From 9d7111eb41c77083bff3842e895000d8e4028827 Mon Sep 17 00:00:00 2001 From: Patrick Davison Date: Mon, 3 Jun 2013 02:02:15 -0700 Subject: Yahoo gone full-retard patch. --- includes/HybridAuth/HybridAuthConfig.php | 4 +++- pages/login.php | 22 +++++++++++++++++++--- 2 files changed, 22 insertions(+), 4 deletions(-) diff --git a/includes/HybridAuth/HybridAuthConfig.php b/includes/HybridAuth/HybridAuthConfig.php index 4c2891e..0d7841e 100644 --- a/includes/HybridAuth/HybridAuthConfig.php +++ b/includes/HybridAuth/HybridAuthConfig.php @@ -22,9 +22,11 @@ return // "enabled" => true // ), // +// Application created w/ snapathery // "Yahoo" => array ( // "enabled" => true, -// "keys" => array ( "id" => "", "secret" => "" ), +// "keys" => array ( "id" => "AmY0iX7c", "key" => "dj0yJmk9Qk80WHJWMElhYnBVJmQ9WVdrOVFXMVpNR2xZTjJNbWNHbzlOelE0TlRRd056WXkmcz1jb25zdW1lcnNlY3JldCZ4PTc5", "secret" => "84e7d394c6faec3740b7081930eda1794aa6afe6" ), +// "scope" => "email" // ), // // "AOL" => array ( diff --git a/pages/login.php b/pages/login.php index 5bb1d64..d277cb7 100644 --- a/pages/login.php +++ b/pages/login.php @@ -20,8 +20,8 @@ include_once('./includes/HybridAuth/Auth.php'); $hybrid_config_file = 'includes/HybridAuth/HybridAuthConfig.php'; try { - //Use OpenID for Google/Yahoo - if (!$_GET['op'] || $_GET['op'] == 'google' || $_GET['op'] == 'yahoo' || $_GET['op'] == 'steam') { + //OpenID Method + if (!$_GET['op'] || $_GET['op'] == 'google' || $_GET['op'] == 'steam' || $_GET['op'] == 'yahoo') { $openid = new LightOpenID; //Require Email, and first name. @@ -54,6 +54,10 @@ try { $email = $openIdAttributes['contact/email']; $claimedid = $openid->__get('identity'); + if ($claimedid == "https://open.login.yahooapis.com/openid20/user_profile/xrds") { + die(throwLoginError($openIdAttributes, "Yahoo went full retard, and didn't send any way for me to identify you...")); + } + if ($email == '') { $openIdAttributes['op'] = $_GET['op']; die(throwLoginError($openIdAttributes, "No email provided by OpenID provider - please try a different provider")); @@ -86,11 +90,23 @@ try { //TODO: This will always fail for Twitter - we need to reconsider our needs... if($email == '') { - $userProfile['op'] = $_GET['op']; //TODO This isn't valid, whoops - but, plan on deleting anyways... + //$userProfile['op'] = $_GET['op']; //TODO This isn't valid, whoops - but, plan on deleting anyways... die(throwLoginError($userProfile, "No email provided by {$authenticator->id} - please try a different provider")); } createNewUser($claimedid, $display, $email); return; + + //HybridAuth's OpenID Method +// } else if ($_GET['op'] == 'yahoo') { +// $config = array( +// "base_url" => $mydomain . "HybridAuth/", +// "providers" => array ( "OpenID" => array ( "enabled" => true ) ) +// ); +// $ha = new Hybrid_Auth( $config ); +// +// // Authenticate with Yahoo! then grab the user profile +// $adapter = $ha->authenticate( "OpenID", array( "openid_identifier" => "https://me.yahoo.com/")); +// $user_profile = $adapter->getUserProfile(); } //Unknown provider -- cgit v1.2.3