header('Content-Length: ' . filesize($original)); // provide file size header('Connection: close'); readfile($original); // push it out exit; } else { die('Requested file not found!'); } } function displayPDF($file, $filename) { header('Content-type: application/pdf'); header('Content-Disposition: inline; filename="' . $filename . '"'); header('Content-Transfer-Encoding: binary'); header('Content-Length: ' . filesize($file)); header('Accept-Ranges: bytes'); @readfile($file); } $userId = isset($_SESSION['user_id']) ? $_SESSION['user_id'] : null; if (!$userId) { $returnUrl = $hostUrl . SUBFOLDER . '?action=download'; SSO::doLogin($returnUrl); exit; } $filename = 'The_Changing_Face_of_EPPM.pdf'; SSO::notify('WWPP13043568MPP105C001', $userId, 'download', $filename); $_SESSION['loaded'] = 1; // fixes back button in the browser // forceDownload('pdf/ORA_US-EPPM-Board_Writeup_April13_13-10582_v10.pdf', $filename); displayPDF('pdf/ORA_US-EPPM-Board_Writeup_April13_13-10582_v10.pdf', $filename);
private static function check($broker, $token, $checksum) { $_checksum = SSO::get_checksum($broker, $token); if ($_checksum != $checksum) { return false; } return true; }
public function action_index() { $username = SSO::is_logged_in(); if ($username != '') { $this->response->body('hello, ' . $username . '! <a href="/user/logout" >Logout</a>'); } else { $this->response->body('hello, world!'); } }
public function __construct(Request $request) { parent::__construct($request); $broker = $this->request->param('broker'); $token = $this->request->param('token'); $checksum = $this->request->param('checksum'); if (!SSO::check($broker, $token, $checksum)) { exit; } }
function loginpage_hook() { global $CFG, $SESSION, $DB, $USER; require_once $CFG->dirroot . '/auth/vatsim/config.php'; // initiate the SSO class with consumer details and encryption details $SSO = new SSO($sso['base'], $sso['key'], $sso['secret'], $sso['method'], $sso['cert']); // return variable is needed later in this script $sso_return = $sso['return']; // remove other config variables unset($sso); // if VATSIM has redirected the member back if (isset($_GET['oauth_verifier']) && !isset($_GET['oauth_cancel'])) { // check to make sure there is a saved token for this user if (isset($_SESSION[SSO_SESSION]) && isset($_SESSION[SSO_SESSION]['key']) && isset($_SESSION[SSO_SESSION]['secret'])) { if (@$_GET['oauth_token'] != $_SESSION[SSO_SESSION]['key']) { throw new moodle_exception("An error occurred with the login process - please try again", 'auth_vatsim'); } if (@(!isset($_GET['oauth_verifier']))) { throw new moodle_exception("An error occurred with the login process", 'auth_vatsim'); } // obtain the details of this user from VATSIM $vatsimUser = $SSO->checkLogin($_SESSION[SSO_SESSION]['key'], $_SESSION[SSO_SESSION]['secret'], @$_GET['oauth_verifier']); if ($vatsimUser) { // One-time use of tokens, token no longer valid unset($_SESSION[SSO_SESSION]); $vatsim = $vatsimUser->user; //print_r($user->user); $username = $vatsim->id; // plugin only designed where email address is returned, if no email specified, if (@empty($vatsim->email)) { throw new moodle_exception('noemail', "auth_vatsim"); } $useremail = $vatsim->email; // find the user in the current database, by CID, not email $user = $DB->get_record('user', array('username' => $username, 'deleted' => 0, 'mnethostid' => $CFG->mnet_localhost_id)); // create the user if it doesn't exist if (empty($user)) { // deny login if setting "Prevent account creation when authenticating" is on if ($CFG->authpreventaccountcreation) { throw new moodle_exception("noaccountyet", "auth_vatsim"); } //retrieve more information from the provider $newuser = new stdClass(); $newuser->email = $useremail; $newuser->firstname = $vatsim->name_first; $newuser->lastname = $vatsim->name_last; $newuser->country = $vatsim->country->code; create_user_record($username, '', 'vatsim'); } else { $username = $user->username; } add_to_log(SITEID, 'auth_vatsim', '', '', $username . '/' . $useremail); $user = authenticate_user_login($username, null); if ($user) { //prefill more user information if new user if (!empty($newuser)) { $newuser->id = $user->id; $DB->update_record('user', $newuser); $user = (object) array_merge((array) $user, (array) $newuser); } complete_user_login($user); // Redirection if (user_not_fully_set_up($USER)) { $urltogo = $CFG->wwwroot . '/user/edit.php'; // We don't delete $SESSION->wantsurl yet, so we get there later } else { if (isset($SESSION->wantsurl) and strpos($SESSION->wantsurl, $CFG->wwwroot) === 0) { $urltogo = $SESSION->wantsurl; // Because it's an address in this site unset($SESSION->wantsurl); } else { // No wantsurl stored or external - go to homepage $urltogo = $CFG->wwwroot . '/'; unset($SESSION->wantsurl); } } redirect($urltogo); } } else { // OAuth or cURL errors have occurred //$error = $SSO->error(); throw new moodle_exception("An error occurred with the login process", 'auth_vatsim'); } } // the user cancelled their login and were sent back } else { if (isset($_GET['oauth_cancel'])) { throw new moodle_exception("You cancelled your login", 'auth_vatsim'); } } // create a request token for this login. Provides return URL and suspended/inactive settings $token = $SSO->requestToken($sso_return, false, false); if ($token) { // store the token information in the session so that we can retrieve it when the user returns $_SESSION[SSO_SESSION] = array('key' => (string) $token->token->oauth_token, 'secret' => (string) $token->token->oauth_token_secret); // redirect the member to VATSIM $SSO->sendToVatsim(); } else { throw new moodle_exception("An error occurred with the login process", 'auth_vatsim'); } }
function sso() { if (session_id() == '') { session_start(); } // log activity if (isset($_GET['data']['url'])) { $url = $_GET['data']['url']; parse_str(parse_url($url, PHP_URL_QUERY), $vars); // notify SSO require_once 'sso.class.php'; $sso = new SSO(); $sso->notifySSO($_SESSION['uid'], $vars['activity'], $vars['details'], $vars['campaign_code']); die(json_encode($vars)); // check for sso-uid } else { die(json_encode(array('success' => isset($_SESSION['uid'])))); } }
public function action_logout() { SSO::logout(); Request::current()->redirect('user/login'); }
<?php // Get dynamically the path to the current script $path = rtrim(realpath(dirname(__FILE__)), '/'); require_once $path . '/config.php'; require_once $path . '/sso.php'; // Need to check whether a user is already logged in $userId = isset($_SESSION['user_id']) ? $_SESSION['user_id'] : null; $action = isset($_GET['action']) ? trim($_GET['action']) : null; $userData = SSO::checkResponse(); if ($userData !== false) { $userId = $userData['oracle_guid']; $_SESSION['user_id'] = $userId; } ?> <!DOCTYPE html> <!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en"> <![endif]--> <!--[if IE 7]> <html class="no-js ie7 oldie" lang="en"> <![endif]--> <!--[if IE 8]> <html class="no-js ie8 oldie" lang="en"> <![endif]--> <!--[if gt IE 8]> <html class="no-js" lang="en"> <![endif]--> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> <title>Oracle Enterprise Project Portfolio Management</title> <meta name="author" content=""> <meta name="description" content=""> <meta name="keywords" content=""> <meta name="viewport" content="width=device-width,initial-scale=1"> <link href="<?php
<?php defined('SYSPATH') or die('No direct script access.'); /** * @requirement Kohana 3.2 or above * @module Single Sign On (SSO) - Initialization file * @author Zeeshan M. Khan * @link http://zeeshanmkhan.com * @version Version 0.01 */ // Catch-all route for SSO Server ( If not running server comment out the following route value ) Route::set('ssoserver', 'sso/attach/<broker>/<token>/<checksum>/<returnurl>')->defaults(array('controller' => 'sso', 'action' => 'attach')); Route::set('ssoserver_1', 'sso/<action>')->defaults(array('controller' => 'sso')); SSO::init();
<?php session_start(); ini_set('error_reporting', E_ALL); ini_set("display_errors", 1); require 'OAuth/OAuth.php'; require 'OAuth/SSO.class.php'; require 'OAuth/reporting.php'; require 'config.php'; $SSO = new SSO($sso['base'], $sso['key'], $sso['secret'], $sso['method'], $sso['cert']); $sso_return = $sso['return']; unset($sso); if (isset($_GET['return']) && isset($_GET['oauth_verifier']) && !isset($_GET['oauth_cancel'])) { if (isset($_SESSION[SSO_SESSION]) && isset($_SESSION[SSO_SESSION]['key']) && isset($_SESSION[SSO_SESSION]['secret'])) { if (@$_GET['oauth_token'] != $_SESSION[SSO_SESSION]['key']) { reportStatus("Returned token does not match", $Auth_ErrorURL); die; } if (@(!isset($_GET['oauth_verifier']))) { reportStatus("No verification code provided", $Auth_ErrorURL); die; } $user = $SSO->checkLogin($_SESSION[SSO_SESSION]['key'], $_SESSION[SSO_SESSION]['secret'], @$_GET['oauth_verifier']); if ($user) { unset($_SESSION[SSO_SESSION]); loggedIn($user->user); die; } else { $error = $SSO->error(); reportStatus("Code: " . $error['code'] . PHP_EOL . $error['message'], $Auth_ErrorURL); die;
/** * Logs in a user via an OAuth provider. * * @param string $provider * @return boolean */ public function sso($provider) { return SSO::factory($provider, 'orm')->login(); }
<?php /* Template Name: SSO */ require_once 'sso.class.php'; if (session_id() == '') { session_start(); } // redirect here for sso signing if ($_SERVER['REQUEST_METHOD'] == 'GET') { // Handle redirect from site for sso sign up if (isset($_GET['request_url'])) { // sign in user via SSO $request_url = rawurldecode($_GET['request_url']); $sso = new SSO($request_url); $sso->runSSO(); } else { // handle SSO response $sso = new SSO(); $sso->runSSO(); } }
/** * Handle Request. * * @param Request $request * @param Closure $next * * @return \Illuminate\Http\Response response. */ public function handle(Request $request, Closure $next) { if ($this->auth->guest()) { if ($request->ajax()) { return response('Unauthorized.', 401); } else { return SSO::login($request->fullUrl()); } } return $next($request); }