/** * @param OpenIdResponse $response * @return IHttpResponseStrategy * @throws \Exception */ public static function buildStrategy(OpenIdResponse $response) { $type = $response->getType(); switch ($type) { case OpenIdIndirectResponse::OpenIdIndirectResponse: return ServiceLocator::getInstance()->getService(OpenIdIndirectResponse::OpenIdIndirectResponse); break; case OpenIdDirectResponse::OpenIdDirectResponse: return ServiceLocator::getInstance()->getService(OpenIdDirectResponse::OpenIdDirectResponse); break; default: throw new \Exception("Invalid OpenId response Type"); break; } }
public function prepareResponse(OpenIdRequest $request, OpenIdResponse $response, ResponseContext $context) { try { $simple_reg_request = new OpenIdSREGRequest($request->getMessage()); if (!$simple_reg_request->isValid()) { return; } $response->addParam(self::paramNamespace(), self::NamespaceUrl); $attributes = $simple_reg_request->getRequiredAttributes(); $opt_attributes = $simple_reg_request->getOptionalAttributes(); $attributes = array_merge($attributes, $opt_attributes); $user = $this->auth_service->getCurrentUser(); foreach ($attributes as $attr => $value) { $context->addSignParam(self::param($attr)); if ($attr == self::Email) { $response->addParam(self::param($attr), $user->getEmail()); } if ($attr == self::Country) { $response->addParam(self::param($attr), $user->getCountry()); } if ($attr == self::Nickname || $attr == self::FullName) { $response->addParam(self::param($attr), $user->getFullName()); } if ($attr == self::Language) { $response->addParam(self::param($attr), $user->getLanguage()); } } } catch (Exception $ex) { $this->log_service->error($ex); } }
public function __construct() { // Successful Responses: A server receiving a valid request MUST send a // response with an HTTP status code of 200. parent::__construct(self::HttpOkResponse, self::IndirectResponseContentType); /* * This particular value MUST be present for the response to be a valid OpenID 2.0 * response. Future versions of the specification may define different values in order * to allow message recipients to properly interpret the request. */ $this[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS)] = OpenIdProtocol::OpenID2MessageType; }
public function prepareResponse(OpenIdRequest $request, OpenIdResponse $response, ResponseContext $context) { try { $ax_request = new OpenIdAXRequest($request->getMessage()); if (!$ax_request->isValid()) { return; } $response->addParam(self::paramNamespace(), self::NamespaceUrl); $response->addParam(self::param(self::Mode), self::FetchResponse); $context->addSignParam(self::param(self::Mode)); $attributes = $ax_request->getRequiredAttributes(); $user = $this->auth_service->getCurrentUser(); foreach ($attributes as $attr) { $response->addParam(self::param(self::Type) . "." . $attr, self::$available_properties[$attr]); $context->addSignParam(self::param(self::Type) . "." . $attr); $context->addSignParam(self::param(self::Value) . "." . $attr); if ($attr == "email") { $response->addParam(self::param(self::Value) . "." . $attr, $user->getEmail()); } if ($attr == "country") { $response->addParam(self::param(self::Value) . "." . $attr, $user->getCountry()); } if ($attr == "firstname") { $response->addParam(self::param(self::Value) . "." . $attr, $user->getFirstName()); } if ($attr == "lastname") { $response->addParam(self::param(self::Value) . "." . $attr, $user->getLastName()); } if ($attr == "language") { $response->addParam(self::param(self::Value) . "." . $attr, $user->getLanguage()); } } } catch (Exception $ex) { $this->log_service->error($ex); } }
/** * @param OpenIdRequest $request * @param OpenIdResponse $response * @param ResponseContext $context * @return mixed|void */ public function prepareResponse(OpenIdRequest $request, OpenIdResponse $response, ResponseContext $context) { try { $oauth2_request = new OpenIdOAuth2Request($request->getMessage()); if (!$oauth2_request->isValid()) { return; } //get auth code $oauth2_msg = new OAuth2Message(array(OAuth2Protocol::OAuth2Protocol_ClientId => $oauth2_request->getClientId(), OAuth2Protocol::OAuth2Protocol_Scope => $oauth2_request->getScope(), OAuth2Protocol::OAuth2Protocol_RedirectUri => $request->getParam(OpenIdProtocol::OpenIDProtocol_ReturnTo), OAuth2Protocol::OAuth2Protocol_State => $oauth2_request->getState(), OAuth2Protocol::OAuth2Protocol_Approval_Prompt => $oauth2_request->getApprovalPrompt(), OAuth2Protocol::OAuth2Protocol_AccessType => $oauth2_request->getAccessType(), OAuth2Protocol::OAuth2Protocol_ResponseType => OAuth2Protocol::OAuth2Protocol_ResponseType_Code)); // do oauth2 Authorization Code Grant 1st step (get auth code to exchange for an access token) // http://tools.ietf.org/html/rfc6749#section-4.1 $oauth2_response = $this->oauth2_protocol->authorize(new OAuth2AuthorizationRequest($oauth2_msg)); if (get_class($oauth2_response) == 'oauth2\\responses\\OAuth2AuthorizationResponse') { //add namespace $response->addParam(self::paramNamespace(), self::NamespaceUrl); $context->addSignParam(self::paramNamespace()); //add auth code $response->addParam(self::param(self::RequestToken), $oauth2_response->getAuthCode()); $context->addSignParam(self::param(self::RequestToken)); //add requested scope $response->addParam(self::param(self::Scope), $oauth2_response->getScope()); $context->addSignParam(self::param(self::Scope)); //add state $response->addParam(self::param(self::State), $oauth2_request->getState()); $context->addSignParam(self::param(self::State)); } } catch (Exception $ex) { $this->log_service->error($ex); $this->checkpoint_service->trackException($ex); //http://step2.googlecode.com/svn/spec/openid_oauth_extension/latest/openid_oauth_extension.html#AuthResp /* * To note that the OAuth Authorization was declined or not valid, the Combined Provider SHALL only * respond with the parameter "openid.ns.oauth". */ //add namespace $response->addParam(self::paramNamespace(), self::NamespaceUrl); $context->addSignParam(self::paramNamespace()); } }