Subversion Repositories cheapmusic

Rev

Rev 43 | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
25 - 1
<?php
2
/*
3
 * Facebook OAuth
65 - 4
*/
25 - 5
// Include the autoloader provided in the SDK
6
require_once __DIR__ . '/social_oauth_lib/facebook-php-sdk/autoload.php';
7
 
8
// Include required libraries
9
use Facebook\Facebook;
10
use Facebook\Exceptions\FacebookResponseException;
11
use Facebook\Exceptions\FacebookSDKException;
12
 
13
$fb = new Facebook(array(
65 - 14
    'app_id' => FB_APP_ID,
15
    'app_secret' => FB_APP_SECRET,
16
    'default_graph_version' => 'v2.10',
25 - 17
    'persistent_data_handler' => 'session'
18
));
19
 
20
// Get redirect login helper
21
$helper = $fb->getRedirectLoginHelper();
22
 
65 - 23
if (isset($_GET['state'])) {
25 - 24
    $_SESSION['FBRLH_state'] = $_GET['state'];
25
}
26
 
65 - 27
if ((isset($_REQUEST['state']) && isset($_REQUEST['code'])) || isset($_SESSION['facebook_access_token'])) {
25 - 28
    // Try to get access token
29
    try {
65 - 30
        if (isset($_SESSION['facebook_access_token'])) {
25 - 31
            $fbAccessToken = $_SESSION['facebook_access_token'];
65 - 32
        }
33
        else {
25 - 34
            $fbAccessToken = $helper->getAccessToken(SOCIAL_REDIRECT_URL);
35
        }
65 - 36
    }
37
    catch(FacebookResponseException $e) {
25 - 38
        echo 'Graph returned an error: ' . $e->getMessage();
39
        exit;
65 - 40
    }
41
    catch(FacebookSDKException $e) {
25 - 42
        echo 'Facebook SDK returned an error: ' . $e->getMessage();
43
        exit;
44
    }
45
}
46
 
65 - 47
if (isset($fbAccessToken)) {
48
    if (isset($_SESSION['facebook_access_token'])) {
49
        $fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
50
    }
51
    else {
52
        // Put short-lived access token in session
53
        $_SESSION['facebook_access_token'] = (string)$fbAccessToken;
54
 
55
        // OAuth 2.0 client handler helps to manage access tokens
56
        $oAuth2Client = $fb->getOAuth2Client();
57
 
58
        // Exchanges a short-lived access token for a long-lived one
59
        $longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($_SESSION['facebook_access_token']);
60
        $_SESSION['facebook_access_token'] = (string)$longLivedAccessToken;
61
 
62
        // Set default access token to be used in script
63
        $fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
64
    }
65
 
66
    // Redirect the user back to the same page if url has "code" parameter in query string
67
    if (isset($_GET['code'])) {
31 - 68
        MySessionHandler::commit(session_id());
65 - 69
        header('Location: ./');
70
        exit;
71
    }
72
 
73
    // Getting user facebook profile info
74
    try {
75
        $profileRequest = $fb->get('/me?fields=name,first_name,last_name,email,link,picture');
76
        $fbUserProfile = $profileRequest->getGraphNode()
77
            ->asArray();
78
    }
79
    catch(FacebookResponseException $e) {
80
        echo 'Graph returned an error: ' . $e->getMessage();
81
        session_destroy();
82
        // Redirect user back to app login page
31 - 83
        MySessionHandler::commit(session_id());
65 - 84
        header("Location: ./");
85
        exit;
86
    }
87
    catch(FacebookSDKException $e) {
88
        echo 'Facebook SDK returned an error: ' . $e->getMessage();
89
        exit;
90
    }
91
 
92
    // Initialize User class
93
    $user = new User();
94
 
25 - 95
    // Getting user profile info
65 - 96
    $fbUserData = array();
97
    $fbUserData['oauth_uid'] = !empty($fbUserProfile['id']) ? $fbUserProfile['id'] : '';
98
    $fbUserData['first_name'] = !empty($fbUserProfile['first_name']) ? $fbUserProfile['first_name'] : '';
99
    $fbUserData['last_name'] = !empty($fbUserProfile['last_name']) ? $fbUserProfile['last_name'] : '';
100
    $fbUserData['email'] = !empty($fbUserProfile['email']) ? $fbUserProfile['email'] : '';
101
    $fbUserData['picture'] = !empty($fbUserProfile['picture']['url']) ? $fbUserProfile['picture']['url'] : '';
102
    $fbUserData['link'] = !empty($fbUserProfile['link']) ? $fbUserProfile['link'] : '';
103
 
104
    // Insert or update user data to the database
25 - 105
    $fbUserData['oauth_provider'] = 'facebook';
65 - 106
    $userData = $user->checkUser($fbUserData);
107
 
108
    // Get logout url
109
    $logoutURL = $helper->getLogoutUrl($fbAccessToken, BASE_URL . 'userAccount.php?logoutSubmit=1');
110
 
25 - 111
    // Store login status into the session
35 - 112
    $sessData['userLoggedIn'] = true;
25 - 113
    $sessData['userID'] = $userData['id'];
65 - 114
    $sessData['loginType'] = 'social';
25 - 115
    $_SESSION['sessData'] = $sessData;
65 - 116
 
25 - 117
    // Redirect to my account
31 - 118
    MySessionHandler::commit(session_id());
25 - 119
    header("Location: account.php");
65 - 120
    exit();
25 - 121
}
65 - 122
else {
123
    // Get login url
124
    $fbLoginURL = $helper->getLoginUrl(SOCIAL_REDIRECT_URL, array(
125
        'email'
126
    ));
127
    $fbLoginURL = filter_var($fbLoginURL, FILTER_SANITIZE_URL);
128
}
25 - 129
 
130
/*
131
 * Google OAuth
65 - 132
*/
25 - 133
// Include Google client library
134
require_once 'social_oauth_lib/google-php-client/Google_Client.php';
135
require_once 'social_oauth_lib/google-php-client/contrib/Google_Oauth2Service.php';
136
 
137
// Call Google API
138
$gClient = new Google_Client();
139
$gClient->setApplicationName('Login to FindCheapMusic.com');
140
$gClient->setClientId(GP_CLIENT_ID);
141
$gClient->setClientSecret(GP_CLIENT_SECRET);
142
$gClient->setRedirectUri(SOCIAL_REDIRECT_URL);
143
 
144
$google_oauthV2 = new Google_Oauth2Service($gClient);
145
 
65 - 146
if (isset($_GET['code'])) {
147
    $gClient->authenticate($_GET['code']);
148
    $_SESSION['google_access_token'] = $gClient->getAccessToken();
31 - 149
    MySessionHandler::commit(session_id());
65 - 150
    header('Location: ' . filter_var(BASE_URL, FILTER_SANITIZE_URL));
151
    exit;
25 - 152
}
153
 
65 - 154
if (isset($_SESSION['google_access_token'])) {
155
    $gClient->setAccessToken($_SESSION['google_access_token']);
25 - 156
}
157
 
65 - 158
if ($gClient->getAccessToken() && !isset($_GET['logoutSubmit'])) {
159
    // Get user profile data from google
160
    $gpUserProfile = $google_oauthV2
161
        ->userinfo
162
        ->get();
163
 
164
    // Initialize User class
165
    $user = new User();
166
 
167
    // Getting user profile info
168
    $gpUserData = array();
169
    $gpUserData['oauth_uid'] = !empty($gpUserProfile['id']) ? $gpUserProfile['id'] : '';
170
    $gpUserData['first_name'] = !empty($gpUserProfile['given_name']) ? $gpUserProfile['given_name'] : '';
171
    $gpUserData['last_name'] = !empty($gpUserProfile['family_name']) ? $gpUserProfile['family_name'] : '';
172
    $gpUserData['email'] = !empty($gpUserProfile['email']) ? $gpUserProfile['email'] : '';
173
    $gpUserData['picture'] = !empty($gpUserProfile['picture']) ? $gpUserProfile['picture'] : '';
174
    $gpUserData['link'] = !empty($gpUserProfile['link']) ? $gpUserProfile['link'] : '';
175
 
176
    // Insert or update user data to the database
25 - 177
    $gpUserData['oauth_provider'] = 'google';
178
    $userData = $user->checkUser($gpUserData);
65 - 179
 
180
    // Store login status into the session
35 - 181
    $sessData['userLoggedIn'] = true;
25 - 182
    $sessData['userID'] = $userData['id'];
65 - 183
    $sessData['loginType'] = 'social';
25 - 184
    $_SESSION['sessData'] = $sessData;
65 - 185
 
25 - 186
    // Redirect to my account
31 - 187
    MySessionHandler::commit(session_id());
25 - 188
    header("Location: account.php");
65 - 189
    exit();
25 - 190
}
65 - 191
else {
192
    $gpLoginURL = $gClient->createAuthUrl();
193
    $gpLoginURL = filter_var($gpLoginURL, FILTER_SANITIZE_URL);
194
}
25 - 195
 
196
/*
197
 * Twitter OAuth
65 - 198
*/
199
// Include Twitter client library
25 - 200
require_once 'social_oauth_lib/twitter-php-oauth/twitteroauth.php';
201
 
202
// If OAuth token not matched
65 - 203
if (isset($_REQUEST['oauth_token']) && $_SESSION['twitter_access_token'] !== $_REQUEST['oauth_token']) {
204
    // Remove token from session
205
    unset($_SESSION['twitter_access_token']);
206
    unset($_SESSION['twitter_token_secret']);
25 - 207
}
208
 
65 - 209
// If user already verified
210
if (isset($_SESSION['status']) && $_SESSION['status'] == 'verified' && !empty($_SESSION['request_vars'])) {
211
    // Retrive variables from session
212
    $username = $_SESSION['request_vars']['screen_name'];
213
    $twitterId = $_SESSION['request_vars']['user_id'];
214
    $oauthToken = $_SESSION['request_vars']['oauth_token'];
215
    $oauthTokenSecret = $_SESSION['request_vars']['oauth_token_secret'];
216
    $profilePicture = $_SESSION['userData']['picture'];
25 - 217
 
65 - 218
}
219
elseif (isset($_REQUEST['oauth_token']) && $_SESSION['twitter_access_token'] == $_REQUEST['oauth_token']) {
220
    // Call Twitter API
221
    $twClient = new TwitterOAuth(TW_CONSUMER_KEY, TW_CONSUMER_SECRET, $_SESSION['twitter_access_token'], $_SESSION['twitter_token_secret']);
222
 
223
    // Get OAuth token
224
    $tw_access_token = $twClient->getAccessToken($_REQUEST['oauth_verifier']);
225
 
226
    // If returns success
227
    if ($twClient->http_code == '200') {
228
        // Storing access token data into session
229
        $_SESSION['status'] = 'verified';
230
        $_SESSION['request_vars'] = $tw_access_token;
231
 
232
        // Get user profile data from twitter
233
        $userInfo = $twClient->get('account/verify_credentials', ['include_email' => 'true']);
234
 
235
        // Initialize User class
236
        $user = new User();
237
 
238
        // Getting user profile info
25 - 239
        $name = explode(" ", $userInfo->name);
240
        $twUserData = array();
65 - 241
        $twUserData['oauth_uid'] = !empty($userInfo->id) ? $userInfo->id : '';
242
        $twUserData['first_name'] = !empty($name[0]) ? $name[0] : '';
243
        $twUserData['last_name'] = !empty($name[1]) ? $name[1] : '';
244
        $twUserData['email'] = !empty($userInfo->email) ? $userInfo->email : '';
245
        $twUserData['picture'] = !empty($userInfo->profile_image_url) ? str_replace('http://', 'https://', $userInfo->profile_image_url) : '';
246
        $twUserData['link'] = !empty($userInfo->screen_name) ? 'https://twitter.com/' . $userInfo->screen_name : '';
247
        $twUserData['username'] = !empty($userInfo->screen_name) ? $userInfo->screen_name : '';
248
 
25 - 249
        // Insert or update user data to the database
250
        $twUserData['oauth_provider'] = 'twitter';
65 - 251
        $userData = $user->checkUser($twUserData);
252
 
253
        // Store login status into the session
35 - 254
        $sessData['userLoggedIn'] = true;
25 - 255
        $sessData['userID'] = $userData['id'];
65 - 256
        $sessData['loginType'] = 'social';
25 - 257
        $_SESSION['sessData'] = $sessData;
65 - 258
 
259
        // Remove oauth token and secret from session
260
        unset($_SESSION['twitter_access_token']);
261
        unset($_SESSION['twitter_token_secret']);
262
 
263
        // Redirect to my account
31 - 264
        MySessionHandler::commit(session_id());
25 - 265
        header("Location: account.php");
266
        exit();
65 - 267
    }
268
}
269
else {
270
    // Fresh authentication
271
    $twClient = new TwitterOAuth(TW_CONSUMER_KEY, TW_CONSUMER_SECRET);
272
    $request_token = $twClient->getRequestToken(SOCIAL_REDIRECT_URL);
25 - 273
 
65 - 274
    // Get twitter oauth url
275
    $_SESSION['twitter_access_token'] = $request_token['oauth_token'];
276
    $_SESSION['twitter_token_secret'] = $request_token['oauth_token_secret'];
25 - 277
 
65 - 278
    // If authentication returns success
279
    if ($twClient->http_code == '200') {
280
        $twLoginURL = $twClient->getAuthorizeURL($request_token['oauth_token']);
281
        $twLoginURL = filter_var($twLoginURL, FILTER_SANITIZE_URL);
282
    }
25 - 283
}
284
?>