public function checkAuth() { //if (!empty($_SESSION[$this->config->appname]['user']['id'])) { if (api_session::get('user')) { //api_log::log(api_log::INFO, 'Session exists'); //echo "Session exists"; return true; } return false; }
/** * Generate an authentication response * * @param */ function openid_provider_authentication_response($request) { //global $user; // If the user is not yet logged in, redirect to the login page before continuing. $user = api_session::get('user'); if (!$user) { //$_SESSION['openid_provider']['request'] = $request; // Set in endpoint method // api_session::set('openid_request', $request); $this->openid_redirect_http('/login'); } // Determine the realm (openid.trust_root in 1.x) $realm = empty($request['openid.realm']) ? $request['openid.trust_root'] : $request['openid.realm']; // Check if realm is OK? if (!$this->check_realm($realm)) { throw new Exception("Realm not ok"); $this->openid_redirect_http('/error'); } // Check for a directed identity request. if ($request['openid.identity'] == 'http://specs.openid.net/auth/2.0/identifier_select') { //$identity = url(openid_provider_user_url($user->uid), array('absolute' => TRUE)); $identity = 'http://local.openid_provider/user/' . $user['id'] . '/identity'; } else { $identity = $request['openid.identity']; if ($identity != url(openid_provider_user_url($user['id']), array('absolute' => TRUE))) { $response = openid_provider_authentication_error($request['openid.mode']); openid_redirect($request['openid.return_to'], $response); } } $response = array('openid.ns' => OPENID_NS_2_0, 'openid.mode' => 'id_res', 'openid.op_endpoint' => 'http://local.openid_provider/openid/provider', 'openid.identity' => $identity, 'openid.claimed_id' => $identity, 'openid.return_to' => $request['openid.return_to'], 'openid.response_nonce' => $this->openid_provider_nonce(), 'openid.assoc_handle' => $request['openid.assoc_handle'], 'openid.sreg.nickname' => $user['username'], 'openid.sreg.email' => $user['email']); // Is the RP requesting Immediate or Indirect mode? if ($request['openid.mode'] == 'checkid_immediate') { // TODO } $parts = parse_url($request['openid.return_to']); if (isset($parts['query'])) { $query = $parts['query']; $q = $this->openid_get_params($query); foreach ($q as $key => $val) { $response[$key] = $val; } } // calling hook_openid so we can do response parsing and send any pertinent data back to the user // TODO ???? //$response = array_merge($response, module_invoke_all('openid_provider', 'response', $response, $request)); // Skipping trust step, if the realm is ok then its trusted. $rp = $this->openid_provider_rp_load($user['id'], $realm); if (empty($rp)) { echo "Create rp"; $this->openid_provider_rp_save($user['id'], $realm, TRUE); } $rp = $this->openid_provider_rp_load($user['id'], $realm); echo "\nrp: "; print_r($rp); echo "\n"; if ($rp) { //$rp->auto_release) { $response = $this->openid_provider_sign($response); //$this->openid_provider_rp_save($user['id'], $realm, TRUE); return $this->openid_redirect_http($response['openid.return_to'], $response); } else { // Unset global post variable, otherwise FAPI will assume it has been // submitted against openid_provider_form. unset($_POST); //return drupal_get_form('openid_provider_form', $response, $realm); //$this->openid_redirect_http('/trust'); throw new Exception("Association error"); } }