreEnd - } - } - } - - /** - * Parses the metadata cookie that our Javascript API set - * - * @return array mapping key to value - */ - protected function getMetadataCookie() - { - $cookie_name = $this->getMetadataCookieName(); - if (!array_key_exists($cookie_name, $_COOKIE)) { - return array(); - } - - // The cookie value can be wrapped in "-characters so remove them - $cookie_value = trim($_COOKIE[$cookie_name], '"'); - - if (empty($cookie_value)) { - return array(); - } - - $parts = explode('&', $cookie_value); - $metadata = array(); - foreach ($parts as $part) { - $pair = explode('=', $part, 2); - if (!empty($pair[0])) { - $metadata[urldecode($pair[0])] = - (count($pair) > 1) ? urldecode($pair[1]) : ''; - } - } - - return $metadata; - } - - protected static function isAllowedDomain($big, $small) - { - if ($big === $small) { - return true; - } - return self::endsWith($big, '.' . $small); - } - - /** - * @param string $big - * @param string $small - * @return bool - */ - protected static function endsWith($big, $small) - { - $len = strlen($small); - if ($len === 0) { - return true; - } - return substr($big, -$len) === $small; - } - - /** - * Each of the following four methods should be overridden in - * a concrete subclass, as they are in the provided Facebook class. - * The Facebook class uses PHP sessions to provide a primitive - * persistent store, but another subclass--one that you implement-- - * might use a database, memcache, or an in-memory cache. - * - * @see Facebook - */ - - /** - * Stores the given ($key, $value) pair, so that future calls to - * getPersistentData($key) return $value. This call may be in another request. - * - * @param string $key - * @param mixed $value - * - * @return void - */ - abstract protected function setPersistentData($key, $value); - - /** - * Get the data for $key, persisted by BaseFacebook::setPersistentData() - * - * @param string $key The key of the data to retrieve - * @param boolean $default The default value to return if $key is not found - * - * @return mixed - */ - abstract protected function getPersistentData($key, $default = false); - - /** - * Clear the data with $key from the persistent storage - * - * @param string $key - * @return void - */ - abstract protected function clearPersistentData($key); - - /** - * Clear all data from the persistent storage - * - * @return void - */ - abstract protected function clearAllPersistentData(); -} diff --git a/application/models/Facebook/Facebook.php b/application/models/Facebook/Facebook.php deleted file mode 100644 index bcbae52f..00000000 --- a/application/models/Facebook/Facebook.php +++ /dev/null @@ -1,174 +0,0 @@ -initSharedSession(); - } - } - - protected static $kSupportedKeys = - array('state', 'code', 'access_token', 'user_id'); - - protected function initSharedSession() - { - $cookie_name = $this->getSharedSessionCookieName(); - if (isset($_COOKIE[$cookie_name])) { - $data = $this->parseSignedRequest($_COOKIE[$cookie_name]); - if ($data && !empty($data['domain']) && - self::isAllowedDomain($this->getHttpHost(), $data['domain']) - ) { - // good case - $this->sharedSessionID = $data['id']; - return; - } - // ignoring potentially unreachable data - } - // evil/corrupt/missing case - $base_domain = $this->getBaseDomain(); - $this->sharedSessionID = md5(uniqid(mt_rand(), true)); - $cookie_value = $this->makeSignedRequest( - array( - 'domain' => $base_domain, - 'id' => $this->sharedSessionID, - ) - ); - $_COOKIE[$cookie_name] = $cookie_value; - if (!headers_sent()) { - $expire = time() + self::FBSS_COOKIE_EXPIRE; - setcookie($cookie_name, $cookie_value, $expire, '/', '.' . $base_domain); - } else { - // @codeCoverageIgnoreStart - self::errorLog( - 'Shared session ID cookie could not be set! You must ensure you ' . - 'create the Facebook instance before headers have been sent. This ' . - 'will cause authentication issues after the first request.' - ); - // @codeCoverageIgnoreEnd - } - } - - /** - * Provides the implementations of the inherited abstract - * methods. The implementation uses PHP sessions to maintain - * a store for authorization codes, user ids, CSRF states, and - * access tokens. - */ - protected function setPersistentData($key, $value) - { - if (!in_array($key, self::$kSupportedKeys)) { - self::errorLog('Unsupported key passed to setPersistentData.'); - return; - } - - $session_var_name = $this->constructSessionVariableName($key); - $_SESSION[$session_var_name] = $value; - } - - protected function getPersistentData($key, $default = false) - { - if (!in_array($key, self::$kSupportedKeys)) { - self::errorLog('Unsupported key passed to getPersistentData.'); - return $default; - } - - $session_var_name = $this->constructSessionVariableName($key); - return isset($_SESSION[$session_var_name]) ? - $_SESSION[$session_var_name] : $default; - } - - protected function clearPersistentData($key) - { - if (!in_array($key, self::$kSupportedKeys)) { - self::errorLog('Unsupported key passed to clearPersistentData.'); - return; - } - - $session_var_name = $this->constructSessionVariableName($key); - unset($_SESSION[$session_var_name]); - } - - protected function clearAllPersistentData() - { - foreach (self::$kSupportedKeys as $key) { - $this->clearPersistentData($key); - } - if ($this->sharedSessionID) { - $this->deleteSharedSessionCookie(); - } - } - - protected function deleteSharedSessionCookie() - { - $cookie_name = $this->getSharedSessionCookieName(); - unset($_COOKIE[$cookie_name]); - $base_domain = $this->getBaseDomain(); - setcookie($cookie_name, '', 1, '/', '.' . $base_domain); - } - - protected function getSharedSessionCookieName() - { - return self::FBSS_COOKIE_NAME . '_' . $this->getAppId(); - } - - /** - * @param string $key - * @return string - */ - protected function constructSessionVariableName($key) - { - $parts = array('fb', $this->getAppId(), $key); - if ($this->sharedSessionID) { - array_unshift($parts, $this->sharedSessionID); - } - return implode('_', $parts); - } -} diff --git a/application/models/Facebook/FacebookApiException.php b/application/models/Facebook/FacebookApiException.php deleted file mode 100644 index bf7fa253..00000000 --- a/application/models/Facebook/FacebookApiException.php +++ /dev/null @@ -1,96 +0,0 @@ - - */ -class FacebookApiException extends \Exception -{ - /** - * The result from the API server that represents the exception information. - */ - protected $result; - - /** - * Make a new API Exception with the given result. - * - * @param array $result The result from the API server - */ - public function __construct($result) - { - $this->result = $result; - - $code = isset($result['error_code']) ? $result['error_code'] : 0; - - if (isset($result['error_description'])) { - // OAuth 2.0 Draft 10 style - $msg = $result['error_description']; - } else { - if (isset($result['error']) && is_array($result['error'])) { - // OAuth 2.0 Draft 00 style - $msg = $result['error']['message']; - } else { - if (isset($result['error_msg'])) { - // Rest server style - $msg = $result['error_msg']; - } else { - $msg = 'Unknown Error. Check getResult()'; - } - } - } - - parent::__construct($msg, $code); - } - - /** - * Return the associated result object returned by the API server. - * - * @return array The result from the API server - */ - public function getResult() - { - return $this->result; - } - - /** - * Returns the associated type for the error. This will default to - * 'Exception' when a type is not available. - * - * @return string - */ - public function getType() - { - if (isset($this->result['error'])) { - $error = $this->result['error']; - if (is_string($error)) { - // OAuth 2.0 Draft 10 style - return $error; - } else { - if (is_array($error)) { - // OAuth 2.0 Draft 00 style - if (isset($error['type'])) { - return $error['type']; - } - } - } - } - - return 'Exception'; - } - - /** - * To make debugging easier. - * - * @return string The string representation of the error - */ - public function __toString() - { - $str = $this->getType() . ': '; - if ($this->code != 0) { - $str .= $this->code . ': '; - } - return $str . $this->message; - } -} diff --git a/composer.json b/composer.json index ea437b57..4dbe06da 100644 --- a/composer.json +++ b/composer.json @@ -7,7 +7,6 @@ "php": ">=5.4", "bluzphp/framework": "~0.9", "phpmailer/phpmailer": "~5.2", - "guzzle/guzzle": "~3.8", "zircote/swagger-php": "~0.9", "hybridauth/hybridauth": "dev-master" }, From d0b34dbdfe6b324bb7c70556d1e47fb72bb9c703 Mon Sep 17 00:00:00 2001 From: yuklia Date: Wed, 13 May 2015 15:33:59 +0300 Subject: [PATCH 46/46] .gitignore was added to public --- application/models/Auth/AuthProvider.php | 3 ++- public/.gitignore | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) create mode 100644 public/.gitignore diff --git a/application/models/Auth/AuthProvider.php b/application/models/Auth/AuthProvider.php index 9c910491..8e8a5ddd 100644 --- a/application/models/Auth/AuthProvider.php +++ b/application/models/Auth/AuthProvider.php @@ -39,7 +39,8 @@ class AuthProvider implements AuthInterface public function __construct($providerName) { if (!in_array(ucfirst($providerName), $this->getAvailableProviders())) { - throw new ApplicationException(sprintf('Provider % is not defined in configuration file', ucfirst($providerName))); + throw new ApplicationException(sprintf('Provider % is not defined + in configuration file', ucfirst($providerName))); } $this->providerName = ucfirst($providerName); } diff --git a/public/.gitignore b/public/.gitignore new file mode 100644 index 00000000..3d0dbe44 --- /dev/null +++ b/public/.gitignore @@ -0,0 +1 @@ +tests/ \ No newline at end of file