Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Calling Facebook->getAccessTokenFromCode() raised no error when IP was not white-listed #54

Closed
wants to merge 2 commits into from

2 participants

@gboer

When calling the getAccessTokenFromCode method, no error was raised when the IP was not white-listed for the application. Or more general, no errors were detected if an error was returned from the Facebook servers using "OAuth 2.0 Draft 00 style".

gboer added some commits
@gboer gboer Removed extra whitespace and added proper handling of LinkedIn user p…
…rofiles with no telephone numbers
721f53b
@gboer gboer No error raised when access token is retrieved for blocked IPs
No error was raised when an access token was retrieved from an
IP that was not white-listed. Moved all the error code into
one method that detects both OAuth 2.0 00 style and OAuth 2.0
10 style.
0609c29
@hybridauth

Im not sure if this still relevant, but if it does, then please feel free to open a new one.

@hybridauth hybridauth closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Oct 19, 2012
  1. @gboer

    Removed extra whitespace and added proper handling of LinkedIn user p…

    gboer authored
    …rofiles with no telephone numbers
  2. @gboer

    No error raised when access token is retrieved for blocked IPs

    gboer authored
    No error was raised when an access token was retrieved from an
    IP that was not white-listed. Moved all the error code into
    one method that detects both OAuth 2.0 00 style and OAuth 2.0
    10 style.
This page is out of date. Refresh to see the latest.
View
103 hybridauth/Hybrid/Providers/LinkedIn.php 100644 → 100755
@@ -2,7 +2,7 @@
/*!
* HybridAuth
* http://hybridauth.sourceforge.net | http://github.com/hybridauth/hybridauth
-* (c) 2009-2012, HybridAuth authors | http://hybridauth.sourceforge.net/licenses.html
+* (c) 2009-2012, HybridAuth authors | http://hybridauth.sourceforge.net/licenses.html
*/
/**
@@ -15,18 +15,18 @@
class Hybrid_Providers_LinkedIn extends Hybrid_Provider_Model
{
/**
- * IDp wrappers initializer
+ * IDp wrappers initializer
*/
- function initialize()
+ function initialize()
{
if ( ! $this->config["keys"]["key"] || ! $this->config["keys"]["secret"] ){
throw new Exception( "Your application key and secret are required in order to connect to {$this->providerId}.", 4 );
- }
+ }
require_once Hybrid_Auth::$config["path_libraries"] . "OAuth/OAuth.php";
- require_once Hybrid_Auth::$config["path_libraries"] . "LinkedIn/LinkedIn.php";
-
- $this->api = new LinkedIn( array( 'appKey' => $this->config["keys"]["key"], 'appSecret' => $this->config["keys"]["secret"], 'callbackUrl' => $this->endpoint ) );
+ require_once Hybrid_Auth::$config["path_libraries"] . "LinkedIn/LinkedIn.php";
+
+ $this->api = new LinkedIn( array( 'appKey' => $this->config["keys"]["key"], 'appSecret' => $this->config["keys"]["secret"], 'callbackUrl' => $this->endpoint ) );
if( $this->token( "access_token_linkedin" ) ){
$this->api->setTokenAccess( $this->token( "access_token_linkedin" ) );
@@ -34,27 +34,27 @@ function initialize()
}
/**
- * begin login step
+ * begin login step
*/
function loginBegin()
{
- // send a request for a LinkedIn access token
- $response = $this->api->retrieveTokenRequest();
+ // send a request for a LinkedIn access token
+ $response = $this->api->retrieveTokenRequest();
- if( isset( $response['success'] ) && $response['success'] === TRUE ){
- $this->token( "oauth_token", $response['linkedin']['oauth_token'] );
- $this->token( "oauth_token_secret", $response['linkedin']['oauth_token_secret'] );
+ if( isset( $response['success'] ) && $response['success'] === TRUE ){
+ $this->token( "oauth_token", $response['linkedin']['oauth_token'] );
+ $this->token( "oauth_token_secret", $response['linkedin']['oauth_token_secret'] );
# redirect user to LinkedIn authorisation web page
Hybrid_Auth::redirect( LINKEDIN::_URL_AUTH . $response['linkedin']['oauth_token'] );
- }
+ }
else{
throw new Exception( "Authentification failed! {$this->providerId} returned an invalid Token.", 5 );
- }
+ }
}
/**
- * finish login step
+ * finish login step
*/
function loginFinish()
{
@@ -67,20 +67,20 @@ function loginFinish()
$response = $this->api->retrieveTokenAccess( $oauth_token, $this->token( "oauth_token_secret" ), $oauth_verifier );
- if( isset( $response['success'] ) && $response['success'] === TRUE ){
+ if( isset( $response['success'] ) && $response['success'] === TRUE ){
$this->deleteToken( "oauth_token" );
$this->deleteToken( "oauth_token_secret" );
- $this->token( "access_token_linkedin", $response['linkedin'] );
- $this->token( "access_token" , $response['linkedin']['oauth_token'] );
- $this->token( "access_token_secret" , $response['linkedin']['oauth_token_secret'] );
+ $this->token( "access_token_linkedin", $response['linkedin'] );
+ $this->token( "access_token" , $response['linkedin']['oauth_token'] );
+ $this->token( "access_token_secret" , $response['linkedin']['oauth_token_secret'] );
// set user as logged in
$this->setUserConnected();
- }
+ }
else{
throw new Exception( "Authentification failed! {$this->providerId} returned an invalid Token.", 5 );
- }
+ }
}
/**
@@ -97,37 +97,42 @@ function getUserProfile()
}
if( isset( $response['success'] ) && $response['success'] === TRUE ){
- $data = @ new SimpleXMLElement( $response['linkedin'] );
+ $data = @ new SimpleXMLElement( $response['linkedin'] );
if ( ! is_object( $data ) ){
throw new Exception( "User profile request failed! {$this->providerId} returned an invalide xml data.", 6 );
- }
+ }
$this->user->profile->identifier = (string) $data->{'id'};
$this->user->profile->firstName = (string) $data->{'first-name'};
- $this->user->profile->lastName = (string) $data->{'last-name'};
+ $this->user->profile->lastName = (string) $data->{'last-name'};
$this->user->profile->displayName = trim( $this->user->profile->firstName . " " . $this->user->profile->lastName );
- $this->user->profile->email = (string) $data->{'email-address'};
- $this->user->profile->emailVerified = (string) $data->{'email-address'};
+ $this->user->profile->email = (string) $data->{'email-address'};
+ $this->user->profile->emailVerified = (string) $data->{'email-address'};
- $this->user->profile->photoURL = (string) $data->{'picture-url'};
- $this->user->profile->profileURL = (string) $data->{'public-profile-url'};
- $this->user->profile->description = (string) $data->{'summary'};
+ $this->user->profile->photoURL = (string) $data->{'picture-url'};
+ $this->user->profile->profileURL = (string) $data->{'public-profile-url'};
+ $this->user->profile->description = (string) $data->{'summary'};
- $this->user->profile->phone = (string) $data->{'phone-numbers'}->{'phone-number'}->{'phone-number'};
+ if( $data->{'phone-numbers'} && $data->{'phone-numbers'}->{'phone-number'} ){
+ $this->user->profile->phone = (string) $data->{'phone-numbers'}->{'phone-number'}->{'phone-number'};
+ }
+ else{
+ $this->user->profile->phone = null;
+ }
- if( $data->{'date-of-birth'} ) {
- $this->user->profile->birthDay = (string) $data->{'date-of-birth'}->day;
- $this->user->profile->birthMonth = (string) $data->{'date-of-birth'}->month;
- $this->user->profile->birthYear = (string) $data->{'date-of-birth'}->year;
- }
+ if( $data->{'date-of-birth'} ){
+ $this->user->profile->birthDay = (string) $data->{'date-of-birth'}->day;
+ $this->user->profile->birthMonth = (string) $data->{'date-of-birth'}->month;
+ $this->user->profile->birthYear = (string) $data->{'date-of-birth'}->year;
+ }
return $this->user->profile;
}
else{
throw new Exception( "User profile request failed! {$this->providerId} returned an invalid response.", 6 );
- }
+ }
}
/**
@@ -135,7 +140,7 @@ function getUserProfile()
*/
function getUserContacts()
{
- try{
+ try{
$response = $this->api->profile('~/connections:(id,first-name,last-name,picture-url,public-profile-url,summary)');
}
catch( LinkedInException $e ){
@@ -146,7 +151,7 @@ function getUserContacts()
return ARRAY();
}
- $connections = new SimpleXMLElement( $response['linkedin'] );
+ $connections = new SimpleXMLElement( $response['linkedin'] );
$contacts = ARRAY();
@@ -159,7 +164,7 @@ function getUserContacts()
$uc->photoURL = (string) $connection->{'picture-url'};
$uc->description = (string) $connection->{'summary'};
- $contacts[] = $uc;
+ $contacts[] = $uc;
}
return $contacts;
@@ -178,10 +183,10 @@ function setUserStatus( $status )
if( isset( $status[1] ) && ! empty( $status[1] ) ) $parameters["comment"] = $status[1]; // post comment
if( isset( $status[2] ) && ! empty( $status[2] ) ) $parameters["submitted-url"] = $status[2]; // post url
if( isset( $status[3] ) && ! empty( $status[3] ) ) $parameters["submitted-image-url"] = $status[3]; // post picture url
- if( isset( $status[4] ) && ! empty( $status[4] ) ) $private = $status[4]; // true or false
+ if( isset( $status[4] ) && ! empty( $status[4] ) ) $private = $status[4]; // true or false
}
else{
- $parameters["comment"] = $status;
+ $parameters["comment"] = $status;
}
try{
@@ -198,18 +203,18 @@ function setUserStatus( $status )
}
/**
- * load the user latest activity
+ * load the user latest activity
* - timeline : all the stream
- * - me : the user activity only
+ * - me : the user activity only
*/
function getUserActivity( $stream )
{
- try{
+ try{
if( $stream == "me" ){
- $response = $this->api->updates( '?type=SHAR&scope=self&count=25' );
- }
+ $response = $this->api->updates( '?type=SHAR&scope=self&count=25' );
+ }
else{
- $response = $this->api->updates( '?type=SHAR&count=25' );
+ $response = $this->api->updates( '?type=SHAR&count=25' );
}
}
catch( LinkedInException $e ){
@@ -224,7 +229,7 @@ function getUserActivity( $stream )
$activities = ARRAY();
- foreach( $updates->update as $update ) {
+ foreach( $updates->update as $update ) {
$person = $update->{'update-content'}->person;
$share = $update->{'update-content'}->person->{'current-share'};
View
47 hybridauth/Hybrid/thirdparty/Facebook/base_facebook.php 100644 → 100755
@@ -724,6 +724,15 @@ protected function getAccessTokenFromCode($code, $redirect_uri = null) {
return false;
}
+ // Check for errors, which are returned as json data, rather than query-strings.
+ if (is_string($access_token_response)) {
+ $json = json_decode($access_token_response, true);
+
+ if (is_array($json)) {
+ $this->throwAPIExceptionIfError($json);
+ }
+ }
+
$response_params = array();
parse_str($access_token_response, $response_params);
if (!isset($response_params['access_token'])) {
@@ -752,10 +761,8 @@ protected function _restserver($params) {
), true);
// results are returned, errors are thrown
- if (is_array($result) && isset($result['error_code'])) {
- $this->throwAPIException($result);
- }
-
+ $this->throwAPIExceptionIfError($result);
+
if ($params['method'] === 'auth.expireSession' ||
$params['method'] === 'auth.revokeAuthorization') {
$this->destroySession();
@@ -763,7 +770,21 @@ protected function _restserver($params) {
return $result;
}
-
+
+ /**
+ * Throws an exception if an error occurred during an oauth call.
+ *
+ * @param array $response
+ */
+ protected function throwAPIExceptionIfError($response)
+ {
+ if (is_array($response) &&
+ (isset($response['error_code']) ||
+ isset($response['error']))) {
+ $this->throwAPIException($response);
+ }
+ }
+
/**
* Return true if this is video post.
*
@@ -808,9 +829,7 @@ protected function _graph($path, $method = 'GET', $params = array()) {
), true);
// results are returned, errors are thrown
- if (is_array($result) && isset($result['error'])) {
- $this->throwAPIException($result);
- }
+ $this->throwAPIExceptionIfError($result);
return $result;
}
@@ -836,7 +855,11 @@ protected function _oauthRequest($url, $params) {
}
}
- return $this->makeRequest($url, $params);
+ $result = $this->makeRequest($url, $params);
+
+ $this->throwAPIExceptionIfError($result);
+
+ return $result;
}
/**
@@ -1277,7 +1300,7 @@ protected function getMetadataCookie() {
* http://developers.facebook.com/roadmap/offline-access-removal/#extend_token
* http://stackoverflow.com/a/9035036/1106794
*/
- function extendedAccessToken( $old_access_token )
+ public function extendedAccessToken( $old_access_token )
{
// Make a OAuth Request.
try {
@@ -1301,7 +1324,9 @@ function extendedAccessToken( $old_access_token )
if (empty($response)) {
return false;
}
-
+
+ $this->throwAPIExceptionIfError($response);
+
$response_params = array();
parse_str($response, $response_params);
Something went wrong with that request. Please try again.