www.gusucode.com > Elgg PHP开源SNS系统 V1.12.5源码程序 > elgg-1.12.5/mod/twitter_api/lib/twitter_api.php
<?php
/**
* Common library of functions used by Twitter Services.
*
* @package twitter_api
*/
/**
* Get the API wrapper object
*
* @param string $oauth_token User's OAuth token
* @param string $oauth_token_secret User's OAuth secret
* @return TwitterOAuth|null
*/
function twitter_api_get_api_object($oauth_token = null, $oauth_token_secret = null) {
$consumer_key = elgg_get_plugin_setting('consumer_key', 'twitter_api');
$consumer_secret = elgg_get_plugin_setting('consumer_secret', 'twitter_api');
if (!($consumer_key && $consumer_secret)) {
return null;
}
$api = new TwitterOAuth($consumer_key, $consumer_secret, $oauth_token, $oauth_token_secret);
if ($api) {
$api->host = "https://api.twitter.com/1.1/";
}
return $api;
}
/**
* Tests if the system admin has enabled Sign-On-With-Twitter
*
* @param void
* @return bool
*/
function twitter_api_allow_sign_on_with_twitter() {
$consumer_key = elgg_get_plugin_setting('consumer_key', 'twitter_api');
if (!$consumer_key) {
return false;
}
$consumer_secret = elgg_get_plugin_setting('consumer_secret', 'twitter_api');
if (!$consumer_secret) {
return false;
}
return elgg_get_plugin_setting('sign_on', 'twitter_api') == 'yes';
}
/**
* Forwards the user to twitter to authenticate
*
* This includes the login URL as the callback
*/
function twitter_api_forward() {
// sanity check
if (!twitter_api_allow_sign_on_with_twitter()) {
forward();
}
$callback = elgg_normalize_url("twitter_api/login");
$request_link = twitter_api_get_authorize_url($callback);
// capture metadata about login to persist through redirects
$login_metadata = array(
'persistent' => (bool) get_input("persistent"),
);
// capture referrer if in site, but not the twitter_api
$session = elgg_get_session();
$server = _elgg_services()->request->server;
$ref = $server->get('HTTP_REFERER', '');
if ($session->has('last_forward_from')) {
$login_metadata['forward'] = $session->get('last_forward_from');
} elseif (0 === strpos($ref, elgg_get_site_url())
&& 0 !== strpos($ref, elgg_get_site_url() . 'twitter_api/')) {
$login_metadata['forward'] = $ref;
}
$session->set('twitter_api_login_metadata', $login_metadata);
forward($request_link, 'twitter_api');
}
/**
* Log in a user referred from Twitter's OAuth API
*
* If the user has already linked their account with Twitter, it is a seamless
* login. If this is a first time login (or a user from deprecated twitter login
* plugin), we create a new account (update the account).
*
* If a plugin wants to be notified when someone logs in with twitter or a new
* twitter user signs up, register for the standard login or create user events
* and check for 'twitter_api' context.
*
* The user has to be redirected from Twitter for this to work. It depends on
* the Twitter OAuth data.
*/
function twitter_api_login() {
// sanity check
if (!twitter_api_allow_sign_on_with_twitter()) {
forward();
}
$session = elgg_get_session();
$token = twitter_api_get_access_token(get_input('oauth_verifier'));
$persistent = false;
$forward = '';
// fetch login metadata from session
$login_metadata = $session->get('twitter_api_login_metadata');
$session->remove('twitter_api_login_metadata');
if (!empty($login_metadata['persistent'])) {
$persistent = true;
}
if (!empty($login_metadata['forward'])) {
$forward = $login_metadata['forward'];
}
if (!isset($token['oauth_token']) || !isset($token['oauth_token_secret'])) {
register_error(elgg_echo('twitter_api:login:error'));
forward();
}
// attempt to find user and log them in.
// else, create a new user.
$options = array(
'type' => 'user',
'plugin_id' => 'twitter_api',
'plugin_user_setting_name_value_pairs' => array(
'access_key' => $token['oauth_token'],
'access_secret' => $token['oauth_token_secret'],
),
'limit' => 0,
);
$users = elgg_get_entities_from_plugin_user_settings($options);
if ($users) {
if (count($users) == 1 && login($users[0], $persistent)) {
system_message(elgg_echo('twitter_api:login:success'));
forward($forward);
} else {
register_error(elgg_echo('twitter_api:login:error'));
forward();
}
} else {
$api = twitter_api_get_api_object($token['oauth_token'], $token['oauth_token_secret']);
$twitter = $api->get('account/verify_credentials');
// backward compatibility for deprecated Twitter Login plugin
$user = FALSE;
if ($twitter_user = get_user_by_username($token['screen_name'])) {
if (($screen_name = $twitter_user->twitter_screen_name) && ($screen_name == $token['screen_name'])) {
// convert existing account
$user = $twitter_user;
$forward = '';
}
}
// create new user
if (!$user) {
$user = twitter_api_create_user($twitter);
$site_name = elgg_get_site_entity()->name;
system_message(elgg_echo('twitter_api:login:email', array($site_name)));
$forward = "twitter_api/interstitial";
}
// set twitter services tokens
elgg_set_plugin_user_setting('twitter_name', $token['screen_name'], $user->guid, 'twitter_api');
elgg_set_plugin_user_setting('access_key', $token['oauth_token'], $user->guid, 'twitter_api');
elgg_set_plugin_user_setting('access_secret', $token['oauth_token_secret'], $user->guid, 'twitter_api');
// pull in Twitter icon
twitter_api_update_user_avatar($user, $twitter->profile_image_url);
// login new user
if (login($user)) {
system_message(elgg_echo('twitter_api:login:success'));
} else {
system_message(elgg_echo('twitter_api:login:error'));
}
forward($forward, 'twitter_api');
}
// register login error
register_error(elgg_echo('twitter_api:login:error'));
forward();
}
/**
* Create a new user from Twitter information
*
* @param object $twitter Twitter OAuth response
* @return ElggUser
*/
function twitter_api_create_user($twitter) {
// check new registration allowed
if (!twitter_api_allow_new_users_with_twitter()) {
register_error(elgg_echo('registerdisabled'));
forward();
}
// Elgg-ify Twitter credentials
$username = $twitter->screen_name;
while (get_user_by_username($username)) {
// @todo I guess we just hope this is good enough
$username = $twitter->screen_name . '_' . rand(1000, 9999);
}
$password = generate_random_cleartext_password();
$name = $twitter->name;
$user = new ElggUser();
$user->username = $username;
$user->name = $name;
$user->access_id = ACCESS_PUBLIC;
$user->setPassword($password);
$user->owner_guid = 0;
$user->container_guid = 0;
if (!$user->save()) {
register_error(elgg_echo('registerbad'));
forward();
}
return $user;
}
/**
* Pull in the latest avatar from twitter.
*
* @param ElggUser $user
* @param string $file_location
*/
function twitter_api_update_user_avatar($user, $file_location) {
// twitter's images have a few suffixes:
// _normal
// _reasonably_small
// _mini
// the twitter app here returns _normal. We want standard, so remove the suffix.
// @todo Should probably check that it's an image file.
$file_location = str_replace('_normal.jpg', '.jpg', $file_location);
$icon_sizes = elgg_get_config('icon_sizes');
$filehandler = new ElggFile();
$filehandler->owner_guid = $user->getGUID();
foreach ($icon_sizes as $size => $dimensions) {
$image = get_resized_image_from_existing_file(
$file_location,
$dimensions['w'],
$dimensions['h'],
$dimensions['square']
);
$filehandler->setFilename("profile/$user->guid$size.jpg");
$filehandler->open('write');
$filehandler->write($image);
$filehandler->close();
}
// update user's icontime
$user->icontime = time();
}
/**
* User-initiated Twitter authorization
*
* Callback action from Twitter registration. Registers a single Elgg user with
* the authorization tokens. Will revoke access from previous users when a
* conflict exists.
*
* Depends upon {@link twitter_api_get_authorize_url} being called previously
* to establish session request tokens.
*/
function twitter_api_authorize() {
$token = twitter_api_get_access_token(get_input('oauth_verifier'));
if (!isset($token['oauth_token']) || !isset($token['oauth_token_secret'])) {
register_error(elgg_echo('twitter_api:authorize:error'));
forward('settings/plugins', 'twitter_api');
}
// make sure no other users are registered to this twitter account.
$options = array(
'type' => 'user',
'plugin_id' => 'twitter_api',
'plugin_user_setting_name_value_pairs' => array(
'access_key' => $token['oauth_token'],
'access_secret' => $token['oauth_token_secret'],
),
'limit' => 0
);
$users = elgg_get_entities_from_plugin_user_settings($options);
/* @var ElggUser[] $users */
if ($users) {
foreach ($users as $user) {
// revoke access
elgg_unset_plugin_user_setting('twitter_name', $user->getGUID(), 'twitter_api');
elgg_unset_plugin_user_setting('access_key', $user->getGUID(), 'twitter_api');
elgg_unset_plugin_user_setting('access_secret', $user->getGUID(), 'twitter_api');
}
}
// register user's access tokens
elgg_set_plugin_user_setting('twitter_name', $token['screen_name'], 0, 'twitter_api');
elgg_set_plugin_user_setting('access_key', $token['oauth_token'], 0, 'twitter_api');
elgg_set_plugin_user_setting('access_secret', $token['oauth_token_secret'], 0, 'twitter_api');
// trigger authorization hook
elgg_trigger_plugin_hook('authorize', 'twitter_api', array('token' => $token));
system_message(elgg_echo('twitter_api:authorize:success'));
forward('settings/plugins', 'twitter_api');
}
/**
* Remove twitter access for the currently logged in user.
*/
function twitter_api_revoke() {
// unregister user's access tokens
elgg_unset_plugin_user_setting('twitter_name', 0, 'twitter_api');
elgg_unset_plugin_user_setting('access_key', 0, 'twitter_api');
elgg_unset_plugin_user_setting('access_secret', 0, 'twitter_api');
system_message(elgg_echo('twitter_api:revoke:success'));
forward('settings/plugins', 'twitter_api');
}
/**
* Gets the url to authorize a user.
*
* @param string $callback The callback URL
*/
function twitter_api_get_authorize_url($callback = NULL, $login = true) {
$session = elgg_get_session();
// request tokens from Twitter
$twitter = twitter_api_get_api_object();
$token = $twitter->getRequestToken($callback);
// save token in session for use after authorization
$session->set('twitter_api', array(
'oauth_token' => $token['oauth_token'],
'oauth_token_secret' => $token['oauth_token_secret'],
));
return $twitter->getAuthorizeURL($token['oauth_token'], $login);
}
/**
* Returns the access token to use in twitter calls.
*
* @param bool $oauth_verifier
* @return array
*/
function twitter_api_get_access_token($oauth_verifier = FALSE) {
$session = elgg_get_session();
// retrieve stored tokens
$api_settings = $session->get('twitter_api');
$oauth_token = $api_settings['oauth_token'];
$oauth_token_secret = $api_settings['oauth_token_secret'];
$session->remove('twitter_api');
// fetch an access token
$api = twitter_api_get_api_object($oauth_token, $oauth_token_secret);
return $api->getAccessToken($oauth_verifier);
}
/**
* Checks if this site is accepting new users.
* Admins can disable manual registration, but some might want to allow
* twitter-only logins.
*/
function twitter_api_allow_new_users_with_twitter() {
$site_reg = elgg_get_config('allow_registration');
$twitter_reg = elgg_get_plugin_setting('new_users', 'twitter_api');
if ($site_reg || (!$site_reg && $twitter_reg == 'yes')) {
return true;
}
return false;
}