diff options
| author | Zach Copley <zach@status.net> | 2010-11-10 01:18:06 +0000 |
|---|---|---|
| committer | Zach Copley <zach@status.net> | 2010-11-10 01:18:06 +0000 |
| commit | 3c921f38de55922b1de3a331826e01cb876898a2 (patch) | |
| tree | 586098164f8a77340cdf93ac7aacbd4f7d1450aa /plugins | |
| parent | 5b94d9e86b91707a47b143482775acad8fcf9e78 (diff) | |
Add an action to handle deauthorization callbacks from Facebook
Diffstat (limited to 'plugins')
| -rw-r--r-- | plugins/FacebookSSO/FacebookSSOPlugin.php | 6 | ||||
| -rw-r--r-- | plugins/FacebookSSO/actions/facebookdeauthorize.php | 214 | ||||
| -rw-r--r-- | plugins/FacebookSSO/lib/facebookclient.php | 28 |
3 files changed, 235 insertions, 13 deletions
diff --git a/plugins/FacebookSSO/FacebookSSOPlugin.php b/plugins/FacebookSSO/FacebookSSOPlugin.php index 32b6a2910..19d61211d 100644 --- a/plugins/FacebookSSO/FacebookSSOPlugin.php +++ b/plugins/FacebookSSO/FacebookSSOPlugin.php @@ -94,6 +94,7 @@ class FacebookSSOPlugin extends Plugin case 'FacebookfinishloginAction': case 'FacebookadminpanelAction': case 'FacebooksettingsAction': + case 'FacebookdeauthorizeAction': include_once $dir . '/actions/' . strtolower(mb_substr($cls, 0, -6)) . '.php'; return false; case 'Facebookclient': @@ -149,11 +150,14 @@ class FacebookSSOPlugin extends Plugin 'main/facebookfinishlogin', array('action' => 'facebookfinishlogin') ); - $m->connect( 'settings/facebook', array('action' => 'facebooksettings') ); + $m->connect( + 'facebook/deauthorize', + array('action' => 'facebookdeauthorize') + ); } diff --git a/plugins/FacebookSSO/actions/facebookdeauthorize.php b/plugins/FacebookSSO/actions/facebookdeauthorize.php new file mode 100644 index 000000000..fb4afa13b --- /dev/null +++ b/plugins/FacebookSSO/actions/facebookdeauthorize.php @@ -0,0 +1,214 @@ +<?php +/** + * StatusNet - the distributed open-source microblogging tool + * Copyright (C) 2010, StatusNet, Inc. + * + * An action that handles deauthorize callbacks from Facebook + * + * PHP version 5 + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Plugin + * @package StatusNet + * @author Zach Copley <zach@status.net> + * @copyright 2010 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +/* + * Action class for handling deauthorize callbacks from Facebook. If the user + * doesn't have a password let her know she'll need to contact the site + * admin to get back into her account (if possible). + */ +class FacebookdeauthorizeAction extends Action +{ + private $facebook; + + /** + * For initializing members of the class. + * + * @param array $args misc. arguments + * + * @return boolean true + */ + function prepare($args) + { + $this->facebook = Facebookclient::getFacebook(); + + return true; + } + + /** + * Handler method + * + * @param array $args is ignored since it's now passed in in prepare() + */ + function handle($args) + { + parent::handle($args); + + $data = $this->facebook->getSignedRequest(); + + if (isset($data['user_id'])) { + + $fbuid = $data['user_id']; + + $flink = Foreign_link::getByForeignID($fbuid, FACEBOOK_SERVICE); + $user = $flink->getUser(); + + // Remove the link to Facebook + $result = $flink->delete(); + + if (!$result) { + common_log_db_error($flink, 'DELETE', __FILE__); + common_log( + LOG_WARNING, + sprintf( + 'Unable to delete Facebook foreign link ' + . 'for %s (%d), fbuid %s', + $user->nickname, + $user->id, + $fbuid + ), + __FILE__ + ); + return; + } + + common_log( + LOG_INFO, + sprintf( + 'Facebook callback: %s (%d), fbuid %s has deauthorized ' + . 'the Facebook application.', + $user->nickname, + $user->id, + $fbuid + ), + __FILE__ + ); + + // Warn the user about being locked out of their account + // if we can. + if (empty($user->password) && !empty($user->email)) { + $this->emailWarn($user); + } else { + common_log( + LOG_WARNING, + sprintf( + '%s (%d), fbuid $s has deauthorized his/her Facebook ' + . 'connection but hasn\'t set a password so s/he ' + . 'is locked out.', + $user->nickname, + $user->id, + $fbuid + ), + __FILE__ + ); + } + + } else { + if (!empty($data)) { + common_log( + LOG_WARNING, + sprintf( + 'Facebook called the deauthorize callback ' + . ' but didn\'t provide a user ID.' + ), + __FILE__ + ); + } else { + // It probably wasn't Facebook that hit this action, + // so redirect to the login page + common_redirect(common_local_url('login'), 303); + } + } + } + + /* + * Send the user an email warning that their account has been + * disconnected and he/she has no way to login and must contact + * the site administrator for help. + * + * @param User $user the deauthorizing user + * + */ + function emailWarn($user) + { + $profile = $user->getProfile(); + + $siteName = common_config('site', 'name'); + $siteEmail = common_config('site', 'email'); + + if (empty($siteEmail)) { + common_log( + LOG_WARNING, + "No site email address configured. Please set one." + ); + } + + common_switch_locale($user->language); + + $subject = _m('Contact the %s administrator to retrieve your account'); + + $msg = <<<BODY +Hi %1$s, + +We've noticed you have deauthorized the Facebook connection for your +%2$s account. You have not set a password for your %2$s account yet, so +you will not be able to login. If you wish to continue using your %2$s +account, please contact the site administrator (%3$s) to set a password. + +Sincerely, + +%2$s +BODY; + $body = sprintf( + _m($msg), + $user->nickname, + $siteName, + $siteEmail + ); + + common_switch_locale(); + + if (mail_to_user($user, $subject, $body)) { + common_log( + LOG_INFO, + sprintf( + 'Sent account lockout warning to %s (%d)', + $user->nickname, + $user->id + ), + __FILE__ + ); + } else { + common_log( + LOG_WARNING, + sprintf( + 'Unable to send account lockout warning to %s (%d)', + $user->nickname, + $user->id + ), + __FILE__ + ); + } + } + +}
\ No newline at end of file diff --git a/plugins/FacebookSSO/lib/facebookclient.php b/plugins/FacebookSSO/lib/facebookclient.php index 6753243ed..cf00b55e3 100644 --- a/plugins/FacebookSSO/lib/facebookclient.php +++ b/plugins/FacebookSSO/lib/facebookclient.php @@ -673,25 +673,29 @@ class Facebookclient */ function mailFacebookDisconnect() { - $profile = $user->getProfile(); + $profile = $this->user->getProfile(); $siteName = common_config('site', 'name'); - common_switch_locale($user->language); + common_switch_locale($this->user->language); - $subject = sprintf( - _m('Your Facebook connection has been removed'), - $siteName - ); + $subject = _m('Your Facebook connection has been removed'); $msg = <<<BODY -Hi, %1$s. We're sorry to inform you we are unable to publish your notice to -Facebook, and have removed the connection between your %2$s account and Facebook. +Hi %1$s, + +We're sorry to inform you we are unable to publish your notice to +Facebook, and have removed the connection between your %2$s account and +Facebook. + +This may have happened because you have removed permission for %2$s +to post on your behalf, or perhaps you have deactivated your Facebook +account. You can reconnect your %s account to Facebook at any time by +logging in with Facebook again. + +Sincerely, -This may have happened because you have removed permission for %2$s to post on -your behalf, or perhaps you have deactivated your Facebook account. You can -reconnect your %s account to Facebook at any time by logging in with Facebook -again. +%2$s BODY; $body = sprintf( _m($msg), |