hlp = plugin_load('helper', 'evesso'); $credentials = new Credentials( $this->hlp->getKey(), $this->hlp->getSecret(), $this->hlp->getRedirectURI() ); $this->storage = new oAuthStorage(); $serviceFactory = new ServiceFactory(); $serviceFactory->setHttpClient(new oAuthHTTPClient()); $this->oAuth = $serviceFactory->createService( $this->getServiceName(), $credentials, $this->storage, $this->getScope() ); } /** * Check if the initialization worked * * @return bool */ public function isInitialized() { if(is_null($this->oAuth)) { return false; } return true; } /** * Redirects to the service for requesting access * * This is the first step of oAuth authentication * * This implementation tries to abstract away differences between oAuth1 and oAuth2, * but might need to be overwritten for specific services */ public function login() { if(is_a($this->oAuth, 'OAuth\OAuth2\Service\AbstractService')) { /* oAuth2 handling */ $url = $this->oAuth->getAuthorizationUri(); } else { /* oAuth1 handling */ // extra request needed for oauth1 to request a request token :-) $token = $this->oAuth->requestRequestToken(); $url = $this->oAuth->getAuthorizationUri(array('oauth_token' => $token->getRequestToken())); } send_redirect($url); } /** * Clear storage token for user * */ public function logout() { if ($this->isInitialized()) { $this->oAuth->getStorage()->clearToken($this->oAuth->service()); $this->oAuth->getStorage()->clearAuthorizationState($this->oAuth->service()); } } /** * Check access_token * * Update as needed * * @return bool true if access_token is valid. false otherwise */ public function checkToken() { global $INPUT; if ($INPUT->get->has('code')) { if (!$this->requestAccessToken()) { //Request access token (Second step of oAuth authentication) return false; } } else { //Check if access token is still valid, if not, refresh the access_token if (!$this->checkAccessToken() && !$this->refreshAccessToken()) { return false; } } return true; } /** * Request access token * * Second step of oAuth authentication * * @global type $INPUT * @global \OAuth\Plugin\type $conf * @return boolean true if successful. false otherwise */ private function requestAccessToken() { global $INPUT, $conf; try { $this->oAuth->requestAccessToken($INPUT->get->str('code'), $INPUT->get->str('state', null)); return true; } catch (TokenResponseException $e) { msg($e->getMessage(), -1); if ($conf['allowdebug']) { msg('
' . hsc($e->getTraceAsString()) . '', -1); } return false; } finally { $this->oAuth->getStorage()->clearAuthorizationState($this->oAuth->service()); } } /** * Check if access token is still valid * * @global type $conf * @return boolean true if access_token is vaild. false otherwise */ private function checkAccessToken() { global $conf; try { if ($this->oAuth->getStorage()->hasAccessToken($this->oAuth->service()) && $this->oAuth->getStorage()->retrieveAccessToken($this->oAuth->service())->getEndOfLife() - 90 > time()) { return true; // access_token is still vaild - already validated } } catch (TokenNotFoundException $e) { msg($e->getMessage(), -1); if ($conf['allowdebug']) { msg('
' . hsc($e->getTraceAsString()) . '', -1); } } return false; // oAuth storage have no token } /** * Refresh access_token (from refresh_token) * * @global \OAuth\Plugin\type $conf * @return boolean true if successful. false otherwise */ private function refreshAccessToken() { global $conf; try { if ($this->oAuth->getStorage()->hasAccessToken($this->oAuth->service())) { $this->oAuth->refreshAccessToken($this->oAuth->getStorage()->retrieveAccessToken($this->oAuth->service())); return true; } } catch (TokenNotFoundException | TokenResponseException $e) { msg($e->getMessage(), -1); if ($conf['allowdebug']) { msg('
' . hsc($e->getTraceAsString()) . '', -1); } } return false; } /** * Return the name of the oAuth service class to use * * This should match with one of the files in * phpoauth/src/oAuth/oAuth[12]/Service/* * * By default extracts the name from the class name * * @return string */ public function getServiceName() { return $this->getAdapterName(); } /** * Return the name of this Adapter * * It specifies which configuration setting should be used * * @return string */ public function getAdapterName() { $name = preg_replace('/Adapter$/', '', get_called_class()); $name = str_replace('OAuth\\Plugin\\', '', $name); return $name; } /** * Return the scope to request * * This should return the minimal scope needed for accessing the user's data * * @return array */ public function getScope() { return array(); } /** * Retrieve the user's data * * The array needs to contain at least 'email', 'name', 'user', 'grps' * * @return array */ abstract public function getUser(); }