function doAuth($info, $trusted = null, $fail_cancels = false)
{
if (!$info) {
// There is no authentication information, so bail
return authCancel(null);
}
$req_url = $info->identity;
$user = getLoggedInUser();
setRequestInfo($info);
if ($req_url != $user) {
return login_render(array(), $req_url, $req_url);
}
$sites = getSessionSites();
$trust_root = $info->trust_root;
$fail_cancels = $fail_cancels || isset($sites[$trust_root]);
$trusted = isset($trusted) ? $trusted : isTrusted($req_url, $trust_root);
if ($trusted) {
setRequestInfo();
$server =& getServer();
$response =& $info->answer(true);
$webresponse =& $server->encodeResponse($response);
$new_headers = array();
foreach ($webresponse->headers as $k => $v) {
$new_headers[] = $k . ": " . $v;
}
return array($new_headers, $webresponse->body);
} elseif ($fail_cancels) {
return authCancel($info);
} else {
return trust_render($info);
}
}
function action_sites()
{
$sites = getSessionSites();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_POST['forget'])) {
$sites = null;
setSessionSites($sites);
} elseif (isset($_POST['remove'])) {
foreach ($_POST as $k => $v) {
if (preg_match('/^site[0-9]+$/', $k) && isset($sites[$v])) {
unset($sites[$v]);
}
}
setSessionSites($sites);
}
}
return sites_render($sites);
}
/**
* Return whether the trust root is currently trusted
*/
function isTrusted($identity_url, $trust_root)
{
// from config.php
global $trusted_sites;
if ($identity_url != getLoggedInUser()) {
return false;
}
if (in_array($trust_root, $trusted_sites)) {
return true;
}
$sites = getSessionSites();
return isset($sites[$trust_root]) && $sites[$trust_root];
}