You are here

Home » API reference » Janrain Registration 7.4 » janrain_capture.endpoints.inc

function janrain_capture_oauth in Janrain Registration 7.4

Same name and namespace in other branches
  1. 6 janrain_capture.pages.inc \janrain_capture_oauth()
  2. 7 janrain_capture.pages.inc \janrain_capture_oauth()
  3. 7.2 includes/janrain_capture.endpoints.inc \janrain_capture_oauth()
  4. 7.3 includes/janrain_capture.endpoints.inc \janrain_capture_oauth()

Callback for the janrain_capture/oauth menu item. This serves as the redirect_uri Capture redirects the user to and performs the authentication.

1 string reference to 'janrain_capture_oauth'
janrain_capture_menu in ./janrain_capture.module
Implements hook_menu().

File

includes/janrain_capture.endpoints.inc, line 12
User page callbacks for the janrain_capture module.

Code

function janrain_capture_oauth() {
  global $user;
  $country_id = $_SESSION['country_id'];
  $query = drupal_get_query_parameters($_GET, array(
    'q',
    'code',
  ));

  // Get the front page URL to the ajax function in the signin screen
  $front_page_url = url('<front>', array(
    'absolute' => TRUE,
  ));

  // I'm not sure about this origin parameter. It doesn't seem to be used by
  // Drupal or its modules. I think what was meant is 'destination', but let's
  // leave it here for backwards compatibility, in case some site relies on it.
  $origin = isset($query['origin']) ? $query['origin'] : FALSE;
  if (!$origin) {
    $destination = isset($query['destination']) ? $query['destination'] : FALSE;
  }
  $url_type = isset($query['url_type']) ? $query['url_type'] : FALSE;
  $ver = variable_get('janrain_capture_ver', JANRAIN_CAPTURE_VERSION_DEFAULT);
  if ($ver == JANRAIN_CAPTURE_VERSION_LEGACY) {
    $janrain_capture_fields = variable_get('janrain_capture_fields', array());
    $janrain_capture_main = variable_get('janrain_capture_main', array());
    $janrain_capture_optional = variable_get('janrain_capture_optional', array());
  }
  else {
    $janrain_capture_fields = variable_get('janrain_capture_fields2', array());
    $janrain_capture_fields = $janrain_capture_fields[$country_id];
    $janrain_capture_main = variable_get('janrain_capture_main2', array());
    $janrain_capture_main = $janrain_capture_main[$country_id];
    $janrain_capture_ui2 = variable_get('janrain_capture_ui2', array());
    $janrain_capture_ui2 = $janrain_capture_ui2[$country_id];
    $janrain_capture_main = array_merge($janrain_capture_main, $janrain_capture_ui2);
    $janrain_capture_federate2 = variable_get('janrain_capture_federate2', array());
    $janrain_capture_optional = $janrain_capture_federate2[$country_id];
    $janrain_capture_backplane2 = variable_get('janrain_capture_backplane2', array());
    $janrain_capture_backplane2 = $janrain_capture_backplane2[$country_id];
    $janrain_capture_optional = array_merge($janrain_capture_optional, $janrain_capture_backplane2);
    if (isset($query['verification_code'])) {
      $url_type = 'verify';
    }

    // Verify or forgot password
    if ($url_type) {
      module_load_include('inc', 'janrain_capture', 'includes/janrain_capture.widget');
      $widget_js = janrain_capture_widget_js();
      $screen = _janrain_capture_get_screen("{$url_type}.html");
      $js = _janrain_capture_get_screen("{$url_type}.js");
      $output = <<<AUTH
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <script type="text/javascript">
{<span class="php-variable">$js</span>}
{<span class="php-variable">$widget_js</span>}
    </script>
  </head>
  <body>
{<span class="php-variable">$screen</span>}
  </body>
</html>
AUTH;
      echo $output;
      return NULL;
    }
  }
  if (empty($_GET['code'])) {
    $no_oauth = module_invoke_all('janrain_capture_no_oauth');
    if (empty($no_oauth) || !in_array(FALSE, $no_oauth)) {
      drupal_set_message(t('No Oauth token found!'), 'error');
      echo $front_page_url;
      drupal_exit();
    }
  }
  else {
    $redirect_uri_options = array(
      'absolute' => TRUE,
      'query' => $query,
    );
    $settings = variable_get('janrain_capture_main2', array());
    $janrain_capture_main2 = $settings[$country_id];
    if (!empty($settings['mobile_friendly'])) {
      $proto_redirect_uri = $_SESSION['janrain_capture_redirect_uri'];
    }
    else {
      $proto_redirect_uri = 'janrain_capture/oauth';
    }
    $redirect_uri = url($proto_redirect_uri, $redirect_uri_options);
    $api = new JanrainCaptureApi();
    $profile = $api
      ->newAccessToken($_GET['code'], $redirect_uri) ? $api
      ->loadUserEntity() : FALSE;
    if (!$profile || $profile['stat'] != 'ok') {
      drupal_set_message(t('We were unable to complete your request.'), 'error');
      watchdog('janrain_capture', 'Failed to obtain a Capture record', array(), WATCHDOG_ERROR);
    }
    else {
      $store_email = isset($janrain_capture_fields['capture_no_email']) ? $janrain_capture_fields['capture_no_email'] : FALSE;
      if ($store_email) {
        $_SESSION['janrain_capture_email'] = $profile['result']['email'];
      }

      // Check to see if a Drupal user with this email and UUID exists
      $account = user_load_by_mail($profile['result']['email']);
      if ($account) {
        $uuid = entity_metadata_wrapper('user', $account)->field_janrain_capture_uuid
          ->value();
        if (!$uuid) {
          $is_admin = user_access('administer site configuration', $account);
          if ($is_admin) {
            $_SESSION['janrain_capture_admin_signin'] = TRUE;

            // Redirect to the admin signin verification endpoint
            echo url('janrain_capture/admin_signin', array(
              'absolute' => TRUE,
            ));
            drupal_exit();
          }
        }
      }
      else {
        $account = new stdClass();
        $account->name = $profile['result']['uuid'];
        $account->mail = $store_email ? $profile['result']['email'] : $profile['result']['uuid'] . '@localhost';
        $account->status = 1;
      }

      // Add Capture-related information to the local account
      module_load_include('inc', 'janrain_capture', 'includes/janrain_capture.signin');
      _janrain_capture_setup_local_account($account, $profile);
      $action = isset($_SESSION['janrain_capture_action']) ? $_SESSION['janrain_capture_action'] : NULL;
      if (!_janrain_capture_user_verified($profile, $janrain_capture_fields['capture_enforce_verification'])) {
        if ($action == 'finish_third_party' || $action == 'legacy_register') {
          if (isset($_SESSION['janrain_capture_email'])) {
            drupal_set_message(t('A verification link has been sent to @email. Please check your email.', array(
              '@email' => $_SESSION['janrain_capture_email'],
            )), 'status');
          }
          else {
            drupal_set_message(t('A verification link has been sent. Please check your email.'), 'status');
          }
        }
        else {
          $args = array(
            'action' => 'resend_verification_email',
            'access_token' => $_SESSION['janrain_capture_access_token'],
            'redirect_uri' => url('janrain_capture/resend_verification_email', array(
              'absolute' => TRUE,
            )),
          );
          $resend_link = janrain_capture_url($args);
          $email_unverified = module_invoke_all('janrain_capture_email_unverified', $resend_link);
          if (empty($email_unverified) || !in_array(FALSE, $email_unverified)) {
            drupal_set_message(t('Your email address has not yet been verified. Please check your email and try again. <a href="@resend-link">Click here</a> to have this email resent.', array(
              '@resend-link' => $resend_link,
            )), 'error');
          }
        }
      }
      else {
        $form_state['uid'] = $account->uid;
        user_login_submit(array(), $form_state);

        // Re-sync Capture data to make sure we're up to date.
        janrain_capture_sync_account($account, $profile['result']);
        $account = user_save($account);
        module_invoke_all('janrain_capture_user_authenticated', $profile['result'], $account, FALSE);
      }
    }
  }
  if ($ver == JANRAIN_CAPTURE_VERSION_LEGACY) {
    $signin_redirect = url('janrain_capture/signin_redirect', array(
      'absolute' => TRUE,
    ));
    $output = <<<OAUTH_END
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
  <body>
    <p>Please wait...</p>
    <script type="text/javascript">
      var redirect_url = null;
      var regex = /[\\#\\?]destination\\=([^\\&]*)/;
      var match = regex.exec(window.parent.location.href);
      if (match && match.length == 2) {
        redirect_url = "{<span class="php-variable">$signin_redirect</span>}/?destination=" + decodeURIComponent(match[1]);
      }
      if (window.location.href != window.parent.location.href) {
        if (window.parent.location.href.indexOf("logout") > 1) {
          window.parent.location.href = "{<span class="php-variable">$front_page_url</span>}";
        } else {
          if (redirect_url) {
            window.parent.location.href = redirect_url;
          } else {
            window.parent.location.reload();
          }
        }
      } else {
        window.location.href = redirect_url || "{<span class="php-variable">$front_page_url</span>}";
      }
    </script>
  </body>
</html>
OAUTH_END;
    echo $output;
    return NULL;
  }
  echo $front_page_url;
  drupal_exit();
}