oligriffiths/facebook-authenticator.php

## facebook-authenticator.php
<?php
namespace Nooku\Component\Overrides;

use Nooku\Library;
use Nooku\Component\Users;

class UsersDispatcherAuthenticatorFacebook extends Library\DispatcherAuthenticatorAbstract
{
    /**
     * A redirect url
     *
     * @var string
     */
    protected $_redirect_url;

    /**
     * The Facebook access token to be used
     *
     * @var string
     */
    protected $_access_token;

    /**
     * @var \DateTime
     */
    protected $_token_expiry;

    /**
     * Constructor.
     *
     * @param Library\ObjectConfig $config Configuration options
     */
    public function __construct(Library\ObjectConfig $config)
    {
        parent::__construct($config);

        $this->addCommandCallback('before.dispatch', 'authenticateRequest');
        $this->addCommandCallback('before.post', 'authenticateRequest');

        $this->_access_token = $config->access_token;
    }

    /**
     * Initializes the options for the object
     *
     * Called from {@link __construct()} as a first step of object instantiation.
     *
     * @param  ObjectConfig $config A ObjectConfig object with configuration options
     * @return void
     */
    protected function _initialize(Library\ObjectConfig $config)
    {
        $config->append(array(
            'client_id' => '',
            'client_secret' => '',
            'redirect_url' => null,
            'access_token' => null,
            'scopes' => array(),
            'auto_auth' => false,
            'create_user' => true
        ));

        parent::_initialize($config);
    }

    /**
     * Gets the facebook access token
     *
     * @return string
     */
    public function getAccessToken()
    {
        return $this->_access_token;
    }

    /**
     * Set the facebook access token
     *
     * @param $token
     */
    protected function setAccessToken($token)
    {
        $this->_access_token = $token;
    }

    /**
     * Gets the token expiry time
     *
     * @return \DateTime
     */
    public function getTokenExpiry()
    {
        return $this->_token_expiry;
    }

    /**
     * Set token expiry
     *
     * @param \DateTime $expiry
     */
    protected function setTokenExpiry(\DateTime $expiry)
    {
        $this->_token_expiry = $expiry;
    }

    /**
     * Authenticate user against facebook api
     *
     * @param Library\DispatcherContextInterface $context	A dispatcher context object
     * @return  boolean Returns FALSE if the check failed. Otherwise TRUE.
     */
    public function authenticateRequest(Library\DispatcherContextInterface $context)
    {
        //If authenticated, don't continue
        if($context->getUser()->isAuthentic()){
            return;
        }

        $is_session     = $context->getSubject()->getController()->getIdentifier()->package == 'users' && $context->getSubject()->getController()->getIdentifier()->name == 'session';
        $code           = $context->getRequest()->getQuery()->code;
        $access_token   = $context->getRequest()->getQuery()->access_token ?: $this->getAccessToken();

        /**
         * Execution only continues if no code or access token supplied,
         * Action is dispatch and auto_auth is disabled, or action is post and it's not the user session controller
         */
        if(!$code && !$access_token && (($context->action == 'dispatch' && !$this->getConfig()->auto_auth) || ($context->action == 'post' && !$is_session))){
            return;
        }

        //If no code or access token, redirect to facebook to get code
        if(!$access_token && !$code){
            $this->_redirectToFacebook($context);
            return;
        }

        //Get access token from code
        if($code){
            $this->exchangeCodeForAccessToken($code, $context);

        //Validate the token
        }else if($access_token){
            $this->validateAccessToken($access_token);
        }

        //If no access token, stop
        if(!$this->getAccessToken()){
            return;
        }

        //Authenticate the user
        if(false == $user = $this->_authenticateUser($this->getAccessToken(), $this->getTokenExpiry())){
            return;
        }

        //Set user data in context
        $this->_loginUser($user->id, $context);

        //Get the original querystring
        $state = rawurldecode($context->getRequest()->getQuery()->state);
        parse_str($state, $querystring);

        //Start a session if fb_start_session is set, previously a POST based login
        if($context->action == 'dispatch' && isset($querystring['fb_start_session']) && $querystring['fb_start_session'] == 1){

            $this->_startSession($context);

            //Create new session
            $this->getObject('com:users.controller.session')->add($context);

            unset($querystring['fb_start_session']);
        }

        //If we were redirected with a code, redirect to the origin redirect URL with state
        if($code){
            $redirect_url = $this->_getRedirectUrl($context);
            $redirect_url->setQuery($querystring);

            $context->response->setStatus(Library\DispatcherResponse::FOUND);
            $context->response->setRedirect($redirect_url);
            $this->send($context);
        }
    }

    /**
     * Starts the session
     *
     * @param Library\DispatcherContextInterface $context
     */
    protected function _startSession(Library\DispatcherContextInterface $context)
    {
        $session = $context->getUser()->getSession();

        if(!$session->isActive()){

            //Set Session Name
            $session->setName(md5($context->request->getBasePath()));

            //Set Session Options
            $session->setOptions(array(
                'cookie_path'   => (string) $context->request->getBaseUrl()->getPath() ?: '/',
                'cookie_domain' => (string) $context->request->getBaseUrl()->getHost()
            ));

            //Start the session (if not started already)
            $session->start();
        }
    }

    /**
     * Gets the redirect URL for facebook
     *
     * @param Library\DispatcherContextInterface $context
     * @return Library\HttpUrl
     */
    protected function _getRedirectUrl(Library\DispatcherContextInterface $context = null)
    {
        if(!$this->_redirect_url){

            $redirect_url = $this->getConfig()->redirect_url;

            //Convert url to relative
            if($redirect_url && substr($redirect_url,0,4) != 'http'){
                $redirect_url = $context->getRequest()->getUrl()->toString(Library\HttpUrl::AUTHORITY).$redirect_url;
            }

            //Create URL object or use request URL
            $redirect_url = $this->getObject('lib:http.url', array('url' => $redirect_url ?: $context->getRequest()->getUrl()->toString(Library\HttpUrl::AUTHORITY)));

            //Facebook requires urls to end in a slash
            $this->_redirect_url = $redirect_url->setPath(rtrim($redirect_url->getPath(),'/').'/');
        }

        return $this->_redirect_url;
    }

    /**
     * Redirect the user to the facebook oauth dialog/page
     *
     * @param Library\DispatcherContextInterface $context
     */
    protected function _redirectToFacebook(Library\DispatcherContextInterface $context)
    {
        //Create scopes
        $scopes = $this->getConfig()->scopes->toArray();
        if(!in_array('email', $scopes)){
            $scopes[] = 'email';
        }
        $scopes         = implode(',',$scopes);

        $redirect_url   = $this->_getRedirectUrl($context);
        $querystring    = $redirect_url->getQuery(true);

        if($context->action == 'post' || $this->getConfig()->auto_auth){
            $querystring['fb_start_session'] = 1;
        }

        $querystring = rawurlencode(http_build_query($querystring));

        //Clear query string, facebook requires a path only url
        $redirect_url->setQuery(array());

        //Redirect to facebook auth
        $context->response->setStatus(Library\DispatcherResponse::FOUND);
        $context->response->setRedirect('https://www.facebook.com/dialog/oauth?client_id='.$this->getConfig()->client_id.'&scope='.$scopes.'&redirect_uri='.$redirect_url.'&state='.$querystring);
        $this->send($context);
    }


    /**
     * Authenticates a user with facebook using the supplied access token.
     * If user returned, a local user is created if create_user = true in config
     * User account is updated with access token and expiry
     *
     * @param $access_token
     * @param \DateTime $token_expiry
     * @return bool
     * @throws \RuntimeException
     */
    protected function _authenticateUser($access_token, \DateTime $token_expiry)
    {
        //Fetch facebook user
        $fb_user = $this->getFacebookUser($access_token);

        //Ensure we have the users email address
        if(!isset($fb_user->email) || !$fb_user->email){
            throw new \RuntimeException('User email address missing from facebook response');
        }

        //Fetch user
        $user = $this->getObject('com:users.model.users')->email($fb_user->email)->fetch();

        //Do nothing if the user is new and we're not creating users
        if(!$this->getConfig()->create_user && $user->isNew()){
            return false;
        }

        //Format expiry date
        $expiry_date = $token_expiry->format('Y-m-d H:i:s');

        //If new user, create user account
        if($user->isNew()){
            $user = $this->_createUser(array(
                'email' => $fb_user->email,
                'name' => $fb_user->name,
                'facebook_access_token' => $access_token,
                'facebook_token_expiry' => $expiry_date
            ));
        }

        //Update the token and expiry if different
        if($user->facebook_access_token != $access_token || $user->facebook_token_expiry != $expiry_date){
            $user->facebook_access_token = $access_token;
            $user->facebook_token_expiry = $expiry_date;
            $user->save();
        }

        return $user;
    }

    /**
     * Creates a new user with the supplied data, disables activation as we know the user is active
     *
     * @param array $user_data
     * @return mixed
     */
    protected function _createUser($user_data = array())
    {
        $user_data['password'] = hash_hmac('sha256', time().$user_data['facebook_access_token'], $this->getConfig()->client_secret);
        $user = $this->getObject('com:users.controller.user')->add($user_data);
        $user->password = null;
        $user->enabled = 1;
        $user->activation = null;
        $user->save();

        return $user;
    }

    /**
     * Log the user in
     *
     * @param string $username  A user key or name
     * @param array  $data      Optional user data
     *
     * @return bool
     */
    protected function _loginUser($username, Library\DispatcherContextInterface $context)
    {
        //Set user data in context
        $data = $this->getObject('user.provider')->load($username)->toArray();
        $data['authentic'] = true;

        $context->getUser()->setData($data);
    }

    /***
     * FACEBOOK API access methods
     */

    /**
     * Produces the app token string
     *
     * @return string
     */
    public function getAppToken()
    {
        return $this->getConfig()->client_id.'|'.$this->getConfig()->client_secret;
    }

    /**
     * Gets the access token from facebook by exchanging the code for an access token
     *
     * @param $code
     * @return Library\ObjectConfig
     */
    public function exchangeCodeForAccessToken($code, Library\DispatcherContextInterface $context)
    {
        $client_id = $this->getConfig()->client_id;
        $client_secret = $this->getConfig()->client_secret;
        $redirect_url = $this->_getRedirectUrl($context);
        $redirect_url->setQuery(array());

        //Make request for token
        $response = $this->_queryFacebook('oauth/access_token', array('client_id' => $client_id, 'client_secret' => $client_secret, 'redirect_uri' => (string) $redirect_url, 'code' => $code));

        //Parse out the response, it's a querystring
        $query = array();
        parse_str($response, $query);

        $token = new Library\ObjectConfig($query);

        //Store access token
        $access_token = $token->access_token;
        $this->setAccessToken($access_token);

        //Convert expiry date
        $expiry_date = new \DateTime();
        $expiry_date->add(new \DateInterval('PT'.$token->expires.'S'));
        $this->setTokenExpiry($expiry_date);

        return $token;
    }

    /**
     * Validate an access token
     *
     * @param $token
     * @return bool
     */
    public function isAccessTokenValid($token)
    {
        $response = $this->validateAccessToken($token);

        return isset($response->data) && isset($response->data->is_valid) && $response->data->is_valid;
    }

    /**
     * Validates an access token against the facebook api, returning the token information or error
     *
     * @param $token
     * @return mixed
     */
    public function validateAccessToken($access_token)
    {
        $token = $this->_queryFacebook('debug_token', array('input_token' => $access_token, 'access_token' => $this->getAppToken()));

        //Ensure correct token data present
        if(!$token || !(isset($token->data) && isset($token->data->is_valid) && $token->data->is_valid)){
            throw new \RuntimeException('The supplied access token is invalid');
        }

        //Store token
        $this->setAccessToken($access_token);

        //Store expiry date
        $expiry_date = new \DateTime();
        $expiry_date->add(new \DateInterval('PT'.$token->data->expires_at.'S'));
        $this->setTokenExpiry($expiry_date);

        return $token;
    }

    /**
     * Gets the user object from facebook
     *
     * @param $token
     * @return object
     */
    public function getFacebookUser($token)
    {
        return $this->_queryFacebook('me', array('access_token' => $token));
    }

    /**
     * Queries facebook API for the url and the given query params
     *
     * @param $url
     * @param array $params
     * @return mixed
     * @throws \RuntimeException
     */
    protected function _queryFacebook($url, $params = array())
    {
        $curl = curl_init();
        curl_setopt_array($curl, array(
            CURLOPT_RETURNTRANSFER => 1,
            CURLOPT_URL => 'https://graph.facebook.com/'.$url.'?'.http_build_query($params)
        ));

        //Fetch curl result
        $response = curl_exec($curl);

        //Ensure the result was successful
        $httpcode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
        if($httpcode != 200){
            $data = json_decode($response);

            throw new \RuntimeException(isset($data->error) ? $data->error->message : 'An unexpected error occurred whilst communicating with facebook. '.$response);
        }

        //Detect content type
        $content_type = array_shift(explode(';',curl_getinfo($curl, CURLINFO_CONTENT_TYPE)));

        //Return json decoded object if json
        return $content_type == 'application/json' ? json_decode($response) : $response;
    }
}
	<?php
	namespace Nooku\Component\Overrides;

	use Nooku\Library;
	use Nooku\Component\Users;

	class UsersDispatcherAuthenticatorFacebook extends Library\DispatcherAuthenticatorAbstract
	{
	/**
	* A redirect url
	*
	* @var string
	*/
	protected $_redirect_url;

	/**
	* The Facebook access token to be used
	*
	* @var string
	*/
	protected $_access_token;

	/**
	* @var \DateTime
	*/
	protected $_token_expiry;

	/**
	* Constructor.
	*
	* @param Library\ObjectConfig $config Configuration options
	*/
	public function __construct(Library\ObjectConfig $config)
	{
	parent::__construct($config);

	$this->addCommandCallback('before.dispatch', 'authenticateRequest');
	$this->addCommandCallback('before.post', 'authenticateRequest');

	$this->_access_token = $config->access_token;
	}

	/**
	* Initializes the options for the object
	*
	* Called from {@link __construct()} as a first step of object instantiation.
	*
	* @param ObjectConfig $config A ObjectConfig object with configuration options
	* @return void
	*/
	protected function _initialize(Library\ObjectConfig $config)
	{
	$config->append(array(
	'client_id' => '',
	'client_secret' => '',
	'redirect_url' => null,
	'access_token' => null,
	'scopes' => array(),
	'auto_auth' => false,
	'create_user' => true
	));

	parent::_initialize($config);
	}

	/**
	* Gets the facebook access token
	*
	* @return string
	*/
	public function getAccessToken()
	{
	return $this->_access_token;
	}

	/**
	* Set the facebook access token
	*
	* @param $token
	*/
	protected function setAccessToken($token)
	{
	$this->_access_token = $token;
	}

	/**
	* Gets the token expiry time
	*
	* @return \DateTime
	*/
	public function getTokenExpiry()
	{
	return $this->_token_expiry;
	}

	/**
	* Set token expiry
	*
	* @param \DateTime $expiry
	*/
	protected function setTokenExpiry(\DateTime $expiry)
	{
	$this->_token_expiry = $expiry;
	}

	/**
	* Authenticate user against facebook api
	*
	* @param Library\DispatcherContextInterface $context A dispatcher context object
	* @return boolean Returns FALSE if the check failed. Otherwise TRUE.
	*/
	public function authenticateRequest(Library\DispatcherContextInterface $context)
	{
	//If authenticated, don't continue
	if($context->getUser()->isAuthentic()){
	return;
	}

	$is_session = $context->getSubject()->getController()->getIdentifier()->package == 'users' && $context->getSubject()->getController()->getIdentifier()->name == 'session';
	$code = $context->getRequest()->getQuery()->code;
	$access_token = $context->getRequest()->getQuery()->access_token ?: $this->getAccessToken();

	/**
	* Execution only continues if no code or access token supplied,
	* Action is dispatch and auto_auth is disabled, or action is post and it's not the user session controller
	*/
	if(!$code && !$access_token && (($context->action == 'dispatch' && !$this->getConfig()->auto_auth) \|\| ($context->action == 'post' && !$is_session))){
	return;
	}

	//If no code or access token, redirect to facebook to get code
	if(!$access_token && !$code){
	$this->_redirectToFacebook($context);
	return;
	}

	//Get access token from code
	if($code){
	$this->exchangeCodeForAccessToken($code, $context);

	//Validate the token
	}else if($access_token){
	$this->validateAccessToken($access_token);
	}

	//If no access token, stop
	if(!$this->getAccessToken()){
	return;
	}

	//Authenticate the user
	if(false == $user = $this->_authenticateUser($this->getAccessToken(), $this->getTokenExpiry())){
	return;
	}

	//Set user data in context
	$this->_loginUser($user->id, $context);

	//Get the original querystring
	$state = rawurldecode($context->getRequest()->getQuery()->state);
	parse_str($state, $querystring);

	//Start a session if fb_start_session is set, previously a POST based login
	if($context->action == 'dispatch' && isset($querystring['fb_start_session']) && $querystring['fb_start_session'] == 1){

	$this->_startSession($context);

	//Create new session
	$this->getObject('com:users.controller.session')->add($context);

	unset($querystring['fb_start_session']);
	}

	//If we were redirected with a code, redirect to the origin redirect URL with state
	if($code){
	$redirect_url = $this->_getRedirectUrl($context);
	$redirect_url->setQuery($querystring);

	$context->response->setStatus(Library\DispatcherResponse::FOUND);
	$context->response->setRedirect($redirect_url);
	$this->send($context);
	}
	}

	/**
	* Starts the session
	*
	* @param Library\DispatcherContextInterface $context
	*/
	protected function _startSession(Library\DispatcherContextInterface $context)
	{
	$session = $context->getUser()->getSession();

	if(!$session->isActive()){

	//Set Session Name
	$session->setName(md5($context->request->getBasePath()));

	//Set Session Options
	$session->setOptions(array(
	'cookie_path' => (string) $context->request->getBaseUrl()->getPath() ?: '/',
	'cookie_domain' => (string) $context->request->getBaseUrl()->getHost()
	));

	//Start the session (if not started already)
	$session->start();
	}
	}

	/**
	* Gets the redirect URL for facebook
	*
	* @param Library\DispatcherContextInterface $context
	* @return Library\HttpUrl
	*/
	protected function _getRedirectUrl(Library\DispatcherContextInterface $context = null)
	{
	if(!$this->_redirect_url){

	$redirect_url = $this->getConfig()->redirect_url;

	//Convert url to relative
	if($redirect_url && substr($redirect_url,0,4) != 'http'){
	$redirect_url = $context->getRequest()->getUrl()->toString(Library\HttpUrl::AUTHORITY).$redirect_url;
	}

	//Create URL object or use request URL
	$redirect_url = $this->getObject('lib:http.url', array('url' => $redirect_url ?: $context->getRequest()->getUrl()->toString(Library\HttpUrl::AUTHORITY)));

	//Facebook requires urls to end in a slash
	$this->_redirect_url = $redirect_url->setPath(rtrim($redirect_url->getPath(),'/').'/');
	}

	return $this->_redirect_url;
	}

	/**
	* Redirect the user to the facebook oauth dialog/page
	*
	* @param Library\DispatcherContextInterface $context
	*/
	protected function _redirectToFacebook(Library\DispatcherContextInterface $context)
	{
	//Create scopes
	$scopes = $this->getConfig()->scopes->toArray();
	if(!in_array('email', $scopes)){
	$scopes[] = 'email';
	}
	$scopes = implode(',',$scopes);

	$redirect_url = $this->_getRedirectUrl($context);
	$querystring = $redirect_url->getQuery(true);

	if($context->action == 'post' \|\| $this->getConfig()->auto_auth){
	$querystring['fb_start_session'] = 1;
	}

	$querystring = rawurlencode(http_build_query($querystring));

	//Clear query string, facebook requires a path only url
	$redirect_url->setQuery(array());

	//Redirect to facebook auth
	$context->response->setStatus(Library\DispatcherResponse::FOUND);
	$context->response->setRedirect('https://www.facebook.com/dialog/oauth?client_id='.$this->getConfig()->client_id.'&scope='.$scopes.'&redirect_uri='.$redirect_url.'&state='.$querystring);
	$this->send($context);
	}


	/**
	* Authenticates a user with facebook using the supplied access token.
	* If user returned, a local user is created if create_user = true in config
	* User account is updated with access token and expiry
	*
	* @param $access_token
	* @param \DateTime $token_expiry
	* @return bool
	* @throws \RuntimeException
	*/
	protected function _authenticateUser($access_token, \DateTime $token_expiry)
	{
	//Fetch facebook user
	$fb_user = $this->getFacebookUser($access_token);

	//Ensure we have the users email address
	if(!isset($fb_user->email) \|\| !$fb_user->email){
	throw new \RuntimeException('User email address missing from facebook response');
	}

	//Fetch user
	$user = $this->getObject('com:users.model.users')->email($fb_user->email)->fetch();

	//Do nothing if the user is new and we're not creating users
	if(!$this->getConfig()->create_user && $user->isNew()){
	return false;
	}

	//Format expiry date
	$expiry_date = $token_expiry->format('Y-m-d H:i:s');

	//If new user, create user account
	if($user->isNew()){
	$user = $this->_createUser(array(
	'email' => $fb_user->email,
	'name' => $fb_user->name,
	'facebook_access_token' => $access_token,
	'facebook_token_expiry' => $expiry_date
	));
	}

	//Update the token and expiry if different
	if($user->facebook_access_token != $access_token \|\| $user->facebook_token_expiry != $expiry_date){
	$user->facebook_access_token = $access_token;
	$user->facebook_token_expiry = $expiry_date;
	$user->save();
	}

	return $user;
	}

	/**
	* Creates a new user with the supplied data, disables activation as we know the user is active
	*
	* @param array $user_data
	* @return mixed
	*/
	protected function _createUser($user_data = array())
	{
	$user_data['password'] = hash_hmac('sha256', time().$user_data['facebook_access_token'], $this->getConfig()->client_secret);
	$user = $this->getObject('com:users.controller.user')->add($user_data);
	$user->password = null;
	$user->enabled = 1;
	$user->activation = null;
	$user->save();

	return $user;
	}

	/**
	* Log the user in
	*
	* @param string $username A user key or name
	* @param array $data Optional user data
	*
	* @return bool
	*/
	protected function _loginUser($username, Library\DispatcherContextInterface $context)
	{
	//Set user data in context
	$data = $this->getObject('user.provider')->load($username)->toArray();
	$data['authentic'] = true;

	$context->getUser()->setData($data);
	}

	/***
	* FACEBOOK API access methods
	*/

	/**
	* Produces the app token string
	*
	* @return string
	*/
	public function getAppToken()
	{
	return $this->getConfig()->client_id.'\|'.$this->getConfig()->client_secret;
	}

	/**
	* Gets the access token from facebook by exchanging the code for an access token
	*
	* @param $code
	* @return Library\ObjectConfig
	*/
	public function exchangeCodeForAccessToken($code, Library\DispatcherContextInterface $context)
	{
	$client_id = $this->getConfig()->client_id;
	$client_secret = $this->getConfig()->client_secret;
	$redirect_url = $this->_getRedirectUrl($context);
	$redirect_url->setQuery(array());

	//Make request for token
	$response = $this->_queryFacebook('oauth/access_token', array('client_id' => $client_id, 'client_secret' => $client_secret, 'redirect_uri' => (string) $redirect_url, 'code' => $code));

	//Parse out the response, it's a querystring
	$query = array();
	parse_str($response, $query);

	$token = new Library\ObjectConfig($query);

	//Store access token
	$access_token = $token->access_token;
	$this->setAccessToken($access_token);

	//Convert expiry date
	$expiry_date = new \DateTime();
	$expiry_date->add(new \DateInterval('PT'.$token->expires.'S'));
	$this->setTokenExpiry($expiry_date);

	return $token;
	}

	/**
	* Validate an access token
	*
	* @param $token
	* @return bool
	*/
	public function isAccessTokenValid($token)
	{
	$response = $this->validateAccessToken($token);

	return isset($response->data) && isset($response->data->is_valid) && $response->data->is_valid;
	}

	/**
	* Validates an access token against the facebook api, returning the token information or error
	*
	* @param $token
	* @return mixed
	*/
	public function validateAccessToken($access_token)
	{
	$token = $this->_queryFacebook('debug_token', array('input_token' => $access_token, 'access_token' => $this->getAppToken()));

	//Ensure correct token data present
	if(!$token \|\| !(isset($token->data) && isset($token->data->is_valid) && $token->data->is_valid)){
	throw new \RuntimeException('The supplied access token is invalid');
	}

	//Store token
	$this->setAccessToken($access_token);

	//Store expiry date
	$expiry_date = new \DateTime();
	$expiry_date->add(new \DateInterval('PT'.$token->data->expires_at.'S'));
	$this->setTokenExpiry($expiry_date);

	return $token;
	}

	/**
	* Gets the user object from facebook
	*
	* @param $token
	* @return object
	*/
	public function getFacebookUser($token)
	{
	return $this->_queryFacebook('me', array('access_token' => $token));
	}

	/**
	* Queries facebook API for the url and the given query params
	*
	* @param $url
	* @param array $params
	* @return mixed
	* @throws \RuntimeException
	*/
	protected function _queryFacebook($url, $params = array())
	{
	$curl = curl_init();
	curl_setopt_array($curl, array(
	CURLOPT_RETURNTRANSFER => 1,
	CURLOPT_URL => 'https://graph.facebook.com/'.$url.'?'.http_build_query($params)
	));

	//Fetch curl result
	$response = curl_exec($curl);

	//Ensure the result was successful
	$httpcode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
	if($httpcode != 200){
	$data = json_decode($response);

	throw new \RuntimeException(isset($data->error) ? $data->error->message : 'An unexpected error occurred whilst communicating with facebook. '.$response);
	}

	//Detect content type
	$content_type = array_shift(explode(';',curl_getinfo($curl, CURLINFO_CONTENT_TYPE)));

	//Return json decoded object if json
	return $content_type == 'application/json' ? json_decode($response) : $response;
	}
	}