function oauthconnector_oauth_common_authorized in OAuth Connector 6
Same name and namespace in other branches
- 7 oauthconnector.module \oauthconnector_oauth_common_authorized()
Implementation of hook_oauth_common_authorized().
File
- ./
oauthconnector.module, line 125 - OAuth Connector module
Code
function oauthconnector_oauth_common_authorized($consumer, $access_token, $request_token) {
global $user;
if ($_SESSION['oauthconnector_request_key'] == $request_token->key) {
unset($_SESSION['oauthconnector_request_key']);
$providers = oauthconnector_provider_load_all();
foreach ($providers as $provider) {
if ($provider->csid == $consumer->csid) {
//TODO: Only loop through active providers?
//TODO: Optionally remove the access token - if the provider was only used for log in
// and not for fetching any data then we don't need the access token anymore.
//TODO: Check for whether this connector will be fetching name and avatar - if not then remove the access token?
// Will need to check for whether someone else would like to use the access token as well.
//$access_token->delete();
$external_uid = _oauthconnector_fetch_field('uid', $provider, $access_token, $consumer);
if (!empty($external_uid)) {
$connect = FALSE;
if (empty($_SESSION['oauthconnector_login'])) {
if ($user->uid) {
$connect = _connector_add_connection('oauthconnector_' . $provider->name, $external_uid, $user->uid);
}
}
else {
if (!$user->uid) {
$connect = _connector_log_in('oauthconnector_' . $provider->name, $external_uid);
}
}
if ($connect) {
$access_token->uid = $user->uid;
$access_token
->write(TRUE);
//TODO: Clean up connection on token removal and connection removal
$old_access_token = oauthconnector_get_connection_token($provider, $external_uid);
if (!$old_access_token || $old_access_token->tid != $access_token->tid) {
$connection = array(
'tid' => $access_token->tid,
'cid' => $external_uid,
);
drupal_write_record('oauthconnector_connections', $connection, $old_access_token ? array(
'cid',
) : array());
}
if ($old_access_token && $old_access_token->tid != $access_token->tid) {
$old_access_token
->delete();
}
//TODO: Include this in _connector_log_in()?
//TODO: (Why do we do this at all? Isn't this taken care of by realname itself? Is it to ensure that we will be given access?)
$info = _connector_information_fetch($user->uid, array(
'real name' => TRUE,
));
if (empty($info['real name'])) {
_connector_information_update($user->uid, array(
'real name' => TRUE,
));
}
if (!empty($_SESSION['oauthconnector_destination'])) {
$_REQUEST['destination'] = $_SESSION['oauthconnector_destination'];
unset($_SESSION['oauthconnector_destination']);
drupal_goto();
}
}
}
else {
//TODO: Add error message
}
break;
}
}
}
}