aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSteve Clay <steve@mrclay.org>2012-08-05 21:03:35 -0400
committerSteve Clay <steve@mrclay.org>2012-08-05 21:03:35 -0400
commitef351d0cf8a866cb40285e71fe5ed2b980bd11ed (patch)
tree7e5c43f03e2b2a4d13e6cee3a7e850b3ad811597
parent0a0203a418a082a38c5c700ea11377153fa37555 (diff)
downloadelgg-ef351d0cf8a866cb40285e71fe5ed2b980bd11ed.tar.gz
elgg-ef351d0cf8a866cb40285e71fe5ed2b980bd11ed.tar.bz2
Fixes #4764: Twitter login supports persistent and referrer forwarding
-rw-r--r--actions/login.php4
-rw-r--r--engine/classes/ElggSession.php14
-rw-r--r--mod/twitter_api/lib/twitter_api.php44
-rw-r--r--mod/twitter_api/start.php9
-rw-r--r--mod/twitter_api/views/default/twitter_api/css.php2
-rw-r--r--mod/twitter_api/views/default/twitter_api/js.php16
-rw-r--r--mod/twitter_api/views/default/twitter_api/login.php2
7 files changed, 72 insertions, 19 deletions
diff --git a/actions/login.php b/actions/login.php
index ea7fb3508..1e5e92ede 100644
--- a/actions/login.php
+++ b/actions/login.php
@@ -7,7 +7,7 @@
*/
// set forward url
-if (isset($_SESSION['last_forward_from']) && $_SESSION['last_forward_from']) {
+if (!empty($_SESSION['last_forward_from'])) {
$forward_url = $_SESSION['last_forward_from'];
unset($_SESSION['last_forward_from']);
} elseif (get_input('returntoreferer')) {
@@ -19,7 +19,7 @@ if (isset($_SESSION['last_forward_from']) && $_SESSION['last_forward_from']) {
$username = get_input('username');
$password = get_input('password', null, false);
-$persistent = get_input("persistent", false);
+$persistent = (bool) get_input("persistent");
$result = false;
if (empty($username) || empty($password)) {
diff --git a/engine/classes/ElggSession.php b/engine/classes/ElggSession.php
index 13a33736c..9750f063e 100644
--- a/engine/classes/ElggSession.php
+++ b/engine/classes/ElggSession.php
@@ -54,7 +54,7 @@ class ElggSession implements ArrayAccess {
*
* @param mixed $key Name
*
- * @return void
+ * @return mixed
*/
function offsetGet($key) {
if (!ElggSession::$__localcache) {
@@ -98,7 +98,7 @@ class ElggSession implements ArrayAccess {
*
* @param int $offset Offset
*
- * @return int
+ * @return bool
*/
function offsetExists($offset) {
if (isset(ElggSession::$__localcache[$offset])) {
@@ -112,6 +112,8 @@ class ElggSession implements ArrayAccess {
if ($this->offsetGet($offset)) {
return true;
}
+
+ return false;
}
@@ -132,10 +134,10 @@ class ElggSession implements ArrayAccess {
* @param string $key Name
* @param mixed $value Value
*
- * @return mixed
+ * @return void
*/
function set($key, $value) {
- return $this->offsetSet($key, $value);
+ $this->offsetSet($key, $value);
}
/**
@@ -143,9 +145,9 @@ class ElggSession implements ArrayAccess {
*
* @param string $key Name
*
- * @return bool
+ * @return void
*/
function del($key) {
- return $this->offsetUnset($key);
+ $this->offsetUnset($key);
}
}
diff --git a/mod/twitter_api/lib/twitter_api.php b/mod/twitter_api/lib/twitter_api.php
index fbce00d34..81c9c6628 100644
--- a/mod/twitter_api/lib/twitter_api.php
+++ b/mod/twitter_api/lib/twitter_api.php
@@ -29,6 +29,8 @@ function twitter_api_allow_sign_on_with_twitter() {
* This includes the login URL as the callback
*/
function twitter_api_forward() {
+ global $SESSION;
+
// sanity check
if (!twitter_api_allow_sign_on_with_twitter()) {
forward();
@@ -37,6 +39,18 @@ function twitter_api_forward() {
$callback = elgg_normalize_url("twitter_api/login");
$request_link = twitter_api_get_authorize_url($callback);
+ // capture metadata about login to persist through redirects
+ $login_metadata = array(
+ 'persistent' => (bool) get_input("persistent"),
+ );
+ // capture referrer if in site, but not the twitter_api
+ if (!empty($_SERVER['HTTP_REFERER'])
+ && 0 === strpos($_SERVER['HTTP_REFERER'], elgg_get_site_url())
+ && 0 !== strpos($_SERVER['HTTP_REFERER'], elgg_get_site_url() . 'twitter_api/')) {
+ $login_metadata['forward'] = $_SERVER['HTTP_REFERER'];
+ }
+ $SESSION['twitter_api_login_metadata'] = $login_metadata;
+
forward($request_link, 'twitter_api');
}
@@ -55,6 +69,8 @@ function twitter_api_forward() {
* the Twitter OAuth data.
*/
function twitter_api_login() {
+ /* @var ElggSession $SESSION */
+ global $SESSION;
// sanity check
if (!twitter_api_allow_sign_on_with_twitter()) {
@@ -62,6 +78,20 @@ function twitter_api_login() {
}
$token = twitter_api_get_access_token(get_input('oauth_verifier'));
+
+ $persistent = false;
+ $forward = '';
+
+ // fetch login metadata from session
+ $login_metadata = $SESSION['twitter_api_login_metadata'];
+ unset($SESSION['twitter_api_login_metadata']);
+ if (!empty($login_metadata['persistent'])) {
+ $persistent = true;
+ }
+ if (!empty($login_metadata['forward'])) {
+ $forward = $login_metadata['forward'];
+ }
+
if (!isset($token['oauth_token']) or !isset($token['oauth_token_secret'])) {
register_error(elgg_echo('twitter_api:login:error'));
forward();
@@ -81,13 +111,13 @@ function twitter_api_login() {
$users = elgg_get_entities_from_plugin_user_settings($options);
if ($users) {
- if (count($users) == 1 && login($users[0])) {
- system_message(elgg_echo('twitter_api:login:success'));
+ if (count($users) == 1 && login($users[0], $persistent)) {
+ system_message(elgg_echo('twitter_api:login:success'));
+ forward($forward);
} else {
register_error(elgg_echo('twitter_api:login:error'));
+ forward();
}
-
- forward(elgg_get_site_url());
} else {
$consumer_key = elgg_get_plugin_setting('consumer_key', 'twitter_api');
$consumer_secret = elgg_get_plugin_setting('consumer_secret', 'twitter_api');
@@ -301,9 +331,11 @@ function twitter_api_get_authorize_url($callback = NULL, $login = true) {
/**
* Returns the access token to use in twitter calls.
*
- * @param unknown_type $oauth_verifier
+ * @param bool $oauth_verifier
+ * @return array
*/
function twitter_api_get_access_token($oauth_verifier = FALSE) {
+ /* @var ElggSession $SESSION */
global $SESSION;
$consumer_key = elgg_get_plugin_setting('consumer_key', 'twitter_api');
@@ -312,7 +344,7 @@ function twitter_api_get_access_token($oauth_verifier = FALSE) {
// retrieve stored tokens
$oauth_token = $SESSION['twitter_api']['oauth_token'];
$oauth_token_secret = $SESSION['twitter_api']['oauth_token_secret'];
- $SESSION->offsetUnset('twitter_api');
+ unset($SESSION['twitter_api']);
// fetch an access token
$api = new TwitterOAuth($consumer_key, $consumer_secret, $oauth_token, $oauth_token_secret);
diff --git a/mod/twitter_api/start.php b/mod/twitter_api/start.php
index 08bce5479..e6221de6b 100644
--- a/mod/twitter_api/start.php
+++ b/mod/twitter_api/start.php
@@ -20,6 +20,7 @@ function twitter_api_init() {
//elgg_extend_view('metatags', 'twitter_api/metatags');
elgg_extend_view('css/elgg', 'twitter_api/css');
elgg_extend_view('css/admin', 'twitter_api/css');
+ elgg_extend_view('js/elgg', 'twitter_api/js');
// sign on with twitter
if (twitter_api_allow_sign_on_with_twitter()) {
@@ -60,7 +61,7 @@ function twitter_api_pagehandler_deprecated($page) {
* Serves pages for twitter.
*
* @param array $page
- * @return void
+ * @return bool
*/
function twitter_api_pagehandler($page) {
if (!isset($page[0])) {
@@ -131,14 +132,15 @@ function twitter_api_tweet($hook, $type, $returnvalue, $params) {
// send tweet
$api = new TwitterOAuth($consumer_key, $consumer_secret, $access_key, $access_secret);
- $response = $api->post('statuses/update', array('status' => $params['message']));
+ $api->post('statuses/update', array('status' => $params['message']));
}
/**
* Get tweets for a user.
*
- * @param int $user_id The Elgg user GUID
+ * @param int $user_guid The Elgg user GUID
* @param array $options
+ * @return array
*/
function twitter_api_fetch_tweets($user_guid, $options = array()) {
// check admin settings
@@ -167,6 +169,7 @@ function twitter_api_fetch_tweets($user_guid, $options = array()) {
* @param string $type
* @param array $return_value
* @param array $params
+ * @return array
*/
function twitter_api_public_pages($hook, $type, $return_value, $params) {
$return_value[] = 'twitter_api/forward';
diff --git a/mod/twitter_api/views/default/twitter_api/css.php b/mod/twitter_api/views/default/twitter_api/css.php
index 04bbed668..2d081d361 100644
--- a/mod/twitter_api/views/default/twitter_api/css.php
+++ b/mod/twitter_api/views/default/twitter_api/css.php
@@ -4,7 +4,7 @@
*/
?>
-#login_with_twitter {
+.login_with_twitter {
padding: 10px 0 0 0;
}
diff --git a/mod/twitter_api/views/default/twitter_api/js.php b/mod/twitter_api/views/default/twitter_api/js.php
new file mode 100644
index 000000000..60839709d
--- /dev/null
+++ b/mod/twitter_api/views/default/twitter_api/js.php
@@ -0,0 +1,16 @@
+<?php if (0): ?><script><? endif; ?>
+
+// add ?persistent to login link
+elgg.register_hook_handler('init', 'system', function() {
+ $('form.elgg-form-login').each(function () {
+ var link = $('.login_with_twitter a', this).get(0),
+ $input = $('input[name="persistent"]', this);
+ function sync() {
+ link.href = link.href.replace(/\?.*/, '') + ($input[0].checked ? '?persistent' : '');
+ }
+ if (link && $input.length) {
+ sync();
+ $input.change(sync);
+ }
+ });
+});
diff --git a/mod/twitter_api/views/default/twitter_api/login.php b/mod/twitter_api/views/default/twitter_api/login.php
index 17bd76d56..7b4b4ecb1 100644
--- a/mod/twitter_api/views/default/twitter_api/login.php
+++ b/mod/twitter_api/views/default/twitter_api/login.php
@@ -7,7 +7,7 @@ $url = elgg_get_site_url() . 'twitter_api/forward';
$img_url = elgg_get_site_url() . 'mod/twitter_api/graphics/sign-in-with-twitter-d.png';
$login = <<<__HTML
-<div id="login_with_twitter">
+<div class="login_with_twitter">
<a href="$url">
<img src="$img_url" alt="Twitter" />
</a>