ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
Facebook.php
Go to the documentation of this file.
1 <?php
2 
3 require_once(dirname(dirname(__FILE__)) . '/extlibinc/base_facebook.php');
4 
9 class sspmod_authfacebook_Facebook extends BaseFacebook
10 {
11  const FBSS_COOKIE_NAME = 'fbss';
12 
13  // We can set this to a high number because the main session
14  // expiration will trump this
15  const FBSS_COOKIE_EXPIRE = 31556926; // 1 year
16 
17  // Stores the shared session ID if one is set
18  protected $sharedSessionID;
19 
20  // SimpleSAMLphp state array
21  protected $ssp_state;
22 
35  public function __construct(array $config, &$ssp_state) {
36  $this->ssp_state = &$ssp_state;
37 
38  parent::__construct($config);
39  if (!empty($config['sharedSession'])) {
40  $this->initSharedSession();
41  }
42  }
43 
44  protected static $kSupportedKeys =
45  array('state', 'code', 'access_token', 'user_id');
46 
47  protected function initSharedSession() {
48  $cookie_name = $this->getSharedSessionCookieName();
49  if (isset($_COOKIE[$cookie_name])) {
50  $data = $this->parseSignedRequest($_COOKIE[$cookie_name]);
51  if ($data && !empty($data['domain']) &&
52  self::isAllowedDomain($this->getHttpHost(), $data['domain'])) {
53  // good case
54  $this->sharedSessionID = $data['id'];
55  return;
56  }
57  // ignoring potentially unreachable data
58  }
59  // evil/corrupt/missing case
60  $base_domain = $this->getBaseDomain();
61  $this->sharedSessionID = md5(uniqid(mt_rand(), true));
62  $cookie_value = $this->makeSignedRequest(
63  array(
64  'domain' => $base_domain,
65  'id' => $this->sharedSessionID,
66  )
67  );
68  $_COOKIE[$cookie_name] = $cookie_value;
69  if (!headers_sent()) {
70  $expire = time() + self::FBSS_COOKIE_EXPIRE;
71  setcookie($cookie_name, $cookie_value, $expire, '/', '.'.$base_domain);
72  } else {
73  // @codeCoverageIgnoreStart
74  SimpleSAML\Logger::debug(
75  'Shared session ID cookie could not be set! You must ensure you '.
76  'create the Facebook instance before headers have been sent. This '.
77  'will cause authentication issues after the first request.'
78  );
79  // @codeCoverageIgnoreEnd
80  }
81  }
82 
89  protected function setPersistentData($key, $value) {
90  if (!in_array($key, self::$kSupportedKeys)) {
91  SimpleSAML\Logger::debug("Unsupported key passed to setPersistentData: " . var_export($key, TRUE));
92  return;
93  }
94 
95  $session_var_name = $this->constructSessionVariableName($key);
96  $this->ssp_state[$session_var_name] = $value;
97  }
98 
99  protected function getPersistentData($key, $default = false) {
100  if (!in_array($key, self::$kSupportedKeys)) {
101  SimpleSAML\Logger::debug("Unsupported key passed to getPersistentData: " . var_export($key, TRUE));
102  return $default;
103  }
104 
105  $session_var_name = $this->constructSessionVariableName($key);
106  return isset($this->ssp_state[$session_var_name]) ?
107  $this->ssp_state[$session_var_name] : $default;
108  }
109 
110  protected function clearPersistentData($key) {
111  if (!in_array($key, self::$kSupportedKeys)) {
112  SimpleSAML\Logger::debug("Unsupported key passed to clearPersistentData: " . var_export($key, TRUE));
113  return;
114  }
115 
116  $session_var_name = $this->constructSessionVariableName($key);
117  if (isset($this->ssp_state[$session_var_name])) {
118  unset($this->ssp_state[$session_var_name]);
119  }
120  }
121 
122  protected function clearAllPersistentData() {
123  foreach (self::$kSupportedKeys as $key) {
124  $this->clearPersistentData($key);
125  }
126  if ($this->sharedSessionID) {
127  $this->deleteSharedSessionCookie();
128  }
129  }
130 
131  protected function deleteSharedSessionCookie() {
132  $cookie_name = $this->getSharedSessionCookieName();
133  unset($_COOKIE[$cookie_name]);
134  $base_domain = $this->getBaseDomain();
135  setcookie($cookie_name, '', 1, '/', '.'.$base_domain);
136  }
137 
138  protected function getSharedSessionCookieName() {
139  return self::FBSS_COOKIE_NAME . '_' . $this->getAppId();
140  }
141 
142  protected function constructSessionVariableName($key) {
143  $parts = array('authfacebook:authdata:fb', $this->getAppId(), $key);
144  if ($this->sharedSessionID) {
145  array_unshift($parts, $this->sharedSessionID);
146  }
147  return implode('_', $parts);
148  }
149 
150  protected function establishCSRFTokenState() {
151  if ($this->state === null) {
152  $this->state = SimpleSAML_Auth_State::getStateId($this->ssp_state);
153  $this->setPersistentData('state', $this->state);
154  }
155  }
156 }
$expire
$expire
Definition: saml2-acs.php:140
SimpleSAML_Auth_State\getStateId
static getStateId(&$state, $rawId=false)
Retrieve the ID of a state array.
Definition: State.php:145
BaseFacebook\getBaseDomain
getBaseDomain()
Get the base domain used for the cookie.
Definition: base_facebook.php:1171
$_COOKIE
$_COOKIE['client_id']
Definition: server.php:9
sspmod_authfacebook_Facebook\establishCSRFTokenState
establishCSRFTokenState()
Definition: Facebook.php:150
sspmod_authfacebook_Facebook\__construct
__construct(array $config, &$ssp_state)
Identical to the parent constructor, except that we start a PHP session to store the user ID and acce...
Definition: Facebook.php:35
sspmod_authfacebook_Facebook
Extends the BaseFacebook class with the intent of using PHP sessions to store user ids and access tok...
Definition: Facebook.php:9
SimpleSAML\Logger\debug
static debug($string)
Definition: Logger.php:213
sspmod_authfacebook_Facebook\$kSupportedKeys
static $kSupportedKeys
Definition: Facebook.php:44
sspmod_authfacebook_Facebook\setPersistentData
setPersistentData($key, $value)
Provides the implementations of the inherited abstract methods.
Definition: Facebook.php:89
sspmod_authfacebook_Facebook\initSharedSession
initSharedSession()
Definition: Facebook.php:47
sspmod_authfacebook_Facebook\getSharedSessionCookieName
getSharedSessionCookieName()
Definition: Facebook.php:138
sspmod_authfacebook_Facebook\FBSS_COOKIE_EXPIRE
const FBSS_COOKIE_EXPIRE
Definition: Facebook.php:15
sspmod_authfacebook_Facebook\constructSessionVariableName
constructSessionVariableName($key)
Definition: Facebook.php:142
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
sspmod_authfacebook_Facebook\getPersistentData
getPersistentData($key, $default=false)
Definition: Facebook.php:99
BaseFacebook\parseSignedRequest
parseSignedRequest($signed_request)
Parses a signed_request and validates the signature.
Definition: base_facebook.php:996
sspmod_authfacebook_Facebook\clearPersistentData
clearPersistentData($key)
Definition: Facebook.php:110
sspmod_authfacebook_Facebook\FBSS_COOKIE_NAME
const FBSS_COOKIE_NAME
Definition: Facebook.php:11
sspmod_authfacebook_Facebook\$ssp_state
$ssp_state
Definition: Facebook.php:21
BaseFacebook\getAppId
getAppId()
Get the Application ID.
Definition: base_facebook.php:256
time
Add data(end) time
Method that wraps PHPs time in order to allow simulations with the workflow.
Definition: 40duplicateStyle.php:39
sspmod_authfacebook_Facebook\deleteSharedSessionCookie
deleteSharedSessionCookie()
Definition: Facebook.php:131
$key
$key
Definition: croninfo.php:18
sspmod_authfacebook_Facebook\clearAllPersistentData
clearAllPersistentData()
Definition: Facebook.php:122
BaseFacebook
Provides access to the Facebook Platform.
Definition: base_facebook.php:118
sspmod_authfacebook_Facebook\$sharedSessionID
$sharedSessionID
Definition: Facebook.php:18
BaseFacebook\makeSignedRequest
makeSignedRequest($data)
Makes a signed_request blob using the given data.
Definition: base_facebook.php:1026