You are here

Home » API reference » OAuth Connector 6 » oauthconnector.module

function oauthconnector_oauth_common_authorized in OAuth Connector 6

Same name and namespace in other branches
  1. 7 oauthconnector.module \oauthconnector_oauth_common_authorized()

Implementation of hook_oauth_common_authorized().

File

./oauthconnector.module, line 125
OAuth Connector module

Code

function oauthconnector_oauth_common_authorized($consumer, $access_token, $request_token) {
  global $user;
  if ($_SESSION['oauthconnector_request_key'] == $request_token->key) {
    unset($_SESSION['oauthconnector_request_key']);
    $providers = oauthconnector_provider_load_all();
    foreach ($providers as $provider) {
      if ($provider->csid == $consumer->csid) {

        //TODO: Only loop through active providers?

        //TODO: Optionally remove the access token - if the provider was only used for log in

        //      and not for fetching any data then we don't need the access token anymore.

        //TODO: Check for whether this connector will be fetching name and avatar - if not then remove the access token?

        //      Will need to check for whether someone else would like to use the access token as well.

        //$access_token->delete();
        $external_uid = _oauthconnector_fetch_field('uid', $provider, $access_token, $consumer);
        if (!empty($external_uid)) {
          $connect = FALSE;
          if (empty($_SESSION['oauthconnector_login'])) {
            if ($user->uid) {
              $connect = _connector_add_connection('oauthconnector_' . $provider->name, $external_uid, $user->uid);
            }
          }
          else {
            if (!$user->uid) {
              $connect = _connector_log_in('oauthconnector_' . $provider->name, $external_uid);
            }
          }
          if ($connect) {
            $access_token->uid = $user->uid;
            $access_token
              ->write(TRUE);

            //TODO: Clean up connection on token removal and connection removal
            $old_access_token = oauthconnector_get_connection_token($provider, $external_uid);
            if (!$old_access_token || $old_access_token->tid != $access_token->tid) {
              $connection = array(
                'tid' => $access_token->tid,
                'cid' => $external_uid,
              );
              drupal_write_record('oauthconnector_connections', $connection, $old_access_token ? array(
                'cid',
              ) : array());
            }
            if ($old_access_token && $old_access_token->tid != $access_token->tid) {
              $old_access_token
                ->delete();
            }

            //TODO: Include this in _connector_log_in()?

            //TODO: (Why do we do this at all? Isn't this taken care of by realname itself? Is it to ensure that we will be given access?)
            $info = _connector_information_fetch($user->uid, array(
              'real name' => TRUE,
            ));
            if (empty($info['real name'])) {
              _connector_information_update($user->uid, array(
                'real name' => TRUE,
              ));
            }
            if (!empty($_SESSION['oauthconnector_destination'])) {
              $_REQUEST['destination'] = $_SESSION['oauthconnector_destination'];
              unset($_SESSION['oauthconnector_destination']);
              drupal_goto();
            }
          }
        }
        else {

          //TODO: Add error message
        }
        break;
      }
    }
  }
}