[feature/oauth] Update link_account to allow for two methods of linking

PHPBB3-11673
2025-02-24 12:03:21 +01:00 · 2013-08-14 15:35:37 -04:00 · 2013-08-14 15:35:37 -04:00 · afebbf231a
commit afebbf231a
parent ce387d9bfc
3 changed files with 19 additions and 2 deletions
--- a/phpBB/includes/ucp/ucp_auth_link.php
+++ b/phpBB/includes/ucp/ucp_auth_link.php
@ -54,7 +54,10 @@ class ucp_auth_link
 				// The current user_id is also necessary
 				$link_data['user_id'] = $user->data['user_id'];

-				if ($request->variable('link', false, false, phpbb_request_interface::POST))
+				// Tell the provider that the method is auth_link not login_link
+				$link_data['link_method'] = 'auth_link';
+
+				if ($request->variable('link', null))
 				{
 					$error[] = $auth_provider->link_account($link_data);
 				}
--- a/phpBB/includes/ucp/ucp_login_link.php
+++ b/phpBB/includes/ucp/ucp_login_link.php
@ -73,6 +73,9 @@ class ucp_login_link
 					// Give the user_id to the data
 					$data['user_id'] = $login_result['user_row']['user_id'];

+					// Set the link_method to login_link
+					$data['link_method'] = 'login_link';
+
 					// The user is now logged in, attempt to link the user to the external account
 					$result = $auth_provider->link_account($data);

--- a/phpBB/phpbb/auth/provider/oauth/oauth.php
+++ b/phpBB/phpbb/auth/provider/oauth/oauth.php
@ -364,7 +364,8 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base
 			return 'LOGIN_LINK_NO_DATA_PROVIDED';
 		}

-		if (!array_key_exists('oauth_service', $login_link_data) || !$login_link_data['oauth_service'])
+		if (!array_key_exists('oauth_service', $login_link_data) || !$login_link_data['oauth_service'] ||
+			!array_key_exists('link_method', $login_link_data) || !$login_link_data['link_method'])
 		{
 			return 'LOGIN_LINK_MISSING_DATA';
 		}
@ -377,6 +378,16 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base
 	*/
 	public function link_account(array $link_data)
 	{
+		// Check for a valid link method (auth_link or login_link)
+		if (!array_key_exists('link_method', $link_data) ||
+			!in_array($link_data['link_method'], array(
+				'auth_link',
+				'login_link',
+			)))
+		{
+			return 'LOGIN_LINK_MISSING_DATA';
+		}
+
 		// We must have an oauth_service listed, check for it two ways
 		if (!array_key_exists('oauth_service', $link_data) || !$link_data['oauth_service'])
 		{