From 634fb64c11b1bc2a7b47cac34f185f43822701d1 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Mon, 26 Sep 2011 05:32:19 +0000 Subject: [PATCH 1/3] Facebook bridge mostly working again with new OAuth 2.0 flow --- .../FacebookBridge/FacebookBridgePlugin.php | 23 +-- .../actions/facebookfinishlogin.php | 190 +++++++++++------- .../FacebookBridge/actions/facebooklogin.php | 13 +- plugins/FacebookBridge/lib/facebookclient.php | 16 +- 4 files changed, 147 insertions(+), 95 deletions(-) diff --git a/plugins/FacebookBridge/FacebookBridgePlugin.php b/plugins/FacebookBridge/FacebookBridgePlugin.php index 62ae381331..9d83c9f474 100644 --- a/plugins/FacebookBridge/FacebookBridgePlugin.php +++ b/plugins/FacebookBridge/FacebookBridgePlugin.php @@ -1,7 +1,7 @@ . * - * @category Pugin + * @category Plugin * @package StatusNet * @author Zach Copley * @copyright 2011 StatusNet, Inc. @@ -41,7 +41,7 @@ define("FACEBOOK_SERVICE", 2); * @category Plugin * @package StatusNet * @author Zach Copley - * @copyright 2010 StatusNet, Inc. + * @copyright 2010-2011 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0 * @link http://status.net/ */ @@ -108,6 +108,7 @@ class FacebookBridgePlugin extends Plugin switch ($cls) { case 'Facebook': // Facebook PHP SDK + include_once $dir . '/extlib/base_facebook.php'; include_once $dir . '/extlib/facebook.php'; return false; case 'FacebookloginAction': @@ -351,26 +352,26 @@ class FacebookBridgePlugin extends Plugin $action->script('https://connect.facebook.net/en_US/all.js'); $script = <<inlineScript( - sprintf($script, + sprintf( + $script, json_encode($this->facebook->getAppId()), - json_encode($this->facebook->getSession()), common_local_url('facebookfinishlogin') ) ); @@ -385,18 +386,16 @@ ENDOFSCRIPT; function onEndLogout($action) { if ($this->hasApplication()) { - $session = $this->facebook->getSession(); + //$session = $this->facebook->getSession(); $fbuser = null; $fbuid = null; - if ($session) { try { $fbuid = $this->facebook->getUser(); $fbuser = $this->facebook->api('/me'); } catch (FacebookApiException $e) { common_log(LOG_ERROR, $e, __FILE__); } - } if (!empty($fbuser)) { diff --git a/plugins/FacebookBridge/actions/facebookfinishlogin.php b/plugins/FacebookBridge/actions/facebookfinishlogin.php index 3d2fb571d7..d58944e83d 100644 --- a/plugins/FacebookBridge/actions/facebookfinishlogin.php +++ b/plugins/FacebookBridge/actions/facebookfinishlogin.php @@ -22,7 +22,7 @@ * @category Plugin * @package StatusNet * @author Zach Copley - * @copyright 2010 StatusNet, Inc. + * @copyright 2010-2011 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -33,39 +33,43 @@ if (!defined('STATUSNET')) { class FacebookfinishloginAction extends Action { - private $facebook = null; // Facebook client - private $fbuid = null; // Facebook user ID - private $fbuser = null; // Facebook user object (JSON) + private $fbuid = null; // Facebook user ID + private $fbuser = null; // Facebook user object (JSON) + private $accessToken = null; // Access token provided by Facebook JS API function prepare($args) { parent::prepare($args); - $this->facebook = new Facebook( - array( - 'appId' => common_config('facebook', 'appid'), - 'secret' => common_config('facebook', 'secret'), - 'cookie' => true, + // Check cookie for a valid access_token + + $cookie = $this->get_facebook_cookie( + common_config('facebook', 'appid'), + common_config('facebook', 'secret') + ); + + $this->accessToken = $cookie['access_token']; + + common_debug("cookie = " . var_export($cookie, true)); + + $this->fbuser = json_decode( + file_get_contents( + 'https://graph.facebook.com/me?access_token=' + . $this->accessToken ) ); - // Check for a Facebook user session - - $session = $this->facebook->getSession(); - $me = null; - - if ($session) { - try { - $this->fbuid = $this->facebook->getUser(); - $this->fbuser = $this->facebook->api('/me'); - } catch (FacebookApiException $e) { - common_log(LOG_ERROR, $e, __FILE__); - } - } - if (!empty($this->fbuser)) { + + $this->fbuid = $this->fbuser->id; + common_debug("fbuser = " . var_export($this->fbuser, true)); + common_debug("fbuid = " . $this->fbuid); + // OKAY, all is well... proceed to register common_debug("Found a valid Facebook user.", __FILE__); + + return true; + } else { // This shouldn't happen in the regular course of things @@ -88,7 +92,28 @@ class FacebookfinishloginAction extends Action ); } - return true; + return false; + } + + function get_facebook_cookie($app_id, $app_secret) { + $args = array(); + + parse_str(trim($_COOKIE['fbs_' . $app_id], '\\"'), $args); + + ksort($args); + $payload = ''; + + foreach ($args as $key => $value) { + if ($key != 'sig') { + $payload .= $key . '=' . $value; + } + } + + if (md5($payload . $app_secret) != $args['sig']) { + return null; + } + + return $args; } function handle($args) @@ -97,34 +122,14 @@ class FacebookfinishloginAction extends Action if (common_is_real_login()) { - // User is already logged in, are her accounts already linked? + // This will throw a client exception if the user already + // has some sort of foreign_link to Facebook. - $flink = Foreign_link::getByForeignID($this->fbuid, FACEBOOK_SERVICE); + $this->checkForExistingLink(); - if (!empty($flink)) { + // Possibly reconnect an existing account - // User already has a linked Facebook account and shouldn't be here! - - common_debug( - sprintf( - 'There\'s already a local user %d linked with Facebook user %s.', - $flink->user_id, - $this->fbuid - ) - ); - - $this->clientError( - // TRANS: Client error displayed when trying to connect to a Facebook account that is already linked - // TRANS: in the same StatusNet site. - _m('There is already a local account linked with that Facebook account.') - ); - - } else { - - // Possibly reconnect an existing account - - $this->connectUser(); - } + $this->connectUser(); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->handlePost(); @@ -133,6 +138,58 @@ class FacebookfinishloginAction extends Action } } + function checkForExistingLink() { + + // User is already logged in, are her accounts already linked? + + $flink = Foreign_link::getByForeignID($this->fbuid, FACEBOOK_SERVICE); + + if (!empty($flink)) { + + // User already has a linked Facebook account and shouldn't be here! + + common_debug( + sprintf( + 'There\'s already a local user %d linked with Facebook user %s.', + $flink->user_id, + $this->fbuid + ) + ); + + $this->clientError( + // TRANS: Client error displayed when trying to connect to a Facebook account that is already linked + // TRANS: in the same StatusNet site. + _m('There is already a local account linked with that Facebook account.') + ); + + return; + } + + $cur = common_current_user(); + $flink = Foreign_link::getByUserID($cur->id, FACEBOOK_SERVICE); + + if (!empty($flink)) { + + // There's already a local user linked to this Facebook account. + + common_debug( + sprintf( + 'There\'s already a local user %d linked with Facebook user %s.', + $cur->id, + $this->fbuid + ) + ); + + $this->clientError( + // TRANS: Client error displayed when trying to connect to a Facebook account that is already linked + // TRANS: in the same StatusNet site. + _m('There is already a local account linked with that Facebook account.') + ); + + return; + } + } + function handlePost() { $token = $this->trimmed('token'); @@ -365,19 +422,19 @@ class FacebookfinishloginAction extends Action } $args = array( - 'nickname' => $nickname, - 'fullname' => $this->fbuser['first_name'] - . ' ' . $this->fbuser['last_name'], - 'homepage' => $this->fbuser['website'], - 'bio' => $this->fbuser['about'], - 'location' => $this->fbuser['location']['name'] + 'nickname' => $nickname, + 'fullname' => $this->fbuser->name, + 'homepage' => $this->fbuser->website, + 'location' => $this->fbuser->location->name ); // It's possible that the email address is already in our // DB. It's a unique key, so we need to check - if ($this->isNewEmail($this->fbuser['email'])) { - $args['email'] = $this->fbuser['email']; - $args['email_confirmed'] = true; + if ($this->isNewEmail($this->fbuser->email)) { + $args['email'] = $this->fbuser->email; + if (isset($this->fuser->verified) && $this->fuser->verified == true) { + $args['email_confirmed'] = true; + } } if (!empty($invite)) { @@ -407,7 +464,7 @@ class FacebookfinishloginAction extends Action 'Registered new user %s (%d) from Facebook user %s, (fbuid %d)', $user->nickname, $user->id, - $this->fbuser['name'], + $this->fbuser->name, $this->fbuid ), __FILE__ @@ -474,7 +531,7 @@ class FacebookfinishloginAction extends Action . '%s (fbuid %d), filename = %s', $user->nickname, $user->id, - $this->fbuser['name'], + $this->fbuser->name, $this->fbuid, $filename ), @@ -537,7 +594,7 @@ class FacebookfinishloginAction extends Action common_debug( sprintf( 'Connected Facebook user %s (fbuid %d) to local user %s (%d)', - $this->fbuser['name'], + $this->fbuser->name, $this->fbuid, $user->nickname, $user->id @@ -616,7 +673,7 @@ class FacebookfinishloginAction extends Action $flink->service = FACEBOOK_SERVICE; // Pull the access token from the Facebook cookies - $flink->credentials = $this->facebook->getAccessToken(); + $flink->credentials = $this->accessToken; $flink->created = common_sql_now(); @@ -627,8 +684,8 @@ class FacebookfinishloginAction extends Action function bestNewNickname() { - if (!empty($this->fbuser['name'])) { - $nickname = $this->nicknamize($this->fbuser['name']); + if (!empty($this->fbuser->username)) { + $nickname = $this->nicknamize($this->fbuser->username); if ($this->isNewNickname($nickname)) { return $nickname; } @@ -636,8 +693,7 @@ class FacebookfinishloginAction extends Action // Try the full name - $fullname = trim($this->fbuser['first_name'] . - ' ' . $this->fbuser['last_name']); + $fullname = $this->fbuser->name; if (!empty($fullname)) { $fullname = $this->nicknamize($fullname); @@ -694,10 +750,8 @@ class FacebookfinishloginAction extends Action $result = User::staticGet('email', $email); if (empty($result)) { - common_debug("XXXXXXXXXXXXXXXXXX We've never seen this email before!!!"); return true; } - common_debug("XXXXXXXXXXXXXXXXXX dupe email address!!!!"); return false; } diff --git a/plugins/FacebookBridge/actions/facebooklogin.php b/plugins/FacebookBridge/actions/facebooklogin.php index fa3cc7a6f2..afb30a2b1f 100644 --- a/plugins/FacebookBridge/actions/facebooklogin.php +++ b/plugins/FacebookBridge/actions/facebooklogin.php @@ -72,17 +72,16 @@ class FacebookloginAction extends Action $facebook = Facebookclient::getFacebook(); + $params = array( + 'scope' => 'read_stream,publish_stream,offline_access,user_status,user_location,user_website,email', + 'redirect_uri' => common_local_url('facebookfinishlogin') + ); + // Degrade to plain link if JavaScript is not available $this->elementStart( 'a', array( - 'href' => $facebook->getLoginUrl( - array( - 'next' => common_local_url('facebookfinishlogin'), - 'cancel' => common_local_url('facebooklogin'), - 'req_perms' => 'read_stream,publish_stream,offline_access,user_status,user_location,user_website,email' - ) - ), + 'href' => $facebook->getLoginUrl($params), 'id' => 'facebook_button' ) ); diff --git a/plugins/FacebookBridge/lib/facebookclient.php b/plugins/FacebookBridge/lib/facebookclient.php index 0469ce8aca..768950ffa2 100644 --- a/plugins/FacebookBridge/lib/facebookclient.php +++ b/plugins/FacebookBridge/lib/facebookclient.php @@ -916,7 +916,7 @@ class Facebookclient static function addFacebookUser($fbuser) { // remove any existing, possibly outdated, record - $luser = Foreign_user::getForeignUser($fbuser['id'], FACEBOOK_SERVICE); + $luser = Foreign_user::getForeignUser($fbuser->id, FACEBOOK_SERVICE); if (!empty($luser)) { @@ -937,9 +937,9 @@ class Facebookclient $fuser = new Foreign_user(); - $fuser->nickname = $fbuser['name']; - $fuser->uri = $fbuser['link']; - $fuser->id = $fbuser['id']; + $fuser->nickname = $fbuser->username; + $fuser->uri = $fbuser->url; + $fuser->id = $fbuser->id; $fuser->service = FACEBOOK_SERVICE; $fuser->created = common_sql_now(); @@ -950,8 +950,8 @@ class Facebookclient LOG_WARNING, sprintf( 'Failed to add new Facebook user: %s, fbuid %d', - $fbuser['name'], - $fbuser['id'] + $fbuser->username, + $fbuser->id ), __FILE__ ); @@ -962,8 +962,8 @@ class Facebookclient LOG_INFO, sprintf( 'Added new Facebook user: %s, fbuid %d', - $fbuser['name'], - $fbuser['id'] + $fbuser->name, + $fbuser->id ), __FILE__ ); From 3b28f226c7bfb4ed535d43038b566df09ad49dd7 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Tue, 27 Sep 2011 04:09:47 +0000 Subject: [PATCH 2/3] Facebook bridge back in business with new JS-SDK and OAuth 2.0 flow. Might be better to rewrite the login mechanism to use server side flow now that Facebook provides it. --- classes/Foreign_user.php | 16 +- .../FacebookBridge/FacebookBridgePlugin.php | 48 ++-- .../actions/facebookdeauthorize.php | 4 +- .../actions/facebookfinishlogin.php | 224 ++++++------------ .../FacebookBridge/actions/facebooklogin.php | 12 +- plugins/FacebookBridge/lib/facebookclient.php | 8 +- 6 files changed, 116 insertions(+), 196 deletions(-) diff --git a/classes/Foreign_user.php b/classes/Foreign_user.php index 67d8651fa9..4a41e07f4d 100644 --- a/classes/Foreign_user.php +++ b/classes/Foreign_user.php @@ -44,20 +44,18 @@ class Foreign_user extends Managed_DataObject ); } - // XXX: This only returns a 1->1 single obj mapping. Change? Or make - // a getForeignUsers() that returns more than one? --Zach static function getForeignUser($id, $service) { + $fuser = new Foreign_user(); - $fuser->whereAdd("service = $service"); - $fuser->whereAdd("id = $id"); + + $fuser->id = $id; + $fuser->service = $service; + $fuser->limit(1); - if ($fuser->find()) { - $fuser->fetch(); - return $fuser; - } + $result = $fuser->find(true); - return null; + return empty($result) ? null : $fuser; } static function getByNickname($nickname, $service) diff --git a/plugins/FacebookBridge/FacebookBridgePlugin.php b/plugins/FacebookBridge/FacebookBridgePlugin.php index 9d83c9f474..bf16da337d 100644 --- a/plugins/FacebookBridge/FacebookBridgePlugin.php +++ b/plugins/FacebookBridge/FacebookBridgePlugin.php @@ -103,8 +103,6 @@ class FacebookBridgePlugin extends Plugin { $dir = dirname(__FILE__); - //common_debug("class = " . $cls); - switch ($cls) { case 'Facebook': // Facebook PHP SDK @@ -352,6 +350,13 @@ class FacebookBridgePlugin extends Plugin $action->script('https://connect.facebook.net/en_US/all.js'); $script = <<hasApplication()) { - //$session = $this->facebook->getSession(); - $fbuser = null; - $fbuid = null; - try { - $fbuid = $this->facebook->getUser(); - $fbuser = $this->facebook->api('/me'); - } catch (FacebookApiException $e) { - common_log(LOG_ERROR, $e, __FILE__); - } + $cur = common_current_user(); + $flink = Foreign_link::getByUserID($cur->id, FACEBOOK_SERVICE); - if (!empty($fbuser)) { + if (!empty($flink)) { + + $this->facebook->setAccessToken($flink->credentials); + + if (common_config('singleuser', 'enabled')) { + $user = User::singleUser(); + + $destination = common_local_url( + 'showstream', + array('nickname' => $user->nickname) + ); + } else { + $destination = common_local_url('public'); + } $logoutUrl = $this->facebook->getLogoutUrl( - array('next' => common_local_url('public')) + array('next' => $destination) ); common_log( @@ -411,9 +424,14 @@ ENDOFSCRIPT; ), __FILE__ ); - common_debug("LOGOUT URL = $logoutUrl"); + + $action->logout(); + common_redirect($logoutUrl, 303); + return false; // probably never get here, but hey } + + return true; } } diff --git a/plugins/FacebookBridge/actions/facebookdeauthorize.php b/plugins/FacebookBridge/actions/facebookdeauthorize.php index 1a83c3a003..443b768f5c 100644 --- a/plugins/FacebookBridge/actions/facebookdeauthorize.php +++ b/plugins/FacebookBridge/actions/facebookdeauthorize.php @@ -1,7 +1,7 @@ - * @copyright 2010 StatusNet, Inc. + * @copyright 2010-2011 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0 * @link http://status.net/ */ diff --git a/plugins/FacebookBridge/actions/facebookfinishlogin.php b/plugins/FacebookBridge/actions/facebookfinishlogin.php index d58944e83d..260761e862 100644 --- a/plugins/FacebookBridge/actions/facebookfinishlogin.php +++ b/plugins/FacebookBridge/actions/facebookfinishlogin.php @@ -42,37 +42,24 @@ class FacebookfinishloginAction extends Action // Check cookie for a valid access_token - $cookie = $this->get_facebook_cookie( - common_config('facebook', 'appid'), - common_config('facebook', 'secret') - ); + if (isset($_COOKIE['fb_access_token'])) { + $this->accessToken = $_COOKIE['fb_access_token']; + if (empty($this->accessToken)) { + $this->clientError(_m("Unable to authenticate you with Facebook.")); + return false; + } + } - $this->accessToken = $cookie['access_token']; - - common_debug("cookie = " . var_export($cookie, true)); - - $this->fbuser = json_decode( - file_get_contents( - 'https://graph.facebook.com/me?access_token=' - . $this->accessToken - ) - ); + $graphUrl = 'https://graph.facebook.com/me?access_token=' . urlencode($this->accessToken); + $this->fbuser = json_decode(file_get_contents($graphUrl)); if (!empty($this->fbuser)) { - $this->fbuid = $this->fbuser->id; - common_debug("fbuser = " . var_export($this->fbuser, true)); - common_debug("fbuid = " . $this->fbuid); - // OKAY, all is well... proceed to register - - common_debug("Found a valid Facebook user.", __FILE__); - return true; - } else { - // This shouldn't happen in the regular course of things + // log badness list($proxy, $ip) = common_client_ip(); @@ -95,27 +82,6 @@ class FacebookfinishloginAction extends Action return false; } - function get_facebook_cookie($app_id, $app_secret) { - $args = array(); - - parse_str(trim($_COOKIE['fbs_' . $app_id], '\\"'), $args); - - ksort($args); - $payload = ''; - - foreach ($args as $key => $value) { - if ($key != 'sig') { - $payload .= $key . '=' . $value; - } - } - - if (md5($payload . $app_secret) != $args['sig']) { - return null; - } - - return $args; - } - function handle($args) { parent::handle($args); @@ -148,14 +114,6 @@ class FacebookfinishloginAction extends Action // User already has a linked Facebook account and shouldn't be here! - common_debug( - sprintf( - 'There\'s already a local user %d linked with Facebook user %s.', - $flink->user_id, - $this->fbuid - ) - ); - $this->clientError( // TRANS: Client error displayed when trying to connect to a Facebook account that is already linked // TRANS: in the same StatusNet site. @@ -172,14 +130,6 @@ class FacebookfinishloginAction extends Action // There's already a local user linked to this Facebook account. - common_debug( - sprintf( - 'There\'s already a local user %d linked with Facebook user %s.', - $cur->id, - $this->fbuid - ) - ); - $this->clientError( // TRANS: Client error displayed when trying to connect to a Facebook account that is already linked // TRANS: in the same StatusNet site. @@ -194,6 +144,7 @@ class FacebookfinishloginAction extends Action { $token = $this->trimmed('token'); + // CSRF protection if (!$token || $token != common_session_token()) { $this->showForm( // TRANS: Client error displayed when the session token does not match or is not given. @@ -481,64 +432,58 @@ class FacebookfinishloginAction extends Action */ function setAvatar($user) { - $picUrl = sprintf( - 'http://graph.facebook.com/%s/picture?type=large', - $this->fbuid - ); - - // fetch the picture from Facebook - $client = new HTTPClient(); - - // fetch the actual picture - $response = $client->get($picUrl); - - if ($response->isOk()) { - - $finalUrl = $client->getUrl(); - - // Make sure the filename is unique becuase it's possible for a user - // to deauthorize our app, and then come back in as a new user but - // have the same Facebook picture (avatar URLs have a unique index - // and their URLs are based on the filenames). - $filename = 'facebook-' . common_good_rand(4) . '-' - . substr(strrchr($finalUrl, '/'), 1); - - $ok = file_put_contents( - Avatar::path($filename), - $response->getBody() + try { + $picUrl = sprintf( + 'http://graph.facebook.com/%d/picture?type=large', + $this->fbuser->id ); - if (!$ok) { - common_log( - LOG_WARNING, - sprintf( - 'Couldn\'t save Facebook avatar %s', - $tmp - ), - __FILE__ + // fetch the picture from Facebook + $client = new HTTPClient(); + + // fetch the actual picture + $response = $client->get($picUrl); + + if ($response->isOk()) { + + // seems to always be jpeg, but not sure + $tmpname = "facebook-avatar-tmp-" . common_good_rand(4); + + $ok = file_put_contents( + Avatar::path($tmpname), + $response->getBody() ); - } else { + if (!$ok) { + common_log(LOG_WARNING, 'Couldn\'t save tmp Facebook avatar: ' . $tmpname, __FILE__); + } else { + // save it as an avatar + $profile = $user->getProfile(); - // save it as an avatar - $profile = $user->getProfile(); + if ($profile->setOriginal($tmpname)) { + common_log( + LOG_INFO, + sprintf( + 'Saved avatar for %s (%d) from Facebook picture for ' + . '%s (fbuid %d), filename = %s', + $user->nickname, + $user->id, + $this->fbuser->name, + $this->fbuid, + $filename + ), + __FILE__ + ); + + // clean up + @unlink(Avatar::path($tmpname)); + } - if ($profile->setOriginal($filename)) { - common_log( - LOG_INFO, - sprintf( - 'Saved avatar for %s (%d) from Facebook picture for ' - . '%s (fbuid %d), filename = %s', - $user->nickname, - $user->id, - $this->fbuser->name, - $this->fbuid, - $filename - ), - __FILE__ - ); } } + } catch (Exception $e) { + common_log(LOG_WARNING, 'Couldn\'t save Facebook avatar: ' . $e->getMessage(), __FILE__); + // error isn't fatal, continue } } @@ -555,22 +500,14 @@ class FacebookfinishloginAction extends Action $user = User::staticGet('nickname', $nickname); - if (!empty($user)) { - common_debug( - sprintf( - 'Found a legit user to connect to Facebook: %s (%d)', - $user->nickname, - $user->id - ), - __FILE__ - ); - } - $this->tryLinkUser($user); common_set_user($user); common_real_login(true); + // clear out the stupid cookie + setcookie('fb_access_token', '', time() - 3600); // one hour ago + $this->goHome($user->nickname); } @@ -578,6 +515,9 @@ class FacebookfinishloginAction extends Action { $user = common_current_user(); $this->tryLinkUser($user); + + // clear out the stupid cookie + setcookie('fb_access_token', '', time() - 3600); // one hour ago common_redirect(common_local_url('facebookfinishlogin'), 303); } @@ -590,29 +530,10 @@ class FacebookfinishloginAction extends Action $this->serverError(_m('Error connecting user to Facebook.')); return; } - - common_debug( - sprintf( - 'Connected Facebook user %s (fbuid %d) to local user %s (%d)', - $this->fbuser->name, - $this->fbuid, - $user->nickname, - $user->id - ), - __FILE__ - ); } function tryLogin() { - common_debug( - sprintf( - 'Trying login for Facebook user %s', - $this->fbuid - ), - __FILE__ - ); - $flink = Foreign_link::getByForeignID($this->fbuid, FACEBOOK_SERVICE); if (!empty($flink)) { @@ -633,19 +554,14 @@ class FacebookfinishloginAction extends Action common_set_user($user); common_real_login(true); + + // clear out the stupid cookie + setcookie('fb_access_token', '', time() - 3600); // one hour ago + $this->goHome($user->nickname); } } else { - - common_debug( - sprintf( - 'No flink found for fbuid: %s - new user', - $this->fbuid - ), - __FILE__ - ); - $this->showForm(null, $this->bestNewNickname()); } } @@ -668,14 +584,12 @@ class FacebookfinishloginAction extends Action function flinkUser($user_id, $fbuid) { $flink = new Foreign_link(); - $flink->user_id = $user_id; - $flink->foreign_id = $fbuid; - $flink->service = FACEBOOK_SERVICE; - // Pull the access token from the Facebook cookies + $flink->user_id = $user_id; + $flink->foreign_id = $fbuid; + $flink->service = FACEBOOK_SERVICE; $flink->credentials = $this->accessToken; - - $flink->created = common_sql_now(); + $flink->created = common_sql_now(); $flink_id = $flink->insert(); diff --git a/plugins/FacebookBridge/actions/facebooklogin.php b/plugins/FacebookBridge/actions/facebooklogin.php index afb30a2b1f..f30822b63f 100644 --- a/plugins/FacebookBridge/actions/facebooklogin.php +++ b/plugins/FacebookBridge/actions/facebooklogin.php @@ -23,7 +23,7 @@ * @category Plugin * @package StatusNet * @author Zach Copley - * @copyright 2010 StatusNet, Inc. + * @copyright 2010-2011 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0 * @link http://status.net/ */ @@ -98,16 +98,6 @@ class FacebookloginAction extends Action $this->elementEnd('a'); - /* - $this->element('div', array('id' => 'fb-root')); - $this->script( - sprintf( - 'http://connect.facebook.net/en_US/all.js#appId=%s&xfbml=1', - common_config('facebook', 'appid') - ) - ); - $this->element('fb:facepile', array('max-rows' => '2', 'width' =>'300')); - */ $this->elementEnd('fieldset'); } diff --git a/plugins/FacebookBridge/lib/facebookclient.php b/plugins/FacebookBridge/lib/facebookclient.php index 768950ffa2..00b313b6a4 100644 --- a/plugins/FacebookBridge/lib/facebookclient.php +++ b/plugins/FacebookBridge/lib/facebookclient.php @@ -23,7 +23,7 @@ * @package StatusNet * @author Craig Andrews * @author Zach Copley - * @copyright 2009-2010 StatusNet, Inc. + * @copyright 2009-2011 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -927,8 +927,8 @@ class Facebookclient LOG_INFO, sprintf( 'Removed old Facebook user: %s, fbuid %d', - $fbuid['name'], - $fbuid['id'] + $fbuid->name, + $fbuid->id ), __FILE__ ); @@ -938,7 +938,7 @@ class Facebookclient $fuser = new Foreign_user(); $fuser->nickname = $fbuser->username; - $fuser->uri = $fbuser->url; + $fuser->uri = $fbuser->link; $fuser->id = $fbuser->id; $fuser->service = FACEBOOK_SERVICE; $fuser->created = common_sql_now(); From 000e5c0c0195d08aa0e06b1485c299fb9a0d48b7 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Tue, 27 Sep 2011 04:31:41 +0000 Subject: [PATCH 3/3] Do a better job of saving the original avatar from Facebook --- plugins/FacebookBridge/actions/facebookfinishlogin.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/plugins/FacebookBridge/actions/facebookfinishlogin.php b/plugins/FacebookBridge/actions/facebookfinishlogin.php index 260761e862..4c8c9f860f 100644 --- a/plugins/FacebookBridge/actions/facebookfinishlogin.php +++ b/plugins/FacebookBridge/actions/facebookfinishlogin.php @@ -458,9 +458,13 @@ class FacebookfinishloginAction extends Action common_log(LOG_WARNING, 'Couldn\'t save tmp Facebook avatar: ' . $tmpname, __FILE__); } else { // save it as an avatar + + $file = new ImageFile($user->id, Avatar::path($tmpname)); + $filename = $file->resize(180); // size of the biggest img we get from Facebook + $profile = $user->getProfile(); - if ($profile->setOriginal($tmpname)) { + if ($profile->setOriginal($filename)) { common_log( LOG_INFO, sprintf( @@ -475,7 +479,7 @@ class FacebookfinishloginAction extends Action __FILE__ ); - // clean up + // clean up tmp file @unlink(Avatar::path($tmpname)); }