98 lines
2.7 KiB
PHP
98 lines
2.7 KiB
PHP
<?php defined('SYSPATH') or die('No direct access allowed.');
|
|
|
|
/**
|
|
* This class extends Auth_ORM to enable external authentication
|
|
*
|
|
* @package OAuth
|
|
* @category Classes
|
|
* @author Deon George
|
|
* @copyright (c) 2009-2013 Deon George
|
|
* @license http://dev.leenooks.net/license.html
|
|
*/
|
|
abstract class Auth_ORM_External_OAuth extends Auth_ORM_External {
|
|
// OAuth Objects
|
|
protected $consumer;
|
|
protected $provider;
|
|
protected $token;
|
|
|
|
public function __construct(Model_Oauth $oo) {
|
|
// If our user refused, then no point continuing
|
|
if ($problem = Arr::get($_REQUEST,'oauth_problem'))
|
|
switch ($problem) {
|
|
case 'user_refused':
|
|
HTTP::redirect('login');
|
|
default:
|
|
throw HTTP_Exception::factory(501,'Unknown OAuth Problem :problem',array(':problem'=>$problem));
|
|
}
|
|
|
|
parent::__construct($oo);
|
|
|
|
// Load the provider
|
|
$this->provider = OAuth_Provider::factory($this->oo->name);
|
|
|
|
// Load the consumer for this provider
|
|
$this->consumer = OAuth_Consumer::factory(array(
|
|
'key'=>$this->oo->app_id,
|
|
'secret'=>$this->oo->secret,
|
|
));
|
|
}
|
|
|
|
protected function _login($user,$password,$remember) {
|
|
// During login, we dont need to keep out token anymore
|
|
Session::instance()->delete('oauth.token');
|
|
|
|
return parent::_login($user,$password,$remember);
|
|
}
|
|
|
|
/**
|
|
* Is user currently log in??
|
|
* If we have a valid token, then we are.
|
|
*/
|
|
public function logged_in($role=NULL,$debug=NULL) {
|
|
// Attempt to complete signin
|
|
if ($verifier = Arr::get($_REQUEST,'oauth_verifier')) {
|
|
// Restart the login process
|
|
if (! $token = Session::instance()->get_once('oauth.request') OR $token->token !== Arr::get($_REQUEST,'oauth_token'))
|
|
return FALSE;
|
|
|
|
// Store the verifier in the token
|
|
$token->verifier($verifier);
|
|
|
|
// Exchange the request token for an access token
|
|
$this->token = $this->provider->access_token($this->consumer,$token);
|
|
|
|
// Store the access token
|
|
Session::instance()->set('oauth.token',$this->token);
|
|
|
|
// Otherwise try and get our token from our session.
|
|
} else {
|
|
$this->token = Session::instance()->get('oauth.token');
|
|
}
|
|
|
|
// @todo We need to check that the token is still valid.
|
|
return $this->token ? TRUE : FALSE;
|
|
}
|
|
|
|
/**
|
|
* Our URL that starts the login process
|
|
*/
|
|
public function login_url() {
|
|
// Add the callback URL to the consumer
|
|
$this->consumer->callback(URL::site('oauth/login/'.$this->oo->name,TRUE));
|
|
|
|
// Get a request token for the consumer
|
|
$token = $this->provider->request_token($this->consumer);
|
|
|
|
// Store the token
|
|
Session::instance()->set('oauth.request',$token);
|
|
|
|
// Get the login URL from the provider
|
|
return $this->provider->authorize_url($token);
|
|
}
|
|
|
|
public function user_id() {
|
|
return $this->provider->user_details($this->consumer,$this->token)->id();
|
|
}
|
|
}
|
|
?>
|