function send_geni_user($server, $info)
{
$geni_user = geni_loadUser();
$req_url = idURL($geni_user->username);
$response =& $info->answer(true, null, $req_url);
// Answer with some sample Simple Registration data.
global $portal_cert_file;
global $portal_private_key_file;
$sreg_data = array();
if ($geni_user) {
$sreg_data['nickname'] = $geni_user->username;
$sreg_data['email'] = $geni_user->email();
}
if (empty($sreg_data)) {
error_log("OpenID: Unable to access user information.");
}
// Add the simple registration response values to the OpenID
// response message.
$sreg_request = Auth_OpenID_SRegRequest::fromOpenIDRequest($info);
$sreg_response = Auth_OpenID_SRegResponse::extractResponse($sreg_request, $sreg_data);
$sreg_response->toMessage($response->fields);
/*
* Attribute Exchange (AX) is an OpenID extension to pass additional
* attributes. This code was derived by looking at some client
* examples and the AX code. No server-side examples of PHP OpenID
* AX were found.
*
* AX seems to be fragile. Small changes to the code below can
* result in authentication failures.
*
* The user URN has '+' characters but these consistently caused
* authentication failures in testing. Replacing the '+' with '|'
* worked, so that is a necessary transformation below.
*/
$ax_request = Auth_OpenID_AX_FetchRequest::fromOpenIDRequest($info);
if ($ax_request and !Auth_OpenID_AX::isError($ax_request)) {
/* error_log("received AX request: " . print_r($ax_request, true)); */
$ax_response = new Auth_OpenID_AX_FetchResponse();
add_project_slice_info($geni_user, $projects, $slices);
foreach ($ax_request->iterTypes() as $ax_req_type) {
switch ($ax_req_type) {
case 'http://geni.net/projects':
$ax_response->setValues($ax_req_type, $projects);
break;
case 'http://geni.net/slices':
$ax_response->setValues($ax_req_type, $slices);
break;
case 'http://geni.net/user/urn':
$urn = $geni_user->urn();
$urn = str_replace('+', '|', $urn);
$ax_response->addValue('http://geni.net/user/urn', $urn);
break;
case 'http://geni.net/user/prettyname':
$ax_response->addValue($ax_req_type, $geni_user->prettyName());
break;
case 'http://geni.net/wimax/username':
case 'http://geni.net/wimax/wimax_username':
$wimax_name = null;
if (isset($geni_user->ma_member->wimax_username)) {
$wimax_name = $geni_user->ma_member->wimax_username;
}
/* Only send wimax name if it exists. */
if ($wimax_name) {
$ax_response->addValue($ax_req_type, $wimax_name);
}
break;
case 'http://geni.net/irods/username':
/* Get the iRODS username. Do we need to respect the
* 'irods_enabled' flag?
*/
$irods_username = null;
if (isset($geni_user->ma_member->irods_username)) {
$irods_username = $geni_user->ma_member->irods_username;
}
/* Only send it if it exists. */
if ($irods_username) {
error_log("Returning iRODS username {$irods_username} for user " . $geni_user->urn());
$ax_response->addValue($ax_req_type, $irods_username);
} else {
error_log("No iRODS username in OpenID for user " . $geni_user->urn());
}
break;
case 'http://geni.net/irods/zone':
/* Get the IRods zone for this user. */
$irods_zone = irods_default_zone();
/* Only send it if it exists. */
if ($irods_zone) {
error_log("Returning iRODS zone {$irods_zone} for user " . $geni_user->urn());
$ax_response->addValue($ax_req_type, $irods_zone);
} else {
error_log("No iRODS zone in OpenID for user " . $geni_user->urn());
}
break;
}
}
$ax_response->toMessage($response->fields);
}
// Generate a response to send to the user agent.
$webresponse =& $server->encodeResponse($response);
$new_headers = array();
foreach ($webresponse->headers as $k => $v) {
$new_headers[] = $k . ": " . $v;
}
return array($new_headers, $webresponse->body);
}
