modules/yahoo_bbauth/yahoo_bbauth.module

<?php

// Yahoo! Browser-Based Authentication for Drupal

// Author: Jason Levitt
// Date: September 18th, 2006
// Version: 1.0

/**
 * @file
 * Creates Drupal accounts that authenticate using Yahoo! Browser-Based Authentication
 */


// Include the proper bbauth class file
$v = phpversion();
if ($v[0] == '4') {
	include("ybrowserauth.class.php4");
} elseif ($v[0] == '5') {
	include("ybrowserauth.class.php5");
} else {
	watchdog('php', t('No Yahoo! bbauth class for version '.$v.' of PHP. Yahoo_bbauth module could not be used to authenticate users.'), WATCHDOG_WARNING);
	drupal_set_message(t('Yahoo_bbauth login failed because the proper Yahoo_bbauth class file could not be found.'), 'error');
	drupal_goto();
}

// Need the curl extension for bbauth class
if (!function_exists('curl_init')) {
	watchdog('php', t('Curl extension is not installed -- cannot run yahoo_bbauth without it!'), WATCHDOG_WARNING);
	drupal_set_message(t('Curl extension is not installed -- cannot run yahoo_bbauth without it!'), 'error');
	drupal_goto();
}

// Show lots of watchdog messages
define('MORE_LOGGING', 1);

/*
* Implementation of hook_help
*/
function yahoo_bbauth_help($section) {

	$appid = variable_get('yahoo_bbauth_appid','');
	$secret = variable_get('yahoo_bbauth_secret','');
	$authObj = new YBrowserAuth($appid, $secret);

	switch ($section) {
		case 'admin/modules#description':
			return t('Enables user authentication via Yahoo!');
		case 'user/help#yahoo_bbauth':
			return t('Enables user authentication via Yahoo! Browser-Based Authentication. Login now by clicking here: ').l(t('yahoo_bbauth login'), $authObj->getAuthURL(null,true));
	}
	return;
}

/**
 * Implementation of hook_info().
 */
function yahoo_bbauth_info($field = 0) {
	$info['name'] = 'yahoo_bbauth';
	if ($field) {
		return $info[$field];
	} else {
		return $info;
	}
}

/**
 * Implementation of hook_menu().
 */
function yahoo_bbauth_menu($may_cache) {
	$items = array();

	if ($may_cache) {
		$items[] = array(
		'path' => 'yahoo_bbauth_login',
		'title' => t('yahoo_bbauth login'),
		'callback' => 'yahoo_bbauth_page',
		'access' => TRUE,
		'type' => MENU_CALLBACK);
	}

	return $items;
}

/**
 * Handle a client who has just been redirected to a yahoo_bbauth server,
 * authenticated, and returned.
 *
 */
function yahoo_bbauth_page() {
	global $user;

	if ($user->uid) {
		print theme('page', t('Yahoo bbauth did not authenticate you because you are already logged in.'));
		return;
	}

	$appid = variable_get('yahoo_bbauth_appid','');
	$secret = variable_get('yahoo_bbauth_secret','');

	if (($appid == '') or ($secret =='')) {
		watchdog('yahoo_bbauth', t('Login failed. You must set the yahoo_bbauth appid and secret under administer - settings - yahoo_bbauth.'), WATCHDOG_ERROR);
		print theme('page', t('Login failed because the appid or secret was not configured in your settings.'));
		return;
	}

	$authObj = new YBrowserAuth($appid, $secret);

	if ($authObj->validate_sig()) {
		watchdog('yahoo_bbauth', t('Yahoo_bbauth signature validated.'), WATCHDOG_NOTICE);
	} else {
		watchdog('yahoo_bbauth', t('Login failed because signature validation failed.'), WATCHDOG_ERROR);
		drupal_set_message(t('Login failed because signature validation failed.'), 'error');
		drupal_goto();
	}

	if (!isset($authObj->userhash)) {
		watchdog('yahoo_bbauth', t('yahoo_bbauth request received but userhash was not set.'), WATCHDOG_ERROR);
		drupal_set_message(t('yahoo_bbauth login failed - no userhash was found.'), 'error');
		drupal_goto();
	}

	$username = $authObj->userhash;
	watchdog('yahoo_bbauth', t('Received login request from %user', array('%user' => check_plain($username))));
	if (MORE_LOGGING) {
		watchdog('yahoo_bbauth', t('Session ID is %sessid', array('%sessid' => check_plain(session_id()))));
	}

	$user = user_authenticate("$username@yahoo", '');

	if ($user->uid) {
		// login successful
		if (MORE_LOGGING) {
			watchdog('yahoo_bbauth', t("uid of authenticated user is '%uid'", array('%uid' => check_plain($user->uid))));
		}
		drupal_set_message(t('Successful login using Yahoo! Browser Based authentication.'), 'status');
		global $base_url;
		$url = variable_get('yahoo_bbauth_success_url', $base_url);

		drupal_goto($url); // Stored URL must end with a slash for Firefox
	}

	drupal_set_message(t('yahoo_bbauth login failed to authenticate you.'), 'error');
	drupal_goto();
}

/*
* Implementation of hook_auth().
*
*/
function yahoo_bbauth_auth($username, $password, $server = ' ') {

	if (MORE_LOGGING) {
		watchdog('yahoo_bbauth', t('Received auth callback for %user.', array('%user' => check_plain($username))));
	}

	if ($server == 'yahoo') {
		if (user_external_load("$username@$server")) { // user is already registered
			if (MORE_LOGGING) {
				watchdog('yahoo_bbauth', t('User %user is already registered.', array('%user' => check_plain($username))));
			}
			return TRUE;
		}

		if (MORE_LOGGING) {
			watchdog('yahoo_bbauth', t('Successful auth for %user.', array('%user' => check_plain($username))));
		}
		return TRUE;
	}

	if (MORE_LOGGING) {
		watchdog('yahoo_bbauth', t("Received auth call for server '%server' (not '%pserver')", array('%server' => check_plain($server), '%pserver' => 'yahoo')));
	}
	return FALSE;
}


/*
* Implementation of hook_block().
*
* Display the yahoo_bbauth "Log in" link.
*/

function yahoo_bbauth_block($op = 'list', $delta = 0, $edit = array()) {

	$appid = variable_get('yahoo_bbauth_appid','');
	$secret = variable_get('yahoo_bbauth_secret','');

	if (($appid == '') or ($secret =='')) {
		watchdog('yahoo_bbauth', t('Login failed. You must set the yahoo_bbauth appid and secret under administer - settings - yahoo_bbauth.'), WATCHDOG_ERROR);
		drupal_set_message(t('Login failed because the appid or secret was not configured in your settings.'), 'error');
		return;
	}

	$authObj = new YBrowserAuth($appid, $secret);
	$blocks = array();

	switch ($op) {
		case 'list':
			$blocks[0]['info'] = t('yahoo_bbauth login');
			return $blocks;

		case 'view':
			global $user;

			$block = array();
			if (!$user->uid) {
				switch ($delta) {
					case 0:
						$block['subject'] = t('Login Using Yahoo!');
						$block['content'] = l(t('Login'), $authObj->getAuthURL(null,true)). '<br />' . t('Note: this login link times out after 5 minutes. Reload page to login');
				}
			}
			return $block;

		case 'configure':
			break;
	}
	return;
}


/*
* Implementation of hook_settings().
*/
function yahoo_bbauth_settings() {
	global $base_url;

	$form['yahoo_bbauth_success_url'] = array(
	'#type' => 'textfield',
	'#title' => t('Successful login URL'),
	'#default_value' => variable_get('yahoo_bbauth_success_url', $base_url.'/'),
	'#description' => t('The URL where users are directed after a successful yahoo_bbauth login. MUST END WITH A SLASH IF IT IS A DIRECTORY! e.g. http://www.mysite.com/ or http://www.mysite.com/dir/'),
	'#size' => '40',
	'#maxlength' => '255'
	);
	$form['yahoo_bbauth_appid'] = array(
	'#type' => 'textfield',
	'#title' => t('Application ID'),
	'#default_value' => variable_get('yahoo_bbauth_appid', 'Enter your Yahoo! bbauth application ID'),
	'#description' => t('Signup for your application id at https://developer.yahoo.com/wsregapp/index.php'),
	'#size' => '36',
	'#maxlength' => '255'
	);
	$form['yahoo_bbauth_secret'] = array(
	'#type' => 'textfield',
	'#title' => t('Shared Secret'),
	'#default_value' => variable_get('yahoo_bbauth_secret', 'Enter your Yahoo! shared secret'),
	'#description' => t('Signup for your Shared Secret at https://developer.yahoo.com/wsregapp/index.php'),
	'#size' => '33',
	'#maxlength' => '255'
	);

	return $form;
}


?>
1	<?php
2
3	// Yahoo! Browser-Based Authentication for Drupal
4
5	// Author: Jason Levitt
6	// Date: September 18th, 2006
7	// Version: 1.0
8
9	/**
10	* @file
11	* Creates Drupal accounts that authenticate using Yahoo! Browser-Based Authentication
12	*/
13
14
15	// Include the proper bbauth class file
16	$v = phpversion();
17	if ($v[0] == '4') {
18	include("ybrowserauth.class.php4");
19	} elseif ($v[0] == '5') {
20	include("ybrowserauth.class.php5");
21	} else {
22	watchdog('php', t('No Yahoo! bbauth class for version '.$v.' of PHP. Yahoo_bbauth module could not be used to authenticate users.'), WATCHDOG_WARNING);
23	drupal_set_message(t('Yahoo_bbauth login failed because the proper Yahoo_bbauth class file could not be found.'), 'error');
24	drupal_goto();
25	}
26
27	// Need the curl extension for bbauth class
28	if (!function_exists('curl_init')) {
29	watchdog('php', t('Curl extension is not installed -- cannot run yahoo_bbauth without it!'), WATCHDOG_WARNING);
30	drupal_set_message(t('Curl extension is not installed -- cannot run yahoo_bbauth without it!'), 'error');
31	drupal_goto();
32	}
33
34	// Show lots of watchdog messages
35	define('MORE_LOGGING', 1);
36
37	/*
38	* Implementation of hook_help
39	*/
40	function yahoo_bbauth_help($section) {
41
42	$appid = variable_get('yahoo_bbauth_appid','');
43	$secret = variable_get('yahoo_bbauth_secret','');
44	$authObj = new YBrowserAuth($appid, $secret);
45
46	switch ($section) {
47	case 'admin/modules#description':
48	return t('Enables user authentication via Yahoo!');
49	case 'user/help#yahoo_bbauth':
50	return t('Enables user authentication via Yahoo! Browser-Based Authentication. Login now by clicking here: ').l(t('yahoo_bbauth login'), $authObj->getAuthURL(null,true));
51	}
52	return;
53	}
54
55	/**
56	* Implementation of hook_info().
57	*/
58	function yahoo_bbauth_info($field = 0) {
59	$info['name'] = 'yahoo_bbauth';
60	if ($field) {
61	return $info[$field];
62	} else {
63	return $info;
64	}
65	}
66
67	/**
68	* Implementation of hook_menu().
69	*/
70	function yahoo_bbauth_menu($may_cache) {
71	$items = array();
72
73	if ($may_cache) {
74	$items[] = array(
75	'path' => 'yahoo_bbauth_login',
76	'title' => t('yahoo_bbauth login'),
77	'callback' => 'yahoo_bbauth_page',
78	'access' => TRUE,
79	'type' => MENU_CALLBACK);
80	}
81
82	return $items;
83	}
84
85	/**
86	* Handle a client who has just been redirected to a yahoo_bbauth server,
87	* authenticated, and returned.
88	*
89	*/
90	function yahoo_bbauth_page() {
91	global $user;
92
93	if ($user->uid) {
94	print theme('page', t('Yahoo bbauth did not authenticate you because you are already logged in.'));
95	return;
96	}
97
98	$appid = variable_get('yahoo_bbauth_appid','');
99	$secret = variable_get('yahoo_bbauth_secret','');
100
101	if (($appid == '') or ($secret =='')) {
102	watchdog('yahoo_bbauth', t('Login failed. You must set the yahoo_bbauth appid and secret under administer - settings - yahoo_bbauth.'), WATCHDOG_ERROR);
103	print theme('page', t('Login failed because the appid or secret was not configured in your settings.'));
104	return;
105	}
106
107	$authObj = new YBrowserAuth($appid, $secret);
108
109	if ($authObj->validate_sig()) {
110	watchdog('yahoo_bbauth', t('Yahoo_bbauth signature validated.'), WATCHDOG_NOTICE);
111	} else {
112	watchdog('yahoo_bbauth', t('Login failed because signature validation failed.'), WATCHDOG_ERROR);
113	drupal_set_message(t('Login failed because signature validation failed.'), 'error');
114	drupal_goto();
115	}
116
117	if (!isset($authObj->userhash)) {
118	watchdog('yahoo_bbauth', t('yahoo_bbauth request received but userhash was not set.'), WATCHDOG_ERROR);
119	drupal_set_message(t('yahoo_bbauth login failed - no userhash was found.'), 'error');
120	drupal_goto();
121	}
122
123	$username = $authObj->userhash;
124	watchdog('yahoo_bbauth', t('Received login request from %user', array('%user' => check_plain($username))));
125	if (MORE_LOGGING) {
126	watchdog('yahoo_bbauth', t('Session ID is %sessid', array('%sessid' => check_plain(session_id()))));
127	}
128
129	$user = user_authenticate("$username@yahoo", '');
130
131	if ($user->uid) {
132	// login successful
133	if (MORE_LOGGING) {
134	watchdog('yahoo_bbauth', t("uid of authenticated user is '%uid'", array('%uid' => check_plain($user->uid))));
135	}
136	drupal_set_message(t('Successful login using Yahoo! Browser Based authentication.'), 'status');
137	global $base_url;
138	$url = variable_get('yahoo_bbauth_success_url', $base_url);
139
140	drupal_goto($url); // Stored URL must end with a slash for Firefox
141	}
142
143	drupal_set_message(t('yahoo_bbauth login failed to authenticate you.'), 'error');
144	drupal_goto();
145	}
146
147	/*
148	* Implementation of hook_auth().
149	*
150	*/
151	function yahoo_bbauth_auth($username, $password, $server = ' ') {
152
153	if (MORE_LOGGING) {
154	watchdog('yahoo_bbauth', t('Received auth callback for %user.', array('%user' => check_plain($username))));
155	}
156
157	if ($server == 'yahoo') {
158	if (user_external_load("$username@$server")) { // user is already registered
159	if (MORE_LOGGING) {
160	watchdog('yahoo_bbauth', t('User %user is already registered.', array('%user' => check_plain($username))));
161	}
162	return TRUE;
163	}
164
165	if (MORE_LOGGING) {
166	watchdog('yahoo_bbauth', t('Successful auth for %user.', array('%user' => check_plain($username))));
167	}
168	return TRUE;
169	}
170
171	if (MORE_LOGGING) {
172	watchdog('yahoo_bbauth', t("Received auth call for server '%server' (not '%pserver')", array('%server' => check_plain($server), '%pserver' => 'yahoo')));
173	}
174	return FALSE;
175	}
176
177
178	/*
179	* Implementation of hook_block().
180	*
181	* Display the yahoo_bbauth "Log in" link.
182	*/
183
184	function yahoo_bbauth_block($op = 'list', $delta = 0, $edit = array()) {
185
186	$appid = variable_get('yahoo_bbauth_appid','');
187	$secret = variable_get('yahoo_bbauth_secret','');
188
189	if (($appid == '') or ($secret =='')) {
190	watchdog('yahoo_bbauth', t('Login failed. You must set the yahoo_bbauth appid and secret under administer - settings - yahoo_bbauth.'), WATCHDOG_ERROR);
191	drupal_set_message(t('Login failed because the appid or secret was not configured in your settings.'), 'error');
192	return;
193	}
194
195	$authObj = new YBrowserAuth($appid, $secret);
196	$blocks = array();
197
198	switch ($op) {
199	case 'list':
200	$blocks[0]['info'] = t('yahoo_bbauth login');
201	return $blocks;
202
203	case 'view':
204	global $user;
205
206	$block = array();
207	if (!$user->uid) {
208	switch ($delta) {
209	case 0:
210	$block['subject'] = t('Login Using Yahoo!');
211	$block['content'] = l(t('Login'), $authObj->getAuthURL(null,true)). '<br />' . t('Note: this login link times out after 5 minutes. Reload page to login');
212	}
213	}
214	return $block;
215
216	case 'configure':
217	break;
218	}
219	return;
220	}
221
222
223
224	/*
225	* Implementation of hook_settings().
226	*/
227	function yahoo_bbauth_settings() {
228	global $base_url;
229
230	$form['yahoo_bbauth_success_url'] = array(
231	'#type' => 'textfield',
232	'#title' => t('Successful login URL'),
233	'#default_value' => variable_get('yahoo_bbauth_success_url', $base_url.'/'),
234	'#description' => t('The URL where users are directed after a successful yahoo_bbauth login. MUST END WITH A SLASH IF IT IS A DIRECTORY! e.g. http://www.mysite.com/ or http://www.mysite.com/dir/'),
235	'#size' => '40',
236	'#maxlength' => '255'
237	);
238	$form['yahoo_bbauth_appid'] = array(
239	'#type' => 'textfield',
240	'#title' => t('Application ID'),
241	'#default_value' => variable_get('yahoo_bbauth_appid', 'Enter your Yahoo! bbauth application ID'),
242	'#description' => t('Signup for your application id at https://developer.yahoo.com/wsregapp/index.php'),
243	'#size' => '36',
244	'#maxlength' => '255'
245	);
246	$form['yahoo_bbauth_secret'] = array(
247	'#type' => 'textfield',
248	'#title' => t('Shared Secret'),
249	'#default_value' => variable_get('yahoo_bbauth_secret', 'Enter your Yahoo! shared secret'),
250	'#description' => t('Signup for your Shared Secret at https://developer.yahoo.com/wsregapp/index.php'),
251	'#size' => '33',
252	'#maxlength' => '255'
253	);
254
255	return $form;
256	}
257
258
259	?>