aboutsummaryrefslogtreecommitdiff
path: root/mod/twitter_api/lib/twitter_api.php
diff options
context:
space:
mode:
Diffstat (limited to 'mod/twitter_api/lib/twitter_api.php')
-rw-r--r--mod/twitter_api/lib/twitter_api.php89
1 files changed, 68 insertions, 21 deletions
diff --git a/mod/twitter_api/lib/twitter_api.php b/mod/twitter_api/lib/twitter_api.php
index 355123992..a7b971876 100644
--- a/mod/twitter_api/lib/twitter_api.php
+++ b/mod/twitter_api/lib/twitter_api.php
@@ -6,6 +6,27 @@
*/
/**
+ * Get the API wrapper object
+ *
+ * @param string $oauth_token User's OAuth token
+ * @param string $oauth_token_secret User's OAuth secret
+ * @return TwitterOAuth|null
+ */
+function twitter_api_get_api_object($oauth_token = null, $oauth_token_secret = null) {
+ $consumer_key = elgg_get_plugin_setting('consumer_key', 'twitter_api');
+ $consumer_secret = elgg_get_plugin_setting('consumer_secret', 'twitter_api');
+ if (!($consumer_key && $consumer_secret)) {
+ return null;
+ }
+
+ $api = new TwitterOAuth($consumer_key, $consumer_secret, $oauth_token, $oauth_token_secret);
+ if ($api) {
+ $api->host = "https://api.twitter.com/1.1/";
+ }
+ return $api;
+}
+
+/**
* Tests if the system admin has enabled Sign-On-With-Twitter
*
* @param void
@@ -29,6 +50,8 @@ function twitter_api_allow_sign_on_with_twitter() {
* This includes the login URL as the callback
*/
function twitter_api_forward() {
+ global $SESSION;
+
// sanity check
if (!twitter_api_allow_sign_on_with_twitter()) {
forward();
@@ -37,6 +60,20 @@ function twitter_api_forward() {
$callback = elgg_normalize_url("twitter_api/login");
$request_link = twitter_api_get_authorize_url($callback);
+ // capture metadata about login to persist through redirects
+ $login_metadata = array(
+ 'persistent' => (bool) get_input("persistent"),
+ );
+ // capture referrer if in site, but not the twitter_api
+ if (!empty($SESSION['last_forward_from'])) {
+ $login_metadata['forward'] = $SESSION['last_forward_from'];
+ } elseif (!empty($_SERVER['HTTP_REFERER'])
+ && 0 === strpos($_SERVER['HTTP_REFERER'], elgg_get_site_url())
+ && 0 !== strpos($_SERVER['HTTP_REFERER'], elgg_get_site_url() . 'twitter_api/')) {
+ $login_metadata['forward'] = $_SERVER['HTTP_REFERER'];
+ }
+ $SESSION['twitter_api_login_metadata'] = $login_metadata;
+
forward($request_link, 'twitter_api');
}
@@ -55,6 +92,8 @@ function twitter_api_forward() {
* the Twitter OAuth data.
*/
function twitter_api_login() {
+ /* @var ElggSession $SESSION */
+ global $SESSION;
// sanity check
if (!twitter_api_allow_sign_on_with_twitter()) {
@@ -62,7 +101,21 @@ function twitter_api_login() {
}
$token = twitter_api_get_access_token(get_input('oauth_verifier'));
- if (!isset($token['oauth_token']) or !isset($token['oauth_token_secret'])) {
+
+ $persistent = false;
+ $forward = '';
+
+ // fetch login metadata from session
+ $login_metadata = $SESSION['twitter_api_login_metadata'];
+ unset($SESSION['twitter_api_login_metadata']);
+ if (!empty($login_metadata['persistent'])) {
+ $persistent = true;
+ }
+ if (!empty($login_metadata['forward'])) {
+ $forward = $login_metadata['forward'];
+ }
+
+ if (!isset($token['oauth_token']) || !isset($token['oauth_token_secret'])) {
register_error(elgg_echo('twitter_api:login:error'));
forward();
}
@@ -81,17 +134,15 @@ function twitter_api_login() {
$users = elgg_get_entities_from_plugin_user_settings($options);
if ($users) {
- if (count($users) == 1 && login($users[0])) {
- system_message(elgg_echo('twitter_api:login:success'));
+ if (count($users) == 1 && login($users[0], $persistent)) {
+ system_message(elgg_echo('twitter_api:login:success'));
+ forward($forward);
} else {
register_error(elgg_echo('twitter_api:login:error'));
+ forward();
}
-
- forward(elgg_get_site_url());
} else {
- $consumer_key = elgg_get_plugin_setting('consumer_key', 'twitter_api');
- $consumer_secret = elgg_get_plugin_setting('consumer_secret', 'twitter_api');
- $api = new TwitterOAuth($consumer_key, $consumer_secret, $token['oauth_token'], $token['oauth_token_secret']);
+ $api = twitter_api_get_api_object($token['oauth_token'], $token['oauth_token_secret']);
$twitter = $api->get('account/verify_credentials');
// backward compatibility for deprecated Twitter Login plugin
@@ -109,7 +160,7 @@ function twitter_api_login() {
$user = twitter_api_create_user($twitter);
$site_name = elgg_get_site_entity()->name;
system_message(elgg_echo('twitter_api:login:email', array($site_name)));
- $forward = "twitter_api/intersitial";
+ $forward = "twitter_api/interstitial";
}
// set twitter services tokens
@@ -223,7 +274,7 @@ function twitter_api_update_user_avatar($user, $file_location) {
* to establish session request tokens.
*/
function twitter_api_authorize() {
- $token = twitter_api_get_access_token();
+ $token = twitter_api_get_access_token(get_input('oauth_verifier'));
if (!isset($token['oauth_token']) || !isset($token['oauth_token_secret'])) {
register_error(elgg_echo('twitter_api:authorize:error'));
forward('settings/plugins', 'twitter_api');
@@ -282,11 +333,8 @@ function twitter_api_revoke() {
function twitter_api_get_authorize_url($callback = NULL, $login = true) {
global $SESSION;
- $consumer_key = elgg_get_plugin_setting('consumer_key', 'twitter_api');
- $consumer_secret = elgg_get_plugin_setting('consumer_secret', 'twitter_api');
-
// request tokens from Twitter
- $twitter = new TwitterOAuth($consumer_key, $consumer_secret);
+ $twitter = twitter_api_get_api_object();
$token = $twitter->getRequestToken($callback);
// save token in session for use after authorization
@@ -301,21 +349,20 @@ function twitter_api_get_authorize_url($callback = NULL, $login = true) {
/**
* Returns the access token to use in twitter calls.
*
- * @param unknown_type $oauth_verifier
+ * @param bool $oauth_verifier
+ * @return array
*/
function twitter_api_get_access_token($oauth_verifier = FALSE) {
+ /* @var ElggSession $SESSION */
global $SESSION;
- $consumer_key = elgg_get_plugin_setting('consumer_key', 'twitter_api');
- $consumer_secret = elgg_get_plugin_setting('consumer_secret', 'twitter_api');
-
// retrieve stored tokens
$oauth_token = $SESSION['twitter_api']['oauth_token'];
$oauth_token_secret = $SESSION['twitter_api']['oauth_token_secret'];
- $SESSION->offsetUnset('twitter_api');
+ unset($SESSION['twitter_api']);
// fetch an access token
- $api = new TwitterOAuth($consumer_key, $consumer_secret, $oauth_token, $oauth_token_secret);
+ $api = twitter_api_get_api_object($oauth_token, $oauth_token_secret);
return $api->getAccessToken($oauth_verifier);
}
@@ -333,4 +380,4 @@ function twitter_api_allow_new_users_with_twitter() {
}
return false;
-} \ No newline at end of file
+}
generated by cgit v1.2.3 (git 2.39.1) at 2025-11-13 23:00:02 +0000