Ejemplo n.º 1
0
 protected function isOpenidProvider($identity)
 {
     // add http prefix if its not an email
     if (strpos($identity, '@') === false && substr($identity, 0, 7) != 'http://' && substr($identity, 0, 8) != 'https://') {
         $identity = 'http://' . $identity;
     }
     // build callback
     $callback = $this->pageUrl . '/callback/remote';
     // create an openid object
     $openid = new \PSX\OpenId($this->http, $this->config['psx_url'], $this->store);
     // check whether identity is an url if not it is an email
     $filter = new Filter\Url();
     if ($filter->apply($identity) === false) {
         $pos = strpos($identity, '@');
         $provider = substr($identity, $pos + 1);
         // check whether the provider belongs to an connected website. If
         // yes we also try to get an token and tokenSecret for the user
         $host = $this->hm->getTable('AmunService\\Core\\Host')->select(array('id', 'consumerKey', 'url', 'template'))->where('name', '=', $provider)->where('status', '=', Host\Record::NORMAL)->getRow();
         if (!empty($host)) {
             // make webfinger request
             $webfinger = new Webfinger($this->http);
             $acct = 'acct:' . $identity;
             $xrd = $webfinger->getLrdd($acct, $host['template']);
             // check subject
             if (strcmp($xrd->getSubject(), $acct) !== 0) {
                 throw new Exception('Invalid subject');
             }
             // get profile url
             $profileUrl = $xrd->getLinkHref('profile');
             if (empty($profileUrl)) {
                 throw new Exception('Could not find profile');
             }
             // get global id
             $globalId = $xrd->getPropertyValue('http://ns.amun-project.org/2011/meta/id');
             // initalize openid
             $openid->initialize($profileUrl, $callback);
             // if the provider is connected with the website and supports
             // the oauth extension request an token
             $identity = sha1($this->config['amun_salt'] . OpenId::normalizeIdentifier($profileUrl));
             $con = new Condition(array('identity', '=', $identity));
             $userId = $this->hm->getTable('AmunService\\User\\Account')->getField('id', $con);
             $oauth = false;
             if (!empty($userId)) {
                 $con = new Condition();
                 $con->add('hostId', '=', $host['id']);
                 $con->add('userId', '=', $userId);
                 $requestId = $this->hm->getTable('AmunService\\Core\\Host\\Request')->getField('id', $con);
                 if (empty($requestId)) {
                     $oauth = true;
                 }
             } else {
                 $oauth = true;
             }
             if ($oauth) {
                 $oauth = new Extension\Oauth($host['consumerKey']);
                 if ($openid->hasExtension($oauth->getNs())) {
                     $this->session->set('openid_register_user_host_id', $host['id']);
                     $this->session->set('openid_register_user_global_id', $globalId);
                     $openid->add($oauth);
                 }
             }
             return $openid;
         }
     }
     return false;
 }
Ejemplo n.º 2
0
 protected function getAcctProfile($email, $lrddTemplate)
 {
     $http = new Http();
     $webfinger = new Webfinger($http);
     // check subject
     $acct = 'acct:' . $email;
     $xrd = $webfinger->getLrdd($acct, $lrddTemplate);
     if (strcmp($xrd->getSubject(), $acct) !== 0) {
         throw new Exception('Invalid subject');
     }
     // get properties
     $profile = array();
     $profile['id'] = $xrd->getPropertyValue('http://ns.amun-project.org/2011/meta/id');
     $profile['name'] = $xrd->getPropertyValue('http://ns.amun-project.org/2011/meta/name');
     $profile['url'] = $xrd->getLinkHref('profile');
     // check data
     if (isset($profile['id']) && isset($profile['name']) && isset($profile['url'])) {
         return $profile;
     } else {
         throw new Exception('Could not find profile with necessary data');
     }
 }
Ejemplo n.º 3
0
    private function discoverProfileUrl($hostId, $name)
    {
        if (empty($name)) {
            throw new Exception('Need name to discover remote profile');
        }
        $sql = <<<SQL
SELECT
\t`host`.`name`     AS `hostName`,
\t`host`.`template` AS `hostTemplate`
FROM 
\t{$this->registry['table.core_host']} `host`
WHERE 
\t`host`.`id` = ?
AND 
\t`host`.`status` = ?
SQL;
        $row = $this->sql->getRow($sql, array($hostId, Host\Record::NORMAL));
        if (!empty($row)) {
            $http = new Http();
            $webfinger = new Webfinger($http);
            $email = $name . '@' . $row['hostName'];
            return $webfinger->getAcctProfile($email, $row['hostTemplate']);
        } else {
            throw new Exception('Invalid host id');
        }
    }