/**
*
* @return bool
* @param string $a_username
* @param string $a_password
* @param bool $isChallengeResponse[optional]
*/
public function fetchData($a_username, $a_password, $isChallengeResponse = false)
{
global $ilLog;
$ilLog->write(__METHOD__ . ': Fetch Data called');
$response = $this->settings->getConsumer()->complete($this->settings->getReturnLocation());
switch ($response->status) {
case Auth_OpenID_CANCEL:
die("Auth cancelled");
case Auth_OpenID_FAILURE:
die("Auth failed with message: " . $response->message);
case Auth_OpenID_SUCCESS:
$openid = $response->getDisplayIdentifier();
$esc_identity = htmlentities($openid);
$ilLog->write(__METHOD__ . ': Auth success with identity ' . $esc_identity);
if ($response->endpoint->canonicalID) {
$escaped_canonicalID = htmlentities($response->endpoint->canonicalID);
$ilLog->write(__METHOD__ . ': Auth success with canonical id: ' . $esc_identity);
}
include_once 'Auth/OpenID/SReg.php';
// Check if simple registration is supported
if (Auth_OpenID_supportsSReg($response->endpoint)) {
$sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response, true);
$this->response_data = $sreg_resp->contents();
$ilLog->write(__METHOD__ . ' auth data: ' . print_r($this->response_data, true));
return true;
} else {
// Try to fetch response values
foreach ($response->message->args->keys as $key => $mapping) {
if ($mapping[1] == 'sreg.nickname') {
$this->response_data['nickname'] = $response->message->args->values[$key];
}
if ($mapping[1] == 'sreg.email') {
$this->response_data['email'] = $response->message->args->values[$key];
}
}
}
return true;
}
return false;
}
/**
* Show the "login" page
*
* @return string Returns the "login" page as HTML code.
*/
public function login()
{
try {
if (!defined('OPENSTACKID_ENABLED') || OPENSTACKID_ENABLED == false) {
return parent::login();
}
$member = Member::currentUser();
if ($member) {
// user is already logged in
return $this->redirect(OpenStackIdCommon::getRedirectBackUrl());
}
if (!Director::is_https()) {
OpenStackIdCommon::redirectToSSL($_SERVER['REQUEST_URI']);
}
// Begin the OpenID authentication process.
$auth_request = $this->consumer->begin(IDP_OPENSTACKID_URL);
//remove jainrain nonce
unset($auth_request->return_to_args['janrain_nonce']);
// No auth request means we can't begin OpenID.
if (!$auth_request) {
throw new Exception("The OpenID authentication failed.");
}
if (Auth_OpenID_supportsSReg($auth_request->endpoint)) {
//SREG
$sreg_request = Auth_OpenID_SRegRequest::build(array('email', 'fullname'), array('country', 'language'));
if ($sreg_request) {
$auth_request->addExtension($sreg_request);
}
} else {
//AX
// Create attribute request object
// See http://code.google.com/apis/accounts/docs/OpenID.html#Parameters for parameters
// Usage: make($type_uri, $count=1, $required=false, $alias=null)
$attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/contact/email', 1, 1, 'email');
$attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/first', 1, 1, 'firstname');
$attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/last', 1, 1, 'lastname');
$attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson', 1, 1, 'fullname');
// Create AX fetch request
$ax = new Auth_OpenID_AX_FetchRequest();
// Add attributes to AX fetch request
foreach ($attribute as $attr) {
$ax->add($attr);
}
// Add AX fetch request to authentication request
$auth_request->addExtension($ax);
}
//Redirect the user to the OpenID server for authentication .
// Store the token for this authentication so we can verify the
// response.
// For OpenID 1, send a redirect. For OpenID 2, use a Javascript
// form to send a POST request to the server.
if ($auth_request->shouldSendRedirect()) {
$redirect_url = $auth_request->redirectURL($this->getTrustRoot(), $this->getReturnTo());
// If the redirect URL can't be built, display an error
// message.
if (Auth_OpenID::isFailure($redirect_url)) {
echo "Could not redirect to server: " . $redirect_url->message;
} else {
// Send redirect.
header("Location: " . $redirect_url);
}
} else {
// Generate form markup and render it.
$form_id = 'openid_message';
$form_html = $auth_request->htmlMarkup(OpenStackIdCommon::getTrustRoot(), OpenStackIdCommon::getReturnTo(), false, array('id' => $form_id));
// Display an error if the form markup couldn't be generated;
// otherwise, render the HTML.
if (Auth_OpenID::isFailure($form_html)) {
echo "Could not redirect to server: " . $form_html->message;
} else {
print $form_html;
}
}
exit;
} catch (Exception $ex) {
SS_Log::log($ex, SS_Log::WARN);
Session::set("Security.Message.message", $ex->getMessage());
Session::set("Security.Message.type", "bad");
return $this->redirect("Security/badlogin");
}
}
private function getUserProfileInfo($response)
{
if (Auth_OpenID_supportsSReg($response->endpoint)) {
$sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response);
$sreg = $sreg_resp->contents();
$email = @$sreg['email'];
$full_name = @$sreg['fullname'];
} else {
//AX
// Get registration informations
$ax = new Auth_OpenID_AX_FetchResponse();
$obj = $ax->fromSuccessResponse($response);
$email = $obj->data["http://axschema.org/contact/email"][0];
if (isset($obj->data["http://axschema.org/namePerson/first"])) {
$full_name = $obj->data["http://axschema.org/namePerson/first"][0] . ' ' . $obj->data["http://axschema.org/namePerson/last"][0];
} else {
$full_name = $obj->data["http://axschema.org/namePerson"][0];
}
}
return array($email, $full_name);
}
function test_supported_1_0()
{
$endpoint = new FakeEndpoint(array(Auth_OpenID_SREG_NS_URI_1_0));
$this->assertTrue(Auth_OpenID_supportsSReg($endpoint));
$this->assertEquals(array(Auth_OpenID_SREG_NS_URI_1_1, Auth_OpenID_SREG_NS_URI_1_0), $endpoint->checked_uris);
}
