예제 #1
0
/**
 * Handle a standard OpenID server request
 */
function action_default()
{
    $server =& getServer();
    $method = $_SERVER['REQUEST_METHOD'];
    $request = null;
    if ($method == 'GET') {
        $request = $_GET;
    } else {
        $request = $_POST;
    }
    $request = Auth_OpenID::fixArgs($request);
    $request = $server->decodeRequest($request);
    if (!$request) {
        return about_render();
    }
    setRequestInfo($request);
    if (in_array($request->mode, array('checkid_immediate', 'checkid_setup'))) {
        if (isTrusted($request->identity, $request->trust_root)) {
            $response =& $request->answer(true);
            $sreg = getSreg($request->identity);
            if (is_array($sreg)) {
                foreach ($sreg as $k => $v) {
                    $response->addField('sreg', $k, $v);
                }
            }
        } else {
            if ($request->immediate) {
                $response =& $request->answer(false, getServerURL());
            } else {
                if (!getLoggedInUser()) {
                    return login_render();
                }
                return trust_render($request);
            }
        }
    } else {
        $response =& $server->handleRequest($request);
    }
    $webresponse =& $server->encodeResponse($response);
    foreach ($webresponse->headers as $k => $v) {
        header("{$k}: {$v}");
    }
    header(header_connection_close);
    print $webresponse->body;
    exit(0);
}
예제 #2
0
 function test_cancel()
 {
     $request = new Auth_OpenID_CheckIDRequest('http://bombom.unittest/', 'http://burr.unittest/', 'http://burr.unittest/999', false);
     $response = new Auth_OpenID_CheckIDResponse($request, 'cancel');
     $webresponse = $this->encoder->encode($response);
     $this->assertEquals($webresponse->code, AUTH_OPENID_HTTP_REDIRECT);
     $this->assertTrue(array_key_exists('location', $webresponse->headers));
     $location = $webresponse->headers['location'];
     $parsed = parse_url($location);
     $query = array();
     parse_str($parsed['query'], $query);
     $query = Auth_OpenID::fixArgs($query);
     $this->assertFalse(array_key_exists('openid.sig', $query));
 }
예제 #3
0
 /**
  * Called to interpret the server's response to an OpenID
  * request. It is called in step 4 of the flow described in the
  * consumer overview.
  *
  * @param array $query An array of the query parameters (key =>
  * value pairs) for this HTTP request.
  *
  * @return Auth_OpenID_ConsumerResponse $response A instance of an
  * Auth_OpenID_ConsumerResponse subclass. The type of response is
  * indicated by the status attribute, which will be one of
  * SUCCESS, CANCEL, FAILURE, or SETUP_NEEDED.
  */
 function complete($query)
 {
     $query = Auth_OpenID::fixArgs($query);
     $loader = new Auth_OpenID_ServiceEndpointLoader();
     $endpoint_data = $this->session->get($this->_token_key);
     $endpoint = $loader->fromSession($endpoint_data);
     if ($endpoint === null) {
         $response = new Auth_OpenID_FailureResponse(null, 'No session state found');
     } else {
         $response = $this->consumer->complete($query, $endpoint);
         $this->session->del($this->_token_key);
     }
     if (in_array($response->status, array(Auth_OpenID_SUCCESS, Auth_OpenID_CANCEL))) {
         if ($response->identity_url !== null) {
             $disco = new Services_Yadis_Discovery($this->session, $response->identity_url, $this->session_key_prefix);
             $disco->cleanup();
         }
     }
     return $response;
 }
예제 #4
0
파일: Server.php 프로젝트: ErdemA/wikihow
 function wfSpecialOpenIDServer($par)
 {
     global $wgOut;
     $server =& OpenIDServer();
     switch ($par) {
         case 'Login':
             list($request, $sreg) = OpenIDServerFetchValues();
             $result = OpenIDServerLogin($request);
             if ($result) {
                 if (is_string($result)) {
                     OpenIDServerLoginForm($request, $result);
                     return;
                 } else {
                     OpenIDServerResponse($server, $result);
                     return;
                 }
             }
             break;
         case 'Trust':
             list($request, $sreg) = OpenIDServerFetchValues();
             $result = OpenIDServerTrust($request, $sreg);
             if ($result) {
                 if (is_string($result)) {
                     OpenIDServerTrustForm($request, $sreg, $result);
                     return;
                 } else {
                     OpenIDServerResponse($server, $result);
                     return;
                 }
             }
             break;
         default:
             if (strlen($par)) {
                 $wgOut->errorpage('openiderror', 'openiderrortext');
                 return;
             } else {
                 $method = $_SERVER['REQUEST_METHOD'];
                 $query = null;
                 if ($method == 'GET') {
                     $query = $_GET;
                 } else {
                     $query = $_POST;
                 }
                 $query = Auth_OpenID::fixArgs($query);
                 $request = $server->decodeRequest($query);
                 $sreg = OpenIdServerSregFromQuery($query);
                 $response = NULL;
                 break;
             }
     }
     if (!isset($request)) {
         $wgOut->errorpage('openiderror', 'openiderrortext');
         return;
     }
     global $wgUser;
     switch ($request->mode) {
         case "checkid_setup":
             $response = OpenIDServerCheck($server, $request, $sreg, false);
             break;
         case "checkid_immediate":
             $response = OpenIDServerCheck($server, $request, $sreg, true);
             break;
         default:
             # For all the other parts, just let the libs do it
             $response =& $server->handleRequest($request);
     }
     # OpenIDServerCheck returns NULL if some output (like a form)
     # has been done
     if (isset($response)) {
         # We're done; clear values
         OpenIDServerClearValues();
         OpenIDServerResponse($server, $response);
     }
 }
예제 #5
0
function render_serve($method, &$request, &$template)
{
    global $storage;
    $server =& getServer();
    $http_request = $request;
    $request = Auth_OpenID::fixArgs($request);
    $request = $server->decodeRequest($request);
    if (!$request) {
        Server_redirect(getServerURL());
    }
    if (is_a($request, 'Auth_OpenID_ServerError')) {
        Server_handleResponse($request);
    }
    setRequestInfo($request, Server_requestSregData($http_request));
    if (in_array($request->mode, array('checkid_immediate', 'checkid_setup'))) {
        $urls = array();
        $account = Server_getAccount();
        if ($account) {
            $urls = $storage->getUrlsForAccount($account);
        }
        if ($request->immediate && !$account) {
            $response =& $request->answer(false, getServerURL());
        } else {
            if ($account && $storage->isTrusted($account, $request->trust_root) && in_array($request->identity, $urls)) {
                $response =& $request->answer(true);
                addSregData($account, $response);
            } else {
                if ($account != $storage->getAccountForUrl($request->identity)) {
                    Server_clearAccount();
                    setRequestInfo($request, Server_requestSregData($http_request));
                    $http_request['action'] = 'trust';
                    Server_needAuth($http_request);
                } else {
                    if ($storage->isTrusted($account, $request->trust_root)) {
                        $response =& $request->answer(true);
                        addSregData($account, $response);
                    } else {
                        Server_redirect(getServerURL(), 'trust');
                    }
                }
            }
        }
    } else {
        $response =& $server->handleRequest($request);
    }
    setRequestInfo();
    Server_handleResponse($response);
}