API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 20th, 2012
32
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.56 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3.  
  4. // Uses code from ichimonai.com's Steam Community API
  5. // Uses code from compwhizii's Twitter auth for xenforo
  6.  
  7. class Dark_SteamLogin_ControllerPublic_Kyouko extends XFCP_Dark_SteamLogin_ControllerPublic_Kyouko {
  8.  
  9.  
  10. public function actionSteam(){
  11. $assocUserId = $this->_input->filterSingle('assoc', XenForo_Input::UINT);
  12. $redirect = $this->_input->filterSingle('redirect', XenForo_Input::STRING);
  13. a
  14. /** @var XenForo_Session */
  15. $session = XenForo_Application::get('session');
  16.  
  17. $callbackUri = XenForo_Link::buildPublicLink('canonical:register/steam', false, array(
  18. 'redirect' => $this->getDynamicRedirect()
  19. ));
  20.  
  21. if ($this->_input->filterSingle('reg', XenForo_Input::UINT))
  22. {
  23. return $this->responseRedirect(
  24. XenForo_ControllerResponse_Redirect::SUCCESS,
  25. $this->_genUrl($callbackUri, false)
  26. );
  27. }
  28.  
  29. $id = $this->_validate();
  30. if(empty($id))
  31. return $this->responseError('Invalid login. Is your Steam profile public?');
  32.  
  33. $session->set('steam_id', $id);
  34. $userModel = $this->_getUserModel();
  35. $userExternalModel = $this->_getUserExternalModel();
  36.  
  37. $assoc = $userExternalModel->getExternalAuthAssociation('steam', $id);
  38. if ($assoc && $userModel->getUserById($assoc['user_id']))
  39. {
  40. XenForo_Application::get('session')->changeUserId($assoc['user_id']);
  41. XenForo_Visitor::setup($assoc['user_id']);
  42.  
  43. return $this->responseRedirect(
  44. XenForo_ControllerResponse_Redirect::SUCCESS,
  45. $this->getDynamicRedirect(false, false)
  46. );
  47. }
  48.  
  49. $existingUser = false;
  50. if (XenForo_Visitor::getUserId())
  51. {
  52. $existingUser = XenForo_Visitor::getInstance();
  53. }
  54. else if ($assocUserId)
  55. {
  56. $existingUser = $userModel->getUserById($assocUserId);
  57. }
  58.  
  59. if ($existingUser)
  60. {
  61. return $this->responseView('XenForo_ViewPublic_Register_Twitter', 'register_twitter', array(
  62. 'associateOnly' => true,
  63.  
  64. 'existingUser' => $existingUser,
  65. 'redirect' => $redirect
  66. ));
  67. }
  68.  
  69. if (!XenForo_Application::get('options')->get('registrationSetup', 'enabled'))
  70. {
  71. $this->_assertRegistrationActive();
  72. }
  73.  
  74. $username = "";
  75.  
  76. $xml = simplexml_load_file("http://steamcommunity.com/profiles/{$id}/?xml=1");
  77. if(!empty($xml)){
  78. $username = $xml->steamID;
  79. }
  80.  
  81. // give a unique username suggestion
  82. $i = 2;
  83. $origName = $username;
  84. while ($userModel->getUserByName($username))
  85. {
  86. $username = $origName . ' ' . $i++;
  87. }
  88.  
  89. return $this->responseView('XenForo_ViewPublic_Register_Steam', 'dark_register_steam', array(
  90. 'username' => $username,
  91. 'redirect' => $redirect,
  92.  
  93. 'timeZones' => XenForo_Helper_TimeZone::getTimeZones(),
  94. 'tosUrl' => XenForo_Dependencies_Public::getTosUrl()
  95. ), $this->_getRegistrationContainerParams());
  96. }
  97.  
  98. public function actionSteamRegister(){
  99.  
  100. $this->_assertPostOnly();
  101.  
  102. /** @var XenForo_Session */
  103. $session = XenForo_Application::get('session');
  104.  
  105. if(!$session->get('steam_id')){
  106. return $this->responseError('Lost Steam ID');
  107. }
  108.  
  109. $id = $session->get('steam_id');
  110.  
  111. $xml = simplexml_load_file("http://steamcommunity.com/profiles/{$id}/?xml=1");
  112. if(!empty($xml)){
  113. $username = $xml->steamID;
  114. $avatar = $xml->avatarFull;
  115. }
  116.  
  117.  
  118.  
  119. $userModel = $this->_getUserModel();
  120. $userExternalModel = $this->_getUserExternalModel();
  121.  
  122. $doAssoc = ($this->_input->filterSingle('associate', XenForo_Input::STRING)
  123. || $this->_input->filterSingle('force_assoc', XenForo_Input::UINT)
  124. );
  125.  
  126. if ($doAssoc)
  127. {
  128. $associate = $this->_input->filter(array(
  129. 'associate_login' => XenForo_Input::STRING,
  130. 'associate_password' => XenForo_Input::STRING
  131. ));
  132.  
  133. $loginModel = $this->_getLoginModel();
  134.  
  135. if ($loginModel->requireLoginCaptcha($associate['associate_login']))
  136. {
  137. return $this->responseError(new XenForo_Phrase('your_account_has_temporarily_been_locked_due_to_failed_login_attempts'));
  138. }
  139.  
  140. $userId = $userModel->validateAuthentication($associate['associate_login'], $associate['associate_password'], $error);
  141. if (!$userId)
  142. {
  143. $loginModel->logLoginAttempt($associate['associate_login']);
  144. return $this->responseError($error);
  145. }
  146.  
  147. /** @var XenForo_DataWriter_User */
  148. $writer = XenForo_DataWriter::create('XenForo_DataWriter_User');
  149. $writer->setExistingData(array('user_id' => $userId));
  150. $writer->setIdentity('Steam', $id);
  151. $writer->save();
  152.  
  153. $userExternalModel->updateExternalAuthAssociation('steam', $id, $userId, false);
  154.  
  155. $session->changeUserId($userId);
  156. XenForo_Visitor::setup($userId);
  157.  
  158. return $this->responseRedirect(
  159. XenForo_ControllerResponse_Redirect::SUCCESS,
  160. $this->getDynamicRedirect(false, false)
  161. );
  162. }
  163.  
  164. $this->_assertRegistrationActive();
  165.  
  166. $data = $this->_input->filter(array(
  167. 'username' => XenForo_Input::STRING,
  168. 'timezone' => XenForo_Input::STRING,
  169. 'email' => XenForo_Input::STRING,
  170. 'gender' => XenForo_Input::STRING
  171. ));
  172.  
  173. if (XenForo_Dependencies_Public::getTosUrl() && !$this->_input->filterSingle('agree', XenForo_Input::UINT))
  174. {
  175. return $this->responseError(new XenForo_Phrase('you_must_agree_to_terms_of_service'));
  176. }
  177.  
  178. $options = XenForo_Application::get('options');
  179.  
  180. /** @var XenForo_DataWriter_User */
  181. $writer = XenForo_DataWriter::create('XenForo_DataWriter_User');
  182. $writer->bulkSet($data);
  183.  
  184. $auth = XenForo_Authentication_Abstract::create('XenForo_Authentication_NoPassword');
  185. $writer->set('scheme_class', $auth->getClassName());
  186. $writer->set('data', $auth->generate(''), 'xf_user_authenticate');
  187.  
  188. $writer->set('user_group_id', XenForo_Model_User::$defaultRegisteredGroupId);
  189. $writer->set('language_id', XenForo_Visitor::getInstance()->get('language_id'));
  190. $writer->advanceRegistrationUserState(false);
  191. $writer->setIdentity('Steam', $id);
  192.  
  193. $writer->preSave();
  194.  
  195. $writer->save();
  196. $user = $writer->getMergedData();
  197.  
  198. $userExternalModel->updateExternalAuthAssociation('steam', $id, $user['user_id'], false);
  199.  
  200. if(!empty($avatar)){
  201.  
  202. $avatarModel = $this->_getAvatarModel();
  203.  
  204. $httpClient = XenForo_Helper_Http::getClient(preg_replace('/\s+/', '%20', $avatar));
  205. $response = $httpClient->request('GET');
  206. if($response->isSuccessful()){
  207. $avatarFile = tempnam(XenForo_Helper_File::getTempDir(), 'xf');
  208. file_put_contents($avatarFile, $response->getBody());
  209. }
  210. $avatarModel->applyAvatar($user['user_id'], $avatarFile);
  211. }
  212.  
  213. $session->changeUserId($user['user_id']);
  214. XenForo_Visitor::setup($user['user_id']);
  215.  
  216. $redirect = $this->_input->filterSingle('redirect', XenForo_Input::STRING);
  217.  
  218. $viewParams = array(
  219. 'user' => $user,
  220. 'redirect' => ($redirect ? XenForo_Link::convertUriToAbsoluteUri($redirect) : ''),
  221. 'steam' => true
  222. );
  223.  
  224. return $this->responseView(
  225. 'XenForo_ViewPublic_Register_Process',
  226. 'register_process',
  227. $viewParams,
  228. $this->_getRegistrationContainerParams()
  229. );
  230. }
  231.  
  232. const STEAM_LOGIN = 'https://steamcommunity.com/openid/login';
  233.  
  234. protected function _genUrl($returnTo = false, $useAmp = true)
  235. {
  236. $returnTo = (!$returnTo) ? (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME'] : $returnTo;
  237.  
  238. $params = array(
  239. 'openid.ns' => 'http://specs.openid.net/auth/2.0',
  240. 'openid.mode' => 'checkid_setup',
  241. 'openid.return_to' => $returnTo,
  242. 'openid.realm' => (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'],
  243. 'openid.identity' => 'http://specs.openid.net/auth/2.0/identifier_select',
  244. 'openid.claimed_id' => 'http://specs.openid.net/auth/2.0/identifier_select',
  245. );
  246.  
  247. $sep = ($useAmp) ? '&amp;' : '&';
  248. return self::STEAM_LOGIN . '?' . http_build_query($params, '', $sep);
  249. }
  250.  
  251. protected function _validate(){
  252.  
  253. if(empty($_GET['openid_assoc_handle']))
  254. return false;
  255.  
  256. // Start off with some basic params
  257. $params = array(
  258. 'openid.assoc_handle' => $_GET['openid_assoc_handle'],
  259. 'openid.signed' => $_GET['openid_signed'],
  260. 'openid.sig' => $_GET['openid_sig'],
  261. 'openid.ns' => 'http://specs.openid.net/auth/2.0',
  262. );
  263.  
  264. // Get all the params that were sent back and resend them for validation
  265. $signed = explode(',', $_GET['openid_signed']);
  266. foreach($signed as $item)
  267. {
  268. $val = $_GET['openid_' . str_replace('.', '_', $item)];
  269. $params['openid.' . $item] = get_magic_quotes_gpc() ? stripslashes($val) : $val;
  270. }
  271.  
  272. // Finally, add the all important mode.
  273. $params['openid.mode'] = 'check_authentication';
  274.  
  275. // Stored to send a Content-Length header
  276. $data = http_build_query($params);
  277. $context = stream_context_create(array(
  278. 'http' => array(
  279. 'method' => 'POST',
  280. 'header' =>
  281. "Accept-language: en\r\n".
  282. "Content-type: application/x-www-form-urlencoded\r\n" .
  283. "Content-Length: " . strlen($data) . "\r\n",
  284. 'content' => $data,
  285. ),
  286. ));
  287.  
  288. $result = file_get_contents(self::STEAM_LOGIN, false, $context);
  289.  
  290. // Validate wheather it's true and if we have a good ID
  291. preg_match("#^http://steamcommunity.com/openid/id/([0-9]{17,25})#", $_GET['openid_claimed_id'], $matches);
  292. $steamID64 = is_numeric($matches[1]) ? $matches[1] : 0;
  293.  
  294. // Return our final value
  295. return preg_match("#is_valid\s*:\s*true#i", $result) == 1 ? $steamID64 : '';
  296. }
  297.  
  298.  
  299. /**
  300. * @return XenForo_Model_Avatar
  301. */
  302. protected function _getAvatarModel()
  303. {
  304. return $this->getModelFromCache('XenForo_Model_Avatar');
  305. }
  306. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!