function get_id_token_claims($request)
{
$requested_claims = array();
$profile_claims = array();
if (isset($request['claims']) && isset($request['claims']['id_token'])) {
$requested_claims = get_requested_claims($request, array('id_token'));
}
if ($request['response_type'] == 'id_token') {
$scopes = $request['scope'];
if (is_string($scopes)) {
$scopes = explode(' ', $scopes);
}
if (!is_array($scopes)) {
return array();
}
if (in_array('email', $scopes)) {
$requested_claims['email'] = 0;
$requested_claims['email_verified'] = 0;
}
if (in_array('address', $scopes)) {
$requested_claims['address'] = 0;
}
if (in_array('phone', $scopes)) {
$requested_claims['phone_number'] = 0;
$requested_claims['phone_number_verified'] = 0;
}
if (in_array('profile', $scopes)) {
$profile_claims = get_default_claims();
unset($profile_claims['email']);
unset($profile_claims['email_verified']);
unset($profile_claims['address']);
unset($profile_claims['phone_number']);
unset($profile_claims['phone_number_verified']);
$profile_keys = array_keys($profile_claims);
$num = count($profile_keys);
if ($num) {
$profile_claims = array_combine($profile_keys, array_fill(0, $num, 0));
}
}
}
return array_merge($requested_claims, $profile_claims);
}
/**
* Show Confirmation Dialogue for Attributes.
* @param String $r Request String (JSON)
* @return String HTML to be shown.
*/
function custom_confirm_userinfo($client = null)
{
$req = $_SESSION['rpfA'];
$scopes = explode(' ', $req['scope']);
$response_types = explode(' ', $req['response_type']);
$offline_access = in_array('offline_access', $scopes) && in_array('code', $response_types) ? 'YES' : 'NO';
$axlabel = get_default_claims();
$requested_claims = get_all_requested_claims($req, $req['scope']);
log_info('requested claims = %s', print_r($requested_claims, true));
$attributes = '';
$account = db_get_account($_SESSION['username']);
foreach ($requested_claims as $claim => $required) {
if ($required == 1) {
$star = "<font color='red'>*</font>";
} else {
$star = '';
}
$claim_label = "{$axlabel[$claim]}{$star}";
$claim_value = $account[$claim];
$attributes .= "<tr><td>{$claim_label}</td><td>{$claim_value}</td><td></td></tr>\n";
}
$attribute_form_template = <<<EOF
<div class='persona'>
<form method="POST" action="{$_SERVER['SCRIPT_NAME']}/confirm_userinfo" >
<input type="hidden" name="mode" value="ax_confirm">
<table cellspacing="0" cellpadding="0" width="600">
<thead><tr><th>Attribute</th><th>Value</th><th>Confirm</th></tr></thead>
{$attributes}
<tr><td colspan="3"> </td></tr>
<thead><tr><td><b>Offline Access Requested</b></td><td>{$offline_access}</td><td></td></tr></thead>
<tr><td colspan="3"> </td></tr>
<tr><td colspan="3"> </td></tr>
<tr><td colspan="3" style='line-height : 2;'><input type="checkbox" name="agreed" value="1" checked>I Agree to provide the above information. <br/>
<input type="radio" name="trust" value="once" checked>Trust this site this time only <br />
<input type="radio" name="trust" value="always" >Trust this site always <br/>
</td></tr>
<tr><td colspan="3"><center><input type="submit" name="confirm" value="confirmed"> </center></td></tr></table>
</form>
</div>
EOF;
$styles = <<<EOF
<style type="text/css">
/*demo page css*/
body{ font: 80% "Trebuchet MS", sans-serif; margin: 50px;}
.persona table{ font: 100% "verdana", san-serif; }
.persona td { font: 100% "verdana", san-serif;}
</style>
EOF;
$str = '
<html>
<head><title>' . OP_SERVER_NAME . ' AX Confirm</title>
<meta name="viewport" content="width=620">' . $styles . '
</head>
<body background-color:#EEEEEE;line-height : 1.5;>
<h1>Attribute Sharing Consent</h1>
<h2><b>' . $client['client_name'] . ' service </b> requests following profile values...</h2>' . $attribute_form_template . '
<img src="../../../img/rethink.png" />
</body>
</html>
';
return $str;
}
