Ejemplo n.º 1
0
function trust_render($info)
{
    $current_user = getLoggedInUser();
    $lnk = link_render(idURL($current_user));
    $trust_root = htmlspecialchars($info->trust_root);
    $trust_url = buildURL('trust', true);
    if ($info->idSelect()) {
        $prompt = id_select_pat;
    } else {
        $prompt = sprintf(normal_pat, $lnk, $trust_root);
    }
    $form = sprintf(trust_form_pat, $trust_url, $prompt);
    return page_render($form, $current_user, 'Trust This Site');
}
Ejemplo n.º 2
0
function login_render($errors = null, $input = null, $needed = null)
{
    $current_user = getLoggedInUser();
    if ($input === null) {
        $input = $current_user;
    }
    if ($needed) {
        $errors[] = sprintf(login_needed_pat, link_render($needed));
    }
    $esc_input = htmlspecialchars($input, ENT_QUOTES);
    $login_url = buildURL('login', true);
    $body = sprintf(login_form_pat, idURL('USERNAME'), $login_url, $esc_input);
    if ($errors) {
        $body = loginError_render($errors) . $body;
    }
    return page_render($body, $current_user, 'Log In', null, true);
}
Ejemplo n.º 3
0
function doAuth($info, $trusted = null, $fail_cancels = false, $idpSelect = null)
{
    if (!$info) {
        // There is no authentication information, so bail
        return authCancel(null);
    }
    if ($info->idSelect()) {
        if ($idpSelect) {
            $req_url = idURL($idpSelect);
        } else {
            $trusted = false;
        }
    } else {
        $req_url = $info->identity;
    }
    $user = getLoggedInUser();
    setRequestInfo($info);
    if (!$info->idSelect() && $req_url != idURL($user)) {
        return login_render(array(), $req_url, $req_url);
    }
    $trust_root = $info->trust_root;
    if ($trusted) {
        setRequestInfo();
        $server =& getServer();
        $response =& $info->answer(true, null, $req_url);
        // Answer with some sample Simple Registration data.
        $sreg_data = array('fullname' => 'Example User', 'nickname' => 'example', 'dob' => '1970-01-01', 'email' => 'invalid@example.com', 'gender' => 'F', 'postcode' => '12345', 'country' => 'ES', 'language' => 'eu', 'timezone' => 'America/New_York');
        // Add the simple registration response values to the OpenID
        // response message.
        $sreg_request = Auth_OpenID_SRegRequest::fromOpenIDRequest($info);
        $sreg_response = Auth_OpenID_SRegResponse::extractResponse($sreg_request, $sreg_data);
        $sreg_response->toMessage($response->fields);
        // Generate a response to send to the user agent.
        $webresponse =& $server->encodeResponse($response);
        $new_headers = array();
        foreach ($webresponse->headers as $k => $v) {
            $new_headers[] = $k . ": " . $v;
        }
        return array($new_headers, $webresponse->body);
    } elseif ($fail_cancels) {
        return authCancel($info);
    } else {
        return trust_render($info);
    }
}
Ejemplo n.º 4
0
/**
 * Render an HTML page
 */
function page_render($body, $user, $title, $h1 = null, $login = false)
{
    $h1 = $h1 ? $h1 : $title;
    if ($user) {
        $msg = sprintf(logged_in_pat, link_render(idURL($user), $user), link_render(idURL($user)));
        $nav = array('logout' => 'Log Out');
        $navigation = navigation_render($msg, $nav);
    } else {
        if (!$login) {
            $msg = link_render(buildURL('login'), 'Log In');
            $navigation = navigation_render($msg, array());
        } else {
            $navigation = '';
        }
    }
    $style = getStyle();
    $text = sprintf(page_template, $title, $style, $navigation, $h1, $body);
    // No special headers here
    $headers = array();
    return array($headers, $text);
}
Ejemplo n.º 5
0
function trust_render($info)
{
    $current_user = getLoggedInUser();
    $lnk = link_render(idURL($current_user));
    $trust_root = htmlspecialchars($info->trust_root);
    //    $trust_url = buildURL('trust', true);
    $trust_url = "https://openid4.me/index.php/trust";
    //    if ($info->idSelect()) {
    //        $prompt = id_select_pat;
    //        $prompt = sprintf(id_select_pat, $trust_root);
    //    } else {
    //        $prompt = sprintf(normal_pat, $lnk, $trust_root);
    //        $prompt = sprintf(normal_pat, $trust_root);
    //    }
    $prompt = sprintf(id_select_pat, $trust_root);
    //print "<pre>";
    //print_r($info);
    //print "</pre>";
    $form = sprintf(trust_form_pat, $trust_url, $prompt);
    //    return page_render($form, $current_user, 'Trust This Site');
    return page_render($form, $current_user, 'openid4.me - Confirm Login Request and Select your WebID');
}
Ejemplo n.º 6
0
function send_geni_user($server, $info)
{
    $geni_user = geni_loadUser();
    $req_url = idURL($geni_user->username);
    $response =& $info->answer(true, null, $req_url);
    // Answer with some sample Simple Registration data.
    global $portal_cert_file;
    global $portal_private_key_file;
    $sreg_data = array();
    if ($geni_user) {
        $sreg_data['nickname'] = $geni_user->username;
        $sreg_data['email'] = $geni_user->email();
    }
    if (empty($sreg_data)) {
        error_log("OpenID: Unable to access user information.");
    }
    // Add the simple registration response values to the OpenID
    // response message.
    $sreg_request = Auth_OpenID_SRegRequest::fromOpenIDRequest($info);
    $sreg_response = Auth_OpenID_SRegResponse::extractResponse($sreg_request, $sreg_data);
    $sreg_response->toMessage($response->fields);
    /*
     * Attribute Exchange (AX) is an OpenID extension to pass additional
     * attributes. This code was derived by looking at some client
     * examples and the AX code. No server-side examples of PHP OpenID
     * AX were found.
     *
     * AX seems to be fragile. Small changes to the code below can
     * result in authentication failures.
     *
     * The user URN has '+' characters but these consistently caused
     * authentication failures in testing. Replacing the '+' with '|'
     * worked, so that is a necessary transformation below.
     */
    $ax_request = Auth_OpenID_AX_FetchRequest::fromOpenIDRequest($info);
    if ($ax_request and !Auth_OpenID_AX::isError($ax_request)) {
        /* error_log("received AX request: " . print_r($ax_request, true)); */
        $ax_response = new Auth_OpenID_AX_FetchResponse();
        add_project_slice_info($geni_user, $projects, $slices);
        foreach ($ax_request->iterTypes() as $ax_req_type) {
            switch ($ax_req_type) {
                case 'http://geni.net/projects':
                    $ax_response->setValues($ax_req_type, $projects);
                    break;
                case 'http://geni.net/slices':
                    $ax_response->setValues($ax_req_type, $slices);
                    break;
                case 'http://geni.net/user/urn':
                    $urn = $geni_user->urn();
                    $urn = str_replace('+', '|', $urn);
                    $ax_response->addValue('http://geni.net/user/urn', $urn);
                    break;
                case 'http://geni.net/user/prettyname':
                    $ax_response->addValue($ax_req_type, $geni_user->prettyName());
                    break;
                case 'http://geni.net/wimax/username':
                case 'http://geni.net/wimax/wimax_username':
                    $wimax_name = null;
                    if (isset($geni_user->ma_member->wimax_username)) {
                        $wimax_name = $geni_user->ma_member->wimax_username;
                    }
                    /* Only send wimax name if it exists. */
                    if ($wimax_name) {
                        $ax_response->addValue($ax_req_type, $wimax_name);
                    }
                    break;
                case 'http://geni.net/irods/username':
                    /* Get the iRODS username. Do we need to respect the
                     * 'irods_enabled' flag?
                     */
                    $irods_username = null;
                    if (isset($geni_user->ma_member->irods_username)) {
                        $irods_username = $geni_user->ma_member->irods_username;
                    }
                    /* Only send it if it exists. */
                    if ($irods_username) {
                        error_log("Returning iRODS username {$irods_username} for user " . $geni_user->urn());
                        $ax_response->addValue($ax_req_type, $irods_username);
                    } else {
                        error_log("No iRODS username in OpenID for user " . $geni_user->urn());
                    }
                    break;
                case 'http://geni.net/irods/zone':
                    /* Get the IRods zone for this user. */
                    $irods_zone = irods_default_zone();
                    /* Only send it if it exists. */
                    if ($irods_zone) {
                        error_log("Returning iRODS zone {$irods_zone} for user " . $geni_user->urn());
                        $ax_response->addValue($ax_req_type, $irods_zone);
                    } else {
                        error_log("No iRODS zone in OpenID for user " . $geni_user->urn());
                    }
                    break;
            }
        }
        $ax_response->toMessage($response->fields);
    }
    // Generate a response to send to the user agent.
    $webresponse =& $server->encodeResponse($response);
    $new_headers = array();
    foreach ($webresponse->headers as $k => $v) {
        $new_headers[] = $k . ": " . $v;
    }
    return array($new_headers, $webresponse->body);
}