function trust_render($info) { $current_user = getLoggedInUser(); $lnk = link_render(idURL($current_user)); $trust_root = htmlspecialchars($info->trust_root); $trust_url = buildURL('trust', true); if ($info->idSelect()) { $prompt = id_select_pat; } else { $prompt = sprintf(normal_pat, $lnk, $trust_root); } $form = sprintf(trust_form_pat, $trust_url, $prompt); return page_render($form, $current_user, 'Trust This Site'); }
function login_render($errors = null, $input = null, $needed = null) { $current_user = getLoggedInUser(); if ($input === null) { $input = $current_user; } if ($needed) { $errors[] = sprintf(login_needed_pat, link_render($needed)); } $esc_input = htmlspecialchars($input, ENT_QUOTES); $login_url = buildURL('login', true); $body = sprintf(login_form_pat, idURL('USERNAME'), $login_url, $esc_input); if ($errors) { $body = loginError_render($errors) . $body; } return page_render($body, $current_user, 'Log In', null, true); }
function doAuth($info, $trusted = null, $fail_cancels = false, $idpSelect = null) { if (!$info) { // There is no authentication information, so bail return authCancel(null); } if ($info->idSelect()) { if ($idpSelect) { $req_url = idURL($idpSelect); } else { $trusted = false; } } else { $req_url = $info->identity; } $user = getLoggedInUser(); setRequestInfo($info); if (!$info->idSelect() && $req_url != idURL($user)) { return login_render(array(), $req_url, $req_url); } $trust_root = $info->trust_root; if ($trusted) { setRequestInfo(); $server =& getServer(); $response =& $info->answer(true, null, $req_url); // Answer with some sample Simple Registration data. $sreg_data = array('fullname' => 'Example User', 'nickname' => 'example', 'dob' => '1970-01-01', 'email' => '*****@*****.**', 'gender' => 'F', 'postcode' => '12345', 'country' => 'ES', 'language' => 'eu', 'timezone' => 'America/New_York'); // Add the simple registration response values to the OpenID // response message. $sreg_request = Auth_OpenID_SRegRequest::fromOpenIDRequest($info); $sreg_response = Auth_OpenID_SRegResponse::extractResponse($sreg_request, $sreg_data); $sreg_response->toMessage($response->fields); // Generate a response to send to the user agent. $webresponse =& $server->encodeResponse($response); $new_headers = array(); foreach ($webresponse->headers as $k => $v) { $new_headers[] = $k . ": " . $v; } return array($new_headers, $webresponse->body); } elseif ($fail_cancels) { return authCancel($info); } else { return trust_render($info); } }
/** * Render an HTML page */ function page_render($body, $user, $title, $h1 = null, $login = false) { $h1 = $h1 ? $h1 : $title; if ($user) { $msg = sprintf(logged_in_pat, link_render(idURL($user), $user), link_render(idURL($user))); $nav = array('logout' => 'Log Out'); $navigation = navigation_render($msg, $nav); } else { if (!$login) { $msg = link_render(buildURL('login'), 'Log In'); $navigation = navigation_render($msg, array()); } else { $navigation = ''; } } $style = getStyle(); $text = sprintf(page_template, $title, $style, $navigation, $h1, $body); // No special headers here $headers = array(); return array($headers, $text); }
function trust_render($info) { $current_user = getLoggedInUser(); $lnk = link_render(idURL($current_user)); $trust_root = htmlspecialchars($info->trust_root); // $trust_url = buildURL('trust', true); $trust_url = "https://openid4.me/index.php/trust"; // if ($info->idSelect()) { // $prompt = id_select_pat; // $prompt = sprintf(id_select_pat, $trust_root); // } else { // $prompt = sprintf(normal_pat, $lnk, $trust_root); // $prompt = sprintf(normal_pat, $trust_root); // } $prompt = sprintf(id_select_pat, $trust_root); //print "<pre>"; //print_r($info); //print "</pre>"; $form = sprintf(trust_form_pat, $trust_url, $prompt); // return page_render($form, $current_user, 'Trust This Site'); return page_render($form, $current_user, 'openid4.me - Confirm Login Request and Select your WebID'); }
function send_geni_user($server, $info) { $geni_user = geni_loadUser(); $req_url = idURL($geni_user->username); $response =& $info->answer(true, null, $req_url); // Answer with some sample Simple Registration data. global $portal_cert_file; global $portal_private_key_file; $sreg_data = array(); if ($geni_user) { $sreg_data['nickname'] = $geni_user->username; $sreg_data['email'] = $geni_user->email(); } if (empty($sreg_data)) { error_log("OpenID: Unable to access user information."); } // Add the simple registration response values to the OpenID // response message. $sreg_request = Auth_OpenID_SRegRequest::fromOpenIDRequest($info); $sreg_response = Auth_OpenID_SRegResponse::extractResponse($sreg_request, $sreg_data); $sreg_response->toMessage($response->fields); /* * Attribute Exchange (AX) is an OpenID extension to pass additional * attributes. This code was derived by looking at some client * examples and the AX code. No server-side examples of PHP OpenID * AX were found. * * AX seems to be fragile. Small changes to the code below can * result in authentication failures. * * The user URN has '+' characters but these consistently caused * authentication failures in testing. Replacing the '+' with '|' * worked, so that is a necessary transformation below. */ $ax_request = Auth_OpenID_AX_FetchRequest::fromOpenIDRequest($info); if ($ax_request and !Auth_OpenID_AX::isError($ax_request)) { /* error_log("received AX request: " . print_r($ax_request, true)); */ $ax_response = new Auth_OpenID_AX_FetchResponse(); add_project_slice_info($geni_user, $projects, $slices); foreach ($ax_request->iterTypes() as $ax_req_type) { switch ($ax_req_type) { case 'http://geni.net/projects': $ax_response->setValues($ax_req_type, $projects); break; case 'http://geni.net/slices': $ax_response->setValues($ax_req_type, $slices); break; case 'http://geni.net/user/urn': $urn = $geni_user->urn(); $urn = str_replace('+', '|', $urn); $ax_response->addValue('http://geni.net/user/urn', $urn); break; case 'http://geni.net/user/prettyname': $ax_response->addValue($ax_req_type, $geni_user->prettyName()); break; case 'http://geni.net/wimax/username': case 'http://geni.net/wimax/wimax_username': $wimax_name = null; if (isset($geni_user->ma_member->wimax_username)) { $wimax_name = $geni_user->ma_member->wimax_username; } /* Only send wimax name if it exists. */ if ($wimax_name) { $ax_response->addValue($ax_req_type, $wimax_name); } break; case 'http://geni.net/irods/username': /* Get the iRODS username. Do we need to respect the * 'irods_enabled' flag? */ $irods_username = null; if (isset($geni_user->ma_member->irods_username)) { $irods_username = $geni_user->ma_member->irods_username; } /* Only send it if it exists. */ if ($irods_username) { error_log("Returning iRODS username {$irods_username} for user " . $geni_user->urn()); $ax_response->addValue($ax_req_type, $irods_username); } else { error_log("No iRODS username in OpenID for user " . $geni_user->urn()); } break; case 'http://geni.net/irods/zone': /* Get the IRods zone for this user. */ $irods_zone = irods_default_zone(); /* Only send it if it exists. */ if ($irods_zone) { error_log("Returning iRODS zone {$irods_zone} for user " . $geni_user->urn()); $ax_response->addValue($ax_req_type, $irods_zone); } else { error_log("No iRODS zone in OpenID for user " . $geni_user->urn()); } break; } } $ax_response->toMessage($response->fields); } // Generate a response to send to the user agent. $webresponse =& $server->encodeResponse($response); $new_headers = array(); foreach ($webresponse->headers as $k => $v) { $new_headers[] = $k . ": " . $v; } return array($new_headers, $webresponse->body); }