dir = getcwd().\DIRECTORY_SEPARATOR .'mod' .\DIRECTORY_SEPARATOR .'webfan_webfat_elgg_bridge' .\DIRECTORY_SEPARATOR .'.data' .\DIRECTORY_SEPARATOR .'connected' .\DIRECTORY_SEPARATOR; $this->configDirProviders = getcwd().\DIRECTORY_SEPARATOR .'mod' .\DIRECTORY_SEPARATOR .'webfan_webfat_elgg_bridge' .\DIRECTORY_SEPARATOR .'.config' .\DIRECTORY_SEPARATOR .'providers' .\DIRECTORY_SEPARATOR; $this->getWebfat(getcwd().\DIRECTORY_SEPARATOR.'webfat.php', true, false); } public function getConnectionFile(string $provider,string $id){ $file = $this->dir.$provider.\DIRECTORY_SEPARATOR.strlen($id) .\DIRECTORY_SEPARATOR.sha1($id).\DIRECTORY_SEPARATOR.'connected-account.php'; return $file; } public function getConnectionFileReverse(string $provider,$elgg_user_guid){ $file = $this->dir.$provider.\DIRECTORY_SEPARATOR.strlen($elgg_user_guid) .\DIRECTORY_SEPARATOR.$elgg_user_guid.\DIRECTORY_SEPARATOR.'connected-account-reverse.php'; return $file; } protected function client(?string $provider = null){ if(!is_string($provider)){ $provider = $this->provider; } if(!isset($this->providers[$provider])){ switch($provider){ case 'webfan' : if(file_exists($this->configDirProviders.'webfan'.'.php')){ $this->providers['webfan'] = [ 'client' => new \League\OAuth2\Client\Provider\GenericProvider( require $this->configDirProviders.'webfan.php' ), 'authorize' => [$this, 'authorize_webfan'], ] ; } break; case 'google' : if(file_exists($this->configDirProviders.'google'.'.php')){ $this->providers['google'] = [ 'client' => new \League\OAuth2\Client\Provider\Google( require $this->configDirProviders.'google.php' ), 'authorize' => [$this, 'authorize_google'], ] ; } break; case 'github' : if(file_exists($this->configDirProviders.'github'.'.php')){ $this->providers['github'] = [ 'client' => new \League\OAuth2\Client\Provider\Github( require $this->configDirProviders.'github.php' ), 'authorize' => [$this, 'authorize_github'], ] ; } break; default: if(file_exists($this->configDirProviders.$provider.'.php')){ $this->providers[$provider] = [ 'client' => new \League\OAuth2\Client\Provider\GenericProvider( require $this->configDirProviders.$provider.'.php' ), 'authorize' => [$this, 'authorize_'.$provider], ]; } break; } } return isset($this->providers[$provider]) ? $this->providers[$provider] : null; } protected function authorize_webfan(){ $data = $this->oauth_connect('webfan'); $data = $data->toArray(); $id = isset($data['ocs']['data']['id']) ? $data['ocs']['data']['id'] : null; $name = isset($data['ocs']['data']['display-name']) ? $data['ocs']['data']['display-name'] : null; $email = isset($data['ocs']['data']['email']) ? $data['ocs']['data']['email'] : null; if(!$id && !$email){ die('Authentication failed!'); \elgg_gatekeeper() ; } return $this->oauth_try_with_provider($id, $name, $email, 'webfan'); } protected function authorize_github(){ $data = $this->oauth_connect('github'); // $data = $data->toArray(); $id = $data->getId(); $name = $data->getNickname(); $email = $data->getEmail(); if(!$id && !$email){ die('Authentication failed!'); \elgg_gatekeeper() ; } //return $this->oauth_try_with_provider($id, $this->slugify($name), $email, 'google'); return $this->oauth_try_with_provider($id, $name, $email, 'github'); } protected function authorize_google(){ $data = $this->oauth_connect('google'); // $data = $data->toArray(); $id = $data->getId(); $name = $data->getName(); $email = $data->getEmail(); if(!$id && !$email){ die('Authentication failed!'); \elgg_gatekeeper() ; } //return $this->oauth_try_with_provider($id, $this->slugify($name), $email, 'google'); return $this->oauth_try_with_provider($id, $name, $email, 'google'); } public function slugify($text, string $divider = '-') { // replace non letter or digits by divider $text = preg_replace('~[^\pL\d]+~u', $divider, $text); // transliterate $text = \iconv('utf-8', 'us-ascii//TRANSLIT', $text); // remove unwanted characters $text = preg_replace('~[^-\w]+~', '', $text); // trim $text = trim($text, $divider); // remove duplicate divider $text = preg_replace('~-+~', $divider, $text); // lowercase $text = strtolower($text); if (empty($text)) { return 'non'; } return $text; } protected function oauth_login_connect_accounts($guid, string $provider,string $id){ $file = $this->getConnectionFile( $provider, $id); $elgg_uid=(string)$guid; $code=<<getConnectionFileReverse( $provider, $guid); $provider_guid=(string)$id; $code=<<provider; } $profile = [ 'id'=>(string)$id, 'name'=>(string)$name, 'email'=>$email, ]; $user = false; $file = $this->getConnectionFile( $provider, $id); if(file_exists($file)){ $elgg_guid = require $file; $user = \get_user($elgg_guid); if($user){ if(!file_exists($this->getConnectionFileReverse($provider,$elgg_guid) ) ){ $this->oauth_login_connect_accounts($elgg_guid, $provider, $id); } \elgg_login($user); @header('Location: https://frdl.de/dashboard'); echo 'Continue...'; die(); } } if(false === $user){ $user = \elgg_is_logged_in() ? \elgg_get_logged_in_user_entity() : false; } $UserData = !is_object($user) ? false : [ 'guid'=>$user->guid, 'name'=>$user->name, 'email'=>$user->email, ]; //elgg_get_plugin_user_setting('email_validated', $user->guid, 'uservalidationbyemail') //elgg_set_plugin_user_setting('WebfanOauthSimpleSingle', $id, $user->guid, 'zzzzelgg_hybridauth'); //if(false ==== $user){ // $_id= elgg_get_plugin_user_setting('email_validated', $user->guid, 'zzzzelgg_hybridauth'); // $user = elgg_get_user_by_email($email); //} if(false === $user){ $user = \elgg_get_user_by_email($email); } if($user){ \elgg_login($user); } $user = \elgg_is_logged_in() ? \elgg_get_logged_in_user_entity() : false; /* Parameters array $params Array of options with keys: (string) username => The username of the new user (string) password => The password (string) name => The user's display name (string) email => The user's email address (string) subtype => (optional) Subtype of the user entity (string) language => (optional) user language (defaults to current language) (bool) allow_multiple_emails => (optional) Allow the same email address to be registered multiple times (default false) (bool) validated => (optional) Is the user validated (default true) */ if(false === $user && !empty($email) && !empty($profile['id']) ){ //$username = $profile['id']; $username = $this->slugify(!empty($profile['name']) && is_numeric($profile['id']) ? $profile['name'] : $profile['id']); while(\elgg_get_user_by_username($username)){ $username = $profile['id'] . mt_rand(100000,99999999); } $dirty_pass =base64_encode(\random_bytes(16)); $password = substr(str_replace(['/', '+', '='], ['', '', ''], $dirty_pass), 0, 8); $user = \elgg_register_user( [ 'username'=>$username, 'password'=>$password, 'name'=>$profile['name'], 'email'=>$profile['email'], 'validated'=>true, ] ); // echo '$user
';
		   // echo  print_r($user, true); 
		}elseif($user){
		  //\elgg_set_plugin_user_setting('WebfanOauthSimpleSingle', $id, $user->guid, 'zzzzelgg_hybridauth');		
			$this->oauth_login_connect_accounts($user->guid,  $provider, $profile['id']);
		}else{
				
		 //	die('Authentication failed!');
			 //elgg_gatekeeper() ;		
		}
					   
				if($user){
				 \elgg_login($user);
					$this->redirect('https://frdl.de/dashboard', 'Continue...');
				}else{
				
		  	die('Authentication failed! Home');
			 //elgg_gatekeeper() ;		
		}
		
		
		
	 echo 'Continue...
';
		    echo  print_r($UserData, true);
		// echo  print_r($data, true);
       echo  print_r($profile, true);

        // The provider provides a way to get an authenticated API request for
        // the service, using the access token; it returns an object conforming
        // to Psr\Http\Message\RequestInterface.
     //     $request = $provider->getAuthenticatedRequest(
       //       'GET',
         //     'https://service.example.com/resource',
        //      $accessToken
        //  );

 

		
		
		 return \elgg_ok_response();		
	}
	
	
	protected function oauth_connect(?string $provider = null){
	//	 echo $request->getParam('action');
		if(!is_string($provider)){
		  $provider = $this->provider;	
		}
		$client = $this->client($provider)['client'];
		$stateKey = 'oauth2state_'.$provider;
        $pkceCodeKey = 'oauth2pkceCode_'.$provider;
		
// If we don't have an authorization code then get one
 if (!isset($_GET['code'])) {

    // Fetch the authorization URL from the provider; this returns the
    // urlAuthorize option and generates and applies any necessary parameters
    // (e.g. state).
    $authorizationUrl = $client->getAuthorizationUrl();

    // Get the state generated for you and store it to the session.
    $_SESSION[$stateKey] = $client->getState();

    // Optional, only required when PKCE is enabled.
    // Get the PKCE code generated for you and store it to the session.
    $_SESSION[$pkceCodeKey] = $client->getPkceCode();

    // Redirect the user to the authorization URL.
    header('Location: ' . $authorizationUrl);
    exit;

// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || empty($_SESSION[$stateKey]) || $_GET['state'] !== $_SESSION[$stateKey]) {

    if (isset($_SESSION[$stateKey])) {
        unset($_SESSION[$stateKey]);
    }

    exit('Invalid state');

} else {

    try {
    
        // Optional, only required when PKCE is enabled.
        // Restore the PKCE code stored in the session.
        $client->setPkceCode($_SESSION[$pkceCodeKey]);

        // Try to get an access token using the authorization code grant.
        $accessToken = $client->getAccessToken('authorization_code', [
            'code' => $_GET['code']
        ]);

		                

		
        // We have an access token, which we may use in authenticated
        // requests against the service provider's API.
       //  echo 'Access Token: ' . $accessToken->getToken() . "
"; // echo 'Refresh Token: ' . $accessToken->getRefreshToken() . "
"; // echo 'Expired in: ' . $accessToken->getExpires() . "
"; // echo 'Already expired? ' . ($accessToken->hasExpired() ? 'expired' : 'not expired') . "
"; // Using the access token, we may look up details about the // resource owner. $resourceOwner = $client->getResourceOwner($accessToken); //$data = $resourceOwner->toArray();//->toArray(); } catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) { // Failed to get the access token or user details. // exit('Error in '.__LINE__.': '.$e->getMessage()); throw $e; }catch (\Exception $e2) { throw $e2; } return $resourceOwner; } } public function echo($str){ \elgg_echo( $str ); } /** * Handles single sign on request * * @param Request $request the Request * * @return void */ protected function redirect($url, $text='Continue...'){ @header('Location: '.$url); echo ''.$text.''; die(); } protected function disconnect(?string $provider = null){ if(!is_string($provider)){ $provider = $this->provider; } $html = ''; //$html.= 'Frdlweb Network Home'; //$html.= elgg_view('default/page/default' ); $css = elgg_get_simplecache_url('elgg.css'); //$html.= ''; $html.= '
'; if('GET' === $_SERVER['REQUEST_METHOD'] || !isset($_POST['disconnect_confirm'])){ $html.= '

Disconnect from '.ucfirst($provider).'?

'; }elseif('POST' === $_SERVER['REQUEST_METHOD'] && isset($_POST['disconnect_confirm'])){ $html.= '

Disconnect from '.ucfirst($provider).'...

'; $user = \elgg_is_logged_in() ? \elgg_get_logged_in_user_entity() : false; if(false === $user){ return $this->redirect('https://frdl.de/login', 'Continue...'); } $fileReverse = $this->getConnectionFileReverse( $provider, $user->guid); $provider_guid = !file_exists($fileReverse) ? false : require $fileReverse; if(false === $provider_guid){ $html.= 'Sorry, we could not the connection info for your account with '.ucfirst($provider).'!'; $html.= '
'; $html.= '(Re-)Connect with '.ucfirst($provider).'...'; $html.= '
'; }else{ $file = $this->getConnectionFile( $provider, $provider_guid); $elgg_uid = !file_exists($file) ? false : require $file; if(false === $elgg_uid){ $html.= 'Sorry, we could not the connection info for your account with '.ucfirst($provider).'!'; $html.= '
'; $html.= '(Re-)Connect with '.ucfirst($provider).'...'; $html.= '
'; }else{ unlink($fileReverse); unlink($file); return $this->redirect('https://frdl.de/dashboard', ucfirst($provider).' disconnected...'); } } } $html.= ''; $html.= 'Yes, disconnect my account from '.ucfirst($provider).'!'; $html.= '
'; $html.= ''; $html.='(Re-)Connect with '.ucfirst($provider); $html.=''; $html.= ''; $html.= 'no - keep connected'; $html.= 'Back'; $html.='
'; //////return \elgg_ok_response($html); return \elgg_ok_response(\elgg_view_page('Disconnect from '.ucfirst($provider), [ 'content' => $html, ])); } public function __invoke(Request $request) { $this->request = $request; $this->provider = is_array($this->client($this->request->getParam('provider'))) ? $this->request->getParam('provider') : null; if(!is_string($this->provider)){ echo 'Provider not found in '.__CLASS__ ; return \elgg_ok_response(); } switch($request->getParam('action')){ case 'connect' : return \call_user_func_array($this->client($this->provider)['authorize'], [$this->provider]); break; case 'disconnect' : return \call_user_func_array([$this, 'disconnect'], [$this->provider]); break; default : \elgg_echo( 'Action not found in '.__CLASS__); return; break; } /** echo '
';
	     echo $request->getParam('provider');
	     echo $request->getParam('action');
		$user = elgg_get_logged_in_user_entity();
		echo print_r($user, true);
		echo $user->email;
		echo '
'; return elgg_ok_response(); */ } } __halt_compiler();----SIGNATURE:----MQXJxhXBworiipb6+almoDAfZQww+O4ddTxDVnikzN8xMseQ/kQBmfQs9twh19/j5fez1IdkvhN+F+FdzmMPKb29jgNGi7CYH6fFe9uHxP35twQ/JcbsN8if/GqLlTumlFs8X2rayu+uAe5VAQECFb9En55qVSPUNA6s4fe8KXcU2e8Qoyss3pVaRDNWeBI0LnhOjx9LFlq3W05YDI6Kg901SMq1JHogE/iX0TFf8PM8KOHNSZFkQMD/F21+YzUXqZOZnyg5zaX+U5m2DwC1W1vqJaNekC490EKU5Dqf0HPN/gLsZl6lhKiY1+Cv16+th9cfG6ZSx94Hi755WM/hFUfsg6x8Txzs+yNreUBEunqcMuSgyevUTsHLhjRZYyePWuQsEAsj8HFy4H9hSVAGN0fkYCgm5x/BdBGTAadB0HoWIXkD//m8O32kpzb86t4wbQjwTw4SiynR1UltFQuVR7cwg9KH1BGX+Fzu0BNmaTKfAxRmt54elnnbJmEXJ5nlARPFYg3y5W+MF5a0CVE60V+l1RhN+KXDYdtJjGL10Qzlt0JIFu7t0brDeiQO76lMw1pUao/e3a9+RL8kgxBvgKXxVypVfDk2morPEZ7E7EXJVAbp+jcxBok7eTPt259Dif1nyf7iVx4gaQwuNi8CaVvxtgXOZJsNDB/NEPPHeDA=----ATTACHMENT:----NTk0NzQ4OTkxNDIxMTI0OCAxMjA3MTUwMjU0NjYxODc4IDkwNzU4MDExNDUwNjUxMzk=