function auth0_login_auth0_user in Auth0 Single Sign On 7.2
Log in an Auth0 authenticated user.
1 call to auth0_login_auth0_user()
- auth0_callback in ./
auth0.module - User login API callback.
File
- ./
auth0.module, line 288
Code
function auth0_login_auth0_user($user_info, $id_token) {
$requires_email = variable_get('auth0_requires_email', TRUE);
$requires_verified_email = $requires_email && variable_get('user_email_verification', TRUE);
// Allow other modules to modify the Auth0 user before processing the login.
drupal_alter('auth0_user_pre_login', $user_info, $id_token);
// Check that the user account has an e-mail address if one is required.
if ($requires_email && empty($user_info['email'])) {
return drupal_set_message(t('This account does not have an e-mail address associated with it. Please log in with a different provider.'), 'error');
}
// Check that the user has a verified e-mail address if that is required.
if ($requires_verified_email && isset($user_info['email']) && empty($user_info['email_verified'])) {
return auth0_fail_with_verify_email($id_token);
}
// See if there is a user in the auth0_user table with the user info client id
function_exists('dd') && dd($user_info['user_id'], 'looking up drupal user by auth0 user_id');
$uid = auth0_find_auth0_user($user_info['user_id']);
if ($uid) {
function_exists('dd') && dd($uid, 'uid of existing drupal user found');
// The user exists. Update the auth0_user with the new userInfo object.
auth0_update_auth0_object($user_info);
// Update field and role mappings
auth0_update_fields_and_roles($user_info, $uid);
// Log in the user.
return auth0_authenticate_user($uid);
}
else {
function_exists('dd') && dd('existing drupal user NOT found');
// If the user doesn't exist we need to either create a new one, or assign
// him to an existing one.
$isDatabaseUser = FALSE;
/* Make sure we have the identities array, if not, fetch it from the user endpoint */
$hasIdentities = is_object($user_info) && $user_info
->has('identities') || is_array($user_info) && array_key_exists('identities', $user_info);
if (!$hasIdentities) {
$mgmtClient = new Management($id_token, variable_get('auth0_domain', ''));
$user = $mgmtClient->users
->get($user_info['user_id']);
$user_info['identities'] = $user['identities'];
}
foreach ($user_info['identities'] as $identity) {
if ($identity['provider'] == "auth0") {
$isDatabaseUser = TRUE;
}
}
function_exists('dd') && dd($isDatabaseUser, 'isDatabaseUser');
$joinUser = FALSE;
if (variable_get('auth0_join_user_by_mail_enabled', FALSE)) {
function_exists('dd') && dd($user_info['email'], 'join user by mail is enabled, looking up user by email');
// If the user has a verified email or is a database user try to see if there is
// a user to join with. The isDatabase is because we don't want to allow database
// user creation if there is an existing one with no verified email.
if (!empty($user_info['email_verified']) || $isDatabaseUser) {
$joinUser = user_load_by_mail($user_info['email']);
}
}
else {
function_exists('dd') && dd($user_info['email'], 'join user by mail is not enabled, skipping lookup user by email');
}
if ($joinUser) {
function_exists('dd') && dd($joinUser->uid, 'drupal user found by email with uid');
// If we are here, we have a potential join user.
// Don't allow creation or assignation of user if the email is not verified, that would
// be hijacking.
if (empty($user_info['email_verified'])) {
return auth0_fail_with_verify_email($id_token);
}
$uid = $joinUser->uid;
}
else {
// If we are here, we need to create the user.
// Check drupal settings to see if new users are allowed to register.
if (variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL) == USER_REGISTER_ADMINISTRATORS_ONLY) {
return drupal_set_message(t('Only site administrators can create new user accounts.'), 'error');
}
else {
function_exists('dd') && dd('creating new drupal user from auth0 user');
$uid = auth0_create_user_from_auth0($user_info);
}
}
function_exists('dd') && dd($uid, 'inserting auth0 user with uid');
auth0_insert_auth0_user($user_info, $uid);
// Update field and role mappings
auth0_update_fields_and_roles($user_info, $uid);
// Log in the user.
return auth0_authenticate_user($uid);
}
return FALSE;
}