source: extensions/oAuth/auth.php @ 26604

Last change on this file since 26604 was 26604, checked in by mistic100, 10 years ago

clean templating + allow to use Steam/Wordpress/Flickr without displaying OpenID
File size: 3.3 KB
Line 
1<?php
2define('PHPWG_ROOT_PATH', '../../');
3include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
4
5global $hybridauth_conf;
6require_once(OAUTH_PATH . 'include/hybridauth/Hybrid/Auth.php');
7
8$provider = @$_GET['provider'];
9
10try {
11  // inputs
12  if ( $provider == 'OpenID' and !isset($_GET['openid_identifier']) )
13  {
14    throw new Exception('Invalid OpenID!', 1003);
15  }
16 
17  // OpenID is always enabled
18  $hybridauth_conf['providers']['OpenID']['enabled'] = true;
19 
20  if (!array_key_exists($provider, $hybridauth_conf['providers'])
21      or !$hybridauth_conf['providers'][$provider]['enabled']
22    )
23  {
24    throw new Exception('Invalid provider!', 1002);
25  }
26 
27  $hybridauth = new Hybrid_Auth($hybridauth_conf);
28 
29  // connected
30  if ($hybridauth->isConnectedWith($provider))
31  {
32    $adapter = $hybridauth->getAdapter($provider);
33    $remote_user = $adapter->getUserProfile();
34   
35    $oauth_id = $provider.'---'.$remote_user->identifier;
36   
37    // check is already registered
38    $query = '
39SELECT id FROM '.USERS_TABLE.'
40  WHERE oauth_id = "'.$oauth_id.'"
41;';
42    $result = pwg_query($query);
43    // registered : log_user and redirect
44    if (pwg_db_num_rows($result))
45    {
46      list($user_id) = pwg_db_fetch_row($result);
47      log_user($user_id, false);
48     
49      $template->assign('REDIRECT_TO', 'default');
50    }
51    // not registered : redirect to register page
52    else
53    {
54      if ($conf['allow_user_registration'])
55      {
56        pwg_set_session_var('oauth_new_user', array($provider,$remote_user->identifier));
57        $template->assign('REDIRECT_TO', 'register');
58      }
59      else
60      {
61        $_SESSION['page_errors'][] = l10n('Sorry, new registrations are blocked on this gallery.');
62        $adapter->logout();
63        $template->assign('REDIRECT_TO', 'identification');
64      }
65    }
66  }
67  // init connect
68  else if (isset($_GET['init_auth']))
69  {
70    $params = array();
71    if ($provider == 'OpenID')
72    {
73      $params['openid_identifier'] = $_GET['openid_identifier'];
74    }
75     
76    // try to authenticate
77    $adapter = $hybridauth->authenticate($provider, $params);
78  }
79  // display loader
80  else
81  {
82    $template->assign('LOADING', '&openid_identifier='.@$_GET['openid_identifier'].'&init_auth=1');
83  }
84}
85/*
86 library errors :
87     0 : Unspecified error
88     1 : Hybriauth configuration error
89     2 : Provider not properly configured
90     3 : Unknown or disabled provider
91     4 : Missing provider application credentials
92     5 : Authentication aborded
93     6 : User profile request failed
94 other errors :
95  1002 : Invalid provider
96  1003 : Missing openid_identifier
97*/
98catch (Exception $e) {
99  switch ($e->getCode()) {
100    case 5:
101      $template->assign('ERROR', l10n('Authentication canceled')); break;
102    case 404:
103      $template->assign('ERROR', l10n('User not found')); break;
104    default:
105      $template->assign('ERROR', l10n('An error occured, please contact the gallery owner. <i>Error code : %s</i>', '<span title="'.$e->getMessage().'">'.$e->getCode().'</span>'));
106  }
107}
108
109
110$template->assign(array(
111  'GALLERY_TITLE' => $conf['gallery_title'],
112  'CONTENT_ENCODING' => get_pwg_charset(),
113  'U_HOME' => get_gallery_home_url(),
114 
115  'OAUTH_PATH' => OAUTH_PATH,
116  'PROVIDER' => $provider,
117  'SELF_URL' => OAUTH_PATH . 'auth.php?provider='.$provider,
118  ));
119
120$template->set_filename('index', realpath(OAUTH_PATH . 'template/auth.tpl'));
121$template->pparse('index');
Note: See TracBrowser for help on using the repository browser.