네이버아이디로그인
본문
최근 네이버아이디로그인 이슈발생으로 아래와같이 파라미터 값이 공백문자로 시작하지않게 처리해야하는데, 그누보드 어느파일을 어떻게 수정해야할지 모르겠어요
2. 변경 내용
올바르지 않은 방식으로 파라미터 값(value)이 전달 되는 경우에 대하여 처리가 실패하도록 변경
- 다음과 같이 네이버로그인 API 파라미터에 공백이 포함되는 경우 처리 실패
* GET /oauth2.0/token?grant_type= authorization_code&.... (grant_type 파라미터 값 앞에 "공백" 문자가 포함되는 경우)
* GET /oauth2.0/token?grant_type=authorization_code&state= state&.... (state 파라미터 값 앞에 "공백" 문자가 포함되는 경우)
4. 처리방법
- 파라미터 값 (value)이 공백 문자로 시작하지 않도록 처리 필요
- 부득이하게 공백 문자를 포함해야하는 경우 urlEncode 처리된 값인 "%20" 문자로 치환 처리
* GET /oauth2.0/token?grant_type=authorization_code&state=%20state&....
/www/board/gp/plugins/sociallogin/lib/naver/naver.php
<?php
define( 'NAVER_OAUTH_AUTHORIZE_URL', 'https://nid.naver.com/oauth2.0/authorize' );
define( 'NAVER_OAUTH_TOKEN_URL', 'https://nid.naver.com/oauth2.0/token' );
define( 'NAVER_GET_USERINFO_URL', 'https://apis.naver.com/nidlogin/nid/getUserProfile.xml');
class NaverOAuth{
private $client_id;
private $client_secret;
private $redirect_url;
private $state;
private $session;
private $authorize_url = NAVER_OAUTH_AUTHORIZE_URL;
private $accesstoken_url = NAVER_OAUTH_TOKEN_URL;
private $code;
private $tokenArr;
private $userInfo;
function __construct( $client_id, $client_secret, $redirect_url) {
$this -> client_id = $client_id;
$this -> client_secret = $client_secret;
$this -> redirect_url = $redirect_url;
if(!isset($_SESSION)) {
session_start();
}
}
private function generate_state(){
$mt = microtime();
$rand = mt_rand();
$this -> state = md5( $mt . $rand );
}
public function set_state(){
$this -> generate_state();
$_SESSION['state'] = $this -> state;
}
private function get_code(){
$this -> code = $_GET['code'];
}
private function get_state(){
$this -> state = $_SESSION['state'];
return $this -> state;
}
public function request_auth(){
header('Location: '. $this -> get_request_url() );
}
public function get_request_url(){
return $this -> authorize_url . '?response_type=code&client_id=' . $this -> client_id . '&state=' . $this -> state . '&redirect_url=' . urlencode($this -> redirect_url);
}
public function get_accesstoken_url(){
return $this -> accesstoken_url . '?grant_type=authorization_code&client_id=' . $this -> client_id . '&client_secret=' . $this -> client_secret . '&code=' . $this -> code . '&state= ' . $this -> state;
}
public function call_accesstoken(){
$this -> get_code();
$this -> get_state();
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this -> get_accesstoken_url() );
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt($ch, CURLOPT_COOKIE, '' );
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 300);
$g = curl_exec($ch);
curl_close($ch);
$data = json_decode($g, true);
$this -> tokenArr = array(
'Authorization: '.$data['token_type'].' '.$data['access_token']
);
}
public function get_user_profile(){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, NAVER_GET_USERINFO_URL );
curl_setopt($ch, CURLOPT_HTTPHEADER, $this -> tokenArr );
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true );
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt($ch, CURLOPT_COOKIE, '' );
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 300);
$g = curl_exec($ch);
curl_close($ch);
$xml = simplexml_load_string($g);
$this -> userInfo = array(
'id' => (string)$xml -> response -> id,
'userID' => explode("@", (string)$xml -> response -> email )[0],
'email' => (string)$xml -> response -> email,
'nickname' => (string)$xml -> response -> nickname,
'age' => (string)$xml -> response -> age,
'birth' => (string)$xml -> response -> birthday,
'gender' => (string)$xml -> response -> gender,
'profImg' => (string)$xml -> response -> profile_image
);
return $this->userInfo;
}
public function get_userInfo(){
return $this -> userInfo;
}
public function get_userID(){
return $this -> userInfo['userID'];
}
public function get_nickname(){
return $this -> userInfo['nickname'];
}
public function get_age(){
return $this -> userInfo['age'];
}
public function get_birth(){
return $this -> userInfo['birth'];
}
public function get_gender(){
return $this -> userInfo['gender'];
}
public function get_profImg(){
return $this -> userInfo['profImg'];
}
}
?>
/www/board/gp/plugins/sociallogin/inc/class.naver.php
<?
/**
* 소셜로그인(Social Login) - 네이버
*
* @package net.lovelyus.plugins.sociallogin
* @author Chongmyung Park <*** 개인정보보호를 위한 이메일주소 노출방지 ***>
* @copyright Chongmyung Park
* @link http://lovelyus.net
**/
if (!defined("_GNUBOARD_")) exit; // 개별 페이지 접근 불가
error_reporting(E_ALL);
ini_set('display_errors', '1');
include_once 'class.lusl.php';
class LUSLNaver extends LUSL
{
var $api_url = '';
var $api_key = '';
function __construct()
{
parent::__construct();
$this->api_client_id = trim($this->plugin_config['nv_client_id']);
$this->api_secret = trim($this->plugin_config['nv_client_secret']);
include_once dirname(__FILE__).'/../lib/naver/naver.php';
}
function _get_callback_url($md='login')
{
return GP_URL . '/do.php?id=' . $this->id . '&act=sociallogin&s=callback_naver&md=' . $md;
}
function login()
{
$this->_redirect('login');
}
function connect()
{
$this->_redirect('connect');
}
function _redirect($md = 'login')
{
if ($md == 'connect') set_session('oauth_naver_md', 'connect');
else set_session('oauth_naver_md', false);
$nOauth = new NaverOAuth($this->api_client_id, $this->api_secret, $this->_get_callback_url($md));
$nOauth-> set_state();
goto_url($nOauth-> get_request_url());
}
function callback()
{
$md = get_session('oauth_naver_md');
$nOauth = new NaverOAuth($this->api_client_id, $this->api_secret, $state);
$nOauth-> call_accesstoken();
$user = $nOauth-> get_user_profile();
if(!$user['id']) {
alert('소셜로그인: 로그인 실패', $this->getRedirectUrl());
return;
}
$su = $this->getSocialUser('NV', $user['id']);
$social_user = array('type' => 'NV',
'name' => $user['nickname'],
'nickname' => $user['nickname'],
'email' => $user['email'],
'social_id' => $user['id'],
'homepage' => '');
set_session('sses_social_user', $social_user);
if ($md == 'connect') $this->connect_proc();
else if ($su) $this->login_proc();
else goto_url(GP_URL . '/do.php?id=' . $this->id . '&act=sociallogin&s=signup_proc');
}
}
?>
오류메세지는 59라인이라고 나오는데
function callback()
{
$md = get_session('oauth_naver_md');
$nOauth = new NaverOAuth($this->api_client_id, $this->api_secret, $state);
$nOauth-> call_accesstoken();
$user = $nOauth-> get_user_profile();
if(!$user['id']) {
alert('소셜로그인: 로그인 실패', $this->getRedirectUrl());
return;
}
여기서 멀 수정해줘야하는걸까요
!-->!-->