예제 #1
0
 public function extract(array $data)
 {
     $record = new SetupRequest();
     $record->setParams($data);
     if (isset($data['openid_claimed_id'])) {
         $record->setClaimedId($data['openid_claimed_id']);
     }
     if (isset($data['openid_identity'])) {
         $record->setIdentity($data['openid_identity']);
     }
     if (isset($data['openid_assoc_handle'])) {
         $record->setAssocHandle($data['openid_assoc_handle']);
     }
     if (isset($data['openid_return_to'])) {
         $record->setReturnTo($data['openid_return_to']);
     }
     if (isset($data['openid_realm'])) {
         $record->setRealm($data['openid_realm']);
     }
     return $record;
 }
예제 #2
0
파일: Signon.php 프로젝트: visapi/amun
    public function onCheckidSetup(SetupRequest $request)
    {
        // check whether authenticated
        if (!$this->isAuthenticated()) {
            $loginUrl = $this->config['psx_url'] . '/' . $this->config['psx_dispatch'] . 'login';
            $selfUrl = new Url($this->base->getSelf());
            $values = array_merge($_GET, $_POST);
            foreach ($values as $key => $value) {
                $selfUrl->addParam($key, $value);
            }
            //$selfUrl->addParam('openid.mode', 'checkid_setup');
            //$selfUrl->addParam('openid.ns', self::NS);
            header('Location: ' . $loginUrl . '?redirect=' . urlencode(strval($selfUrl)));
            exit;
        }
        // check association
        $sql = <<<SQL
SELECT
\t`assoc`.`id`,
\t`assoc`.`expires`,
\t`assoc`.`date`
FROM 
\t{$this->registry['table.openid_assoc']} `assoc`
WHERE 
\t`assoc`.`assocHandle` = ?
SQL;
        $row = $this->sql->getRow($sql, array($request->getAssocHandle()));
        if (!empty($row)) {
            // check expire
            $now = new DateTime('NOW', $this->registry['core.default_timezone']);
            $expire = (int) $row['expires'];
            if (time() > $now->getTimestamp() + $expire) {
                throw new Exception('Association is expired');
            }
        } else {
            if (!$request->isImmediate()) {
                // create association
                $date = new DateTime('NOW', $this->registry['core.default_timezone']);
                $assocHandle = ProviderAbstract::generateHandle();
                $secret = base64_encode(ProviderAbstract::randomBytes(20));
                $this->sql->insert($this->registry['table.openid_assoc'], array('assocHandle' => $assocHandle, 'assocType' => 'HMAC-SHA1', 'sessionType' => 'DH-SHA1', 'secret' => $secret, 'expires' => self::EXPIRE, 'date' => $date->format(DateTime::SQL)));
                // set assoc handle
                $request->setAssocHandle($assocHandle);
            } else {
                throw new Exception('Invalid association');
            }
        }
        // count connect requests
        /*
        $maxCount = 5;
        $con      = new PSX_Sql_Condition(array('userId', '=', $this->user->getId()), array('status', '=', AmunService_Oauth_Record::TEMPORARY));
        $count    = $this->sql->count($this->registry['table.oauth_request'], $con);
        
        if($count > $maxCount)
        {
        	$conDelete = new PSX_Sql_Condition();
        	$result    = $this->sql->select($this->registry['table.oauth_request'], array('id', 'expire', 'date'), $con, PSX_Sql::SELECT_ALL);
        
        	foreach($result as $row)
        	{
        		$now  = new DateTime('NOW', $this->registry['core.default_timezone']);
        		$date = new DateTime($row['date'], $this->registry['core.default_timezone']);
        		$date->add(new DateInterval($row['expire']));
        
        		if($now > $date)
        		{
        			$conDelete->add('id', '=', $row['id'], 'OR');
        		}
        	}
        
        	if($conDelete->hasCondition())
        	{
        		$this->sql->delete($this->registry['table.oauth_request'], $conDelete);
        	}
        
        	throw new Exception('You can have max ' . $maxCount . ' temporary account connect requests. Each request expires after 30 hour');
        }
        */
        // save request params
        $_SESSION['amun_openid_request'] = $request;
        // redirect
        header('Location: ' . $this->config['psx_url'] . '/' . $this->config['psx_dispatch'] . 'login/connect');
        exit;
    }