public function handle($identity, $password)
{
$openid = $this->getOpenidProvider($identity);
if ($openid !== false) {
$identity = $openid->getIdentifier();
if (!empty($identity)) {
// here we can add addition extensions depending what
// informations we need from the user
$sreg = new Extension\Sreg(array('fullname', 'nickname', 'gender', 'timezone'));
if ($openid->hasExtension($sreg->getNs())) {
$openid->add($sreg);
} else {
$ax = new Extension\Ax(array('fullname' => 'http://axschema.org/namePerson', 'firstname' => 'http://axschema.org/namePerson/first', 'lastname' => 'http://axschema.org/namePerson/last', 'gender' => 'http://axschema.org/person/gender', 'timezone' => 'http://axschema.org/pref/timezone'));
if ($openid->hasExtension($ax->getNs())) {
$openid->add($ax);
}
}
// redirect
$openid->redirect();
} else {
throw new Exception('Invalid identity');
}
} else {
throw new Exception('Invalid openid identity');
}
}
public function onLoad()
{
parent::onLoad();
if ($this->user->hasRight('login_view')) {
// add path
$this->path->add('Connect', $this->page->getUrl() . '/connect');
// check whether connection was started
$this->request = isset($_SESSION['amun_openid_request']) ? $_SESSION['amun_openid_request'] : null;
if ($this->request instanceof SetupRequest) {
// sreg extension
$sreg = null;
$params = $this->request->getExtension(Extension\Sreg::NS);
$required = isset($params['required']) ? explode(',', $params['required']) : array();
$optional = isset($params['optional']) ? explode(',', $params['optional']) : array();
$fields = array_merge($required, $optional);
if (!empty($fields)) {
$sreg = Extension\Sreg::validateFields($fields);
}
// oauth extension
$oauth = null;
$params = $this->request->getExtension(Extension\Oauth::NS);
$consumer = isset($params['consumer']) ? $params['consumer'] : null;
if (!empty($consumer)) {
$oauth = array('consumer' => $consumer);
}
$this->claimedId = $this->request->getClaimedId();
$this->identity = $this->request->getIdentity();
$this->assocHandle = $this->request->getAssocHandle();
$this->returnTo = $this->request->getReturnTo();
$this->sreg = $sreg;
$this->oauth = $oauth;
$this->template->assign('rpData', array_intersect_key($this->getAvailableSregExtFields(), array_flip($sreg)));
$this->template->assign('rpHost', $this->returnTo->getHost());
} else {
throw new Exception('No connection was initialized');
}
// get association
$this->assoc = $this->getAssociation();
// check whether access is already allowed or denied
$status = $this->getHandler('AmunService\\Openid')->getStatus($this->user->getId(), $this->assoc['id']);
if ($status === Openid\Record::APPROVED) {
$this->allowAccess();
}
if ($status === Openid\Record::DENIED) {
$this->denyAccess();
}
// template
$this->htmlCss->add('login');
} else {
throw new Exception('Access not allowed');
}
}
