lemonldap-ng/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/Facebook.pm

package Lemonldap::NG::Portal::Auth::Facebook;

use strict;
use Mouse;
use URI::Escape;
use Lemonldap::NG::Common::FormEncode;
use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_ERROR PE_BADCREDENTIALS);
use utf8;

our $VERSION = '2.0.12';

extends 'Lemonldap::NG::Portal::Main::Auth';

# INITIALIZATION

sub init {
    my $self = shift;
    eval { require Net::Facebook::Oauth2; };
    if ($@) {
        $self->error("Unable to load Net::Facebook::Oauth2: $@");
        return 0;
    }
    my $ret = 1;
    foreach my $arg (qw(facebookAppId facebookAppSecret)) {
        unless ( $self->conf->{$arg} ) {
            $ret = 0;
            $self->error("Parameter $arg is required");
        }
    }
    return $ret;
}

# RUNNING METHODS

sub extractFormInfo {
    my ( $self, $req ) = @_;
    my $fb = $self->fb($req);

    # 1. Check Facebook responses

    # 1.1 Good responses
    if ( my $code = $req->param('code') ) {
        $self->logger->debug("Get code $code from Facebook");
        my $access_token;
        eval { $access_token = $fb->get_access_token( code => $code ); };
        if ($@) {
            $self->logger->error("Error while getting access token: $@");
            return PE_ERROR;
        }
        if ($access_token) {
            $req->{sessionInfo}->{_facebookToken} = $access_token;

     # Get mandatory fields (see https://developers.facebook.com/tools/explorer)
            my @fields = ( $self->conf->{facebookUserField} );

            # Search all wanted fields
            push @fields,
              map { /^(\w+)$/ ? ($1) : () }
              values %{ $self->conf->{facebookExportedVars} };

            my $data;

            # When a field is not granted, Facebook returns only an error
            # without real explanation. So here we try to reduce query until
            # having a valid response
            while (@fields) {
                $data = $fb->get(
                    'https://graph.facebook.com/me',
                    { fields => join( ',', @fields ) }
                )->as_hash;
                unless ( ref $data ) {
                    $self->logger->error("Unable to get any Facebook field");
                    return PE_ERROR;
                }
                if ( $data->{error} ) {
                    my $tmp = pop @fields;
                    $self->logger->warn(
"Unable to get some Facebook fields ($data->{error}->{message}). Retrying without $tmp"
                    );
                }
                else {
                    last;
                }
            }
            unless (@fields) {
                $self->logger->error("Unable to get any Facebook field");
                return PE_ERROR;
            }

            # Parse received data
            foreach ( keys %$data ) {
                utf8::encode $data->{$_};
                $self->logger->debug( "Facebook data $_: " . $data->{$_} );
            }

            # Field to trace user
            unless ( $data->{ $self->conf->{facebookUserField} } ) {
                $self->logger->error('Unable to get Facebook id');
                return PE_ERROR;
            }
            $req->user( $data->{ $self->conf->{facebookUserField} } );
            $req->data->{_facebookData} = $data;
            $req->{sessionInfo}->{_facebookData} = $data;

            # Force redirection to avoid displaying Oauth data
            $req->mustRedirect(1);
            return PE_OK;
        }
        return PE_BADCREDENTIALS;
    }

    # 1.2 Bad responses
    if ( my $error_code = $req->param('error_code') ) {
        my $error_message = $req->param('error_message');
        $self->userLogger->error(
            "Facebook error code $error_code: $error_message");
        return PE_ERROR;
    }

    # 2. Else redirect user to Facebook login page:

    # Build Facebook redirection
    # TODO: use a param to use "publish_stream" or not
    my $check_url = $fb->get_authorization_url(
        scope   => [ 'public_profile', 'email' ],
        display => 'page',
    );
    $req->urldc($check_url);
    $self->logger->debug( "Redirect user to " . $req->{urldc} );
    $req->continue(1);
    $req->steps( [] );

    return PE_OK;
}

sub authenticate {
    return PE_OK;
}

sub setAuthSessionInfo {
    my ( $self, $req ) = @_;
    $req->{sessionInfo}->{authenticationLevel} =
      $self->conf->{facebookAuthnLevel};
    return PE_OK;
}

sub authFinish {
    return PE_OK;
}

sub authLogout {
    return PE_OK;
}

sub getDisplayType {
    return "logo";
}

sub fb {
    my ( $self, $req ) = @_;
    my $conf = $self->{conf};
    my $fb;
    my $sep = '?';
    my $ret = $conf->{portal};

    eval {
        $fb = Net::Facebook::Oauth2->new(
            application_id     => $conf->{facebookAppId},
            application_secret => $conf->{facebookAppSecret},
            callback           => $ret,
        );
    };
    $self->logger->error($@) if ($@);

    return $fb;
}

1;
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`package Lemonldap::NG::Portal::Auth::Facebook;`

			`use strict;`
			`use Mouse;`
			`use URI::Escape;`
Use build_urlencoded everywhere (#1461) 2018-06-26 19:13:06 +02:00			`use Lemonldap::NG::Common::FormEncode;`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_ERROR PE_BADCREDENTIALS);`
Force utf8 conversion for Facebook datas (#1322) 2018-06-23 08:32:55 +02:00			`use utf8;`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00
Perl critic 2021-02-01 22:30:37 +01:00			`our $VERSION = '2.0.12';`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00
Move Auth::Base to Main::Auth 2018-02-19 22:11:43 +01:00			`extends 'Lemonldap::NG::Portal::Main::Auth';`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00
Update comments (#595) 2016-06-09 20:40:20 +02:00			`# INITIALIZATION`

Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`sub init {`
Typo & upadte version 2019-04-05 22:58:48 +02:00			`my $self = shift;`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`eval { require Net::Facebook::Oauth2; };`
			`if ($@) {`
Display errors in HTML (#595) 2016-05-24 22:50:22 +02:00			`$self->error("Unable to load Net::Facebook::Oauth2: $@");`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`return 0;`
			`}`
			`my $ret = 1;`
			`foreach my $arg (qw(facebookAppId facebookAppSecret)) {`
			`unless ( $self->conf->{$arg} ) {`
			`$ret = 0;`
Display errors in HTML (#595) 2016-05-24 22:50:22 +02:00			`$self->error("Parameter $arg is required");`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`}`
			`}`
			`return $ret;`
			`}`

Update comments (#595) 2016-06-09 20:40:20 +02:00			`# RUNNING METHODS`

Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`sub extractFormInfo {`
			`my ( $self, $req ) = @_;`
			`my $fb = $self->fb($req);`

			`# 1. Check Facebook responses`

			`# 1.1 Good responses`
			`if ( my $code = $req->param('code') ) {`
Some work on Facebook auth module (#595) 2017-11-02 19:09:31 +01:00			`$self->logger->debug("Get code $code from Facebook");`
			`my $access_token;`
			`eval { $access_token = $fb->get_access_token( code => $code ); };`
			`if ($@) {`
			`$self->logger->error("Error while getting access token: $@");`
			`return PE_ERROR;`
			`}`
			`if ($access_token) {`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`$req->{sessionInfo}->{_facebookToken} = $access_token;`

			`# Get mandatory fields (see https://developers.facebook.com/tools/explorer)`
Configure Facebook user field (#1322) 2018-06-22 18:16:24 +02:00			`my @fields = ( $self->conf->{facebookUserField} );`

			`# Search all wanted fields`
			`push @fields,`
			`map { /^(\w+)$/ ? ($1) : () }`
			`values %{ $self->conf->{facebookExportedVars} };`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00
s/datas/data datas => des données data => les données 2018-07-05 22:56:16 +02:00			`my $data;`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00
			`# When a field is not granted, Facebook returns only an error`
			`# without real explanation. So here we try to reduce query until`
			`# having a valid response`
			`while (@fields) {`
s/datas/data datas => des données data => les données 2018-07-05 22:56:16 +02:00			`$data = $fb->get(`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`'https://graph.facebook.com/me',`
			`{ fields => join( ',', @fields ) }`
			`)->as_hash;`
s/datas/data datas => des données data => les données 2018-07-05 22:56:16 +02:00			`unless ( ref $data ) {`
Replace lmLog by logger-> (#857) 2017-02-15 07:41:50 +01:00			`$self->logger->error("Unable to get any Facebook field");`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`return PE_ERROR;`
			`}`
s/datas/data datas => des données data => les données 2018-07-05 22:56:16 +02:00			`if ( $data->{error} ) {`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`my $tmp = pop @fields;`
Replace lmLog by logger-> (#857) 2017-02-15 07:41:50 +01:00			`$self->logger->warn(`
s/datas/data datas => des données data => les données 2018-07-05 22:56:16 +02:00			`"Unable to get some Facebook fields ($data->{error}->{message}). Retrying without $tmp"`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`);`
			`}`
			`else {`
			`last;`
			`}`
			`}`
			`unless (@fields) {`
Replace lmLog by logger-> (#857) 2017-02-15 07:41:50 +01:00			`$self->logger->error("Unable to get any Facebook field");`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`return PE_ERROR;`
			`}`

s/datas/data datas => des données data => les données 2018-07-05 22:56:16 +02:00			`# Parse received data`
			`foreach ( keys %$data ) {`
			`utf8::encode $data->{$_};`
			`$self->logger->debug( "Facebook data $_: " . $data->{$_} );`
Force utf8 conversion for Facebook datas (#1322) 2018-06-23 08:32:55 +02:00			`}`

Configure Facebook user field (#1322) 2018-06-22 18:16:24 +02:00			`# Field to trace user`
s/datas/data datas => des données data => les données 2018-07-05 22:56:16 +02:00			`unless ( $data->{ $self->conf->{facebookUserField} } ) {`
Replace lmLog by logger-> (#857) 2017-02-15 07:41:50 +01:00			`$self->logger->error('Unable to get Facebook id');`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`return PE_ERROR;`
			`}`
s/datas/data datas => des données data => les données 2018-07-05 22:56:16 +02:00			`$req->user( $data->{ $self->conf->{facebookUserField} } );`
			`$req->data->{_facebookData} = $data;`
			`$req->{sessionInfo}->{_facebookData} = $data;`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00
s/datas/data datas => des données data => les données 2018-07-05 22:56:16 +02:00			`# Force redirection to avoid displaying Oauth data`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`$req->mustRedirect(1);`
			`return PE_OK;`
			`}`
			`return PE_BADCREDENTIALS;`
			`}`

			`# 1.2 Bad responses`
			`if ( my $error_code = $req->param('error_code') ) {`
			`my $error_message = $req->param('error_message');`
Tidy 2017-02-19 12:51:58 +01:00			`$self->userLogger->error(`
			`"Facebook error code $error_code: $error_message");`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`return PE_ERROR;`
			`}`

			`# 2. Else redirect user to Facebook login page:`

			`# Build Facebook redirection`
			`# TODO: use a param to use "publish_stream" or not`
			`my $check_url = $fb->get_authorization_url(`
			`scope => [ 'public_profile', 'email' ],`
			`display => 'page',`
			`);`
			`$req->urldc($check_url);`
Some work on Facebook auth module (#595) 2017-11-02 19:09:31 +01:00			`$self->logger->debug( "Redirect user to " . $req->{urldc} );`
			`$req->continue(1);`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`$req->steps( [] );`
Perl critic 2021-02-01 22:30:37 +01:00
			`return PE_OK;`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`}`

			`sub authenticate {`
Perl critic 2021-02-01 22:30:37 +01:00			`return PE_OK;`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`}`

Enable setAuthSessionInfo (#595) 2016-12-01 23:25:05 +01:00			`sub setAuthSessionInfo {`
			`my ( $self, $req ) = @_;`
make tidy 2016-12-26 10:23:35 +01:00			`$req->{sessionInfo}->{authenticationLevel} =`
			`$self->conf->{facebookAuthnLevel};`
Perl critic 2021-02-01 22:30:37 +01:00			`return PE_OK;`
Enable setAuthSessionInfo (#595) 2016-12-01 23:25:05 +01:00			`}`

Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`sub authFinish {`
Perl critic 2021-02-01 22:30:37 +01:00			`return PE_OK;`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`}`

			`sub authLogout {`
Perl critic 2021-02-01 22:30:37 +01:00			`return PE_OK;`
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`}`

			`sub getDisplayType {`
			`return "logo";`
			`}`

			`sub fb {`
			`my ( $self, $req ) = @_;`
			`my $conf = $self->{conf};`
			`my $fb;`
			`my $sep = '?';`
			`my $ret = $conf->{portal};`

			`eval {`
			`$fb = Net::Facebook::Oauth2->new(`
			`application_id => $conf->{facebookAppId},`
			`application_secret => $conf->{facebookAppSecret},`
			`callback => $ret,`
			`);`
			`};`
Replace lmLog by logger-> (#857) 2017-02-15 07:41:50 +01:00			`$self->logger->error($@) if ($@);`
Perl critic 2021-02-01 22:30:37 +01:00
Working on Facebook (#595) 2016-05-24 18:53:41 +02:00			`return $fb;`
			`}`

			`1;`