View source
<?php
function hybridauth_endpoint() {
drupal_session_start();
$lib_path = libraries_get_path('hybridauth', FALSE);
if ($lib_path) {
try {
require_once $lib_path . '/index.php';
} catch (Exception $e) {
watchdog_exception('hybridauth', $e);
}
}
return MENU_ACCESS_DENIED;
}
function hybridauth_popup() {
global $user;
$provider_id = isset($_REQUEST['provider']) ? $_REQUEST['provider'] : NULL;
if (empty($provider_id) || $provider_id == 'none') {
if (isset($_COOKIE['__ha_provider']) && !empty($_COOKIE['__ha_provider'])) {
$provider_id = $_COOKIE['__ha_provider'];
}
}
else {
setcookie('__ha_provider', $provider_id, REQUEST_TIME + 31536000, base_path(), variable_get('cookie_domain', ''));
}
drupal_session_start();
module_load_include('inc', 'hybridauth', 'hybridauth.auth');
try {
$hybridauth = hybridauth_get_instance();
} catch (ErrorException $e) {
drupal_set_message(t('There was an error processing your request!'), 'error');
watchdog_exception('hybridauth', $e);
$GLOBALS['devel_shutdown'] = FALSE;
$destination = isset($_GET['destination']) ? $_GET['destination'] : 'user';
drupal_add_js('
if (window.opener){
try { window.opener.parent.$.colorbox.close(); } catch(err) {}
window.opener.parent.location.href = "' . url($destination, array(
'absolute' => TRUE,
)) . '";
}
window.self.close();
', 'inline');
$page = array(
'page_top' => '',
'#children' => 'Closing...',
'page_bottom' => '',
);
print theme('html', array(
'page' => $page,
));
drupal_exit();
} catch (Exception $e) {
$redirect = TRUE;
switch ($e
->getCode()) {
case 5:
$redirect = FALSE;
break;
case 0:
case 1:
case 2:
case 3:
case 4:
default:
drupal_set_message(t('There was an error processing your request!'), 'error');
watchdog_exception('hybridauth', $e);
}
$GLOBALS['devel_shutdown'] = FALSE;
$destination = isset($_GET['destination']) ? $_GET['destination'] : 'user';
drupal_add_js('
var redirect = ' . ($redirect ? 'true' : 'false') . ';
if (window.opener && redirect) {
try { window.opener.parent.$.colorbox.close(); } catch(err) {}
window.opener.parent.location.href = "' . url($destination, array(
'absolute' => TRUE,
)) . '";
}
window.self.close();
', 'inline');
$page = array(
'page_top' => '',
'#children' => 'Closing...',
'page_bottom' => '',
);
print theme('html', array(
'page' => $page,
));
drupal_exit();
}
if (empty($provider_id) || $provider_id == 'none' || $provider_id == 'list') {
return _hybridauth_popup_list($hybridauth);
}
elseif ($provider_id == 'OpenID' && !isset($_GET['openid_identifier'])) {
$destination = isset($_GET['destination']) ? $_GET['destination'] : 'user';
unset($_GET['destination']);
$query = drupal_get_query_parameters();
$query['destination'] = $destination;
drupal_goto('hybridauth/popup/openid', array(
'query' => $query,
));
}
elseif (isset($_GET['authenticate']) && $_GET['authenticate']) {
return _hybridauth_popup_auth($hybridauth, $provider_id);
}
else {
return _hybridauth_popup_provider($hybridauth, $provider_id);
}
return MENU_ACCESS_DENIED;
}
function _hybridauth_popup_list($hybridauth) {
_hybridauth_add_widget_css();
$build = array(
'#markup' => theme('hybridauth_popup_list', array()),
);
if (isset($_GET['overlay']) && $_GET['overlay']) {
$page = array(
'page_top' => '',
'#children' => drupal_render($build),
'page_bottom' => '',
);
print theme('html', array(
'page' => $page,
));
drupal_exit();
}
return $build;
}
function _hybridauth_popup_provider($hybridauth, $provider_id) {
_hybridauth_add_widget_css();
$build = array(
'#markup' => theme('hybridauth_popup_provider', array(
'provider_id' => $provider_id,
'done' => TRUE,
)),
);
if (isset($_GET['overlay']) && $_GET['overlay']) {
$page = array(
'page_top' => '',
'#children' => drupal_render($build),
'page_bottom' => '',
);
print theme('html', array(
'page' => $page,
));
drupal_exit();
}
return $build;
}
function _hybridauth_popup_auth($hybridauth, $provider_id) {
$_SESSION['hybridauth'] = array();
$_SESSION['hybridauth']['stat'] = 'ok';
$params = array();
if (isset($_GET['openid_identifier'])) {
$params['openid_identifier'] = $_GET['openid_identifier'];
}
try {
$adapter = $hybridauth
->authenticate($provider_id, $params);
$profile = (array) $adapter
->getUserProfile();
} catch (Exception $e) {
$_SESSION['hybridauth']['stat'] = $e
->getMessage();
drupal_set_message(t('We were unable to complete your request.'), 'error');
watchdog_exception('hybridauth', $e);
$GLOBALS['devel_shutdown'] = FALSE;
$destination = isset($_GET['destination']) ? $_GET['destination'] : 'user';
drupal_add_js('
if (window.opener){
try { window.opener.parent.$.colorbox.close(); } catch(err) {}
window.opener.parent.location.href = "' . url($destination, array(
'absolute' => TRUE,
)) . '";
}
window.self.close();
', 'inline');
$page = array(
'page_top' => '',
'#children' => 'Closing...',
'page_bottom' => '',
);
print theme('html', array(
'page' => $page,
));
drupal_exit();
}
return _hybridauth_popup_process_auth($hybridauth, $adapter, $profile, $provider_id);
}
function _hybridauth_popup_process_auth($hybridauth, $adapter, $profile, $provider_id) {
global $user;
$provider_name = hybridauth_get_provider_name($provider_id);
$_SESSION['hybridauth']['profile'] = $profile;
$_SESSION['hybridauth_provider_info'] = array(
'id' => $provider_id,
'name' => $provider_name,
);
if (isset($_GET['add']) && $_GET['add']) {
if (user_is_logged_in()) {
return _hybridauth_popup_process_auth_addexisting($hybridauth, $adapter, $profile, $provider_id);
}
}
$account = user_external_load(_hybridauth_encode_authname($provider_id, $profile['identifier']));
if (isset($account->uid)) {
if (!variable_get('user_email_verification', TRUE) || $account->login || !empty($account->data['hybridauth_data']['profile']['emailVerified']) && strtolower($account->data['hybridauth_data']['profile']['emailVerified']) == strtolower($account->mail)) {
$state['values']['name'] = $account->name;
user_login_name_validate(array(), $state);
if (!form_get_errors()) {
$form_state['uid'] = $account->uid;
user_login_submit(array(), $form_state);
}
}
else {
drupal_set_message(t('You must validate your email address for this account before logging in with it.'), 'error');
}
$GLOBALS['devel_shutdown'] = FALSE;
$destination = isset($_GET['destination']) ? $_GET['destination'] : 'user';
drupal_add_js('
if (window.opener){
try { window.opener.parent.$.colorbox.close(); } catch(err) {}
window.opener.parent.location.href = "' . url($destination, array(
'absolute' => TRUE,
)) . '";
}
window.self.close();
', 'inline');
$page = array(
'page_top' => '',
'#children' => 'Closing...',
'page_bottom' => '',
);
print theme('html', array(
'page' => $page,
));
drupal_exit();
}
else {
if (variable_get('user_register', 1)) {
if (!variable_get('hybridauth_force_registration_form', FALSE)) {
$form_state['values'] = array();
$form_state['values']['op'] = t('Create new account');
drupal_form_submit('user_register_form', $form_state);
if (!empty($form_state['user'])) {
$account = array(
'user' => $user,
'id' => _hybridauth_encode_authname($provider_id, $profile['identifier']),
'provider_id' => $provider_id,
'provider_name' => $provider_name,
);
module_invoke_all('hybridauth_linked_account', 'insert', $account);
$GLOBALS['devel_shutdown'] = FALSE;
$destination = isset($_GET['destination']) ? $_GET['destination'] : 'user';
drupal_add_js('
if (window.opener){
try { window.opener.parent.$.colorbox.close(); } catch(err) {}
window.opener.parent.location.href = "' . url($destination, array(
'absolute' => TRUE,
)) . '";
}
window.self.close();
', 'inline');
$page = array(
'page_top' => '',
'#children' => 'Closing...',
'page_bottom' => '',
);
print theme('html', array(
'page' => $page,
));
drupal_exit();
}
$messages = drupal_get_messages('error');
if (empty($form_state['values']['mail'])) {
drupal_set_message(t('Although we have verified your account, @provider did not provide us with your e-mail address. Please enter one below to complete your registration. (If you\'ve previously registered with us, please <a href="@login">log in</a> and add your @provider account under "Linked accounts.")', array(
'@provider' => $provider_name,
'@login' => url('user/login'),
)), 'warning');
}
else {
drupal_set_message(t('Although we have verified your account, registration using the information provided by @provider failed due to the reasons listed below. Please complete the registration by filling out the form below. (If you\'ve previously registered with us, please <a href="@login">log in</a> and add your @provider account under "Linked accounts.")', array(
'@provider' => $provider_name,
'@login' => url('user/login'),
)), 'warning');
foreach ($messages['error'] as $message) {
drupal_set_message($message, 'error');
}
}
}
else {
drupal_set_message(t('Please complete the registration by filling out the form below. (If you\'ve previously registered with us, please <a href="@login">log in</a> and add your @provider account under "Linked accounts.")', array(
'@provider' => $provider_name,
'@login' => url('user/login'),
)), 'warning');
}
$destination = drupal_get_destination();
unset($_GET['destination']);
$GLOBALS['devel_shutdown'] = FALSE;
drupal_add_js('
if (window.opener){
try { window.opener.parent.$.colorbox.close(); } catch(err) {}
window.opener.parent.location.href = "' . url('user/register', array(
'query' => $destination,
)) . '";
}
window.self.close();
', 'inline');
$page = array(
'page_top' => '',
'#children' => 'Closing...',
'page_bottom' => '',
);
print theme('html', array(
'page' => $page,
));
drupal_exit();
}
else {
drupal_set_message(t('Only site administrators can create new user accounts.'), 'error');
$GLOBALS['devel_shutdown'] = FALSE;
$destination = isset($_GET['destination']) ? $_GET['destination'] : 'user';
drupal_add_js('
if (window.opener){
try { window.opener.parent.$.colorbox.close(); } catch(err) {}
window.opener.parent.location.href = "' . url($destination, array(
'absolute' => TRUE,
)) . '";
}
window.self.close();
', 'inline');
$page = array(
'page_top' => '',
'#children' => 'Closing...',
'page_bottom' => '',
);
print theme('html', array(
'page' => $page,
));
drupal_exit();
}
}
return MENU_ACCESS_DENIED;
}
function _hybridauth_popup_process_auth_addexisting($hybridauth, $adapter, $profile, $provider_id) {
global $user;
if (user_get_authmaps(_hybridauth_encode_authname($provider_id, $profile['identifier']))) {
$message = array(
'text' => t('We were unable to complete your request. That account ID is already linked to a user on this site.'),
'type' => 'error',
);
}
else {
$txn = db_transaction();
try {
$result1 = $aid = db_insert('authmap')
->fields(array(
'uid' => $user->uid,
'authname' => _hybridauth_encode_authname($provider_id, $profile['identifier']),
'module' => 'hybridauth',
))
->execute();
$result2 = db_insert('hybridauth_account')
->fields(array(
'aid' => $aid,
'provider_id' => $provider_id,
'created' => REQUEST_TIME,
))
->execute();
} catch (Exception $e) {
$txn
->rollback();
watchdog_exception('hybridauth', $e);
}
$message = array(
'text' => t('We were unable to link your %provider account.', array(
'%provider' => $provider_name,
)),
'type' => 'error',
);
if (isset($result1) && isset($result2)) {
$message = array(
'text' => t('We have successfully linked your %provider account.', array(
'%provider' => $provider_name,
)),
'type' => 'status',
);
$account = array(
'user' => $user,
'id' => _hybridauth_encode_authname($provider_id, $profile['identifier']),
'provider_id' => $provider_id,
'provider_name' => $provider_name,
);
module_invoke_all('hybridauth_account', 'insert', $account);
}
}
drupal_set_message($message['text'], $message['type']);
$GLOBALS['devel_shutdown'] = FALSE;
$destination = isset($_GET['destination']) ? $_GET['destination'] : 'user/' . $user->uid . '/hybridauth';
drupal_add_js('
if (window.opener){
try { window.opener.parent.$.colorbox.close(); } catch(err) {}
window.opener.parent.location.href = "' . url($destination, array(
'absolute' => TRUE,
)) . '";
}
window.self.close();
', 'inline');
$page = array(
'page_top' => '',
'#children' => 'Closing...',
'page_bottom' => '',
);
print theme('html', array(
'page' => $page,
));
drupal_exit();
}
function hybridauth_popup_openid() {
$overlay = isset($_GET['overlay']) ? $_GET['overlay'] : FALSE;
$provider_id = isset($_GET['provider']) ? $_GET['provider'] : NULL;
if (!$provider_id) {
drupal_not_found();
drupal_exit();
}
_hybridauth_add_widget_css();
$form = drupal_get_form('hybridauth_popup_openid_form', $provider_id, $overlay);
if ($overlay) {
$page = array(
'page_top' => '',
'#children' => drupal_render($form),
'page_bottom' => '',
);
print theme('html', array(
'page' => $page,
));
drupal_exit();
}
return drupal_render($form);
}
function hybridauth_popup_openid_form($form, &$form_state, $provider_id, $overlay = FALSE) {
$form = array();
$form['openid_identifier'] = array(
'#type' => 'textfield',
'#title' => t('OpenID Identity'),
'#description' => t('Type your OpenID identity that you want to use.'),
);
$form['actions'] = array(
'#type' => 'actions',
);
$form['actions']['submit'] = array(
'#type' => 'submit',
'#value' => t('Submit'),
);
if ($overlay) {
}
else {
$form['actions']['cancel'] = array(
'#type' => 'link',
'#title' => t('Cancel'),
'#href' => $_GET['destination'],
);
}
return $form;
}
function hybridauth_popup_openid_form_submit($form, &$form_state) {
$destination = isset($_GET['destination']) ? $_GET['destination'] : 'user';
unset($_GET['destination']);
$query = drupal_get_query_parameters();
$query['openid_identifier'] = $form_state['values']['openid_identifier'];
$query['destination'] = $destination;
drupal_goto('hybridauth/popup', array(
'query' => $query,
));
}
function hybridauth_email_confirm($uid, $timestamp, $hashed_pass) {
global $user;
if ($user->uid) {
if ($user->uid == $uid) {
drupal_set_message(t('You have already used this email confirmation link and you are already logged in.'));
drupal_goto();
}
else {
$reset_link_account = user_load($uid);
if (!empty($reset_link_account)) {
drupal_set_message(t('Another user (%other_user) is already logged into the site on this computer, but you tried to use a one-time link for user %resetting_user. Please <a href="!logout">logout</a> and try using the link again.', array(
'%other_user' => $user->name,
'%resetting_user' => $reset_link_account->name,
'!logout' => url('user/logout'),
)));
}
else {
drupal_set_message(t('The one-time login link you clicked is invalid.'));
}
}
drupal_goto();
}
else {
$user = user_load_multiple(array(
$uid,
), array(
'status' => 1,
));
if ($account = array_shift($user)) {
if ($account->login) {
drupal_set_message(t('Your email address has already been confirmed and you may login at any time.'));
drupal_goto('user');
}
elseif ($hashed_pass == user_pass_rehash($account->pass, $timestamp, $account->login)) {
$form_state['uid'] = $account->uid;
user_login_submit(array(), $form_state);
drupal_set_message(t('Thank you for confirming your email address.'));
drupal_goto('user/' . $user->uid . '/edit');
}
}
}
drupal_access_denied();
}
function hybridauth_user_identities($account) {
module_load_include('inc', 'hybridauth', 'hybridauth.auth');
drupal_set_title(format_username($account));
$header = array(
t('Account type'),
t('Account ID'),
t('Operations'),
);
$rows = array();
$result = db_query("SELECT am.aid, am.authname, ha.provider_id FROM {authmap} am INNER JOIN {hybridauth_account} ha ON am.aid = ha.aid WHERE module = :module AND uid = :uid", array(
':module' => 'hybridauth',
':uid' => $account->uid,
));
foreach ($result as $identity) {
$provider_id = $identity->provider_id;
$provider_name = hybridauth_get_provider_name($provider_id);
$rows[] = array(
theme('hybridauth_provider_icon', array(
'provider_id' => $provider_id,
'style' => 'hybridauth-icon-inline',
)) . '<span' . drupal_attributes(array(
'class' => 'hybridauth-provider-name',
)) . '>' . $provider_name . '</span>',
check_plain(_hybridauth_get_authmap_identfier($identity->authname)),
l(t('Delete'), 'user/' . $account->uid . '/hybridauth/delete/' . $identity->aid),
);
}
$build['hybridauth_table'] = array(
'#theme' => 'table',
'#header' => $header,
'#rows' => $rows,
'#empty' => t('You don\'t have any accounts linked yet.'),
);
return $build;
}
function hybridauth_user_delete_form($form, $form_state, $account, $aid = NULL) {
if (!$aid) {
drupal_not_found();
drupal_exit();
}
$provider_id = db_query("SELECT ha.provider_id FROM {authmap} am INNER JOIN {hybridauth_account} ha ON am.aid = ha.aid WHERE am.uid=:uid AND am.aid=:aid AND module=:module", array(
':uid' => $account->uid,
':aid' => $aid,
':module' => 'hybridauth',
))
->fetchField();
if (!$provider_id) {
drupal_not_found();
drupal_exit();
}
$provider_name = hybridauth_get_provider_name($provider_id);
$username = check_plain(format_username($account));
return confirm_form(array(), t('Are you sure you want to remove this linked %provider account for %user?', array(
'%provider' => $provider_name,
'%user' => $username,
)), 'user/' . $account->uid . '/hybridauth', '');
}
function hybridauth_user_delete_form_submit($form, &$form_state) {
$uid = $form_state['build_info']['args'][0]->uid;
$aid = $form_state['build_info']['args'][1];
$linked_account = db_query("SELECT am.authname, am.provider_id FROM {authmap} am INNER JOIN {hybridauth_account} ha ON am.aid = ha.aid WHERE am.uid=:uid AND am.aid=:aid AND module=:module", array(
':uid' => $uid,
':aid' => $aid,
':module' => 'hybridauth',
))
->fetchObject();
$txn = db_transaction();
try {
$result1 = db_delete('authmap')
->condition('uid', $uid)
->condition('aid', $form_state['build_info']['args'][1])
->condition('module', 'hybridauth_core')
->execute();
$result2 = db_delete('hybridauth_account')
->condition('aid', $form_state['build_info']['args'][1])
->execute();
} catch (Exception $e) {
$txn
->rollback();
watchdog_exception('hybridauth', $e);
}
if (isset($result1) && isset($result2)) {
$provider_id = $linked_account->provider_id;
$provider_name = hybridauth_get_provider_name($provider_id);
drupal_set_message(t('The linked %provider account has been successfully removed.', array(
'%provider' => $provider_name,
)));
$_SESSION['hybridauth_provider_info'] = array(
'id' => $provider_id,
'name' => $provider_name,
);
$user = user_load($uid);
$account = array(
'user' => $user,
'id' => _hybridauth_get_authmap_identfier($linked_account->authname),
'provider_id' => $provider_id,
'provider_name' => $provider_name,
);
module_invoke_all('hybridauth_account', 'delete', $account);
}
else {
drupal_set_message(t('We were unable to delete the linked %provider account.', array(
'%provider' => $provider_name,
)), 'error');
}
$_SESSION['hybridauth_account_deleted'] = TRUE;
$form_state['redirect'] = 'user/' . $uid . '/hybridauth';
}