public function extract(array $data)
{
$record = new SetupRequest();
$record->setParams($data);
if (isset($data['openid_claimed_id'])) {
$record->setClaimedId($data['openid_claimed_id']);
}
if (isset($data['openid_identity'])) {
$record->setIdentity($data['openid_identity']);
}
if (isset($data['openid_assoc_handle'])) {
$record->setAssocHandle($data['openid_assoc_handle']);
}
if (isset($data['openid_return_to'])) {
$record->setReturnTo($data['openid_return_to']);
}
if (isset($data['openid_realm'])) {
$record->setRealm($data['openid_realm']);
}
return $record;
}
public function onCheckidSetup(SetupRequest $request)
{
// check whether authenticated
if (!$this->isAuthenticated()) {
$loginUrl = $this->config['psx_url'] . '/' . $this->config['psx_dispatch'] . 'login';
$selfUrl = new Url($this->base->getSelf());
$values = array_merge($_GET, $_POST);
foreach ($values as $key => $value) {
$selfUrl->addParam($key, $value);
}
//$selfUrl->addParam('openid.mode', 'checkid_setup');
//$selfUrl->addParam('openid.ns', self::NS);
header('Location: ' . $loginUrl . '?redirect=' . urlencode(strval($selfUrl)));
exit;
}
// check association
$sql = <<<SQL
SELECT
\t`assoc`.`id`,
\t`assoc`.`expires`,
\t`assoc`.`date`
FROM
\t{$this->registry['table.openid_assoc']} `assoc`
WHERE
\t`assoc`.`assocHandle` = ?
SQL;
$row = $this->sql->getRow($sql, array($request->getAssocHandle()));
if (!empty($row)) {
// check expire
$now = new DateTime('NOW', $this->registry['core.default_timezone']);
$expire = (int) $row['expires'];
if (time() > $now->getTimestamp() + $expire) {
throw new Exception('Association is expired');
}
} else {
if (!$request->isImmediate()) {
// create association
$date = new DateTime('NOW', $this->registry['core.default_timezone']);
$assocHandle = ProviderAbstract::generateHandle();
$secret = base64_encode(ProviderAbstract::randomBytes(20));
$this->sql->insert($this->registry['table.openid_assoc'], array('assocHandle' => $assocHandle, 'assocType' => 'HMAC-SHA1', 'sessionType' => 'DH-SHA1', 'secret' => $secret, 'expires' => self::EXPIRE, 'date' => $date->format(DateTime::SQL)));
// set assoc handle
$request->setAssocHandle($assocHandle);
} else {
throw new Exception('Invalid association');
}
}
// count connect requests
/*
$maxCount = 5;
$con = new PSX_Sql_Condition(array('userId', '=', $this->user->getId()), array('status', '=', AmunService_Oauth_Record::TEMPORARY));
$count = $this->sql->count($this->registry['table.oauth_request'], $con);
if($count > $maxCount)
{
$conDelete = new PSX_Sql_Condition();
$result = $this->sql->select($this->registry['table.oauth_request'], array('id', 'expire', 'date'), $con, PSX_Sql::SELECT_ALL);
foreach($result as $row)
{
$now = new DateTime('NOW', $this->registry['core.default_timezone']);
$date = new DateTime($row['date'], $this->registry['core.default_timezone']);
$date->add(new DateInterval($row['expire']));
if($now > $date)
{
$conDelete->add('id', '=', $row['id'], 'OR');
}
}
if($conDelete->hasCondition())
{
$this->sql->delete($this->registry['table.oauth_request'], $conDelete);
}
throw new Exception('You can have max ' . $maxCount . ' temporary account connect requests. Each request expires after 30 hour');
}
*/
// save request params
$_SESSION['amun_openid_request'] = $request;
// redirect
header('Location: ' . $this->config['psx_url'] . '/' . $this->config['psx_dispatch'] . 'login/connect');
exit;
}
