I have been playing with JWT Tokens lately, using Firebase\JWT and Satelizer.
I have been trying to integrate with laravel-angular project I have been working on.
Here is the sample code from Satelizers.io for facebook login: (https://github.com/sahat/satellizer/blob/master/examples/server/php/app/Http/Controllers/AuthController.php)
/**
* Login with Facebook.
*/
public function facebook(Request $request)
{
$client = new GuzzleHttp\Client();
$params = [
'code' => $request->input('code'),
'client_id' => $request->input('clientId'),
'redirect_uri' => $request->input('redirectUri'),
'client_secret' => Config::get('app.facebook_secret')
];
// Step 1. Exchange authorization code for access token.
$accessTokenResponse = $client->request('GET', 'https://graph.facebook.com/v2.5/oauth/access_token', [
'query' => $params
]);
$accessToken = json_decode($accessTokenResponse->getBody(), true);
// Step 2. Retrieve profile information about the current user.
$fields = 'id,email,first_name,last_name,link,name';
$profileResponse = $client->request('GET', 'https://graph.facebook.com/v2.5/me', [
'query' => [
'access_token' => $accessToken['access_token'],
'fields' => $fields
]
]);
$profile = json_decode($profileResponse->getBody(), true);
// Step 3a. If user is already signed in then link accounts.
if ($request->header('Authorization'))
{
$user = User::where('facebook', '=', $profile['id']);
if ($user->first())
{
return response()->json(['message' => 'There is already a Facebook account that belongs to you'], 409);
}
$token = explode(' ', $request->header('Authorization'))[1];
$payload = (array) JWT::decode($token, Config::get('app.token_secret'), array('HS256')); // STUCK HERE
$user = User::find($payload['sub']);
$user->facebook = $profile['id'];
$user->email = $user->email ?: $profile['email'];
$user->displayName = $user->displayName ?: $profile['name'];
$user->save();
return response()->json(['token' => $this->createToken($user)]);
}
// Step 3b. Create a new user account or return an existing one.
else
{
$user = User::where('facebook', '=', $profile['id']);
if ($user->first())
{
return response()->json(['token' => $this->createToken($user->first())]);
}
$user = new User;
$user->facebook = $profile['id'];
$user->email = $profile['email'];
$user->displayName = $profile['name'];
$user->save();
return response()->json(['token' => $this->createToken($user)]);
}
}
I am able to get the Facebook profile inforamtion, but I keep getting stuck on this line:
$payload = (array) JWT::decode($token, Config::get('app.token_secret'), array('HS256')); // STUCK HERE
It is throwing a 'Wrong number of segments' error when trying to read the taken set by satelizer.
I have inspected the token and it does not follow the typical JWT format. (there are no 'dots' in the token)
Has anyone expereinced this before? How do I go about solving this issue?
Thanks,
Matt
Related
I have an edit form where it shows users, sub-users and I need to make my update method the way that it can update existed sub-users as well as add new ones.
Logic
User can have a maximum of 5 sub-users
Let's assume my user already have 2 sub-users s/he can add up to 3 more
I want to be able to update those 2 that are existed already
I want to be able to add those 3 new sub-users
Code
Here is what I have currently. Code is commented for better understanding
public function subUsersUpdate(Request $request, $id) {
$will = Will::where('id', $id)->where('user_id', Auth::id())->first();
// main user
$user = User::where('id', $will->user_id)->first();
// making custom emails for new users like (admin1#example.com)
// admin is email name of main user, originally (admin#gmail.com)
// 1~5 are added to names (separate those 5 sub-users)
// example.com is website domain
$userMail = substr($user->email, 0, strpos($user->email, '#'));
$websiteName = env('DOMAIN_NAME');
// here is what I get from edit form including 2 existed sub-users and 3 new sub-users
foreach($request->input('subs') as $index => $sub) {
// trying to separate existed sub-users from new ones
$existedUser = User::where('name', $sub)->where('user_id', $user->id)->first();
if($existedUser) {
// if already existed just update the name
$existedUser->update(['name' => $sub]);
} else {
// if new add them as new sub-user
$num = $index+1;
$password = str_random(15);
User::create([
'name' => $sub,
'email' => $userMail . $num ."#" . $websiteName,
'password' => Hash::make($password),
'user_id' => $user->id,
]);
}
}
return redirect()->back();
}
Error
SQLSTATE[23000]: Integrity constraint violation: 1062 Duplicate entry 'admin4#example.com' for key 'users_email_unique'
It appears that my code works in order to separate old and new sub-users but the problem is it makes the same email for new-users as old ones based on $num provided in my foreach. I need somehow avoid that duplication.
Any suggestion?
Update
What I did
I've added hidden input in my form which has sub-user email as value (if user existed) and if user is newly added it is null.
Then I merged those emails array and names array into one
Finally I've validate if the email field is null or not in order to update or create new sub-user.
Issue
Issue is name of all sub-users will be same as last input (sub-user 5), regardless of user being newly created or updated all 5 get same name!
public function subUsersUpdate(Request $request, $id) {
$will = Will::where('id', $id)->where('user_id', Auth::id())->first();
$user = User::where('id', $will->user_id)->first();
$userMail = substr($user->email, 0, strpos($user->email, '#'));
$websiteName = env('DOMAIN_NAME');
//Changed part
$mails = $request->input('mails');
$names = $request->input('subs');
// created array of data
$finalInputs = [];
foreach($mails as $index => $mmm) {
foreach($names as $index2 => $nnn) {
$finalInputs[$index] = ['email' => $mmm, 'name' => $nnn];
}
}
foreach($finalInputs as $index => $sub) {
if(!empty($sub['email'])) {
$existedUser = User::where('email', $sub['email'])->where('user_id', $user->id)->first();
$existedUser->update(['name' => $sub['name']]);
// $userMail2 = substr($sub['email'], 0, strpos($sub['email'], '#'));
} else {
if($sub['name'] != null) {
$num = $index+1;
$password = str_random(15);
User::create([
'name' => $sub['name'],
'email' => $userMail . $num ."#" . $websiteName,
'password' => Hash::make($password),
'user_id' => $user->id,
]);
}
}
}
// end of changed parts
}
Using updateOrCreate()
updateOrCreate() can handle conditional updating or creating of records for you.
This could be what you are asking, hope you get the idea:
foreach($finalInputs as $index => $sub) {
$pwHash = Hash::make( str_random(15) );
$num = $index+1;
$search = [
'user_id' => $user->id,
'email' => $userMail . $num ."#" . $websiteName,
];
$update = [
'name' => $sub['name'],
];
// Only add 'password' for new users
if (empty($sub['email']))) {
$update['password'] = $pwHash;
}
User::updateOrCreate(
$search,
$update
);
}
This will update or create users with the given email address and user-id and create if they don't exist. I don't know how your form works in detail, but I think you can adjust to your exact use-case.
I have a strange problem which I cannot figure out. I am using Laravel Socialite to allow login with Facebook account, there is a lot of users complaining that the profile image displayed on their account is incorrect, however the name etc is all fine.
It makes no sense to me as the name and the profile pic are pulled directly from FB at the same time.
public function socialUser(ProviderUser $providerUser)
{
$account = SocialFacebookAccount::whereProvider('facebook')->whereProviderUserId($providerUser->getId())->first();
if ($account) {
return $account->user;
} else {
$account = new SocialFacebookAccount([
'provider_user_id' => $providerUser->getId(),
'provider' => 'facebook'
]);
$user = User::whereEmail( $providerUser->getId() )->first(); // changed from getEmail to getId as FB doesnt always give an email
if (!$user) {
$profilePicName = md5(rand(1,10000)) . ".jpg";
$contents = file_get_contents( $providerUser->avatar_original );
Storage::disk('local')->put( 'profiles/' . $profilePicName, $contents );
$user = User::create([
'email' => $providerUser->getEmail(),
'name' => $providerUser->getName(),
'profile_path' => $profilePicName
]);
}
$account->user()->associate($user);
$account->save();
return $user;
}
}
Instead of using md5, you can use the UUID generator. One of the reasons for this problem because md5 generates the same hash for the same input. for instance, when you pass md5(111) it'll generate 698d51a19d8a121ce581499d7b701668. so if for a different user you generate the same hash key, the latest image profile will take a place and the former will replace by the latter.
Scenario:
User1:
$profilePicName = md5(111) . ".jpg";
$contents = file_get_contents( $providerUser->avatar_original );
Storage::disk('local')->put( 'profiles/' . $profilePicName, $contents );
$user = User::create([
'email' => $providerUser->getEmail(),
'name' => $providerUser->getName(),
'profile_path' => $profilePicName
]);
Scenario:
User2:
$profilePicName = md5(111) . ".jpg";
$contents = file_get_contents( $providerUser->avatar_original );
Storage::disk('local')->put( 'profiles/' . $profilePicName, $contents );
$user = User::create([
'email' => $providerUser->getEmail(),
'name' => $providerUser->getName(),
'profile_path' => $profilePicName
]);
Now they both have 698d51a19d8a121ce581499d7b701668.jpg saved in their profile. And in this case the first user profile will be the same as the second user image profile.
I am stuck with this task. While logging out, I have to access this $time value which I define in other file when user logged in. I need to use its value in logout function.
How can I do this? I've read about accessors but my attempts to use it weren't successful.
BroadcastServiceProvider
Broadcast::channel('chat', function ($user) {
$ip = Request::ip();
$time = now();
if (auth()->check() && !session()->has('name')) {
UserInfo::storeUser();
return [
'user_id' => $user->id,
'ip' => $ip,
'name' => $user->name,
'joined' => $time,
];
}
});
In LoginController
public function logout() {
$id = auth()->id();
$user_info = \App\UserInfo::where('user_id', $id)->first();
$user_info->save();
auth()->logout();
session()->put('left',now());
return redirect('/');
}
The best way is that store it on your database but you can store it in session like this:
// Retrieve a piece of data from the session...
$value = session('time-'.$user->id);
// Store a piece of data in the session...
session(['time-'.$user->id => now()]);
I figured it out. There is an easy way to do this without accessors.
$user_info = \App\UserInfo::where('user_id', $id)->latest()->first();
Google Adwords API (PHP Client)
I am trying to get a user to authorize once on my website to be able to get his data for analytical purposes. But I can not figure out a way to do it with the documentation it is quite complex.
Do I need to add them to my mcc to be able to do this or is there another way using something like https://developers.google.com/identity/protocols/OAuth2WebServer
You will have to connect the user via oauth token with offline access activated, so that the request returns a refresh token, that you can use to programmatically access the connection, even if the user is not logged into you application:
$client->setApprovalPrompt('force');
$client->setAccessType('offline');
As explained here https://developers.google.com/adwords/api/docs/guides/authentication you can use the oauth playground from groogle to test the api and see what you need.
Additionally here is an example for the client connection method (partially Laravel specific code, but should be good enough to explain the procedure):
function googleIntegrationClient($refresh=false)
{
$client = new \Google_Client();
$client->setClientId(env('GOOGLE_OAUTH_CLIENT_ID'));
$client->setClientSecret(env('GOOGLE_OAUTH_CLIENT_SECRET'));
$client->setRedirectUri(env('GOOGLE_OAUTH_REDIRECT_URI'));
$client->setApplicationName('App Google Integration');
$client->addScope("profile");
$client->addScope("email");
$client->addScope("https://www.googleapis.com/auth/adwords");
//make sure there is a refresh token in the request for offline access.
$client->setApprovalPrompt('force');
$client->setAccessType('offline');
if($refresh)
{
//get currently logged in user
$user = \Auth::user();
//set token from user data
$client->setAccessToken($user->settings["integration"]["google"]['token_data']);
//check if token is valid
if($client->isAccessTokenExpired())
{
//as token is invalid set refresh token
$token_data = json_decode($user->settings["integration"]["google"]['token_data']);
$client->refreshToken($token_data->refresh_token);
//save new token data
$modify_settings = $user->settings;
$modify_settings["integration"]["google"]["token_data"] = $client->getAccessToken();
$user->settings = $modify_settings;
$user->save();
}
}
return $client;
}
You can use this method then in your oauth connecting routine:
//route for redirecting to google oauth
public function redirectToProvider()
{
$user = \Auth::User();
$client = googleIntegrationClient();
$auth_url = $client->createAuthUrl();
return \Redirect::to(filter_var($auth_url, FILTER_SANITIZE_URL));
}
//callback route to handle the provided data from google oauth
public function handleProviderCallback(Request $request)
{
$user = \Auth::User();
$client = googleIntegrationClient();
$data = $request->all();
if (isset($data['code']))
{
try {
$client->authenticate($data['code']);
$token = $client->getAccessToken();
} catch (Exception $e) {
$user->settings = array(
"integration" => array(
"google" => array(
'active' => false,
)));
$user->save();
}
if($token)
{
$google_oauth = new \Google_Service_Oauth2($client);
$user->settings = array(
"integration" => array(
"google" => array(
'active' => true,
'token_data' => $token,
'id' => $google_oauth->userinfo->get()->id,
'avatar' => $google_oauth->userinfo->get()->picture,
'email' => $google_oauth->userinfo->get()->email,
'name' => $google_oauth->userinfo->get()->name,
)));
$user->save();
}
}
}
Good luck!
I have a function that check updates the users profile info. Currently, if I put |unique:users in the validator every time I try to update the profile info on the form it will not let me because a user (which is me) has my email. So I figured out the unique means that nobody, including the current user can have the email that is being updated.
So I need to compare the current auth email to the one in the database. If it matches then it is ok to update the profile info. I know this is simple but I am not sure how to implement it and if that is the right logic.
So where in this code would I post if (Auth::user()->email == $email){..update email...} http://laravel.io/bin/GylBV#6 Also, is that the right way to do this?
public function editProfileFormSubmit()
{
$msg = 'Successfully Updated';
$user_id = Auth::id();
$user = User::find($user_id);
$first_name = Input::get('first_name');
$last_name = Input::get('last_name');
$email = Input::get('email');
$phone_number = Input::get('phone_number');
$validator = Validator::make(Input::all(), array(
'email' => 'required|email',
'first_name' => 'required',
'last_name' => 'required',
'phone_number' => 'required'
));
if ($validator->fails()) {
return Redirect::route('edit-profile')
->withErrors($validator)
->withInput();
}else{
if(Input::hasFile('picture')){
$picture = Input::file('picture');
$type = $picture->getClientMimeType();
$full_image = Auth::id().'.'.$picture->getClientOriginalExtension();
if($type == 'image/png' || $type == 'image/jpg' || $type == 'image/jpeg'){
$upload_success = $picture->move(base_path().'/images/persons/',
$full_image);
if($upload_success) {
$user->picture = $full_image;
} else {
$msg = 'Failed to upload picture.';
}
}else{
$msg = 'Incorrect image format.';
}
}
$user->first_name = $first_name;
$user->last_name = $last_name;
$user->email = $email;
$user->phone_number = $phone_number;
$user->save();
return Redirect::route('invite')->with('global', $msg);
}
}
Worry not, Laravel has already considered this potential issue! If you take a look at the docs for the unique validation rule you'll see that it can take some extra parameters. As it happens, you can give it an id to ignore when looking at the unique constraint. So what you need to do is work out the id for the current model to update and pass that in. In the case of updating a logged-in user's profile it's made easy by Auth::id() as you already have in your code.
$rules = [
'email' => ['required', 'email', 'unique:users,email,'.Auth::id()],
'first_name' => ['required'],
// etc...
];
Obviously I chose to use the array syntax for validation rules there, but you can do the same with the pip syntax too. In a less specific system (create-or-add in a crud postSave type action) you can still do it by simply dong something like $model = Post::find($id) and then if $model is null you're creating and you just use 'unique' whereas if $model is not null, use 'unique:table,field,'.$model->getKey().