You are here

function janrain_capture_oauth in Janrain Registration 6

Same name and namespace in other branches
  1. 7.4 includes/janrain_capture.endpoints.inc \janrain_capture_oauth()
  2. 7 janrain_capture.pages.inc \janrain_capture_oauth()
  3. 7.2 includes/janrain_capture.endpoints.inc \janrain_capture_oauth()
  4. 7.3 includes/janrain_capture.endpoints.inc \janrain_capture_oauth()

Callback for the janrain_capture/oauth menu item. This serves as the redirect_uri Capture redirects the user to and performs the authentication.

1 string reference to 'janrain_capture_oauth'
janrain_capture_menu in ./janrain_capture.module
Implements hook_menu().

File

./janrain_capture.pages.inc, line 12
User page callbacks for the janrain_capture module.

Code

function janrain_capture_oauth() {
  global $user;
  $token = isset($_REQUEST['code']) ? $_REQUEST['code'] : '';
  $origin = isset($_REQUEST['origin']) ? $_REQUEST['origin'] : '';
  $janrain_capture_fields = variable_get('janrain_capture_fields', array());
  $janrain_capture_main = variable_get('janrain_capture_main', array());
  $janrain_capture_optional = variable_get('janrain_capture_optional', array());
  if ($token) {

    // Cannot use the Drupal url query option because drupal_http_build_query
    // decodes slashes causing incompatibility.
    $redirect_uri = url('janrain_capture/oauth', array(
      'absolute' => TRUE,
    ));
    if ($origin) {
      $redirect_uri .= (strpos($redirect_uri, '?') !== FALSE ? '&' : '?') . 'origin=' . urlencode($origin);
    }
    $api = new JanrainCaptureApi();
    if ($api
      ->newAccessToken($token, $redirect_uri) == FALSE) {
      $profile = NULL;
    }
    else {
      $profile = $api
        ->loadUserEntity();
    }
    if (!$profile || $profile['stat'] != 'ok') {
      drupal_set_message(t('We were unable to complete your request.'), 'error');
      watchdog('janrain_capture', 'Failed to obtain a Capture record', array(), WATCHDOG_ERROR);
    }
    else {
      $_SESSION['janrain_capture_email'] = $profile['result']['email'];
      $user_info = array(
        'name' => janrain_capture_profile_field($profile),
        'mail' => $profile['result']['email'],
        'status' => 1,
      );
      $user_info = janrain_capture_fields_array($user_info, $profile['result']);
      $account = user_external_load($profile['result']['uuid']);
      $new_user = FALSE;

      // No user was found with our Capture uuid.
      if (!$account->uid) {

        // Look for a local user with the same email address.
        if ($local_user = user_load(array(
          'mail' => $profile['result']['email'],
        ))) {

          // Are we configured to match users based on email?
          if (isset($janrain_capture_fields['capture_match_email']) && $janrain_capture_fields['capture_match_email']) {

            // Check to see if this user is already mapped to a Capture uuid.
            $result = db_query("SELECT aid FROM {authmap} WHERE module = 'janrain_capture' AND uid = %d", $local_user->uid);
            if (db_fetch_array($result)) {
              $mapped_hook = module_invoke_all('janrain_capture_user_already_mapped');
              if (empty($mapped_hook) || !in_array(FALSE, $mapped_hook)) {
                drupal_set_message(t('A user with this email address is already mapped.'), 'error');
              }
            }
            else {
              $user_info['auth_janrain_capture'] = $profile['result']['uuid'];
              $account = user_save($local_user, $user_info);
              if (!$account->uid) {
                $mapping_failed_hook = module_invoke_all('janrain_capture_mapping_failed');
                if (empty($mapping_failed_hook) || !in_array(FALSE, $mapping_failed_hook)) {
                  drupal_set_message(t('Failed to map to existing user.'), 'error');
                }
              }
            }
          }
          else {
            $user_exists_hook = module_invoke_all('janrain_capture_user_exists');
            if (empty($user_exists_hook) || !in_array(FALSE, $user_exists_hook)) {
              drupal_set_message(t('A user with this email address already exists.'), 'error');
            }
          }
        }
        else {
          $user_info['pass'] = user_password();
          $user_info['auth_janrain_capture'] = $profile['result']['uuid'];
          $account = user_save(NULL, $user_info);
          $new_user = TRUE;
          if (!$account->uid) {
            $failed_create = module_invoke_all('janrain_capture_failed_create');
            if (empty($failed_create) || !in_array(FALSE, $failed_create)) {
              drupal_set_message(t('Failed to create new user.'), 'error');
            }
          }
        }
      }
      else {
        $account = user_save($account, $user_info);
      }
      $signin = TRUE;
      if (!$account->uid) {
        $signin = FALSE;
      }
      if (isset($_SESSION['janrain_capture_action']) && ($_SESSION['janrain_capture_action'] == 'finish_third_party' || $_SESSION['janrain_capture_action'] == 'legacy_register') && isset($janrain_capture_fields['capture_enforce_verification']) && $janrain_capture_fields['capture_enforce_verification'] && $profile['result']['emailVerified'] == NULL) {
        $signin = FALSE;
        if (isset($_SESSION['janrain_capture_email'])) {
          drupal_set_message(t('A verification link has been sent to @email. Please check your email.', array(
            '@email' => $_SESSION['janrain_capture_email'],
          )), 'status');
        }
        else {
          drupal_set_message(t('A verification link has been sent. Please check your email.'), 'status');
        }
      }
      elseif (isset($janrain_capture_fields['capture_enforce_verification']) && $janrain_capture_fields['capture_enforce_verification'] && $profile['result']['emailVerified'] == NULL) {
        $signin = FALSE;
        $args = array(
          'action' => 'resend_verification_email',
          'access_token' => $_SESSION['janrain_capture_access_token'],
          'redirect_uri' => url('janrain_capture/resend_verification_email', array(
            'absolute' => TRUE,
          )),
        );
        $resend_link = janrain_capture_url($args);
        $email_unverified = module_invoke_all('janrain_capture_email_unverified', $resend_link);
        if (empty($email_unverified) || !in_array(FALSE, $email_unverified)) {
          drupal_set_message(t('Your email address has not yet been verified. Please check your email and try again. <a href="@resend-link">Click here</a> to have this email resent.', array(
            '@resend-link' => $resend_link,
          )), 'error');
        }
      }
      if ($signin) {
        user_external_login($account);
        module_invoke_all('janrain_capture_user_authenticated', $profile['result'], $account, $new_user);
      }
    }
  }
  else {
    $no_oauth = module_invoke_all('janrain_capture_no_oauth');
    if (empty($no_oauth) || !in_array(FALSE, $no_oauth)) {
      drupal_set_message(t('No Oauth token found!'), 'error');
    }
  }
  $front_page = url('<front>', array(
    'absolute' => TRUE,
  ));
  $output = <<<OAUTH_END
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
  <body>
    <p>Please wait...</p>
    <script type="text/javascript">
      if (window.location.href != window.parent.location.href) {
        if (window.parent.location.href.indexOf("logout") > 1) {
          window.parent.location.href = "{<span class="php-variable">$front_page</span>}";
        } else {
          window.parent.location.reload();
        }
      } else {
        window.location.href = "{<span class="php-variable">$front_page</span>}";
      }
    </script>
  </body>
</html>
OAUTH_END;
  print $output;
  return NULL;
}