1<?php
2/**
3 * DokuWiki Plugin authvk (Action Component)
4 *
5 * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html
6 * @author  Ilnur Gimazov <ubvfp94@mail.ru>
7 */
8
9// must be run within Dokuwiki
10if(!defined('DOKU_INC')) die();
11
12class action_plugin_authvk extends DokuWiki_Action_Plugin {
13
14    public function register(Doku_Event_Handler $controller) {
15        global $conf;
16        if($conf['authtype'] != 'authvk') return;
17
18        $conf['profileconfirm'] = false;
19
20		$controller->register_hook('DOKUWIKI_STARTED', 'BEFORE', $this, 'handle_start');
21        $controller->register_hook('HTML_LOGINFORM_OUTPUT', 'BEFORE', $this, 'handle_loginform');
22        $controller->register_hook('ACTION_ACT_PREPROCESS', 'BEFORE', $this, 'handle_dologin');
23    }
24
25	public function handle_start(Doku_Event &$event, $param) {
26		global $USERINFO;
27		global $conf;
28		global $connection;
29		global $auth;
30
31		if (isset($_GET['code'])) {
32			$vk_client_id = $this->getConf('client_id');
33			$vk_client_secret = $this->getConf('client_secret');
34			$vk_redirect_uri = $this->getConf('redirect_uri');
35			$vk_admin_id = $this->getConf('admin_id');
36			$vk_group_id_of_admins = $this->getConf('group_id_of_admins');
37			$vk_group_id_of_moderators = $this->getConf('group_id_of_moderators');
38			$vk_group_id_of_users = $this->getConf('group_id_of_users');
39
40			$vk_url = 'http://oauth.vk.com/authorize';
41
42			$vk_state = $_GET['state'];
43			msg ($vk_state);
44			if ((empty($vk_state)) or ($_SERVER['SERVER_NAME']."/start?do=login"==$vk_state))
45			{$vk_state = $_SERVER['SERVER_NAME'];}
46
47			$vk_result = false;
48			$vk_params = array(
49				'client_id' => $vk_client_id,
50				'client_secret' => $vk_client_secret,
51				'code' => $_GET['code'],
52				'redirect_uri' => $vk_redirect_uri
53			);
54
55			$vk_token = json_decode(file_get_contents('https://oauth.vk.com/access_token' . '?' . htmlspecialchars_decode(urldecode(http_build_query($vk_params)))), true);
56
57			if (isset($vk_token['access_token'])) {
58				$vk_params = array(
59					'uids'         => $vk_token['user_id'],
60					'fields'       => 'uid,first_name,last_name,screen_name,sex,bdate,photo_big',
61					'access_token' => $vk_token['access_token']
62				);
63
64				$vk_userInfo = json_decode(file_get_contents('https://api.vk.com/method/users.get' . '?' . htmlspecialchars_decode(urldecode(http_build_query($vk_params)) )), true);
65				if (isset($vk_userInfo['response'][0]['uid'])) {
66					$vk_userInfo = $vk_userInfo['response'][0];
67				}
68			}
69
70			$vk_group_params = array(
71					'group_id' => $vk_group_id_of_admins,
72					'user_id' => $vk_userInfo['uid'],
73					'extended' => '1'
74				);
75
76			$vk_group_id_of_admins_Info = json_decode(file_get_contents('https://api.vk.com/method/groups.isMember' . '?' . htmlspecialchars_decode(urldecode(http_build_query($vk_group_params)) )), true);
77
78			$vk_group_params = array(
79					'group_id' => $vk_group_id_of_moderators,
80					'user_id' => $vk_userInfo['uid'],
81					'extended' => '1'
82				);
83
84			$vk_group_id_of_moderators_Info = json_decode(file_get_contents('https://api.vk.com/method/groups.isMember' . '?' . htmlspecialchars_decode(urldecode(http_build_query($vk_group_params)) )), true);
85
86			$vk_group_params = array(
87					'group_id' => $vk_group_id_of_users,
88					'user_id' => $vk_userInfo['uid'],
89					'extended' => '1'
90				);
91
92			$vk_group_id_of_users_Info = json_decode(file_get_contents('https://api.vk.com/method/groups.isMember' . '?' . htmlspecialchars_decode(urldecode(http_build_query($vk_group_params)) )), true);
93
94			if ($vk_group_id_of_users ==0) {
95				$vk_result = true;
96			}elseif (($vk_group_id_of_users_Info['response']['member'] ==1)
97					or (($vk_group_id_of_moderators_Info['response']['member'] ==1)
98					or ($vk_group_id_of_admin_Info['response']['member'] ==1))) {
99				$vk_result = true;
100			}else{
101				$vk_result = false;
102			}
103
104
105			if ($vk_result) {
106				$vk_login = 'vk_'.$vk_userInfo['uid'];
107				$vk_pass = 'yrefd3'.$vk_userInfo['uid'];
108				$vk_fullname = $vk_userInfo['first_name'].' '.$vk_userInfo['last_name'];
109				if (isset($vk_token['email'])) {
110					$vk_email = $vk_token['email'];
111				}else{
112					$vk_email = $vk_userInfo['uid'].'@vk.com';
113				}
114
115				msg($vk_userInfo['uid']);
116
117				if (!empty($vk_login))
118				{
119				if(($auth->getUserData($vk_login) == false)  and (!empty($vk_fullname)) ){
120					$auth->triggerUserMod('create', array($vk_login, $vk_pass, $vk_fullname, $vk_email));
121				}
122
123				$sticky = true;
124				$silent = true;
125				$secret = auth_cookiesalt(!$sticky, true); //bind non-sticky to session
126				auth_setCookie($vk_login, auth_encrypt($vk_pass, $secret), $sticky);
127
128				$USERINFO['pass'] = $vk_pass;
129				$USERINFO['name'] = $vk_fullname;
130				$USERINFO['mail'] = $vk_email;
131
132				if ($vk_group_id_of_moderators_Info['response']['member']==1)
133					$USERINFO['grps'] = array('group','user');
134				if ($vk_userInfo['uid']==$vk_admin_id)
135					$USERINFO['grps'] = array('admin','user');
136				if ($vk_group_id_of_admins_Info['response']['member']==1)
137					$USERINFO['grps'] = array('admin','user');
138
139				$_SESSION[DOKU_COOKIE]['auth']['user'] = $vk_fullname;
140				$_SESSION[DOKU_COOKIE]['auth']['mail'] = $vk_email;
141				$_SESSION[DOKU_COOKIE]['auth']['pass'] = $vk_pass;
142				$_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO;
143				}
144			}else{
145				msg($this->getLang('vk_sorry').'<a href="https://vk.com/club' . $vk_group_id_of_users .  '">VK_group</a>');
146			}
147			send_redirect('http://'.$vk_state);
148		}
149
150		if (empty($_SERVER['REMOTE_USER']))
151		{
152			$vk_client_id = $this->getConf('client_id');
153			$vk_client_secret = $this->getConf('client_secret');
154			$vk_redirect_uri = $this->getConf('redirect_uri');
155			$vk_url = 'http://oauth.vk.com/authorize';
156
157			$params = array(
158			'client_id'     => $vk_client_id,
159			'redirect_uri'  => $vk_redirect_uri ,
160			'response_type' => 'code',
161			'scope' => 'uid,first_name,last_name,sex,bdate,domain,email,groups',
162			'state' => $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']
163			);
164
165			$url = $vk_url . '?'. htmlspecialchars_decode(urldecode(http_build_query($params))) ;
166			msg("<script> setTimeout( 'location=\" ".$url ."\";', 100 ); </script>");
167		}
168    }
169
170	public function handle_loginform(Doku_Event &$event, $param) {
171        global $conf;
172
173		$vk_client_id = $this->getConf('client_id');
174		$vk_client_secret = $this->getConf('client_secret');
175		$vk_redirect_uri = $this->getConf('redirect_uri');
176		$vk_url = 'http://oauth.vk.com/authorize';
177
178		$params = array(
179		'client_id'     => $vk_client_id,
180		'redirect_uri'  => $vk_redirect_uri ,
181		'response_type' => 'code',
182		'scope' => 'uid,first_name,last_name,sex,bdate,domain,email,groups',
183		'state' => $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']
184		);
185
186        $form =& $event->data;
187        $html = '<p><a href="' . $vk_url . '?' . urldecode(http_build_query($params)) . '">'.$this->getLang('loginButton').'</a></p>';
188		$form->_content = array();
189        $form->_content[] = form_openfieldset(array('_legend' => $this->getLang('loginwith'), 'class' => 'plugin_authvk'));
190        $form->_content[] = $html;
191        $form->_content[] = form_closefieldset();
192    }
193
194	public function handle_dologin(Doku_Event &$event, $param) {
195        global $lang;
196        global $ID;
197		global $conf;
198
199		$vk_client_id = $this->getConf('client_id');
200		$vk_client_secret = $this->getConf('client_secret');
201		$vk_redirect_uri = $this->getConf('redirect_uri');
202		$vk_url = 'http://oauth.vk.com/authorize';
203
204		$params = array(
205		'client_id'     => $vk_client_id,
206		'redirect_uri'  => $vk_redirect_uri ,
207		'response_type' => 'code',
208		'scope' => 'uid,first_name,last_name,sex,bdate,domain,email,groups',
209		'state' => $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']
210		);
211
212        $lang['btn_login'] = $this->getLang('loginButton') ;
213        if($event->data != 'login') return true;
214		$url = $vk_url . '?'. htmlspecialchars_decode(urldecode(http_build_query($params)))  ;
215        send_redirect($url);
216    }
217}
218
219