function do_login() { $status = ""; if (!empty($_POST['openid_identifier'])) { $sreg = new Zend_OpenId_Extension_Sreg(array('nickname' => false, 'email' => false, 'fullname' => false), null, 1.1); $consumer = new Zend_OpenId_Consumer(); if (!$consumer->login($_POST['openid_identifier'], '', null, $sreg)) { $status = "FAILED"; } } else { if (isset($_GET['openid_mode'])) { if ($_GET['openid_mode'] == "id_res") { $consumer = new Zend_OpenId_Consumer(); $sreg = new Zend_OpenId_Extension_Sreg(array('nickname' => false, 'email' => false, 'fullname' => false), null, 1.1); if ($consumer->verify($_GET, $id, $sreg)) { $_SESSION['logged_in_user'] = true; $status = true; $open_id_addr = $_GET['openid_identity']; if (strpos($open_id_addr, 'https') === 1) { $open_id_addr = str_replace('https', 'http', $open_id_addr); } //$_SESSION['user_info'] = array(); //$_SESSION['user_info']['open_id'] = $_GET['openid_identity']; /* $data = $sreg->getProperties(); if (isset($data['nickname'])) { $status .= "<br>nickname: " . htmlspecialchars($data['nickname']) . "<br>\n"; $_SESSION['user_info']['nickname'] = htmlspecialchars($data['nickname']); } if (isset($data['email'])) { $status .= "email: " . htmlspecialchars($data['email']) . "<br>\n"; $_SESSION['user_info']['email'] = htmlspecialchars($data['email']); } if (isset($data['fullname'])) { $status .= "fullname: " . htmlspecialchars($data['fullname']) . "<br>\n"; $_SESSION['user_info']['fullname'] = htmlspecialchars($data['fullname']); } */ login_user($open_id_addr); } else { $status = "INVALID " . htmlspecialchars($id); } } else { if ($_GET['openid_mode'] == "cancel") { $status = "CANCELED"; } } } } return $status; }
/** * Authenticates the given OpenId identity. * Defined by Zend_Auth_Adapter_Interface. * * @throws Zend_Auth_Adapter_Exception If answering the authentication query is impossible * @return Zend_Auth_Result */ public function authenticate() { $id = $this->_id; if (!empty($id)) { $consumer = new Zend_OpenId_Consumer($this->_storage); $consumer->setHttpClient($this->_httpClient); /* login() is never returns on success */ if (!$this->_check_immediate) { if (!$consumer->login($id, $this->_returnTo, $this->_root, $this->_extensions, $this->_response)) { return new Zend_Auth_Result(Zend_Auth_Result::FAILURE, $id, array("Authentication failed", $consumer->getError())); } } else { if (!$consumer->check($id, $this->_returnTo, $this->_root, $this->_extensions, $this->_response)) { return new Zend_Auth_Result(Zend_Auth_Result::FAILURE, $id, array("Authentication failed", $consumer->getError())); } } } else { $params = isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST' ? $_POST : $_GET; $consumer = new Zend_OpenId_Consumer($this->_storage); $consumer->setHttpClient($this->_httpClient); if ($consumer->verify($params, $id, $this->_extensions)) { return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $id, array("Authentication successful")); } else { return new Zend_Auth_Result(Zend_Auth_Result::FAILURE, $id, array("Authentication failed", $consumer->getError())); } } }
/** * testing login * */ public function testLogin() { $expiresIn = time() + 600; $_SERVER['SCRIPT_URI'] = "http://www.zf-test.com/test.php"; $storage = new Zend_OpenId_Consumer_Storage_File(dirname(__FILE__)."/_files/consumer"); $storage->delDiscoveryInfo(self::ID); $this->assertTrue( $storage->addDiscoveryInfo(self::ID, self::REAL_ID, self::SERVER, 1.1, $expiresIn) ); $storage->delAssociation(self::SERVER); $this->assertTrue( $storage->addAssociation(self::SERVER, self::HANDLE, self::MAC_FUNC, self::SECRET, $expiresIn) ); $response = new Zend_OpenId_ResponseHelper(true); $consumer = new Zend_OpenId_Consumer($storage); $this->assertTrue( $consumer->login(self::ID, null, null, null, $response) ); $headers = $response->getHeaders(); $this->assertSame( '', $response->getBody() ); $this->assertTrue( is_array($headers) ); $this->assertSame( 1, count($headers) ); $this->assertTrue( is_array($headers[0]) ); $this->assertSame( 3, count($headers[0]) ); $this->assertSame( 'Location', $headers[0]['name'] ); $this->assertSame( true, $headers[0]['replace'] ); $url = $headers[0]['value']; $url = parse_url($url); $this->assertSame( "http", $url['scheme'] ); $this->assertSame( "www.myopenid.com", $url['host'] ); $this->assertSame( "/", $url['path'] ); $q = explode("&", $url['query']); $query = array(); foreach($q as $var) { if (list($key, $val) = explode("=", $var, 2)) { $query[$key] = $val; } } $this->assertTrue( is_array($query) ); $this->assertSame( 6, count($query) ); $this->assertSame( 'checkid_setup', $query['openid.mode'] ); $this->assertSame( 'http%3A%2F%2Freal_id.myopenid.com%2F', $query['openid.identity'] ); $this->assertSame( 'http%3A%2F%2Fid.myopenid.com%2F', $query['openid.claimed_id'] ); $this->assertSame( self::HANDLE, $query['openid.assoc_handle'] ); $this->assertSame( 'http%3A%2F%2Fwww.zf-test.com%2Ftest.php', $query['openid.return_to'] ); $this->assertSame( 'http%3A%2F%2Fwww.zf-test.com', $query['openid.trust_root'] ); // Test user defined return_to and trust_root $response = new Zend_OpenId_ResponseHelper(true); $consumer = new Zend_OpenId_Consumer($storage); $this->assertTrue( $consumer->login(self::ID, "http://www.zf-test.com/return.php", "http://www.zf-test.com/trust.php", null, $response) ); $headers = $response->getHeaders(); $url = $headers[0]['value']; $url = parse_url($url); $q = explode("&", $url['query']); $query = array(); foreach($q as $var) { if (list($key, $val) = explode("=", $var, 2)) { $query[$key] = $val; } } $this->assertTrue( is_array($query) ); $this->assertSame( 6, count($query) ); $this->assertSame( 'checkid_setup', $query['openid.mode'] ); $this->assertSame( 'http%3A%2F%2Freal_id.myopenid.com%2F', $query['openid.identity'] ); $this->assertSame( 'http%3A%2F%2Fid.myopenid.com%2F', $query['openid.claimed_id'] ); $this->assertSame( self::HANDLE, $query['openid.assoc_handle'] ); $this->assertSame( 'http%3A%2F%2Fwww.zf-test.com%2Freturn.php', $query['openid.return_to'] ); $this->assertSame( 'http%3A%2F%2Fwww.zf-test.com%2Ftrust.php', $query['openid.trust_root'] ); $storage->delDiscoveryInfo(self::ID); $this->assertTrue( $storage->addDiscoveryInfo(self::ID, self::REAL_ID, self::SERVER, 2.0, $expiresIn) ); // Test login with OpenID 2.0 $response = new Zend_OpenId_ResponseHelper(true); $consumer = new Zend_OpenId_Consumer($storage); $this->assertTrue( $consumer->login(self::ID, "http://www.zf-test.com/return.php", "http://www.zf-test.com/trust.php", null, $response) ); $headers = $response->getHeaders(); $url = $headers[0]['value']; $url = parse_url($url); $q = explode("&", $url['query']); $query = array(); foreach($q as $var) { if (list($key, $val) = explode("=", $var, 2)) { $query[$key] = $val; } } $this->assertTrue( is_array($query) ); $this->assertSame( 7, count($query) ); $this->assertSame( 'http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0', $query['openid.ns'] ); $this->assertSame( 'checkid_setup', $query['openid.mode'] ); $this->assertSame( 'http%3A%2F%2Freal_id.myopenid.com%2F', $query['openid.identity'] ); $this->assertSame( 'http%3A%2F%2Fid.myopenid.com%2F', $query['openid.claimed_id'] ); $this->assertSame( self::HANDLE, $query['openid.assoc_handle'] ); $this->assertSame( 'http%3A%2F%2Fwww.zf-test.com%2Freturn.php', $query['openid.return_to'] ); $this->assertSame( 'http%3A%2F%2Fwww.zf-test.com%2Ftrust.php', $query['openid.realm'] ); // Test login with SREG extension $ext = new Zend_OpenId_Extension_Sreg(array("nickname"=>true,"email"=>false)); $response = new Zend_OpenId_ResponseHelper(true); $consumer = new Zend_OpenId_Consumer($storage); $this->assertTrue( $consumer->login(self::ID, "http://www.zf-test.com/return.php", "http://www.zf-test.com/trust.php", $ext, $response) ); $headers = $response->getHeaders(); $url = $headers[0]['value']; $url = parse_url($url); $q = explode("&", $url['query']); $query = array(); foreach($q as $var) { if (list($key, $val) = explode("=", $var, 2)) { $query[$key] = $val; } } $this->assertTrue( is_array($query) ); $this->assertSame( 9, count($query) ); $this->assertSame( 'http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0', $query['openid.ns'] ); $this->assertSame( 'checkid_setup', $query['openid.mode'] ); $this->assertSame( 'http%3A%2F%2Freal_id.myopenid.com%2F', $query['openid.identity'] ); $this->assertSame( 'http%3A%2F%2Fid.myopenid.com%2F', $query['openid.claimed_id'] ); $this->assertSame( self::HANDLE, $query['openid.assoc_handle'] ); $this->assertSame( 'http%3A%2F%2Fwww.zf-test.com%2Freturn.php', $query['openid.return_to'] ); $this->assertSame( 'http%3A%2F%2Fwww.zf-test.com%2Ftrust.php', $query['openid.realm'] ); $this->assertSame( 'nickname', $query['openid.sreg.required'] ); $this->assertSame( 'email', $query['openid.sreg.optional'] ); // Test login in dumb mode $storage->delAssociation(self::SERVER); $response = new Zend_OpenId_ResponseHelper(true); $consumer = new Zend_OpenId_Consumer($storage, true); $this->assertTrue( $consumer->login(self::ID, "http://www.zf-test.com/return.php", "http://www.zf-test.com/trust.php", null, $response) ); $headers = $response->getHeaders(); $url = $headers[0]['value']; $url = parse_url($url); $q = explode("&", $url['query']); $query = array(); foreach($q as $var) { if (list($key, $val) = explode("=", $var, 2)) { $query[$key] = $val; } } $this->assertTrue( is_array($query) ); $this->assertSame( 6, count($query) ); $this->assertSame( 'http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0', $query['openid.ns'] ); $this->assertSame( 'checkid_setup', $query['openid.mode'] ); $this->assertSame( 'http%3A%2F%2Freal_id.myopenid.com%2F', $query['openid.identity'] ); $this->assertSame( 'http%3A%2F%2Fid.myopenid.com%2F', $query['openid.claimed_id'] ); $this->assertSame( 'http%3A%2F%2Fwww.zf-test.com%2Freturn.php', $query['openid.return_to'] ); $this->assertSame( 'http%3A%2F%2Fwww.zf-test.com%2Ftrust.php', $query['openid.realm'] ); $storage->delDiscoveryInfo(self::ID); }
/** * openidAction * * Blah */ public function openidAction() { $auth = Zend_Auth::getInstance(); // Get url helper $urlHelper = $this->_helper->getHelper('url'); // if user is already logged in redirect away from here if ($auth->hasIdentity()) { $target = $urlHelper->url(array('controller' => 'index', 'action' => 'index', 'language' => $this->view->language), 'lang_default', true); $this->_redirect($target); } // end if // if openid provider returns data //$status = ""; if (isset($_POST['openid_action']) && !empty($_POST['openid_identifier'])) { $consumer = new Zend_OpenId_Consumer(); if (!$consumer->login($_POST['openid_identifier'])) { //$status = "LOGIN FAILED"; $this->view->errormsg = $this->view->translate('account-openid-login-not-successful'); } } else { if (isset($_GET['openid_mode'])) { if ($_GET['openid_mode'] == "id_res") { $consumer = new Zend_OpenId_Consumer(); if ($consumer->verify($_GET, $id)) { $formOptions = htmlspecialchars($id); $userProfiles = new Default_Model_UserProfiles(); $openIdResults = $userProfiles->searchUserOpenid($formOptions); // if attached openid is found if ($openIdResults) { $userid = $openIdResults['id_usr_usp']; //$status = "VALID " . $formOptions . " / " . $userid; $user = new Default_Model_User($userid); $user->loginSuccess(); $identity = $user->createAuthIdentity(); $auth->getStorage()->write($identity); $target = $urlHelper->url(array('controller' => 'index', 'action' => 'index', 'language' => $this->view->language), 'lang_default', true); $this->_redirect($target); } else { //$status = "INVALID, NO ATTACHED OPENID FOUND FOR " . $formOptions; $this->view->errormsg = $this->view->translate('account-openid-login-not-successful'); } } else { //$status = "INVALID " . htmlspecialchars($id); $this->view->errormsg = $this->view->translate('account-openid-login-not-successful'); } } else { if ($_GET['openid_mode'] == "cancel") { //$status = "CANCELLED"; $this->view->errormsg = $this->view->translate('account-openid-login-not-successful'); } } } } //echo $status; $form = new Default_Form_OpenIDLoginForm(); $this->view->form = $form; }
$consumer = new Zend_OpenId_Consumer(); $props = array(); foreach (Zend_OpenId_Extension_Sreg::getSregProperties() as $prop) { if (isset($_POST[$prop])) { if ($_POST[$prop] === "required") { $props[$prop] = true; } else { if ($_POST[$prop] === "optional") { $props[$prop] = false; } } } } $sreg = new Zend_OpenId_Extension_Sreg($props, null, 1.1); $id = $_POST['openid_identifier']; if (!$consumer->login($id, null, null, $sreg)) { $status = "OpenID login failed (" . $consumer->getError() . ")"; } } else { if (isset($_GET['openid_mode'])) { if ($_GET['openid_mode'] == "id_res") { $sreg = new Zend_OpenId_Extension_Sreg(); $consumer = new Zend_OpenId_Consumer(); if ($consumer->verify($_GET, $id, $sreg)) { $status = "VALID {$id}"; $data = $sreg->getProperties(); } else { $status = "INVALID {$id} (" . $consumer->getError() . ")"; } } else { if ($_GET['openid_mode'] == "cancel") {
/** * Event registration.openid_signon * Check the OpenID using Zend Franework. * FIXME * @param EventControler object * @package registration * @author Jay Link * @version 1.3 */ function eventOpenIdSignon(EventControler $evtcl) { if (file_exists("Zend/OpenId/Consumer.php")) { include_once "Zend/OpenId/Consumer.php"; $strWrongLoginPassword = $evtcl->strWrongLoginPassword; if (empty($strWrongLoginPassword)) { $strWrongLoginPassword = _('Wrong_login_or_password'); } $this->setLog("\n(User) OpenID Sign on " . date("Y/m/d H:i:s")); $openid_action = $evtcl->openid_action; $openid_identifier = $evtcl->openid_identifier; $_SESSION['openid_identifier'] = $openid_identifier; $_SESSION['openid_userclass'] = $this->getObjectName(); $this->openid_identifier = $openid_identifier; //$this->openid_goto = $evtcl->goto; //$this->openid_regPage = $evtcl->regPage; //$this->openid_errPage = $evtcl->errPage; if (isset($openid_action) && $openid_action == 'Login' && !empty($openid_identifier)) { $consumer = new Zend_OpenId_Consumer(); if (!$consumer->login($openid_identifier, 'openid_verify.sys.php')) { $dispError = new Display($this->errPage); $dispError->addParam("openidmessage", $strWrongLoginPassword); $evtcl->setDisplayNext($dispError); } } else { if (empty($openid_identifier)) { $dispError = new Display($evtcl->errPage); $dispError->addParam("openidmessage", $strWrongLoginPassword); $evtcl->setDisplayNext($dispError); } } } }
/** * This method is responsible for the complete OpenID authentication process. * In some cases this method does not return, for a redirect is done internally * by Zend. * * @return Zend_Auth_Result */ public function authenticate() { $app = Erfurt_App::getInstance(); $this->_store = $app->getStore(); // Check whether OpenId is supported (big integer support is needed.) if (!$this->_isOpenIdSupported()) { $result = false; $msg = 'OpenID is currently not supported!'; require_once 'Zend/Auth/Result.php'; return new Zend_Auth_Result($result, null, array($msg)); } // If id is given, login the user. if (null !== $this->_id) { // If sReg is given, we want to register, so don't check whether user exists. // If it is not given, we need to check whether the user exists and is allowed // to login. if (null === $this->_sReg) { $userResult = $this->_checkOpenId($this->_id); if ($userResult['userUri'] === false) { $result = false; $msg = 'User (' . $this->_id . ') does not exist!'; require_once 'Zend/Auth/Result.php'; return new Zend_Auth_Result($result, null, array($msg)); } if ($userResult['denyLogin'] === true) { $result = false; $msg = 'Login not allowed!'; require_once 'Zend/Auth/Result.php'; return new Zend_Auth_Result($result, null, array($msg)); } } if (null !== $this->_redirectUrl) { // This is a hack, for the setHttpClient method in Zend_OpenId_Consumer seems not to work. $this->_verifyUrl = $this->_verifyUrl . '/?ow_redirect_url=' . urlencode($this->_redirectUrl); } require_once 'Zend/OpenId/Consumer.php'; $consumer = new Zend_OpenId_Consumer(); if (!$consumer->login($this->_id, $this->_verifyUrl, null, $this->_sReg)) { $result = false; $msg = 'OpenID authentication failed.'; require_once 'Zend/Auth/Result.php'; return new Zend_Auth_Result($result, null, array($msg)); } // This point is never reached, for there will be a redirect on successful login. } else { // If no id is given, verify the result. if (!isset($this->_get['openid_identity'])) { $result = false; $msg = 'OpenID authentication failed.'; /* $identity = array( 'uri' => null, 'dbuser' => false, 'anonymous' => false ); */ require_once 'Zend/Auth/Result.php'; return new Zend_Auth_Result($result, null, array($msg)); } $identity = array('uri' => $this->_get['openid_identity'], 'dbuser' => false, 'anonymous' => false, 'is_openid_user' => true); // This is just called in order to get the label for the user. $userResult = $this->_checkOpenId($this->_get['openid_identity']); if (isset($userResult['userLabel'])) { $identity['label'] = $userResult['userLabel']; } if (isset($userResult['username'])) { $identity['username'] = $userResult['username']; } if (isset($userResult['email'])) { $identity['email'] = $userResult['email']; } require_once 'Zend/OpenId/Consumer.php'; $consumer = new Zend_OpenId_Consumer(); if (!$consumer->verify($this->_get, $this->_get['openid_identity'], $this->_sReg)) { $result = false; $msg = 'OpenID authentication failed.'; require_once 'Zend/Auth/Result.php'; return new Zend_Auth_Result($result, null, array($msg)); } else { $result = true; $msg = 'OpenID authentication successful.'; require_once 'Erfurt/Auth/Identity.php'; $identityObject = new Erfurt_Auth_Identity($identity); require_once 'Zend/Auth/Result.php'; return new Zend_Auth_Result($result, $identityObject, array($msg)); } } }
<?php require_once dirname(__FILE__) . '/Zend/OpenId/Consumer.php'; require_once dirname(__FILE__) . '/Zend/OpenId/Extension/Sreg.php'; $sreg = new Zend_OpenId_Extension_Sreg(array('nickname' => false, 'email' => true, 'fullname' => false), null, 1.1); //echo file_get_contents('https://www.google.com/accounts/o8/id'); $openid_identifier = 'https://www.google.com/accounts/o8/id'; $status = ""; $consumer = new Zend_OpenId_Consumer(); if (!$consumer->login($openid_identifier, 'google_openid_return.php', null, $sreg)) { //echo $consumer->getError(); $status = "OpenID login failed."; //echo $status;exit(); }
//check if login is successfull and if not, go back to loginpage with errormessage if (isset($_POST['nickname']) and isset($_POST['password'])) { $user_data = User_old::getUserByNickname($_POST['nickname']); $phpass = new PasswordHash(8, false); if (empty($user_data) or !$phpass->CheckPassword($_POST['password'], $user_data['password'])) { $messages[] = array("Passwort oder Benutzername stimmen nicht.", 2); Message::setMessage($messages); header('Location: login.php'); die; } } elseif (isset($_POST['openid_identifier']) or isset($_GET['openid_mode'])) { $status = ""; if (!empty($_POST['openid_identifier'])) { //login initiation $consumer = new Zend_OpenId_Consumer(); if (!$consumer->login($_POST['openid_identifier'], "login.php?section=login_send&remember=" . $_POST['remember'])) { $status = "OpenID Login fehlgeschlagen."; } } else { if (isset($_GET['openid_mode'])) { //login result from openid server if ($_GET['openid_mode'] == "id_res") { $consumer = new Zend_OpenId_Consumer(); if ($consumer->verify($_GET, $id)) { $user_data = User_old::getUserByOpenID($id); if (empty($user_data)) { $messages[] = array("Mit dieser Open-ID ist kein gültiger Benutzer verknüpft.", 2); Message::setMessage($messages); header('Location: login.php'); die; }