/**
* sreg_form
*
* @param Zend_OpenId_Extension_Sreg $sreg
* @return string
*/
function sreg_form(Zend_OpenId_Extension_Sreg $sreg)
{
$s = "";
$props = $sreg->getProperties();
if (is_array($props) && count($props) > 0) {
$s = 'It also requests additinal information about you';
$s .= ' (fields marked by <u>*</u> are required)<br>';
$s .= '<table border="0" cellspacing="2" cellpadding="2">';
foreach ($props as $prop => $val) {
if ($val) {
$s .= '<tr><td><u>' . $prop . ':*</u></td>';
} else {
$s .= '<tr><td>' . $prop . ':</u></td>';
}
$value = "";
$s .= '<td><input type="text" name="openid.sreg.' . $prop . '" value="' . $value . '"></td></tr>';
}
$s .= '</table><br>';
$policy = $sreg->getPolicyUrl();
if (!empty($policy)) {
$s .= 'The private policy can be found at <a href="' . $policy . '">' . $policy . '</a>.<br>';
}
}
return $s;
}
/**
* testing parseResponse
*
*/
public function testParseResponse()
{
$ext = new Zend_OpenId_Extension_Sreg();
$this->assertTrue($ext->parseResponse(array()));
$this->assertSame(array(), $ext->getProperties());
$this->assertSame(null, $ext->getPolicyUrl());
$this->assertSame(1.0, $ext->getVersion());
$this->assertTrue($ext->parseResponse(array('openid_sreg_nickname' => self::USER, 'openid_sreg_email' => self::EMAIL)));
$this->assertSame(array('nickname' => self::USER, 'email' => self::EMAIL), $ext->getProperties());
$this->assertSame(null, $ext->getPolicyUrl());
$this->assertSame(1.0, $ext->getVersion());
$this->assertTrue($ext->parseResponse(array('openid_sreg_nickname' => self::USER, 'openid_sreg_email' => self::EMAIL, 'openid_sreg_policy_url' => self::POLICY)));
$this->assertSame(array('nickname' => self::USER, 'email' => self::EMAIL), $ext->getProperties());
$this->assertSame(null, $ext->getPolicyUrl());
$this->assertSame(1.0, $ext->getVersion());
$this->assertTrue($ext->parseResponse(array('openid_ns_sreg' => "http://openid.net/extensions/sreg/1.1", 'openid_sreg_nickname' => self::USER, 'openid_sreg_email' => self::EMAIL)));
$this->assertSame(array('nickname' => self::USER, 'email' => self::EMAIL), $ext->getProperties());
$this->assertSame(null, $ext->getPolicyUrl());
$this->assertSame(1.1, $ext->getVersion());
}
protected function loginOpenID()
{
$auth = Zend_Auth::getInstance();
if (isset($_POST['openid_action']) || $this->isOpenIDCallback()) {
if (!$this->isOpenIDCallback() && empty($_POST['openid_url'])) {
return $this->failToLoginOpenID('We weren\'t given much to work with. Make sure you fill in your OpenID url.');
}
$normalizedUrl = !$this->isOpenIDCallback() ? $_POST['openid_url'] : null;
if ($this->isOpenIDCallback() || ($normalizedUrl = $this->mapOpenIDUrl($normalizedUrl))) {
$sreg = new Zend_OpenId_Extension_Sreg(array('nickname' => false, 'email' => false, 'fullname' => false, 'dob' => false, 'gender' => false, 'postcode' => false, 'country' => false, 'language' => false, 'timezone' => false), null, 1.1);
$result = $auth->authenticate(new Zend_Auth_Adapter_OpenId($normalizedUrl, null, null, null, $sreg));
if (!$result->isValid()) {
return $this->failToLoginOpenID(implode($result->getMessages(), '<br/>'), !$this->isOpenIDCallback() ? $_POST['openid_url'] : null);
}
$user_id = $this->_getOpenIDModel()->fetchUserId($auth->getIdentity());
if (!$user_id) {
// This is a new user.
$profile = $sreg->getProperties();
// Avoid dupes.
if (isset($profile['nickname']) && !empty($profile['nickname'])) {
$exists = $this->_getUsersModel()->nicknameExists($profile['nickname']);
unset($profile['nickname']);
}
$user_id = $this->_getUsersModel()->createNewUserFromProfile($profile);
$this->_getOpenIDModel()->attachOpenID($auth->getIdentity(), $user_id);
$this->_storeUserProfile($auth, $user_id, $profile);
$this->_helper->getHelper('Redirector')->setGotoSimple('confirm', 'profile');
} else {
// A great success!
$this->_getUsersModel()->updateLoginTime($user_id);
$this->_storeUserProfile($auth, $user_id, $this->_getUsersModel()->fetchUserProfile($user_id));
$this->_helper->getHelper('Redirector')->setGotoSimple('index', 'index');
}
} else {
if (!$this->isOpenIDCallback()) {
$this->_forward('index', 'login', null, array('error' => 'The OpenID url you provided isn\'t valid.', 'openid_url' => $_POST['openid_url']));
}
}
} else {
return $this->failToLoginOpenID('No data sent over the wire.');
}
return true;
}
if ($consumer->verify($_GET, $id, $sreg)) {
$status = "VALID {$id}";
$data = $sreg->getProperties();
} else {
$status = "INVALID {$id} (" . $consumer->getError() . ")";
}
} else {
if ($_GET['openid_mode'] == "cancel") {
$status = "CANCELED";
}
}
}
}
$sreg_html = "";
$sreg = new Zend_OpenId_Extension_Sreg();
foreach (Zend_OpenId_Extension_Sreg::getSregProperties() as $prop) {
$val = isset($data[$prop]) ? $data[$prop] : "";
$sreg_html .= <<<EOF
<tr><td>{$prop}</td>
<td>
<input type="radio" name="{$prop}" value="required">
</td><td>
<input type="radio" name="{$prop}" value="optional">
</td><td>
<input type="radio" name="{$prop}" value="none" checked="1">
</td><td>
{$val}
</td></tr>
EOF;
}
?>
/**
* Registers a new user with a given OpenID.
*/
public function openidregAction()
{
OntoWiki::getInstance()->getNavigation()->disableNavigation();
// We render a template, that is also used for preferences.
$this->_helper->viewRenderer->setScriptAction('openid');
$this->view->placeholder('main.window.title')->set('Register User with OpenID');
$this->view->formActionUrl = $this->_config->urlBase . 'application/openidreg';
$this->view->formMethod = 'post';
$this->view->formClass = 'simple-input input-justify-left';
$this->view->formName = 'registeruser';
// Fetch POST and GET of the request. One of them or both will be empty.
$post = $this->_request->getPost();
$get = $this->_request->getQuery();
if (!empty($post)) {
// Step 1: User entered data and clicked on 'Check OpenID'
if ((int) $post['step'] === 1) {
$openId = $post['openid_url'];
$label = $post['label'];
$email = $post['email'];
$emailValidator = new Zend_Validate_EmailAddress();
// Is register action allowed for current user?
if (!$this->_erfurt->isActionAllowed('RegisterNewUser') || !($actionConfig = $this->_erfurt->getActionConfig('RegisterNewUser'))) {
$message = 'Action not permitted for the current user.';
$this->_owApp->appendMessage(new OntoWiki_Message($message, OntoWiki_Message::ERROR));
} else {
if (empty($openId)) {
// openid_url field must not be empty
$message = 'No OpenID was entered.';
$this->_owApp->appendMessage(new OntoWiki_Message($message, OntoWiki_Message::ERROR));
} else {
if (array_key_exists($openId, $this->_erfurt->getUsers())) {
// Does user already exist?
$message = 'A user with the given OpenID is already registered.';
$this->_owApp->appendMessage(new OntoWiki_Message($message, OntoWiki_Message::ERROR));
} else {
if (!empty($email) && isset($actionConfig['mailvalidation']) && $actionConfig['mailvalidation'] === 'yes' && !$emailValidator->isValid($email)) {
// If an (optional) email address is given, check whether it is valid.
$message = 'Email address validation failed.';
$this->_owApp->appendMessage(new OntoWiki_Message($message, OntoWiki_Message::ERROR));
} else {
// Everything seems to be OK... Check the OpenID (redirect to the provider).
// We want to verify the OpenID auth response in this action.
$verifyUrl = $this->_config->urlBase . 'application/openidreg';
// If label and/or email are given, put them at the end of the request url, for
// we need them later.
if (!empty($label) && !empty($email)) {
$verifyUrl .= '?label=' . urlencode($label) . '&email=' . urlencode($email);
} else {
if (!empty($label)) {
$verifyUrl .= '?label=' . urlencode($label);
} else {
if (!empty($email)) {
$verifyUrl .= '?email=' . urlencode($email);
}
}
}
$sReg = new Zend_OpenId_Extension_Sreg(array('nickname' => false, 'email' => false), null, 1.1);
$adapter = new Erfurt_Auth_Adapter_OpenId($openId, $verifyUrl, null, null, $sReg);
// We use the adapter directly, for we do not store the identity in session.
$result = $adapter->authenticate();
// If we reach this point, something went wrong
$message = 'OpenID check failed.';
$this->_owApp->appendMessage(new OntoWiki_Message($message, OntoWiki_Message::ERROR));
}
}
}
}
// If we reach this section, something went wrong, so we reset the form and show the message.
$this->view->openid = '';
$this->view->readonly = '';
$this->view->email = '';
$this->view->label = '';
$this->view->step = 1;
$toolbar = $this->_owApp->toolbar;
$toolbar->appendButton(OntoWiki_Toolbar::SUBMIT, array('name' => 'Check OpenID'))->appendButton(OntoWiki_Toolbar::RESET, array('name' => 'Reset Form'));
$this->view->placeholder('main.window.toolbar')->set($toolbar);
} else {
if ((int) $post['step'] === 2) {
// Step 2: OpenID was verified and user clicked on register button.
$openid = $post['openid_url'];
$email = $post['email'];
$label = $post['label'];
// Give user default group?
$actionConfig = $this->_erfurt->getActionConfig('RegisterNewUser');
$group = null;
if (isset($actionConfig['defaultGroup'])) {
$group = $actionConfig['defaultGroup'];
}
// Add the new user.
if ($this->_erfurt->addOpenIdUser($openid, $email, $label, $group)) {
$message = 'The user with the OpenID "' . $openid . '" has been successfully registered.';
$this->_owApp->appendMessage(new OntoWiki_Message($message, OntoWiki_Message::SUCCESS));
} else {
$message = 'A registration error occured. Please refer to the log entries.';
$this->_owApp->appendMessage(new OntoWiki_Message($message, OntoWiki_Message::ERROR));
}
// Reset the form...
$this->view->openid = '';
$this->view->readonly = '';
$this->view->email = '';
$this->view->label = '';
$this->view->step = 1;
$toolbar = $this->_owApp->toolbar;
$toolbar->appendButton(OntoWiki_Toolbar::SUBMIT, array('name' => 'Check OpenID'))->appendButton(OntoWiki_Toolbar::RESET, array('name' => 'Reset Form'));
$this->view->placeholder('main.window.toolbar')->set($toolbar);
}
}
} else {
if (!empty($get)) {
// This is the verify request
$sReg = new Zend_OpenId_Extension_Sreg(array('nickname' => false, 'email' => false), null, 1.1);
$adapter = new Erfurt_Auth_Adapter_OpenId(null, null, null, $get, $sReg);
// We use the adapter directly, for we do not store the identity in session.
$result = $adapter->authenticate();
if (!$result->isValid()) {
// Something went wrong, show a message
$message = 'OpenID verification failed.';
$this->_owApp->appendMessage(new OntoWiki_Message($message, OntoWiki_Message::ERROR));
}
$data = $sReg->getProperties();
// Use the prefilled data from the user (if given) or if not use the data from the provider (if
// available).
if (isset($get['email'])) {
$email = $get['email'];
} else {
if (isset($data['email'])) {
$email = $data['email'];
} else {
$email = '';
}
}
if (isset($get['label'])) {
$label = $get['label'];
} else {
if (isset($data['nickname'])) {
$label = $data['nickname'];
} else {
$label = '';
}
}
$this->view->openid = $get['openid_identity'];
$this->view->readonly = 'readonly="readonly"';
// OpenID must not be changed now.
$this->view->email = $email;
$this->view->label = $label;
$this->view->step = 2;
$this->view->checked = true;
// We use this to show a green icon for success
$toolbar = $this->_owApp->toolbar;
$toolbar->appendButton(OntoWiki_Toolbar::SUBMIT, array('name' => 'Register User'))->appendButton(OntoWiki_Toolbar::CANCEL, array('name' => 'Cancel', 'class' => 'openidreg-cancel'));
$this->view->placeholder('main.window.toolbar')->set($toolbar);
} else {
// No post and get data... This is the initial form...
$this->view->openid = '';
$this->view->readonly = '';
$this->view->email = '';
$this->view->label = '';
$this->view->step = 1;
$toolbar = $this->_owApp->toolbar;
$toolbar->appendButton(OntoWiki_Toolbar::SUBMIT, array('name' => 'Check OpenID'))->appendButton(OntoWiki_Toolbar::RESET, array('name' => 'Reset Form'));
$this->view->placeholder('main.window.toolbar')->set($toolbar);
}
}
}
/**
* Verification success: authenticate or create user
*
* @param string $uid - Identity
* @param Zend_OpenId_Extension_Sreg $sreg
* @return void
*/
public function verifiedCallback($uid, Zend_OpenId_Extension_Sreg $sreg)
{
$user = Doctrine::getTable('sfOpenAuthUser')->findOneBy('identity', $uid);
if (!$user) {
$user = new sfOpenAuthUser();
$user->setIdentity($uid);
$props = $sreg->getProperties();
if (!empty($props['fullname'])) {
$user->setName($props['fullname']);
}
if (!empty($props['email'])) {
$user->setEmail($props['email']);
}
}
$user->setDateTimeObject('last_login', new DateTime());
$user->save();
$authUser = $this->getUser();
$authUser->signIn($user);
// remember
// remove old keys
$ttl = sfConfig::get('app_open_auth_remember_ttl');
$q = Doctrine::getTable('sfOpenAuthRememberKey')->clean($user, $ttl);
// save key
$rk = new sfOpenAuthRememberKey();
$rk->setUser($user);
$rk->setIpAddress($_SERVER['REMOTE_ADDR']);
$rk->setRememberKey(sfOpenAuthRememberKey::generateRandomKey());
$rk->save();
// make key as a cookie
$this->getResponse()->setCookie(sfConfig::get('app_open_auth_remember_cookie'), $rk->getRememberKey(), time() + $ttl);
$this->dispatcher->notifyUntil(new sfEvent($this, 'app.auth.success'));
$this->redirect(sfConfig::get('app_open_auth_redirect_signin'));
}
