Auth adapters

OAuth adapters: Facebook, Twitter, Google, and others

Contents...

The functionality of the OAuth-based authorization via external sevices has been moved down to the system level and is implemented in the form of authorization adapters. The basic framework distribution contains authorization adapters for the following platforms and social networks: Facebook, Twitter, Google, VK (vk.com).

Connecting adapters

Authorization adapters should be conected individually to each domain name mapped to your installed framework instance, because it requires a registration of each domain name in the appropriate social network as an application. You can register your domain name via the following links:

By registering an application, you will obtain an app_id (application identifier or key) and an api_secret value, which should be entered to file wa-config/auth.php (if you have no such file, create it and copy the following code to it by replacing three dots ... with the parameter values obtained during the application registration):

<?php

return array(
    'domain1.com' => array(
        'adapters' => array(
            'facebook' => array(
                'app_id' => "...",
                'app_secret' => "...",
          	),
            'twitter' => array(
                'app_id' => "...",
                'app_secret' => "...",
            ),
            'google' => array(
                'app_id' => "...",
                'app_secret' => "...",
            ),
            'vkontakte' => array(
                'app_id' => "...",
                'app_secret' => "...",
            ),    
        ),
    ),
    'domain2.com' => array(
        //settings for another domain name
    ),
    //similar settings for other domain names
);
Authorization parameters are automatically saved to file wa-config/auth.php, if they are specified in backend screen “Settings → Authorization” of the Site app.

Once configured as described above, OAuth-based authorization will be automatically enabled for the specified domain names; however, only for those applications, which support OAuth-based authorization by means of authorization adapters. For example, in the Blog app connected adapters will allow visitors to quickly authorize in order to post comments.

Integration of the OAuth-based authorization by means of authorization adapters can be implemented in an application solely at the developer's discretion. If you have connected an authorization adapter and the authorization functionality has not become available in the desired application, contact the application's developer to find out whether such functionality is supported in the application.

Integration of the OAuth-based authorization in your application by means of authorization adapters

To implement the ability for frontend users to authorize via social networks, simply add the following code to the desired template file:


{$wa->authAdapters()}

This will add a block of links corresponding to the configured authorization adapters.

By default, when a successful response from the external service (social network ) is received, a new contact is created (or an existing one is retrieved, if the user is already registered), and this contact becomes authorized. For the developer, such a contact is not different from any other ordinary user. Here is how you can access the current authorized user:

    // in controllers/actions
$this->getUser();
    
// elsewhere
wa()->getUser();

You can also implement your own processing logic for responses received from the social network's server. To do so, create file wa-apps/[APP_ID]/lib/actions/[APP_ID]OAuth.controller.php:

<?php

class [APP_ID]OAuthController extends waOAuthController
{

    // your code here

}      

For example, in application Guestbook 2, when a contact is created, it is added to the application's system category, which makes it easy to find all users of the Guestbook 2 in the Contacts app.

/**
 * Controller of registration/authorization via social networks
 */
class guestbook2OAuthController extends waOAuthController
{

    /**
     * This method is called after successful authorization via a social network
     * @param array $data - unified data received from the social network
     * @return waContact
     */
    public function afterAuth($data)
    {
        // Calling parent's method (default behavior)
        $contact = parent::afterAuth($data);
        // If the contact has been authorizedand is not a backend user
        if ($contact && !$contact['is_user']) {
            // Adding a new contact to the system category of Guestbook 2
            $contact->addToCategory($this->getAppId());
        }
        return $contact;
    }

}