Add match user by email feature and setting [perrybutler#52]

login-google.php

@@ -12,10 +12,14 @@
 define('CLIENT_ID', get_option('wpoa_google_api_id'));
 define('CLIENT_SECRET', get_option('wpoa_google_api_secret'));
 define('REDIRECT_URI', rtrim(site_url(), '/') . '/');
-define('SCOPE', 'profile'); // PROVIDER SPECIFIC: 'profile' is the minimum scope required to get the user's id from Google
 define('URL_AUTH', "https://accounts.google.com/o/oauth2/auth?");
 define('URL_TOKEN', "https://accounts.google.com/o/oauth2/token?");
 define('URL_USER', "https://www.googleapis.com/plus/v1/people/me?");
+// PROVIDER SPECIFIC: profile minimum and emails for matching users
+if(get_option('wpoa_email_linking'))
+	define('SCOPE', 'https://www.googleapis.com/auth/plus.profile.emails.read'); 
+else
+	define('SCOPE', 'profile');
 # END OF DEFINE THE OAUTH PROVIDER AND SETTINGS TO USE #
 
 // remember the user's last url so we can redirect them back to there after the login ends:
@@ -185,8 +189,10 @@ function get_oauth_identity($wpoa) {
 	// parse and return the user's oauth identity:
 	$oauth_identity = array();
 	$oauth_identity['provider'] = $_SESSION['WPOA']['PROVIDER'];
-	$oauth_identity['id'] = $result_obj['id']; // PROVIDER SPECIFIC: Google returns the user's OAuth identity as id
-	//$oauth_identity['email'] = $result_obj['emails'][0]['value']; // PROVIDER SPECIFIC: Google returns an array of email addresses. To respect privacy we currently don't collect the user's email address.
+	// PROVIDER SPECIFIC: Google returns the user's OAuth identity as id
+	$oauth_identity['id'] = $result_obj['id'];
+	// PROVIDER SPECIFIC: Google returns an array of email addresses. To respect privacy we currently only collect if the registration setting is enabled.
+	$oauth_identity['email'] = (isset($result_obj['emails'])) ? $result_obj['emails'][0]['value'] : '';
 	if (!$oauth_identity['id']) {
 		$wpoa->wpoa_end_login("Sorry, we couldn't log you in. User identity was not found. Please notify the admin or try again later.");
 	}

wp-oauth.php

@@ -408,13 +408,34 @@ function wpoa_match_wordpress_user($oauth_identity) {
 		$user = get_user_by('id', $query_result);
 		return $user;
 	}
-
-	// login (or register and login) a wordpress user based on their oauth identity:
+
+	/**
+	 * Check for existing WP user by email
+	 * 
+	 * @since 0.4.1
+	 *
+	 * @param Array  $oauth_identity
+	 * @return WP_User|false
+	 */
+	function wpoa_match_wordpress_user_by_email($oauth_identity) {
+	    $user = get_user_by('email', $oauth_identity['email']);
+	    return $user;
+	}
+
+	/**
+	 * Login (or register and login) a wordpress user based on their oauth identity:
+	 *
+	 * @param Array $oauth_identity
+	 */
 	function wpoa_login_user($oauth_identity) {
 		// store the user info in the user session so we can grab it later if we need to register the user:
 		$_SESSION["WPOA"]["USER_ID"] = $oauth_identity["id"];
 		// try to find a matching wordpress user for the now-authenticated user's oauth identity:
 		$matched_user = $this->wpoa_match_wordpress_user($oauth_identity);
+		// If user is not found by oauth identity, then attempt by email.
+		if ( !$matched_user ) {
+			$matched_user = $this->wpoa_match_wordpress_user_by_email($oauth_identity);
+		}
 		// handle the matched user if there is one:
 		if ( $matched_user ) {
 			// there was a matching wordpress user account, log it in now: