From 9a1d06cb036c9cf93aaa8150ec8634555668032b Mon Sep 17 00:00:00 2001
From: Nicolas Liampotis <nliam@grnet.gr>
Date: Sun, 8 May 2016 01:19:24 +0300
Subject: [PATCH] Fix issue with Facebook authentication retrieving only user
 id and name

---
 config-templates/authsources.php              |  4 ++++
 .../authfacebook/lib/Auth/Source/Facebook.php | 22 ++++++++++++++++---
 2 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/config-templates/authsources.php b/config-templates/authsources.php
index 1d44dc6d9..d69442a2b 100644
--- a/config-templates/authsources.php
+++ b/config-templates/authsources.php
@@ -201,6 +201,10 @@ $config = array(
         // which additional data permissions to request from user
         // see http://developers.facebook.com/docs/authentication/permissions/ for the full list
         // 'req_perms' => 'email,user_birthday',
+        // Which additional user profile fields to request.
+        // When empty, only the app-specific user id and name will be returned
+        // See https://developers.facebook.com/docs/graph-api/reference/v2.6/user for the full list
+        // 'user_fields' => 'email,birthday,third_party_id,name,first_name,last_name',
     ),
     */
 
diff --git a/modules/authfacebook/lib/Auth/Source/Facebook.php b/modules/authfacebook/lib/Auth/Source/Facebook.php
index 5271f313d..49616522f 100644
--- a/modules/authfacebook/lib/Auth/Source/Facebook.php
+++ b/modules/authfacebook/lib/Auth/Source/Facebook.php
@@ -39,6 +39,21 @@ class sspmod_authfacebook_Auth_Source_Facebook extends SimpleSAML_Auth_Source {
 	private $req_perms;
 
 
+	/**
+	 * A comma-separated list of user profile fields to request.
+	 *
+	 * Note that some user fields require appropriate permissions. For
+	 * example, to retrieve the user's primary email address, "email" must
+	 * be specified in both the req_perms and the user_fields parameter.
+	 *
+	 * When empty, only the app-specific user id and name will be returned.
+	 *
+	 * See the Graph API specification for all available user fields:
+	 * https://developers.facebook.com/docs/graph-api/reference/v2.6/user
+	 */
+	private $user_fields;
+
+
 	/**
 	 * Constructor for this authentication source.
 	 *
@@ -57,6 +72,7 @@ class sspmod_authfacebook_Auth_Source_Facebook extends SimpleSAML_Auth_Source {
 		$this->api_key = $cfgParse->getString('api_key');
 		$this->secret = $cfgParse->getString('secret');
 		$this->req_perms = $cfgParse->getString('req_perms', NULL);
+		$this->user_fields = $cfgParse->getString('user_fields', NULL);
 	}
 
 
@@ -91,7 +107,7 @@ class sspmod_authfacebook_Auth_Source_Facebook extends SimpleSAML_Auth_Source {
 
 		if (isset($uid) && $uid) {
 			try {
-				$info = $facebook->api("/" . $uid);
+				$info = $facebook->api("/" . $uid . ($this->user_fields ? "?fields=" . $this->user_fields : ""));
 			} catch (FacebookApiException $e) {
 				throw new SimpleSAML_Error_AuthSource($this->authId, 'Error getting user profile.', $e);
 			}
@@ -108,8 +124,8 @@ class sspmod_authfacebook_Auth_Source_Facebook extends SimpleSAML_Auth_Source {
 			}
 		}
 
-		if (array_key_exists('username', $info)) {
-			$attributes['facebook_user'] = array($info['username'] . '@facebook.com');
+		if (array_key_exists('third_party_id', $info)) {
+			$attributes['facebook_user'] = array($info['third_party_id'] . '@facebook.com');
 		} else {
 			$attributes['facebook_user'] = array($uid . '@facebook.com');
 		}
-- 
GitLab