/** * @return string */ public function getEmail() { $atts = $this->_loid->getAttributes(); if (isset($atts["contact/email"])) { return $atts["contact/email"]; } return ""; }
/** * {@inheritdoc} */ function loginFinish() { # if user don't grant access of their data to your site, halt with an Exception if ($this->api->mode == 'cancel') { throw new Exception("Authentication failed! User has canceled authentication!", 5); } # if something goes wrong if (!$this->api->validate()) { throw new Exception("Authentication failed. Invalid request received!", 5); } # fetch received user data $response = $this->api->getAttributes(); # store the user profile $this->user->profile->identifier = $this->api->identity; $this->user->profile->firstName = array_key_exists("namePerson/first", $response) ? $response["namePerson/first"] : ""; $this->user->profile->lastName = array_key_exists("namePerson/last", $response) ? $response["namePerson/last"] : ""; $this->user->profile->displayName = array_key_exists("namePerson", $response) ? $response["namePerson"] : ""; $this->user->profile->email = array_key_exists("contact/email", $response) ? $response["contact/email"] : ""; $this->user->profile->language = array_key_exists("pref/language", $response) ? $response["pref/language"] : ""; $this->user->profile->country = array_key_exists("contact/country/home", $response) ? $response["contact/country/home"] : ""; $this->user->profile->zip = array_key_exists("contact/postalCode/home", $response) ? $response["contact/postalCode/home"] : ""; $this->user->profile->gender = array_key_exists("person/gender", $response) ? $response["person/gender"] : ""; $this->user->profile->photoURL = array_key_exists("media/image/default", $response) ? $response["media/image/default"] : ""; $this->user->profile->birthDay = array_key_exists("birthDate/birthDay", $response) ? $response["birthDate/birthDay"] : ""; $this->user->profile->birthMonth = array_key_exists("birthDate/birthMonth", $response) ? $response["birthDate/birthMonth"] : ""; $this->user->profile->birthYear = array_key_exists("birthDate/birthDate", $response) ? $response["birthDate/birthDate"] : ""; if (isset($response['namePerson/friendly']) && !empty($response['namePerson/friendly']) && !$this->user->profile->displayName) { $this->user->profile->displayName = $response["namePerson/friendly"]; } if (isset($response['birthDate']) && !empty($response['birthDate']) && !$this->user->profile->birthDay) { list($birthday_year, $birthday_month, $birthday_day) = $response['birthDate']; $this->user->profile->birthDay = (int) $birthday_day; $this->user->profile->birthMonth = (int) $birthday_month; $this->user->profile->birthYear = (int) $birthday_year; } if (!$this->user->profile->displayName) { $this->user->profile->displayName = trim($this->user->profile->firstName . " " . $this->user->profile->lastName); } if ($this->user->profile->gender == "f") { $this->user->profile->gender = "female"; } if ($this->user->profile->gender == "m") { $this->user->profile->gender = "male"; } // set user as logged in $this->setUserConnected(); // with openid providers we get the user profile only once, so store it Hybrid_Auth::storage()->set("hauth_session.{$this->providerId}.user", $this->user); }
public static function getUserEmail() { $encrypt_content = isset($_COOKIE[self::COOKIE_ID]) ? trim($_COOKIE[self::COOKIE_ID]) : null; if ($encrypt_content) { $content = self::decrypt($encrypt_content); list($email, $userName) = explode(self::USER_EMAIL_SPLITTER, $content); return array('email' => $email, 'userName' => $userName); } $openid = new LightOpenID($_SERVER['HTTP_HOST']); if (!$openid->mode) { $openid->identity = 'https://www.google.com/accounts/o8/id'; $openid->required = array('contact/email', 'namePerson/first', 'namePerson/last'); header('Location: ' . $openid->authUrl()); die; } elseif ($openid->mode != 'cancel' && $openid->validate()) { $data = $openid->getAttributes(); $email = $data['contact/email']; $userName = $data['namePerson/last'] . $data['namePerson/first']; $content = $email . self::USER_EMAIL_SPLITTER . $userName; $encrypt_content = self::encrypt($content); $_COOKIE[self::COOKIE_ID] = $encrypt_content; $expire = self::COOKIE_EXPIRE_TIME + time(); setcookie(self::COOKIE_ID, $encrypt_content, $expire); return array('email' => $email, 'userName' => $userName); } return array(); }
public function register(Application $app) { $app->before(function () use($app) { $app['session']->start(); if ($app['request']->get('_route') == 'logout') { return; } if (!$app['session']->has('username')) { $openid = new \LightOpenID($_SERVER['SERVER_NAME']); if (!$openid->mode) { $openid->identity = 'https://www.google.com/accounts/o8/id'; $openid->required = array('email' => 'contact/email', 'firstname' => 'namePerson/first', 'lastname' => 'namePerson/last'); return $app->redirect($openid->authUrl()); } else { if ($openid->validate()) { $attributes = $openid->getAttributes(); $app['session']->set('username', $attributes['contact/email']); $app['session']->set('fullname', $attributes['namePerson/first'] . ' ' . $attributes['namePerson/last']); } } } $app['twig']->addGlobal('username', $app['session']->get('username')); $app['twig']->addGlobal('fullname', $app['session']->get('fullname')); if (isset($app['auth']) && !$app['auth']($app['session']->get('username'))) { $app['session']->remove('username'); $app['session']->remove('fullname'); return new Response($app['twig']->render('forbidden.html.twig'), 403); } }); }
/** * Service provider returns the user here. */ public function returningProvider() { $openid = new LightOpenID('renshuu.paazmaya.com'); if ($openid->mode) { $attr = $openid->getAttributes(); if ($openid->validate()) { $_SESSION['email'] = $attr['contact/email']; // Not always set, specially Google, even if required... $_SESSION['username'] = isset($attr['namePerson']) ? $attr['namePerson'] : $attr['contact/email']; $_SESSION['identity'] = $openid->identity; // Check if the email has already existing access rights $sql = 'SELECT title, email, access FROM renshuu_user WHERE email = \'' . $_SESSION['email'] . '\''; $run = $this->pdo->query($sql); if ($run->rowCount() > 0) { $res = $run->fetch(PDO::FETCH_ASSOC); // So there was data, just login and use the site $_SESSION['username'] = $res['title']; $_SESSION['access'] = intval($res['access']); // use as binary } else { // Insert $sql = 'INSERT INTO renshuu_user (title, email, identity, modified, access) VALUES (\'' . $attr['namePerson'] . '\', \'' . $attr['contact/email'] . '\', \'' . $openid->identity . '\', ' . time() . ', 1)'; $run = $this->pdo->query($sql); $_SESSION['access'] = 1; // Should you send an email telling about new user? } } header('Location: http://' . $_SERVER['HTTP_HOST']); } }
/** * 處理 OpenID 登入 * GET login/openid */ public function openIDLogin() { try { // $openid = new LightOpenID('my-host.example.org'); $openid = new LightOpenID('http://10.231.87.100:81/'); if (!$openid->mode) { // 第一步驟 // 設定 $openid->identity = 'http://openid.ntpc.edu.tw/'; // 要求取得之資料欄位 $openid->required = array('namePerson', 'pref/timezone'); // 會先到 輸入帳密登入頁面 // 再到 同意 / 不同意 授權頁面 return Redirect::to($openid->authUrl()); } elseif ($openid->mode == 'cancel') { // 使用者取消(不同意授權) return Redirect::to('/'); // 導回首頁 } else { // 使用者同意授權 // 此時 $openid->mode = "id_res" if ($openid->validate()) { // 通過驗證,也同意授權 // 取得資料 $attr = $openid->getAttributes(); // return dd($attr); // 將取得之資料帶到下一個步驟進行處理 // 要有相對應的路由設定 return Redirect::action('AuthController@showUserData', ['user' => $attr]); } } } catch (ErrorException $e) { echo $e->getMessage(); } }
/** * OpenID プロバイダから返却されたパラメータを受け取ります。 * * @return bool パラメータを正しく解析できた場合に TRUE を返します。 * リクエストの妥当性をチェックする場合は {@link isAuthenticated()} メソッドを使用して下さい。 * @author Naomichi Yamakita <*****@*****.**> */ public function receiveData() { $this->_attributeExchange = new Mars_OpenIDAttributeExchange($this->_openId->getAttributes()); // レスポンスは GET、または POST で返される $data = $this->request->getParameter('openid_mode'); if (null_or_empty($data)) { return FALSE; } if ($this->request->getQuery('openid_mode') != 'cancel' && $this->_openId->validate()) { $this->_identity = $this->request->getParameter('openid_identity'); } return TRUE; }
/** * Ask for OpenID identifer */ public function request() { if (!$this->openid->mode) { $this->openid->identity = 'http://steamcommunity.com/openid'; header('Location: ' . $this->openid->authUrl()); exit; } else { if ($this->openid->mode == 'cancel') { $this->errorCallback(array('provider' => 'Steam', 'code' => 'cancel_authentication', 'message' => 'User has canceled authentication')); } else { if (!$this->openid->validate()) { $this->errorCallback(array('provider' => 'Steam', 'code' => 'not_logged_in', 'message' => 'User has not logged in')); } else { $steamId = ''; if (preg_match('/http:\\/\\/steamcommunity.com\\/openid\\/id\\/(\\d+)/', $this->openid->data['openid_identity'], $matches)) { $steamId = $matches[1]; } $userInfo = $this->userInfo($steamId); $this->auth = array('provider' => 'Steam', 'uid' => $steamId, 'info' => $userInfo, 'credentials' => $this->openid->getAttributes(), 'raw' => $userInfo); $this->callback(); } } } }
protected function authenticateOpenId($openidIdentity) { // 3rd-party library: http://gitorious.org/lightopenid // Required: PHP 5, curl $openid = new LightOpenID(); $openid->required = array('namePerson/friendly', 'contact/email'); $openid->optional = array('namePerson/first'); if (isset($_GET['openid_mode'])) { $result = $openid->validate(); $this->_openidIdentity = $openid->identity; $this->_attributes = $openid->getAttributes(); return $result; } $openid->identity = $openidIdentity; header('Location: ' . $openid->authUrl()); exit; }
public function add(\LightOpenID $openId) { $attrs = $openId->getAttributes(); $uzivatel = $this->get($openId->identity); $arr = array(self::COLUMN_IDENTITY => $openId->identity); if (!empty($attrs['namePerson'])) { $arr[self::COLUMN_NAME] = $attrs['namePerson']; } if (!empty($attrs['contact/email'])) { $arr[self::COLUMN_EMAIL] = $attrs['contact/email']; } if (empty($uzivatel)) { $this->database->query("INSERT INTO " . self::TABLE_NAME, $arr); } else { $this->database->query("UPDATE " . self::TABLE_NAME . " SET ", $arr, " WHERE " . self::COLUMN_IDENTITY . "=?;", $openId->identity); } $user = $this->get($openId->identity); return $user; }
protected function doOpenId($identity) { require "vendor/lightopenid/openid.php"; $openid = new \LightOpenID(Ntentan::$config['application']['domain']); if (!$openid->mode) { $identity = $openid->discover($identity); $openid->identity = $identity; $openid->required = array('contact/email', 'namePerson/first', 'namePerson/last', 'namePerson/friendly'); header('Location: ' . $openid->authUrl()); } elseif ($openid->mode == 'cancel') { return "cancelled"; } else { if ($openid->validate()) { $oidStatus = $openid->getAttributes(); $status = array('email' => $oidStatus['contact/email'], 'firstname' => $oidStatus['namePerson/first'], 'lastname' => $oidStatus['namePerson/last'], 'nickname' => $oidStatus['namePerson/friendly'], 'key' => $oidStatus['contact/email']); return $status; } else { return "failed"; } } }
/** * Validates the OpenID provider's response and logs in the user. * * If the user doesn't already exist, a new user account is created for them * and their attributes are saved. * * @return void */ public function _handleOpenIDResponse() { if ($this->LightOpenID->mode == 'cancel') { $this->Session->setFlash(__('Login canceled'), 'default', array(), 'auth'); } else { if ($this->LightOpenID->validate()) { if (!$this->_existsOpenIDUser($this->LightOpenID->identity)) { $this->_registerOpenIDUser($this->LightOpenID->identity, $this->LightOpenID->getAttributes()); } $data = $this->_loadOpenIDUser($this->LightOpenID->identity); if ($data) { $this->Auth->login($data['User']); $this->redirect($this->Auth->redirect()); } else { $this->Session->setFlash("OpenID verified, but failed to load user data from the database"); } } else { $this->Session->setFlash(__('OpenID verification failed'), 'default', array(), 'auth'); } } }
function action_finishAuth() { $openid = new LightOpenID(); if (!$openid->validate()) { $this->request->redirect('auth/login'); return; } $this->session->regenerate(); $this->session->set('account_id', $_GET['openid_identity']); $attr = $openid->getAttributes(); if (@$attr['contact/email']) { $this->session->set('account_email', $attr['contact/email']); } if (@$attr['namePerson/first'] && @$attr['namePerson/last']) { $this->session->set('account_displayName', implode(' ', array(@$attr['namePerson/first'], @$attr['namePerson/last']))); } else { if (@$attr['namePerson']) { $this->session->set('account_displayName', $attr['namePerson']); } else { if (@$attr['namePerson/friendly']) { $this->session->set('account_displayName', $attr['namePerson/friendly']); } } } if (!($this->session->get('account_email') && $this->session->get('account_displayName'))) { echo "<br/><pre><xmp>"; var_dump($openid); var_dump($openid->getAttributes()); echo "</xmp></pre>"; die; } $location = $this->session->get('redirected_from'); $this->session->delete('redirected_from'); if (!$location) { $location = "admin/index"; } $this->request->redirect($location); }
function get() { $noid = get_config('system', 'disable_openid'); if ($noid) { goaway(z_root()); } logger('mod_openid ' . print_r($_REQUEST, true), LOGGER_DATA); if (x($_REQUEST, 'openid_mode')) { $openid = new LightOpenID(z_root()); if ($openid->validate()) { logger('openid: validate'); $authid = normalise_openid($_REQUEST['openid_identity']); if (!strlen($authid)) { logger(t('OpenID protocol error. No ID returned.') . EOL); goaway(z_root()); } $x = match_openid($authid); if ($x) { $r = q("select * from channel where channel_id = %d limit 1", intval($x)); if ($r) { $y = q("select * from account where account_id = %d limit 1", intval($r[0]['channel_account_id'])); if ($y) { foreach ($y as $record) { if ($record['account_flags'] == ACCOUNT_OK || $record['account_flags'] == ACCOUNT_UNVERIFIED) { logger('mod_openid: openid success for ' . $x[0]['channel_name']); $_SESSION['uid'] = $r[0]['channel_id']; $_SESSION['account_id'] = $r[0]['channel_account_id']; $_SESSION['authenticated'] = true; authenticate_success($record, $r[0], true, true, true, true); goaway(z_root()); } } } } } // Successful OpenID login - but we can't match it to an existing account. // See if they've got an xchan $r = q("select * from xconfig left join xchan on xchan_hash = xconfig.xchan where cat = 'system' and k = 'openid' and v = '%s' limit 1", dbesc($authid)); if ($r) { $_SESSION['authenticated'] = 1; $_SESSION['visitor_id'] = $r[0]['xchan_hash']; $_SESSION['my_url'] = $r[0]['xchan_url']; $_SESSION['my_address'] = $r[0]['xchan_addr']; $arr = array('xchan' => $r[0], 'session' => $_SESSION); call_hooks('magic_auth_openid_success', $arr); \App::set_observer($r[0]); require_once 'include/security.php'; \App::set_groups(init_groups_visitor($_SESSION['visitor_id'])); info(sprintf(t('Welcome %s. Remote authentication successful.'), $r[0]['xchan_name'])); logger('mod_openid: remote auth success from ' . $r[0]['xchan_addr']); if ($_SESSION['return_url']) { goaway($_SESSION['return_url']); } goaway(z_root()); } // no xchan... // create one. // We should probably probe the openid url and figure out if they have any kind of // social presence we might be able to scrape some identifying info from. $name = $authid; $url = trim($_REQUEST['openid_identity'], '/'); if (strpos($url, 'http') === false) { $url = 'https://' . $url; } $pphoto = z_root() . '/' . get_default_profile_photo(); $parsed = @parse_url($url); if ($parsed) { $host = $parsed['host']; } $attr = $openid->getAttributes(); if (is_array($attr) && count($attr)) { foreach ($attr as $k => $v) { if ($k === 'namePerson/friendly') { $nick = notags(trim($v)); } if ($k === 'namePerson/first') { $first = notags(trim($v)); } if ($k === 'namePerson') { $name = notags(trim($v)); } if ($k === 'contact/email') { $addr = notags(trim($v)); } if ($k === 'media/image/aspect11') { $photosq = trim($v); } if ($k === 'media/image/default') { $photo_other = trim($v); } } } if (!$nick) { if ($first) { $nick = $first; } else { $nick = $name; } } require_once 'library/urlify/URLify.php'; $x = strtolower(\URLify::transliterate($nick)); if ($nick & $host) { $addr = $nick . '@' . $host; } $network = 'unknown'; if ($photosq) { $pphoto = $photosq; } elseif ($photo_other) { $pphoto = $photo_other; } $mimetype = guess_image_type($pphoto); $x = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_mimetype,\n\t xchan_photo_l, xchan_addr, xchan_url, xchan_connurl, xchan_follow, xchan_connpage, xchan_name, xchan_network, xchan_photo_date, \n\t\t\t\t\txchan_name_date, xchan_hidden)\n\t values ( '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', 1) ", dbesc($url), dbesc(''), dbesc(''), dbesc(''), dbesc($mimetype), dbesc($pphoto), dbesc($addr), dbesc($url), dbesc(''), dbesc(''), dbesc(''), dbesc($name), dbesc($network), dbesc(datetime_convert()), dbesc(datetime_convert())); if ($x) { $r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($url)); if ($r) { $photos = import_xchan_photo($pphoto, $url); if ($photos) { $z = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', \n\t\t\t\t\t\t\t\txchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'", dbesc(datetime_convert()), dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), dbesc($photos[3]), dbesc($url)); } set_xconfig($url, 'system', 'openid', $authid); $_SESSION['authenticated'] = 1; $_SESSION['visitor_id'] = $r[0]['xchan_hash']; $_SESSION['my_url'] = $r[0]['xchan_url']; $_SESSION['my_address'] = $r[0]['xchan_addr']; $arr = array('xchan' => $r[0], 'session' => $_SESSION); call_hooks('magic_auth_openid_success', $arr); \App::set_observer($r[0]); info(sprintf(t('Welcome %s. Remote authentication successful.'), $r[0]['xchan_name'])); logger('mod_openid: remote auth success from ' . $r[0]['xchan_addr']); if ($_SESSION['return_url']) { goaway($_SESSION['return_url']); } goaway(z_root()); } } } } notice(t('Login failed.') . EOL); goaway(z_root()); // NOTREACHED }
if (!empty($server) and in_array($server, $global_config['openid_servers'])) { if (file_exists(NV_ROOTDIR . '/modules/users/login/oauth-' . $server . '.php')) { include NV_ROOTDIR . '/modules/users/login/oauth-' . $server . '.php'; } elseif (file_exists(NV_ROOTDIR . '/modules/users/login/cas-' . $server . '.php')) { include NV_ROOTDIR . '/modules/users/login/cas-' . $server . '.php'; } else { include_once NV_ROOTDIR . '/includes/class/openid.class.php'; $openid = new LightOpenID(); if ($nv_Request->isset_request('openid_mode', 'get')) { $openid_mode = $nv_Request->get_string('openid_mode', 'get', ''); if ($openid_mode == 'cancel') { $attribs = array('result' => 'cancel'); } elseif (!$openid->validate()) { $attribs = array('result' => 'notlogin'); } else { $attribs = array('result' => 'is_res', 'id' => $openid->identity, 'server' => $server) + $openid->getAttributes(); } $attribs = serialize($attribs); $nv_Request->set_Session('openid_attribs', $attribs); $op_redirect = defined('NV_IS_USER') ? 'openid' : 'login'; Header('Location: ' . NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=' . $op_redirect . '&server=' . $server . '&result=1&nv_redirect=' . $nv_redirect); exit; } if (!$nv_Request->isset_request('result', 'get')) { include_once NV_ROOTDIR . '/modules/users/login/openid-' . $server . '.php'; $openid->identity = $openid_server_config['identity']; $openid->required = array_values($openid_server_config['required']); header('Location: ' . $openid->authUrl()); die; } exit;
<?php require_once dirname(dirname(__FILE__)) . '/openid/openid.php'; require_once dirname(dirname(__FILE__)) . '/utils.php'; try { if (!isset($_GET['openid_mode']) || $_GET['openid_mode'] == 'cancel') { $openid = new LightOpenID(); $openid->identity = urldecode($_GET['openid_url']); $openid->required = array('namePerson/first', 'namePerson/last', 'contact/email'); header('Location: ' . $openid->authUrl()); } else { $openid = new LightOpenID(); if ($openid->validate()) { $open_id = $openid->identity; $attributes = $openid->getAttributes(); $email = $attributes['contact/email']; $first_name = $attributes['namePerson/first']; $last_name = $attributes['namePerson/last']; $signature = social_connect_generate_signature($open_id); do_action('social_connect_before_register_openid', $open_id, $signature); ?> <html> <head> <script> function init() { window.opener.wp_social_connect({'action' : 'social_connect', 'social_connect_provider' : 'openid', 'social_connect_openid_identity' : '<?php echo $open_id; ?> ', 'social_connect_signature' : '<?php
public function openid() { $openid = new LightOpenID($_SERVER['SERVER_NAME']); if (!$openid->mode) { if (isset($_POST['google'])) { $openid->identity = 'https://www.google.com/accounts/o8/id'; $openid->required = array('namePerson/friendly', 'contact/email'); $openid->optional = array('namePerson', 'birthDate', 'person/gender', 'contact/postalCode/home', 'contact/country/home', 'pref/language', 'pref/timezone'); header('Location: ' . $openid->authUrl()); } } else { if ($openid->mode === 'cancel') { echo 'User has canceled authentication!'; } else { if ($openid->validate()) { $data = $openid->getAttributes(); /* check for first login, if no record exists create one and force user to input remaining data. * If a login does exist create the session and redirect the user to their dashboard. */ $identity = $this->model->check_openid($openid->identity); if (!$identity) { redirect('auth/register/' . urlencode_array($data) . '&identity=' . urlencode($openid->identity)); } else { if (!$this->model->login_user($identity['identity'])) { die("could not login user"); } else { redirect('dashboard'); } } } else { echo "Login with '{$openid->identity}' failed"; } } } }
<?php # Logging in with Google accounts requires setting special identity, # so this example shows how to do it. require 'openid.php'; try { # Change 'example.org' to your domain name. $domain = 'localhost'; $openid = new LightOpenID($domain); if (!$openid->mode) { if (isset($_GET['login'])) { $openid->identity = 'https://www.google.com/accounts/o8/id'; $openid->required = array('contact/email'); header('Location: ' . $openid->authUrl()); } } elseif ($openid->mode == 'cancel') { echo 'User has canceled authentication!'; } else { echo 'User ' . ($openid->validate() ? $openid->identity . ' has ' : 'has not ') . 'logged in.'; print_r($openid->getAttributes()); } } catch (ErrorException $e) { echo $e->getMessage(); }
$openid->required = array('username' => 'contact/email'); $openid->optional = array('name' => 'namePerson', 'dname' => 'namePerson/friendly', 'zip' => 'contact/postalCode/home'); } } $openid->returnURL = $returnurl; header('Location: ' . $openid->authUrl()); } $buffer .= "\n<form action='' method='post'>\n <label for='openid_url'>OpenID: </label><input type='text' name='openid_url' required='required' /> <button>Submit</button>\n</form>"; } else { if ($openid->mode == 'cancel') { $buffer .= 'User has canceled authentication!'; // handle the rejection } else { $ok = boolstr($openid->validate()); if ($ok) { $data = $openid->getAttributes(); if ($signin_type != 'new') { // Do a user lookup for login // identity provider --> password // the [contact/email] field is their user id. // If it fails, offer to create a new user // if so, change $signin_type so it triggers the subsequent code block ... } if ($signin_type == 'new') { // Create a user require 'modular/login_functions.php'; $res = createUser($data['contact/email'], $provider, $data['namePerson'], $data['namePerson/friendly'], $data['contact/postalCode/home']); // handle the user creation // Direct to profile editor } } else {
if (!empty($server) and isset($openid_servers[$server])) { include_once NV_ROOTDIR . "/includes/class/openid.class.php"; $openid_class = new LightOpenID(); if ($nv_Request->isset_request('openid_mode', 'get')) { $openid_mode = $nv_Request->get_string('openid_mode', 'get', ''); if ($openid_mode == "cancel") { $nv_Request->set_Session('openid_error', 1); header("Location: " . nv_url_rewrite(NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=openid", true)); die; } elseif (!$openid_class->validate()) { $nv_Request->set_Session('openid_error', 2); header("Location: " . nv_url_rewrite(NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=openid", true)); die; } else { $openid = $openid_class->identity; $attribs = $openid_class->getAttributes(); $email = (isset($attribs['contact/email']) and nv_check_valid_email($attribs['contact/email']) == "") ? $attribs['contact/email'] : ""; if (empty($openid) or empty($email)) { $nv_Request->set_Session('openid_error', 3); header("Location: " . nv_url_rewrite(NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=openid", true)); die; } $opid = $crypt->hash($openid); $query = "SELECT COUNT(*) AS `count` FROM `" . NV_USERS_GLOBALTABLE . "_openid` WHERE `opid`=" . $db->dbescape($opid); $result = $db->sql_query($query); list($count) = $db->sql_fetchrow($result); if ($count) { $nv_Request->set_Session('openid_error', 4); header("Location: " . NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=openid"); die; }
$openid->required = array('contact/email', 'namePerson/first', 'namePerson/last'); $openid->optional = array('namePerson/friendly'); header('Location: ' . $openid->authUrl()); return; } } else { if ($openid->mode == 'cancel') { $errormsg = "You have canceled authentication. That's OK but we cannot log you in. Sorry."; error_log('Google-Cancel'); } else { if (!$openid->validate()) { $errormsg = 'You were not logged in by Google. It may be due to a technical problem.'; error_log('Google-Fail'); } else { $identity = $openid->identity; $userAttributes = $openid->getAttributes(); // echo("\n<pre>\n");print_r($userAttributes);echo("\n</pre>\n"); $firstName = isset($userAttributes['namePerson/first']) ? $userAttributes['namePerson/first'] : false; $lastName = isset($userAttributes['namePerson/last']) ? $userAttributes['namePerson/last'] : false; $userEmail = isset($userAttributes['contact/email']) ? $userAttributes['contact/email'] : false; $doLogin = true; } } } } catch (ErrorException $e) { $errormsg = $e->getMessage(); } } if ($doLogin) { if ($firstName === false || $lastName === false || $userEmail === false) { error_log('Google-Missing:' . $identity . ',' . $firstName . ',' . $lastName . ',' . $userEmail);
function openid_content(&$a) { $noid = get_config('system', 'no_openid'); if ($noid) { goaway(z_root()); } if (x($_GET, 'openid_mode') && x($_SESSION, 'openid')) { $openid = new LightOpenID(); if ($openid->validate()) { if (x($_SESSION, 'register')) { unset($_SESSION['register']); $args = ''; $attr = $openid->getAttributes(); if (is_array($attr) && count($attr)) { foreach ($attr as $k => $v) { if ($k === 'namePerson/friendly') { $nick = notags(trim($v)); } if ($k === 'namePerson/first') { $first = notags(trim($v)); } if ($k === 'namePerson') { $args .= '&username='******'contact/email') { $args .= '&email=' . notags(trim($v)); } if ($k === 'media/image/aspect11') { $photosq = bin2hex(trim($v)); } if ($k === 'media/image/default') { $photo = bin2hex(trim($v)); } } } if ($nick) { $args .= '&nickname=' . $nick; } elseif ($first) { $args .= '&nickname=' . $first; } if ($photosq) { $args .= '&photo=' . $photosq; } elseif ($photo) { $args .= '&photo=' . $photo; } $args .= '&openid_url=' . notags(trim($_SESSION['openid'])); if ($a->config['register_policy'] != REGISTER_CLOSED) { goaway($a->get_baseurl() . '/register' . $args); } else { goaway(z_root()); } // NOTREACHED } $r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey` \n\t\t\t\tFROM `user` WHERE `openid` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1", dbesc($_SESSION['openid'])); if (!count($r)) { notice(t('Login failed.') . EOL); goaway(z_root()); } unset($_SESSION['openid']); $_SESSION['uid'] = $r[0]['uid']; $_SESSION['theme'] = $r[0]['theme']; $_SESSION['authenticated'] = 1; $_SESSION['page_flags'] = $r[0]['page-flags']; $_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $r[0]['nickname']; $a->user = $r[0]; if ($a->user['login_date'] === '0000-00-00 00:00:00') { $_SESSION['return_url'] = 'profile_photo/new'; $a->module = 'profile_photo'; info(t("Welcome ") . $a->user['username'] . EOL); info(t('Please upload a profile photo.') . EOL); } else { info(t("Welcome back ") . $a->user['username'] . EOL); } if (strlen($a->user['timezone'])) { date_default_timezone_set($a->user['timezone']); $a->timezone = $a->user['timezone']; } $r = q("SELECT `uid`,`username` FROM `user` WHERE `password` = '%s' AND `email` = '%s'", dbesc($a->user['password']), dbesc($a->user['email'])); if (count($r)) { $a->identities = $r; } $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1", intval($_SESSION['uid'])); if (count($r)) { $a->contact = $r[0]; $a->cid = $r[0]['id']; $_SESSION['cid'] = $a->cid; } $l = get_language(); q("UPDATE `user` SET `login_date` = '%s', `language` = '%s' WHERE `uid` = %d LIMIT 1", dbesc(datetime_convert()), dbesc($l), intval($_SESSION['uid'])); header('X-Account-Management-Status: active; name="' . $a->user['username'] . '"; id="' . $a->user['nickname'] . '"'); if ($a->module !== 'home' && isset($_SESSION['return_url'])) { goaway($a->get_baseurl() . '/' . $_SESSION['return_url']); } else { goaway(z_root()); } } } notice(t('Login failed.') . EOL); goaway(z_root()); // NOTREACHED }
function GET_login($params) { require 'lightopenid/openid.php'; try { session_start(); $openid = new LightOpenID(); if ($openid->mode == 'cancel') { header("Location:" . $_SESSION["openid_final_return_url"]); return; } else { //this should be enabled if hosting support https protocol on curl // if ($openid->validate()) { $attr = $openid->getAttributes(); $_SESSION["username"] = $attr["contact/email"]; include "config.inc.php"; $link = mysql_connect($DB_HOST, $DB_USER, $DB_PASS) or die("Unable to connect:" . mysql_error()); mysql_select_db($DB_NAME) or die("Could not select database:" . mysql_error()); $sql = sprintf("insert Score (username, country, score) values ('%s', '%s', %d) on duplicate key update country='%s'", mysql_real_escape_string($_SESSION["username"]), mysql_real_escape_string($_SESSION["country"]), mysql_real_escape_string($_SESSION["score"]), mysql_real_escape_string($_SESSION["country"])); $result = mysql_query($sql) or die('Query failed: ' . mysql_error()); header("Location:" . $_SESSION["openid_final_return_url"]); return; // } // else { // return json_encode(array("status"=>"ok", "logged_in"=>false, "result"=>"not logged in")); // } } } catch (ErrorException $e) { return json_encode(array("status" => "error", "error_message" => $e->getMessage())); } }
private static function authYandex() { if (reg::getKey('/users/yandex_bool')) { try { $openid = new LightOpenID('http://' . $_SERVER['SERVER_NAME']); if (!$openid->mode) { $openid->identity = 'http://www.yandex.ru/'; $openid->required = array('contact/email'); $openid->optional = array('namePerson'); header('Location: ' . $openid->authUrl()); } elseif ($openid->mode == 'cancel') { self::closeWindowAndOpen('/'); system::stop(); } else { // Получение данных пользователя при успешной аутентификации if ($openid->validate()) { $attrs = $openid->getAttributes(); $login = substr($openid->identity, 24, strlen($openid->identity) - 25); $user_info = array('identity' => $openid->identity, 'login' => 'ya.' . $login, 'email' => $attrs['contact/email'], 'first_name' => strtok($attrs['namePerson'], ' '), 'last_name' => strtok(' '), 'social' => 'yandex', 'social_type' => SOCIAL_TYPE_YANDEX); self::checkSocialUser($user_info); } else { echo 'Ошибка входа на сайт'; system::stop(); } } } catch (ErrorException $e) { echo $e->getMessage(); } } }
public function handle_social_google() { global $xoouserultra; //require_once(ABSPATH . 'wp-includes/pluggable.php'); require_once xoousers_path . "libs/openid/openid.php"; //facebook libraries $web_url = site_url(); $openid = new LightOpenID($web_url); if ($openid->mode) { $data = $openid->getAttributes(); if ($openid->mode == 'cancel') { } elseif ($data["contact/email"] != "") { $openid->validate(); $redir_url = ""; //authentication authorized $data = $openid->getAttributes(); $email = $data['contact/email']; $a = $openid->identity; //validate $type = 4; //google if (strpos($a, 'yahoo') !== false) { $first = $data['namePerson']; $type = 3; //yahoo $user_full_name = trim($first); } else { $first = $data['namePerson/first']; $last_n = $data['namePerson/last']; $user_full_name = trim($first . " " . $last_n); } //save $u_user = $user_full_name; $u_name = $first; $u_email = $email; //check if already registered $exists = email_exists($u_email); if (!$exists) { //generat random password $user_pass = wp_generate_password(12, false); //Sanitize Login $user_login = str_replace('.', '-', $u_user); $user_login = sanitize_user($u_user, true); //Build user data $user_data = array('user_login' => $user_login, 'display_name' => !empty($u_name) ? $u_name : $u_user, 'user_email' => $u_email, 'user_pass' => $user_pass); // Create a new user $user_id = wp_insert_user($user_data); if (!$user_id) { } else { update_user_meta($user_id, 'xoouser_ultra_social_signup', $type); $verify_key = $this->get_unique_verify_account_id(); update_user_meta($user_id, 'xoouser_ultra_very_key', $verify_key); $this->user_account_status($user_id); //update_user_meta ($user_id, 'xoouser_ultra_facebook_id', $u_fb_id); //notify client $xoouserultra->messaging->welcome_email($u_email, $user_login, $user_pass); $creds['user_login'] = sanitize_user($u_user); $creds['user_password'] = $user_pass; $creds['remember'] = 1; $noactive = false; if (!$this->is_active($user_id) && !is_super_admin($user_id)) { $noactive = true; } if (!$noactive) { $user = wp_signon($creds, false); do_action('wp_login', $user->user_login, $user); } } } else { $noactive = false; /*If alreayd exists*/ $user = get_user_by('login', $u_user); $user_id = $user->ID; if (!$this->is_active($user_id) && !is_super_admin($user_id)) { $noactive = true; } if (!$noactive) { $secure = ""; //already exists then we log in wp_set_auth_cookie($user_id, true, $secure); do_action('wp_login', $user->user_login, $user); } } } } $this->login_registration_afterlogin(); }
public function google_verify_detail() { require_once APPPATH . 'libraries/openid.php'; $openid = new LightOpenID(base_url() . 'users/google_signin'); if ($openid->mode) { if ($openid->mode == 'cancel') { $this->session->set_flashdata('flash_message', $this->Common_model->flash_message('error', translate('User has canceled authentication !.'))); redirect('users/signin'); } elseif ($openid->validate()) { $data = $openid->getAttributes(); $email = $data['contact/email']; $result = $this->db->where('id', $this->dx_auth->get_user_id())->from('users')->get(); if ($result->num_rows() != 0) { $this->db->where('id', $this->dx_auth->get_user_id())->update('users', array('google_verify' => 'yes', 'google_email' => "{$email}")); $this->session->set_flashdata('flash_message', $this->Common_model->flash_message('success', translate('Your Google Account Successfully Verified.'))); redirect('home/verify?google=verified'); } else { $this->db->where('id', $this->dx_auth->get_user_id())->update('users', array('google_verify' => 'no', 'google_email' => 0)); $this->session->set_flashdata('flash_message', $this->Common_model->flash_message('error', translate('Your Google Account Not Verified.'))); redirect('home/verify?google=not_verified'); } } else { $this->db->where('id', $this->dx_auth->get_user_id())->update('users', array('google_verify' => 'no', 'google_email' => 0)); $this->session->set_flashdata('flash_message', $this->Common_model->flash_message('error', translate('Your Google Account Not Verified.'))); redirect('home/verify?google=not_verified'); } } }
/** * Creates or retrieve user information and set the information in user session * * @param LightOpenID $openId */ public function loginSuccessful(LightOpenID $openId) { // namePerson/first, namePerson/last, contact/email $attributes = $openId->getAttributes(); $email = $attributes['contact/email']; $userTbl = new App_Model_DbTable_User(); $user = $userTbl->findByEmail($email); // The user has successfully authenticated // but it does not exist in our database, so create the record if (!$user) { $userArray = array('username' => $attributes['namePerson/first'] . $attributes['namePerson/last'], 'email' => $attributes['contact/email'], 'is_active' => 1, 'role_id' => 3); $userId = $userTbl->insert($userArray); $user = $userTbl->find($userId); } if ($user) { $auth = Zend_Auth::getInstance(); $authStorage = $auth->getStorage(); $authStorage->write($user); } }
/** * Login con openid * */ public function loginOpenid() { $openid = new \LightOpenID($this->host); if ($openid->mode) { if ($openid->mode == 'cancel') { $this->last_error = "oauth-openid-access-denied"; return false; } elseif ($openid->validate()) { $data = $openid->getAttributes(); //print_r($data);print_r($openid);print_r($openid->identity);die; /* //por seguridad no aceptaremos conexions de OpenID que no nos devuelvan el email if(!Goteo\Library\Check::mail($data['contact/email'])) { $this->last_error = "oauth-openid-email-required"; return false; }*/ $this->user_data['email'] = $data['contact/email']; $this->user_data['username'] = $data['namePerson/friendly']; $this->user_data['name'] = $data['namePerson']; if (empty($this->user_data['name'])) { $this->user_data['name'] = trim($data['namePerson/first'] . " " . $data['namePerson/last']); } if ($data['contact/country/home']) { $this->user_data['location'] = $data['contact/country/home']; } //no se usan tokens para openid, guardamos el servidor como token $this->tokens['openid']['token'] = $this->openid_server; //como secreto usaremos un hash basado an algo que sea unico para cada usuario (la identidad openid es una URL única) //$this->tokens['openid']['secret'] = sha1($this->openid_server.$this->openid_secret.$data['contact/email']); $this->tokens['openid']['secret'] = $openid->identity; return true; } else { $this->last_error = "oauth-openid-not-logged"; return false; } } $this->last_error = "oauth-openid-not-logged"; return false; }
</form> <!-- <form action="" method="post"> OpenID: <input type="text" name="openid_identifier" /> <button>Submit</button> </form> --> <?php } else { if ($openid->mode == 'cancel') { echo 'User has canceled authentication!'; } else { if ($openid->validate()) { /* * Get attributes */ $openID_data = $openid->getAttributes(); /* * Store user information in user session */ $_SESSION["email"] = $openID_data["contact/email"]; $_SESSION["firstName"] = $openID_data["namePerson/first"]; $_SESSION["lastName"] = $openID_data["namePerson/last"]; $_SESSION["userName"] = $openID_data["namePerson/friendly"]; /* * Store user information in mapshup database */ // TODO /* * Tell mapshup that user is authenticated */ // TODO
public function __construct($objParentObject, $strControlId = null) { // Call the Parent try { parent::__construct($objParentObject, $strControlId); } catch (QCallerException $objExc) { $objExc->IncrementOffset(); throw $objExc; } $this->strTemplate = __NARRO_INCLUDES__ . '/narro/panel/NarroUserLoginPanel.tpl.php'; $this->lblMessage = new QLabel($this); $this->lblMessage->HtmlEntities = false; $this->objAccordion = new QAccordion($this); $lblNarroLogin = new QLinkButton($this->objAccordion); $lblNarroLogin->Text = t('Login with your Narro account'); $pnlNarroLogin = new QPanel($this->objAccordion); $pnlNarroLogin->AutoRenderChildren = true; $pnlNarroLogin->PreferedRenderMethod = 'RenderWithName'; $pnlNarroLogin->SetCustomStyle('text-align', 'right'); $this->txtUsername = new QTextBox($pnlNarroLogin, 'username'); $this->txtUsername->TabIndex = 1; $this->txtUsername->Name = t('Username'); $this->txtUsername->PreferedRenderMethod = 'RenderWithName'; $this->txtPassword = new QTextBox($pnlNarroLogin, 'password'); $this->txtPassword->TabIndex = 2; $this->txtPassword->TextMode = QTextMode::Password; $this->txtPassword->Name = t('Password'); $this->txtPassword->PreferedRenderMethod = 'RenderWithName'; $this->btnLogin = new QButton($pnlNarroLogin); $this->btnLogin->Text = t('Login'); $this->btnLogin->PrimaryButton = true; $this->btnLogin->TabIndex = 3; $this->btnLogin->AddAction(new QClickEvent(), new QServerControlAction($this, 'btnLogin_Click')); $lblOpenIdLogin = new QLinkButton($this->objAccordion); $lblOpenIdLogin->HtmlEntities = false; $lblOpenIdLogin->Text = '<img src="http://www.openid.net/favicon.ico" /> ' . t('Login with your OpenID'); $pnlOpenIdLogin = new QPanel($this->objAccordion); $pnlOpenIdLogin->AutoRenderChildren = true; $this->txtOpenId = new QTextBox($pnlOpenIdLogin, 'openid'); $this->txtOpenId->Name = t('OpenID URL'); $this->txtOpenId->Instructions = t('Use your existing OpenID account information to login.'); $this->txtOpenId->PreferedRenderMethod = 'RenderWithName'; $this->btnOpenIdLogin = new QButton($pnlOpenIdLogin); $this->btnOpenIdLogin->Text = t('Login'); $this->btnOpenIdLogin->AddAction(new QClickEvent(), new QServerControlAction($this, 'btnOpenIdLogin_Click')); $lblGoogleLogin = new QLinkButton($this->objAccordion); $lblGoogleLogin->HtmlEntities = false; $lblGoogleLogin->Text = '<img src="http://www.google.com/favicon.ico" /> ' . t('Login with your Google account'); $lblGoogleLogin->AddAction(new QClickEvent(), new QServerControlAction($this, 'btnGoogleLogin_Click')); $pnlGoogleLogin = new QPanel($this->objAccordion); $pnlGoogleLogin->AutoRenderChildren = true; $lblBrowserIdLogin = new QLinkButton($this->objAccordion); $lblBrowserIdLogin->HtmlEntities = false; $lblBrowserIdLogin->Text = '<img src="https://browserid.org/favicon.ico" /> ' . t('Login with BrowserID'); $lblBrowserIdLogin->AddAction(new QClickEvent(), new QJavaScriptAction(sprintf("navigator.id.get(function(assertion) {if (assertion) {qc.pA('%s', '%s', 'QClickEvent', assertion, '')} else {qc.pA('%s', '%s', 'QClickEvent', '', '')}}); return false;", $this->Form->FormId, $lblBrowserIdLogin->ControlId, $this->Form->FormId, $lblBrowserIdLogin->ControlId))); $lblBrowserIdLogin->AddAction(new QClickEvent(), new QAjaxControlAction($this, 'btnBrowserIdLogin_Click')); $pnlBrowserIdLogin = new QPanel($this->objAccordion); $pnlBrowserIdLogin->AutoRenderChildren = true; $openid = new LightOpenID($_SERVER['HTTP_HOST']); if (!$openid->mode && isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER'] != '' && !strstr($_SERVER['HTTP_REFERER'], $_SERVER['REQUEST_URI'])) { $this->txtPreviousUrl = $_SERVER['HTTP_REFERER']; } if ($openid->mode) { if ($openid->mode == 'cancel') { $this->lblMessage->Text = t('The user has canceled authentication'); $this->lblMessage->ForeColor = 'red'; } else { if ($openid->validate()) { $arrAttributes = $openid->getAttributes(); $objUser = NarroUser::LoadByUsername($openid->identity); require_once __NARRO_INCLUDES__ . '/PasswordHash.class.php'; $objHasher = new PasswordHash(8, FALSE); if (!$objUser instanceof NarroUser) { try { $objUser = NarroUser::RegisterUser($openid->identity, $openid->identity, '', $openid->identity); if (isset($arrAttributes['namePerson'])) { $objUser->Username = $arrAttributes['namePerson']; } if (isset($arrAttributes['contact/email'])) { $objUser->Email = $arrAttributes['contact/email']; } $objUser->Save(); } catch (Exception $objEx) { $this->lblMessage->ForeColor = 'red'; $this->lblMessage->Text = t('Failed to create an associated user for this OpenId') . $objEx->getMessage() . var_export($openid->identity, true); return false; } $objUser->Reload(); QApplication::$Session->RegenerateId(); QApplication::$Session->User = $objUser; QApplication::Redirect(NarroLink::UserPreferences($objUser->UserId)); exit; } elseif ($objUser->Password != $objHasher->HashPassword('')) { $this->lblMessage->ForeColor = 'red'; $this->lblMessage->Text = t('This user has a password set, please login with that instead'); return false; } QApplication::$Session->RegenerateId(); QApplication::$Session->User = $objUser; QApplication::$User = $objUser; if ($this->txtPreviousUrl) { $strUrl = preg_replace('/([\\?\\&]l\\=)[a-z0-9\\-\\_]+/', '\\1' . QApplication::$User->GetPreferenceValueByName('Language'), $this->txtPreviousUrl); if ($strUrl) { QApplication::Redirect($strUrl); } else { QApplication::Redirect($this->txtPreviousUrl); } } else { QApplication::Redirect(NarroLink::ProjectList(null, null, QApplication::$User->GetPreferenceValueByName('Language'))); } exit; } else { $this->lblMessage->Text = t('OpenID login failed'); $this->lblMessage->ForeColor = 'red'; } } } }