facebookdeauthorize.php 4.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144
  1. <?php
  2. /**
  3. * StatusNet - the distributed open-source microblogging tool
  4. * Copyright (C) 2010-2011, StatusNet, Inc.
  5. *
  6. * An action that handles deauthorize callbacks from Facebook
  7. *
  8. * PHP version 5
  9. *
  10. * This program is free software: you can redistribute it and/or modify
  11. * it under the terms of the GNU Affero General Public License as published by
  12. * the Free Software Foundation, either version 3 of the License, or
  13. * (at your option) any later version.
  14. *
  15. * This program is distributed in the hope that it will be useful,
  16. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  18. * GNU Affero General Public License for more details.
  19. *
  20. * You should have received a copy of the GNU Affero General Public License
  21. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  22. *
  23. * @category Plugin
  24. * @package StatusNet
  25. * @author Zach Copley <zach@status.net>
  26. * @copyright 2010-2011 StatusNet, Inc.
  27. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
  28. * @link http://status.net/
  29. */
  30. if (!defined('STATUSNET')) {
  31. exit(1);
  32. }
  33. /*
  34. * Action class for handling deauthorize callbacks from Facebook. If the user
  35. * doesn't have a password let her know she'll need to contact the site
  36. * admin to get back into her account (if possible).
  37. */
  38. class FacebookdeauthorizeAction extends Action
  39. {
  40. private $facebook;
  41. /**
  42. * For initializing members of the class.
  43. *
  44. * @param array $args misc. arguments
  45. *
  46. * @return boolean true
  47. */
  48. function prepare($args)
  49. {
  50. $this->facebook = Facebookclient::getFacebook();
  51. return true;
  52. }
  53. /**
  54. * Handler method
  55. *
  56. * @param array $args is ignored since it's now passed in in prepare()
  57. */
  58. function handle($args)
  59. {
  60. parent::handle($args);
  61. $data = $this->facebook->getSignedRequest();
  62. if (isset($data['user_id'])) {
  63. $fbuid = $data['user_id'];
  64. $flink = Foreign_link::getByForeignID($fbuid, FACEBOOK_SERVICE);
  65. $user = $flink->getUser();
  66. // Remove the link to Facebook
  67. $result = $flink->delete();
  68. if (!$result) {
  69. common_log_db_error($flink, 'DELETE', __FILE__);
  70. common_log(
  71. LOG_WARNING,
  72. sprintf(
  73. 'Unable to delete Facebook foreign link '
  74. . 'for %s (%d), fbuid %d',
  75. $user->nickname,
  76. $user->id,
  77. $fbuid
  78. ),
  79. __FILE__
  80. );
  81. return;
  82. }
  83. common_log(
  84. LOG_INFO,
  85. sprintf(
  86. 'Facebook callback: %s (%d), fbuid %d has deauthorized '
  87. . 'the Facebook application.',
  88. $user->nickname,
  89. $user->id,
  90. $fbuid
  91. ),
  92. __FILE__
  93. );
  94. // Warn the user about being locked out of their account
  95. // if we can.
  96. if (empty($user->password) && !empty($user->email)) {
  97. Facebookclient::emailWarn($user);
  98. } else {
  99. common_log(
  100. LOG_WARNING,
  101. sprintf(
  102. '%s (%d), fbuid %d has deauthorized his/her Facebook '
  103. . 'connection but hasn\'t set a password so s/he '
  104. . 'is locked out.',
  105. $user->nickname,
  106. $user->id,
  107. $fbuid
  108. ),
  109. __FILE__
  110. );
  111. }
  112. } else {
  113. if (!empty($data)) {
  114. common_log(
  115. LOG_WARNING,
  116. sprintf(
  117. 'Facebook called the deauthorize callback '
  118. . ' but didn\'t provide a user ID.'
  119. ),
  120. __FILE__
  121. );
  122. } else {
  123. // It probably wasn't Facebook that hit this action,
  124. // so redirect to the public timeline
  125. common_redirect(common_local_url('public'), 303);
  126. }
  127. }
  128. }
  129. }