Exemplo n.º 1
0
function run()
{
    $openid = getOpenIDURL();
    $consumer = getConsumer();
    // Begin the OpenID authentication process.
    $auth_request = $consumer->begin($openid);
    // No auth request means we can't begin OpenID.
    if (!$auth_request) {
        displayError("Authentication error; not a valid OpenID.");
    }
    $sreg_request = Auth_OpenID_SRegRequest::build(array('nickname'), array('fullname', 'email'));
    if ($sreg_request) {
        $auth_request->addExtension($sreg_request);
    }
    // Create attribute request object
    // See http://code.google.com/apis/accounts/docs/OpenID.html#Parameters for parameters
    // Usage: make($type_uri, $count=1, $required=false, $alias=null)
    $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/contact/email', 2, 1, 'email');
    $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/first', 1, 1, 'firstname');
    $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/last', 1, 1, 'lastname');
    // Create AX fetch request
    $ax = new Auth_OpenID_AX_FetchRequest();
    // Add attributes to AX fetch request
    foreach ($attribute as $attr) {
        $ax->add($attr);
    }
    $auth_request->addExtension($ax);
    $policy_uris = $_GET['policies'];
    $pape_request = new Auth_OpenID_PAPE_Request($policy_uris);
    if ($pape_request) {
        $auth_request->addExtension($pape_request);
    }
    // Redirect the user to the OpenID server for authentication.
    // Store the token for this authentication so we can verify the
    // response.
    // For OpenID 1, send a redirect.  For OpenID 2, use a Javascript
    // form to send a POST request to the server.
    if ($auth_request->shouldSendRedirect()) {
        $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo());
        // If the redirect URL can't be built, display an error
        // message.
        if (Auth_OpenID::isFailure($redirect_url)) {
            displayError("Could not redirect to server: " . $redirect_url->message);
        } else {
            // Send redirect.
            header("Location: " . $redirect_url);
        }
    } else {
        // Generate form markup and render it.
        $form_id = 'openid_message';
        $form_html = $auth_request->htmlMarkup(getTrustRoot(), getReturnTo(), false, array('id' => $form_id));
        // Display an error if the form markup couldn't be generated;
        // otherwise, render the HTML.
        if (Auth_OpenID::isFailure($form_html)) {
            displayError("Could not redirect to server: " . $form_html->message);
        } else {
            print $form_html;
        }
    }
}
Exemplo n.º 2
0
function make_request()
{
    //get openid identifier URL
    if (empty($_GET['openid_url'])) {
        $error = "Expected an OpenID URL.";
        print $error;
        exit(0);
    }
    $openid = $_GET['openid_url'];
    $consumer = get_consumer();
    //begin openid authentication
    $auth_request = $consumer->begin($openid);
    //no authentication available
    if (!$auth_request) {
        print "Authentication error; not a valid OpenID.";
    }
    //add openid extensions to the request
    $auth_request->addExtension(attach_ax());
    //attribute exchange
    //generate redirect url
    $return_url = sprintf("%s%s", APP_ROOT, FILE_COMPLETE);
    $trust_root = sprintf("http://%s%s/", $_SERVER['SERVER_NAME'], dirname($_SERVER['PHP_SELF']));
    $redirect_url = $auth_request->redirectURL($trust_root, $return_url);
    //attach oauth extension parameters to redirect url
    $hybrid_fields = array('openid.ns.oauth' => 'http://specs.openid.net/extensions/oauth/1.0', 'openid.oauth.consumer' => CONSUMER_KEY);
    $redirect_url .= '&' . http_build_query($hybrid_fields);
    //if no redirect available display error message, else redirect
    if (Auth_OpenID::isFailure($redirect_url)) {
        print "Could not redirect to server: " . $redirect_url->message;
    } else {
        header("Location: " . $redirect_url);
    }
}
Exemplo n.º 3
0
 public function validateIdentifier($validator, $values, $arguments = array())
 {
     $authRequest = $this->getAuthAdapter()->getConsumer()->begin($values['openid_identifier']);
     if (!$authRequest) {
         throw new sfValidatorError($validator, 'Authentication error: not a valid OpenID.');
     }
     $sregExchange = new opOpenIDProfileExchange('sreg');
     $authRequest->addExtension(Auth_OpenID_SRegRequest::build(array(), $sregExchange->getImportSupportedProfiles()));
     // for OpenID1
     if ($authRequest->shouldSendRedirect()) {
         $values['redirect_url'] = $authRequest->redirectURL($arguments['realm'], $arguments['return_to']);
         if (Auth_OpenID::isFailure($values['redirect_url'])) {
             throw new sfValidatorError($validator, 'Could not redirect to the server: ' . $values['redirect_url']->message);
         }
     } else {
         $axExchange = new opOpenIDProfileExchange('ax');
         $axRequest = new Auth_OpenID_AX_FetchRequest();
         foreach ($axExchange->getImportSupportedProfiles() as $key => $value) {
             $axRequest->add(Auth_OpenID_AX_AttrInfo::make($value, 1, false, 'profile_' . $key));
         }
         $authRequest->addExtension($axRequest);
         $values['redirect_html'] = $authRequest->htmlMarkup($arguments['realm'], $arguments['return_to']);
         if (Auth_OpenID::isFailure($values['redirect_html'])) {
             throw new sfValidatorError($validator, 'Could not redirect to the server: ' . $values['redirect_html']->message);
         }
     }
     return $values;
 }
Exemplo n.º 4
0
 /**
  * @throws InvalidArgumentException if an invalid OpenID was provided
  */
 public function authenticate($url, $return, $realm, $required = array(), $optional = array())
 {
     if (empty($realm)) {
         $realm = 'http' . (env('HTTPS') ? 's' : '') . '://' . env('SERVER_NAME');
     }
     if (trim($url) != '') {
         $consumer = $this->_consumer();
         $authRequest = $consumer->begin($url);
     }
     if (!isset($authRequest) || !$authRequest) {
         throw new InvalidArgumentException('Invalid OpenID');
     }
     $sregRequest = Auth_OpenID_SRegRequest::build($required, $optional);
     if ($sregRequest) {
         $authRequest->addExtension($sregRequest);
     }
     if (!$authRequest->shouldSendRedirect()) {
         $formId = 'openid_message';
         $formHtml = $authRequest->formMarkup($realm, $return, false, array('id' => $formId));
         if (Auth_OpenID::isFailure($formHtml)) {
             throw new Exception('Could not redirect to server: ' . $formHtml->message);
         }
         echo '<html><head><title>OpenID transaction in progress</title></head>' . "<body onload='document.getElementById(\"{$formId}\").submit()'>" . $formHtml . '</body></html>';
         exit;
     }
     $redirectUrl = $authRequest->redirectUrl($realm, $return);
     if (Auth_OpenID::isFailure($redirectUrl)) {
         throw new Exception('Could not redirect to server: ' . $redirectUrl->message);
     }
     $this->_controller->redirect($redirectUrl, null, true);
 }
Exemplo n.º 5
0
 public function try_auth($openid)
 {
     $url = HttpRequest::getPathUrl();
     $nb = strlen($url);
     $base_url = '';
     if ($nb == 0 || $url[$nb - 1] != "/") {
         $base_url = "http://" . $_SERVER['HTTP_HOST'] . $url . "/";
     } else {
         $base_url = "http://" . $_SERVER['HTTP_HOST'] . $url;
     }
     $trust_root = $base_url;
     $return_url = $base_url . 'index.php/openid/finish_auth';
     $store = new WMySqlStore(DbUtil::accessFactory());
     $store->createTables();
     $consumer =& new Auth_OpenID_Consumer($store);
     // Begin the OpenID authentication process.
     $auth_request = $consumer->begin($openid);
     // No auth request means we can't begin OpenID.
     if (!$auth_request) {
         $_SESSION['isError'] = true;
         $_SESSION['message'] = __("Authentication error; not a valid OpenID.");
         DefaultFC::redirection('users/index');
         exit;
     }
     // Redirect the user to the OpenID server for authentication.
     // Store the token for this authentication so we can verify the
     // response.
     // For OpenID 1, send a redirect.  For OpenID 2, use a Javascript
     // form to send a POST request to the server.
     if ($auth_request->shouldSendRedirect()) {
         $redirect_url = $auth_request->redirectURL($trust_root, $return_url);
         // If the redirect URL can't be built, display an error
         // message.
         if (Auth_OpenID::isFailure($redirect_url)) {
             $_SESSION['isError'] = true;
             $_SESSION['message'] = __("Could not redirect to server: ") . $redirect_url->message;
             DefaultFC::redirection('users/index');
             exit;
         } else {
             // Send redirect.
             header("Location: " . $redirect_url);
         }
     } else {
         // Generate form markup and render it.
         $form_id = 'openid_message';
         $form_html = $auth_request->htmlMarkup($trust_root, $return_url, false, array('id' => $form_id));
         // Display an error if the form markup couldn't be generated;
         // otherwise, render the HTML.
         if (Auth_OpenID::isFailure($form_html)) {
             $_SESSION['isError'] = true;
             $_SESSION['message'] = __("Could not redirect to server: ") . $form_html->message;
             DefaultFC::redirection('users/index');
             exit;
         } else {
             print $form_html;
         }
     }
 }
Exemplo n.º 6
0
 private function issueOpenid2Connexion(Auth_OpenID_AuthRequest $auth_request, $redirect_url)
 {
     $form_id = "openid_message";
     $form_html = $auth_request->htmlMarkup($this->getTrustRoot(), $this->getReturnTo($redirect_url), false, array('id' => $form_id));
     if (Auth_OpenID::isFailure($form_html)) {
         throw new OpenId_OpenIdException($GLOBALS['Language']->getText('plugin_openid', 'error_openid_connect'));
     }
     echo $form_html;
 }
Exemplo n.º 7
0
function run()
{
    $openid = getOpenIDURL();
    $consumer = getConsumer();
    $return_to = getReturnTo();
    // Begin the OpenID authentication process.
    $auth_request = $consumer->begin($openid);
    // No auth request means we can't begin OpenID.
    if (!$auth_request) {
        displayError("Authentication error; not a valid OpenID.");
    }
    // add AX request
    if ($_GET['ax'] == 'true') {
        $ax_request = new Auth_OpenID_AX_FetchRequest();
        global $ax_data;
        foreach ($ax_data as $ax_key => $ax_data_ns) {
            // set AX params
            if ($_GET['ax_' . $ax_key] == 'true') {
                $ax_request->add(new Auth_OpenID_AX_AttrInfo($ax_data_ns, 1, true, $ax_key));
            }
        }
        // add extension
        if ($ax_request) {
            $auth_request->addExtension($ax_request);
        }
    }
    // add UI extension request
    if ($_GET['ui'] == 'true') {
        $UI_request = new OpenID_UI_Request();
        // set icon
        if ($_GET['icon'] == 'true') {
            $UI_request->setIcon();
        }
        // set lang
        if ($_GET['lang'] == 'true' && $_GET['pref_lang']) {
            $UI_request->setLang($_GET['pref_lang']);
        }
        // set popup
        if ($_GET['popup'] == 'true') {
            $UI_request->setPopup();
            $return_to .= "popup=true";
        }
        $auth_request->addExtension($UI_request);
    } else {
        if ($_GET['callback'] == "ax") {
            $return_to .= "callback=ax";
        }
    }
    $redirect_url = $auth_request->redirectURL(getTrustRoot(), $return_to);
    if (Auth_OpenID::isFailure($redirect_url)) {
        displayError("Could not redirect to server: " . $redirect_url->message);
    } else {
        // Send redirect.
        header("Location: " . $redirect_url);
    }
}
Exemplo n.º 8
0
 function _requestAssociation($endpoint, $assoc_type, $session_type)
 {
     $m = array_pop($this->return_messages);
     if (is_a($m, 'Auth_OpenID_Message')) {
         return Auth_OpenID_ServerErrorContainer::fromMessage($m);
     } else {
         if (Auth_OpenID::isFailure($m)) {
             return $m;
         } else {
             return $m;
         }
     }
 }
Exemplo n.º 9
0
function run()
{
    $openid = getOpenIDURL();
    $consumer = getConsumer();
    // Begin the OpenID authentication process.
    $auth_request = $consumer->begin($openid);
    // No auth request means we can't begin OpenID.
    if (!$auth_request) {
        displayError("认证错误,不是有效的OpenID。");
    }
    $sreg_request = Auth_OpenID_SRegRequest::build(array('nickname', 'email'), array('gender'));
    //'nickname','fullname', 'email', 'dob','gender','postcode','country','language','timezone'
    if ($sreg_request) {
        $auth_request->addExtension($sreg_request);
    }
    /*NOTE:目前还很少有网站要用到PAPE这个功能
       $policy_uris = $_GET['policies'];
    
        $pape_request = new Auth_OpenID_PAPE_Request($policy_uris);
        if ($pape_request) {
            $auth_request->addExtension($pape_request);
        }
    	*/
    // Redirect the user to the OpenID server for authentication.
    // Store the token for this authentication so we can verify the
    // response.
    // For OpenID 1, send a redirect.  For OpenID 2, use a Javascript
    // form to send a POST request to the server.
    if ($auth_request->shouldSendRedirect()) {
        $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo());
        // If the redirect URL can't be built, display an error
        // message.
        if (Auth_OpenID::isFailure($redirect_url)) {
            displayError("不能跳转到: " . $redirect_url->message);
        } else {
            // Send redirect.
            header("Location: " . $redirect_url);
        }
    } else {
        // Generate form markup and render it.
        $form_id = 'openid_message';
        $form_html = $auth_request->htmlMarkup(getTrustRoot(), getReturnTo(), false, array('id' => $form_id));
        // Display an error if the form markup couldn't be generated;
        // otherwise, render the HTML.
        if (Auth_OpenID::isFailure($form_html)) {
            displayError("不能跳转到: " . $form_html->message);
        } else {
            print $form_html;
        }
    }
}
Exemplo n.º 10
0
function run()
{
    $openid = getOpenIDURL();
    $consumer = getConsumer();
    // Begin the OpenID authentication process.
    $auth_request = $consumer->begin($openid);
    // No auth request means we can't begin OpenID.
    if (!$auth_request) {
        displayError(_CORE_OID_URL_INVALID);
    }
    $sreg_request = Auth_OpenID_SRegRequest::build(array('nickname', 'email'), array('fullname', 'dob', 'gender', 'postcode', 'country', 'language', 'timezone'));
    if ($sreg_request) {
        $auth_request->addExtension($sreg_request);
    }
    $policy_uris = isset($_GET['policies']) ? filter_var($_GET['policies'], FILTER_SANITIZE_URL) : NULL;
    $pape_request = new Auth_OpenID_PAPE_Request($policy_uris);
    if ($pape_request) {
        $auth_request->addExtension($pape_request);
    }
    // Redirect the user to the OpenID server for authentication.
    // Store the token for this authentication so we can verify the
    // response.
    // For OpenID 1, send a redirect.  For OpenID 2, use a Javascript
    // form to send a POST request to the server.
    if ($auth_request->shouldSendRedirect()) {
        $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo());
        // If the redirect URL can't be built, display an error
        // message.
        if (Auth_OpenID::isFailure($redirect_url)) {
            //displayError("Could not redirect to server: " . $redirect_url->message);
        } else {
            // Send redirect.
            header('Location: ' . $redirect_url);
            exit;
        }
    } else {
        // Generate form markup and render it.
        $form_id = 'openid_message';
        $form_html = $auth_request->formMarkup(getTrustRoot(), getReturnTo(), FALSE, array('id' => $form_id));
        // Display an error if the form markup couldn't be generated;
        // otherwise, render the HTML.
        if (Auth_OpenID::isFailure($form_html)) {
            displayError(sprintf(_CORE_OID_REDIRECT_FAILED, $form_html->message));
        } else {
            $page_contents = array("<html><head><title>", _CORE_OID_INPROGRESS, "</title></head>", "<body onload='document.getElementById(\"" . $form_id . "\").submit()'>", $form_html, "</body></html>");
            print implode("\n", $page_contents);
        }
    }
}
Exemplo n.º 11
0
 function fromSuccessResponse(&$success_response, $signed_only = true)
 {
     $obj = new Auth_OpenID_OAuthResponse();
     $obj->ns_uri = Auth_OpenID_OAUTH_NS_URI;
     if ($signed_only) {
         $args = $success_response->getSignedNS($obj->ns_uri);
     } else {
         $args = $success_response->message->getArgs($obj->ns_uri);
     }
     if ($args === null || Auth_OpenID::isFailure($args)) {
         return null;
     }
     $obj->authorized_request_token = new OAuthToken($args['request_token'], '');
     return $obj;
 }
Exemplo n.º 12
0
 /**
  * @Route("/login", name="progrupa_3dwarehouse_auth_init")
  * @Template
  */
 public function authInitAction(Request $request)
 {
     if ($request->getMethod() == Request::METHOD_POST) {
         $openid = $request->get('sketchup_openid');
         $consumer = new \Auth_OpenID_Consumer(new \Auth_OpenID_FileStore(sys_get_temp_dir()));
         // Begin the OpenID authentication process.
         $auth_request = $consumer->begin($openid);
         // No auth request means we can't begin OpenID.
         if (!$auth_request) {
             return ['error' => "Authentication error; not a valid OpenID."];
         }
         $sreg_request = \Auth_OpenID_SRegRequest::build(['email'], []);
         if ($sreg_request) {
             $auth_request->addExtension($sreg_request);
         }
         $policy_uris = null;
         $pape_request = new \Auth_OpenID_PAPE_Request($policy_uris);
         if ($pape_request) {
             $auth_request->addExtension($pape_request);
         }
         // Redirect the user to the OpenID server for authentication.
         // Store the token for this authentication so we can verify the
         // response.
         // For OpenID 1, send a redirect.  For OpenID 2, use a Javascript
         // form to send a POST request to the server.
         if ($auth_request->shouldSendRedirect()) {
             $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo());
             // If the redirect URL can't be built, display an erro message.
             if (\Auth_OpenID::isFailure($redirect_url)) {
                 return ['error' => "Could not redirect to server: " . $redirect_url->message];
             } else {
                 // Send redirect.
                 return new RedirectResponse($redirect_url);
             }
         } else {
             // Generate form markup and render it.
             $form_id = 'openid_message';
             $form_html = $auth_request->htmlMarkup(getTrustRoot(), getReturnTo(), false, array('id' => $form_id));
             // Display an error if the form markup couldn't be generated otherwise, render the HTML.
             if (\Auth_OpenID::isFailure($form_html)) {
                 return ['error' => "Could not redirect to server: " . $form_html->message];
             } else {
                 return new Response($form_html);
             }
         }
     }
     return [];
 }
Exemplo n.º 13
0
function run()
{
    $openid = getOpenIDURL();
    $consumer = getConsumer();
    // Begin the OpenID authentication process.
    $auth_request = $consumer->begin($openid);
    // No auth request means we can't begin OpenID.
    if (!$auth_request) {
        displayError("Authentication error; not a valid OpenID.");
    }
    $sreg_request = Auth_OpenID_SRegRequest::build(array('nickname'), array('fullname', 'email'));
    if ($sreg_request) {
        $auth_request->addExtension($sreg_request);
    }
    $policy_uris = $_GET['policies'];
    $pape_request = new Auth_OpenID_PAPE_Request($policy_uris);
    if ($pape_request) {
        $auth_request->addExtension($pape_request);
    }
    // Redirect the user to the OpenID server for authentication.
    // Store the token for this authentication so we can verify the
    // response.
    // For OpenID 1, send a redirect.  For OpenID 2, use a Javascript
    // form to send a POST request to the server.
    if ($auth_request->shouldSendRedirect()) {
        $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo());
        // If the redirect URL can't be built, display an error
        // message.
        if (Auth_OpenID::isFailure($redirect_url)) {
            displayError("Could not redirect to server: " . $redirect_url->message);
        } else {
            // Send redirect.
            header("Location: " . $redirect_url);
        }
    } else {
        // Generate form markup and render it.
        $form_id = 'openid_message';
        $form_html = $auth_request->formMarkup(getTrustRoot(), getReturnTo(), false, array('id' => $form_id));
        // Display an error if the form markup couldn't be generated;
        // otherwise, render the HTML.
        if (Auth_OpenID::isFailure($form_html)) {
            displayError("Could not redirect to server: " . $form_html->message);
        } else {
            $page_contents = array("<html><head><title>", "OpenID transaction in progress", "</title></head>", "<body onload='document.getElementById(\"" . $form_id . "\").submit()'>", $form_html, "</body></html>");
            print implode("\n", $page_contents);
        }
    }
}
Exemplo n.º 14
0
/**
 * Send the user to their OpenID provider to authenticate.
 *
 * @param Auth_OpenID_AuthRequest $auth_request OpenID authentication request object
 * @param string $trust_root OpenID trust root
 * @param string $return_to URL where the OpenID provider should return the user
 */
function openid_redirect($auth_request, $trust_root, $return_to)
{
    do_action('openid_redirect', $auth_request, $trust_root, $return_to);
    $message = $auth_request->getMessage($trust_root, $return_to, false);
    if (Auth_OpenID::isFailure($message)) {
        return openid_error('Could not redirect to server: ' . $message->message);
    }
    $_SESSION['openid_return_to'] = $message->getArg(Auth_OpenID_OPENID_NS, 'return_to');
    // send 302 redirect or POST
    if ($auth_request->shouldSendRedirect()) {
        $redirect_url = $auth_request->redirectURL($trust_root, $return_to);
        wp_redirect($redirect_url);
    } else {
        openid_repost($auth_request->endpoint->server_url, $message->toPostArgs());
    }
}
Exemplo n.º 15
0
function make_request()
{
    //get openid identifier URL
    if (empty($_GET['openid_url'])) {
        $error = "Expected an OpenID URL.";
        print $error;
        exit(0);
    }
    $openid = $_GET['openid_url'];
    $consumer = get_consumer();
    //begin openid authentication
    $auth_request = $consumer->begin($openid);
    //no authentication available
    if (!$auth_request) {
        echo "Authentication error; not a valid OpenID.";
    }
    //add openid extensions to the request
    $auth_request->addExtension(attach_ax());
    //attribute exchange
    $auth_request->addExtension(attach_sreg());
    //simple registration
    $auth_request->addExtension(attach_pape());
    //pape policies
    $return_url = sprintf("%s%s", APP_ROOT, FILE_COMPLETE);
    $trust_root = sprintf("http://%s%s/", $_SERVER['SERVER_NAME'], dirname($_SERVER['PHP_SELF']));
    //openid v1 - send through redirect
    if ($auth_request->shouldSendRedirect()) {
        $redirect_url = $auth_request->redirectURL($trust_root, $return_url);
        //if no redirect available display error message, else redirect
        if (Auth_OpenID::isFailure($redirect_url)) {
            print "Could not redirect to server: " . $redirect_url->message;
        } else {
            header("Location: " . $redirect_url);
        }
        //openid v2 - use javascript form to send POST to server
    } else {
        //build form markup
        $form_id = 'openid_message';
        $form_html = $auth_request->htmlMarkup($trust_root, $return_url, false, array('id' => $form_id));
        //if markup cannot be built display error, else render form
        if (Auth_OpenID::isFailure($form_html)) {
            print "Could not redirect to server: " . $form_html->message;
        } else {
            print $form_html;
        }
    }
}
Exemplo n.º 16
0
 public static function login(Request &$request)
 {
     Pea::begin_loose_syntax();
     require_once 'Auth/OpenID/Consumer.php';
     require_once 'Auth/OpenID/FileStore.php';
     require_once 'Auth/OpenID/SReg.php';
     require_once 'Auth/OpenID/PAPE.php';
     if ($request->in_vars('openid_url') != "" || $request->in_vars('openid_verify')) {
         Log::debug("begin openid auth: " . $request->in_vars('openid_url'));
         // OpenID Auth
         $consumer = new Auth_OpenID_Consumer(new Auth_OpenID_FileStore(work_path('openid')));
         if ($request->is_vars('openid_verify')) {
             $response = $consumer->complete($request->request_url());
             if ($response->status == Auth_OpenID_SUCCESS) {
                 return $response->getDisplayIdentifier();
             }
         } else {
             $auth_request = $consumer->begin($request->in_vars('openid_url'));
             if (!$auth_request) {
                 throw new RuntimeException('invalid openid url');
             }
             $sreg_request = Auth_OpenID_SRegRequest::build(array('nickname'), array('fullname', 'email'));
             if ($sreg_request) {
                 $auth_request->addExtension($sreg_request);
             }
             if ($auth_request->shouldSendRedirect()) {
                 $redirect_url = $auth_request->redirectURL(url(), $request->request_url(false) . '?openid_verify=true');
                 if (Auth_OpenID::isFailure($redirect_url)) {
                     throw new RuntimeException("Could not redirect to server: {$redirect_url->message}");
                 } else {
                     $request->redirect($redirect_url);
                 }
             } else {
                 $form_html = $auth_request->htmlMarkup(url(), $request->request_url(false) . '?openid_verify=true', false, array('id' => 'openid_message'));
                 if (Auth_OpenID::isFailure($form_html)) {
                     throw new RuntimeException("Could not redirect to server: {$form_html->message}");
                 } else {
                     echo $form_html;
                     exit;
                 }
             }
         }
     }
     Pea::end_loose_syntax();
     return null;
 }
Exemplo n.º 17
0
function openid_try($url)
{
    $store = new Auth_OpenID_MySQLStore(theDb());
    $store->createTables();
    $consumer = new Auth_OpenID_Consumer($store);
    $auth_request = $consumer->begin($url);
    if (!$auth_request) {
        $_SESSION["auth_error"] = "Error: not a valid OpenID.";
        header("Location: ./");
    }
    $sreg_request = Auth_OpenID_SRegRequest::build(array('email'), array('nickname', 'fullname'));
    if ($sreg_request) {
        $auth_request->addExtension($sreg_request);
    }
    // Attribute Exchange (Google ignores Simple Registration)
    // See http://code.google.com/apis/accounts/docs/OpenID.html#Parameters for parameters
    $ax = new Auth_OpenID_AX_FetchRequest();
    $ax->add(Auth_OpenID_AX_AttrInfo::make('http://axschema.org/contact/email', 2, 1, 'email'));
    $ax->add(Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/first', 1, 1, 'firstname'));
    $ax->add(Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/last', 1, 1, 'lastname'));
    $auth_request->addExtension($ax);
    if ($auth_request->shouldSendRedirect()) {
        $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo());
        // If the redirect URL can't be built, display an error
        // message.
        if (Auth_OpenID::isFailure($redirect_url)) {
            die("Could not redirect to server: " . $redirect_url->message);
        } else {
            // Send redirect.
            header("Location: " . $redirect_url);
        }
    } else {
        // Generate form markup and render it.
        $form_id = 'openid_message';
        $form_html = $auth_request->htmlMarkup(getTrustRoot(), getReturnTo(), false, array('id' => $form_id));
        // Display an error if the form markup couldn't be generated;
        // otherwise, render the HTML.
        if (Auth_OpenID::isFailure($form_html)) {
            displayError("Could not redirect to server: " . $form_html->message);
        } else {
            print $form_html;
        }
    }
}
Exemplo n.º 18
0
function run()
{
    $openid = getOpenIDURL();
    $consumer = getConsumer();
    // Begin the OpenID authentication process.
    $auth_request = $consumer->begin($openid);
    // No auth request means we can't begin OpenID.
    if (!$auth_request) {
        // check for new install, if no, go to index, else goto new-install page
        require_once 'CRM/Core/BAO/UFMatch.php';
        $contactIds = CRM_Core_BAO_UFMatch::getContactIDs();
        if (count($contactIds) > 0) {
            displayError("Authentication error; not a valid OpenID.");
        } else {
            $session =& CRM_Core_Session::singleton();
            $session->set('new_install', true);
            include 'new_install.html';
            exit(1);
        }
    }
    $sreg_request = Auth_OpenID_SRegRequest::build(array('nickname'), array('fullname', 'email'));
    if ($sreg_request) {
        $auth_request->addExtension($sreg_request);
    }
    $policy_uris = null;
    if (isset($_REQUEST['policies'])) {
        $policy_uris = $_REQUEST['policies'];
    }
    $pape_request = new Auth_OpenID_PAPE_Request($policy_uris);
    if ($pape_request) {
        $auth_request->addExtension($pape_request);
    }
    $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo());
    // If the redirect URL can't be built, display an error
    // message.
    if (Auth_OpenID::isFailure($redirect_url)) {
        displayError("Could not redirect to server: " . $redirect_url->message);
    } else {
        // Send redirect.
        header("Location: " . $redirect_url);
        exit(2);
    }
}
Exemplo n.º 19
0
function run_try_auth()
{
    global $authSource;
    $openid = $_GET['openid_url'];
    $consumer = getConsumer();
    // Begin the OpenID authentication process.
    $auth_request = $consumer->begin($openid);
    // No auth request means we can't begin OpenID.
    if (!$auth_request) {
        displayError("Authentication error; not a valid OpenID.");
    }
    $sreg_request = Auth_OpenID_SRegRequest::build($authSource->getRequiredAttributes(), $authSource->getOptionalAttributes());
    if ($sreg_request) {
        $auth_request->addExtension($sreg_request);
    }
    // Redirect the user to the OpenID server for authentication.
    // Store the token for this authentication so we can verify the
    // response.
    // For OpenID 1, send a redirect.  For OpenID 2, use a Javascript
    // form to send a POST request to the server.
    if ($auth_request->shouldSendRedirect()) {
        $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo());
        // If the redirect URL can't be built, display an error message.
        if (Auth_OpenID::isFailure($redirect_url)) {
            displayError("Could not redirect to server: " . $redirect_url->message);
        } else {
            header("Location: " . $redirect_url);
            // Send redirect.
        }
    } else {
        // Generate form markup and render it.
        $form_id = 'openid_message';
        $form_html = $auth_request->formMarkup(getTrustRoot(), getReturnTo(), FALSE, array('id' => $form_id));
        // Display an error if the form markup couldn't be generated; otherwise, render the HTML.
        if (Auth_OpenID::isFailure($form_html)) {
            displayError("Could not redirect to server: " . $form_html->message);
        } else {
            echo '<html><head><title>OpenID transaction in progress</title></head>
            		<body onload=\'document.getElementById("' . $form_id . '").submit()\'>' . $form_html . '</body></html>';
        }
    }
}
Exemplo n.º 20
0
 private function begin($openid = NULL)
 {
     $store = new Auth_OpenID_FileStore($this->store_path);
     $consumer = new Auth_OpenID_Consumer($store);
     $auth_request = $consumer->begin($openid);
     if (!$auth_request) {
         throw new Exception(__('Authentication error: not a valid OpenID.'));
     }
     $sreg_request = Auth_OpenID_SRegRequest::build(array('email'), array('nickname', 'fullname'));
     if ($sreg_request) {
         $auth_request->addExtension($sreg_request);
     }
     $pape_request = new Auth_OpenID_PAPE_Request();
     if ($pape_request) {
         $auth_request->addExtension($pape_request);
     }
     // Build the redirect URL with the return page included
     $redirect_url = URL::site('openid/finish?return_to=' . Arr::get($_REQUEST, 'return_to', ''), TRUE);
     // Redirect the user to the OpenID server for authentication.
     // Store the token for this authentication so we can verify the response.
     // For OpenID 1, send a redirect:
     if ($auth_request->shouldSendRedirect()) {
         $redirect_url = $auth_request->redirectURL(URL::base(TRUE, TRUE), $redirect_url);
         if (Auth_OpenID::isFailure($redirect_url)) {
             throw new Exception(__('Could not redirect to server:') . ' ' . $redirect_url->message);
         }
         $this->request->redirect($redirect_url);
     } else {
         // the OpenID library will return a full html document
         // Auth_OpenID::autoSubmitHTML will wrap the form in body and html tags
         // see: mobules/openid/vendor/Auth/OpenID/Consumer.php
         $form_html = $auth_request->htmlMarkup(URL::base(TRUE, TRUE), $redirect_url, false, array('id' => 'openid_message'));
         // We just want the form HTML, so strip out the form
         $form_html = preg_replace('/^.*<html.*<form/im', '<form', $form_html);
         $form_html = preg_replace('/<\\/body>.*/im', '', $form_html);
         if (Auth_OpenID::isFailure($form_html)) {
             throw new Exception(__('Could not redirect to server:') . ' ' . $form_html->message);
         }
         $this->template->content->form = $form_html;
     }
 }
Exemplo n.º 21
0
function run()
{
    $openid = getOpenIDURL();
    $consumer = getConsumer();
    // Begin the OpenID authentication process.
    $auth_request = $consumer->begin($openid);
    // No auth request means we can't begin OpenID.
    if (!$auth_request) {
        displayError("Authentication error; not a valid OpenID." . "\n OpenID::" . $openid);
    }
    $oauth_req = new Auth_OpenID_OAuthRequest(CONSUMER_KEY);
    $auth_request->addExtension($oauth_req);
    // Redirect the user to the OpenID server for authentication.
    // Store the token for this authentication so we can verify the
    // response.
    // For OpenID 1, send a redirect.  For OpenID 2, use a Javascript
    // form to send a POST request to the server.
    if ($auth_request->shouldSendRedirect()) {
        $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo());
        // If the redirect URL can't be built, display an error
        // message.
        if (Auth_OpenID::isFailure($redirect_url)) {
            displayError("Could not redirect to server: " . $redirect_url->message);
        } else {
            // Send redirect.
            header("Location: " . $redirect_url);
        }
    } else {
        // Generate form markup and render it.
        $form_id = 'openid_message';
        $form_html = $auth_request->htmlMarkup(getTrustRoot(), getReturnTo(), false, array('id' => $form_id));
        // Display an error if the form markup couldn't be generated;
        // otherwise, render the HTML.
        if (Auth_OpenID::isFailure($form_html)) {
            displayError("Could not redirect to server: " . $form_html->message);
        } else {
            print $form_html;
        }
    }
}
Exemplo n.º 22
0
 /**
  * Returns null and sets a flash message on all errors.
  **/
 static function beginAuth($openid, $policyUris)
 {
     $consumer = self::getConsumer();
     $auth_request = $consumer->begin($openid);
     if (!$auth_request) {
         FlashMessage::add('Ați introdus un OpenID incorect.');
         return null;
     }
     $sreg_request = Auth_OpenID_SRegRequest::build(array('nickname'), array('fullname', 'email'));
     if ($sreg_request) {
         $auth_request->addExtension($sreg_request);
     }
     $ax = new Auth_OpenID_AX_FetchRequest();
     $ax->add(Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson', 1, 1, 'fullname'));
     $ax->add(Auth_OpenID_AX_AttrInfo::make('http://axschema.org/contact/email', 1, 1, 'email'));
     $ax->add(Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/first', 1, 1, 'firstname'));
     $ax->add(Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/last', 1, 1, 'lastname'));
     $auth_request->addExtension($ax);
     // For OpenID 1, send a redirect.  For OpenID 2, use a Javascript form to send a POST request to the server.
     if ($auth_request->shouldSendRedirect()) {
         $redirect_url = $auth_request->redirectURL(util_getFullServerUrl(), self::getReturnTo());
         if (Auth_OpenID::isFailure($redirect_url)) {
             FlashMessage::add('Nu vă putem redirecționa către serverul OpenID: ' . $redirect_url->message);
             return null;
         } else {
             header("Location: {$redirect_url}");
             exit;
         }
     } else {
         $form_html = $auth_request->htmlMarkup(util_getFullServerUrl(), self::getReturnTo(), false, array('id' => 'openid_message'));
         if (Auth_OpenID::isFailure($form_html)) {
             FlashMessage::add('Nu vă putem redirecționa către serverul OpenID: ' . $form_html->message);
             return null;
         } else {
             print $form_html;
         }
     }
 }
Exemplo n.º 23
0
 public function googleAction()
 {
     $consumer = $this->getGoogleConsumer();
     $url = 'https://www.google.com/accounts/o8/id';
     $auth_request = $consumer->begin($url);
     if (!$auth_request) {
         return $this->alert('Authentication error, not a valid OpenID', '/');
     }
     $ax = new Auth_OpenID_AX_FetchRequest();
     $ax->add(Auth_OpenID_AX_AttrInfo::make('http://axschema.org/contact/email', 2, 1, 'email'));
     $auth_request->addExtension($ax);
     $pape_request = new Auth_OpenID_PAPE_Request(null);
     $auth_request->addExtension($pape_request);
     $form_id = 'openid_message';
     $form_html = $auth_request->htmlMarkup('http://' . $_SERVER['HTTP_HOST'], 'http://' . $_SERVER['HTTP_HOST'] . '/login/googledone', false, array('id' => $form_id));
     // Display an error if the form markup couldn't be generated;
     // otherwise, render the HTML.
     if (Auth_OpenID::isFailure($form_html)) {
         $this->alert("Could not redirect to server: " . $form_html->message, '/');
     } else {
         print $form_html;
         return $this->noview();
     }
 }
Exemplo n.º 24
0
 /**
  * Perform first pass through login handler routine
  *
  * @access	private
  * @return	mixed		Boolean on failure else output/redirect
  */
 private function _doFirstPass()
 {
     //-----------------------------------------
     // Do the same cleaning we do when storing url
     //-----------------------------------------
     $url = trim($this->request['openid_url']);
     $url = rtrim($url, "/");
     if (!strpos($url, 'http://') === 0 and !strpos($url, 'https://') === 0) {
         $url = 'http://' . $url;
     }
     if (!IPSText::xssCheckUrl($url)) {
         $this->auth_errors[] = 'bad_url';
         $this->return_code = 'WRONG_AUTH';
         return false;
     }
     $consumer = $this->_getConsumer();
     if (!is_object($consumer)) {
         return false;
     }
     //-----------------------------------------
     // Store some of the input data..
     //-----------------------------------------
     $id = md5(uniqid(mt_rand(), true));
     $this->DB->delete('openid_temp', "fullurl='" . $url . "'");
     $this->DB->insert('openid_temp', array('id' => $id, 'referrer' => $this->request['referer'], 'cookiedate' => intval($this->request['rememberMe']), 'privacy' => intval($this->request['anonymous']), 'fullurl' => $url));
     //-----------------------------------------
     // Set the URLs
     //-----------------------------------------
     $openid = $url;
     if ($this->is_admin_auth) {
         $process_url = $this->settings['base_url'] . 'app=core&module=login&do=login-complete&firstpass=1&myopenid=' . $id;
     } else {
         $process_url = $this->settings['base_url'] . 'app=core&module=global&section=login&do=process&firstpass=1&myopenid=' . $id;
     }
     $trust_root = strpos($this->settings['base_url'], '.php') !== false ? substr($this->settings['base_url'], 0, strpos($this->settings['base_url'], '.php') + 4) : $this->settings['base_url'];
     $policy_url = $this->openid_config['openid_policy'];
     //-----------------------------------------
     // Begin OpenID Auth
     //-----------------------------------------
     $auth_request = $consumer->begin($openid);
     if (!$auth_request) {
         $this->return_code = 'WRONG_OPENID';
         $this->auth_errors[] = 'bad_request';
         return false;
     }
     //-----------------------------------------
     // Set required, optional, policy attribs
     //-----------------------------------------
     $sreg_request = Auth_OpenID_SRegRequest::build(explode(',', $this->openid_config['args_req']), explode(',', $this->openid_config['args_opt']), $policy_url);
     if ($sreg_request) {
         $auth_request->addExtension($sreg_request);
     }
     //-----------------------------------------
     // Redirect user
     //-----------------------------------------
     $redirect_url = $auth_request->redirectURL($trust_root, $process_url);
     if ($this->request['module'] == 'ajax') {
         require_once IPS_KERNEL_PATH . 'classAjax.php';
         $ajax = new classAjax();
         $ajax->returnJsonArray(array('url' => $redirect_url));
     }
     // If the redirect URL can't be built, try HTML inline
     if (!Auth_OpenID::isFailure($redirect_url)) {
         header("Location: " . $redirect_url);
         exit;
     } else {
         $form_id = 'openid_message';
         $form_html = $auth_request->formMarkup($trust_root, $process_url, false, array('id' => $form_id));
         // Display an error if the form markup couldn't be generated;
         if (Auth_OpenID::isFailure($form_html)) {
             $this->return_code = 'WRONG_AUTH';
             $this->auth_errors[] = 'bad_request';
             return false;
         } else {
             $page_contents = array("<html><head><title>", "OpenID transaction in progress", "</title></head>", "<body onload='document.getElementById(\"" . $form_id . "\").submit()'>", $form_html, "</body></html>");
             print implode("\n", $page_contents);
             exit;
         }
     }
 }
Exemplo n.º 25
0
 /**
  * Create a C{L{SRegResponse}} object from a successful OpenID
  * library response
  * (C{L{openid.consumer.consumer.SuccessResponse}}) response
  * message
  *
  * success_response: A SuccessResponse from consumer.complete()
  *
  * signed_only: Whether to process only data that was
  * signed in the id_res message from the server.
  *
  * Returns a simple registration response containing the data that
  * was supplied with the C{id_res} response.
  */
 function fromSuccessResponse(&$success_response, $signed_only = true)
 {
     global $Auth_OpenID_sreg_data_fields;
     $obj = new Auth_OpenID_SRegResponse();
     $obj->ns_uri = $obj->_getSRegNS($success_response->message);
     if ($signed_only) {
         $args = $success_response->getSignedNS($obj->ns_uri);
     } else {
         $args = $success_response->message->getArgs($obj->ns_uri);
     }
     if ($args === null || Auth_OpenID::isFailure($args)) {
         return null;
     }
     foreach ($Auth_OpenID_sreg_data_fields as $field_name => $desc) {
         if (in_array($field_name, array_keys($args))) {
             $obj->data[$field_name] = $args[$field_name];
         }
     }
     return $obj;
 }
Exemplo n.º 26
0
 /**
  * Show the "login" page
  *
  * @return string Returns the "login" page as HTML code.
  */
 public function login()
 {
     try {
         if (!defined('OPENSTACKID_ENABLED') || OPENSTACKID_ENABLED == false) {
             return parent::login();
         }
         $member = Member::currentUser();
         if ($member) {
             // user is already logged in
             return $this->redirect(OpenStackIdCommon::getRedirectBackUrl());
         }
         if (!Director::is_https()) {
             OpenStackIdCommon::redirectToSSL($_SERVER['REQUEST_URI']);
         }
         // Begin the OpenID authentication process.
         $auth_request = $this->consumer->begin(IDP_OPENSTACKID_URL);
         //remove jainrain nonce
         unset($auth_request->return_to_args['janrain_nonce']);
         // No auth request means we can't begin OpenID.
         if (!$auth_request) {
             throw new Exception("The OpenID authentication failed.");
         }
         if (Auth_OpenID_supportsSReg($auth_request->endpoint)) {
             //SREG
             $sreg_request = Auth_OpenID_SRegRequest::build(array('email', 'fullname'), array('country', 'language'));
             if ($sreg_request) {
                 $auth_request->addExtension($sreg_request);
             }
         } else {
             //AX
             // Create attribute request object
             // See http://code.google.com/apis/accounts/docs/OpenID.html#Parameters for parameters
             // Usage: make($type_uri, $count=1, $required=false, $alias=null)
             $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/contact/email', 1, 1, 'email');
             $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/first', 1, 1, 'firstname');
             $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/last', 1, 1, 'lastname');
             $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson', 1, 1, 'fullname');
             // Create AX fetch request
             $ax = new Auth_OpenID_AX_FetchRequest();
             // Add attributes to AX fetch request
             foreach ($attribute as $attr) {
                 $ax->add($attr);
             }
             // Add AX fetch request to authentication request
             $auth_request->addExtension($ax);
         }
         //Redirect the user to the OpenID server for authentication .
         // Store the token for this authentication so we can verify the
         // response.
         // For OpenID 1, send a redirect.  For OpenID 2, use a Javascript
         // form to send a POST request to the server.
         if ($auth_request->shouldSendRedirect()) {
             $redirect_url = $auth_request->redirectURL($this->getTrustRoot(), $this->getReturnTo());
             // If the redirect URL can't be built, display an error
             // message.
             if (Auth_OpenID::isFailure($redirect_url)) {
                 echo "Could not redirect to server: " . $redirect_url->message;
             } else {
                 // Send redirect.
                 header("Location: " . $redirect_url);
             }
         } else {
             // Generate form markup and render it.
             $form_id = 'openid_message';
             $form_html = $auth_request->htmlMarkup(OpenStackIdCommon::getTrustRoot(), OpenStackIdCommon::getReturnTo(), false, array('id' => $form_id));
             // Display an error if the form markup couldn't be generated;
             // otherwise, render the HTML.
             if (Auth_OpenID::isFailure($form_html)) {
                 echo "Could not redirect to server: " . $form_html->message;
             } else {
                 print $form_html;
             }
         }
         exit;
     } catch (Exception $ex) {
         SS_Log::log($ex, SS_Log::WARN);
         Session::set("Security.Message.message", $ex->getMessage());
         Session::set("Security.Message.type", "bad");
         return $this->redirect("Security/badlogin");
     }
 }
Exemplo n.º 27
0
 /**
  * Returns URL to which user can be directed for 
  * authentication via CS50 ID.
  *
  * @param trust_root  URL that CS50 ID should prompt user to trust
  * @param return_to   URL to which CS50 ID should return user
  * @param fields      Simple Registration fields to request from CS50 ID
  * @param attributes  Attribute Exchange attributes to request from CS50 ID
  *
  * @return URL for CS50 ID
  */
 public static function getLoginUrl($trust_root, $return_to, $fields = ["email", "fullname"], $attributes = [])
 {
     // ignore Janrain's use of deprecated functions
     $error_reporting = error_reporting();
     error_reporting($error_reporting & ~E_DEPRECATED);
     // load Janrain's libary
     set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . DIRECTORY_SEPARATOR . "share" . DIRECTORY_SEPARATOR . "php-openid-2.3.0");
     require_once "Auth/OpenID/AX.php";
     require_once "Auth/OpenID/Consumer.php";
     require_once "Auth/OpenID/FileStore.php";
     require_once "Auth/OpenID/SReg.php";
     // ensure $_SESSION exists for Yadis
     @session_start();
     // prepare filesystem-based store
     $path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . md5($return_to);
     @mkdir($path, 0700);
     if (!is_dir($path)) {
         trigger_error("Could not create {$path}", E_USER_ERROR);
     }
     if (!is_readable($path)) {
         trigger_error("Could not read from {$path}", E_USER_ERROR);
     }
     if (!is_writable($path)) {
         trigger_error("Could not write to {$path}", E_USER_ERROR);
     }
     $store = new Auth_OpenID_FileStore($path);
     // prepare request
     $consumer = new Auth_OpenID_Consumer($store);
     $auth_request = $consumer->begin("https://id.cs50.net/");
     // request Simple Registration fields
     if (is_array($fields) && count($fields) > 0) {
         $sreg_request = Auth_OpenID_SRegRequest::build(null, $fields);
         $auth_request->addExtension($sreg_request);
     }
     // request Attribute Exchange attributes
     if (is_array($attributes) && count($attributes) > 0) {
         $ax_request = new Auth_OpenID_AX_FetchRequest();
         foreach ($attributes as $attribute) {
             $ax_request->add(Auth_OpenID_AX_AttrInfo::make($attribute, 1, false));
         }
         $auth_request->addExtension($ax_request);
     }
     // generate URL for redirection
     $redirect_url = $auth_request->redirectURL($trust_root, $return_to);
     // restore error_reporting
     error_reporting($error_reporting);
     // return URL unless error
     if (Auth_OpenID::isFailure($redirect_url)) {
         trigger_error($redirect_url->message);
         return false;
     } else {
         return $redirect_url;
     }
 }
Exemplo n.º 28
0
	function defaultDecoder($message)
	{
		$mode = $message->getArg(Auth_OpenID_OPENID_NS, 'mode');

		if (Auth_OpenID::isFailure($mode)) {
			return new Auth_OpenID_ServerError($message,
			$mode->message);
		}

		return new Auth_OpenID_ServerError($message,
		sprintf("Unrecognized OpenID mode %s", $mode));
	}
Exemplo n.º 29
0
            $redirect_url = $auth_request->redirectURL($POD->siteRoot(false) . '/openid', $POD->siteRoot(false) . '/openid?mode=verify');
            // If the redirect URL can't be built, display an error
            // message.
            if (Auth_OpenID::isFailure($redirect_url)) {
                $POD->addMessage("Could not redirect to server: " . $redirect_url->message);
            } else {
                // Send redirect.
                header("Location: " . $redirect_url);
                exit;
            }
        } else {
            $form_id = 'openid_message';
            $form_html = $auth_request->htmlMarkup($POD->siteRoot(false), $POD->siteRoot(false) . '/openid?mode=verify', false, array('id' => $form_id));
            // Display an error if the form markup couldn't be generated;
            // otherwise, render the HTML.
            if (Auth_OpenID::isFailure($form_html)) {
                $POD->addMessage("Could not redirect to server: " . $form_html->message);
            } else {
                print $form_html;
                exit;
            }
        }
    }
}
if ($_GET['mode'] == "verify") {
    // did I just succeed in verifying an openid?
    $consumer = getConsumer($POD);
    // Complete the authentication process using the server's
    // response.
    $return_to = $POD->siteRoot(false) . '/openid?mode=verify';
    $response = $consumer->complete($return_to);
Exemplo n.º 30
0
Arquivo: Do.php Projeto: riaf/pastit 
 /**
  *  login_do action implementation.
  *
  *  @access public
  *  @return string  forward name.
  */
 public function perform()
 {
     require_once 'Auth/OpenID.php';
     require_once "Auth/OpenID/Consumer.php";
     require_once "Auth/OpenID/FileStore.php";
     require_once "Auth/OpenID/SReg.php";
     require_once "Auth/OpenID/PAPE.php";
     $store_path = $this->backend->getController()->getDirectory('tmp') . "/openid_filestore";
     $consumer = new Auth_OpenID_Consumer(new Auth_OpenID_FileStore($store_path));
     $auth_request = $consumer->begin($this->af->get('url'));
     if (!$auth_request) {
         $this->ae->add(null, "OpenID が不正です");
         return 'login';
     }
     $sreg_request = Auth_OpenID_SRegRequest::build(array('nickname'), array());
     if ($sreg_request) {
         $auth_request->addExtension($sreg_request);
     }
     if ($auth_request->shouldSendRedirect()) {
         $redirect_url = $auth_request->redirectURL($this->config->get('url'), $this->config->get('url') . "login_finish");
         // If the redirect URL can't be built, display an error
         // message.
         if (Auth_OpenID::isFailure($redirect_url)) {
             $this->ae->add(null, "Could not redirect to server: " . $redirect_url->message);
             return 'login';
         } else {
             return array('redirect', $redirect_url);
         }
     } else {
         // Generate form markup and render it.
         $form_html = $auth_request->formMarkup($this->config->get('url'), $this->config->get('url') . "login_finish", false, array('id' => 'openid_form'));
         // Display an error if the form markup couldn't be generated;
         // otherwise, render the HTML.
         if (Auth_OpenID::isFailure($form_html)) {
             $this->ae->add(null, "Could not redirect to server: " . $form_html->message);
             return 'login';
         } else {
             return array('login_do', $form_html);
         }
     }
     return 'login_do';
 }