http://test.erikeldridge.com/foxbatexample/license.txt */ $filters = array('submit' => FILTER_SANITIZE_STRING, 'consumerKey' => FILTER_SANITIZE_STRING, 'consumerSecret' => FILTER_SANITIZE_STRING, 'providerName' => FILTER_SANITIZE_STRING, 'openidRealmUri' => FILTER_SANITIZE_STRING, 'openidReturnToUri' => FILTER_SANITIZE_STRING); $input = filter_var_array($_GET, $filters); if (isset($input['submit'])) { //format for storage $obj = new stdclass(); $obj->providerName = $input['providerName']; $obj->consumerKey = $input['consumerKey']; $obj->consumerSecret = $input['consumerSecret']; $obj->openidRealmUri = $input['openidRealmUri']; $obj->openidReturnToUri = $input['openidReturnToUri']; //init storage require '../../netdb/sdk.php'; require 'secure.inc'; $storage = new Netdb($netdbUid, $netdbSecret); $storageKey = $input['providerName'] . '-' . $input['consumerKey']; $storageValue = json_encode($obj); //store obj $response = $storage->set($storageKey, $storageValue); //confirm success if ('success' == $response->status) { $value = json_decode($response->value); } } ?> <?php if ($value->providerName) { ?> <b>Success!</b><br/>
$storageKey = 'yahoo-' . $input['consumerKey']; $response = $storage->get($storageKey); $value = json_decode($response->value); //url for openid provider log in page $openidLoginRedirectUrl = $openidAuthRequest->redirectURL($value->openidRealmUri, $value->openidRealmUri . $value->openidReturnToUri); //add hybrid auth fields $additionalFields = array('openid.ns.oauth' => 'http://specs.openid.net/extensions/oauth/1.0', 'openid.oauth.consumer' => $input['consumerKey']); $openidLoginRedirectUrl .= '&' . http_build_query($additionalFields); //END: generate openid+oauth redirect url $data = array('url' => $openidLoginRedirectUrl); break; case 'makeRequest': require_once '../../netdb/sdk.php'; //fetch key require 'secure.inc'; $storage = new Netdb($netdbUid, $netdbSecret); $storageKey = 'yahoo-' . $input['consumerKey']; $response = $storage->get($storageKey); $value = json_decode($response->value); //BEGIN: validate request using session id //fetch session id for claimed user $response = $storage->get('sessionId-uid'); //compare it to passed sesion id $passedSessionId = $input['requestToken']; $storedSessionId = json_decode($response->value); if ($passedSessionId != $storedSessionId) { $data = array('status' => 'error', 'details' => 'invalid session id: ' . json_decode($response->value)); break; } //END: validate request using session id //settings