/** * Handle a standard OpenID server request */ function action_default() { global $store; $server =& getServer(); $method = $_SERVER['REQUEST_METHOD']; /*$request = null; if ($method == 'GET') { $request = $_GET; } else { $request = $_POST; } */ $request = $server->decodeRequest(); if (!$request) { return ""; //about_render(); } setRequestInfo($request); if (in_array($request->mode, array('checkid_immediate', 'checkid_setup'))) { $identity = getLoggedInUser(); if (isTrusted($identity, $request->trust_root, $request->return_to)) { if ($request->message->isOpenID1()) { $response =& $request->answer(true); } else { $response =& $request->answer(true, false, getServerURL(), $identity); } } else { if ($request->immediate) { $response =& $request->answer(false, getServerURL()); } else { if (!getLoggedInUser()) { $_SESSION['last_forward_from'] = current_page_url() . '?' . http_build_query(Auth_OpenID::getQuery()); system_message(elgg_echo('openid_server:not_logged_in')); forward('login'); } return trust_render($request); } } addSregFields(&$response); } else { $response =& $server->handleRequest($request); } $webresponse =& $server->encodeResponse($response); foreach ($webresponse->headers as $k => $v) { header("{$k}: {$v}"); } header(header_connection_close); print $webresponse->body; exit(0); }
$user_path = substr($user, strpos($user, ":")); if ($info->message->isOpenID1() && $req_url_path != $user_path) { register_error(sprintf(elgg_echo("openid_server:loggedin_as_wrong_user"), $req_url, $user)); forward(); } else { $trust_root = $info->trust_root; $trusted = isset($trusted) ? $trusted : isTrusted($identity, $trust_root); if ($trusted) { setRequestInfo(); $server =& getServer(); if ($info->message->isOpenID1()) { $response =& $info->answer(true, null, $req_url); } else { $response =& $info->answer(true, null, getServerURL(), $identity); } addSregFields($response, $info, $identity); $webresponse =& $server->encodeResponse($response); $new_headers = array(); foreach ($webresponse->headers as $k => $v) { $new_headers[] = $k . ": " . $v; } writeResponse(array($new_headers, $webresponse->body)); exit(0); } elseif ($fail_cancels) { setRequestInfo(); forward($info->getCancelURL()); } else { writeResponse(trust_render($info)); } } }