0,0 → 1,103 |
<?php |
|
/* |
* OIDplus 2.0 |
* Copyright 2020 Daniel Marschall, ViaThinkSoft |
* |
* Licensed under the Apache License, Version 2.0 (the "License"); |
* you may not use this file except in compliance with the License. |
* You may obtain a copy of the License at |
* |
* http://www.apache.org/licenses/LICENSE-2.0 |
* |
* Unless required by applicable law or agreed to in writing, software |
* distributed under the License is distributed on an "AS IS" BASIS, |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
* See the License for the specific language governing permissions and |
* limitations under the License. |
*/ |
|
# More information about the OAuth2 implementation: |
# - https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow |
# - https://developers.facebook.com/tools/explorer/ |
|
require_once __DIR__ . '/../../../includes/oidplus.inc.php'; |
|
OIDplus::init(true); |
|
if (!OIDplus::baseConfig()->getValue('FACEBOOK_OAUTH2_ENABLED', false)) { |
throw new OIDplusException(_L('Facebook OAuth authentication is disabled on this system.')); |
} |
|
if (!isset($_GET['code'])) die(); |
if (!isset($_GET['state'])) die(); |
|
if ($_GET['state'] != $_COOKIE['csrf_token']) { |
die('Invalid CSRF token'); |
} |
|
// Get access token |
|
$ch = curl_init(); |
curl_setopt($ch, CURLOPT_URL,"https://graph.facebook.com/v8.0/oauth/access_token?". |
"client_id=".urlencode(OIDplus::baseConfig()->getValue('FACEBOOK_OAUTH2_CLIENT_ID'))."&". |
"redirect_uri=".urlencode(OIDplus::getSystemUrl(false).OIDplus::webpath(__DIR__).'oauth.php')."&". |
"client_secret=".urlencode(OIDplus::baseConfig()->getValue('FACEBOOK_OAUTH2_CLIENT_SECRET'))."&". |
"code=".$_GET['code'] |
); |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); |
$cont = curl_exec($ch); |
curl_close($ch); |
$data = json_decode($cont,true); |
if (isset($data['error'])) { |
echo '<h2>Error at step 2</h2>'; |
echo '<p>'.$data['error']['message'].'</p>'; |
die(); |
} |
$access_token = $data['access_token']; |
|
// Get user infos |
|
$ch = curl_init(); |
curl_setopt($ch, CURLOPT_URL,"https://graph.facebook.com/v8.0/me?". |
"fields=id,email,name&". |
"access_token=".urlencode($access_token) |
); |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); |
$cont = curl_exec($ch); |
curl_close($ch); |
$data = json_decode($cont,true); |
if (isset($data['error'])) { |
echo '<h2>Error at step 2</h2>'; |
echo '<p>'.$data['error']['message'].'</p>'; |
die(); |
} |
$personal_name = $data['name']; |
$email = !isset($data['email']) ? '' : $data['email']; |
if (empty($email)) { |
echo '<h2>Facebook Login</h2>'; |
echo '<p>Your Facebook account does not have an email address.</p>'; |
die(); |
} |
|
// Everything's done! Now login and/or create account |
|
if (!empty($email)) { |
$ra = new OIDplusRA($email); |
if (!$ra->existing()) { |
$ra->register_ra(null); // create a user account without password |
|
OIDplus::db()->query("update ###ra set ra_name = ?, personal_name = ? where email = ?", array($personal_name, $personal_name, $email)); |
|
OIDplus::logger()->log("[INFO]RA($email)!", "RA '$email' was created because of successful Facebook OAuth2 login"); |
} |
|
OIDplus::logger()->log("[OK]RA($email)!", "RA '$email' logged in via Facebook OAuth2"); |
OIDplus::authUtils()::raLogin($email); |
|
OIDplus::db()->query("UPDATE ###ra set last_login = ".OIDplus::db()->sqlDate()." where email = ?", array($email)); |
|
// Go back to OIDplus |
|
header('Location:'.OIDplus::getSystemUrl(false)); |
} |