/** * Handle a standard OpenID server request */ function action_default() { header('X-XRDS-Location: ' . buildURL('idpXrds')); $server =& getServer(); $method = $_SERVER['REQUEST_METHOD']; $request = null; if ($method == 'GET') { $request = $_GET; } else { $request = $_POST; } $request = $server->decodeRequest(); if (!$request) { return about_render(); } setRequestInfo($request); if (in_array($request->mode, array('checkid_immediate', 'checkid_setup'))) { if ($request->idSelect()) { // Perform IDP-driven identifier selection if ($request->mode == 'checkid_immediate') { $response =& $request->answer(false); } else { return trust_render($request); } } else { if (!$request->identity && !$request->idSelect()) { // No identifier used or desired; display a page saying // so. return noIdentifier_render(); } else { if ($request->immediate) { $response =& $request->answer(false, buildURL()); } else { /* if (!getLoggedInUser()) { return login_render(); } */ return trust_render($request); } } } } else { $response =& $server->handleRequest($request); } $webresponse =& $server->encodeResponse($response); if ($webresponse->code != AUTH_OPENID_HTTP_OK) { header(sprintf("HTTP/1.1 %d ", $webresponse->code), true, $webresponse->code); } foreach ($webresponse->headers as $k => $v) { header("{$k}: {$v}"); } header(header_connection_close); print $webresponse->body; exit(0); }
public function auth() { $server =& $this->openid->getOpenIdServer(); $request = $server->decodeRequest(); $this->openid->setRequestInfo($request); if (in_array($request->mode, array('checkid_immediate', 'checkid_setup'))) { // Among all steps, only the authentication one involves user interaction, thus it need to be handles seperated here. if ($request->idSelect()) { // Perform IDP-driven identifier selection // TODO: container should implement it by themselves! if ($request->mode == 'checkid_immediate') { $response =& $request->answer(false); } else { return $this->trust_render($request); } } else { if (!$request->identity && !$request->idSelect()) { // No identifier used or desired; display a page saying so. return noIdentifier_render(); } else { if ($request->immediate) { $response =& $request->answer(false, $this->openid->buildURL()); } else { // Handles the real authentications if (!isset($_SESSION['id'])) { $this->login_render(); return; } return $this->trust_render($request); } } } } else { $response =& $server->handleRequest($request); } $webresponse =& $server->encodeResponse($response); if ($webresponse->code != AUTH_OPENID_HTTP_OK) { header(sprintf("HTTP/1.1 %d ", $webresponse->code), true, $webresponse->code); } foreach ($webresponse->headers as $k => $v) { header("{$k}: {$v}"); } header(header_connection_close); print $webresponse->body; exit(0); }
/** * Handle a standard OpenID server request */ function action_default() { header('X-XRDS-Location: ' . buildURL('idpXrds')); $server =& getServer(); $method = $_SERVER['REQUEST_METHOD']; $request = null; if ($method == 'GET') { $request = $_GET; } else { $request = $_POST; } $request = $server->decodeRequest(); if (!$request) { return about_render(); } setRequestInfo($request); if (in_array($request->mode, array('checkid_immediate', 'checkid_setup'))) { // Redirect to indirect server here with a 307 code to redirect // the POST to the new location. Normal redirect (without 307) // causes a GET instead of a POST global $indirect_server_url; $new_location = $indirect_server_url; if ($method == 'GET') { // If the request comes in via get, we want to redirect // to a URL that includes the full query string. Otherwise // all that juicy data gets lost. This was a problem for GIMI, // which uses a ruby openid client. $new_location .= '?' . $_SERVER['QUERY_STRING']; } else { if ($method == 'POST') { $query = Auth_OpenID::getQuery(); $new_location .= '?' . http_build_query($query); } } header('Location: ' . $new_location, true, 307); exit; if ($request->idSelect()) { // Perform IDP-driven identifier selection if ($request->mode == 'checkid_immediate') { $response =& $request->answer(false); } else { return trust_render($request); } } else { if (!$request->identity && !$request->idSelect()) { // No identifier used or desired; display a page saying // so. return noIdentifier_render(); } else { if ($request->immediate) { $response =& $request->answer(false, buildURL()); } else { if (!getLoggedInUser()) { return login_render(); } return trust_render($request); } } } } else { $response =& $server->handleRequest($request); } $webresponse =& $server->encodeResponse($response); if ($webresponse->code != AUTH_OPENID_HTTP_OK) { header(sprintf("HTTP/1.1 %d ", $webresponse->code), true, $webresponse->code); } foreach ($webresponse->headers as $k => $v) { header("{$k}: {$v}"); } header(header_connection_close); print $webresponse->body; exit(0); }