This repository has been archived on 2024-04-08. You can view files and clone it, but cannot push or open issues or pull requests.
khosb/modules/oauth/classes/Auth/ORM/External/OAuth2.php
2013-10-10 13:56:13 +11:00

87 lines
2.5 KiB
PHP

<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class extends Auth_ORM to enable external authentication
*
* @package OAuth
* @category Classes
* @author Deon George
* @copyright (c) 2009-2013 Deon George
* @license http://dev.leenooks.net/license.html
*/
abstract class Auth_ORM_External_OAuth2 extends Auth_ORM_External {
// OAuth Objects
protected $client;
protected $provider;
protected $token;
public function __construct(Model_Oauth $oo) {
// If our user refused, then no point continuing
if ($problem = Arr::get($_REQUEST,'error'))
switch ($problem) {
case 'access_denied':
HTTP::redirect('login');
default:
throw HTTP_Exception::factory(501,'Unknown OAuth Problem :problem',array(':problem'=>$problem));
}
parent::__construct($oo);
// Load the provider
$this->provider = OAuth2_Provider::factory($this->oo->name);
// Load the client for this provider
$this->client = OAuth2_Client::factory(array(
'id'=>$this->oo->app_id,
'secret'=>$this->oo->secret,
));
}
/**
* Is user currently log in??
* If we have a valid token, then we are.
*/
public function logged_in($role=NULL,$debug=NULL) {
// Attempt to complete signin
if ($code = Arr::get($_REQUEST,'code')) {
$state = Arr::get($_REQUEST,'state');
if (! $state OR $state != Session::instance()->get_once('oauth.state'))
return FALSE;
// Add the callback URL to the consumer
$this->client->callback(URL::site('oauth/login/'.$this->oo->name,TRUE));
// Exchange the authorization code for an access token
$this->token = $this->provider->access_token($this->client,$code);
Session::instance()->set('oauth.token',$this->token);
// Otherwise try and get our token from our session.
} else {
$this->token = Session::instance()->get_once('oauth.token');
}
// @todo We need to check that the token is still valid.
return $this->token ? TRUE : FALSE;
}
/**
* Our URL that starts the login process
*/
public function login_url() {
$state = sha1($this->oo->name.time());
Session::instance()->set('oauth.state',$state);
// Add the callback URL to the consumer
$this->client->callback(URL::site('oauth/login/'.$this->oo->name,TRUE));
// Get the login URL from the provider
return $this->provider->authorize_url($this->client,array('state'=>$state));
}
public function user_id() {
return $this->provider->user_details($this->client,array('access_token'=>$this->token))->id();
}
}
?>