Refactoring

<?php

/* ----------------------------------------------------------------------------

 *               INAF - National Institute for Astrophysics

 *               IRA  - Radioastronomical Institute - Bologna

 *               OATS - Astronomical Observatory - Trieste

 * ----------------------------------------------------------------------------

 *

 * Copyright (C) 2016 Istituto Nazionale di Astrofisica

 *

 * This program is free software; you can redistribute it and/or modify it under

 * the terms of the GNU General Public License Version 3 as published by the

 * Free Software Foundation.

 *

 * This program is distributed in the hope that it will be useful, but WITHOUT

 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS

 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more

 * details.

 *

 * You should have received a copy of the GNU General Public License along with

 * this program; if not, write to the Free Software Foundation, Inc., 51

 * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

 */

/* This page MUST be protected by Shibboleth authentication 

 * On Apache httpd:

 * AuthType shibboleth

 * ShibRequestSetting requireSession 1

 * Require valid-user

 */

include '../../include/init.php';

startSession();

if (isset($_SERVER['Shib-Session-ID'])) {

    // Retrieving eduPersonPrincipalName (eppn)

    $eppn = $_SERVER['eppn'];

    // Search if the user is already registered into RAP using the eppn.

    // The persistent id should be a more appropriate identifier, however at IA2

    // we need to import all INAF user into RAP, even if they will never register,

    // and in that case we know only their eppn.

    $user = $userHandler->findUserByIdentity(RAP\Identity::EDU_GAIN, $eppn);

    if ($user === null) {

        // Creating a new user

        $user = new RAP\User();

        $identity = new RAP\Identity(RAP\Identity::EDU_GAIN);

        $identity->email = $_SERVER['mail'];

        $identity->name = $_SERVER['givenName'];

        $identity->surname = $_SERVER['sn'];

        $identity->typedId = $eppn;

        $identity->eppn = $eppn;

        //$_SERVER['Shib-Identity-Provider']

        $user->addIdentity($identity);

        $session->userToLogin = $user;

        $session->save();

        header('Location: ' . $BASE_PATH . '/tou-check');

        die();

    }

    $auditLog->info("LOGIN,eduGAIN," . $user->id);

    $callbackHandler->manageLoginRedirect($user, $session);

} else {

    http_response_code(500);

    die("Shib-Session-ID not found!");

}

<?php

/* ----------------------------------------------------------------------------

 *               INAF - National Institute for Astrophysics

 *               IRA  - Radioastronomical Institute - Bologna

 *               OATS - Astronomical Observatory - Trieste

 * ----------------------------------------------------------------------------

 *

 * Copyright (C) 2016 Istituto Nazionale di Astrofisica

 *

 * This program is free software; you can redistribute it and/or modify it under

 * the terms of the GNU General Public License Version 3 as published by the

 * Free Software Foundation.

 *

 * This program is distributed in the hope that it will be useful, but WITHOUT

 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS

 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more

 * details.

 *

 * You should have received a copy of the GNU General Public License along with

 * this program; if not, write to the Free Software Foundation, Inc., 51

 * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

 */

/* This page uses the Facebook API for generating the redirect URL to use for Facebook login */

include '../../include/init.php';

startSession();

// Retrieve Facebook configuration

$Facebook = $AUTHENTICATION_METHODS['Facebook'];

$fb = new Facebook\Facebook([

    'app_id' => $Facebook['id'],

    'app_secret' => $Facebook['secret'],

    'default_graph_version' => $Facebook['version'],

        ]);

$helper = $fb->getRedirectLoginHelper();

$permissions = ['email']; // Optional permissions: we need user email

$loginUrl = $helper->getLoginUrl($Facebook['callback'], $permissions);

header("Location: $loginUrl");

?>

<?php

/* ----------------------------------------------------------------------------

 *               INAF - National Institute for Astrophysics

 *               IRA  - Radioastronomical Institute - Bologna

 *               OATS - Astronomical Observatory - Trieste

 * ----------------------------------------------------------------------------

 *

 * Copyright (C) 2016 Istituto Nazionale di Astrofisica

 *

 * This program is free software; you can redistribute it and/or modify it under

 * the terms of the GNU General Public License Version 3 as published by the

 * Free Software Foundation.

 *

 * This program is distributed in the hope that it will be useful, but WITHOUT

 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS

 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more

 * details.

 *

 * You should have received a copy of the GNU General Public License along with

 * this program; if not, write to the Free Software Foundation, Inc., 51

 * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

 */

/* Facebook callback page */

include '../../include/init.php';

startSession();

// Retrieve Facebook configuration

$Facebook = $AUTHENTICATION_METHODS['Facebook'];

$fb = new Facebook\Facebook([

    'app_id' => $Facebook['id'],

    'app_secret' => $Facebook['secret'],

    'default_graph_version' => $Facebook['version'],

        ]);

$helper = $fb->getRedirectLoginHelper();

if (isset($_GET['state'])) {

    $helper->getPersistentDataHandler()->set('state', $_GET['state']);

}

try {

    // obtaining current URL without query string

    $url = "https://$_SERVER[HTTP_HOST]" . strtok($_SERVER["REQUEST_URI"], '?');

    $accessToken = $helper->getAccessToken($url);

} catch (Facebook\Exceptions\FacebookResponseException $e) {

    // When Graph returns an error

    http_response_code(500);

    die('Graph returned an error: ' . $e->getMessage());

} catch (Facebook\Exceptions\FacebookSDKException $e) {

    // When validation fails or other local issues

    http_response_code(500);

    die('Facebook SDK returned an error: ' . $e->getMessage());

}

if (!isset($accessToken)) {

    if ($helper->getError()) {

        $errorMessage = "Error: " . $helper->getError() . "<br>";

        $errorMessage = $errorMessage . "Error Code: " . $helper->getErrorCode() . "<br>";

        $errorMessage = $errorMessage . "Error Reason: " . $helper->getErrorReason() . "<br>";

        $errorMessage = $errorMessage . "Error Description: " . $helper->getErrorDescription();

    } else {

        $errorMessage = "Bad request";

    }

    http_response_code(500);

    die($errorMessage);

}

try {

    // Returns a `Facebook\FacebookResponse` object

    $response = $fb->get('/me?fields=id,first_name,last_name,email', $accessToken);

} catch (Facebook\Exceptions\FacebookResponseException $e) {

    echo 'Graph returned an error: ' . $e->getMessage();

    exit;

} catch (Facebook\Exceptions\FacebookSDKException $e) {

    echo 'Facebook SDK returned an error: ' . $e->getMessage();

    exit;

}

$_SESSION['fb_access_token'] = (string) $accessToken;

$fbUser = $response->getGraphUser();

$typedId = $fbUser["id"];

// Search if the user is already registered into RAP using the Facebook ID.

$user = $userHandler->findUserByIdentity(RAP\Identity::FACEBOOK, $typedId);

if ($user === null) {

    // Create new user

    $user = new RAP\User();

    $identity = new RAP\Identity(RAP\Identity::FACEBOOK);

    $identity->email = $fbUser["email"];

    $identity->name = $fbUser["first_name"];

    $identity->surname = $fbUser["last_name"];

    $identity->typedId = $typedId;

    $user->addIdentity($identity);

    $session->userToLogin = $user;

    $session->save();

    header('Location: ' . $BASE_PATH . '/tou-check');

    die();

}

$auditLog->info("LOGIN,Facebook," . $user->id);

$callbackHandler->manageLoginRedirect($user, $session);

?>

<?php

/* ----------------------------------------------------------------------------

 *               INAF - National Institute for Astrophysics

 *               IRA  - Radioastronomical Institute - Bologna

 *               OATS - Astronomical Observatory - Trieste

 * ----------------------------------------------------------------------------

 *

 * Copyright (C) 2016 Istituto Nazionale di Astrofisica

 *

 * This program is free software; you can redistribute it and/or modify it under

 * the terms of the GNU General Public License Version 3 as published by the

 * Free Software Foundation.

 *

 * This program is distributed in the hope that it will be useful, but WITHOUT

 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS

 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more

 * details.

 *

 * You should have received a copy of the GNU General Public License along with

 * this program; if not, write to the Free Software Foundation, Inc., 51

 * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

 */

/* Google redirect and callback page */

include '../../include/init.php';

startSession();

// Retrieve Google configuration

$Google = $AUTHENTICATION_METHODS['Google'];

$client = new Google_Client(array(

    'client_id' => $Google['id'],

    'client_secret' => $Google['secret'],

    'redirect_uri' => $Google['callback'],

        ));

// Ask permission to obtain user email and profile information

$client->setScopes(array(Google_Service_People::USERINFO_EMAIL, Google_Service_People::USERINFO_PROFILE));

if (isset($_REQUEST['logout'])) {

// Reset the access token stored into the session

    unset($_SESSION['access_token']);

}

if (isset($_GET['code'])) {

// An access token has been returned from the auth URL.

    $client->authenticate($_GET['code']);

    $_SESSION['access_token'] = $client->getAccessToken();

}

//if (isset($_SESSION['access_token'])) {

//    $client->setAccessToken($_SESSION['access_token']);

//}

if ($client->getAccessToken()) {

    // Query web service for retrieving user information

    $service = new Google_Service_People($client);

    try {

        $res = $service->people->get('people/me', array('requestMask.includeField' => 'person.names,person.email_addresses'));

    } catch (Google_Service_Exception $e) {

        echo '<p>' . json_encode($e->getErrors()) . '</p>';

        $thisPage = $PROTOCOL . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];

        echo '<p><a href="' . $thisPage . '?logout">Click here to unset the access token</a></p>';

    }

    $name = $res->getNames()[0]->getGivenName();

    $surname = $res->getNames()[0]->getFamilyName();

    $emailAddresses = [];

    foreach ($res->getEmailAddresses() as $addr) {

        array_push($emailAddresses, $addr->value);

    }

    $typedId = explode('/', $res->getResourceName())[1];

    // Search if the user is already registered into RAP using the Google ID.

    $user = $userHandler->findUserByIdentity(RAP\Identity::GOOGLE, $typedId);

    if ($user === null) {

        // Create new user

        $user = new RAP\User();

        $identity = new RAP\Identity(RAP\Identity::GOOGLE);

        $identity->email = $emailAddresses[0];

        $identity->name = $name;

        $identity->surname = $surname;

        $identity->typedId = $typedId;

        $user->addIdentity($identity);

        $session->userToLogin = $user;

        $session->save();

        header('Location: ' . $BASE_PATH . '/tou-check');

        die();

    }

    $auditLog->info("LOGIN,Google," . $user->id);

    $callbackHandler->manageLoginRedirect($user, $session);

    die();

} else {

    // Redirect to Google authorization URL for obtaining an access token

    $authUrl = $client->createAuthUrl();

    header('Location: ' . $authUrl);

    die();

}

?>

<?php

/* ----------------------------------------------------------------------------

 *               INAF - National Institute for Astrophysics

 *               IRA  - Radioastronomical Institute - Bologna

 *               OATS - Astronomical Observatory - Trieste

 * ----------------------------------------------------------------------------

 *

 * Copyright (C) 2016 Istituto Nazionale di Astrofisica

 *

 * This program is free software; you can redistribute it and/or modify it under

 * the terms of the GNU General Public License Version 3 as published by the

 * Free Software Foundation.

 *

 * This program is distributed in the hope that it will be useful, but WITHOUT

 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS

 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more

 * details.

 *

 * You should have received a copy of the GNU General Public License along with

 * this program; if not, write to the Free Software Foundation, Inc., 51

 * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

 */

/* This page redirects to LinkedIn login page */

include '../../include/init.php';

startSession();

// Retrieve LinkedIn configuration

$LinkedIn = $AUTHENTICATION_METHODS['LinkedIn'];

$url = "https://www.linkedin.com/oauth/v2/authorization?response_type=code";

$url .= "&client_id=" . $LinkedIn['id'];

$url .= "&redirect_uri=" . $LinkedIn['callback'];

$url .= "&state=789654123";

$url .= "&scope=r_basicprofile r_emailaddress";

header("Location: $url");

?>