function doAuth($info, $trusted = null, $fail_cancels = false) { if (!$info) { // There is no authentication information, so bail return authCancel(null); } $req_url = $info->identity; $user = getLoggedInUser(); setRequestInfo($info); if ($req_url != $user) { return login_render(array(), $req_url, $req_url); } $sites = getSessionSites(); $trust_root = $info->trust_root; $fail_cancels = $fail_cancels || isset($sites[$trust_root]); $trusted = isset($trusted) ? $trusted : isTrusted($req_url, $trust_root); if ($trusted) { setRequestInfo(); $server =& getServer(); $response =& $info->answer(true); $webresponse =& $server->encodeResponse($response); $new_headers = array(); foreach ($webresponse->headers as $k => $v) { $new_headers[] = $k . ": " . $v; } return array($new_headers, $webresponse->body); } elseif ($fail_cancels) { return authCancel($info); } else { return trust_render($info); } }
/** * Handle a standard OpenID server request */ function action_default() { global $store; $server =& getServer(); $method = $_SERVER['REQUEST_METHOD']; /*$request = null; if ($method == 'GET') { $request = $_GET; } else { $request = $_POST; } */ $request = $server->decodeRequest(); if (!$request) { return ""; //about_render(); } setRequestInfo($request); if (in_array($request->mode, array('checkid_immediate', 'checkid_setup'))) { $identity = getLoggedInUser(); if (isTrusted($identity, $request->trust_root, $request->return_to)) { if ($request->message->isOpenID1()) { $response =& $request->answer(true); } else { $response =& $request->answer(true, false, getServerURL(), $identity); } } else { if ($request->immediate) { $response =& $request->answer(false, getServerURL()); } else { if (!getLoggedInUser()) { $_SESSION['last_forward_from'] = current_page_url() . '?' . http_build_query(Auth_OpenID::getQuery()); system_message(elgg_echo('openid_server:not_logged_in')); forward('login'); } return trust_render($request); } } addSregFields(&$response); } else { $response =& $server->handleRequest($request); } $webresponse =& $server->encodeResponse($response); foreach ($webresponse->headers as $k => $v) { header("{$k}: {$v}"); } header(header_connection_close); print $webresponse->body; exit(0); }
/** * Handle a standard OpenID server request */ function action_default() { $server =& getServer(); $method = $_SERVER['REQUEST_METHOD']; $request = null; if ($method == 'GET') { $request = $_GET; } else { $request = $_POST; } $request = Auth_OpenID::fixArgs($request); $request = $server->decodeRequest($request); if (!$request) { return about_render(); } setRequestInfo($request); if (in_array($request->mode, array('checkid_immediate', 'checkid_setup'))) { if (isTrusted($request->identity, $request->trust_root)) { $response =& $request->answer(true); $sreg = getSreg($request->identity); if (is_array($sreg)) { foreach ($sreg as $k => $v) { $response->addField('sreg', $k, $v); } } } else { if ($request->immediate) { $response =& $request->answer(false, getServerURL()); } else { if (!getLoggedInUser()) { return login_render(); } return trust_render($request); } } } else { $response =& $server->handleRequest($request); } $webresponse =& $server->encodeResponse($response); foreach ($webresponse->headers as $k => $v) { header("{$k}: {$v}"); } header(header_connection_close); print $webresponse->body; exit(0); }
$trusted = false; } } else { $req_url = normaliseUsername($info->identity); } $user = getLoggedInUser(); $identity = $user; setRequestInfo($info); $req_url_path = substr($req_url, strpos($req_url, ":")); $user_path = substr($user, strpos($user, ":")); if ($info->message->isOpenID1() && $req_url_path != $user_path) { register_error(sprintf(elgg_echo("openid_server:loggedin_as_wrong_user"), $req_url, $user)); forward(); } else { $trust_root = $info->trust_root; $trusted = isset($trusted) ? $trusted : isTrusted($identity, $trust_root); if ($trusted) { setRequestInfo(); $server =& getServer(); if ($info->message->isOpenID1()) { $response =& $info->answer(true, null, $req_url); } else { $response =& $info->answer(true, null, getServerURL(), $identity); } addSregFields($response, $info, $identity); $webresponse =& $server->encodeResponse($response); $new_headers = array(); foreach ($webresponse->headers as $k => $v) { $new_headers[] = $k . ": " . $v; } writeResponse(array($new_headers, $webresponse->body));