philsturgeon / fuel-ninjauth Goto Github PK

LONG DEAD EXPERIMENT

PHP 100.00%

fuel-ninjauth's Introduction

NinjAuth

Use the OAuth and OAuth2 packages to authenticate users with an array of third-party services in a totally integrated and abstracted fashion. Users can currently be managed by SimpleAuth or Sentry.

Implementation requires only one controller and one database table (two if you count users).

The name "NinjAuth" comes from the company behind the project: HappyNinjas.

Supported Strategies

OAuth
OAuth2
OpenID (by krtek4)

TODO

XAuth - anyone?
More flexible registration (view files as properties, or config options)

Installation

# Create users if this table does not exist already
$ oil g migration create_users username:varchar[50] password:string group:int email:string last_login:integer login_hash:string profile_fields:text created_at:int
$ oil refine migrate

# Run migrations in the package to create "authentications" table
$ oil refine migrate --packages=ninjauth

-NOTE: For Fuel v1.3+, add or uncomment the PKGPATH to the 'package_paths' variable in fuel/app/config/config.php

Upgrade

Just the usual submodule update, and when you're done run:

$ oil refine migrate --packages=ninjauth

Usage Example

Controller

http://example.com/auth/session/facebook

class Controller_Auth extends \NinjAuth\Controller {
	public static $linked_redirect = '/auth/linked';
	public static $login_redirect = '/';
	public static $register_redirect = '/auth/register';
	public static $registered_redirect = '/auth/registered';

	/*
	*	Example registered action for SimpleAuth (Should work with others)
	*
	*/
	public function action_registered(){

		$auth = Auth::instance();
		$user_id = Session::get_flash('ninjauth.user_id');

		if(isset($user_id)){
			Auth::instance()->force_login($user_id);
			return Response::redirect('/dashboard');
		}

		return $this->response;
	}
}

Configuration

'somewhere' => array(
	'id' => '9cd980e0d883ERG42974b6cd78175135',
	'secret' => '19d874DW43534SDFfce025d9bba4423452',
	
	// Specify a specific callback
	'callback' => 'http://example.com/foo/bar',
),

'google' => array(
	'key' => 'yourkey',
	'secret' => 'yoursecret',
	
	// Provide a string or array for the API scope
	'scope' => array('https://www.google.com/analytics/feeds', 'https://www.google.com/m8/feeds'),
	
	// Google supports OAuth and OAuth2. Pick a specific
	'strategy' => 'OAuth',
),

Service authentication setup links

fuel-ninjauth's People

Contributors

Stargazers

Watchers

Forkers

sidealice tomschlick carswellgould dahabit emptyarray ka2n subliminal kusoayan huglester daniel15 mbbender fform zerojarvis iturgeon ronan-gloo fuel-packages kshtzsharma48 ranlt vlabots

fuel-ninjauth's Issues

Ninjauth and vk.com - Required option not passed: access_token

Hi.
Facebook/google/twitter authentication works fine.

But when I try to configure authentication via russian socnetwork vk.com, I get broken $options array and an error:

OAuth2\Exception [ Error ]: Required option not passed: access_token Array ( [{"access_token":"54346afb097c25dsd459c36029ae59f299d654349c259c360fd49554c4f985175f3a0d11","expires_in":86400,"user_id":17234230490}] => )
PKGPATH/oauth2/classes/token/access.php @ line 50

I use this provider class:
https://github.com/Maxlab/fuelphp/blob/master/fuel/packages/oauth2/classes/provider/vkontakte.php

I will be grateful for any help.

Youtube Api

Hi, a problem occurs when I try to run auth youtube.

ErrorException [ Error ]: Class 'OAuth2\Provider_Youtube' not found
PKGPATH/oauth2/classes/provider.php @ line 29

24 * @return OAuth_Provider
25 /
26 public static function forge($name, array $options = null)
27 {
28 $class = 'OAuth2\Provider'.\Inflector::classify($name);
29 return new $class($options);
30 }
31
32 /_*
33 * @var string provider name
34 */

Failed authentication insert because user_hash credentials are null

Hi, inserting an authentication fails because the credentials are missing.

In controller.php:

Model_Authentication::forge(array(
'user_id' => $user_id,
'provider' => $user_hash['credentials']['provider'],
'uid' => $user_hash['credentials']['uid'],
'token' => $user_hash['credentials']['token'],
'secret' => $user_hash['credentials']['secret'],
'created_at' => time(),
))->save();

However, $user_hash doesn't have a key named 'credentials.' What is supposed to be setting it? Consequently, the insert fails with error:

Fuel\Core\Database_Exception [ Error ]: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'provider' cannot be null with query: "INSERT INTO authentications ...

Is this an issue, or am I doing something leading to the credentials not being set? Thanks.

twitter api

Hi, a problem occurs when I try to run auth twitter.

ErrorException [ Error ]: Class 'OAuth\Fuel' not found
PKGPATH/oauth/classes/request.php @ line 477

472 {
473 // Use the request default timeout
474 $options[CURLOPT_CONNECTTIMEOUT] = $this->timeout;
475 }
476
477 if (Fuel::$env === Fuel::DEVELOPMENT)
478 {
479 $options[CURLOPT_SSL_VERIFYPEER] = false;
480 }
481
482 if ($this->send_header)

Duplicate authentication records

If the user logs in while already logged in it creates a duplicate authentication record. I believe the problem is in the Strategy::login_or_register function, where it checks for a logged in user but does not check if the user has already linked the provider to their account.

multiple authentication records can be associated with one user.

Multiple records are created in the authentications table for the same account/provider if sessions are destroyed.

I now have multiple authentications records for my one an only twitter account.

should there be some kind of cleanup before creating a new authentication record?

Stable release

The latest commit is broken (db3a522).

But it took me a long time to figure it out. Could we please have stable downloads so that users coming in knowing nothing about the project can install and go?

simpleauth adapter wont log in a new user

i'm using ninjauth on a project which uses simpleauth and facebook login, but when the user tries to register using the info from facebook the adapter wont log him in.

I fixed this adding @ line 51 on ninjauth/classes/adapter/simpleauth.php the following code:

if(isset($user_id))
{
    Auth::login($user['username'] , $user['password']);
}

now the user is properly logged uppon a new registration

SimpleUserUpdateException: Username, password and email address can't be empty after logging in with Facebook

I get the following after logging in with Facebook:

Auth\SimpleUserUpdateException [ Error ]: Username, password and email address can't be empty.

$authentication->user_id

force_login() using only the user_id does not work, as the force_login() method of SimpleAuth only accepts the username or email, and not the user_id.

PDO compatibility

It would be nice to mak ninjauth pdo compatible.

Fuel\Core\FuelException [ Error ]: Listing columns failed, you have to set the model properties with a
static $_properties setting in the model. Original exception: Database method
Fuel\Core\Database_PDO_Connection::list_columns is not supported by Fuel\Core\Database_PDO_Connection

'NinjAuth\Adapter_' not found

This error is being given when you access auth/session/{provider} in the controller.

Error if user hits Cancel at Facebook/Google auth page

We've been using NinjAuth alongside local auth successfully for a few weeks and it's worked correctly for FB, Twitter, Google. We just noticed that if an unauthenticated user starts the oauth dialog (i.e. clicks Facebook button) but clicks Cancel on the Facebook auth landing page, Facebook redirects back to our callback URL. That's correct behavior, but NinjAuth errors out in a big way because it's expecting a 'code' parameter (presumably from a successful auth). In other words, NinjAuth apparently doesn't handle the case where the user starts to auth and then cancels. We're running the most recent releases of ninjauth and oauth2 to date. This same problem occurs when attempting to auth Google.

Error page gives these details:

OAuth2\Exception [ Error ]: Required option not passed: access_token Array ( )
PKGPATH/oauth2/classes/token/access.php @ line 50

Backtrace:
PKGPATH/oauth2/classes/token.php @ line 28
PKGPATH/oauth2/classes/provider.php @ line 249
PKGPATH/ninjauth/classes/strategy/oauth2.php @ line 31
PKGPATH/ninjauth/classes/strategy.php @ line 86
PKGPATH/ninjauth/classes/controller.php @ line 46
COREPATH/classes/request.php @ line 442
DOCROOT/index.php @ line 43

Prior Nonfatal Errors:
Warning: file_get_contents(https://graph.facebook.com/oauth/access_token?client_id=347451178647181&client_secret=[snip]&grant_type=authorization_code&redirect_uri=http%3A%2F%[snip]%2Fauth%2Fcallback%2Ffacebook): failed to open stream: HTTP request failed! HTTP/1.0 400 Bad Request in PKGPATH/oauth2/classes/provider.php @ line 187

SimpleAuth adapter broken?

I got this error while trying to set up Ninjauth:

ErrorException [ Error ]: Class NinjAuth\Adapter_SimpleAuth contains 1 abstract method and must therefore be declared abstract or implement the remaining methods (NinjAuth\Adapter::can_auto_login)

Additionally the default config uses "auth" as the adapter name, when it should be "SimpleAuth".

Google access_token has an expired_in (seconds)

Based from http://code.google.com/apis/accounts/docs/OAuth2Login.html#validatingtoken documentation it seem that Google will modify end user access token once it reach expired timestamp making it useless to authenticate user using Model_Authentication::find_by_token_and_secret().

Authentication record is not updated if token and secret are updated - Twitter

If we revoke the app, and later on we try to sign in and re-authenticate, the callback will not detect that the user access token and secret where changed, and my app ends up making api calls with bad token and secret.