echo "OK";
} else {
if (isset($_REQUEST["sso_action"]) && $_REQUEST["sso_action"] == "sso_iframe_error") {
SSO_DisplayError("You have been redirected to this page in order to prevent your web browser from giving away your sign in information to an untrusted third party. Please contact this web server's admin about this issue as it is possible that this web server has been compromised. Most likely cause: An SSO server page was loaded via an embedded iframe.");
} else {
if (isset($_REQUEST["sso_action"]) && $_REQUEST["sso_action"] == "sso_redirect") {
if (!isset($_COOKIE["sso_server_er"]) || !isset($_COOKIE["sso_server_ern"]) || $_COOKIE["sso_server_ern"] !== md5(SSO_FrontendField("external_redirect") . ":" . base64_decode($_COOKIE["sso_server_er"]))) {
SSO_DisplayError("Valid redirect expected. Most likely cause: Invalid cookies.");
}
header("Location: " . base64_decode($_COOKIE["sso_server_er"]));
SetCookieFixDomain("sso_server_er", "", 0, "", "", SSO_IsSSLRequest(), true);
SetCookieFixDomain("sso_server_ern", "", 0, "", "", SSO_IsSSLRequest(), true);
if (isset($_REQUEST["sso_final"]) && $_REQUEST["sso_final"] > 0) {
// Delete the temporary session cookies.
SetCookieFixDomain("sso_server_id", "", 1, "", "", SSO_IsSSLRequest(), true);
SetCookieFixDomain("sso_server_id2", "", 1, "", "", SSO_IsSSLRequest(), true);
}
} else {
if (isset($_REQUEST["sso_action"]) && $_REQUEST["sso_action"] == "sso_validate") {
// Load the user account.
if (!isset($_COOKIE["sso_server_id2"])) {
SSO_DisplayError("New session ID expected. Most likely cause: Cookies are disabled or bad provider.");
}
$sso_session_id2 = explode("-", $_COOKIE["sso_server_id2"]);
if (count($sso_session_id2) != 2) {
SSO_DisplayError("Invalid session ID specified.");
}
if (!isset($sso_session_info["new_id"]) || $sso_session_info["new_id"] !== $_COOKIE["sso_server_id2"]) {
SSO_DisplayError("The new session ID maps to a different session. Most likely cause: Bad provider.");
}
$sso_sessionrow2 = $sso_db->GetRow("SELECT", array("*", "FROM" => "?", "WHERE" => "id = ? AND session_id = ?"), $sso_db_user_sessions, $sso_session_id2[1], $sso_session_id2[0]);
function SSO_ValidateUser()
{
global $sso_rng, $sso_db, $sso_db_user_sessions, $sso_db_temp_sessions, $sso_session_info, $sso_apirow, $sso_sessionrow, $sso_sessionrow2, $sso_ipaddr, $sso_settings;
try {
// Browser gets a token representing the new session in the temporary session.
$sso_session_info["new_id2"] = $sso_rng->GenerateString();
$sso_db->Query("UPDATE", array($sso_db_temp_sessions, array("info" => serialize($sso_session_info)), "WHERE" => "id = ?"), $sso_sessionrow->id);
// Validate the session.
$sso_db->Query("UPDATE", array($sso_db_user_sessions, array("updated" => CSDB::ConvertToDBTime(time()), "info" => serialize(array("validated" => true, "ipaddr" => $sso_ipaddr["ipv6"]))), "WHERE" => "id = ?"), $sso_sessionrow2->id);
// Build the redirect.
$redirect = str_replace(array("\r", "\n"), "", base64_decode($sso_session_info["url"]));
$redirect .= (strpos($redirect, "?") === false ? "?" : "&") . "from_sso_server=1&sso_id=" . urlencode($sso_session_info["new_id2"]) . "&sso_id2=" . urlencode($_REQUEST["sso_id"]);
// Set the namespace cookie.
if (isset($sso_settings[""]["namespacekey2"])) {
$namespaces = SSO_LoadNamespaces(true);
$namespaces[$sso_apirow->namespace] = $_COOKIE["sso_server_id2"];
$data = serialize($namespaces);
$data = base64_encode(Blowfish::CreateDataPacket($data, pack("H*", $sso_settings[""]["namespacekey"]), array("prefix" => $sso_rng->GenerateString(), "mode" => "CBC", "iv" => pack("H*", $sso_settings[""]["namespaceiv"]), "key2" => pack("H*", $sso_settings[""]["namespacekey2"]), "iv2" => pack("H*", $sso_settings[""]["namespaceiv2"]), "lightweight" => true)));
SetCookieFixDomain("sso_server_ns", $data, 0, "", "", SSO_IsSSLRequest(), true);
}
// Set the exposed namespace cookie if the option is enabled.
if (isset($sso_settings[""]["expose_namespaces"]) && $sso_settings[""]["expose_namespaces"] && isset($sso_settings[""]["namespacekey4"])) {
$namespaces = SSO_LoadNamespaces(false);
$namespaces[$sso_apirow->namespace] = $sso_sessionrow2->id;
$data = serialize($namespaces);
$data = base64_encode(Blowfish::CreateDataPacket($data, pack("H*", $sso_settings[""]["namespacekey3"]), array("prefix" => $sso_rng->GenerateString(), "mode" => "CBC", "iv" => pack("H*", $sso_settings[""]["namespaceiv3"]), "key2" => pack("H*", $sso_settings[""]["namespacekey4"]), "iv2" => pack("H*", $sso_settings[""]["namespaceiv4"]), "lightweight" => true)));
$host = str_replace(array("http://", "https://"), "", BB_GetRequestHost());
SetCookieFixDomain("sso_server_ns2", $data, 0, "/", $host, false, true);
}
// Redirect back to the client.
SSO_ExternalRedirect($redirect, true);
} catch (Exception $e) {
// Don't do anything here. Just catch the database exception and let the code fall through.
// It should be nearly impossible to get here in the first place.
}
return false;
}
public function IsEnabled()
{
global $sso_settings, $sso_db, $sso_db_apikeys;
if (!$sso_settings["sso_remote"]["enabled"]) {
return false;
}
if (!SSO_IsIPAllowed($sso_settings["sso_remote"]["iprestrict"])) {
return false;
}
if (!isset($_REQUEST["sso_remote_id"]) || !is_string($_REQUEST["sso_remote_id"])) {
return false;
}
$remoteid = explode("-", $_REQUEST["sso_remote_id"]);
if (count($remoteid) != 2) {
return false;
}
$sso_db_sso_remote = SSO_DB_PREFIX . "p_sso_remote";
try {
$row = $sso_db->GetRow("SELECT", array("*", "FROM" => "?", "WHERE" => "id = ? AND remotekey = ?"), $sso_db_sso_remote, $remoteid[1], $remoteid[0]);
if ($row === false) {
return false;
}
$this->info["row"] = $row;
$this->info["display_name"] = BB_Translate("%s Login", $row->name);
$info = unserialize($row->info);
if (!isset($info["iprestrict"]) || !SSO_IsIPAllowed($info["iprestrict"]) || SSO_IsSpammer($info["iprestrict"])) {
return false;
}
$this->info["row_info"] = $info;
$apirow = $sso_db->GetRow("SELECT", array("*", "FROM" => "?", "WHERE" => "id = ?"), $sso_db_apikeys, $row->apikey_id);
if ($apirow === false) {
return false;
}
$this->info["apirow"] = $apirow;
} catch (Exception $e) {
SSO_DisplayError("A database error has occurred. Most likely cause: Bad SQL query.");
}
// Set a cookie so future requests succeed.
if (!isset($_COOKIE["sso_remote_id"])) {
SetCookieFixDomain("sso_remote_id", $_REQUEST["sso_remote_id"], 0, "", "", SSO_IsSSLRequest(), true);
}
return true;
}
$result = base64_encode($result);
}
echo $result;
exit;
}
function SSO_EndpointError($msg, $info = "")
{
global $sso_skipsleep;
$sso_skipsleep = false;
$result = array("success" => false, "error" => $msg);
if ($info != "") {
$result["info"] = $info;
}
SSO_EndpointOutput($result);
}
if (SSO_USE_HTTPS && !SSO_IsSSLRequest()) {
SSO_EndpointError("SSO Server is configured to only accept HTTPS (SSL) requests.");
}
// Make sure the client version matches the server.
if (!isset($_REQUEST["ver"])) {
SSO_EndpointError("Version not specified. Please use an official SSO client.");
}
if ($_REQUEST["ver"] != "3.0") {
SSO_EndpointError("Client API version does not match server API version. Please use a compatible SSO client.", "3.0");
}
// Handle expected information.
if (!isset($_REQUEST["apikey"])) {
SSO_EndpointError("API key not specified. Please use an official SSO client.");
}
// Break up the API key.
$apikey = explode("-", $_REQUEST["apikey"]);
