You are here

Home » API reference » OAuth Connector 7 » oauthconnector.module

function oauthconnector_oauth_common_authorized in OAuth Connector 7

Same name and namespace in other branches
  1. 6 oauthconnector.module \oauthconnector_oauth_common_authorized()

Implements hook_oauth_common_authorized().

File

./oauthconnector.module, line 284
OAuth Connector module

Code

function oauthconnector_oauth_common_authorized($consumer, $access_token, $request_token) {
  global $user;
  if ($_SESSION['oauthconnector_request_key'] == $request_token->key) {
    unset($_SESSION['oauthconnector_request_key']);
    $providers = oauthconnector_provider_load_all();
    foreach ($providers as $provider) {
      if ($provider->csid == $consumer->csid) {

        // How did you come here?
        // When you were not allowed to go connect in the first place.
        if (!user_access('connect with oauthconnector_' . $provider->name)) {
          return;
        }
        $action = connector_actions($_SESSION['oauthconnector_action']);
        unset($_SESSION['oauthconnector_action']);
        if (!$action) {
          return;
        }

        //TODO: Only loop through active providers?

        //TODO: Optionally remove the access token - if the provider was only used for log in

        //      and not for fetching any data then we don't need the access token anymore.

        //TODO: Check for whether this connector will be fetching name and avatar - if not then remove the access token?

        //      Will need to check for whether someone else would like to use the access token as well.

        //$access_token->delete();
        $external_uid = _oauthconnector_fetch_field('uid', $provider, $access_token, $consumer);
        if (!empty($external_uid)) {
          $connect = FALSE;
          if (empty($_SESSION['oauthconnector_login'])) {
            if ($user->uid && !empty($action['add connection callback']) && is_callable($action['add connection callback'])) {
              $connect = $action['add connection callback']('oauthconnector_' . $provider->name, $external_uid, $user->uid, $consumer, $access_token, $request_token);
            }
          }
          elseif (!$user->uid) {
            $connect = NULL;

            // We first try to login
            if (!empty($action['login callback']) && is_callable($action['login callback'])) {
              $connect = $action['login callback']('oauthconnector_' . $provider->name, $external_uid, $consumer, $access_token, $request_token);
            }
            if (is_null($connect) && !empty($action['create account callback']) && is_callable($action['create account callback'])) {

              // Login failed, let us try to create an account and then connect -> login.
              $account = $action['create account callback']('oauthconnector_' . $provider->name, $external_uid, $consumer, $access_token, $request_token);
              if (!empty($account->uid) && !empty($action['add connection callback']) && is_callable($action['add connection callback'])) {
                $action['add connection callback']('oauthconnector_' . $provider->name, $external_uid, $account->uid);
              }
              if (!empty($account->uid) && !empty($action['login callback']) && is_callable($action['login callback'])) {
                $connect = $action['login callback']('oauthconnector_' . $provider->name, $external_uid, $consumer, $access_token, $request_token);
              }
            }
          }
          if ($connect) {
            $access_token->uid = $user->uid;
            $access_token
              ->write();

            // Delete all previous access tokens with the same settings
            $results = db_select('oauth_common_token', 't')
              ->fields('t')
              ->condition('type', OAUTH_COMMON_TOKEN_TYPE_ACCESS)
              ->condition('uid', $user->uid)
              ->condition('csid', $consumer->csid)
              ->condition('tid', $access_token->tid, '<>')
              ->execute();
            foreach ($results as $result) {
              DrupalOAuthToken::deleteToken($result->token_key, $consumer);
              db_delete('oauthconnector_connections')
                ->condition('tid', $result->tid)
                ->execute();
            }
            $connected_token = oauthconnector_get_connection_token($provider, $external_uid);
            if (!$connected_token || $connected_token->tid != $access_token->tid) {
              $connection = array(
                'tid' => $access_token->tid,
                'cid' => $external_uid,
              );
              drupal_write_record('oauthconnector_connections', $connection, $connected_token ? array(
                'cid',
              ) : array());
            }
            if (!empty($_SESSION['oauthconnector_destination'])) {
              $_GET['destination'] = $_SESSION['oauthconnector_destination'];
              unset($_SESSION['oauthconnector_destination']);
              drupal_goto();
            }
          }
        }
        else {

          //TODO: Add error message
          if (!empty($action['no external uid']) && is_callable($action['no external uid'])) {
            $action['no external uid']($provider, $access_token, $consumer, $request_token);
          }
        }
        break;
      }
    }
  }
}