dir = getcwd().\DIRECTORY_SEPARATOR .'mod' .\DIRECTORY_SEPARATOR .'webfan_webfat_elgg_bridge' .\DIRECTORY_SEPARATOR .'.data' .\DIRECTORY_SEPARATOR .'connected' .\DIRECTORY_SEPARATOR; $this->configDirProviders = getcwd().\DIRECTORY_SEPARATOR .'mod' .\DIRECTORY_SEPARATOR .'webfan_webfat_elgg_bridge' .\DIRECTORY_SEPARATOR .'.config' .\DIRECTORY_SEPARATOR .'providers' .\DIRECTORY_SEPARATOR; $this->getWebfat(getcwd().\DIRECTORY_SEPARATOR.'webfat.php', true, false); } public function getConnectionFile(string $provider,string $id){ $file = $this->dir.$provider.\DIRECTORY_SEPARATOR.strlen($id) .\DIRECTORY_SEPARATOR.sha1($id).\DIRECTORY_SEPARATOR.'connected-account.php'; return $file; } public function getConnectionFileReverse(string $provider,$elgg_user_guid){ $file = $this->dir.$provider.\DIRECTORY_SEPARATOR.strlen($elgg_user_guid) .\DIRECTORY_SEPARATOR.$elgg_user_guid.\DIRECTORY_SEPARATOR.'connected-account-reverse.php'; return $file; } protected function client(?string $provider = null){ if(!is_string($provider)){ $provider = $this->provider; } if(!isset($this->providers[$provider])){ switch($provider){ case 'webfan' : if(file_exists($this->configDirProviders.'webfan'.'.php')){ $this->providers['webfan'] = [ 'client' => new \League\OAuth2\Client\Provider\GenericProvider( require $this->configDirProviders.'webfan.php' ), 'authorize' => [$this, 'authorize_webfan'], ] ; } break; case 'google' : if(file_exists($this->configDirProviders.'google'.'.php')){ $this->providers['google'] = [ 'client' => new \League\OAuth2\Client\Provider\Google( require $this->configDirProviders.'google.php' ), 'authorize' => [$this, 'authorize_google'], ] ; } break; case 'github' : if(file_exists($this->configDirProviders.'github'.'.php')){ $this->providers['github'] = [ 'client' => new \League\OAuth2\Client\Provider\Github( require $this->configDirProviders.'github.php' ), 'authorize' => [$this, 'authorize_github'], ] ; } break; default: if(file_exists($this->configDirProviders.$provider.'.php')){ $this->providers[$provider] = [ 'client' => new \League\OAuth2\Client\Provider\GenericProvider( require $this->configDirProviders.$provider.'.php' ), 'authorize' => [$this, 'authorize_'.$provider], ]; } break; } } return isset($this->providers[$provider]) ? $this->providers[$provider] : null; } protected function authorize_webfan(){ $data = $this->oauth_connect('webfan'); $data = $data->toArray(); $id = isset($data['ocs']['data']['id']) ? $data['ocs']['data']['id'] : null; $name = isset($data['ocs']['data']['display-name']) ? $data['ocs']['data']['display-name'] : null; $email = isset($data['ocs']['data']['email']) ? $data['ocs']['data']['email'] : null; if(!$id && !$email){ die('Authentication failed!'); \elgg_gatekeeper() ; } return $this->oauth_try_with_provider($id, $name, $email, 'webfan'); } protected function authorize_github(){ $data = $this->oauth_connect('github'); // $data = $data->toArray(); $id = $data->getId(); $name = $data->getNickname(); $email = $data->getEmail(); if(!$id && !$email){ die('Authentication failed!'); \elgg_gatekeeper() ; } //return $this->oauth_try_with_provider($id, $this->slugify($name), $email, 'google'); return $this->oauth_try_with_provider($id, $name, $email, 'github'); } protected function authorize_google(){ $data = $this->oauth_connect('google'); // $data = $data->toArray(); $id = $data->getId(); $name = $data->getName(); $email = $data->getEmail(); if(!$id && !$email){ die('Authentication failed!'); \elgg_gatekeeper() ; } //return $this->oauth_try_with_provider($id, $this->slugify($name), $email, 'google'); return $this->oauth_try_with_provider($id, $name, $email, 'google'); } public function slugify($text, string $divider = '-') { // replace non letter or digits by divider $text = preg_replace('~[^\pL\d]+~u', $divider, $text); // transliterate $text = \iconv('utf-8', 'us-ascii//TRANSLIT', $text); // remove unwanted characters $text = preg_replace('~[^-\w]+~', '', $text); // trim $text = trim($text, $divider); // remove duplicate divider $text = preg_replace('~-+~', $divider, $text); // lowercase $text = strtolower($text); if (empty($text)) { return 'non'; } return $text; } protected function oauth_login_connect_accounts($guid, string $provider,string $id){ $file = $this->getConnectionFile( $provider, $id); $elgg_uid=(string)$guid; $code=<<getConnectionFileReverse( $provider, $guid); $provider_guid=(string)$id; $code=<<provider; } $profile = [ 'id'=>(string)$id, 'name'=>(string)$name, 'email'=>$email, ]; $user = false; $file = $this->getConnectionFile( $provider, $id); if(file_exists($file)){ $elgg_guid = require $file; $user = \get_user($elgg_guid); if($user){ if(!file_exists($this->getConnectionFileReverse($provider,$elgg_guid) ) ){ $this->oauth_login_connect_accounts($elgg_guid, $provider, $id); } \elgg_login($user); @header('Location: https://frdl.de/dashboard'); echo 'Continue...'; die(); } } if(false === $user){ $user = \elgg_is_logged_in() ? \elgg_get_logged_in_user_entity() : false; } $UserData = !is_object($user) ? false : [ 'guid'=>$user->guid, 'name'=>$user->name, 'email'=>$user->email, ]; //elgg_get_plugin_user_setting('email_validated', $user->guid, 'uservalidationbyemail') //elgg_set_plugin_user_setting('WebfanOauthSimpleSingle', $id, $user->guid, 'zzzzelgg_hybridauth'); //if(false ==== $user){ // $_id= elgg_get_plugin_user_setting('email_validated', $user->guid, 'zzzzelgg_hybridauth'); // $user = elgg_get_user_by_email($email); //} if(false === $user){ $user = \elgg_get_user_by_email($email); } if($user){ \elgg_login($user); } $user = \elgg_is_logged_in() ? \elgg_get_logged_in_user_entity() : false; /* Parameters array $params Array of options with keys: (string) username => The username of the new user (string) password => The password (string) name => The user's display name (string) email => The user's email address (string) subtype => (optional) Subtype of the user entity (string) language => (optional) user language (defaults to current language) (bool) allow_multiple_emails => (optional) Allow the same email address to be registered multiple times (default false) (bool) validated => (optional) Is the user validated (default true) */ if(false === $user && !empty($email) && !empty($profile['id']) ){ //$username = $profile['id']; $username = $this->slugify(!empty($profile['name']) && is_numeric($profile['id']) ? $profile['name'] : $profile['id']); while(\elgg_get_user_by_username($username)){ $username = $profile['id'] . mt_rand(100000,99999999); } $dirty_pass =base64_encode(\random_bytes(16)); $password = substr(str_replace(['/', '+', '='], ['', '', ''], $dirty_pass), 0, 8); $user = \elgg_register_user( [ 'username'=>$username, 'password'=>$password, 'name'=>$profile['name'], 'email'=>$profile['email'], 'validated'=>true, ] ); // echo '$user
';
		   // echo  print_r($user, true); 
		}elseif($user){
		  //\elgg_set_plugin_user_setting('WebfanOauthSimpleSingle', $id, $user->guid, 'zzzzelgg_hybridauth');		
			$this->oauth_login_connect_accounts($user->guid,  $provider, $profile['id']);
		}else{
				
		 //	die('Authentication failed!');
			 //elgg_gatekeeper() ;		
		}
					   
				if($user){
				 \elgg_login($user);
					$this->redirect('https://frdl.de/dashboard', 'Continue...');
				}else{
				
		  	die('Authentication failed! Home');
			 //elgg_gatekeeper() ;		
		}
		
		
		
	 echo 'Continue...
';
		    echo  print_r($UserData, true);
		// echo  print_r($data, true);
       echo  print_r($profile, true);

        // The provider provides a way to get an authenticated API request for
        // the service, using the access token; it returns an object conforming
        // to Psr\Http\Message\RequestInterface.
     //     $request = $provider->getAuthenticatedRequest(
       //       'GET',
         //     'https://service.example.com/resource',
        //      $accessToken
        //  );

 

		
		
		 return \elgg_ok_response();		
	}
	
	
	protected function oauth_connect(?string $provider = null){
	//	 echo $request->getParam('action');
		if(!is_string($provider)){
		  $provider = $this->provider;	
		}
		$client = $this->client($provider)['client'];
		$stateKey = 'oauth2state_'.$provider;
        $pkceCodeKey = 'oauth2pkceCode_'.$provider;
		
// If we don't have an authorization code then get one
 if (!isset($_GET['code'])) {

    // Fetch the authorization URL from the provider; this returns the
    // urlAuthorize option and generates and applies any necessary parameters
    // (e.g. state).
    $authorizationUrl = $client->getAuthorizationUrl();

    // Get the state generated for you and store it to the session.
    $_SESSION[$stateKey] = $client->getState();

    // Optional, only required when PKCE is enabled.
    // Get the PKCE code generated for you and store it to the session.
    $_SESSION[$pkceCodeKey] = $client->getPkceCode();

    // Redirect the user to the authorization URL.
    header('Location: ' . $authorizationUrl);
    exit;

// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || empty($_SESSION[$stateKey]) || $_GET['state'] !== $_SESSION[$stateKey]) {

    if (isset($_SESSION[$stateKey])) {
        unset($_SESSION[$stateKey]);
    }

    exit('Invalid state');

} else {

    try {
    
        // Optional, only required when PKCE is enabled.
        // Restore the PKCE code stored in the session.
        $client->setPkceCode($_SESSION[$pkceCodeKey]);

        // Try to get an access token using the authorization code grant.
        $accessToken = $client->getAccessToken('authorization_code', [
            'code' => $_GET['code']
        ]);

		                

		
        // We have an access token, which we may use in authenticated
        // requests against the service provider's API.
       //  echo 'Access Token: ' . $accessToken->getToken() . "
";
       //  echo 'Refresh Token: ' . $accessToken->getRefreshToken() . "
";
       //  echo 'Expired in: ' . $accessToken->getExpires() . "
";
       //  echo 'Already expired? ' . ($accessToken->hasExpired() ? 'expired' : 'not expired') . "
";

        // Using the access token, we may look up details about the
        // resource owner.
        $resourceOwner = $client->getResourceOwner($accessToken);
		//$data =  $resourceOwner->toArray();//->toArray();
		
	   } catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) {

        // Failed to get the access token or user details.
      // exit('Error in '.__LINE__.': '.$e->getMessage());
            throw $e;
      }catch (\Exception $e2) {
        throw $e2;
      }
	 
	  return $resourceOwner;
	} 
	}
	

	public function echo($str){
		\elgg_echo( $str );	
	}
	/**
	 * Handles single sign on request
	 *
	 * @param Request $request the Request
	 *
	 * @return void
	 */
	
	protected function redirect($url, $text='Continue...'){
		@header('Location: '.$url);
		echo ''.$text.'';
		die();	
	}
	
	
	protected function disconnect(?string $provider = null){
		if(!is_string($provider)){
		  $provider = $this->provider;	
		}
		
		$html = '';
		//$html.= 'Frdlweb Network Home';
		
		 //$html.= elgg_view('default/page/default' );
		$css = elgg_get_simplecache_url('elgg.css');
		//$html.= '';
		$html.= '
';
		if('GET' === $_SERVER['REQUEST_METHOD'] || !isset($_POST['disconnect_confirm'])){
	    	$html.= '
Disconnect from '.ucfirst($provider).'?
';

			
		}elseif('POST' === $_SERVER['REQUEST_METHOD'] && isset($_POST['disconnect_confirm'])){
	    	$html.= '
Disconnect from '.ucfirst($provider).'...
';
			$user = \elgg_is_logged_in() ? \elgg_get_logged_in_user_entity() : false;
	    	if(false === $user){
		      return $this->redirect('https://frdl.de/login', 'Continue...');
	    	}			
			$fileReverse = $this->getConnectionFileReverse( $provider, $user->guid);
			$provider_guid = !file_exists($fileReverse) ? false : require $fileReverse;
			if(false === $provider_guid){
				$html.= 'Sorry, we could not the connection info for your account with '.ucfirst($provider).'!';
				$html.= '
';
				$html.= '(Re-)Connect with '.ucfirst($provider).'...'; 
				$html.= '
';
			}else{
				$file = $this->getConnectionFile( $provider, $provider_guid);
				$elgg_uid = !file_exists($file) ? false : require $file;
				if(false === $elgg_uid){
				   $html.= 'Sorry, we could not the connection info for your account with '.ucfirst($provider).'!';
				   $html.= '
';
				   $html.= '(Re-)Connect with '.ucfirst($provider).'...'; 
				   $html.= '
';
			    }else{
				    unlink($fileReverse);
					unlink($file);
					return $this->redirect('https://frdl.de/dashboard', ucfirst($provider).' disconnected...');
			    }
			}
		}
		
			
			 $html.= '';
			 $html.= 'Yes, disconnect my account from '.ucfirst($provider).'!';
			$html.= '
';
	$html.= '';
		$html.='(Re-)Connect with '.ucfirst($provider);
	$html.='';	
	$html.= '';		
	$html.= 'no - keep connected';
	$html.= 'Back';		
		
		$html.='
';
		
		//////return \elgg_ok_response($html);
				
		return \elgg_ok_response(\elgg_view_page('Disconnect from '.ucfirst($provider), [
             'content' =>  $html, 
       ]));
	}
	
	
	public function __invoke(Request $request) {
		$this->request = $request;
		$this->provider = is_array($this->client($this->request->getParam('provider'))) ? $this->request->getParam('provider') : null; 
		
		if(!is_string($this->provider)){				 
			 echo  'Provider not found in '.__CLASS__ ;		
			return \elgg_ok_response();
		}
  
		
		switch($request->getParam('action')){
			case 'connect' :
				   return \call_user_func_array($this->client($this->provider)['authorize'], [$this->provider]);
				 break;
			case 'disconnect' :
				  return \call_user_func_array([$this, 'disconnect'], [$this->provider]);
				 break;
				default :
				    \elgg_echo( 'Action not found in '.__CLASS__);
				   return;
				 break;
		}	
				
		
		
		
 
	/**	echo '
';
	     echo $request->getParam('provider');
	     echo $request->getParam('action');
		$user = elgg_get_logged_in_user_entity();
		echo print_r($user, true);
		echo $user->email;
		echo '
';
		 return elgg_ok_response();	 */
	}
}
__halt_compiler();----SIGNATURE:----GMg088upeHHP9h51RBgQYzt62NDIGzWjdbjmnrIgzgUrslBVDI8BlD7nenJ3pRUNoCHisLPzAoEjiiEjYIY+VQ5DZGCiWnrHxvnkYSWaSYyhqiWeB1Q7WuKAV6jOiAwdVZxHWlKAjOTwZ0n2LR4RDKnKs2e7KCK2VCsWqUTTBXJRCcUaGnTACLt3xD1erjwoV8bU+MJdewEdNQqIgj9DyRznPDpTnTysU5cH6Anwf3Mb5r2OG0Hq3vq2LRtv+9hgnyjkuKb0iSWKLBTSVuF2d6PtpXRphnbm8S58kXtn49arVmG/+5948f++4G/bCgn7LotqVw9FIxLFPIYMRB4XsvbsVu/7PMfwl6kAo4fkRh2xZUqGQaLEwGiAeqTEsARolammUaxamiEFDT5zZJe4WzPwycTO3fKFf8kY5L46sXhNPb2S89ogxgmulfmLEvPh90qnFIZ1YSwk0GXfnvWNEFYBksFr4rsAy2QVuG/nAeMtmAAtaJozFIASB9htey06idLz5nTiwEkYfqfA6q8H2I3VjBXwy/3oBTMuYiHOFM9MMOY80AGXQWlDm2Kzx8iIGJG4U7tRrwrG7ce7FurtAUdxbpC9u8GR9gbYvKjo9aOllG+0BJdxzUUFs6/9v08m98syDm4HvPT2TR9kzkn7gb6WPO6a/76KghCWG0fqj0U=----ATTACHMENT:----ODQyNzkyMTA4NjYzODk2MCA0NTUyODQ3MjUwNDI5ODQzIDUzMTA4MTIyMDI2MjAwODY=