From f51c9ed2abe5c68211bb3736be5f70b1fe2c9ec0 Mon Sep 17 00:00:00 2001 From: M.Gergo Date: Fri, 8 Mar 2019 21:20:34 +0100 Subject: további rendrakás --- .../facebook/Helpers/FacebookCanvasHelper.php | 52 ---- .../facebook/Helpers/FacebookJavaScriptHelper.php | 42 --- .../facebook/Helpers/FacebookPageTabHelper.php | 95 ------ .../Helpers/FacebookRedirectLoginHelper.php | 333 --------------------- .../FacebookSignedRequestFromInputHelper.php | 166 ---------- 5 files changed, 688 deletions(-) delete mode 100644 mayor-orig/www/include/share/facebook/Helpers/FacebookCanvasHelper.php delete mode 100644 mayor-orig/www/include/share/facebook/Helpers/FacebookJavaScriptHelper.php delete mode 100644 mayor-orig/www/include/share/facebook/Helpers/FacebookPageTabHelper.php delete mode 100644 mayor-orig/www/include/share/facebook/Helpers/FacebookRedirectLoginHelper.php delete mode 100644 mayor-orig/www/include/share/facebook/Helpers/FacebookSignedRequestFromInputHelper.php (limited to 'mayor-orig/www/include/share/facebook/Helpers') diff --git a/mayor-orig/www/include/share/facebook/Helpers/FacebookCanvasHelper.php b/mayor-orig/www/include/share/facebook/Helpers/FacebookCanvasHelper.php deleted file mode 100644 index 7f3466ff..00000000 --- a/mayor-orig/www/include/share/facebook/Helpers/FacebookCanvasHelper.php +++ /dev/null @@ -1,52 +0,0 @@ -signedRequest ? $this->signedRequest->get('app_data') : null; - } - - /** - * Get raw signed request from POST. - * - * @return string|null - */ - public function getRawSignedRequest() - { - return $this->getRawSignedRequestFromPost() ?: null; - } -} diff --git a/mayor-orig/www/include/share/facebook/Helpers/FacebookJavaScriptHelper.php b/mayor-orig/www/include/share/facebook/Helpers/FacebookJavaScriptHelper.php deleted file mode 100644 index 01a76b8b..00000000 --- a/mayor-orig/www/include/share/facebook/Helpers/FacebookJavaScriptHelper.php +++ /dev/null @@ -1,42 +0,0 @@ -getRawSignedRequestFromCookie(); - } -} diff --git a/mayor-orig/www/include/share/facebook/Helpers/FacebookPageTabHelper.php b/mayor-orig/www/include/share/facebook/Helpers/FacebookPageTabHelper.php deleted file mode 100644 index da2c356c..00000000 --- a/mayor-orig/www/include/share/facebook/Helpers/FacebookPageTabHelper.php +++ /dev/null @@ -1,95 +0,0 @@ -signedRequest) { - return; - } - - $this->pageData = $this->signedRequest->get('page'); - } - - /** - * Returns a value from the page data. - * - * @param string $key - * @param mixed|null $default - * - * @return mixed|null - */ - public function getPageData($key, $default = null) - { - if (isset($this->pageData[$key])) { - return $this->pageData[$key]; - } - - return $default; - } - - /** - * Returns true if the user is an admin. - * - * @return boolean - */ - public function isAdmin() - { - return $this->getPageData('admin') === true; - } - - /** - * Returns the page id if available. - * - * @return string|null - */ - public function getPageId() - { - return $this->getPageData('id'); - } -} diff --git a/mayor-orig/www/include/share/facebook/Helpers/FacebookRedirectLoginHelper.php b/mayor-orig/www/include/share/facebook/Helpers/FacebookRedirectLoginHelper.php deleted file mode 100644 index 3240ba81..00000000 --- a/mayor-orig/www/include/share/facebook/Helpers/FacebookRedirectLoginHelper.php +++ /dev/null @@ -1,333 +0,0 @@ -oAuth2Client = $oAuth2Client; - $this->persistentDataHandler = $persistentDataHandler ?: new FacebookSessionPersistentDataHandler(); - $this->urlDetectionHandler = $urlHandler ?: new FacebookUrlDetectionHandler(); - $this->pseudoRandomStringGenerator = PseudoRandomStringGeneratorFactory::createPseudoRandomStringGenerator($prsg); - } - - /** - * Returns the persistent data handler. - * - * @return PersistentDataInterface - */ - public function getPersistentDataHandler() - { - return $this->persistentDataHandler; - } - - /** - * Returns the URL detection handler. - * - * @return UrlDetectionInterface - */ - public function getUrlDetectionHandler() - { - return $this->urlDetectionHandler; - } - - /** - * Returns the cryptographically secure pseudo-random string generator. - * - * @return PseudoRandomStringGeneratorInterface - */ - public function getPseudoRandomStringGenerator() - { - return $this->pseudoRandomStringGenerator; - } - - /** - * Stores CSRF state and returns a URL to which the user should be sent to in order to continue the login process with Facebook. - * - * @param string $redirectUrl The URL Facebook should redirect users to after login. - * @param array $scope List of permissions to request during login. - * @param array $params An array of parameters to generate URL. - * @param string $separator The separator to use in http_build_query(). - * - * @return string - */ - private function makeUrl($redirectUrl, array $scope, array $params = [], $separator = '&') - { - $state = $this->persistentDataHandler->get('state') ?: $this->pseudoRandomStringGenerator->getPseudoRandomString(static::CSRF_LENGTH); - $this->persistentDataHandler->set('state', $state); - - return $this->oAuth2Client->getAuthorizationUrl($redirectUrl, $state, $scope, $params, $separator); - } - - /** - * Returns the URL to send the user in order to login to Facebook. - * - * @param string $redirectUrl The URL Facebook should redirect users to after login. - * @param array $scope List of permissions to request during login. - * @param string $separator The separator to use in http_build_query(). - * - * @return string - */ - public function getLoginUrl($redirectUrl, array $scope = [], $separator = '&') - { - return $this->makeUrl($redirectUrl, $scope, [], $separator); - } - - /** - * Returns the URL to send the user in order to log out of Facebook. - * - * @param AccessToken|string $accessToken The access token that will be logged out. - * @param string $next The url Facebook should redirect the user to after a successful logout. - * @param string $separator The separator to use in http_build_query(). - * - * @return string - * - * @throws FacebookSDKException - */ - public function getLogoutUrl($accessToken, $next, $separator = '&') - { - if (!$accessToken instanceof AccessToken) { - $accessToken = new AccessToken($accessToken); - } - - if ($accessToken->isAppAccessToken()) { - throw new FacebookSDKException('Cannot generate a logout URL with an app access token.', 722); - } - - $params = [ - 'next' => $next, - 'access_token' => $accessToken->getValue(), - ]; - - return 'https://www.facebook.com/logout.php?' . http_build_query($params, null, $separator); - } - - /** - * Returns the URL to send the user in order to login to Facebook with permission(s) to be re-asked. - * - * @param string $redirectUrl The URL Facebook should redirect users to after login. - * @param array $scope List of permissions to request during login. - * @param string $separator The separator to use in http_build_query(). - * - * @return string - */ - public function getReRequestUrl($redirectUrl, array $scope = [], $separator = '&') - { - $params = ['auth_type' => 'rerequest']; - - return $this->makeUrl($redirectUrl, $scope, $params, $separator); - } - - /** - * Returns the URL to send the user in order to login to Facebook with user to be re-authenticated. - * - * @param string $redirectUrl The URL Facebook should redirect users to after login. - * @param array $scope List of permissions to request during login. - * @param string $separator The separator to use in http_build_query(). - * - * @return string - */ - public function getReAuthenticationUrl($redirectUrl, array $scope = [], $separator = '&') - { - $params = ['auth_type' => 'reauthenticate']; - - return $this->makeUrl($redirectUrl, $scope, $params, $separator); - } - - /** - * Takes a valid code from a login redirect, and returns an AccessToken entity. - * - * @param string|null $redirectUrl The redirect URL. - * - * @return AccessToken|null - * - * @throws FacebookSDKException - */ - public function getAccessToken($redirectUrl = null) - { - if (!$code = $this->getCode()) { - return null; - } - - $this->validateCsrf(); - $this->resetCsrf(); - - $redirectUrl = $redirectUrl ?: $this->urlDetectionHandler->getCurrentUrl(); - // At minimum we need to remove the 'state' and 'code' params - $redirectUrl = FacebookUrlManipulator::removeParamsFromUrl($redirectUrl, ['code', 'state']); - - return $this->oAuth2Client->getAccessTokenFromCode($code, $redirectUrl); - } - - /** - * Validate the request against a cross-site request forgery. - * - * @throws FacebookSDKException - */ - protected function validateCsrf() - { - $state = $this->getState(); - if (!$state) { - throw new FacebookSDKException('Cross-site request forgery validation failed. Required GET param "state" missing.'); - } - $savedState = $this->persistentDataHandler->get('state'); - if (!$savedState) { - throw new FacebookSDKException('Cross-site request forgery validation failed. Required param "state" missing from persistent data.'); - } - - if (\hash_equals($savedState, $state)) { - return; - } - - throw new FacebookSDKException('Cross-site request forgery validation failed. The "state" param from the URL and session do not match.'); - } - - /** - * Resets the CSRF so that it doesn't get reused. - */ - private function resetCsrf() - { - $this->persistentDataHandler->set('state', null); - } - - /** - * Return the code. - * - * @return string|null - */ - protected function getCode() - { - return $this->getInput('code'); - } - - /** - * Return the state. - * - * @return string|null - */ - protected function getState() - { - return $this->getInput('state'); - } - - /** - * Return the error code. - * - * @return string|null - */ - public function getErrorCode() - { - return $this->getInput('error_code'); - } - - /** - * Returns the error. - * - * @return string|null - */ - public function getError() - { - return $this->getInput('error'); - } - - /** - * Returns the error reason. - * - * @return string|null - */ - public function getErrorReason() - { - return $this->getInput('error_reason'); - } - - /** - * Returns the error description. - * - * @return string|null - */ - public function getErrorDescription() - { - return $this->getInput('error_description'); - } - - /** - * Returns a value from a GET param. - * - * @param string $key - * - * @return string|null - */ - private function getInput($key) - { - return isset($_GET[$key]) ? $_GET[$key] : null; - } -} diff --git a/mayor-orig/www/include/share/facebook/Helpers/FacebookSignedRequestFromInputHelper.php b/mayor-orig/www/include/share/facebook/Helpers/FacebookSignedRequestFromInputHelper.php deleted file mode 100644 index 4044da10..00000000 --- a/mayor-orig/www/include/share/facebook/Helpers/FacebookSignedRequestFromInputHelper.php +++ /dev/null @@ -1,166 +0,0 @@ -app = $app; - $graphVersion = $graphVersion ?: Facebook::DEFAULT_GRAPH_VERSION; - $this->oAuth2Client = new OAuth2Client($this->app, $client, $graphVersion); - - $this->instantiateSignedRequest(); - } - - /** - * Instantiates a new SignedRequest entity. - * - * @param string|null - */ - public function instantiateSignedRequest($rawSignedRequest = null) - { - $rawSignedRequest = $rawSignedRequest ?: $this->getRawSignedRequest(); - - if (!$rawSignedRequest) { - return; - } - - $this->signedRequest = new SignedRequest($this->app, $rawSignedRequest); - } - - /** - * Returns an AccessToken entity from the signed request. - * - * @return AccessToken|null - * - * @throws \Facebook\Exceptions\FacebookSDKException - */ - public function getAccessToken() - { - if ($this->signedRequest && $this->signedRequest->hasOAuthData()) { - $code = $this->signedRequest->get('code'); - $accessToken = $this->signedRequest->get('oauth_token'); - - if ($code && !$accessToken) { - return $this->oAuth2Client->getAccessTokenFromCode($code); - } - - $expiresAt = $this->signedRequest->get('expires', 0); - - return new AccessToken($accessToken, $expiresAt); - } - - return null; - } - - /** - * Returns the SignedRequest entity. - * - * @return SignedRequest|null - */ - public function getSignedRequest() - { - return $this->signedRequest; - } - - /** - * Returns the user_id if available. - * - * @return string|null - */ - public function getUserId() - { - return $this->signedRequest ? $this->signedRequest->getUserId() : null; - } - - /** - * Get raw signed request from input. - * - * @return string|null - */ - abstract public function getRawSignedRequest(); - - /** - * Get raw signed request from POST input. - * - * @return string|null - */ - public function getRawSignedRequestFromPost() - { - if (isset($_POST['signed_request'])) { - return $_POST['signed_request']; - } - - return null; - } - - /** - * Get raw signed request from cookie set from the Javascript SDK. - * - * @return string|null - */ - public function getRawSignedRequestFromCookie() - { - if (isset($_COOKIE['fbsr_' . $this->app->getId()])) { - return $_COOKIE['fbsr_' . $this->app->getId()]; - } - - return null; - } -} -- cgit v1.2.3