[geeklog-hg] geeklog: OAuth got Facebook (except image), Twitter, Google work...
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Sat Aug 24 22:19:46 EDT 2013
changeset 9262:6aa61575c4d2
url: http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/6aa61575c4d2
user: Tom <websitemaster at cogeco.net>
date: Sat Aug 24 22:19:12 2013 -0400
description:
OAuth got Facebook (except image), Twitter, Google working. Added icons back in so theme can be set to display login buttons in different ways.
diffstat:
public_html/admin/install/config-install.php | 6 +-
public_html/images/facebook-login-icon.png | Bin
public_html/images/linkedin-login-icon.png | Bin
public_html/images/twitter-login-icon.png | Bin
public_html/layout/denim/loginform_oauth.thtml | 7 +-
public_html/layout/modern_curve/loginform_oauth.thtml | 6 +-
public_html/lib-common.php | 5 +-
public_html/usersettings.php | 113 ++-
sql/updates/mssql_2.0.0_to_2.0.1.php | 3 +
sql/updates/mysql_2.0.0_to_2.0.1.php | 5 +-
sql/updates/pgsql_2.0.0_to_2.0.1.php | 5 +-
system/classes/oauth/oauth_client.php | 827 +++++++++++++----
system/lib-security.php | 3 +-
13 files changed, 742 insertions(+), 238 deletions(-)
diffs (truncated from 1537 to 300 lines):
diff -r bb744e3c28b8 -r 6aa61575c4d2 public_html/admin/install/config-install.php
--- a/public_html/admin/install/config-install.php Sun Jul 21 10:40:26 2013 -0400
+++ b/public_html/admin/install/config-install.php Sat Aug 24 22:19:12 2013 -0400
@@ -246,9 +246,9 @@
$c->add('microsoft_login',0,'select',4,16,1,362,TRUE, $me, 16);
$c->add('microsoft_consumer_key','','text',4,16,NULL,363,TRUE, $me, 16);
$c->add('microsoft_consumer_secret','','text',4,16,NULL,364,TRUE, $me, 16);
- // $c->add('yahoo_login',0,'select',4,16,1,365,TRUE, $me, 16);
- // $c->add('yahoo_consumer_key','','text',4,16,NULL,366,TRUE, $me, 16);
- // $c->add('yahoo_consumer_secret','','text',4,16,NULL,367,TRUE, $me, 16);
+ $c->add('yahoo_login',0,'select',4,16,1,365,TRUE, $me, 16);
+ $c->add('yahoo_consumer_key','','text',4,16,NULL,366,TRUE, $me, 16);
+ $c->add('yahoo_consumer_secret','','text',4,16,NULL,367,TRUE, $me, 16);
$c->add('aftersave_user','item','select',4,16,9,1340,TRUE, $me, 16);
$c->add('tab_spamx', NULL, 'tab', 4, 17, NULL, 0, TRUE, $me, 17);
diff -r bb744e3c28b8 -r 6aa61575c4d2 public_html/images/facebook-login-icon.png
Binary file public_html/images/facebook-login-icon.png has changed
diff -r bb744e3c28b8 -r 6aa61575c4d2 public_html/images/linkedin-login-icon.png
Binary file public_html/images/linkedin-login-icon.png has changed
diff -r bb744e3c28b8 -r 6aa61575c4d2 public_html/images/twitter-login-icon.png
Binary file public_html/images/twitter-login-icon.png has changed
diff -r bb744e3c28b8 -r 6aa61575c4d2 public_html/layout/denim/loginform_oauth.thtml
--- a/public_html/layout/denim/loginform_oauth.thtml Sun Jul 21 10:40:26 2013 -0400
+++ b/public_html/layout/denim/loginform_oauth.thtml Sat Aug 24 22:19:12 2013 -0400
@@ -2,8 +2,13 @@
<form class="third-party-login" action="{site_url}/users.php?oauth_login={oauth_service}" method="post">
<div>
- <input style="border:0;height:22px;width:141px;padding:0;margin:0;" type="submit" value="" id="login_{oauth_service}"{xhtml}>
+ {# OAuth Button Style 1: Image buttons (uncomment line below) #}
+ {# <input style="border:0;height:22px;width:141px;padding:0;margin:0;" type="submit" value="" id="login_{oauth_service}"{xhtml}> #}
+
+ {# OAuth Button Style 2: Login buttons with icons (uncomment line below) #}
+ <img alt="" src="{oauth_sign_in_image}"{xhtml}><input value="{lang_oauth_service}" type="submit" class="submit"{xhtml}>
</div>
</form>
{# end {templatelocation} #}
+
diff -r bb744e3c28b8 -r 6aa61575c4d2 public_html/layout/modern_curve/loginform_oauth.thtml
--- a/public_html/layout/modern_curve/loginform_oauth.thtml Sun Jul 21 10:40:26 2013 -0400
+++ b/public_html/layout/modern_curve/loginform_oauth.thtml Sat Aug 24 22:19:12 2013 -0400
@@ -2,7 +2,11 @@
<form class="third-party-login" action="{site_url}/users.php?oauth_login={oauth_service}" method="post">
<div>
- <input style="border:0;height:22px;width:141px;padding:0;margin:0;" type="submit" value="" id="login_{oauth_service}"{xhtml}>
+ {# OAuth Button Style 1: Image buttons (uncomment line below) #}
+ {# <input style="border:0;height:22px;width:141px;padding:0;margin:0;" type="submit" value="" id="login_{oauth_service}"{xhtml}> #}
+
+ {# OAuth Button Style 2: Login buttons with icons (uncomment line below) #}
+ <img alt="" src="{oauth_sign_in_image}"{xhtml}><input value="{lang_oauth_service}" type="submit" class="submit"{xhtml}>
</div>
</form>
diff -r bb744e3c28b8 -r 6aa61575c4d2 public_html/lib-common.php
--- a/public_html/lib-common.php Sun Jul 21 10:40:26 2013 -0400
+++ b/public_html/lib-common.php Sat Aug 24 22:19:12 2013 -0400
@@ -3245,6 +3245,7 @@
$login->set_var('openid_login', '');
}
+
// OAuth remote authentification.
if ($_CONF['user_login_method']['oauth'] && ($_CONF['usersubmission'] == 0) && !$_CONF['disable_new_user_registration']) {
$_SCRIPTS->setJavascriptFile('login', '/javascript/login.js');
@@ -3258,9 +3259,7 @@
$login->set_var('oauth_service', $service);
$login->set_var('lang_oauth_service', $LANG01[$service]);
// for sign in image
- //$login->set_var('oauth_sign_in_image', $_CONF['site_url'] . '/images/' . $service . '-login-icon.png');
- $login->set_var('oauth_sign_in_image', $_CONF['site_url'] . '/images/login-with-' . $service . '.png');
- $login->set_var('oauth_sign_in_image_style', '');
+ $login->set_var('oauth_sign_in_image', $_CONF['site_url'] . '/images/' . $service . '-login-icon.png'); // For use with oauth icon on regular buttons
$login->parse('output', 'oauth_login');
$html_oauth .= $login->finish($login->get_var('output'));
}
diff -r bb744e3c28b8 -r 6aa61575c4d2 public_html/usersettings.php
--- a/public_html/usersettings.php Sun Jul 21 10:40:26 2013 -0400
+++ b/public_html/usersettings.php Sat Aug 24 22:19:12 2013 -0400
@@ -1108,7 +1108,35 @@
}
PLG_userInfoChanged ($_USER['uid']);
+
+ // at this point, the user information has been saved, but now we're going to check to see if
+ // the user has requested resynchronization with their remoteservice account
+ $msg = 5; // default msg = Your account information has been successfully saved
+ if (isset($A['resynch']) ) {
+ if ($_CONF['user_login_method']['oauth'] && (strpos($_USER['remoteservice'], 'oauth.') === 0)) {
+ $modules = SEC_collectRemoteOAuthModules();
+ $active_service = (count($modules) == 0) ? false : in_array(substr($_USER['remoteservice'], 6), $modules);
+ if (!$active_service) {
+ $status = -1;
+ $msg = 115; // Remote service has been disabled.
+ } else {
+ require_once $_CONF['path_system'] . 'classes/oauthhelper.class.php';
+ $service = substr($_USER['remoteservice'], 6);
+ $consumer = new OAuthConsumer($service);
+ $callback_url = $_CONF['site_url'];
+ $consumer->setRedirectURL($callback_url);
+ $user = $consumer->authenticate_user();
+ $consumer->doSynch($user);
+ }
+ }
+ if ($msg != 5) {
+ $msg = 114; // Account saved but re-synch failed.
+ COM_errorLog($MESSAGE[$msg]);
+ }
+ }
+
+/*
$msg = 5;
// Re Sync data if needed
if (isset($A['resynch'])) {
@@ -1148,7 +1176,7 @@
$msg = 114; // Account saved but re-synch failed.
}
}
-
+*/
if ($_US_VERBOSE) {
COM_errorLog('**** Leaving saveuser in usersettings.php ****', 1);
}
@@ -1395,7 +1423,86 @@
$display = COM_refresh ($_CONF['site_url']
. '/usersettings.php?msg=5');
break;
-
+
+ case 'synch':
+ // This case is the result of a callback from an OAuth service.
+ // The user has made a request to resynch their glFusion user account with the remote OAuth service
+ if ($_CONF['user_login_method']['oauth'] && (strpos($_USER['remoteservice'], 'oauth.') === 0) && isset($_GET['oauth_login'])) {
+ $msg = 5;
+
+ $modules = SEC_collectRemoteOAuthModules();
+ $active_service = (count($modules) == 0) ? false : in_array(substr($_GET['oauth_login'], 6), $modules);
+ if (!$active_service) {
+ $status = -1;
+ $msg = 114; // resynch with remote account has failed but your other account information has been successfully saved.
+ } else {
+ $query = array_merge($_GET, $_POST);
+ $service = $query['oauth_login'];
+ // COM_errorLog("-------------------------------------------------------------------------");
+ // COM_errorLog("usersettings.php?mode=resynch&oauth_login={$service}");
+ // COM_errorLog("-------------------------------------------------------------------------");
+
+ require_once $_CONF['path_system'] . 'classes/oauthhelper.class.php';
+
+ $consumer = new OAuthConsumer($service);
+
+ if($service == 'oauth.facebook') {
+ // facebook resynchronizations are simple to perform
+ $oauth_userinfo = $consumer->refresh_userinfo();
+ if (empty($oauth_userinfo)) {
+ $msg = 114; // Account saved but re-synch failed.
+ COM_errorLog($MESSAGE[$msg]);
+ } else {
+ $consumer->doSynch($oauth_userinfo);
+ }
+ } else {
+ // other OAuth services are more complex
+ // setup what we need to callback and authenticate
+ $callback_query_string = $consumer->getCallback_query_string();
+ // COM_errorLog("callback_query_string={$callback_query_string}");
+ $cancel_query_string = $consumer->getCancel_query_string();
+ // COM_errorLog("cancel_query_string={$cancel_query_string}");
+ $callback_url = $_CONF['site_url'] . '/usersettings.php?mode=synch&oauth_login=' . $service;
+ // COM_errorLog("callback_url={$callback_url}");
+
+ // authenticate with the remote service
+ if (!isset($query[$callback_query_string]) && (empty($cancel_query_string) || !isset($query[$cancel_query_string]))) {
+ $msg = 114; // Resynch with remote account has failed but other account information has been successfully saved
+ // elseif the callback query string is set, then we have successfully authenticated
+ } elseif (isset($query[$callback_query_string])) {
+ // COM_errorLog("authenticated with remote service, retrieve userinfo");
+ // foreach($query as $key=>$value) {
+ // COM_errorLog("query[{$key}]={$value}");
+ // }
+ $oauth_userinfo = $consumer->sreq_userinfo_response($query);
+ if (empty($oauth_userinfo)) {
+ $msg = 111; // Authentication error.
+ } else {
+ // COM_errorLog("resynchronizing userinfo");
+ // foreach($oauth_userinfo as $key=>$value) {
+ // COM_errorLog("oauth_user_info[{$key}] set");
+ // }
+ $consumer->doSynch($oauth_userinfo);
+ }
+ } elseif (!empty($cancel_query_string) && isset($query[$cancel_query_string])) {
+ $msg = 112; // Certification has been cancelled.
+ } else {
+ $msg = 91; // You specified an invalid identity URL.
+ }
+ }
+ }
+
+ if ($msg == 5) {
+ $display = COM_refresh ($_CONF['site_url'] . '/users.php?mode=profile&uid=' . $_USER['uid'] . '&msg=5');
+ } else {
+ COM_errorLog($MESSAGE[$msg]);
+ $display = COM_refresh ($_CONF['site_url'] . '/usersettings.php?msg=' . $msg);
+ }
+ break;
+ }
+
+ // If OAuth is disabled, drop into default case
+/*
case 'synch':
// This mode is the result of a callback from an OAuth service. The user has made a request to resynch their Geeklog user account with the OAuth service they used to login with.
if ($_CONF['user_login_method']['oauth'] && (strpos($_USER['remoteservice'], 'oauth.') === 0) && isset($_GET['oauth_login'])) {
@@ -1462,7 +1569,7 @@
}
// Go right into default
-
+*/
default: // also if $mode == 'edit', 'preferences', or 'comments'
$display .= COM_showMessageFromParameter();
$display .= edituser();
diff -r bb744e3c28b8 -r 6aa61575c4d2 sql/updates/mssql_2.0.0_to_2.0.1.php
--- a/sql/updates/mssql_2.0.0_to_2.0.1.php Sun Jul 21 10:40:26 2013 -0400
+++ b/sql/updates/mssql_2.0.0_to_2.0.1.php Sat Aug 24 22:19:12 2013 -0400
@@ -85,6 +85,9 @@
$c->add('microsoft_login',0,'select',4,16,1,362,TRUE, $me, 16);
$c->add('microsoft_consumer_key','','text',4,16,NULL,363,TRUE, $me, 16);
$c->add('microsoft_consumer_secret','','text',4,16,NULL,364,TRUE, $me, 16);
+ $c->add('yahoo_login',0,'select',4,16,1,365,TRUE, $me, 16);
+ $c->add('yahoo_consumer_key','','text',4,16,NULL,366,TRUE, $me, 16);
+ $c->add('yahoo_consumer_secret','','text',4,16,NULL,367,TRUE, $me, 16);
return true;
}
diff -r bb744e3c28b8 -r 6aa61575c4d2 sql/updates/mysql_2.0.0_to_2.0.1.php
--- a/sql/updates/mysql_2.0.0_to_2.0.1.php Sun Jul 21 10:40:26 2013 -0400
+++ b/sql/updates/mysql_2.0.0_to_2.0.1.php Sat Aug 24 22:19:12 2013 -0400
@@ -84,7 +84,10 @@
$c->add('google_consumer_secret','','text',4,16,NULL,361,TRUE, $me, 16);
$c->add('microsoft_login',0,'select',4,16,1,362,TRUE, $me, 16);
$c->add('microsoft_consumer_key','','text',4,16,NULL,363,TRUE, $me, 16);
- $c->add('microsoft_consumer_secret','','text',4,16,NULL,364,TRUE, $me, 16);
+ $c->add('microsoft_consumer_secret','','text',4,16,NULL,364,TRUE, $me, 16);
+ $c->add('yahoo_login',0,'select',4,16,1,365,TRUE, $me, 16);
+ $c->add('yahoo_consumer_key','','text',4,16,NULL,366,TRUE, $me, 16);
+ $c->add('yahoo_consumer_secret','','text',4,16,NULL,367,TRUE, $me, 16);
return true;
}
diff -r bb744e3c28b8 -r 6aa61575c4d2 sql/updates/pgsql_2.0.0_to_2.0.1.php
--- a/sql/updates/pgsql_2.0.0_to_2.0.1.php Sun Jul 21 10:40:26 2013 -0400
+++ b/sql/updates/pgsql_2.0.0_to_2.0.1.php Sat Aug 24 22:19:12 2013 -0400
@@ -84,7 +84,10 @@
$c->add('google_consumer_secret','','text',4,16,NULL,361,TRUE, $me, 16);
$c->add('microsoft_login',0,'select',4,16,1,362,TRUE, $me, 16);
$c->add('microsoft_consumer_key','','text',4,16,NULL,363,TRUE, $me, 16);
- $c->add('microsoft_consumer_secret','','text',4,16,NULL,364,TRUE, $me, 16);
+ $c->add('microsoft_consumer_secret','','text',4,16,NULL,364,TRUE, $me, 16);
+ $c->add('yahoo_login',0,'select',4,16,1,365,TRUE, $me, 16);
+ $c->add('yahoo_consumer_key','','text',4,16,NULL,366,TRUE, $me, 16);
+ $c->add('yahoo_consumer_secret','','text',4,16,NULL,367,TRUE, $me, 16);
return true;
}
diff -r bb744e3c28b8 -r 6aa61575c4d2 system/classes/oauth/oauth_client.php
--- a/system/classes/oauth/oauth_client.php Sun Jul 21 10:40:26 2013 -0400
+++ b/system/classes/oauth/oauth_client.php Sat Aug 24 22:19:12 2013 -0400
@@ -2,7 +2,7 @@
/*
* oauth_client.php
*
- * @(#) $Id: oauth_client.php,v 1.49 2013/02/20 11:44:29 mlemos Exp $
+ * @(#) $Id: oauth_client.php,v 1.72 2013/07/31 11:51:03 mlemos Exp $
*
*/
@@ -12,7 +12,7 @@
<package>net.manuellemos.oauth</package>
- <version>@(#) $Id: oauth_client.php,v 1.49 2013/02/20 11:44:29 mlemos Exp $</version>
+ <version>@(#) $Id: oauth_client.php,v 1.72 2013/07/31 11:51:03 mlemos Exp $</version>
<copyright>Copyright © (C) Manuel Lemos 2012</copyright>
<title>OAuth client</title>
<author>Manuel Lemos</author>
@@ -48,13 +48,16 @@
<variablelink>authorization_header</variablelink>,
<variablelink>request_token_url</variablelink>,
<variablelink>dialog_url</variablelink>,
+ <variablelink>offline_dialog_url</variablelink>,
<variablelink>append_state_to_redirect_uri</variablelink> and
<variablelink>access_token_url</variablelink>.<paragraphbreak />
Before proceeding to the actual OAuth authorization process, you
need to have registered your application with the OAuth server. The
registration provides you values to set the variables
- <variablelink>client_id</variablelink> and
- <variablelink>client_secret</variablelink>.<paragraphbreak />
+ <variablelink>client_id</variablelink> and
More information about the geeklog-cvs
mailing list