in Joomla

Jomsocial auth Controller callback fix to allow other application

I was working with a new extension for jomsocial for auto update any jomsocial status update to linkedin. Please note that jomsocial has a packaged apps for twitter for such purpose and that’s why I was trying to go with same thing for linkedin and tried to use the jomsocial library etc. After authentication callback it was trying to access a method of jomsocial default twitter plugin. That means a hardcode class and it’s method.

Let me share the controller class
[code language=”php”]
class CommunityOauthController extends CommunityBaseController
{
public function callback()
{
$mainframe =& JFactory::getApplication();
$my = CFactory::getUser();
$denied = JRequest::getVar( ‘denied’ , ” );
$app = JRequest::getVar( ‘app’ , ” );
$url = CRoute::_(‘index.php?option=com_community&view=profile&userid=’ . $my->id , false );

if( empty($app) )
{
echo JText::_(‘COM_COMMUNITY_INVALID_APPLICATION’);
return;
}

if( $my->id == 0 )
{
echo JText::_(‘COM_COMMUNITY_INVALID_ACCESS’);
return;
}

if( !empty( $denied ) )
{
$mainframe->redirect( $url , JText::_( ‘COM_COMMUNITY_OAUTH_APPLICATION_ACCESS_DENIED_WARNING’ ) );
}

$oauth =& JTable::getInstance( ‘Oauth’ , ‘CTable’ );
if( $oauth->load( $my->id , $app ) )
{
$consumer = plgCommunityTwitter::getConsumer();
$oauth->userid = $my->id;
$oauth->app = $app;
$getData = JRequest::get(‘get’);

try
{
$oauth->accesstoken = serialize( $consumer->getAccessToken( $getData , unserialize( $oauth->requesttoken ) ) );
}
catch( Exception $error )
{
$mainframe->redirect( $url , $error->getMessage() );
}

if( !empty($oauth->accesstoken) )
{
$oauth->store();
}
$msg = JText::_( ‘COM_COMMUNITY_OAUTH_AUTHENTICATION_SUCCESS’ );
$mainframe->redirect( $url , $msg );
}
}
[/code]

Check line number 31
$consumer = plgCommunityTwitter::getConsumer();

Suppose if we take the getConsumer() method is a standard practice to get the configuration for the authentication method for jomsocial application for social network then we can make the plgCommunityTwitter class name here dynamic depending on the variable found from
$app = JRequest::getVar( ‘app’ , ” );

for twitter we get $app = ‘twitter’ and as I was developing another apps plugin and it’s application name is “cblinkedin” it will get $app = ‘cblinkedin’

So just modifying the line 31 will give other extension developer use this controller and this will be more practical and my suggestion here is modifying the code like

[code language=”php”]
//$consumer = plgCommunityTwitter::getConsumer();
//$consumer = plgCommunityCBLinkedin::getConsumer();
$appclassname = strtolower(‘plgCommunity’.$app);
$consumer = call_user_func( array($appclassname,’getConsumer’) );
[/code]

What do you think ?

BTW, we are close to develop an jomsocial extension that will allow users to update their jomsocial status update to linkedin as the core twitter apps does. Let me show my screenshot of current work.

I am testing here

Update: 12.08.2012
I have a new update for the above issue and that can be solved using adding an extra method in the plugin.

Solution is using onSystemStart method and check if the app is your plugin app and task is call back.
[code language=”php”]
function onSystemStart(){
$mainframe =& JFactory::getApplication();
$my = CFactory::getUser();
$denied = JRequest::getVar( ‘denied’ , ” );
$app = JRequest::getVar( ‘app’ , ” );
$task = JRequest::getVar( ‘task’ , ” );
$url = CRoute::_(‘index.php?option=com_community&view=profile&userid=’ . $my->id , false );
if($app == ‘cblinkedin’ && $task == ‘callback’){
if( $my->id == 0 )
{
echo JText::_(‘COM_COMMUNITY_INVALID_ACCESS’);
return;
}

if( !empty( $denied ) )
{
$mainframe->redirect( $url , JText::_( ‘COM_COMMUNITY_OAUTH_APPLICATION_ACCESS_DENIED_WARNING’ ) );
}

$oauth =& JTable::getInstance( ‘Oauth’ , ‘CTable’ );
if( $oauth->load( $my->id , $app ) )
{

$consumer = plgCommunityCBLinkedin::getConsumer();
$oauth->userid = $my->id;
$oauth->app = $app;
$getData = JRequest::get(‘get’);

try
{
$oauth->accesstoken = serialize( $consumer->getAccessToken( $getData , unserialize( $oauth->requesttoken ) ) );
}
catch( Exception $error )
{
$mainframe->redirect( $url , $error->getMessage() );
}

if( !empty($oauth->accesstoken) )
{
$oauth->store();
}
$msg = JText::_( ‘COM_COMMUNITY_OAUTH_AUTHENTICATION_SUCCESS’ );
$mainframe->redirect( $url , $msg );
}
}

}
[/code]

But still I think if jomsocial gives 3rd party plugins execution for it’s built in Controller.