コード例 #1
0
/**
 * Get attributes from OpenID response and populate 'user'-like structure
 * If matching user exists then return matching user
 *
 * @param string $resp - the OpenID response
 * @return user object - false on multiple matches, or the matching user object 
 *                       _or_ new user object with members:
 *                           username, email, firstname, lastname, country
 */
function openid_resp_to_user(&$resp)
{
    $tmp_users = array();
    $user = new stdClass();
    $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($resp);
    $sreg = $sreg_resp->contents();
    if (defined('ADD_AX_SUPPORT')) {
        $ax_resp = new Auth_OpenID_AX_FetchResponse();
        $ax = $ax_resp->fromSuccessResponse($resp);
    }
    // We'll attempt to use the user's nickname to set their username
    if (isset($sreg['nickname']) && !empty($sreg['nickname']) && !($tmp_users['username'] = get_records('user', 'username', addslashes($sreg['nickname']))) || defined('USE_EMAIL_FOR_USERNAME') && isset($sreg['email']) && !empty($sreg['email']) && !($tmp_users['username_email'] = get_records('user', 'username', $sreg['email']))) {
        $user->username = addslashes(isset($sreg['nickname']) && !empty($sreg['nickname']) ? $sreg['nickname'] : $sreg['email']);
    } else {
        if (defined('ADD_AX_SUPPORT') && (($nickname = get_ax_data(AX_SCHEMA_NICKNAME, $ax)) && !($tmp_users['username'] = get_records('user', 'username', addslashes($nickname))) || defined('USE_EMAIL_FOR_USERNAME') && ($useremail = get_ax_data(AX_SCHEMA_EMAIL, $ax)) && !($tmp_users['username_email'] = get_records('user', 'username', $useremail)))) {
            // better to fall-back to email? may show-up in various display blocks
            $user->username = addslashes($nickname ? $nickname : $useremail);
        } else {
            $user->username = openid_normalize_url_as_username($resp->identity_url);
        }
    }
    // SREG fullname
    if (isset($sreg['fullname']) && !empty($sreg['fullname'])) {
        $name = openid_parse_full_name($sreg['fullname']);
        $user->firstname = addslashes($name['first']);
        $user->lastname = addslashes($name['last']);
    } else {
        if (defined('ADD_AX_SUPPORT') && (get_ax_data(AX_SCHEMA_FULLNAME, $ax) || get_ax_data(AX_SCHEMA_LASTNAME, $ax))) {
            if (get_ax_data(AX_SCHEMA_LASTNAME, $ax)) {
                $user->firstname = addslashes(get_ax_data(AX_SCHEMA_FIRSTNAME, $ax));
                $user->lastname = addslashes(get_ax_data(AX_SCHEMA_LASTNAME, $ax));
            } else {
                // fullname
                $name = openid_parse_full_name(get_ax_data(AX_SCHEMA_FULLNAME, $ax));
                $user->firstname = addslashes($name['first']);
                $user->lastname = addslashes($name['last']);
            }
        }
    }
    if (!empty($user->lastname)) {
        $tmp_users['fullname'] = get_records_select('user', "firstname = '" . $user->firstname . "' AND lastname = '" . $user->lastname . "'");
    }
    // SREG email
    if (!empty($sreg['email']) && !($tmp_users['email'] = get_records('user', 'email', $sreg['email']))) {
        $user->email = addslashes($sreg['email']);
    } else {
        if (defined('ADD_AX_SUPPORT') && ($useremail = get_ax_data(AX_SCHEMA_EMAIL, $ax)) && !($tmp_users['email'] = get_records('user', 'email', $useremail))) {
            $user->email = addslashes($useremail);
        }
    }
    // SREG country
    $country = '';
    if (isset($sreg['country']) && !empty($sreg['country'])) {
        $country = $sreg['country'];
    } else {
        if (defined('ADD_AX_SUPPORT') && get_ax_data(AX_SCHEMA_COUNTRY, $ax)) {
            $country = get_ax_data(AX_SCHEMA_COUNTRY, $ax);
        }
    }
    if (!empty($country)) {
        $country_code = strtoupper($country);
        $countries = get_list_of_countries();
        if (strlen($country) != 2 || !isset($countries[$country_code])) {
            $countries_keys = array_keys($countries);
            $countries_vals = array_values($countries);
            $country_code = array_search($country, $countries_vals);
            if ($country_code > 0) {
                $country_code = $countries_keys[$country_code];
            } else {
                $country_code = '';
            }
        }
        if (!empty($country_code)) {
            $user->country = $country_code;
        }
    }
    /* We're currently not attempting to get language and timezone values
        // SREG language
        if (isset($sreg['language']) && !empty($sreg['language'])) {
        }
    
        // SREG timezone
        if (isset($sreg['timezone']) && !empty($sreg['timezone'])) {
        }
      */
    $config = get_config('auth/openid');
    //error_log("/auth/openid/locallib.php::auth/openid::config=...");
    //err_dump($config);
    //error_log("/auth/openid/locallib.php::openid_resp_to_user() - check for user matching ...");
    //err_dump($user);
    // Map OpenID fields to whether field MUST be unique
    // TBD: make unique fields configurable im OpenID: auth_config_users.html
    // Keys must match keys in tmp_users[] array - set above.
    $openid_fields = array('email' => 1, 'fullname' => 0, 'username' => 0, 'username_email' => 1);
    foreach ($openid_fields as $openid_field => $field_unique) {
        $match_array = str_word_count($config->auth_openid_match_fields, 1, '_');
        $num = !empty($match_array) ? 1 : 0;
        if ($field_unique && !empty($tmp_users[$openid_field]) && count($tmp_users[$openid_field]) > $num) {
            //error_log("/auth/openid/locallib.php::openid_resp_to_user() - multiple matches on count(tmp_users[{$openid_field}])=".count($tmp_users[$openid_field])." ...");
            //err_dump($tmp_users[$openid_field]);
            //error_log("> match_array=...");
            //err_dump($match_array);
            return false;
        }
    }
    $matching_user = null;
    // check tmp_users[] matches for valid existing user,
    // return false if conflicts between matching fields
    if (!empty($config->auth_openid_match_fields)) {
        $openid_match_fields = explode(',', $config->auth_openid_match_fields);
        foreach ($openid_match_fields as $match_field) {
            $match_field = trim($match_field);
            if (!empty($tmp_users[$match_field]) && count($tmp_users[$match_field]) == 1) {
                if (!$matching_user) {
                    $matching_user = reset($tmp_users[$match_field]);
                } else {
                    if ($openid_fields[$match_field] && $matching_user->id != reset($tmp_users[$match_field])->id) {
                        // unique field matches different user!
                        return false;
                    }
                }
            }
        }
    }
    if (!empty($matching_user)) {
        merge_user_fields($matching_user, $user);
        //error_log( "openid_resp_to_user() - merged matching user: ");
        //err_dump($matching_user);
        return $matching_user;
    }
    return $user;
}
コード例 #2
0
ファイル: auth.php プロジェクト: ejucovy/moodle-openid
 /**
  * Create a new account using simple registration data if available
  *
  * @access private
  * @param object &$resp An OpenID consumer response object
  * @return object The new user
  */
 function _create_account(&$resp)
 {
     global $CFG, $USER;
     $url = $resp->identity_url;
     $password = hash_internal_user_password('openid');
     $server = $resp->endpoint->server_url;
     $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($resp);
     $sreg = $sreg_resp->contents();
     // We'll attempt to use the user's nickname to set their username
     if (isset($sreg['nickname']) && !empty($sreg['nickname']) && !record_exists('users', 'username', $sreg['nickname'])) {
         $username = $sreg['nickname'];
     } else {
         $username = openid_normalize_url_as_username($url);
     }
     create_user_record($username, $password, 'openid');
     $user = get_complete_user_data('username', $username);
     openid_append_url($user, $url);
     // SREG fullname
     if (isset($sreg['fullname']) && !empty($sreg['fullname'])) {
         $name = openid_parse_full_name($sreg['fullname']);
         $user->firstname = $name['first'];
         $user->lastname = $name['last'];
     }
     // SREG email
     if (isset($sreg['email']) && !empty($sreg['email']) && !record_exists('user', 'email', $sreg['email'])) {
         $user->email = $sreg['email'];
     }
     // SREG country
     if (isset($sreg['country']) && !empty($sreg['country'])) {
         $country = $sreg['country'];
         $country_code = strtoupper($country);
         $countries = get_list_of_countries();
         if (strlen($country) != 2 || !isset($countries[$country_code])) {
             $countries_keys = array_keys($countries);
             $countries_vals = array_values($countries);
             $country_code = array_search($country, $countries_vals);
             if ($country_code > 0) {
                 $country_code = $countries_keys[$country_code];
             } else {
                 $country_code = '';
             }
         }
         if (!empty($country_code)) {
             $user->country = $country_code;
         }
     }
     /* We're currently not attempting to get language and timezone values
        // SREG language
        if (isset($sreg['language']) && !empty($sreg['language'])) {
        }
        
        // SREG timezone
        if (isset($sreg['timezone']) && !empty($sreg['timezone'])) {
        }
        */
     if (function_exists('on_openid_create_account')) {
         on_openid_create_account($resp, $user);
     }
     update_record('user', $user);
     $user = get_complete_user_data('id', $user->id);
     // Redirect the user to their profile page if not set up properly
     if (!empty($user) && user_not_fully_set_up($user)) {
         $USER = clone $user;
         $urltogo = $CFG->wwwroot . '/user/edit.php';
         redirect($urltogo);
     }
     return $user;
 }