diff --git a/README.md b/README.md index 2bd2e7464..3477492ad 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# HybridAuth 2.0.11-dev +# HybridAuth 2.1.0-dev HybridAuth enables developers to easily build social applications and tools to engage websites vistors and customers on a social level by implementing @@ -37,7 +37,7 @@ HybridAuth repository is made up of several projects: MySpace, Google, Yahoo, Windows Live, Foursquare and AOL. - **The additional providers project** contains many others services which you may want to use, -- **Examples and demos** contains three working examples for you to test, +- **Examples and demos** contains five working examples for you to test, ## Getting Started diff --git a/hybridauth/Hybrid/Auth.php b/hybridauth/Hybrid/Auth.php index 8b4202301..dea2d1889 100644 --- a/hybridauth/Hybrid/Auth.php +++ b/hybridauth/Hybrid/Auth.php @@ -1,8 +1,8 @@ getSessionData() ); Hybrid_Logger::info( "Hybrid_Auth initialize: check if any error is stored on the endpoint..." ); if( Hybrid_Error::hasError() ){ diff --git a/hybridauth/Hybrid/Endpoint.php b/hybridauth/Hybrid/Endpoint.php index 3772f4166..03d8ee1cb 100644 --- a/hybridauth/Hybrid/Endpoint.php +++ b/hybridauth/Hybrid/Endpoint.php @@ -1,8 +1,8 @@ config( "CONFIG" ) ) { header( "HTTP/1.0 404 Not Found" ); die( "You cannot access this page directly." ); } - Hybrid_Auth::initialize( unserialize( $_SESSION["HA::CONFIG"] ) ); + Hybrid_Auth::initialize( $storage->config( "CONFIG" ) ); } catch ( Exception $e ){ Hybrid_Logger::error( "Endpoint: Error while trying to init Hybrid_Auth" ); diff --git a/hybridauth/Hybrid/Error.php b/hybridauth/Hybrid/Error.php index 0f4a1046e..f795e1ee7 100644 --- a/hybridauth/Hybrid/Error.php +++ b/hybridauth/Hybrid/Error.php @@ -1,8 +1,8 @@ set( "hauth_session.{$this->id}.hauth_endpoint" , $this->params["login_done"] ); Hybrid_Auth::storage()->set( "hauth_session.{$this->id}.id_provider_params" , $this->params ); - // store config to be used by the end point - $_SESSION["HA::CONFIG"] = serialize( Hybrid_Auth::$config ); + // store config to be used by the end point + Hybrid_Auth::storage()->config( "CONFIG", Hybrid_Auth::$config ); // move on Hybrid_Logger::debug( "Hybrid_Provider_Adapter::login( {$this->id} ), redirect the user to login_start URL.", $this->params ); diff --git a/hybridauth/Hybrid/Provider_Model.php b/hybridauth/Hybrid/Provider_Model.php index 2c9134fbe..276b5cffb 100644 --- a/hybridauth/Hybrid/Provider_Model.php +++ b/hybridauth/Hybrid/Provider_Model.php @@ -1,8 +1,8 @@ array ( - * "enabled" => true, - * "wrapper" => array( "path" => "Providers/GoogleOpenID.php", "class" => "Hybrid_Providers_Google" ) - * ) - */ -class Hybrid_Providers_Google extends Hybrid_Provider_Model_OpenID -{ - var $openidIdentifier = "https://www.google.com/accounts/o8/id"; - - /** - * finish login step - */ - function loginFinish() - { - parent::loginFinish(); - - $this->user->profile->emailVerified = $this->user->profile->email; - - // restore the user profile - Hybrid_Auth::storage()->set( "hauth_session.{$this->providerId}.user", $this->user ); - } -} diff --git a/hybridauth/Hybrid/Providers/LinkedIn.php b/hybridauth/Hybrid/Providers/LinkedIn.php index 982770ff2..9646e156b 100644 --- a/hybridauth/Hybrid/Providers/LinkedIn.php +++ b/hybridauth/Hybrid/Providers/LinkedIn.php @@ -1,8 +1,8 @@ + * @version 0.1 + * @license BSD License + */ + +/** + * Hybrid_Providers_Live - Windows Live provider adapter based on OAuth2 protocol */ -class Hybrid_Providers_Live extends Hybrid_Provider_Model +class Hybrid_Providers_Live extends Hybrid_Provider_Model_OAuth2 { + // default permissions + public $scope = "wl.basic wl.emails wl.signin wl.share wl.birthday"; + + /** * IDp wrappers initializer */ function initialize() { - if ( ! $this->config["keys"]["id"] || ! $this->config["keys"]["secret"] ){ - throw new Exception( "Your application id and secret are required in order to connect to {$this->providerId}.", 4 ); - } - - // Application Specific Globals - define( 'WRAP_CLIENT_ID' , $this->config["keys"]["id"] ); - define( 'WRAP_CLIENT_SECRET', $this->config["keys"]["secret"] ); - define( 'WRAP_CALLBACK' , $this->endpoint ); - define( 'WRAP_CHANNEL_URL' , Hybrid_Auth::$config["base_url"] . "?get=windows_live_channel" ); - - // Live URLs required for making requests. - define('WRAP_CONSENT_URL' , 'https://consent.live.com/Connect.aspx'); - define('WRAP_ACCESS_URL' , 'https://consent.live.com/AccessToken.aspx'); - define('WRAP_REFRESH_URL' , 'https://consent.live.com/RefreshToken.aspx'); + parent::initialize(); - require_once Hybrid_Auth::$config["path_libraries"] . "WindowsLive/OAuthWrapHandler.php"; + // Provider api end-points + $this->api->api_base_url = "https://apis.live.net/v5.0/"; + $this->api->authorize_url = "https://oauth.live.com/authorize"; + $this->api->token_url = 'https://oauth.live.com/token'; - $this->api = new OAuthWrapHandler(); + $this->api->curl_authenticate_method = "GET"; } /** - * begin login step + * grab the user profile from the api client */ - function loginBegin() - { - $this->api->ExpireCookies(); - - Hybrid_Auth::redirect( WRAP_CONSENT_URL . "?wrap_client_id=" . WRAP_CLIENT_ID . "&wrap_callback=" . urlencode( WRAP_CALLBACK ) . "&wrap_scope=WL_Profiles.View" ); - } - - /** - * finish login step - */ - function loginFinish() + function getUserProfile() { - $response = $this->api->ProcessRequest(); + $data = $this->api->get( "me" ); - if ( ! isset( $response['c_uid'] ) || ! isset( $response['c_accessToken'] ) ){ - throw new Exception( "Authentification failed! {$this->providerId} returned an invalid Token.", 5 ); + if ( ! isset( $data->id ) ){ + throw new Exception( "User profile request failed! {$this->providerId} returned an invalide response.", 6 ); } - // set user as logged in - $this->setUserConnected(); + $this->user->profile->identifier = (property_exists($data,'id'))?$data->id:""; + $this->user->profile->firstName = (property_exists($data,'first_name'))?$data->first_name:""; + $this->user->profile->lastName = (property_exists($data,'last_name'))?$data->last_name:""; + $this->user->profile->displayName = (property_exists($data,'name'))?trim( $data->name ):""; + $this->user->profile->gender = (property_exists($data,'gender'))?$data->gender:""; - # store access token - $this->token( "access_token", $response['c_accessToken'] ); + //wl.basic + $this->user->profile->profileURL = (property_exists($data,'link'))?$data->link:""; - # store the user id. - $this->token( "user_id", $response['c_uid'] ); - } + //wl.emails + $this->user->profile->email = (property_exists($data,'emails'))?$data->emails->account:""; + $this->user->profile->emailVerified = (property_exists($data,'emails'))?$data->emails->account:""; - /** - * load the user profile from the IDp api client - */ - function getUserProfile() - { - try{ - $access_token = $this->token( "access_token" ); + //wl.birthday + $this->user->profile->birthDay = (property_exists($data,'birth_day'))?$data->birth_day:""; + $this->user->profile->birthMonth = (property_exists($data,'birth_month'))?$data->birth_month:""; + $this->user->profile->birthYear = (property_exists($data,'birth_year'))?$data->birth_year:""; - $user_id = $this->token( "user_id" ); + return $this->user->profile; + } - $info_url = 'http://apis.live.net/V4.1/cid-'. $user_id .'/Profiles/1-' . $user_id; - $response = $this->api->GET( $info_url, false, $access_token ); + /** + * load the current logged in user contacts list from the IDp api client + */ - $response = json_decode( $response ); - } - catch( Exception $e ){ - throw new Exception( "User profile request failed! {$this->providerId} returned an error while requesting the user profile.", 6 ); + /* Windows Live api does not support retrieval of email addresses (only hashes :/) */ + function getUserContacts() + { + $response = $this->api->get( 'me/contacts' ); + + if ( $this->api->http_code != 200 ) + { + throw new Exception( 'User contacts request failed! ' . $this->providerId . ' returned an error: ' . $this->errorMessageByStatus( $this->api->http_code ) ); } - if ( ! is_object( $response ) ){ - throw new Exception( "User profile request failed! {$this->providerId} returned an invalid user data.", 6 ); + if ( ! $response->data && ( $response->error != 0 ) ) + { + return array(); } + + $contacts = array(); - $this->user->profile->identifier = $user_id; - $this->user->profile->firstName = (string) $response->FirstName; - $this->user->profile->lastName = (string) $response->LastName; - $this->user->profile->profileURL = (string) $response->UxLink; - $this->user->profile->gender = (string) $response->Gender; - $this->user->profile->email = (string) $response->Emails[0]->Address; - $this->user->profile->displayName = trim( $this->user->profile->firstName . " " . $this->user->profile->lastName ); + foreach( $response->data as $item ) { + $uc = new Hybrid_User_Contact(); - if( $this->user->profile->gender == 1 ){ - $this->user->profile->gender = "female"; - } - elseif( $this->user->profile->gender == 2 ){ - $this->user->profile->gender = "male"; - } - else{ - $this->user->profile->gender = ""; - } + $uc->identifier = (property_exists($item,'id'))?$item->id:""; + $uc->displayName = (property_exists($item,'name'))?$item->name:""; - return $this->user->profile; + $contacts[] = $uc; + } + + return $contacts; } } diff --git a/hybridauth/Hybrid/Providers/MySpace.php b/hybridauth/Hybrid/Providers/MySpace.php index 2d5806874..cf3f6a40b 100644 --- a/hybridauth/Hybrid/Providers/MySpace.php +++ b/hybridauth/Hybrid/Providers/MySpace.php @@ -1,8 +1,8 @@ set( "hauth_session.{$this->providerId}.user", $this->user ); } } - diff --git a/hybridauth/Hybrid/Providers/YahooOAuth.php b/hybridauth/Hybrid/Providers/YahooOAuth.php deleted file mode 100644 index cdf68c8ee..000000000 --- a/hybridauth/Hybrid/Providers/YahooOAuth.php +++ /dev/null @@ -1,47 +0,0 @@ -api->api_base_url = "http://social.yahooapis.com/v1/"; - $this->api->authorize_url = "https://api.login.yahoo.com/oauth/v2/request_auth"; - $this->api->request_token_url = "https://api.login.yahoo.com/oauth/v2/get_request_token"; - $this->api->access_token_url = "https://api.login.yahoo.com/oauth/v2/get_token"; - } - - /** - * load the user profile from the IDp api client - */ - function getUserProfile() - { - $response = $this->api->get( '.' ); - - // check the last HTTP status code returned - if ( $this->api->http_code != 200 ){ - throw new Exception( "User profile request failed! {$this->providerId} returned an error. " . $this->errorMessageByStatus( $this->api->http_code ), 6 ); - } - - // tODo - - return $this->user->profile; - } -} diff --git a/hybridauth/Hybrid/Storage.php b/hybridauth/Hybrid/Storage.php index cb25a57e9..ef7944148 100644 --- a/hybridauth/Hybrid/Storage.php +++ b/hybridauth/Hybrid/Storage.php @@ -1,8 +1,8 @@ config( "PHP_SESSION_ID", session_id() ); + $this->config( "VERSION", Hybrid_Auth::$version ); + } + + public function config($key, $value) + { + $key = strtolower( $key ); + + if( $value ){ + $_SESSION["HA::CONFIG"][$key] = serialize( $value ); + } + elseif( isset( $_SESSION["HA::CONFIG"][$key] ) ){ + return unserialize( $_SESSION["HA::CONFIG"][$key] ); } + + return NULL; } - public function get($key, $expiration = false) + public function get($key) { $key = strtolower( $key ); @@ -63,12 +82,16 @@ function deleteMatch($key) } function getSessionData() - { - return serialize( $_SESSION["HA::STORE"] ); + { + if( isset( $_SESSION["HA::STORE"] ) ){ + return serialize( $_SESSION["HA::STORE"] ); + } + + return NULL; } function restoreSessionData( $sessiondata = NULL ) { $_SESSION["HA::STORE"] = unserialize( $sessiondata ); - } + } } diff --git a/hybridauth/Hybrid/User.php b/hybridauth/Hybrid/User.php index 6187d6d4e..707999aa5 100644 --- a/hybridauth/Hybrid/User.php +++ b/hybridauth/Hybrid/User.php @@ -1,8 +1,8 @@ $this->redirect_uri, "code" => $code ); - - $response = $this->request( $this->token_url, $params, "POST" ); + + $response = $this->request( $this->token_url, $params, $this->curl_authenticate_method ); + $response = $this->parseRequestResult( $response ); if( ! $response || ! isset( $response->access_token ) ){ @@ -207,9 +209,7 @@ private function request( $url, $params=false, $type="GET" ) curl_setopt($ch, CURLOPT_POST, 1); if($params) curl_setopt( $ch, CURLOPT_POSTFIELDS, $params ); } - $response = curl_exec($ch); - Hybrid_Logger::debug( "OAuth2Client::request(). dump request info: ", serialize( curl_getinfo($ch) ) ); Hybrid_Logger::debug( "OAuth2Client::request(). dump request result: ", serialize( $response ) ); diff --git a/hybridauth/Hybrid/thirdparty/WindowsLive/OAuthWrapHandler.php b/hybridauth/Hybrid/thirdparty/WindowsLive/OAuthWrapHandler.php deleted file mode 100644 index 3ef8aee2a..000000000 --- a/hybridauth/Hybrid/thirdparty/WindowsLive/OAuthWrapHandler.php +++ /dev/null @@ -1,194 +0,0 @@ -ExpireCookies(); - $cookies_setup = $this->convertParamsToCookies($_REQUEST); - if(isset($cookies_setup['verification_code'])) - { - $auth_params = $this->getAuthorizationToken( - WRAP_ACCESS_URL - , WRAP_CLIENT_ID - , WRAP_CLIENT_SECRET - , WRAP_CALLBACK - , $cookies_setup['verification_code'] - ); - - unset($cookies_setup['verification_code']); - } - else - { - throw new Exception("No verification Code returned from Windows Live Services."); - } - - $cookies_auth = $this->convertParamsToCookies($auth_params); - $cookies = array_merge($cookies_setup, $cookies_auth); - $this->setAuthCookies($cookies); - - return $cookies; - } - - public function ExpireCookies() - { - setcookie ("c_accessToken", "", time() - 3600); - setcookie ("c_clientId", "", time() - 3600); - setcookie ("c_clientState", "", time() - 3600); - setcookie ("c_scope", "", time() - 3600); - setcookie ("c_error", "", time() - 3600); - setcookie ("c_uid", "", time() - 3600); - setcookie ("c_expiry", "", time() - 3600); - setcookie ("lca", "", time() - 3600); - } - - private function setAuthCookies($cookies) - { - foreach($cookies as $key => $value) - { - setcookie ($key, $value, time() + 36000); - } - setcookie ('c_clientId', WRAP_CLIENT_ID, time() + 36000); //clientID == appId - setcookie ('lca', 'done', time() + 36000); //lca //done - } - - private function convertParamsToCookies($array) - { - $cookies = array(); - - foreach(array_keys($array) as $getParam) - { - $getParam = urldecode($getParam); - switch($getParam) - { - case 'wrap_client_state': - $cookies['c_clientState'] = $array['wrap_client_state']; - break; - case 'wrap_verification_code': - $cookies['verification_code'] = $array['wrap_verification_code']; - break; - case 'exp': //scope - $cookies['c_scope'] = str_replace(';', ',',$array['exp']); - break; - case 'error_code': - $cookies['c_error'] = ' ' . $array['error_code']; - break; - case 'wrap_error_reason': - $cookies['c_error'] = ' ' . $array['wrap_error_reason']; - break; - case 'wrap_access_token': - $cookies['c_accessToken']= $array['wrap_access_token']; - break; - case 'wrap_access_token_expires_in': - $cookies['c_expiry']= date('j/m/Y g:i:s A', $array['wrap_access_token_expires_in']); - break; - case 'uid': - $cookies['c_uid']= $array['uid']; - break; - } - } - return $cookies; - } - - private function getAuthorizationToken($authUrl, $appId, $appSecret, $callbackUrl, $verificationCode) - { - $tokenRequest = 'wrap_client_id=' . urlencode($appId) - . '&wrap_client_secret=' . urlencode($appSecret) - . '&wrap_callback=' . urlencode($callbackUrl) - . '&wrap_verification_code=' . urlencode($verificationCode); - $response = $this->postWRAPRequest($authUrl, $tokenRequest); - return $this->parseWRAPResponse($response); - } - - private function postWRAPRequest($posturl, $postvars) - { - $ch = curl_init($posturl); - curl_setopt($ch, CURLOPT_POST, 1); - curl_setopt($ch, CURLOPT_POSTFIELDS, $postvars); - @ curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); - curl_setopt($ch, CURLOPT_HEADER, 1); - curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); - curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); - $Rec_Data = curl_exec($ch); - curl_close($ch); - - return urldecode($Rec_Data); - } - - private function parseWRAPResponse($response) - { - $pos = strpos($response, 'wrap_access_token='); - if ($pos === false) - { - $pos = strpos($response, 'wrap_error_reason='); - } - $codes = '?' . substr($response, $pos, strlen($response)); - - if (preg_match_all('/[?&]([^&=]+)=([^&=]+)/', $codes, $matches)) - { - for($i =0; $i < count($matches[1]); $i++) - { - $contents[$matches[1][$i]] = $matches[2][$i]; - } - } - else - { - throw new Exception('No matches for regular expression.'); - } - return $contents; - } - - public function GET($url,$params=false,$auth=false){ - - $url = $this->MakeUrl($url,$params); - // borrowed from Andy Langton: http://andylangton.co.uk/ - $ch = curl_init(); - curl_setopt($ch, CURLOPT_URL,$url); - curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); - - curl_setopt($ch,CURLOPT_HTTPHEADER,array ( - "Authorization: WRAP access_token=$auth", - "Content-Type: application/json", - "Accept: application/json" - )); - - if ( isset($_SERVER['HTTP_USER_AGENT']) ) { - curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT'] ); - }else { - // Handle the useragent like we are Google Chrome - curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.13 (KHTML, like Gecko) Chrome/0.X.Y.Z Safari/525.13.'); - } - curl_setopt($ch , CURLOPT_TIMEOUT, 30); - curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); - $result=curl_exec($ch); - $info=curl_getinfo($ch); - curl_close($ch); - - return $result; - } - - public function MakeUrl($url,$params){ - if(!empty($params) && $params){ - foreach($params as $k=>$v) $kv[] = "$k=$v"; - $url_params = str_replace(" ","+",implode('&',$kv)); - $url = trim($url) . '?' . $url_params; - } - return $url; - } -} diff --git a/hybridauth/index.php b/hybridauth/index.php index 77edaf78d..8d611b74e 100644 --- a/hybridauth/index.php +++ b/hybridauth/index.php @@ -1,8 +1,8 @@