function oauthconnector_oauth_common_authorized in OAuth Connector 7
Same name and namespace in other branches
- 6 oauthconnector.module \oauthconnector_oauth_common_authorized()
Implements hook_oauth_common_authorized().
File
- ./
oauthconnector.module, line 284 - OAuth Connector module
Code
function oauthconnector_oauth_common_authorized($consumer, $access_token, $request_token) {
global $user;
if ($_SESSION['oauthconnector_request_key'] == $request_token->key) {
unset($_SESSION['oauthconnector_request_key']);
$providers = oauthconnector_provider_load_all();
foreach ($providers as $provider) {
if ($provider->csid == $consumer->csid) {
// How did you come here?
// When you were not allowed to go connect in the first place.
if (!user_access('connect with oauthconnector_' . $provider->name)) {
return;
}
$action = connector_actions($_SESSION['oauthconnector_action']);
unset($_SESSION['oauthconnector_action']);
if (!$action) {
return;
}
//TODO: Only loop through active providers?
//TODO: Optionally remove the access token - if the provider was only used for log in
// and not for fetching any data then we don't need the access token anymore.
//TODO: Check for whether this connector will be fetching name and avatar - if not then remove the access token?
// Will need to check for whether someone else would like to use the access token as well.
//$access_token->delete();
$external_uid = _oauthconnector_fetch_field('uid', $provider, $access_token, $consumer);
if (!empty($external_uid)) {
$connect = FALSE;
if (empty($_SESSION['oauthconnector_login'])) {
if ($user->uid && !empty($action['add connection callback']) && is_callable($action['add connection callback'])) {
$connect = $action['add connection callback']('oauthconnector_' . $provider->name, $external_uid, $user->uid, $consumer, $access_token, $request_token);
}
}
elseif (!$user->uid) {
$connect = NULL;
// We first try to login
if (!empty($action['login callback']) && is_callable($action['login callback'])) {
$connect = $action['login callback']('oauthconnector_' . $provider->name, $external_uid, $consumer, $access_token, $request_token);
}
if (is_null($connect) && !empty($action['create account callback']) && is_callable($action['create account callback'])) {
// Login failed, let us try to create an account and then connect -> login.
$account = $action['create account callback']('oauthconnector_' . $provider->name, $external_uid, $consumer, $access_token, $request_token);
if (!empty($account->uid) && !empty($action['add connection callback']) && is_callable($action['add connection callback'])) {
$action['add connection callback']('oauthconnector_' . $provider->name, $external_uid, $account->uid);
}
if (!empty($account->uid) && !empty($action['login callback']) && is_callable($action['login callback'])) {
$connect = $action['login callback']('oauthconnector_' . $provider->name, $external_uid, $consumer, $access_token, $request_token);
}
}
}
if ($connect) {
$access_token->uid = $user->uid;
$access_token
->write();
// Delete all previous access tokens with the same settings
$results = db_select('oauth_common_token', 't')
->fields('t')
->condition('type', OAUTH_COMMON_TOKEN_TYPE_ACCESS)
->condition('uid', $user->uid)
->condition('csid', $consumer->csid)
->condition('tid', $access_token->tid, '<>')
->execute();
foreach ($results as $result) {
DrupalOAuthToken::deleteToken($result->token_key, $consumer);
db_delete('oauthconnector_connections')
->condition('tid', $result->tid)
->execute();
}
$connected_token = oauthconnector_get_connection_token($provider, $external_uid);
if (!$connected_token || $connected_token->tid != $access_token->tid) {
$connection = array(
'tid' => $access_token->tid,
'cid' => $external_uid,
);
drupal_write_record('oauthconnector_connections', $connection, $connected_token ? array(
'cid',
) : array());
}
if (!empty($_SESSION['oauthconnector_destination'])) {
$_GET['destination'] = $_SESSION['oauthconnector_destination'];
unset($_SESSION['oauthconnector_destination']);
drupal_goto();
}
}
}
else {
//TODO: Add error message
if (!empty($action['no external uid']) && is_callable($action['no external uid'])) {
$action['no external uid']($provider, $access_token, $consumer, $request_token);
}
}
break;
}
}
}
}