function run() { $consumer = getConsumer(); // Complete the authentication process using the server's // response. $return_to = getReturnTo('finish_auth_openid_setting'); $response = $consumer->complete($return_to); // Check the response status. if ($response->status == Auth_OpenID_CANCEL) { // This means the authentication was cancelled. $msg = 'Verification cancelled.'; } else { if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message. $msg = "OpenID authentication failed: " . $response->message; } else { if ($response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded; extract the // identity URL and Simple Registration data (if it was // returned). $openid = $response->getDisplayIdentifier(); openid_setting($openid); } } } include 'message.php'; }
function run() { $openid = getOpenIDURL(); $consumer = getConsumer(); // Begin the OpenID authentication process. $auth_request = $consumer->begin($openid); // No auth request means we can't begin OpenID. if (!$auth_request) { displayError("Authentication error; not a valid OpenID."); } $sreg_request = Auth_OpenID_SRegRequest::build(array('nickname'), array('fullname', 'email')); if ($sreg_request) { $auth_request->addExtension($sreg_request); } // Create attribute request object // See http://code.google.com/apis/accounts/docs/OpenID.html#Parameters for parameters // Usage: make($type_uri, $count=1, $required=false, $alias=null) $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/contact/email', 2, 1, 'email'); $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/first', 1, 1, 'firstname'); $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/last', 1, 1, 'lastname'); // Create AX fetch request $ax = new Auth_OpenID_AX_FetchRequest(); // Add attributes to AX fetch request foreach ($attribute as $attr) { $ax->add($attr); } $auth_request->addExtension($ax); $policy_uris = $_GET['policies']; $pape_request = new Auth_OpenID_PAPE_Request($policy_uris); if ($pape_request) { $auth_request->addExtension($pape_request); } // Redirect the user to the OpenID server for authentication. // Store the token for this authentication so we can verify the // response. // For OpenID 1, send a redirect. For OpenID 2, use a Javascript // form to send a POST request to the server. if ($auth_request->shouldSendRedirect()) { $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo()); // If the redirect URL can't be built, display an error // message. if (Auth_OpenID::isFailure($redirect_url)) { displayError("Could not redirect to server: " . $redirect_url->message); } else { // Send redirect. header("Location: " . $redirect_url); } } else { // Generate form markup and render it. $form_id = 'openid_message'; $form_html = $auth_request->htmlMarkup(getTrustRoot(), getReturnTo(), false, array('id' => $form_id)); // Display an error if the form markup couldn't be generated; // otherwise, render the HTML. if (Auth_OpenID::isFailure($form_html)) { displayError("Could not redirect to server: " . $form_html->message); } else { print $form_html; } } }
function run() { $consumer = getConsumer(); // Complete the authentication process using the server's // response. $return_to = getReturnTo(); $response = $consumer->complete($return_to); // Check the response status. if ($response->status == Auth_OpenID_CANCEL) { // This means the authentication was cancelled. $msg = 'Verification cancelled.'; if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time() - 42000, '/'); } session_destroy(); } else { if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message. $msg = "OpenID authentication failed: " . $response->message; if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time() - 42000, '/'); } session_destroy(); } else { if ($response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded; extract the // identity URL and Simple Registration data (if it was // returned). $openid = $response->getDisplayIdentifier(); $esc_identity = escape($openid); $_SESSION = array(); $_SESSION['openid'] = $esc_identity; if ($response->endpoint->canonicalID) { $escaped_canonicalID = escape($response->endpoint->canonicalID); $success .= ' (XRI CanonicalID: ' . $escaped_canonicalID . ') '; $_SESSION['openid'] = $escaped_canonicalID; } // AX Process $ax_resp = Auth_OpenID_AX_FetchResponse::fromSuccessResponse($response); if ($ax_resp) { global $ax_data; foreach ($ax_data as $ax_key => $ax_data_ns) { if ($ax_resp->data[$ax_data_ns][0]) { $_SESSION['ax_' . $ax_key] = $ax_resp->data[$ax_data_ns][0]; } } } } } } if ($_GET["popup"] == "true") { include 'close.php'; } else { if ($_GET["callback"] == "ax") { header("Location: ./ax_example.php"); } else { header("Location: ./index.php"); } } }
function openid_verify() { $consumer = new Auth_OpenID_Consumer(new Auth_OpenID_MySQLStore(theDb())); // Complete the authentication process using the server's // response. $return_to = getReturnTo(); $response = $consumer->complete($return_to); // Check the response status. if ($response->status == Auth_OpenID_CANCEL) { // This means the authentication was cancelled. $msg = 'Verification cancelled.'; } else { if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message. $msg = "OpenID authentication failed: " . $response->message; } else { if ($response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded; extract the // identity URL and Simple Registration data (if it was // returned). $openid = $response->getDisplayIdentifier(); $esc_identity = htmlentities($openid); $success = sprintf('You have successfully verified ' . '<a href="%s">%s</a> as your identity.', $esc_identity, $esc_identity); if ($response->endpoint->canonicalID) { $escaped_canonicalID = htmlentities($response->endpoint->canonicalID); $success .= ' (XRI CanonicalID: ' . $escaped_canonicalID . ') '; } $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); $sreg = $sreg_resp->contents(); $ax = new Auth_OpenID_AX_FetchResponse(); $obj = $ax->fromSuccessResponse($response); if ($obj) { function ax_get($obj, $url) { if (!$obj) { return ""; } $x = $obj->get($url); if (is_array($x) && is_string($x[0])) { return $x[0]; } return ""; } if ($x = ax_get($obj, 'http://axschema.org/contact/email')) { $sreg["email"] = $x; } if ($x = ax_get($obj, 'http://axschema.org/namePerson/first')) { $sreg["fullname"] = $x . " " . ax_get($obj, 'http://axschema.org/namePerson/last'); } } openid_user_update($openid, $sreg); unset($_SESSION["auth_error"]); return true; } } } $_SESSION["auth_error"] = $msg; return false; }
function run() { $openid = getOpenIDURL(); $consumer = getConsumer(); $return_to = getReturnTo(); // Begin the OpenID authentication process. $auth_request = $consumer->begin($openid); // No auth request means we can't begin OpenID. if (!$auth_request) { displayError("Authentication error; not a valid OpenID."); } // add AX request if ($_GET['ax'] == 'true') { $ax_request = new Auth_OpenID_AX_FetchRequest(); global $ax_data; foreach ($ax_data as $ax_key => $ax_data_ns) { // set AX params if ($_GET['ax_' . $ax_key] == 'true') { $ax_request->add(new Auth_OpenID_AX_AttrInfo($ax_data_ns, 1, true, $ax_key)); } } // add extension if ($ax_request) { $auth_request->addExtension($ax_request); } } // add UI extension request if ($_GET['ui'] == 'true') { $UI_request = new OpenID_UI_Request(); // set icon if ($_GET['icon'] == 'true') { $UI_request->setIcon(); } // set lang if ($_GET['lang'] == 'true' && $_GET['pref_lang']) { $UI_request->setLang($_GET['pref_lang']); } // set popup if ($_GET['popup'] == 'true') { $UI_request->setPopup(); $return_to .= "popup=true"; } $auth_request->addExtension($UI_request); } else { if ($_GET['callback'] == "ax") { $return_to .= "callback=ax"; } } $redirect_url = $auth_request->redirectURL(getTrustRoot(), $return_to); if (Auth_OpenID::isFailure($redirect_url)) { displayError("Could not redirect to server: " . $redirect_url->message); } else { // Send redirect. header("Location: " . $redirect_url); } }
function run() { $openid = getOpenIDURL(); $consumer = getConsumer(); // Begin the OpenID authentication process. $auth_request = $consumer->begin($openid); // No auth request means we can't begin OpenID. if (!$auth_request) { displayError("认证错误,不是有效的OpenID。"); } $sreg_request = Auth_OpenID_SRegRequest::build(array('nickname', 'email'), array('gender')); //'nickname','fullname', 'email', 'dob','gender','postcode','country','language','timezone' if ($sreg_request) { $auth_request->addExtension($sreg_request); } /*NOTE:目前还很少有网站要用到PAPE这个功能 $policy_uris = $_GET['policies']; $pape_request = new Auth_OpenID_PAPE_Request($policy_uris); if ($pape_request) { $auth_request->addExtension($pape_request); } */ // Redirect the user to the OpenID server for authentication. // Store the token for this authentication so we can verify the // response. // For OpenID 1, send a redirect. For OpenID 2, use a Javascript // form to send a POST request to the server. if ($auth_request->shouldSendRedirect()) { $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo()); // If the redirect URL can't be built, display an error // message. if (Auth_OpenID::isFailure($redirect_url)) { displayError("不能跳转到: " . $redirect_url->message); } else { // Send redirect. header("Location: " . $redirect_url); } } else { // Generate form markup and render it. $form_id = 'openid_message'; $form_html = $auth_request->htmlMarkup(getTrustRoot(), getReturnTo(), false, array('id' => $form_id)); // Display an error if the form markup couldn't be generated; // otherwise, render the HTML. if (Auth_OpenID::isFailure($form_html)) { displayError("不能跳转到: " . $form_html->message); } else { print $form_html; } } }
function run() { $openid = getOpenIDURL(); $consumer = getConsumer(); // Begin the OpenID authentication process. $auth_request = $consumer->begin($openid); // No auth request means we can't begin OpenID. if (!$auth_request) { displayError(_CORE_OID_URL_INVALID); } $sreg_request = Auth_OpenID_SRegRequest::build(array('nickname', 'email'), array('fullname', 'dob', 'gender', 'postcode', 'country', 'language', 'timezone')); if ($sreg_request) { $auth_request->addExtension($sreg_request); } $policy_uris = isset($_GET['policies']) ? filter_var($_GET['policies'], FILTER_SANITIZE_URL) : NULL; $pape_request = new Auth_OpenID_PAPE_Request($policy_uris); if ($pape_request) { $auth_request->addExtension($pape_request); } // Redirect the user to the OpenID server for authentication. // Store the token for this authentication so we can verify the // response. // For OpenID 1, send a redirect. For OpenID 2, use a Javascript // form to send a POST request to the server. if ($auth_request->shouldSendRedirect()) { $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo()); // If the redirect URL can't be built, display an error // message. if (Auth_OpenID::isFailure($redirect_url)) { //displayError("Could not redirect to server: " . $redirect_url->message); } else { // Send redirect. header('Location: ' . $redirect_url); exit; } } else { // Generate form markup and render it. $form_id = 'openid_message'; $form_html = $auth_request->formMarkup(getTrustRoot(), getReturnTo(), FALSE, array('id' => $form_id)); // Display an error if the form markup couldn't be generated; // otherwise, render the HTML. if (Auth_OpenID::isFailure($form_html)) { displayError(sprintf(_CORE_OID_REDIRECT_FAILED, $form_html->message)); } else { $page_contents = array("<html><head><title>", _CORE_OID_INPROGRESS, "</title></head>", "<body onload='document.getElementById(\"" . $form_id . "\").submit()'>", $form_html, "</body></html>"); print implode("\n", $page_contents); } } }
function run() { $consumer = getConsumer(); // Complete the authentication process using the server's // response. $return_to = getReturnTo(); $response = $consumer->complete($return_to); // Check the response status. if ($response->status == Auth_OpenID_CANCEL) { // This means the authentication was cancelled. $msg = 'Verification cancelled.'; } else { if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message.d $msg = "OpenID authentication failed: " . $response->message; } else { if ($response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded; extract the // identity URL and Simple Registration data (if it was // returned). $openid = $response->getDisplayIdentifier(); $esc_identity = escape($openid); $success = sprintf('You have successfully verified ' . '<a href="%s">%s</a> as your identity.<br><br>Here\'s your MySpace profile data fetched using the MySpace REST APIs', $esc_identity, $esc_identity); if ($response->endpoint->canonicalID) { $escaped_canonicalID = escape($response->endpoint->canonicalID); $success .= ' (XRI CanonicalID: ' . $escaped_canonicalID . ') '; } $oauth_resp = Auth_OpenID_OAuthResponse::fromSuccessResponse($response); $authorized_request_token = $oauth_resp->authorized_request_token; //1.0A OAuth Spec, we will need this to get an access token $authorized_verifier = $oauth_resp->authorized_verifier; if ($authorized_request_token) { $ms = new MySpace(CONSUMER_KEY, CONSUMER_SECRET, $authorized_request_token->key, $authorized_request_token->secret, $authorized_verifier); $access_token = $ms->getAccessToken(); $ms = new MySpace(CONSUMER_KEY, CONSUMER_SECRET, $access_token->key, $access_token->secret); $userid = $ms->getCurrentUserId(); // Use the userID (fetched in the previous step) to get user's profile, friends and other info $profile_data = $ms->getProfile($userid); $friends_data = $ms->getFriends($userid); $ms->updateStatus($userid, 'testing sdk'); // Access $profile_data and $friend_data inside of index.php (via the include below) // to display the profile/friends data } } } } include 'index.php'; }
/** * @Route("/login", name="progrupa_3dwarehouse_auth_init") * @Template */ public function authInitAction(Request $request) { if ($request->getMethod() == Request::METHOD_POST) { $openid = $request->get('sketchup_openid'); $consumer = new \Auth_OpenID_Consumer(new \Auth_OpenID_FileStore(sys_get_temp_dir())); // Begin the OpenID authentication process. $auth_request = $consumer->begin($openid); // No auth request means we can't begin OpenID. if (!$auth_request) { return ['error' => "Authentication error; not a valid OpenID."]; } $sreg_request = \Auth_OpenID_SRegRequest::build(['email'], []); if ($sreg_request) { $auth_request->addExtension($sreg_request); } $policy_uris = null; $pape_request = new \Auth_OpenID_PAPE_Request($policy_uris); if ($pape_request) { $auth_request->addExtension($pape_request); } // Redirect the user to the OpenID server for authentication. // Store the token for this authentication so we can verify the // response. // For OpenID 1, send a redirect. For OpenID 2, use a Javascript // form to send a POST request to the server. if ($auth_request->shouldSendRedirect()) { $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo()); // If the redirect URL can't be built, display an erro message. if (\Auth_OpenID::isFailure($redirect_url)) { return ['error' => "Could not redirect to server: " . $redirect_url->message]; } else { // Send redirect. return new RedirectResponse($redirect_url); } } else { // Generate form markup and render it. $form_id = 'openid_message'; $form_html = $auth_request->htmlMarkup(getTrustRoot(), getReturnTo(), false, array('id' => $form_id)); // Display an error if the form markup couldn't be generated otherwise, render the HTML. if (\Auth_OpenID::isFailure($form_html)) { return ['error' => "Could not redirect to server: " . $form_html->message]; } else { return new Response($form_html); } } } return []; }
function run() { $openid = getOpenIDURL(); $consumer = getConsumer(); // Begin the OpenID authentication process. $auth_request = $consumer->begin($openid); // No auth request means we can't begin OpenID. if (!$auth_request) { displayError("Authentication error; not a valid OpenID."); } $sreg_request = Auth_OpenID_SRegRequest::build(array('nickname'), array('fullname', 'email')); if ($sreg_request) { $auth_request->addExtension($sreg_request); } $policy_uris = $_GET['policies']; $pape_request = new Auth_OpenID_PAPE_Request($policy_uris); if ($pape_request) { $auth_request->addExtension($pape_request); } // Redirect the user to the OpenID server for authentication. // Store the token for this authentication so we can verify the // response. // For OpenID 1, send a redirect. For OpenID 2, use a Javascript // form to send a POST request to the server. if ($auth_request->shouldSendRedirect()) { $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo()); // If the redirect URL can't be built, display an error // message. if (Auth_OpenID::isFailure($redirect_url)) { displayError("Could not redirect to server: " . $redirect_url->message); } else { // Send redirect. header("Location: " . $redirect_url); } } else { // Generate form markup and render it. $form_id = 'openid_message'; $form_html = $auth_request->formMarkup(getTrustRoot(), getReturnTo(), false, array('id' => $form_id)); // Display an error if the form markup couldn't be generated; // otherwise, render the HTML. if (Auth_OpenID::isFailure($form_html)) { displayError("Could not redirect to server: " . $form_html->message); } else { $page_contents = array("<html><head><title>", "OpenID transaction in progress", "</title></head>", "<body onload='document.getElementById(\"" . $form_id . "\").submit()'>", $form_html, "</body></html>"); print implode("\n", $page_contents); } } }
function run() { $openid = getOpenIDURL(); $consumer = getConsumer(); // Begin the OpenID authentication process. $auth_request = $consumer->begin($openid); // No auth request means we can't begin OpenID. if (!$auth_request) { // check for new install, if no, go to index, else goto new-install page require_once 'CRM/Core/BAO/UFMatch.php'; $contactIds = CRM_Core_BAO_UFMatch::getContactIDs(); if (count($contactIds) > 0) { displayError("Authentication error; not a valid OpenID."); } else { $session =& CRM_Core_Session::singleton(); $session->set('new_install', true); include 'new_install.html'; exit(1); } } $sreg_request = Auth_OpenID_SRegRequest::build(array('nickname'), array('fullname', 'email')); if ($sreg_request) { $auth_request->addExtension($sreg_request); } $policy_uris = null; if (isset($_REQUEST['policies'])) { $policy_uris = $_REQUEST['policies']; } $pape_request = new Auth_OpenID_PAPE_Request($policy_uris); if ($pape_request) { $auth_request->addExtension($pape_request); } $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo()); // If the redirect URL can't be built, display an error // message. if (Auth_OpenID::isFailure($redirect_url)) { displayError("Could not redirect to server: " . $redirect_url->message); } else { // Send redirect. header("Location: " . $redirect_url); exit(2); } }
function run_try_auth() { global $authSource; $openid = $_GET['openid_url']; $consumer = getConsumer(); // Begin the OpenID authentication process. $auth_request = $consumer->begin($openid); // No auth request means we can't begin OpenID. if (!$auth_request) { displayError("Authentication error; not a valid OpenID."); } $sreg_request = Auth_OpenID_SRegRequest::build($authSource->getRequiredAttributes(), $authSource->getOptionalAttributes()); if ($sreg_request) { $auth_request->addExtension($sreg_request); } // Redirect the user to the OpenID server for authentication. // Store the token for this authentication so we can verify the // response. // For OpenID 1, send a redirect. For OpenID 2, use a Javascript // form to send a POST request to the server. if ($auth_request->shouldSendRedirect()) { $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo()); // If the redirect URL can't be built, display an error message. if (Auth_OpenID::isFailure($redirect_url)) { displayError("Could not redirect to server: " . $redirect_url->message); } else { header("Location: " . $redirect_url); // Send redirect. } } else { // Generate form markup and render it. $form_id = 'openid_message'; $form_html = $auth_request->formMarkup(getTrustRoot(), getReturnTo(), FALSE, array('id' => $form_id)); // Display an error if the form markup couldn't be generated; otherwise, render the HTML. if (Auth_OpenID::isFailure($form_html)) { displayError("Could not redirect to server: " . $form_html->message); } else { echo '<html><head><title>OpenID transaction in progress</title></head> <body onload=\'document.getElementById("' . $form_id . '").submit()\'>' . $form_html . '</body></html>'; } } }
function run() { $openid = getOpenIDURL(); $consumer = getConsumer(); // Begin the OpenID authentication process. $auth_request = $consumer->begin($openid); // No auth request means we can't begin OpenID. if (!$auth_request) { displayError("Authentication error; not a valid OpenID." . "\n OpenID::" . $openid); } $oauth_req = new Auth_OpenID_OAuthRequest(CONSUMER_KEY); $auth_request->addExtension($oauth_req); // Redirect the user to the OpenID server for authentication. // Store the token for this authentication so we can verify the // response. // For OpenID 1, send a redirect. For OpenID 2, use a Javascript // form to send a POST request to the server. if ($auth_request->shouldSendRedirect()) { $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo()); // If the redirect URL can't be built, display an error // message. if (Auth_OpenID::isFailure($redirect_url)) { displayError("Could not redirect to server: " . $redirect_url->message); } else { // Send redirect. header("Location: " . $redirect_url); } } else { // Generate form markup and render it. $form_id = 'openid_message'; $form_html = $auth_request->htmlMarkup(getTrustRoot(), getReturnTo(), false, array('id' => $form_id)); // Display an error if the form markup couldn't be generated; // otherwise, render the HTML. if (Auth_OpenID::isFailure($form_html)) { displayError("Could not redirect to server: " . $form_html->message); } else { print $form_html; } } }
function run() { $consumer = getConsumer(); // Complete the authentication process using the server's // response. $return_to = getReturnTo(); $response = $consumer->complete($return_to); // Check the response status. if ($response->status == Auth_OpenID_CANCEL) { // This means the authentication was cancelled. $msg = '验证被取消。'; //showmessage('cancel_openid_auth'); } else { if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message. $msg = "OpenID 认证失败: " . $response->message; } else { if ($response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded; extract the // identity URL and Simple Registration data (if it was // returned). // 将openid记录到session里,在session超时时间内,由以后的逻辑绑定到已注册的uid上。 $_SESSION['openid_identifier'] = $response->getDisplayIdentifier(); $_SESSION['openid_binding'] = time(); //标记可以绑定了,但在发现是可直接登录用户时在要unset if ($response->endpoint->canonicalID) { $_SESSION['xri_canonicalid'] = $response->endpoint->canonicalID; } $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); $_SESSION['openid_sreg'] = $sreg_resp->contents(); //NOTE:记录SREG到会话 // echo var_dump($_SESSION['openid_identifier'])."--_SESSION['openid_identifier']<br>"; // echo var_dump($_SESSION['openid_binding'])."--_SESSION['openid_binding']<br>"; _OpenID_Action(); //添加动作 } } } displayError($msg); }
private function finish_auth() { $consumer = getConsumer(); // Complete the authentication process using the server's // response. $return_to = getReturnTo(); $response = $consumer->complete($return_to); // Check the response status. if ($response->status == Auth_OpenID_CANCEL) { // This means the authentication was cancelled. $msg = 'Verification cancelled.'; } else { if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message. $msg = "OpenID authentication failed: " . $response->message; } else { if ($response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded; extract the // identity URL and Simple Registration data (if it was // returned). $openid = $response->getDisplayIdentifier(); $esc_identity = openid_escape($openid); $_SESSION['bbgs_openid_identity'] = $esc_identity; $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); $sreg = $sreg_resp->contents(); if (@$sreg['email']) { $_SESSION['bbgs_openid_email'] = $sreg['email']; } if (@$sreg['nickname']) { $_SESSION['bbgs_openid_nickname'] = $sreg['nickname']; } if (@$sreg['fullname']) { $_SESSION['bbgs_openid_fullname'] = $sreg['fullname']; } } } } }
function run() { $openid = getOpenIDURL(); $consumer = getConsumer(); // Begin the OpenID authentication process. $auth_request = $consumer->begin($openid); // No auth request means we can't begin OpenID. if (!$auth_request) { displayError("Authentication error; not a valid OpenID."); } $sreg_request = Auth_OpenID_SRegRequest::build(array('nickname'), array('fullname', 'email')); if ($sreg_request) { $auth_request->addExtension($sreg_request); } $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://geni.net/projects', 'unlimited', 1, 'projects'); $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://geni.net/slices', 'unlimited', 1, 'slices'); $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://geni.net/user/urn', 1, 1, 'urn'); $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://geni.net/user/prettyname', 1, 1, 'prettyname'); $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://geni.net/wimax/username', 1, 1, 'wimax'); $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://geni.net/irods/username', 1, 1, 'irodsuser'); $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://geni.net/irods/zone', 1, 1, 'irodszone'); // Create AX fetch request $ax = new Auth_OpenID_AX_FetchRequest(); // Add attributes to AX fetch request foreach ($attribute as $attr) { $ax->add($attr); } // Add AX fetch request to authentication request $auth_request->addExtension($ax); $policy_uris = null; if (isset($_GET['policies'])) { $policy_uris = $_GET['policies']; } $pape_request = new Auth_OpenID_PAPE_Request($policy_uris); if ($pape_request) { $auth_request->addExtension($pape_request); } // Redirect the user to the OpenID server for authentication. // Store the token for this authentication so we can verify the // response. // For OpenID 1, send a redirect. For OpenID 2, use a Javascript // form to send a POST request to the server. if ($auth_request->shouldSendRedirect()) { $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo()); // If the redirect URL can't be built, display an error // message. if (Auth_OpenID::isFailure($redirect_url)) { displayError("Could not redirect to server: " . $redirect_url->message); } else { // Send redirect. header("Location: " . $redirect_url); } } else { // Generate form markup and render it. $form_id = 'openid_message'; $form_html = $auth_request->htmlMarkup(getTrustRoot(), getReturnTo(), false, array('id' => $form_id)); // Display an error if the form markup couldn't be generated; // otherwise, render the HTML. if (Auth_OpenID::isFailure($form_html)) { displayError("Could not redirect to server: " . $form_html->message); } else { print $form_html; } } }
function run() { $consumer = getConsumer(); // Complete the authentication process using the server's // response. $return_to = getReturnTo(); $response = $consumer->complete($return_to); // Check the response status. if ($response->status == Auth_OpenID_CANCEL) { // This means the authentication was cancelled. $msg = 'Verification cancelled.'; } else { if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message. $msg = "OpenID authentication failed: " . $response->message; } else { if ($response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded; extract the // identity URL and Simple Registration data (if it was // returned). $openid = $response->getDisplayIdentifier(); $esc_identity = escape($openid); $google = strpos($openid, "google.com"); $success = sprintf('You have successfully verified ' . '<a href="%s">%s</a> as your identity.', $esc_identity, $esc_identity); if ($response->endpoint->canonicalID) { $escaped_canonicalID = escape($response->endpoint->canonicalID); $success .= ' (XRI CanonicalID: ' . $escaped_canonicalID . ') '; } $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); $sreg = $sreg_resp->contents(); if (@$sreg['email']) { $success .= " You also returned '" . escape($sreg['email']) . "' as your email."; } if (@$sreg['nickname']) { $success .= " Your nickname is '" . escape($sreg['nickname']) . "'."; } if (@$sreg['fullname']) { $success .= " Your fullname is '" . escape($sreg['fullname']) . "'."; } $pape_resp = Auth_OpenID_PAPE_Response::fromSuccessResponse($response); if ($pape_resp) { if ($pape_resp->auth_policies) { $success .= "<p>The following PAPE policies affected the authentication:</p><ul>"; foreach ($pape_resp->auth_policies as $uri) { $escaped_uri = escape($uri); $success .= "<li><tt>{$escaped_uri}</tt></li>"; } $success .= "</ul>"; } else { $success .= "<p>No PAPE policies affected the authentication.</p>"; } if ($pape_resp->auth_age) { $age = escape($pape_resp->auth_age); $success .= "<p>The authentication age returned by the " . "server is: <tt>" . $age . "</tt></p>"; } if ($pape_resp->nist_auth_level) { $auth_level = escape($pape_resp->nist_auth_level); $success .= "<p>The NIST auth level returned by the " . "server is: <tt>" . $auth_level . "</tt></p>"; } } else { $success .= "<p>No PAPE response was sent by the provider.</p>"; } } } } include 'index.php'; }
function run() { $session =& CRM_Core_Session::singleton(); $config =& CRM_Core_Config::singleton(); $consumer = getConsumer(); // Complete the authentication process using the server's // response. $return_to = getReturnTo(); $response = $consumer->complete($return_to); // Check the response status. if ($response->status == Auth_OpenID_CANCEL) { // This means the authentication was cancelled. $msg = 'Verification cancelled.'; $session->set('msg', $msg); $session->set('goahead', "no"); } else { if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message. $msg = "OpenID authentication failed: " . $response->message; $session->set('msg', $msg); $session->set('goahead', "no"); } else { if ($response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded; extract the // identity URL and Simple Registration data (if it was // returned). $openid = array(); $openid['display_id'] = $response->getDisplayIdentifier(); $openid['claimed_id'] = $response->identity_url; $openid['endpoint_url'] = $response->endpoint->server_url; #$openid = $response->getDisplayIdentifier(); //$esc_identity = escape($openid); $session->set('openid', $openid); $session->set('goahead', "yes"); $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); $sreg = $sreg_resp->contents(); $sreg['email'] = empty($sreg['email']) ? '' : $sreg['email']; if ($session->get('new_install') == true) { // update group clause require_once 'CRM/Core/Transaction.php'; require_once 'CRM/Contact/BAO/Group.php'; $groupDAO =& new CRM_Contact_DAO_Group(); $groupDAO->find(); while ($groupDAO->fetch()) { if (!isset($transaction)) { $transaction = new CRM_Core_Transaction(); } $group =& new CRM_Contact_BAO_Group(); $group->id = $groupDAO->id; $group->find(true); $group->buildClause(); $group->save(); } if (isset($transaction)) { $transaction->commit(); } // Redirect to new user registration form $urlVar = $config->userFrameworkURLVar; $config->reset(); header("Location: index.php?{$urlVar}=civicrm/standalone/register&reset=1&configReset=1"); exit; } else { require_once 'CRM/Standalone/User.php'; $user = new CRM_Standalone_User($openid, $sreg['email']); require_once 'CRM/Utils/System/Standalone.php'; $allow_login = CRM_Utils_System_Standalone::getAllowedToLogin($user); if (!$allow_login && (!defined('CIVICRM_ALLOW_ALL') || !CIVICRM_ALLOW_ALL)) { $session->set('msg', 'You are not allowed to login. Login failed. Contact your Administrator.'); $session->set('goahead', "no"); } else { CRM_Utils_System_Standalone::getUserID($user); if (!$session->get('userID')) { $session->set('msg', 'You are not authorized to login.'); $session->set('goahead', "no"); } } header("Location: index.php"); exit(0); } } } } displayError("Unknown status returned."); }
<?php /** * @author sutra * @copyright Copyright © 2001-2007, Redv Soft * @license http://openid4discuz.redv.com/LICENSE.txt BSD */ require_once "common.php"; session_start(); tryAuth($openid_identifier, getReturnTo('finish_auth'));
function run() { $consumer = getConsumer(); // Complete the authentication process using the server's // response. $return_to = getReturnTo(); $response = $consumer->complete($return_to); // Check the response status. if ($response->status == Auth_OpenID_CANCEL) { // This means the authentication was cancelled. $msg = gettext('Verification cancelled.'); } else { if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message. $msg = sprintf(gettext("OpenID authentication failed: %s"), $response->message); } else { if ($response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded; extract the // identity URL and Simple Registration data (if it was // returned). $openid = $response->getDisplayIdentifier(); $esc_identity = escape($openid); $success = sprintf(gettext('You have successfully verified <a href="%s">%s</a> as your identity.'), $esc_identity, $esc_identity); if ($response->endpoint->canonicalID) { $escaped_canonicalID = escape($response->endpoint->canonicalID); $success .= ' (XRI CanonicalID: ' . $escaped_canonicalID . ') '; } $email = $name = NULL; $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); $sreg = $sreg_resp->contents(); if ($sreg) { if (@$sreg['email']) { $email = trim($sreg['email']); } if (@$sreg['nickname']) { $name = $sreg['nickname']; } if (@$sreg['fullname']) { $name = $sreg['fullname']; } } $ax_resp = Auth_OpenID_AX_FetchResponse::fromSuccessResponse($response); if ($ax_resp) { $arr_ax_resp = get_object_vars($ax_resp); $arr_ax_data = $arr_ax_resp['data']; if (empty($email) && isset($arr_ax_data["http://axschema.org/contact/email"]) && count($arr_ax_data["http://axschema.org/contact/email"]) > 0) { $email = $arr_ax_data["http://axschema.org/contact/email"][0]; } if (empty($name) && isset($arr_ax_data["http://axschema.org/namePerson"]) && count($arr_ax_data["http://axschema.org/namePerson"]) > 0) { $name = $arr_ax_data["http://axschema.org/namePerson"][0]; } if (empty($name)) { $name_first = ''; $name_middle = ''; $name_last = ''; if (isset($arr_ax_data["http://axschema.org/namePerson/first"]) && count($arr_ax_data["http://axschema.org/namePerson/first"]) > 0) { $name_first = $arr_ax_data["http://axschema.org/namePerson/first"][0]; } if (isset($arr_ax_data["http://axschema.org/namePerson/middle"]) && count($arr_ax_data["http://axschema.org/namePerson/middle"]) > 0) { $name_middle = $arr_ax_data["http://axschema.org/namePerson/middle"][0]; } if (isset($arr_ax_data["http://axschema.org/namePerson/last"]) && count($arr_ax_data["http://axschema.org/namePerson/last"]) > 0) { $name_last = $arr_ax_data["http://axschema.org/namePerson/last"][0]; } $fullname = trim(trim(trim($name_first) . ' ' . $name_middle) . ' ' . $name_last); if (!empty($fullname)) { $name = $fullname; } } if (empty($name) && isset($arr_ax_data["http://axschema.org/namePerson/friendly"]) && count($arr_ax_data["http://axschema.org/namePerson/friendly"]) > 0) { $name = $arr_ax_data["http://axschema.org/namePerson/friendly"][0]; } } $userid = trim(str_replace(array('http://', 'https://'), '', $openid), '/'); // always remove the protocol $pattern = @$_SESSION['OpenID_cleaner_pattern']; if ($pattern) { if (preg_match($pattern, $userid, $matches)) { $userid = $matches[1]; } } $provider = @$_SESSION['provider']; if (strlen($userid) + strlen($provider) > 63) { $userid = sha1($userid); } if ($provider) { $userid = $provider . ':' . $userid; } $redirect = @$_SESSION['OpenID_redirect']; $success .= logonFederatedCredentials($userid, $email, $name, $redirect); } } } return $success; }
showmessage($GLOBALS['language']['openid_delete_failed'], $this_url); } } elseif ($_POST['formhash'] != '' && $_POST['openid_identifier'] != '') { $query = $db->query("SELECT openid_url as openid_identifier FROM {$tablepre}openid WHERE uid<>" . $discuz_uid . " AND openid_url='" . $_POST['openid_identifer'] . "'"); $member_openid = $db->fetch_array($query); if ($member_openid['openid_identifier']) { showmessage($GLOBALS['language']['openid_bind_failed'], $this_url); } $query = $db->query("SELECT openid_url as openid_identifier FROM {$tablepre}openid WHERE uid=" . $discuz_uid); $old_openid = $db->fetch_array($query); if ($old_openid['openid_identifier'] == $_POST['openid_identifier']) { showmessage($GLOBALS['language']['openid_update_noupdate_before'] . "<a href='" . $old_openid['openid_identifier'] . "'>" . $old_openid['openid_identifier'] . "</a>" . $GLOBALS['language']['openid_update_noupdate_after'], $this_url); } // Redirect user to OpenID Server session_start(); tryAuth($openid_identifier, getReturnTo('finish_auth_openid_setting')); exit; } //elseif ($_GET['openid_mode'] == 'id_res') { // // Perform HTTP Request to OpenID server to validate key // $openid = new SimpleOpenID; // $openid->SetIdentity($_GET['openid_identity']); // $openid_validation_result = $openid->ValidateWithServer(); // if ($openid_validation_result == true) { // OK HERE KEY IS VALID // $query = $db->query("SELECT openid_url FROM {$tablepre}openid WHERE uid <> " . $discuz_uid . " AND openid_url='" . $openid->GetIdentity() . "'"); // $member_openid = $db->fetch_array($query); // if ($member_openid['openid_url']) { // showmessage($GLOBALS['language']['openid_bind_failed'], $this_url); // } // // $query = $db->query("SELECT openid_url FROM {$tablepre}openid WHERE uid=" . $discuz_uid);
private function finishAuth() { $consumer = getConsumer(); // Complete the authentication process using the server's // response. $return_to = getReturnTo(); $response = $consumer->complete($return_to); // Check the response status. if ($response->status == Auth_OpenID_CANCEL) { // This means the authentication was cancelled. echo 'Verification cancelled.'; } else { if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message. echo "OpenID authentication failed: " . $response->message; } else { if ($response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded; extract the // identity URL and Simple Registration data (if it was // returned). $openid = $response->getDisplayIdentifier(); $esc_identity = escape($openid); // Fetch some random information if ($response->endpoint->canonicalID) { $escaped_canonicalID = escape($response->endpoint->canonicalID); $success .= ' (XRI CanonicalID: ' . $escaped_canonicalID . ') '; } $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); $sreg = $sreg_resp->contents(); $email = isset($sreg['email']) ? $sreg['email'] : null; $language = isset($sreg['language']) ? strtolower($sreg['language']) : null; $country = isset($sreg['country']) ? $sreg['country'] : null; $dob = isset($sreg['dob']) ? $sreg['dob'] : null; $gender = isset($sreg['gender']) ? $sreg['gender'] : null; if (!empty($dob)) { $_SESSION['birthday'] = strtotime($dob); } if (!empty($gender)) { $_SESSION['gender'] = $gender; } $nickname = isset($sreg['nickname']) ? $sreg['nickname'] : null; //customMail ('*****@*****.**', 'login test', print_r ($sreg, true)); // Check if this language exists: if (isset($language)) { $allLanguages = Neuron_Core_Text::getLanguages(); if (in_array($language, $allLanguages)) { if (!isset($_COOKIE['user_language'])) { $_SESSION['language'] = $language; } //setcookie ('user_language', $language, time () + COOKIE_LIFE, '/'); } } if (isset($nickname)) { $_SESSION['openid_nickname'] = $nickname; } // Fetch the AX $notify_url = null; $profilebox_url = null; $openid_userstats = null; $ax = Auth_OpenID_AX_FetchResponse::fromSuccessResponse($response); if ($ax) { $ax_data = $ax->data; $keyname = 'http://www.browser-games-hub.org/schema/openid/notify_url.xml'; $notify_url = isset($ax_data[$keyname]) ? $ax_data[$keyname] : array(); $keyname2 = 'http://www.browser-games-hub.org/schema/openid/profilebox_url.xml'; $profilebox_url = isset($ax_data[$keyname2]) ? $ax_data[$keyname2] : array(); $keyname3 = 'http://www.browser-games-hub.org/schema/openid/messagebundle_url.xml'; $messagebundle_url = isset($ax_data[$keyname3]) ? $ax_data[$keyname3] : array(); $keyname4 = 'http://www.browser-games-hub.org/schema/openid/container.xml'; $openid_container = isset($ax_data[$keyname4]) ? $ax_data[$keyname4] : array(); $keyname5 = 'http://www.browser-games-hub.org/schema/openid/fullscreen.xml'; $openid_fullscreen = isset($ax_data[$keyname5]) ? $ax_data[$keyname5] : array(); $keyname6 = 'http://www.browser-games-hub.org/schema/openid/userstats_url.xml'; $openid_userstats = isset($ax_data[$keyname6]) ? $ax_data[$keyname6] : array(); $keyname7 = 'http://www.browser-games-hub.org/schema/openid/hide_advertisement.xml'; $hide_advertisement = isset($ax_data[$keyname7]) ? $ax_data[$keyname7] : array(); $keyname8 = 'http://www.browser-games-hub.org/schema/openid/hide_advertisement.xml'; $hide_chat = isset($ax_data[$keyname8]) ? $ax_data[$keyname8] : array(); $notify_url = count($notify_url) > 0 ? $notify_url[0] : null; $profilebox_url = count($profilebox_url) > 0 ? $profilebox_url[0] : null; $messagebundle_url = count($messagebundle_url) > 0 ? $messagebundle_url[0] : null; $openid_container = count($openid_container) > 0 ? $openid_container[0] : null; $openid_fullscreen = count($openid_fullscreen) > 0 ? $openid_fullscreen[0] : null; $openid_userstats = count($openid_userstats) > 0 ? $openid_userstats[0] : null; $hide_advertisement = count($hide_advertisement) > 0 ? $hide_advertisement[0] : null; $hide_chat = count($hide_chat) > 0 ? $hide_chat[0] : null; $_SESSION['opensocial_messagebundle'] = $messagebundle_url; $_SESSION['opensocial_container'] = $openid_container; $_SESSION['fullscreen'] = $openid_fullscreen == 1; $_SESSION['hide_advertisement'] = $hide_advertisement == 1; $_SESSION['hide_chat'] = $hide_chat == 1; $_SESSION['welcome_url'] = getAXValue($ax_data, 'http://www.browser-games-hub.org/schema/openid/welcome_url.xml'); $_SESSION['tracker_url'] = getAXValue($ax_data, 'http://www.browser-games-hub.org/schema/openid/tracker_url.xml'); // Load the tracker if (isset($_SESSION['tracker_url'])) { $_SESSION['tracker_html'] = @file_get_contents($_SESSION['tracker_url']); } if (isset($_SESSION['welcome_url'])) { $_SESSION['welcome_html'] = @file_get_contents($_SESSION['welcome_url']); } } // Fetch a fresh user ID $db = Neuron_Core_Database::__getInstance(); $login = Neuron_Core_Login::__getInstance(); // See if there is an account available $acc = $db->select('n_auth_openid', array('user_id'), "openid_url = '" . $db->escape($esc_identity) . "'"); $_SESSION['neuron_openid_identity'] = $esc_identity; if (count($acc) == 1 && $acc[0]['user_id'] > 0) { $id = $acc[0]['user_id']; loginAndRedirect($acc[0]['user_id'], $email); } else { if (count($acc) == 0) { // Create a new account $db->insert('n_auth_openid', array('openid_url' => $esc_identity, 'user_id' => 0)); } // Set a session key to make sure // that the server still knows you // when you hit submit. $_SESSION['dolumar_openid_identity'] = $esc_identity; $_SESSION['dolumar_openid_email'] = $email; $url = ABSOLUTE_URL . 'dispatch.php?module=openid/register/&session_id=' . session_id(); header('Location: ' . $url); } // Update this ID $db->update('n_auth_openid', array('notify_url' => $notify_url, 'profilebox_url' => $profilebox_url, 'userstats_url' => $openid_userstats), "openid_url = '" . $db->escape($esc_identity) . "'"); } } } }
function runFinish() { // {{{ global $smarty; $consumer = getConsumer(); // Complete the authentication process using the server's // response. $response = $consumer->complete(getReturnTo()); // Check the response status. if ($response->status == Auth_OpenID_CANCEL) { // This means the authentication was cancelled. displayError(tra('Verification cancelled.')); } else { if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message. displayError(tra("OpenID authentication failed: ") . $response->message); } else { if ($response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded; extract the // identity URL and Simple Registration data (if it was // returned). $data = array('identifier' => $response->identity_url, 'email' => '', 'fullname' => '', 'nickname' => ''); $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); $sreg = $sreg_resp->contents(); // Sanitize identifier. Just consider slashes at the end are never good. if (substr($data['identifier'], -1) == '/') { $data['identifier'] = substr($data['identifier'], 0, -1); } if (@$sreg['email']) { $data['email'] = $sreg['email']; } if (@$sreg['nickname']) { $data['nickname'] = $sreg['nickname']; } $_SESSION['openid_url'] = $data['identifier']; // If OpenID identifier exists in the database $list = getAccountsMatchingIdentifier($data['identifier']); $_SESSION['openid_userlist'] = $list; $smarty->assign('openid_userlist', $list); if (count($list) > 0 && !isset($_GET['force'])) { // If Single account if (count($list) == 1) { // Login the user loginUser($list[0]); } else { // Else Multiple account // Display user selection list displaySelectionList($list); } } else { $messages = array(); // Check for entries that already exist in the database and filter them out filterExistingInformation($data, $messages); // Display register and attach forms displayRegisatrationForms($data, $messages); } } } } }
function run() { $consumer = getConsumer(); // Complete the authentication process using the server's // response. $return_to = getReturnTo(); $response = $consumer->complete($return_to); // Check the response status. if ($response->status == Auth_OpenID_CANCEL) { // This means the authentication was cancelled. $msg = 'Verification cancelled.'; } else { if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message. $msg = "OpenID authentication failed: " . $response->message; } else { if ($response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded; extract the // identity URL and Simple Registration data (if it was // returned). $openid = $response->getDisplayIdentifier(); $esc_identity = escape($openid); $user = new OpenIDUser(); $user->id = escape($response->endpoint->claimed_id); $success = sprintf('You have successfully verified ' . '<a href="%s">%s</a> as your identity.', $esc_identity, $esc_identity); if ($response->endpoint->canonicalID) { $escaped_canonicalID = escape($response->endpoint->canonicalID); $success .= ' (XRI CanonicalID: ' . $escaped_canonicalID . ') '; if (empty($user->id)) { $user->id = $escaped_cononicalID; } } $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); $sreg = $sreg_resp->contents(); //use whichever one we find. if (@$sreg['fullname'] && empty($user->name)) { $user->name = escape($sreg['fullname']); } if (@$sreg['nickname'] && empty($user->name)) { $user->name = escape($sreg['nickname']); } if (@$sreg['email'] && empty($user->name)) { $user->name = escape($sreg['email']); } if (empty($user->name)) { $user->name = 'Anonymous'; } $pape_resp = Auth_OpenID_PAPE_Response::fromSuccessResponse($response); if ($pape_resp) { if ($pape_resp->auth_policies) { $success .= "<p>The following PAPE policies affected the authentication:</p><ul>"; foreach ($pape_resp->auth_policies as $uri) { $escaped_uri = escape($uri); $success .= "<li><tt>{$escaped_uri}</tt></li>"; } $success .= "</ul>"; } else { $success .= "<p>No PAPE policies affected the authentication.</p>"; } if ($pape_resp->auth_age) { $age = escape($pape_resp->auth_age); $success .= "<p>The authentication age returned by the " . "server is: <tt>" . $age . "</tt></p>"; } if ($pape_resp->nist_auth_level) { $auth_level = escape($pape_resp->nist_auth_level); $success .= "<p>The NIST auth level returned by the " . "server is: <tt>" . $auth_level . "</tt></p>"; } } else { $success .= "<p>No PAPE response was sent by the provider.</p>"; } } } } if ($user != null) { $_SESSION['user'] = serialize($user); } header('Location: /'); }
$openid_url = $skyrates_discovered; $auth_request = $consumer->begin($openid_url); $sreg_request = Auth_OpenID_SRegRequest::build(array('username', 'faction'), array('charname')); $auth_request->addExtension($sreg_request); // Redirect the user to the OpenID server for authentication. // Store the token for this authentication so we can verify the // response. // For OpenID 1, send a redirect. For OpenID 2, use a Javascript // form to send a POST request to the server. if ($auth_request->shouldSendRedirect()) { $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo()); // If the redirect URL can't be built, display an error // message. if (Auth_OpenID::isFailure($redirect_url)) { displayError("Could not redirect to server: " . $redirect_url->message); } else { // Send redirect. header("Location: " . $redirect_url); } } else { // Generate form markup and render it. $form_id = 'openid_message'; $form_html = $auth_request->htmlMarkup(getTrustRoot(), getReturnTo(), false, array('id' => $form_id)); // Display an error if the form markup couldn't be generated; // otherwise, render the HTML. if (Auth_OpenID::isFailure($form_html)) { displayError("Could not redirect to server: " . $form_html->message); } else { print $form_html; } }
/** * Authenticate using the OpenID protocol * * @param bool $debug Turn debug on or not * @return bool successful? */ public function authenticate($debug = FALSE) { // check to see if we already have an OpenID response in SESSION if (isset($_SESSION['openid_response'])) { if ($debug) { icms_core_Debug::message(_CORE_OID_INSESSIONS); } $this->response = unserialize($_SESSION['openid_response']); } else { if ($debug) { icms_core_Debug::message(_CORE_OID_FETCHING); } // Complete the authentication process using the server's response. $consumer = getConsumer(); $return_to = getReturnTo(); //$this->response = $consumer->complete($_GET); $this->response = $consumer->complete($return_to); $_SESSION['openid_response'] = serialize($this->response); } if ($this->response->status == Auth_OpenID_CANCEL) { if ($debug) { icms_core_Debug::message(_CORE_OID_STATCANCEL); } // This means the authentication was cancelled. $this->setErrors('100', _CORE_OID_VERIFCANCEL); } elseif ($this->response->status == Auth_OpenID_FAILURE) { if ($debug) { icms_core_Debug::message(_CORE_OID_SERVERFAILED); } $this->setErrors('101', _CORE_OID_FAILED . $this->response->message); if ($debug) { icms_core_Debug::message(_CORE_OID_DUMPREQ); icms_core_Debug::vardump($_REQUEST); } return FALSE; } elseif ($this->response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded. $this->displayid = $this->response->getDisplayIdentifier(); $this->openid = $this->response->identity_url; $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($this->response); $sreg = $sreg_resp->contents(); $_SESSION['openid_sreg'] = $sreg; if ($debug) { icms_core_Debug::message(_CORE_OID_SERVERSUCCESS); icms_core_Debug::message(_CORE_OID_DISPID . $this->displayid); icms_core_Debug::message(_CORE_OID_OPENID . $this->openid); icms_core_Debug::message(_CORE_OID_DUMPING); icms_core_Debug::vardump($sreg); } $esc_identity = htmlspecialchars($this->openid, ENT_QUOTES); $success = sprintf(_CORE_OID_SUCESSFULLYIDENTIFIED, $esc_identity, $this->displayid); if ($this->response->endpoint->canonicalID) { $success .= sprintf(_CORE_OID_CANONID, $this->response->endpoint->canonicalID); } /** * Now, where are we in the process, just back from OpenID server or trying to register or * trying to link to an existing account */ if (isset($_POST['openid_register'])) { if ($debug) { icms_core_Debug::message(_CORE_OID_STEPIS . 'OPENID_STEP_REGISTER'); } $this->step = OPENID_STEP_REGISTER; } elseif (isset($_POST['openid_link'])) { if ($debug) { icms_core_Debug::message(_CORE_OID_STEPIS . 'OPENID_STEP_LINK'); } $this->step = OPENID_STEP_LINK; } elseif (isset($_SESSION['openid_step'])) { if ($debug) { icms_core_Debug::message(_CORE_OID_STEPIS . $_SESSION['openid_step']); } $this->step = $_SESSION['openid_step']; } else { if ($debug) { icms_core_Debug::message(_CORE_OID_CHECKINGID); } // Do we already have a user with this openid $member_handler = icms::handler('icms_member'); $criteria = new icms_db_criteria_Compo(); $criteria->add(new icms_db_criteria_Item('openid', $this->openid)); $users =& $member_handler->getUsers($criteria); if ($users && count($users) > 0) { $this->step = OPENID_STEP_USER_FOUND; if ($debug) { icms_core_Debug::message(_CORE_OID_FOUNDSTEPIS . 'OPENID_STEP_USER_FOUND'); } return $users[0]; } else { /* * This openid was not found in the users table. Let's ask the user if he wants * to create a new user account on the site or else login with his already registered * account */ if ($debug) { icms_core_Debug::message(_CORE_OID_NOTFOUNDSTEPIS . 'OPENID_STEP_NO_USER_FOUND'); } $this->step = OPENID_STEP_NO_USER_FOUND; return FALSE; } } } }
<?php require_once "common.php"; function escape($thing) { return htmlentities($thing); } $return_to = getReturnTo(); $response = $consumer->complete($return_to); // Check the response status. if ($response->status == Auth_OpenID_CANCEL) { // This means the authentication was cancelled. $msg = 'Verification cancelled.'; } else { if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message. $msg = "OpenID authentication failed: " . $response->message; } else { if ($response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded; extract the // identity URL and Simple Registration data (if it was // returned). $openid = $response->getDisplayIdentifier(); $esc_identity = escape($openid); $msg = sprintf('You have successfully verified ' . '<a href="%s">%s</a> as your identity.', $esc_identity, $esc_identity); $sreg = Auth_OpenID_SRegResponse::fromSuccessResponse($response)->contents(); $_SESSION['openid'] = $openid; $_SESSION['username'] = @$sreg['username']; $_SESSION['faction'] = @$sreg['faction']; } }
function run() { $consumer = getConsumer(); // Complete the authentication process using the server's // response. $return_to = getReturnTo(); $response = $consumer->complete($return_to); // Check the response status. if ($response->status == Auth_OpenID_CANCEL) { // This means the authentication was cancelled. $msg = 'Verification cancelled.'; } else { if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message.d $msg = "OpenID authentication failed: " . $response->message; } else { if ($response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded; extract the // identity URL and Simple Registration data (if it was // returned). $openid = $response->getDisplayIdentifier(); $esc_identity = escape($openid); $success = sprintf('You have successfully verified ' . '<a href="%s">%s</a> as your identity.<br><br>Here\'s your MySpace profile data fetched using the MySpace REST APIs', $esc_identity, $esc_identity); if ($response->endpoint->canonicalID) { $escaped_canonicalID = escape($response->endpoint->canonicalID); $success .= ' (XRI CanonicalID: ' . $escaped_canonicalID . ') '; } $oauth_resp = Auth_OpenID_OAuthResponse::fromSuccessResponse($response); $authorized_request_token = $oauth_resp->authorized_request_token; $authorized_verifier = $oauth_resp->authorized_verifier; if ($authorized_request_token) { $ms = new MySpace(CONSUMER_KEY, CONSUMER_SECRET, $authorized_request_token->key, $authorized_request_token->secret, $authorized_verifier); $access_token = $ms->getAccessToken(); $ms = new MySpace(CONSUMER_KEY, CONSUMER_SECRET, $access_token->key, $access_token->secret); $userid = $ms->getCurrentUserId(); $_SESSION['userID'] = $userid; $_SESSION['access_token_key'] = $access_token->key; $_SESSION['access_token_secret'] = $access_token->secret; // Use the userID (fetched in the previous step) to get user's profile, friends and other info $profile_data = $ms->getProfile($userid); $friends_data = $ms->getFriends($userid); // Access $profile_data and $friend_data inside of index.php (via the include below) // to display the profile/friends data } } } } ?> <html> <head><title>MySpaceID Hybrid Example</title></head> <link rel="stylesheet" type="text/css" href="static/base.css"> <!-- YUI Combo CSS + JS files: --> <link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.6.0/build/tabview/assets/skins/sam/tabview.css"> <script type="text/javascript" src="http://yui.yahooapis.com/combo?2.6.0/build/yahoo-dom-event/yahoo-dom-event.js&2.6.0/build/imageloader/imageloader-min.js&2.6.0/build/element/element-beta-min.js&2.6.0/build/tabview/tabview-min.js"></script> <body class="yui-skin-sam"> <script> function closeWin() { // alert("closeWin() called"); // alert(opener); //window.opener.location.href = "profile.php"; // window.opener.location.reload(true); var rand = Math.random(); alert(rand); window.opener.sayhi(rand); self.close(); } </script> <h1>Finishing Log In</h1> <br> <?php if (isset($msg)) { print "<div class=\"alert\">{$msg}</div>"; } ?> <?php if (isset($error)) { print "<div class=\"error\">{$error}</div>"; } ?> <?php if (isset($success)) { print "<div class=\"success\">{$success}</div>"; } ?> <script>closeWin();</script> </body> </html> <?php }