1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
<?php
/**
* Authenticate using Facebook Platform.
*
* @author Andreas Åkre Solberg, UNINETT AS.
* @package simpleSAMLphp
*/
class sspmod_authfacebook_Auth_Source_Facebook extends SimpleSAML_Auth_Source {
/**
* The string used to identify our states.
*/
const STAGE_INIT = 'facebook:init';
/**
* The key of the AuthId field in the state.
*/
const AUTHID = 'facebook:AuthId';
/**
* Facebook App ID or API Key
*/
private $api_key;
/**
* Facebook App Secret
*/
private $secret;
/**
* Which additional data permissions to request from user
*/
private $req_perms;
/**
* Constructor for this authentication source.
*
* @param array $info Information about this authentication source.
* @param array $config Configuration.
*/
public function __construct($info, $config) {
assert('is_array($info)');
assert('is_array($config)');
/* Call the parent constructor first, as required by the interface. */
parent::__construct($info, $config);
$cfgParse = SimpleSAML_Configuration::loadFromArray($config, 'authsources[' . var_export($this->authId, TRUE) . ']');
$this->api_key = $cfgParse->getString('api_key');
$this->secret = $cfgParse->getString('secret');
$this->req_perms = $cfgParse->getString('req_perms', NULL);
}
/**
* Log-in using Facebook platform
*
* @param array &$state Information about the current authentication.
*/
public function authenticate(&$state) {
assert('is_array($state)');
/* We are going to need the authId in order to retrieve this authentication source later. */
$state[self::AUTHID] = $this->authId;
$stateID = SimpleSAML_Auth_State::saveState($state, self::STAGE_INIT);
$facebook = new sspmod_authfacebook_Facebook(array('appId' => $this->api_key, 'secret' => $this->secret), $state);
$facebook->destroySession();
$linkback = SimpleSAML_Module::getModuleURL('authfacebook/linkback.php', array('AuthState' => $stateID));
$url = $facebook->getLoginUrl(array('redirect_uri' => $linkback, 'scope' => $this->req_perms));
SimpleSAML_Auth_State::saveState($state, self::STAGE_INIT);
SimpleSAML_Utilities::redirectTrustedURL($url);
}
public function finalStep(&$state) {
assert('is_array($state)');
$facebook = new sspmod_authfacebook_Facebook(array('appId' => $this->api_key, 'secret' => $this->secret), $state);
$uid = $facebook->getUser();
if (isset($uid) && $uid) {
try {
$info = $facebook->api("/" . $uid);
} catch (FacebookApiException $e) {
throw new SimpleSAML_Error_AuthSource($this->authId, 'Error getting user profile.', $e);
}
}
if (!isset($info)) {
throw new SimpleSAML_Error_AuthSource($this->authId, 'Error getting user profile.');
}
$attributes = array();
foreach($info AS $key => $value) {
if (is_string($value) && !empty($value)) {
$attributes['facebook.' . $key] = array((string)$value);
}
}
if (array_key_exists('username', $info)) {
$attributes['facebook_user'] = array($info['username'] . '@facebook.com');
} else {
$attributes['facebook_user'] = array($uid . '@facebook.com');
}
$attributes['facebook_targetedID'] = array('http://facebook.com!' . $uid);
$attributes['facebook_cn'] = array($info['name']);
SimpleSAML_Logger::debug('Facebook Returned Attributes: '. implode(", ", array_keys($attributes)));
$state['Attributes'] = $attributes;
$facebook->destroySession();
}
}
?>
|
