1 | <?php |
---|
2 | /*! |
---|
3 | * HybridAuth |
---|
4 | * http://hybridauth.sourceforge.net | http://github.com/hybridauth/hybridauth |
---|
5 | * (c) 2009-2012, HybridAuth authors | http://hybridauth.sourceforge.net/licenses.html |
---|
6 | */ |
---|
7 | |
---|
8 | /** |
---|
9 | * To implement an OpenID based service provider, Hybrid_Provider_Model_OpenID |
---|
10 | * can be used to save the hassle of the authentication flow. |
---|
11 | * |
---|
12 | * Each class that inherit from Hybrid_Provider_Model_OAuth2 have only to define |
---|
13 | * the provider identifier : <code>public $openidIdentifier = ""; </code> |
---|
14 | * |
---|
15 | * Hybrid_Provider_Model_OpenID use LightOpenID lib which can be found on |
---|
16 | * Hybrid/thirdparty/OpenID/LightOpenID.php |
---|
17 | */ |
---|
18 | class Hybrid_Provider_Model_OpenID extends Hybrid_Provider_Model |
---|
19 | { |
---|
20 | /* Openid provider identifier */ |
---|
21 | public $openidIdentifier = ""; |
---|
22 | |
---|
23 | // -------------------------------------------------------------------- |
---|
24 | |
---|
25 | /** |
---|
26 | * adapter initializer |
---|
27 | */ |
---|
28 | function initialize() |
---|
29 | { |
---|
30 | if( isset( $this->params["openid_identifier"] ) ){ |
---|
31 | $this->openidIdentifier = $this->params["openid_identifier"]; |
---|
32 | } |
---|
33 | |
---|
34 | // include LightOpenID lib |
---|
35 | require_once Hybrid_Auth::$config["path_libraries"] . "OpenID/LightOpenID.php"; |
---|
36 | |
---|
37 | // An error was occurring when proxy wasn't set. Not sure where proxy was meant to be set/initialized. |
---|
38 | Hybrid_Auth::$config['proxy'] = isset(Hybrid_Auth::$config['proxy'])?Hybrid_Auth::$config['proxy']:''; |
---|
39 | |
---|
40 | $this->api = new LightOpenID( parse_url( Hybrid_Auth::$config["base_url"], PHP_URL_HOST), Hybrid_Auth::$config["proxy"] ); |
---|
41 | } |
---|
42 | |
---|
43 | // -------------------------------------------------------------------- |
---|
44 | |
---|
45 | /** |
---|
46 | * begin login step |
---|
47 | */ |
---|
48 | function loginBegin() |
---|
49 | { |
---|
50 | if( empty( $this->openidIdentifier ) ){ |
---|
51 | throw new Exception( "OpenID adapter require the identity provider identifier 'openid_identifier' as an extra parameter.", 4 ); |
---|
52 | } |
---|
53 | |
---|
54 | $this->api->identity = $this->openidIdentifier; |
---|
55 | $this->api->returnUrl = $this->endpoint; |
---|
56 | $this->api->required = ARRAY( |
---|
57 | 'namePerson/first' , |
---|
58 | 'namePerson/last' , |
---|
59 | 'namePerson/friendly' , |
---|
60 | 'namePerson' , |
---|
61 | |
---|
62 | 'contact/email' , |
---|
63 | |
---|
64 | 'birthDate' , |
---|
65 | 'birthDate/birthDay' , |
---|
66 | 'birthDate/birthMonth' , |
---|
67 | 'birthDate/birthYear' , |
---|
68 | |
---|
69 | 'person/gender' , |
---|
70 | 'pref/language' , |
---|
71 | |
---|
72 | 'contact/postalCode/home', |
---|
73 | 'contact/city/home' , |
---|
74 | 'contact/country/home' , |
---|
75 | |
---|
76 | 'media/image/default' , |
---|
77 | ); |
---|
78 | |
---|
79 | # redirect the user to the provider authentication url |
---|
80 | Hybrid_Auth::redirect( $this->api->authUrl() ); |
---|
81 | } |
---|
82 | |
---|
83 | // -------------------------------------------------------------------- |
---|
84 | |
---|
85 | /** |
---|
86 | * finish login step |
---|
87 | */ |
---|
88 | function loginFinish() |
---|
89 | { |
---|
90 | # if user don't garant acess of their data to your site, halt with an Exception |
---|
91 | if( $this->api->mode == 'cancel'){ |
---|
92 | throw new Exception( "Authentication failed! User has canceled authentication!", 5 ); |
---|
93 | } |
---|
94 | |
---|
95 | # if something goes wrong |
---|
96 | if( ! $this->api->validate() ){ |
---|
97 | throw new Exception( "Authentication failed. Invalid request recived!", 5 ); |
---|
98 | } |
---|
99 | |
---|
100 | # fetch recived user data |
---|
101 | $response = $this->api->getAttributes(); |
---|
102 | |
---|
103 | # sotre the user profile |
---|
104 | $this->user->profile->identifier = $this->api->identity; |
---|
105 | |
---|
106 | $this->user->profile->firstName = (array_key_exists("namePerson/first",$response))?$response["namePerson/first"]:""; |
---|
107 | $this->user->profile->lastName = (array_key_exists("namePerson/last",$response))?$response["namePerson/last"]:""; |
---|
108 | $this->user->profile->displayName = (array_key_exists("namePerson",$response))?$response["namePerson"]:""; |
---|
109 | $this->user->profile->email = (array_key_exists("contact/email",$response))?$response["contact/email"]:""; |
---|
110 | $this->user->profile->language = (array_key_exists("pref/language",$response))?$response["pref/language"]:""; |
---|
111 | $this->user->profile->country = (array_key_exists("contact/country/home",$response))?$response["contact/country/home"]:""; |
---|
112 | $this->user->profile->zip = (array_key_exists("contact/postalCode/home",$response))?$response["contact/postalCode/home"]:""; |
---|
113 | $this->user->profile->gender = (array_key_exists("person/gender",$response))?$response["person/gender"]:""; |
---|
114 | $this->user->profile->photoURL = (array_key_exists("media/image/default",$response))?$response["media/image/default"]:""; |
---|
115 | |
---|
116 | $this->user->profile->birthDay = (array_key_exists("birthDate/birthDay",$response))?$response["birthDate/birthDay"]:""; |
---|
117 | $this->user->profile->birthMonth = (array_key_exists("birthDate/birthMonth",$response))?$response["birthDate/birthMonth"]:""; |
---|
118 | $this->user->profile->birthYear = (array_key_exists("birthDate/birthDate",$response))?$response["birthDate/birthDate"]:""; |
---|
119 | |
---|
120 | if( ! $this->user->profile->displayName ) { |
---|
121 | $this->user->profile->displayName = trim( $this->user->profile->lastName . " " . $this->user->profile->firstName ); |
---|
122 | } |
---|
123 | |
---|
124 | if( isset( $response['namePerson/friendly'] ) && ! empty( $response['namePerson/friendly'] ) && ! $this->user->profile->displayName ) { |
---|
125 | $this->user->profile->displayName = (array_key_exists("namePerson/friendly",$response))?$response["namePerson/friendly"]:"" ; |
---|
126 | } |
---|
127 | |
---|
128 | if( isset( $response['birthDate'] ) && ! empty( $response['birthDate'] ) && ! $this->user->profile->birthDay ) { |
---|
129 | list( $birthday_year, $birthday_month, $birthday_day ) = (array_key_exists('birthDate',$response))?$response['birthDate']:""; |
---|
130 | |
---|
131 | $this->user->profile->birthDay = (int) $birthday_day; |
---|
132 | $this->user->profile->birthMonth = (int) $birthday_month; |
---|
133 | $this->user->profile->birthYear = (int) $birthday_year; |
---|
134 | } |
---|
135 | |
---|
136 | if( ! $this->user->profile->displayName ){ |
---|
137 | $this->user->profile->displayName = trim( $this->user->profile->firstName . " " . $this->user->profile->lastName ); |
---|
138 | } |
---|
139 | |
---|
140 | if( $this->user->profile->gender == "f" ){ |
---|
141 | $this->user->profile->gender = "female"; |
---|
142 | } |
---|
143 | |
---|
144 | if( $this->user->profile->gender == "m" ){ |
---|
145 | $this->user->profile->gender = "male"; |
---|
146 | } |
---|
147 | |
---|
148 | // set user as logged in |
---|
149 | $this->setUserConnected(); |
---|
150 | |
---|
151 | // with openid providers we get the user profile only once, so store it |
---|
152 | Hybrid_Auth::storage()->set( "hauth_session.{$this->providerId}.user", $this->user ); |
---|
153 | } |
---|
154 | |
---|
155 | // -------------------------------------------------------------------- |
---|
156 | |
---|
157 | /** |
---|
158 | * load the user profile from the IDp api client |
---|
159 | */ |
---|
160 | function getUserProfile() |
---|
161 | { |
---|
162 | // try to get the user profile from stored data |
---|
163 | $this->user = Hybrid_Auth::storage()->get( "hauth_session.{$this->providerId}.user" ) ; |
---|
164 | |
---|
165 | // if not found |
---|
166 | if ( ! is_object( $this->user ) ){ |
---|
167 | throw new Exception( "User profile request failed! User is not connected to {$this->providerId} or his session has expired.", 6 ); |
---|
168 | } |
---|
169 | |
---|
170 | return $this->user->profile; |
---|
171 | } |
---|
172 | } |
---|