| 25 |
- |
1 |
<?php
|
|
|
2 |
/*
|
|
|
3 |
* Facebook OAuth
|
|
|
4 |
*/
|
|
|
5 |
// Include the autoloader provided in the SDK
|
|
|
6 |
require_once __DIR__ . '/social_oauth_lib/facebook-php-sdk/autoload.php';
|
|
|
7 |
|
|
|
8 |
// Include required libraries
|
|
|
9 |
use Facebook\Facebook;
|
|
|
10 |
use Facebook\Exceptions\FacebookResponseException;
|
|
|
11 |
use Facebook\Exceptions\FacebookSDKException;
|
|
|
12 |
|
|
|
13 |
$fb = new Facebook(array(
|
|
|
14 |
'app_id' => FB_APP_ID,
|
|
|
15 |
'app_secret' => FB_APP_SECRET,
|
|
|
16 |
'default_graph_version' => 'v2.10',
|
|
|
17 |
'persistent_data_handler' => 'session'
|
|
|
18 |
));
|
|
|
19 |
|
|
|
20 |
// Get redirect login helper
|
|
|
21 |
$helper = $fb->getRedirectLoginHelper();
|
|
|
22 |
|
|
|
23 |
if(isset($_GET['state'])){
|
|
|
24 |
$_SESSION['FBRLH_state'] = $_GET['state'];
|
|
|
25 |
}
|
|
|
26 |
|
|
|
27 |
if((isset($_REQUEST['state']) && isset($_REQUEST['code'])) || isset($_SESSION['facebook_access_token'])){
|
|
|
28 |
// Try to get access token
|
|
|
29 |
try {
|
|
|
30 |
if(isset($_SESSION['facebook_access_token'])){
|
|
|
31 |
$fbAccessToken = $_SESSION['facebook_access_token'];
|
|
|
32 |
}else{
|
|
|
33 |
$fbAccessToken = $helper->getAccessToken(SOCIAL_REDIRECT_URL);
|
|
|
34 |
}
|
|
|
35 |
} catch(FacebookResponseException $e) {
|
|
|
36 |
echo 'Graph returned an error: ' . $e->getMessage();
|
|
|
37 |
exit;
|
|
|
38 |
} catch(FacebookSDKException $e) {
|
|
|
39 |
echo 'Facebook SDK returned an error: ' . $e->getMessage();
|
|
|
40 |
exit;
|
|
|
41 |
}
|
|
|
42 |
}
|
|
|
43 |
|
|
|
44 |
if(isset($fbAccessToken)){
|
|
|
45 |
if(isset($_SESSION['facebook_access_token'])){
|
|
|
46 |
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
|
|
|
47 |
}else{
|
|
|
48 |
// Put short-lived access token in session
|
|
|
49 |
$_SESSION['facebook_access_token'] = (string) $fbAccessToken;
|
|
|
50 |
|
|
|
51 |
// OAuth 2.0 client handler helps to manage access tokens
|
|
|
52 |
$oAuth2Client = $fb->getOAuth2Client();
|
|
|
53 |
|
|
|
54 |
// Exchanges a short-lived access token for a long-lived one
|
|
|
55 |
$longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($_SESSION['facebook_access_token']);
|
|
|
56 |
$_SESSION['facebook_access_token'] = (string) $longLivedAccessToken;
|
|
|
57 |
|
|
|
58 |
// Set default access token to be used in script
|
|
|
59 |
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
|
|
|
60 |
}
|
|
|
61 |
|
|
|
62 |
// Redirect the user back to the same page if url has "code" parameter in query string
|
|
|
63 |
if(isset($_GET['code'])){
|
|
|
64 |
header('Location: ./');
|
|
|
65 |
exit;
|
|
|
66 |
}
|
|
|
67 |
|
|
|
68 |
// Getting user facebook profile info
|
|
|
69 |
try {
|
|
|
70 |
$profileRequest = $fb->get('/me?fields=name,first_name,last_name,email,link,gender,locale,picture');
|
|
|
71 |
$fbUserProfile = $profileRequest->getGraphNode()->asArray();
|
|
|
72 |
} catch(FacebookResponseException $e) {
|
|
|
73 |
echo 'Graph returned an error: ' . $e->getMessage();
|
|
|
74 |
session_destroy();
|
|
|
75 |
// Redirect user back to app login page
|
|
|
76 |
header("Location: ./");
|
|
|
77 |
exit;
|
|
|
78 |
} catch(FacebookSDKException $e) {
|
|
|
79 |
echo 'Facebook SDK returned an error: ' . $e->getMessage();
|
|
|
80 |
exit;
|
|
|
81 |
}
|
|
|
82 |
|
|
|
83 |
// Initialize User class
|
|
|
84 |
$user = new User();
|
|
|
85 |
|
|
|
86 |
// Getting user profile info
|
|
|
87 |
$fbUserData = array();
|
|
|
88 |
$fbUserData['oauth_uid'] = !empty($fbUserProfile['id'])?$fbUserProfile['id']:'';
|
|
|
89 |
$fbUserData['first_name'] = !empty($fbUserProfile['first_name'])?$fbUserProfile['first_name']:'';
|
|
|
90 |
$fbUserData['last_name'] = !empty($fbUserProfile['last_name'])?$fbUserProfile['last_name']:'';
|
|
|
91 |
$fbUserData['email'] = !empty($fbUserProfile['email'])?$fbUserProfile['email']:'';
|
|
|
92 |
$fbUserData['gender'] = !empty($fbUserProfile['gender'])?$fbUserProfile['gender']:'';
|
|
|
93 |
$fbUserData['locale'] = !empty($fbUserProfile['locale'])?$fbUserProfile['locale']:'';
|
|
|
94 |
$fbUserData['picture'] = !empty($fbUserProfile['picture']['url'])?$fbUserProfile['picture']['url']:'';
|
|
|
95 |
$fbUserData['link'] = !empty($fbUserProfile['link'])?$fbUserProfile['link']:'';
|
|
|
96 |
|
|
|
97 |
// Insert or update user data to the database
|
|
|
98 |
$fbUserData['oauth_provider'] = 'facebook';
|
|
|
99 |
$userData = $user->checkUser($fbUserData);
|
|
|
100 |
|
|
|
101 |
// Get logout url
|
|
|
102 |
$logoutURL = $helper->getLogoutUrl($fbAccessToken, BASE_URL.'userAccount.php?logoutSubmit=1');
|
|
|
103 |
|
|
|
104 |
// Store login status into the session
|
|
|
105 |
$sessData['userLoggedIn'] = TRUE;
|
|
|
106 |
$sessData['userID'] = $userData['id'];
|
|
|
107 |
$sessData['loginType'] = 'social';
|
|
|
108 |
$_SESSION['sessData'] = $sessData;
|
|
|
109 |
|
|
|
110 |
// Redirect to my account
|
|
|
111 |
header("Location: account.php");
|
|
|
112 |
exit();
|
|
|
113 |
}else{
|
|
|
114 |
// Get login url
|
|
|
115 |
$fbLoginURL = $helper->getLoginUrl(SOCIAL_REDIRECT_URL, array('email'));
|
|
|
116 |
$fbLoginURL = filter_var($fbLoginURL, FILTER_SANITIZE_URL);
|
|
|
117 |
}
|
|
|
118 |
|
|
|
119 |
|
|
|
120 |
/*
|
|
|
121 |
* Google OAuth
|
|
|
122 |
*/
|
|
|
123 |
// Include Google client library
|
|
|
124 |
require_once 'social_oauth_lib/google-php-client/Google_Client.php';
|
|
|
125 |
require_once 'social_oauth_lib/google-php-client/contrib/Google_Oauth2Service.php';
|
|
|
126 |
|
|
|
127 |
// Call Google API
|
|
|
128 |
$gClient = new Google_Client();
|
|
|
129 |
$gClient->setApplicationName('Login to FindCheapMusic.com');
|
|
|
130 |
$gClient->setClientId(GP_CLIENT_ID);
|
|
|
131 |
$gClient->setClientSecret(GP_CLIENT_SECRET);
|
|
|
132 |
$gClient->setRedirectUri(SOCIAL_REDIRECT_URL);
|
|
|
133 |
|
|
|
134 |
$google_oauthV2 = new Google_Oauth2Service($gClient);
|
|
|
135 |
|
|
|
136 |
if(isset($_GET['code'])){
|
|
|
137 |
$gClient->authenticate($_GET['code']);
|
|
|
138 |
$_SESSION['google_access_token'] = $gClient->getAccessToken();
|
|
|
139 |
header('Location: ' . filter_var(BASE_URL, FILTER_SANITIZE_URL));
|
|
|
140 |
exit;
|
|
|
141 |
}
|
|
|
142 |
|
|
|
143 |
if(isset($_SESSION['google_access_token'])){
|
|
|
144 |
$gClient->setAccessToken($_SESSION['google_access_token']);
|
|
|
145 |
}
|
|
|
146 |
|
|
|
147 |
if($gClient->getAccessToken() && !isset($_GET['logoutSubmit'])){
|
|
|
148 |
// Get user profile data from google
|
|
|
149 |
$gpUserProfile = $google_oauthV2->userinfo->get();
|
|
|
150 |
|
|
|
151 |
// Initialize User class
|
|
|
152 |
$user = new User();
|
|
|
153 |
|
|
|
154 |
// Getting user profile info
|
|
|
155 |
$gpUserData = array();
|
|
|
156 |
$gpUserData['oauth_uid'] = !empty($gpUserProfile['id'])?$gpUserProfile['id']:'';
|
|
|
157 |
$gpUserData['first_name'] = !empty($gpUserProfile['given_name'])?$gpUserProfile['given_name']:'';
|
|
|
158 |
$gpUserData['last_name'] = !empty($gpUserProfile['family_name'])?$gpUserProfile['family_name']:'';
|
|
|
159 |
$gpUserData['email'] = !empty($gpUserProfile['email'])?$gpUserProfile['email']:'';
|
|
|
160 |
$gpUserData['gender'] = !empty($gpUserProfile['gender'])?$gpUserProfile['gender']:'';
|
|
|
161 |
$gpUserData['locale'] = !empty($gpUserProfile['locale'])?$gpUserProfile['locale']:'';
|
|
|
162 |
$gpUserData['picture'] = !empty($gpUserProfile['picture'])?$gpUserProfile['picture']:'';
|
|
|
163 |
$gpUserData['link'] = !empty($gpUserProfile['link'])?$gpUserProfile['link']:'';
|
|
|
164 |
|
|
|
165 |
// Insert or update user data to the database
|
|
|
166 |
$gpUserData['oauth_provider'] = 'google';
|
|
|
167 |
$userData = $user->checkUser($gpUserData);
|
|
|
168 |
|
|
|
169 |
// Store login status into the session
|
|
|
170 |
$sessData['userLoggedIn'] = TRUE;
|
|
|
171 |
$sessData['userID'] = $userData['id'];
|
|
|
172 |
$sessData['loginType'] = 'social';
|
|
|
173 |
$_SESSION['sessData'] = $sessData;
|
|
|
174 |
|
|
|
175 |
// Redirect to my account
|
|
|
176 |
header("Location: account.php");
|
|
|
177 |
exit();
|
|
|
178 |
}else{
|
|
|
179 |
$gpLoginURL = $gClient->createAuthUrl();
|
|
|
180 |
$gpLoginURL = filter_var($gpLoginURL, FILTER_SANITIZE_URL);
|
|
|
181 |
}
|
|
|
182 |
|
|
|
183 |
/*
|
|
|
184 |
* Twitter OAuth
|
|
|
185 |
*/
|
|
|
186 |
// Include Twitter client library
|
|
|
187 |
require_once 'social_oauth_lib/twitter-php-oauth/twitteroauth.php';
|
|
|
188 |
|
|
|
189 |
// If OAuth token not matched
|
|
|
190 |
if(isset($_REQUEST['oauth_token']) && $_SESSION['twitter_access_token'] !== $_REQUEST['oauth_token']){
|
|
|
191 |
// Remove token from session
|
|
|
192 |
unset($_SESSION['twitter_access_token']);
|
|
|
193 |
unset($_SESSION['twitter_token_secret']);
|
|
|
194 |
}
|
|
|
195 |
|
|
|
196 |
// If user already verified
|
|
|
197 |
if(isset($_SESSION['status']) && $_SESSION['status'] == 'verified' && !empty($_SESSION['request_vars'])){
|
|
|
198 |
// Retrive variables from session
|
|
|
199 |
$username = $_SESSION['request_vars']['screen_name'];
|
|
|
200 |
$twitterId = $_SESSION['request_vars']['user_id'];
|
|
|
201 |
$oauthToken = $_SESSION['request_vars']['oauth_token'];
|
|
|
202 |
$oauthTokenSecret = $_SESSION['request_vars']['oauth_token_secret'];
|
|
|
203 |
$profilePicture = $_SESSION['userData']['picture'];
|
|
|
204 |
|
|
|
205 |
}elseif(isset($_REQUEST['oauth_token']) && $_SESSION['twitter_access_token'] == $_REQUEST['oauth_token']){
|
|
|
206 |
// Call Twitter API
|
|
|
207 |
$twClient = new TwitterOAuth(TW_CONSUMER_KEY, TW_CONSUMER_SECRET, $_SESSION['twitter_access_token'] , $_SESSION['twitter_token_secret']);
|
|
|
208 |
|
|
|
209 |
// Get OAuth token
|
|
|
210 |
$tw_access_token = $twClient->getAccessToken($_REQUEST['oauth_verifier']);
|
|
|
211 |
|
|
|
212 |
// If returns success
|
|
|
213 |
if($twClient->http_code == '200'){
|
|
|
214 |
// Storing access token data into session
|
|
|
215 |
$_SESSION['status'] = 'verified';
|
|
|
216 |
$_SESSION['request_vars'] = $tw_access_token;
|
|
|
217 |
|
|
|
218 |
// Get user profile data from twitter
|
|
|
219 |
$userInfo = $twClient->get('account/verify_credentials', ['include_email' => 'true']);
|
|
|
220 |
|
|
|
221 |
// Initialize User class
|
|
|
222 |
$user = new User();
|
|
|
223 |
|
|
|
224 |
// Getting user profile info
|
|
|
225 |
$name = explode(" ", $userInfo->name);
|
|
|
226 |
$twUserData = array();
|
|
|
227 |
$twUserData['oauth_uid'] = !empty($userInfo->id)?$userInfo->id:'';
|
|
|
228 |
$twUserData['first_name'] = !empty($name[0])?$name[0]:'';
|
|
|
229 |
$twUserData['last_name'] = !empty($name[1])?$name[1]:'';
|
|
|
230 |
$twUserData['email'] = !empty($userInfo->email)?$userInfo->email:'';
|
|
|
231 |
$twUserData['gender'] = '';
|
|
|
232 |
$twUserData['locale'] = !empty($userInfo->lang)?$userInfo->lang:'';
|
|
|
233 |
$twUserData['picture'] = !empty($userInfo->profile_image_url)?$userInfo->profile_image_url:'';
|
|
|
234 |
$twUserData['link'] = !empty($userInfo->screen_name)?'https://twitter.com/'.$userInfo->screen_name:'';
|
|
|
235 |
$twUserData['username'] = !empty($userInfo->screen_name)?$userInfo->screen_name:'';
|
|
|
236 |
|
|
|
237 |
// Insert or update user data to the database
|
|
|
238 |
$twUserData['oauth_provider'] = 'twitter';
|
|
|
239 |
$userData = $user->checkUser($twUserData);
|
|
|
240 |
|
|
|
241 |
// Store login status into the session
|
|
|
242 |
$sessData['userLoggedIn'] = TRUE;
|
|
|
243 |
$sessData['userID'] = $userData['id'];
|
|
|
244 |
$sessData['loginType'] = 'social';
|
|
|
245 |
$_SESSION['sessData'] = $sessData;
|
|
|
246 |
|
|
|
247 |
// Remove oauth token and secret from session
|
|
|
248 |
unset($_SESSION['twitter_access_token']);
|
|
|
249 |
unset($_SESSION['twitter_token_secret']);
|
|
|
250 |
|
|
|
251 |
// Redirect to my account
|
|
|
252 |
header("Location: account.php");
|
|
|
253 |
exit();
|
|
|
254 |
}
|
|
|
255 |
}else{
|
|
|
256 |
// Fresh authentication
|
|
|
257 |
$twClient = new TwitterOAuth(TW_CONSUMER_KEY, TW_CONSUMER_SECRET);
|
|
|
258 |
$request_token = $twClient->getRequestToken(SOCIAL_REDIRECT_URL);
|
|
|
259 |
|
|
|
260 |
// Get twitter oauth url
|
|
|
261 |
$_SESSION['twitter_access_token'] = $request_token['oauth_token'];
|
|
|
262 |
$_SESSION['twitter_token_secret'] = $request_token['oauth_token_secret'];
|
|
|
263 |
|
|
|
264 |
// If authentication returns success
|
|
|
265 |
if($twClient->http_code == '200'){
|
|
|
266 |
$twLoginURL = $twClient->getAuthorizeURL($request_token['oauth_token']);
|
|
|
267 |
$twLoginURL = filter_var($twLoginURL, FILTER_SANITIZE_URL);
|
|
|
268 |
}
|
|
|
269 |
}
|
|
|
270 |
?>
|