public function validateIdentifier($validator, $values, $arguments = array())
{
$authRequest = $this->getAuthAdapter()->getConsumer()->begin($values['openid_identifier']);
if (!$authRequest) {
throw new sfValidatorError($validator, 'Authentication error: not a valid OpenID.');
}
$sregExchange = new opOpenIDProfileExchange('sreg');
$authRequest->addExtension(Auth_OpenID_SRegRequest::build(array(), $sregExchange->getImportSupportedProfiles()));
// for OpenID1
if ($authRequest->shouldSendRedirect()) {
$values['redirect_url'] = $authRequest->redirectURL($arguments['realm'], $arguments['return_to']);
if (Auth_OpenID::isFailure($values['redirect_url'])) {
throw new sfValidatorError($validator, 'Could not redirect to the server: ' . $values['redirect_url']->message);
}
} else {
$axExchange = new opOpenIDProfileExchange('ax');
$axRequest = new Auth_OpenID_AX_FetchRequest();
foreach ($axExchange->getImportSupportedProfiles() as $key => $value) {
$axRequest->add(Auth_OpenID_AX_AttrInfo::make($value, 1, false, 'profile_' . $key));
}
$authRequest->addExtension($axRequest);
$values['redirect_html'] = $authRequest->htmlMarkup($arguments['realm'], $arguments['return_to']);
if (Auth_OpenID::isFailure($values['redirect_html'])) {
throw new sfValidatorError($validator, 'Could not redirect to the server: ' . $values['redirect_html']->message);
}
}
return $values;
}
public function executeTrust(sfWebRequest $request)
{
opApplicationConfiguration::registerJanRainOpenID();
require_once 'Auth/OpenID/Server.php';
require_once 'Auth/OpenID/FileStore.php';
require_once 'Auth/OpenID/SReg.php';
require_once 'Auth/OpenID/AX.php';
$info = unserialize($_SESSION['request']);
$this->forward404Unless($info);
$trusted = $request->hasParameter('trust') || $request->hasParameter('permanent');
if (!$trusted) {
unset($_SESSION['request']);
$url = $info->getCancelURL();
$this->redirect($url);
}
$reqUrl = $this->getController()->genUrl('OpenID/member?id=' . $this->getUser()->getMemberId(), true);
if (!$info->idSelect()) {
$this->forward404Unless($reqUrl === $info->identity, 'request:' . $reqUrl . '/identity:' . $info->identity);
}
unset($_SESSION['request']);
$server = new Auth_OpenID_Server(new Auth_OpenID_FileStore(sfConfig::get('sf_cache_dir')), $info->identity);
$response = $info->answer(true, null, $reqUrl);
$sregRequest = Auth_OpenID_SRegRequest::fromOpenIDRequest($info);
$axRequest = Auth_OpenID_AX_FetchRequest::fromOpenIDRequest($info);
$allowedProfiles = $request->getParameter('profiles', array());
$requiredProfiles = $this->createListOfRequestedProfiles($sregRequest, $axRequest);
$rejectedProfiles = array_diff_key($requiredProfiles, array_flip($allowedProfiles));
if (in_array(true, $rejectedProfiles)) {
$url = $info->getCancelURL();
$this->redirect($url);
}
if ($sregRequest) {
$sregExchange = new opOpenIDProfileExchange('sreg', $this->getUser()->getMember());
$sregResp = Auth_OpenID_SRegResponse::extractResponse($sregRequest, $sregExchange->getData($allowedProfiles));
$response->addExtension($sregResp);
}
if ($axRequest && !$axRequest instanceof Auth_OpenID_AX_Error) {
$axResp = new Auth_OpenID_AX_FetchResponse();
$axExchange = new opOpenIDProfileExchange('ax', $this->getUser()->getMember());
$userData = $axExchange->getData($allowedProfiles);
foreach ($axRequest->requested_attributes as $k => $v) {
if (!empty($userData[$k])) {
$axResp->addValue($k, $userData[$k]);
}
}
$response->addExtension($axResp);
}
$log = Doctrine::getTable('OpenIDTrustLog')->log($info->trust_root, $this->getUser()->getMemberId());
if ($request->hasParameter('permanent')) {
$log->is_permanent = true;
$log->save();
}
$response = $server->encodeResponse($response);
return $this->writeResponse($response);
}
protected function appendMemberInformationFromProvider($member)
{
$ax = Auth_OpenID_AX_FetchResponse::fromSuccessResponse($this->getResponse());
if ($ax) {
$axExchange = new opOpenIDProfileExchange('ax', $member);
$axExchange->setData($ax->data);
}
$sreg = Auth_OpenID_SRegResponse::fromSuccessResponse($this->getResponse());
if ($sreg) {
$sregExchange = new opOpenIDProfileExchange('sreg', $member);
$sregExchange->setData($sreg->contents());
}
return $member;
}