Changeset 26605 for extensions/oAuth/auth.php
- Timestamp:
- Jan 11, 2014, 1:27:14 AM (10 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
extensions/oAuth/auth.php
r26604 r26605 10 10 try { 11 11 // inputs 12 if ( $provider == 'OpenID' and !isset($_GET['openid_identifier']))12 if ($provider == 'OpenID' and !isset($_GET['openid_identifier'])) 13 13 { 14 14 throw new Exception('Invalid OpenID!', 1003); … … 25 25 } 26 26 27 $hybridauth = new Hybrid_Auth($hybridauth_conf); 27 if ($provider == 'Persona') 28 { 29 $response = persona_verify($_POST['assertion']); 30 31 if ($response === false || $response['status'] != 'okay') 32 { 33 header('HTTP/1.1 503 Service Unavailable'); 34 exit; 35 } 36 else 37 { 38 $oauth_id = array($provider, $response['email']); 39 } 40 } 41 else 42 { 43 $hybridauth = new Hybrid_Auth($hybridauth_conf); 44 45 // connected 46 if ($hybridauth->isConnectedWith($provider)) 47 { 48 $adapter = $hybridauth->getAdapter($provider); 49 $remote_user = $adapter->getUserProfile(); 50 51 $oauth_id = array($provider, $remote_user->identifier); 52 } 53 } 28 54 29 // connected 30 if ($hybridauth->isConnectedWith($provider)) 55 if (!empty($oauth_id)) 31 56 { 32 $adapter = $hybridauth->getAdapter($provider);33 $remote_user = $adapter->getUserProfile();34 35 $oauth_id = $provider.'---'.$remote_user->identifier;36 37 57 // check is already registered 38 58 $query = ' 39 SELECT id FROM ' .USERS_TABLE.'40 WHERE oauth_id = "' .$oauth_id.'"59 SELECT id FROM ' . USERS_TABLE . ' 60 WHERE oauth_id = "' . implode('---', $oauth_id) . '" 41 61 ;'; 42 62 $result = pwg_query($query); … … 47 67 log_user($user_id, false); 48 68 49 $ template->assign('REDIRECT_TO', 'default');69 $redirect_to = 'default'; 50 70 } 51 71 // not registered : redirect to register page … … 54 74 if ($conf['allow_user_registration']) 55 75 { 56 pwg_set_session_var('oauth_new_user', array($provider,$remote_user->identifier));57 $ template->assign('REDIRECT_TO', 'register');76 pwg_set_session_var('oauth_new_user', $oauth_id); 77 $redirect_to = 'register'; 58 78 } 59 79 else 60 80 { 61 81 $_SESSION['page_errors'][] = l10n('Sorry, new registrations are blocked on this gallery.'); 62 $adapter->logout();63 $ template->assign('REDIRECT_TO', 'identification');82 if (isset($adapter)) $adapter->logout(); 83 $redirect_to = 'identification'; 64 84 } 85 } 86 87 if ($provider == 'Persona') 88 { 89 echo json_encode(compact('redirect_to')); 90 header('HTTP/1.1 200 OK'); 91 exit; 92 } 93 else 94 { 95 $template->assign('REDIRECT_TO', $redirect_to); 65 96 } 66 97 } … … 92 123 5 : Authentication aborded 93 124 6 : User profile request failed 125 404 : User not found 94 126 other errors : 127 503 : Persona error 95 128 1002 : Invalid provider 96 129 1003 : Missing openid_identifier 97 130 */ 98 catch (Exception $e) { 99 switch ($e->getCode()) { 131 catch (Exception $e) 132 { 133 switch ($e->getCode()) 134 { 100 135 case 5: 101 136 $template->assign('ERROR', l10n('Authentication canceled')); break;
Note: See TracChangeset
for help on using the changeset viewer.