/**
* Handle a standard OpenID server request
*/
function action_default()
{
$server =& getServer();
$method = $_SERVER['REQUEST_METHOD'];
$request = null;
if ($method == 'GET') {
$request = $_GET;
} else {
$request = $_POST;
}
$request = Auth_OpenID::fixArgs($request);
$request = $server->decodeRequest($request);
if (!$request) {
return about_render();
}
setRequestInfo($request);
if (in_array($request->mode, array('checkid_immediate', 'checkid_setup'))) {
if (isTrusted($request->identity, $request->trust_root)) {
$response =& $request->answer(true);
$sreg = getSreg($request->identity);
if (is_array($sreg)) {
foreach ($sreg as $k => $v) {
$response->addField('sreg', $k, $v);
}
}
} else {
if ($request->immediate) {
$response =& $request->answer(false, getServerURL());
} else {
if (!getLoggedInUser()) {
return login_render();
}
return trust_render($request);
}
}
} else {
$response =& $server->handleRequest($request);
}
$webresponse =& $server->encodeResponse($response);
foreach ($webresponse->headers as $k => $v) {
header("{$k}: {$v}");
}
header(header_connection_close);
print $webresponse->body;
exit(0);
}
function test_cancel()
{
$request = new Auth_OpenID_CheckIDRequest('http://bombom.unittest/', 'http://burr.unittest/', 'http://burr.unittest/999', false);
$response = new Auth_OpenID_CheckIDResponse($request, 'cancel');
$webresponse = $this->encoder->encode($response);
$this->assertEquals($webresponse->code, AUTH_OPENID_HTTP_REDIRECT);
$this->assertTrue(array_key_exists('location', $webresponse->headers));
$location = $webresponse->headers['location'];
$parsed = parse_url($location);
$query = array();
parse_str($parsed['query'], $query);
$query = Auth_OpenID::fixArgs($query);
$this->assertFalse(array_key_exists('openid.sig', $query));
}
/**
* Called to interpret the server's response to an OpenID
* request. It is called in step 4 of the flow described in the
* consumer overview.
*
* @param array $query An array of the query parameters (key =>
* value pairs) for this HTTP request.
*
* @return Auth_OpenID_ConsumerResponse $response A instance of an
* Auth_OpenID_ConsumerResponse subclass. The type of response is
* indicated by the status attribute, which will be one of
* SUCCESS, CANCEL, FAILURE, or SETUP_NEEDED.
*/
function complete($query)
{
$query = Auth_OpenID::fixArgs($query);
$loader = new Auth_OpenID_ServiceEndpointLoader();
$endpoint_data = $this->session->get($this->_token_key);
$endpoint = $loader->fromSession($endpoint_data);
if ($endpoint === null) {
$response = new Auth_OpenID_FailureResponse(null, 'No session state found');
} else {
$response = $this->consumer->complete($query, $endpoint);
$this->session->del($this->_token_key);
}
if (in_array($response->status, array(Auth_OpenID_SUCCESS, Auth_OpenID_CANCEL))) {
if ($response->identity_url !== null) {
$disco = new Services_Yadis_Discovery($this->session, $response->identity_url, $this->session_key_prefix);
$disco->cleanup();
}
}
return $response;
}
function wfSpecialOpenIDServer($par)
{
global $wgOut;
$server =& OpenIDServer();
switch ($par) {
case 'Login':
list($request, $sreg) = OpenIDServerFetchValues();
$result = OpenIDServerLogin($request);
if ($result) {
if (is_string($result)) {
OpenIDServerLoginForm($request, $result);
return;
} else {
OpenIDServerResponse($server, $result);
return;
}
}
break;
case 'Trust':
list($request, $sreg) = OpenIDServerFetchValues();
$result = OpenIDServerTrust($request, $sreg);
if ($result) {
if (is_string($result)) {
OpenIDServerTrustForm($request, $sreg, $result);
return;
} else {
OpenIDServerResponse($server, $result);
return;
}
}
break;
default:
if (strlen($par)) {
$wgOut->errorpage('openiderror', 'openiderrortext');
return;
} else {
$method = $_SERVER['REQUEST_METHOD'];
$query = null;
if ($method == 'GET') {
$query = $_GET;
} else {
$query = $_POST;
}
$query = Auth_OpenID::fixArgs($query);
$request = $server->decodeRequest($query);
$sreg = OpenIdServerSregFromQuery($query);
$response = NULL;
break;
}
}
if (!isset($request)) {
$wgOut->errorpage('openiderror', 'openiderrortext');
return;
}
global $wgUser;
switch ($request->mode) {
case "checkid_setup":
$response = OpenIDServerCheck($server, $request, $sreg, false);
break;
case "checkid_immediate":
$response = OpenIDServerCheck($server, $request, $sreg, true);
break;
default:
# For all the other parts, just let the libs do it
$response =& $server->handleRequest($request);
}
# OpenIDServerCheck returns NULL if some output (like a form)
# has been done
if (isset($response)) {
# We're done; clear values
OpenIDServerClearValues();
OpenIDServerResponse($server, $response);
}
}
function render_serve($method, &$request, &$template)
{
global $storage;
$server =& getServer();
$http_request = $request;
$request = Auth_OpenID::fixArgs($request);
$request = $server->decodeRequest($request);
if (!$request) {
Server_redirect(getServerURL());
}
if (is_a($request, 'Auth_OpenID_ServerError')) {
Server_handleResponse($request);
}
setRequestInfo($request, Server_requestSregData($http_request));
if (in_array($request->mode, array('checkid_immediate', 'checkid_setup'))) {
$urls = array();
$account = Server_getAccount();
if ($account) {
$urls = $storage->getUrlsForAccount($account);
}
if ($request->immediate && !$account) {
$response =& $request->answer(false, getServerURL());
} else {
if ($account && $storage->isTrusted($account, $request->trust_root) && in_array($request->identity, $urls)) {
$response =& $request->answer(true);
addSregData($account, $response);
} else {
if ($account != $storage->getAccountForUrl($request->identity)) {
Server_clearAccount();
setRequestInfo($request, Server_requestSregData($http_request));
$http_request['action'] = 'trust';
Server_needAuth($http_request);
} else {
if ($storage->isTrusted($account, $request->trust_root)) {
$response =& $request->answer(true);
addSregData($account, $response);
} else {
Server_redirect(getServerURL(), 'trust');
}
}
}
}
} else {
$response =& $server->handleRequest($request);
}
setRequestInfo();
Server_handleResponse($response);
}