1

我一直试图让 Opauth 以一种理智的方式将参数传递给 Yii-User。这是我正在使用的扩展 git repos:

Opauth(通过 Yii 框架模块)与来自官方 Opauth 存储库
Yii-User 模块存储库的更新库

在修改 Opauth 的回调控制器后,我从 Opauth 获得了正确的数组,直接在页面上显示了我的 Google 帐户信息。

这是回调控制器中的代码:



    class CallbackController extends Controller {

        public $defaultAction = 'callback';

            public function actionCallBack() {
                if ( $this->module->getConfig() ) {

                    /**
                     * Instantiate Opauth with the loaded config but no run automatically
                     * Only create Opauth if one is not already there
                     */
                    if (!$this->module->getOpauth()) {
                        $this->module->setOpauth (new Opauth($this->module->getConfig(), false));
                        $Opauth = $this->module->getOpauth();
                    } else {
                        $Opauth = $this->module->getOpauth();
                    }


                    /**
                     * Fetch auth response, based on transport configuration for callback
                     */
                    $response = null;

                    switch($Opauth->env['callback_transport']) {
                        case 'session':
                            session_start();
                            $response = $_SESSION['opauth'];
                            unset($_SESSION['opauth']);
                            break;
                        case 'post':
                            $response = unserialize(base64_decode( $_POST['opauth'] ));
                            break;
                        case 'get':
                            $response = unserialize(base64_decode( $_GET['opauth'] ));
                            break;
                        default:
                            echo 'Error: Unsupported callback_transport.'."
\n";
                            break;
                    }

                    /**
                     * Check if it's an error callback
                     */
                    if (array_key_exists('error', $response)) {
                        echo 'Authentication error:  Opauth returns error auth response.'."
\n";
                    }

                    /**
                     * Auth response validation
                     *
                     * To validate that the auth response received is unaltered, especially auth response that
                     * is sent through GET or POST.
                     */
                    else{
                        if (empty($response['auth']) || empty($response['timestamp']) || empty($response['signature']) || empty($response['auth']['provider']) || empty($response['auth']['uid'])) {
                            echo 'Invalid auth response: Missing key auth response components.'."
\n";
                        } elseif (!$Opauth->validate(sha1(print_r($response['auth'], true)), $response['timestamp'], $response['signature'], $reason)) {
                            echo 'Invalid auth response: '.$reason.".
\n";
                        } else {
                            echo 'OK: Auth response is validated.'."
\n";

                            /**
                             * It's all good. Go ahead with your application-specific authentication logic
                             */
                            $Opauth->response = $response;
                            Yii::app()->getModule('opauth')->setOpauth($Opauth);
                            $this->redirect(Yii::app()->getModule('user')->returnUrl);
                        }
                    }
                } else {
                    echo 'No configuration loaded!';
                }
            }

        }

我已经尝试直接保存对模块的响应(显示在控制器的末尾),但这不起作用——我认为模块类在每次运行时都会创建。我不确定如何将响应直接移动到 yii-user 模块中。

编辑:我在回调控制器中尝试这样的事情:




$identity = new UserIdentity($response);
if ($identity->authenticate()) {
     Yii::app()->user->login($identity);
     $this->redirect('/');
} else {
     $this->redirect(Yii::app()->getModule('user')->returnUrl);
}

对于 $identity->authenticate(),我有这个:



    public function authenticate()
        {
            if (strpos($this->username,"@")) {
                $user=User::model()->notsafe()->findByAttributes(array('email'=>$this->username));
            } else {
                $user=User::model()->notsafe()->findByAttributes(array('username'=>$this->username));
            }
            if($user===null)
                if (strpos($this->username,"@")) {
                    $this->errorCode=self::ERROR_EMAIL_INVALID;
                } else {
                    $this->errorCode=self::ERROR_USERNAME_INVALID;
                }
            //else if(Yii::app()->getModule('user')->encrypting($this->password)!==$user->password)
            //  $this->errorCode=self::ERROR_PASSWORD_INVALID;
            else if($user->status==0&&Yii::app()->getModule('user')->loginNotActiv==false)
                $this->errorCode=self::ERROR_STATUS_NOTACTIV;
            else if($user->status==-1)
                $this->errorCode=self::ERROR_STATUS_BAN;
            else {
                $this->_id=$user->id;
                $this->username=$user->username;
                $this->errorCode=self::ERROR_NONE;
            }
            return !$this->errorCode;
        }
4

1 回答 1

1

这是我为使这部分工作所做的工作:

$identity = new UserIdentity($response);
$identity->authenticate();

switch($identity->errorCode) {
    case $identity::ERROR_NONE:
        Yii::app()->user->login($identity);
        $this->redirect(array("page_after_login"));
        break;
     case $identity::ERROR_USERNAME_INVALID:
        $this->redirect(Yii::app()->user->registrationUrl);
        break;
     default:
        throw new CException ($identity->errorCode);
}
于 2013-01-22T00:37:13.093 回答