function get_id_token_claims($request) { $requested_claims = array(); $profile_claims = array(); if (isset($request['claims']) && isset($request['claims']['id_token'])) { $requested_claims = get_requested_claims($request, array('id_token')); } if ($request['response_type'] == 'id_token') { $scopes = $request['scope']; if (is_string($scopes)) { $scopes = explode(' ', $scopes); } if (!is_array($scopes)) { return array(); } if (in_array('email', $scopes)) { $requested_claims['email'] = 0; $requested_claims['email_verified'] = 0; } if (in_array('address', $scopes)) { $requested_claims['address'] = 0; } if (in_array('phone', $scopes)) { $requested_claims['phone_number'] = 0; $requested_claims['phone_number_verified'] = 0; } if (in_array('profile', $scopes)) { $profile_claims = get_default_claims(); unset($profile_claims['email']); unset($profile_claims['email_verified']); unset($profile_claims['address']); unset($profile_claims['phone_number']); unset($profile_claims['phone_number_verified']); $profile_keys = array_keys($profile_claims); $num = count($profile_keys); if ($num) { $profile_claims = array_combine($profile_keys, array_fill(0, $num, 0)); } } } return array_merge($requested_claims, $profile_claims); }
/** * Show Confirmation Dialogue for Attributes. * @param String $r Request String (JSON) * @return String HTML to be shown. */ function custom_confirm_userinfo($client = null) { $req = $_SESSION['rpfA']; $scopes = explode(' ', $req['scope']); $response_types = explode(' ', $req['response_type']); $offline_access = in_array('offline_access', $scopes) && in_array('code', $response_types) ? 'YES' : 'NO'; $axlabel = get_default_claims(); $requested_claims = get_all_requested_claims($req, $req['scope']); log_info('requested claims = %s', print_r($requested_claims, true)); $attributes = ''; $account = db_get_account($_SESSION['username']); foreach ($requested_claims as $claim => $required) { if ($required == 1) { $star = "<font color='red'>*</font>"; } else { $star = ''; } $claim_label = "{$axlabel[$claim]}{$star}"; $claim_value = $account[$claim]; $attributes .= "<tr><td>{$claim_label}</td><td>{$claim_value}</td><td></td></tr>\n"; } $attribute_form_template = <<<EOF <div class='persona'> <form method="POST" action="{$_SERVER['SCRIPT_NAME']}/confirm_userinfo" > <input type="hidden" name="mode" value="ax_confirm"> <table cellspacing="0" cellpadding="0" width="600"> <thead><tr><th>Attribute</th><th>Value</th><th>Confirm</th></tr></thead> {$attributes} <tr><td colspan="3"> </td></tr> <thead><tr><td><b>Offline Access Requested</b></td><td>{$offline_access}</td><td></td></tr></thead> <tr><td colspan="3"> </td></tr> <tr><td colspan="3"> </td></tr> <tr><td colspan="3" style='line-height : 2;'><input type="checkbox" name="agreed" value="1" checked>I Agree to provide the above information. <br/> <input type="radio" name="trust" value="once" checked>Trust this site this time only <br /> <input type="radio" name="trust" value="always" >Trust this site always <br/> </td></tr> <tr><td colspan="3"><center><input type="submit" name="confirm" value="confirmed"> </center></td></tr></table> </form> </div> EOF; $styles = <<<EOF <style type="text/css"> /*demo page css*/ body{ font: 80% "Trebuchet MS", sans-serif; margin: 50px;} .persona table{ font: 100% "verdana", san-serif; } .persona td { font: 100% "verdana", san-serif;} </style> EOF; $str = ' <html> <head><title>' . OP_SERVER_NAME . ' AX Confirm</title> <meta name="viewport" content="width=620">' . $styles . ' </head> <body background-color:#EEEEEE;line-height : 1.5;> <h1>Attribute Sharing Consent</h1> <h2><b>' . $client['client_name'] . ' service </b> requests following profile values...</h2>' . $attribute_form_template . ' <img src="../../../img/rethink.png" /> </body> </html> '; return $str; }