Subversion Repositories cheapmusic

Rev

Rev 26 | Rev 35 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed

<?php
/*
 * Facebook OAuth
 */
// Include the autoloader provided in the SDK
require_once __DIR__ . '/social_oauth_lib/facebook-php-sdk/autoload.php';

// Include required libraries
use Facebook\Facebook;
use Facebook\Exceptions\FacebookResponseException;
use Facebook\Exceptions\FacebookSDKException;

$fb = new Facebook(array(
        'app_id' => FB_APP_ID,
        'app_secret' => FB_APP_SECRET,
        'default_graph_version' => 'v2.10',
    'persistent_data_handler' => 'session'
));

// Get redirect login helper
$helper = $fb->getRedirectLoginHelper();

if(isset($_GET['state'])){
    $_SESSION['FBRLH_state'] = $_GET['state'];
}

if((isset($_REQUEST['state']) && isset($_REQUEST['code'])) || isset($_SESSION['facebook_access_token'])){
    // Try to get access token
    try {
        if(isset($_SESSION['facebook_access_token'])){
            $fbAccessToken = $_SESSION['facebook_access_token'];
        }else{
            $fbAccessToken = $helper->getAccessToken(SOCIAL_REDIRECT_URL);
        }
    } catch(FacebookResponseException $e) {
        echo 'Graph returned an error: ' . $e->getMessage();
        exit;
    } catch(FacebookSDKException $e) {
        echo 'Facebook SDK returned an error: ' . $e->getMessage();
        exit;
    }
}

if(isset($fbAccessToken)){
        if(isset($_SESSION['facebook_access_token'])){
                $fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
        }else{
                // Put short-lived access token in session
                $_SESSION['facebook_access_token'] = (string) $fbAccessToken;
                
                // OAuth 2.0 client handler helps to manage access tokens
                $oAuth2Client = $fb->getOAuth2Client();
                
                // Exchanges a short-lived access token for a long-lived one
                $longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($_SESSION['facebook_access_token']);
                $_SESSION['facebook_access_token'] = (string) $longLivedAccessToken;
                
                // Set default access token to be used in script
                $fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
        }
        
        // Redirect the user back to the same page if url has "code" parameter in query string
        if(isset($_GET['code'])){
        MySessionHandler::commit(session_id());
                header('Location: ./');
                exit;
        }
        
        // Getting user facebook profile info
        try {
                $profileRequest = $fb->get('/me?fields=name,first_name,last_name,email,link,picture');
                $fbUserProfile = $profileRequest->getGraphNode()->asArray();
        } catch(FacebookResponseException $e) {
                echo 'Graph returned an error: ' . $e->getMessage();
                session_destroy();
                // Redirect user back to app login page
        MySessionHandler::commit(session_id());
                header("Location: ./");
                exit;
        } catch(FacebookSDKException $e) {
                echo 'Facebook SDK returned an error: ' . $e->getMessage();
                exit;
        }
        
        // Initialize User class
        $user = new User();
    
    // Getting user profile info
        $fbUserData = array();
        $fbUserData['oauth_uid']  = !empty($fbUserProfile['id'])?$fbUserProfile['id']:'';
        $fbUserData['first_name'] = !empty($fbUserProfile['first_name'])?$fbUserProfile['first_name']:'';
        $fbUserData['last_name']  = !empty($fbUserProfile['last_name'])?$fbUserProfile['last_name']:'';
        $fbUserData['email']      = !empty($fbUserProfile['email'])?$fbUserProfile['email']:'';
        $fbUserData['picture']    = !empty($fbUserProfile['picture']['url'])?$fbUserProfile['picture']['url']:'';
        $fbUserData['link']       = !empty($fbUserProfile['link'])?$fbUserProfile['link']:'';
        
        // Insert or update user data to the database
    $fbUserData['oauth_provider'] = 'facebook';
        $userData = $user->checkUser($fbUserData);
        
        // Get logout url
        $logoutURL = $helper->getLogoutUrl($fbAccessToken, BASE_URL.'userAccount.php?logoutSubmit=1');
        
    // Store login status into the session
    $sessData['userLoggedIn'] = TRUE;
    $sessData['userID'] = $userData['id'];
        $sessData['loginType'] = 'social';
    $_SESSION['sessData'] = $sessData;
    
    // Redirect to my account
    MySessionHandler::commit(session_id());
    header("Location: account.php");
        exit();
}else{
        // Get login url
        $fbLoginURL = $helper->getLoginUrl(SOCIAL_REDIRECT_URL, array('email'));
        $fbLoginURL = filter_var($fbLoginURL, FILTER_SANITIZE_URL);
}


/*
 * Google OAuth
 */
// Include Google client library
require_once 'social_oauth_lib/google-php-client/Google_Client.php';
require_once 'social_oauth_lib/google-php-client/contrib/Google_Oauth2Service.php';

// Call Google API
$gClient = new Google_Client();
$gClient->setApplicationName('Login to FindCheapMusic.com');
$gClient->setClientId(GP_CLIENT_ID);
$gClient->setClientSecret(GP_CLIENT_SECRET);
$gClient->setRedirectUri(SOCIAL_REDIRECT_URL);

$google_oauthV2 = new Google_Oauth2Service($gClient);

if(isset($_GET['code'])){
        $gClient->authenticate($_GET['code']);
        $_SESSION['google_access_token'] = $gClient->getAccessToken();
    MySessionHandler::commit(session_id());
        header('Location: ' . filter_var(BASE_URL, FILTER_SANITIZE_URL));
        exit;
}

if(isset($_SESSION['google_access_token'])){
        $gClient->setAccessToken($_SESSION['google_access_token']);
}

if($gClient->getAccessToken() && !isset($_GET['logoutSubmit'])){
        // Get user profile data from google
        $gpUserProfile = $google_oauthV2->userinfo->get();
        
        // Initialize User class
        $user = new User();
        
        // Getting user profile info
        $gpUserData = array();
        $gpUserData['oauth_uid']  = !empty($gpUserProfile['id'])?$gpUserProfile['id']:'';
        $gpUserData['first_name'] = !empty($gpUserProfile['given_name'])?$gpUserProfile['given_name']:'';
        $gpUserData['last_name']  = !empty($gpUserProfile['family_name'])?$gpUserProfile['family_name']:'';
        $gpUserData['email']      = !empty($gpUserProfile['email'])?$gpUserProfile['email']:'';
        $gpUserData['picture']    = !empty($gpUserProfile['picture'])?$gpUserProfile['picture']:'';
        $gpUserData['link']       = !empty($gpUserProfile['link'])?$gpUserProfile['link']:'';
        
        // Insert or update user data to the database
    $gpUserData['oauth_provider'] = 'google';
    $userData = $user->checkUser($gpUserData);
        
        // Store login status into the session
    $sessData['userLoggedIn'] = TRUE;
    $sessData['userID'] = $userData['id'];
        $sessData['loginType'] = 'social';
    $_SESSION['sessData'] = $sessData;
    
    // Redirect to my account
    MySessionHandler::commit(session_id());
    header("Location: account.php");
        exit();
}else{
        $gpLoginURL = $gClient->createAuthUrl();
        $gpLoginURL = filter_var($gpLoginURL, FILTER_SANITIZE_URL);
}

/*
 * Twitter OAuth
 */
// Include Twitter client library 
require_once 'social_oauth_lib/twitter-php-oauth/twitteroauth.php';

// If OAuth token not matched
if(isset($_REQUEST['oauth_token']) && $_SESSION['twitter_access_token'] !== $_REQUEST['oauth_token']){
        // Remove token from session
        unset($_SESSION['twitter_access_token']);
        unset($_SESSION['twitter_token_secret']);
}

// If user already verified 
if(isset($_SESSION['status']) && $_SESSION['status'] == 'verified' && !empty($_SESSION['request_vars'])){
        // Retrive variables from session
        $username                 = $_SESSION['request_vars']['screen_name'];
        $twitterId                = $_SESSION['request_vars']['user_id'];
        $oauthToken       = $_SESSION['request_vars']['oauth_token'];
        $oauthTokenSecret = $_SESSION['request_vars']['oauth_token_secret'];
        $profilePicture   = $_SESSION['userData']['picture'];
        
}elseif(isset($_REQUEST['oauth_token']) && $_SESSION['twitter_access_token'] == $_REQUEST['oauth_token']){
        // Call Twitter API
        $twClient = new TwitterOAuth(TW_CONSUMER_KEY, TW_CONSUMER_SECRET, $_SESSION['twitter_access_token'] , $_SESSION['twitter_token_secret']);
        
        // Get OAuth token
        $tw_access_token = $twClient->getAccessToken($_REQUEST['oauth_verifier']);
        
        // If returns success
        if($twClient->http_code == '200'){
                // Storing access token data into session
                $_SESSION['status'] = 'verified';
                $_SESSION['request_vars'] = $tw_access_token;
                
                // Get user profile data from twitter
                $userInfo = $twClient->get('account/verify_credentials', ['include_email' => 'true']);

                // Initialize User class
                $user = new User();
                
                // Getting user profile info
        $name = explode(" ", $userInfo->name);
        $twUserData = array();
        $twUserData['oauth_uid']  = !empty($userInfo->id)?$userInfo->id:'';
        $twUserData['first_name'] = !empty($name[0])?$name[0]:'';
        $twUserData['last_name']  = !empty($name[1])?$name[1]:'';
        $twUserData['email']      = !empty($userInfo->email)?$userInfo->email:'';
        $twUserData['picture']    = !empty($userInfo->profile_image_url)?$userInfo->profile_image_url:'';
        $twUserData['link']       = !empty($userInfo->screen_name)?'https://twitter.com/'.$userInfo->screen_name:'';
        $twUserData['username']   = !empty($userInfo->screen_name)?$userInfo->screen_name:'';
        
        // Insert or update user data to the database
        $twUserData['oauth_provider'] = 'twitter';
                $userData = $user->checkUser($twUserData);
                
                // Store login status into the session
        $sessData['userLoggedIn'] = TRUE;
        $sessData['userID'] = $userData['id'];
                $sessData['loginType'] = 'social';
        $_SESSION['sessData'] = $sessData;
                
                // Remove oauth token and secret from session
                unset($_SESSION['twitter_access_token']);
                unset($_SESSION['twitter_token_secret']);
                
                // Redirect to my account
        MySessionHandler::commit(session_id());
        header("Location: account.php");
        exit();
        }
}else{
        // Fresh authentication
        $twClient = new TwitterOAuth(TW_CONSUMER_KEY, TW_CONSUMER_SECRET);
        $request_token = $twClient->getRequestToken(SOCIAL_REDIRECT_URL);

        // Get twitter oauth url
        $_SESSION['twitter_access_token'] = $request_token['oauth_token'];
        $_SESSION['twitter_token_secret'] = $request_token['oauth_token_secret'];

        // If authentication returns success
        if($twClient->http_code == '200'){
                $twLoginURL = $twClient->getAuthorizeURL($request_token['oauth_token']);
                $twLoginURL = filter_var($twLoginURL, FILTER_SANITIZE_URL);
        }
}
?>