diff --git a/classes/Foreign_user.php b/classes/Foreign_user.php index 67d8651fa9..4a41e07f4d 100644 --- a/classes/Foreign_user.php +++ b/classes/Foreign_user.php @@ -44,20 +44,18 @@ class Foreign_user extends Managed_DataObject ); } - // XXX: This only returns a 1->1 single obj mapping. Change? Or make - // a getForeignUsers() that returns more than one? --Zach static function getForeignUser($id, $service) { + $fuser = new Foreign_user(); - $fuser->whereAdd("service = $service"); - $fuser->whereAdd("id = $id"); + + $fuser->id = $id; + $fuser->service = $service; + $fuser->limit(1); - if ($fuser->find()) { - $fuser->fetch(); - return $fuser; - } + $result = $fuser->find(true); - return null; + return empty($result) ? null : $fuser; } static function getByNickname($nickname, $service) diff --git a/plugins/FacebookBridge/FacebookBridgePlugin.php b/plugins/FacebookBridge/FacebookBridgePlugin.php index 62ae381331..bf16da337d 100644 --- a/plugins/FacebookBridge/FacebookBridgePlugin.php +++ b/plugins/FacebookBridge/FacebookBridgePlugin.php @@ -1,7 +1,7 @@ . * - * @category Pugin + * @category Plugin * @package StatusNet * @author Zach Copley * @copyright 2011 StatusNet, Inc. @@ -41,7 +41,7 @@ define("FACEBOOK_SERVICE", 2); * @category Plugin * @package StatusNet * @author Zach Copley - * @copyright 2010 StatusNet, Inc. + * @copyright 2010-2011 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0 * @link http://status.net/ */ @@ -103,11 +103,10 @@ class FacebookBridgePlugin extends Plugin { $dir = dirname(__FILE__); - //common_debug("class = " . $cls); - switch ($cls) { case 'Facebook': // Facebook PHP SDK + include_once $dir . '/extlib/base_facebook.php'; include_once $dir . '/extlib/facebook.php'; return false; case 'FacebookloginAction': @@ -351,26 +350,35 @@ class FacebookBridgePlugin extends Plugin $action->script('https://connect.facebook.net/en_US/all.js'); $script = <<inlineScript( - sprintf($script, + sprintf( + $script, json_encode($this->facebook->getAppId()), - json_encode($this->facebook->getSession()), common_local_url('facebookfinishlogin') ) ); @@ -382,26 +390,30 @@ ENDOFSCRIPT; * * @param Action action the current action */ - function onEndLogout($action) + function onStartLogout($action) { if ($this->hasApplication()) { - $session = $this->facebook->getSession(); - $fbuser = null; - $fbuid = null; - if ($session) { - try { - $fbuid = $this->facebook->getUser(); - $fbuser = $this->facebook->api('/me'); - } catch (FacebookApiException $e) { - common_log(LOG_ERROR, $e, __FILE__); - } - } + $cur = common_current_user(); + $flink = Foreign_link::getByUserID($cur->id, FACEBOOK_SERVICE); - if (!empty($fbuser)) { + if (!empty($flink)) { + + $this->facebook->setAccessToken($flink->credentials); + + if (common_config('singleuser', 'enabled')) { + $user = User::singleUser(); + + $destination = common_local_url( + 'showstream', + array('nickname' => $user->nickname) + ); + } else { + $destination = common_local_url('public'); + } $logoutUrl = $this->facebook->getLogoutUrl( - array('next' => common_local_url('public')) + array('next' => $destination) ); common_log( @@ -412,9 +424,14 @@ ENDOFSCRIPT; ), __FILE__ ); - common_debug("LOGOUT URL = $logoutUrl"); + + $action->logout(); + common_redirect($logoutUrl, 303); + return false; // probably never get here, but hey } + + return true; } } diff --git a/plugins/FacebookBridge/actions/facebookdeauthorize.php b/plugins/FacebookBridge/actions/facebookdeauthorize.php index 1a83c3a003..443b768f5c 100644 --- a/plugins/FacebookBridge/actions/facebookdeauthorize.php +++ b/plugins/FacebookBridge/actions/facebookdeauthorize.php @@ -1,7 +1,7 @@ - * @copyright 2010 StatusNet, Inc. + * @copyright 2010-2011 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0 * @link http://status.net/ */ diff --git a/plugins/FacebookBridge/actions/facebookfinishlogin.php b/plugins/FacebookBridge/actions/facebookfinishlogin.php index 3d2fb571d7..4c8c9f860f 100644 --- a/plugins/FacebookBridge/actions/facebookfinishlogin.php +++ b/plugins/FacebookBridge/actions/facebookfinishlogin.php @@ -22,7 +22,7 @@ * @category Plugin * @package StatusNet * @author Zach Copley - * @copyright 2010 StatusNet, Inc. + * @copyright 2010-2011 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -33,42 +33,33 @@ if (!defined('STATUSNET')) { class FacebookfinishloginAction extends Action { - private $facebook = null; // Facebook client - private $fbuid = null; // Facebook user ID - private $fbuser = null; // Facebook user object (JSON) + private $fbuid = null; // Facebook user ID + private $fbuser = null; // Facebook user object (JSON) + private $accessToken = null; // Access token provided by Facebook JS API function prepare($args) { parent::prepare($args); - $this->facebook = new Facebook( - array( - 'appId' => common_config('facebook', 'appid'), - 'secret' => common_config('facebook', 'secret'), - 'cookie' => true, - ) - ); + // Check cookie for a valid access_token - // Check for a Facebook user session - - $session = $this->facebook->getSession(); - $me = null; - - if ($session) { - try { - $this->fbuid = $this->facebook->getUser(); - $this->fbuser = $this->facebook->api('/me'); - } catch (FacebookApiException $e) { - common_log(LOG_ERROR, $e, __FILE__); + if (isset($_COOKIE['fb_access_token'])) { + $this->accessToken = $_COOKIE['fb_access_token']; + if (empty($this->accessToken)) { + $this->clientError(_m("Unable to authenticate you with Facebook.")); + return false; } } - if (!empty($this->fbuser)) { - // OKAY, all is well... proceed to register + $graphUrl = 'https://graph.facebook.com/me?access_token=' . urlencode($this->accessToken); + $this->fbuser = json_decode(file_get_contents($graphUrl)); - common_debug("Found a valid Facebook user.", __FILE__); + if (!empty($this->fbuser)) { + $this->fbuid = $this->fbuser->id; + // OKAY, all is well... proceed to register + return true; } else { - // This shouldn't happen in the regular course of things + // log badness list($proxy, $ip) = common_client_ip(); @@ -88,7 +79,7 @@ class FacebookfinishloginAction extends Action ); } - return true; + return false; } function handle($args) @@ -97,34 +88,14 @@ class FacebookfinishloginAction extends Action if (common_is_real_login()) { - // User is already logged in, are her accounts already linked? + // This will throw a client exception if the user already + // has some sort of foreign_link to Facebook. - $flink = Foreign_link::getByForeignID($this->fbuid, FACEBOOK_SERVICE); + $this->checkForExistingLink(); - if (!empty($flink)) { + // Possibly reconnect an existing account - // User already has a linked Facebook account and shouldn't be here! - - common_debug( - sprintf( - 'There\'s already a local user %d linked with Facebook user %s.', - $flink->user_id, - $this->fbuid - ) - ); - - $this->clientError( - // TRANS: Client error displayed when trying to connect to a Facebook account that is already linked - // TRANS: in the same StatusNet site. - _m('There is already a local account linked with that Facebook account.') - ); - - } else { - - // Possibly reconnect an existing account - - $this->connectUser(); - } + $this->connectUser(); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->handlePost(); @@ -133,10 +104,47 @@ class FacebookfinishloginAction extends Action } } + function checkForExistingLink() { + + // User is already logged in, are her accounts already linked? + + $flink = Foreign_link::getByForeignID($this->fbuid, FACEBOOK_SERVICE); + + if (!empty($flink)) { + + // User already has a linked Facebook account and shouldn't be here! + + $this->clientError( + // TRANS: Client error displayed when trying to connect to a Facebook account that is already linked + // TRANS: in the same StatusNet site. + _m('There is already a local account linked with that Facebook account.') + ); + + return; + } + + $cur = common_current_user(); + $flink = Foreign_link::getByUserID($cur->id, FACEBOOK_SERVICE); + + if (!empty($flink)) { + + // There's already a local user linked to this Facebook account. + + $this->clientError( + // TRANS: Client error displayed when trying to connect to a Facebook account that is already linked + // TRANS: in the same StatusNet site. + _m('There is already a local account linked with that Facebook account.') + ); + + return; + } + } + function handlePost() { $token = $this->trimmed('token'); + // CSRF protection if (!$token || $token != common_session_token()) { $this->showForm( // TRANS: Client error displayed when the session token does not match or is not given. @@ -365,19 +373,19 @@ class FacebookfinishloginAction extends Action } $args = array( - 'nickname' => $nickname, - 'fullname' => $this->fbuser['first_name'] - . ' ' . $this->fbuser['last_name'], - 'homepage' => $this->fbuser['website'], - 'bio' => $this->fbuser['about'], - 'location' => $this->fbuser['location']['name'] + 'nickname' => $nickname, + 'fullname' => $this->fbuser->name, + 'homepage' => $this->fbuser->website, + 'location' => $this->fbuser->location->name ); // It's possible that the email address is already in our // DB. It's a unique key, so we need to check - if ($this->isNewEmail($this->fbuser['email'])) { - $args['email'] = $this->fbuser['email']; - $args['email_confirmed'] = true; + if ($this->isNewEmail($this->fbuser->email)) { + $args['email'] = $this->fbuser->email; + if (isset($this->fuser->verified) && $this->fuser->verified == true) { + $args['email_confirmed'] = true; + } } if (!empty($invite)) { @@ -407,7 +415,7 @@ class FacebookfinishloginAction extends Action 'Registered new user %s (%d) from Facebook user %s, (fbuid %d)', $user->nickname, $user->id, - $this->fbuser['name'], + $this->fbuser->name, $this->fbuid ), __FILE__ @@ -424,64 +432,62 @@ class FacebookfinishloginAction extends Action */ function setAvatar($user) { - $picUrl = sprintf( - 'http://graph.facebook.com/%s/picture?type=large', - $this->fbuid - ); - - // fetch the picture from Facebook - $client = new HTTPClient(); - - // fetch the actual picture - $response = $client->get($picUrl); - - if ($response->isOk()) { - - $finalUrl = $client->getUrl(); - - // Make sure the filename is unique becuase it's possible for a user - // to deauthorize our app, and then come back in as a new user but - // have the same Facebook picture (avatar URLs have a unique index - // and their URLs are based on the filenames). - $filename = 'facebook-' . common_good_rand(4) . '-' - . substr(strrchr($finalUrl, '/'), 1); - - $ok = file_put_contents( - Avatar::path($filename), - $response->getBody() + try { + $picUrl = sprintf( + 'http://graph.facebook.com/%d/picture?type=large', + $this->fbuser->id ); - if (!$ok) { - common_log( - LOG_WARNING, - sprintf( - 'Couldn\'t save Facebook avatar %s', - $tmp - ), - __FILE__ + // fetch the picture from Facebook + $client = new HTTPClient(); + + // fetch the actual picture + $response = $client->get($picUrl); + + if ($response->isOk()) { + + // seems to always be jpeg, but not sure + $tmpname = "facebook-avatar-tmp-" . common_good_rand(4); + + $ok = file_put_contents( + Avatar::path($tmpname), + $response->getBody() ); - } else { + if (!$ok) { + common_log(LOG_WARNING, 'Couldn\'t save tmp Facebook avatar: ' . $tmpname, __FILE__); + } else { + // save it as an avatar - // save it as an avatar - $profile = $user->getProfile(); + $file = new ImageFile($user->id, Avatar::path($tmpname)); + $filename = $file->resize(180); // size of the biggest img we get from Facebook + + $profile = $user->getProfile(); + + if ($profile->setOriginal($filename)) { + common_log( + LOG_INFO, + sprintf( + 'Saved avatar for %s (%d) from Facebook picture for ' + . '%s (fbuid %d), filename = %s', + $user->nickname, + $user->id, + $this->fbuser->name, + $this->fbuid, + $filename + ), + __FILE__ + ); + + // clean up tmp file + @unlink(Avatar::path($tmpname)); + } - if ($profile->setOriginal($filename)) { - common_log( - LOG_INFO, - sprintf( - 'Saved avatar for %s (%d) from Facebook picture for ' - . '%s (fbuid %d), filename = %s', - $user->nickname, - $user->id, - $this->fbuser['name'], - $this->fbuid, - $filename - ), - __FILE__ - ); } } + } catch (Exception $e) { + common_log(LOG_WARNING, 'Couldn\'t save Facebook avatar: ' . $e->getMessage(), __FILE__); + // error isn't fatal, continue } } @@ -498,22 +504,14 @@ class FacebookfinishloginAction extends Action $user = User::staticGet('nickname', $nickname); - if (!empty($user)) { - common_debug( - sprintf( - 'Found a legit user to connect to Facebook: %s (%d)', - $user->nickname, - $user->id - ), - __FILE__ - ); - } - $this->tryLinkUser($user); common_set_user($user); common_real_login(true); + // clear out the stupid cookie + setcookie('fb_access_token', '', time() - 3600); // one hour ago + $this->goHome($user->nickname); } @@ -521,6 +519,9 @@ class FacebookfinishloginAction extends Action { $user = common_current_user(); $this->tryLinkUser($user); + + // clear out the stupid cookie + setcookie('fb_access_token', '', time() - 3600); // one hour ago common_redirect(common_local_url('facebookfinishlogin'), 303); } @@ -533,29 +534,10 @@ class FacebookfinishloginAction extends Action $this->serverError(_m('Error connecting user to Facebook.')); return; } - - common_debug( - sprintf( - 'Connected Facebook user %s (fbuid %d) to local user %s (%d)', - $this->fbuser['name'], - $this->fbuid, - $user->nickname, - $user->id - ), - __FILE__ - ); } function tryLogin() { - common_debug( - sprintf( - 'Trying login for Facebook user %s', - $this->fbuid - ), - __FILE__ - ); - $flink = Foreign_link::getByForeignID($this->fbuid, FACEBOOK_SERVICE); if (!empty($flink)) { @@ -576,19 +558,14 @@ class FacebookfinishloginAction extends Action common_set_user($user); common_real_login(true); + + // clear out the stupid cookie + setcookie('fb_access_token', '', time() - 3600); // one hour ago + $this->goHome($user->nickname); } } else { - - common_debug( - sprintf( - 'No flink found for fbuid: %s - new user', - $this->fbuid - ), - __FILE__ - ); - $this->showForm(null, $this->bestNewNickname()); } } @@ -611,14 +588,12 @@ class FacebookfinishloginAction extends Action function flinkUser($user_id, $fbuid) { $flink = new Foreign_link(); - $flink->user_id = $user_id; - $flink->foreign_id = $fbuid; - $flink->service = FACEBOOK_SERVICE; - // Pull the access token from the Facebook cookies - $flink->credentials = $this->facebook->getAccessToken(); - - $flink->created = common_sql_now(); + $flink->user_id = $user_id; + $flink->foreign_id = $fbuid; + $flink->service = FACEBOOK_SERVICE; + $flink->credentials = $this->accessToken; + $flink->created = common_sql_now(); $flink_id = $flink->insert(); @@ -627,8 +602,8 @@ class FacebookfinishloginAction extends Action function bestNewNickname() { - if (!empty($this->fbuser['name'])) { - $nickname = $this->nicknamize($this->fbuser['name']); + if (!empty($this->fbuser->username)) { + $nickname = $this->nicknamize($this->fbuser->username); if ($this->isNewNickname($nickname)) { return $nickname; } @@ -636,8 +611,7 @@ class FacebookfinishloginAction extends Action // Try the full name - $fullname = trim($this->fbuser['first_name'] . - ' ' . $this->fbuser['last_name']); + $fullname = $this->fbuser->name; if (!empty($fullname)) { $fullname = $this->nicknamize($fullname); @@ -694,10 +668,8 @@ class FacebookfinishloginAction extends Action $result = User::staticGet('email', $email); if (empty($result)) { - common_debug("XXXXXXXXXXXXXXXXXX We've never seen this email before!!!"); return true; } - common_debug("XXXXXXXXXXXXXXXXXX dupe email address!!!!"); return false; } diff --git a/plugins/FacebookBridge/actions/facebooklogin.php b/plugins/FacebookBridge/actions/facebooklogin.php index fa3cc7a6f2..f30822b63f 100644 --- a/plugins/FacebookBridge/actions/facebooklogin.php +++ b/plugins/FacebookBridge/actions/facebooklogin.php @@ -23,7 +23,7 @@ * @category Plugin * @package StatusNet * @author Zach Copley - * @copyright 2010 StatusNet, Inc. + * @copyright 2010-2011 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0 * @link http://status.net/ */ @@ -72,17 +72,16 @@ class FacebookloginAction extends Action $facebook = Facebookclient::getFacebook(); + $params = array( + 'scope' => 'read_stream,publish_stream,offline_access,user_status,user_location,user_website,email', + 'redirect_uri' => common_local_url('facebookfinishlogin') + ); + // Degrade to plain link if JavaScript is not available $this->elementStart( 'a', array( - 'href' => $facebook->getLoginUrl( - array( - 'next' => common_local_url('facebookfinishlogin'), - 'cancel' => common_local_url('facebooklogin'), - 'req_perms' => 'read_stream,publish_stream,offline_access,user_status,user_location,user_website,email' - ) - ), + 'href' => $facebook->getLoginUrl($params), 'id' => 'facebook_button' ) ); @@ -99,16 +98,6 @@ class FacebookloginAction extends Action $this->elementEnd('a'); - /* - $this->element('div', array('id' => 'fb-root')); - $this->script( - sprintf( - 'http://connect.facebook.net/en_US/all.js#appId=%s&xfbml=1', - common_config('facebook', 'appid') - ) - ); - $this->element('fb:facepile', array('max-rows' => '2', 'width' =>'300')); - */ $this->elementEnd('fieldset'); } diff --git a/plugins/FacebookBridge/lib/facebookclient.php b/plugins/FacebookBridge/lib/facebookclient.php index 0469ce8aca..00b313b6a4 100644 --- a/plugins/FacebookBridge/lib/facebookclient.php +++ b/plugins/FacebookBridge/lib/facebookclient.php @@ -23,7 +23,7 @@ * @package StatusNet * @author Craig Andrews * @author Zach Copley - * @copyright 2009-2010 StatusNet, Inc. + * @copyright 2009-2011 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -916,7 +916,7 @@ class Facebookclient static function addFacebookUser($fbuser) { // remove any existing, possibly outdated, record - $luser = Foreign_user::getForeignUser($fbuser['id'], FACEBOOK_SERVICE); + $luser = Foreign_user::getForeignUser($fbuser->id, FACEBOOK_SERVICE); if (!empty($luser)) { @@ -927,8 +927,8 @@ class Facebookclient LOG_INFO, sprintf( 'Removed old Facebook user: %s, fbuid %d', - $fbuid['name'], - $fbuid['id'] + $fbuid->name, + $fbuid->id ), __FILE__ ); @@ -937,9 +937,9 @@ class Facebookclient $fuser = new Foreign_user(); - $fuser->nickname = $fbuser['name']; - $fuser->uri = $fbuser['link']; - $fuser->id = $fbuser['id']; + $fuser->nickname = $fbuser->username; + $fuser->uri = $fbuser->link; + $fuser->id = $fbuser->id; $fuser->service = FACEBOOK_SERVICE; $fuser->created = common_sql_now(); @@ -950,8 +950,8 @@ class Facebookclient LOG_WARNING, sprintf( 'Failed to add new Facebook user: %s, fbuid %d', - $fbuser['name'], - $fbuser['id'] + $fbuser->username, + $fbuser->id ), __FILE__ ); @@ -962,8 +962,8 @@ class Facebookclient LOG_INFO, sprintf( 'Added new Facebook user: %s, fbuid %d', - $fbuser['name'], - $fbuser['id'] + $fbuser->name, + $fbuser->id ), __FILE__ );