PHP isTrusted Examples

Example #1

File: common.php Project: honchoman/singpolyma

function doAuth($info, $trusted = null, $fail_cancels = false)
{
    if (!$info) {
        // There is no authentication information, so bail
        return authCancel(null);
    }
    $req_url = $info->identity;
    $user = getLoggedInUser();
    setRequestInfo($info);
    if ($req_url != $user) {
        return login_render(array(), $req_url, $req_url);
    }
    $sites = getSessionSites();
    $trust_root = $info->trust_root;
    $fail_cancels = $fail_cancels || isset($sites[$trust_root]);
    $trusted = isset($trusted) ? $trusted : isTrusted($req_url, $trust_root);
    if ($trusted) {
        setRequestInfo();
        $server =& getServer();
        $response =& $info->answer(true);
        $webresponse =& $server->encodeResponse($response);
        $new_headers = array();
        foreach ($webresponse->headers as $k => $v) {
            $new_headers[] = $k . ": " . $v;
        }
        return array($new_headers, $webresponse->body);
    } elseif ($fail_cancels) {
        return authCancel($info);
    } else {
        return trust_render($info);
    }
}

Example #2

File: actions.php Project: lorea/Hydra-dev

/**
 * Handle a standard OpenID server request
 */
function action_default()
{
    global $store;
    $server =& getServer();
    $method = $_SERVER['REQUEST_METHOD'];
    /*$request = null;
      if ($method == 'GET') {
          $request = $_GET;
      } else {
          $request = $_POST;
      } */
    $request = $server->decodeRequest();
    if (!$request) {
        return "";
        //about_render();
    }
    setRequestInfo($request);
    if (in_array($request->mode, array('checkid_immediate', 'checkid_setup'))) {
        $identity = getLoggedInUser();
        if (isTrusted($identity, $request->trust_root, $request->return_to)) {
            if ($request->message->isOpenID1()) {
                $response =& $request->answer(true);
            } else {
                $response =& $request->answer(true, false, getServerURL(), $identity);
            }
        } else {
            if ($request->immediate) {
                $response =& $request->answer(false, getServerURL());
            } else {
                if (!getLoggedInUser()) {
                    $_SESSION['last_forward_from'] = current_page_url() . '?' . http_build_query(Auth_OpenID::getQuery());
                    system_message(elgg_echo('openid_server:not_logged_in'));
                    forward('login');
                }
                return trust_render($request);
            }
        }
        addSregFields(&$response);
    } else {
        $response =& $server->handleRequest($request);
    }
    $webresponse =& $server->encodeResponse($response);
    foreach ($webresponse->headers as $k => $v) {
        header("{$k}: {$v}");
    }
    header(header_connection_close);
    print $webresponse->body;
    exit(0);
}

Example #3

File: actions.php Project: honchoman/singpolyma

/**
 * Handle a standard OpenID server request
 */
function action_default()
{
    $server =& getServer();
    $method = $_SERVER['REQUEST_METHOD'];
    $request = null;
    if ($method == 'GET') {
        $request = $_GET;
    } else {
        $request = $_POST;
    }
    $request = Auth_OpenID::fixArgs($request);
    $request = $server->decodeRequest($request);
    if (!$request) {
        return about_render();
    }
    setRequestInfo($request);
    if (in_array($request->mode, array('checkid_immediate', 'checkid_setup'))) {
        if (isTrusted($request->identity, $request->trust_root)) {
            $response =& $request->answer(true);
            $sreg = getSreg($request->identity);
            if (is_array($sreg)) {
                foreach ($sreg as $k => $v) {
                    $response->addField('sreg', $k, $v);
                }
            }
        } else {
            if ($request->immediate) {
                $response =& $request->answer(false, getServerURL());
            } else {
                if (!getLoggedInUser()) {
                    return login_render();
                }
                return trust_render($request);
            }
        }
    } else {
        $response =& $server->handleRequest($request);
    }
    $webresponse =& $server->encodeResponse($response);
    foreach ($webresponse->headers as $k => $v) {
        header("{$k}: {$v}");
    }
    header(header_connection_close);
    print $webresponse->body;
    exit(0);
}

Example #4

File: trust.php Project: lorea/Hydra-dev

         $trusted = false;
     }
 } else {
     $req_url = normaliseUsername($info->identity);
 }
 $user = getLoggedInUser();
 $identity = $user;
 setRequestInfo($info);
 $req_url_path = substr($req_url, strpos($req_url, ":"));
 $user_path = substr($user, strpos($user, ":"));
 if ($info->message->isOpenID1() && $req_url_path != $user_path) {
     register_error(sprintf(elgg_echo("openid_server:loggedin_as_wrong_user"), $req_url, $user));
     forward();
 } else {
     $trust_root = $info->trust_root;
     $trusted = isset($trusted) ? $trusted : isTrusted($identity, $trust_root);
     if ($trusted) {
         setRequestInfo();
         $server =& getServer();
         if ($info->message->isOpenID1()) {
             $response =& $info->answer(true, null, $req_url);
         } else {
             $response =& $info->answer(true, null, getServerURL(), $identity);
         }
         addSregFields($response, $info, $identity);
         $webresponse =& $server->encodeResponse($response);
         $new_headers = array();
         foreach ($webresponse->headers as $k => $v) {
             $new_headers[] = $k . ": " . $v;
         }
         writeResponse(array($new_headers, $webresponse->body));