25 |
- |
1 |
<?php
|
|
|
2 |
/*
|
|
|
3 |
* Facebook OAuth
|
65 |
- |
4 |
*/
|
25 |
- |
5 |
// Include the autoloader provided in the SDK
|
|
|
6 |
require_once __DIR__ . '/social_oauth_lib/facebook-php-sdk/autoload.php';
|
|
|
7 |
|
|
|
8 |
// Include required libraries
|
|
|
9 |
use Facebook\Facebook;
|
|
|
10 |
use Facebook\Exceptions\FacebookResponseException;
|
|
|
11 |
use Facebook\Exceptions\FacebookSDKException;
|
|
|
12 |
|
|
|
13 |
$fb = new Facebook(array(
|
65 |
- |
14 |
'app_id' => FB_APP_ID,
|
|
|
15 |
'app_secret' => FB_APP_SECRET,
|
|
|
16 |
'default_graph_version' => 'v2.10',
|
25 |
- |
17 |
'persistent_data_handler' => 'session'
|
|
|
18 |
));
|
|
|
19 |
|
|
|
20 |
// Get redirect login helper
|
|
|
21 |
$helper = $fb->getRedirectLoginHelper();
|
|
|
22 |
|
65 |
- |
23 |
if (isset($_GET['state'])) {
|
25 |
- |
24 |
$_SESSION['FBRLH_state'] = $_GET['state'];
|
|
|
25 |
}
|
|
|
26 |
|
65 |
- |
27 |
if ((isset($_REQUEST['state']) && isset($_REQUEST['code'])) || isset($_SESSION['facebook_access_token'])) {
|
25 |
- |
28 |
// Try to get access token
|
|
|
29 |
try {
|
65 |
- |
30 |
if (isset($_SESSION['facebook_access_token'])) {
|
25 |
- |
31 |
$fbAccessToken = $_SESSION['facebook_access_token'];
|
65 |
- |
32 |
}
|
|
|
33 |
else {
|
25 |
- |
34 |
$fbAccessToken = $helper->getAccessToken(SOCIAL_REDIRECT_URL);
|
|
|
35 |
}
|
65 |
- |
36 |
}
|
|
|
37 |
catch(FacebookResponseException $e) {
|
25 |
- |
38 |
echo 'Graph returned an error: ' . $e->getMessage();
|
|
|
39 |
exit;
|
65 |
- |
40 |
}
|
|
|
41 |
catch(FacebookSDKException $e) {
|
25 |
- |
42 |
echo 'Facebook SDK returned an error: ' . $e->getMessage();
|
|
|
43 |
exit;
|
|
|
44 |
}
|
|
|
45 |
}
|
|
|
46 |
|
65 |
- |
47 |
if (isset($fbAccessToken)) {
|
|
|
48 |
if (isset($_SESSION['facebook_access_token'])) {
|
|
|
49 |
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
|
|
|
50 |
}
|
|
|
51 |
else {
|
|
|
52 |
// Put short-lived access token in session
|
|
|
53 |
$_SESSION['facebook_access_token'] = (string)$fbAccessToken;
|
|
|
54 |
|
|
|
55 |
// OAuth 2.0 client handler helps to manage access tokens
|
|
|
56 |
$oAuth2Client = $fb->getOAuth2Client();
|
|
|
57 |
|
|
|
58 |
// Exchanges a short-lived access token for a long-lived one
|
|
|
59 |
$longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($_SESSION['facebook_access_token']);
|
|
|
60 |
$_SESSION['facebook_access_token'] = (string)$longLivedAccessToken;
|
|
|
61 |
|
|
|
62 |
// Set default access token to be used in script
|
|
|
63 |
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
|
|
|
64 |
}
|
|
|
65 |
|
|
|
66 |
// Redirect the user back to the same page if url has "code" parameter in query string
|
|
|
67 |
if (isset($_GET['code'])) {
|
31 |
- |
68 |
MySessionHandler::commit(session_id());
|
65 |
- |
69 |
header('Location: ./');
|
|
|
70 |
exit;
|
|
|
71 |
}
|
|
|
72 |
|
|
|
73 |
// Getting user facebook profile info
|
|
|
74 |
try {
|
|
|
75 |
$profileRequest = $fb->get('/me?fields=name,first_name,last_name,email,link,picture');
|
|
|
76 |
$fbUserProfile = $profileRequest->getGraphNode()
|
|
|
77 |
->asArray();
|
|
|
78 |
}
|
|
|
79 |
catch(FacebookResponseException $e) {
|
|
|
80 |
echo 'Graph returned an error: ' . $e->getMessage();
|
|
|
81 |
session_destroy();
|
|
|
82 |
// Redirect user back to app login page
|
31 |
- |
83 |
MySessionHandler::commit(session_id());
|
65 |
- |
84 |
header("Location: ./");
|
|
|
85 |
exit;
|
|
|
86 |
}
|
|
|
87 |
catch(FacebookSDKException $e) {
|
|
|
88 |
echo 'Facebook SDK returned an error: ' . $e->getMessage();
|
|
|
89 |
exit;
|
|
|
90 |
}
|
|
|
91 |
|
|
|
92 |
// Initialize User class
|
|
|
93 |
$user = new User();
|
|
|
94 |
|
25 |
- |
95 |
// Getting user profile info
|
65 |
- |
96 |
$fbUserData = array();
|
|
|
97 |
$fbUserData['oauth_uid'] = !empty($fbUserProfile['id']) ? $fbUserProfile['id'] : '';
|
|
|
98 |
$fbUserData['first_name'] = !empty($fbUserProfile['first_name']) ? $fbUserProfile['first_name'] : '';
|
|
|
99 |
$fbUserData['last_name'] = !empty($fbUserProfile['last_name']) ? $fbUserProfile['last_name'] : '';
|
|
|
100 |
$fbUserData['email'] = !empty($fbUserProfile['email']) ? $fbUserProfile['email'] : '';
|
|
|
101 |
$fbUserData['picture'] = !empty($fbUserProfile['picture']['url']) ? $fbUserProfile['picture']['url'] : '';
|
|
|
102 |
$fbUserData['link'] = !empty($fbUserProfile['link']) ? $fbUserProfile['link'] : '';
|
|
|
103 |
|
|
|
104 |
// Insert or update user data to the database
|
25 |
- |
105 |
$fbUserData['oauth_provider'] = 'facebook';
|
65 |
- |
106 |
$userData = $user->checkUser($fbUserData);
|
|
|
107 |
|
|
|
108 |
// Get logout url
|
|
|
109 |
$logoutURL = $helper->getLogoutUrl($fbAccessToken, BASE_URL . 'userAccount.php?logoutSubmit=1');
|
|
|
110 |
|
25 |
- |
111 |
// Store login status into the session
|
35 |
- |
112 |
$sessData['userLoggedIn'] = true;
|
25 |
- |
113 |
$sessData['userID'] = $userData['id'];
|
65 |
- |
114 |
$sessData['loginType'] = 'social';
|
25 |
- |
115 |
$_SESSION['sessData'] = $sessData;
|
65 |
- |
116 |
|
25 |
- |
117 |
// Redirect to my account
|
31 |
- |
118 |
MySessionHandler::commit(session_id());
|
25 |
- |
119 |
header("Location: account.php");
|
65 |
- |
120 |
exit();
|
25 |
- |
121 |
}
|
65 |
- |
122 |
else {
|
|
|
123 |
// Get login url
|
|
|
124 |
$fbLoginURL = $helper->getLoginUrl(SOCIAL_REDIRECT_URL, array(
|
|
|
125 |
'email'
|
|
|
126 |
));
|
|
|
127 |
$fbLoginURL = filter_var($fbLoginURL, FILTER_SANITIZE_URL);
|
|
|
128 |
}
|
25 |
- |
129 |
|
|
|
130 |
/*
|
|
|
131 |
* Google OAuth
|
65 |
- |
132 |
*/
|
25 |
- |
133 |
// Include Google client library
|
|
|
134 |
require_once 'social_oauth_lib/google-php-client/Google_Client.php';
|
|
|
135 |
require_once 'social_oauth_lib/google-php-client/contrib/Google_Oauth2Service.php';
|
|
|
136 |
|
|
|
137 |
// Call Google API
|
|
|
138 |
$gClient = new Google_Client();
|
|
|
139 |
$gClient->setApplicationName('Login to FindCheapMusic.com');
|
|
|
140 |
$gClient->setClientId(GP_CLIENT_ID);
|
|
|
141 |
$gClient->setClientSecret(GP_CLIENT_SECRET);
|
|
|
142 |
$gClient->setRedirectUri(SOCIAL_REDIRECT_URL);
|
|
|
143 |
|
|
|
144 |
$google_oauthV2 = new Google_Oauth2Service($gClient);
|
|
|
145 |
|
65 |
- |
146 |
if (isset($_GET['code'])) {
|
|
|
147 |
$gClient->authenticate($_GET['code']);
|
|
|
148 |
$_SESSION['google_access_token'] = $gClient->getAccessToken();
|
31 |
- |
149 |
MySessionHandler::commit(session_id());
|
65 |
- |
150 |
header('Location: ' . filter_var(BASE_URL, FILTER_SANITIZE_URL));
|
|
|
151 |
exit;
|
25 |
- |
152 |
}
|
|
|
153 |
|
65 |
- |
154 |
if (isset($_SESSION['google_access_token'])) {
|
|
|
155 |
$gClient->setAccessToken($_SESSION['google_access_token']);
|
25 |
- |
156 |
}
|
|
|
157 |
|
65 |
- |
158 |
if ($gClient->getAccessToken() && !isset($_GET['logoutSubmit'])) {
|
|
|
159 |
// Get user profile data from google
|
|
|
160 |
$gpUserProfile = $google_oauthV2
|
|
|
161 |
->userinfo
|
|
|
162 |
->get();
|
|
|
163 |
|
|
|
164 |
// Initialize User class
|
|
|
165 |
$user = new User();
|
|
|
166 |
|
|
|
167 |
// Getting user profile info
|
|
|
168 |
$gpUserData = array();
|
|
|
169 |
$gpUserData['oauth_uid'] = !empty($gpUserProfile['id']) ? $gpUserProfile['id'] : '';
|
|
|
170 |
$gpUserData['first_name'] = !empty($gpUserProfile['given_name']) ? $gpUserProfile['given_name'] : '';
|
|
|
171 |
$gpUserData['last_name'] = !empty($gpUserProfile['family_name']) ? $gpUserProfile['family_name'] : '';
|
|
|
172 |
$gpUserData['email'] = !empty($gpUserProfile['email']) ? $gpUserProfile['email'] : '';
|
|
|
173 |
$gpUserData['picture'] = !empty($gpUserProfile['picture']) ? $gpUserProfile['picture'] : '';
|
|
|
174 |
$gpUserData['link'] = !empty($gpUserProfile['link']) ? $gpUserProfile['link'] : '';
|
|
|
175 |
|
|
|
176 |
// Insert or update user data to the database
|
25 |
- |
177 |
$gpUserData['oauth_provider'] = 'google';
|
|
|
178 |
$userData = $user->checkUser($gpUserData);
|
65 |
- |
179 |
|
|
|
180 |
// Store login status into the session
|
35 |
- |
181 |
$sessData['userLoggedIn'] = true;
|
25 |
- |
182 |
$sessData['userID'] = $userData['id'];
|
65 |
- |
183 |
$sessData['loginType'] = 'social';
|
25 |
- |
184 |
$_SESSION['sessData'] = $sessData;
|
65 |
- |
185 |
|
25 |
- |
186 |
// Redirect to my account
|
31 |
- |
187 |
MySessionHandler::commit(session_id());
|
25 |
- |
188 |
header("Location: account.php");
|
65 |
- |
189 |
exit();
|
25 |
- |
190 |
}
|
65 |
- |
191 |
else {
|
|
|
192 |
$gpLoginURL = $gClient->createAuthUrl();
|
|
|
193 |
$gpLoginURL = filter_var($gpLoginURL, FILTER_SANITIZE_URL);
|
|
|
194 |
}
|
25 |
- |
195 |
|
|
|
196 |
/*
|
|
|
197 |
* Twitter OAuth
|
65 |
- |
198 |
*/
|
|
|
199 |
// Include Twitter client library
|
25 |
- |
200 |
require_once 'social_oauth_lib/twitter-php-oauth/twitteroauth.php';
|
|
|
201 |
|
|
|
202 |
// If OAuth token not matched
|
65 |
- |
203 |
if (isset($_REQUEST['oauth_token']) && $_SESSION['twitter_access_token'] !== $_REQUEST['oauth_token']) {
|
|
|
204 |
// Remove token from session
|
|
|
205 |
unset($_SESSION['twitter_access_token']);
|
|
|
206 |
unset($_SESSION['twitter_token_secret']);
|
25 |
- |
207 |
}
|
|
|
208 |
|
65 |
- |
209 |
// If user already verified
|
|
|
210 |
if (isset($_SESSION['status']) && $_SESSION['status'] == 'verified' && !empty($_SESSION['request_vars'])) {
|
|
|
211 |
// Retrive variables from session
|
|
|
212 |
$username = $_SESSION['request_vars']['screen_name'];
|
|
|
213 |
$twitterId = $_SESSION['request_vars']['user_id'];
|
|
|
214 |
$oauthToken = $_SESSION['request_vars']['oauth_token'];
|
|
|
215 |
$oauthTokenSecret = $_SESSION['request_vars']['oauth_token_secret'];
|
|
|
216 |
$profilePicture = $_SESSION['userData']['picture'];
|
25 |
- |
217 |
|
65 |
- |
218 |
}
|
|
|
219 |
elseif (isset($_REQUEST['oauth_token']) && $_SESSION['twitter_access_token'] == $_REQUEST['oauth_token']) {
|
|
|
220 |
// Call Twitter API
|
|
|
221 |
$twClient = new TwitterOAuth(TW_CONSUMER_KEY, TW_CONSUMER_SECRET, $_SESSION['twitter_access_token'], $_SESSION['twitter_token_secret']);
|
|
|
222 |
|
|
|
223 |
// Get OAuth token
|
|
|
224 |
$tw_access_token = $twClient->getAccessToken($_REQUEST['oauth_verifier']);
|
|
|
225 |
|
|
|
226 |
// If returns success
|
|
|
227 |
if ($twClient->http_code == '200') {
|
|
|
228 |
// Storing access token data into session
|
|
|
229 |
$_SESSION['status'] = 'verified';
|
|
|
230 |
$_SESSION['request_vars'] = $tw_access_token;
|
|
|
231 |
|
|
|
232 |
// Get user profile data from twitter
|
|
|
233 |
$userInfo = $twClient->get('account/verify_credentials', ['include_email' => 'true']);
|
|
|
234 |
|
|
|
235 |
// Initialize User class
|
|
|
236 |
$user = new User();
|
|
|
237 |
|
|
|
238 |
// Getting user profile info
|
25 |
- |
239 |
$name = explode(" ", $userInfo->name);
|
|
|
240 |
$twUserData = array();
|
65 |
- |
241 |
$twUserData['oauth_uid'] = !empty($userInfo->id) ? $userInfo->id : '';
|
|
|
242 |
$twUserData['first_name'] = !empty($name[0]) ? $name[0] : '';
|
|
|
243 |
$twUserData['last_name'] = !empty($name[1]) ? $name[1] : '';
|
|
|
244 |
$twUserData['email'] = !empty($userInfo->email) ? $userInfo->email : '';
|
|
|
245 |
$twUserData['picture'] = !empty($userInfo->profile_image_url) ? str_replace('http://', 'https://', $userInfo->profile_image_url) : '';
|
|
|
246 |
$twUserData['link'] = !empty($userInfo->screen_name) ? 'https://twitter.com/' . $userInfo->screen_name : '';
|
|
|
247 |
$twUserData['username'] = !empty($userInfo->screen_name) ? $userInfo->screen_name : '';
|
|
|
248 |
|
25 |
- |
249 |
// Insert or update user data to the database
|
|
|
250 |
$twUserData['oauth_provider'] = 'twitter';
|
65 |
- |
251 |
$userData = $user->checkUser($twUserData);
|
|
|
252 |
|
|
|
253 |
// Store login status into the session
|
35 |
- |
254 |
$sessData['userLoggedIn'] = true;
|
25 |
- |
255 |
$sessData['userID'] = $userData['id'];
|
65 |
- |
256 |
$sessData['loginType'] = 'social';
|
25 |
- |
257 |
$_SESSION['sessData'] = $sessData;
|
65 |
- |
258 |
|
|
|
259 |
// Remove oauth token and secret from session
|
|
|
260 |
unset($_SESSION['twitter_access_token']);
|
|
|
261 |
unset($_SESSION['twitter_token_secret']);
|
|
|
262 |
|
|
|
263 |
// Redirect to my account
|
31 |
- |
264 |
MySessionHandler::commit(session_id());
|
25 |
- |
265 |
header("Location: account.php");
|
|
|
266 |
exit();
|
65 |
- |
267 |
}
|
|
|
268 |
}
|
|
|
269 |
else {
|
|
|
270 |
// Fresh authentication
|
|
|
271 |
$twClient = new TwitterOAuth(TW_CONSUMER_KEY, TW_CONSUMER_SECRET);
|
|
|
272 |
$request_token = $twClient->getRequestToken(SOCIAL_REDIRECT_URL);
|
25 |
- |
273 |
|
65 |
- |
274 |
// Get twitter oauth url
|
|
|
275 |
$_SESSION['twitter_access_token'] = $request_token['oauth_token'];
|
|
|
276 |
$_SESSION['twitter_token_secret'] = $request_token['oauth_token_secret'];
|
25 |
- |
277 |
|
65 |
- |
278 |
// If authentication returns success
|
|
|
279 |
if ($twClient->http_code == '200') {
|
|
|
280 |
$twLoginURL = $twClient->getAuthorizeURL($request_token['oauth_token']);
|
|
|
281 |
$twLoginURL = filter_var($twLoginURL, FILTER_SANITIZE_URL);
|
|
|
282 |
}
|
25 |
- |
283 |
}
|
|
|
284 |
?>
|