Enabled Fastbook/OAuth login

modules/oauth/classes/Auth.php

@@ -0,0 +1,27 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+/**
+ * This class overrides Kohana's Auth so that we can call a specific
+ * Authentication driver.
+ *
+ * @package    OAuth
+ * @category   Modifications
+ * @author     Deon George
+ * @copyright  (c) 2009-2013 Open Source Billing
+ * @license    http://dev.osbill.net/license.html
+ */
+abstract class Auth extends Kohana_Auth {
+        public static function instance($type=NULL) {
+		 if (is_null($type) OR (! $type instanceof Model_Oauth))
+			return parent::instance();
+
+		// Set the session class name
+		$class = 'Auth_'.ucfirst($type->name);
+
+		// Create a new session instance
+		Auth::$_instance = new $class($type);
+
+		return Auth::$_instance;
+	}
+}
+?>

modules/oauth/classes/Auth/Facebook.php

@@ -0,0 +1,141 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+/**
+ * This class provides Authentication using Facebook
+ *
+ * @package    OAuth
+ * @category   Classes
+ * @author     Deon George
+ * @copyright  (c) 2009-2013 Open Source Billing
+ * @license    http://dev.osbill.net/license.html
+ */
+class Auth_Facebook extends Auth_ORM {
+	// Our Facebook config data
+	private $config;
+	private $data;
+	// Our Facebook Object
+	private $fb;
+	private $me;
+	// Our OAuth Object
+	private $oo;
+	// Facebook UID
+	private $uid;
+
+	/**
+	 * Perform the login processing
+	 *
+	 * We ignore password, since it is required in the parent(), we dont need it in Oauth
+	 */
+	protected function _login($user,$password,$remember) {
+		$this->complete_login($user);
+
+		if ($remember) {
+	                $aoo = ORM::factory('Account_Oauth',array('account_id'=>$user->id));
+
+	                // Record our user in the DB
+	                $aoo->account_id = $user->id;
+	                $aoo->oauth_id = $this->oo->id;
+			$aoo->userid = $remember->user_id();
+
+			switch ($this->oo->name) {
+				case 'facebook':
+					$aoo->oauth_data = $remember->fb->getAccessToken();
+					break;
+			}
+
+			return $aoo->save();
+		}
+	}
+	public function __construct(Model_Oauth $oo) {
+		include Kohana::find_file('vendor', 'facebook');
+		$this->oo = $oo;
+
+		// Load configuration "config/facebook"
+		$this->config = Kohana::$config->load('facebook');
+
+		parent::__construct((array)Kohana::$config->load('auth'));
+
+		// Create new Facebook object
+		$this->fb = new Facebook(array(
+			'appId' =>  $oo->app_id,
+			'secret' =>  $oo->secret,
+			'cookie' =>  $this->config->cookie,
+			'session_type' => $this->config->session_type,
+		));
+
+		try {
+			$this->me = $this->fb->api('/' . $this->fb->getUser(), 'GET');
+
+		} catch (FacebookApiException $e) {
+			// Do nothing.
+		}
+	}
+
+	/**
+	 * Returns user data, default in case of failure.
+	 *
+	 * @param $key
+	 * @param null $default
+	 * @return mixed
+	 * @throws FacebookApiException
+	 */
+	public function get($key,$default=NULL) {
+		if (! $uid = $this->user_id()) {
+			$this->login_url();
+
+			throw new FacebookApiException('User is not logged in.');
+		}
+
+		if (empty($this->data))
+			$this->data = $this->fb->api(array(
+				'method' => 'fql.query',
+				'query' => sprintf('SELECT %s FROM user WHERE uid = %s',$this->config_fields,$uid),
+			));
+
+		return (! empty($this->data[0][$key])) ? $this->data[0][$key] : $default;
+	}
+
+	/**
+	 * Is user currently logged into facebook?
+	 */
+	public function logged_in($role=NULL,$debug=NULL) {
+		return $this->fb->getUser() ? TRUE : FALSE;
+	}
+
+	/**
+	 * Creates a login url, based on scope, redirect_uri and display.
+	 *
+	 * @return string
+	 */
+	public function login_url() {
+		return urldecode($this->fb->getLoginUrl(array(
+			'scope' => $this->config->scope,
+			'redirect_uri' => $this->config->redirect_uri,
+			'display' => $this->config->display,
+		)));
+	}
+
+	/**
+	 * Creates a logout url based on next.
+	 *
+	 * @return string
+	 */
+	public function logout_url() {
+		return urldecode($this->fb->getLogoutUrl(array('next'=>$this->config->next)));
+	}
+
+	/**
+	 * Return user id if success, otherwise FALSE.
+	 */
+	public function user_id() {
+		if ($this->logged_in()) {
+			$this->uid = $this->fb->getUser();
+
+			return $this->uid;
+
+		} else {
+			return FALSE;
+		}
+	}
+}
+?>

modules/oauth/classes/Controller/Oauth.php

@@ -0,0 +1,91 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+/**
+ * This class provides oauth capability
+ *
+ * @package    OAuth
+ * @category   Controllers
+ * @author     Deon George
+ * @copyright  (c) 2009-2013 Deon George
+ * @license    http://dev.leenooks.net/license.html
+ */
+class Controller_Oauth extends Controller_TemplateDefault {
+	protected $auth_required = FALSE;
+	protected $secure_actions = array(
+		'link'=>TRUE,
+	);
+
+	public function action_login() {
+		// Make sure we are called with a valid oauth plugin
+		$oo = ORM::factory('Oauth',array('name'=>$this->request->param('id')));
+		if (! $oo->loaded() OR ! $oo->status)
+			HTTP::redirect('login');
+
+		$auth = NULL;
+
+		if ($oo->name == 'facebook') {
+			// User Denied a Facebook authorisation, so we'll go back to login
+			// We wouldnt normally get here, since we are doing JS authentication
+			if ($this->request->query('error') AND $this->request->query('error_reason') == 'user_denied')
+				HTTP::redirect('login');
+
+			$auth = Auth::instance($oo);
+
+			// If we are not logged in, do the facebook stuff.
+			// We wouldnt normally get here, since we are doing JS authentication
+			if (! $auth->logged_in())
+				HTTP::redirect($auth->login_url());
+
+			// Here we must be logged in to Facebook
+			// @todo Only use verified accounts - is this applicable?
+
+			$aoo = $oo->account_oauth->where('userid','=',$auth->user_id())->find();
+		}
+
+		// If we have an ID, we have been linked, redirect to login
+		if ($aoo->loaded() AND $auth->login($aoo->account,$auth->user_id(),$auth))
+			return $this->login();
+
+		// We need to link the ID
+		Session::instance()->set('login-no-oauth',TRUE);
+
+		Style::factory()
+			->type('file')
+			->data('media/theme/baseadmin/css/pages/login.css');
+
+		$this->template->content = View::factory('oauth/link')
+			->set('type',$oo->name);
+		$this->template->shownavbar = FALSE;
+	}
+
+	public function action_link() {
+		// Make sure we are called with a valid oauth plugin
+		$oo = ORM::factory('Oauth',array('name'=>$this->request->param('id')));
+		if (! $oo->loaded() OR ! $oo->status)
+			HTTP::redirect('login');
+
+		// Since we have logged in, get our user details
+		$ao = Auth::instance()->get_user();
+
+		$auth = Auth::instance($oo);
+		if (! $auth->logged_in())
+			HTTP::redirect('login');
+
+		if ($auth->login($ao,$auth->user_id(),$auth))
+			return $this->login();
+	}
+
+	/**
+	 * When our login is complete and satisified, we execute here
+	 */
+	private function login() {
+		// Redirect to the user account
+		if ($redir = Session::instance()->get('afterlogin')) {
+			Session::instance()->delete('afterlogin');
+			HTTP::redirect($redir);
+
+		} else 
+			HTTP::redirect(URL::link('user','welcome/index'));
+	}
+}
+?>

modules/oauth/classes/Model/Account/Oauth.php

@@ -0,0 +1,18 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+/**
+ * OSB OAuth Model
+ *
+ * @package    OAuth
+ * @category   Models
+ * @author     Deon George
+ * @copyright  (c) 2009-2013 Open Source Billing
+ * @license    http://dev.osbill.net/license.html
+ */
+class Model_Account_Oauth extends ORM_OSB {
+	// Relationships
+	protected $_has_one = array(
+		'account' => array('foreign_key'=>'id'),
+	);
+}
+?>

modules/oauth/classes/Model/Oauth.php

@@ -0,0 +1,32 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+/**
+ * OSB OAuth Model
+ *
+ * @package    OAuth
+ * @category   Models
+ * @author     Deon George
+ * @copyright  (c) 2009-2013 Open Source Billing
+ * @license    http://dev.osbill.net/license.html
+ */
+class Model_Oauth extends ORM_OSB {
+	// Relationships
+	protected $_has_many = array(
+		'account_oauth' => array('far_key'=>'id'),
+	);
+
+	/**
+	 * Return the object of the OAuth plugin
+	 */
+	public function plugin($type='') {
+		$c = Kohana::classname('Oauth_Plugin_'.$this->name);
+
+		if (! $this->name OR ! class_exists($c))
+			return NULL;
+
+		$o = new $c($this);
+
+		return $type ? $o->$type : $o;
+	}
+}
+?>

modules/oauth/classes/Oauth/Plugin.php

@@ -0,0 +1,19 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+/**
+ * This class provides 3rd party plugin authentication
+ *
+ * @package    OAuth
+ * @category   Plugins
+ * @author     Deon George
+ * @copyright  (c) 2009-2013 Open Source Billing
+ * @license    http://dev.osbill.net/license.html
+ */
+abstract class Oauth_Plugin {
+	protected $oo; // Our Oauth Object
+
+	public function __construct(Model_Oauth $oo) {
+		$this->oo = $oo;
+	}
+}
+?>

modules/oauth/classes/Oauth/Plugin/Facebook.php

@@ -0,0 +1,51 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+/**
+ * This class provides Facebook Authentication
+ *
+ * @package    OAuth
+ * @category   Plugins
+ * @author     Deon George
+ * @copyright  (c) 2009-2013 Open Source Billing
+ * @license    http://dev.osbill.net/license.html
+ */
+
+class Oauth_Plugin_Facebook extends Oauth_Plugin {
+	public function html() {
+		// @todo Needs to work with https
+		Script::factory()
+			->type('src')
+			->data('http://connect.facebook.net/en_US/all.js');
+
+		Script::factory()
+			->type('stdin')
+			->data('
+$(document).ready(function(){
+	window.fbAsyncInit = function() {
+		// Initialize the Facebook JavaScript SDK
+		FB.init({
+			appId: '.$this->oo->app_id.',
+			xfbml: false,
+			status: true,
+			cookie: true,
+		});
+
+		// Check if the current user is logged in and has authorized the app
+		//FB.getLoginStatus(checkLoginStatus);
+	}
+
+	$(".fb-login").click(function() {
+		FB.login(checkLoginStatus, {scope:"email"});
+
+		// We stop the click, but pick up the href in the javascript
+		return false;
+	});
+});
+		');
+
+		Script::factory()
+			->type('file')
+			->data('media/js/facebook.js');
+	}
+}
+?>