isError() статический публичный Метод

static public isError ( mixed $thing ) : boolean
$thing mixed Any object which may be an Auth_OpenID_AX_Error object.
Результат boolean true if $thing is an Auth_OpenID_AX_Error; false if not.
Пример #1
0
 function test_get()
 {
     $this->assertTrue(Auth_OpenID_AX::isError($this->msg->get($this->type_a)));
 }
Пример #2
0
 /**
  * Construct a FetchResponse object from an OpenID library
  * SuccessResponse object.
  *
  * @param success_response: A successful id_res response object
  *
  * @param signed: Whether non-signed args should be processsed. If
  * True (the default), only signed arguments will be processsed.
  *
  * @return $response A FetchResponse containing the data from the
  * OpenID message
  */
 function fromSuccessResponse($success_response, $signed = true)
 {
     $obj = new Auth_OpenID_AX_FetchResponse();
     if ($signed) {
         $ax_args = $success_response->getSignedNS($obj->ns_uri);
     } else {
         $ax_args = $success_response->message->getArgs($obj->ns_uri);
     }
     if ($ax_args === null || Auth_OpenID::isFailure($ax_args) || sizeof($ax_args) == 0) {
         return null;
     }
     $result = $obj->parseExtensionArgs($ax_args);
     if (Auth_OpenID_AX::isError($result)) {
         #XXX log me
         return null;
     }
     return $obj;
 }
 /**
  * Process a request.
  *
  * This function never returns.
  *
  * @param Auth_OpenID_Request $request  The request we are processing.
  */
 public function processRequest(array $state)
 {
     assert('isset($state["request"])');
     $request = $state['request'];
     $sreg_req = Auth_OpenID_SRegRequest::fromOpenIDRequest($request);
     $ax_req = Auth_OpenId_AX_FetchRequest::fromOpenIDRequest($request);
     /* In resume.php there should be a way to display data requested through sreg or ax. */
     if (!$this->authSource->isAuthenticated()) {
         if ($request->immediate) {
             /* Not logged in, and we cannot show a login form. */
             $this->sendResponse($request->answer(FALSE));
         }
         $resumeURL = $this->getStateURL('resume.php', $state);
         $this->authSource->requireAuth(array('ReturnTo' => $resumeURL));
     }
     $identity = $this->getIdentity();
     assert('$identity !== FALSE');
     /* Should always be logged in here. */
     if (!$request->idSelect() && $identity !== $request->identity) {
         /* The identity in the request doesn't match the one of the logged in user. */
         throw new SimpleSAML_Error_Exception('Logged in as different user than the one requested.');
     }
     if ($this->isTrusted($identity, $request->trust_root)) {
         $trusted = TRUE;
     } elseif (isset($state['TrustResponse'])) {
         $trusted = (bool) $state['TrustResponse'];
     } else {
         if ($request->immediate) {
             /* Not trusted, and we cannot show a trust-form. */
             $this->sendResponse($request->answer(FALSE));
         }
         $trustURL = $this->getStateURL('trust.php', $state);
         \SimpleSAML\Utils\HTTP::redirectTrustedURL($trustURL);
     }
     if (!$trusted) {
         /* The user doesn't trust this site. */
         $this->sendResponse($request->answer(FALSE));
     }
     $response = $request->answer(TRUE, NULL, $identity);
     //Process attributes
     $attributes = $this->authSource->getAttributes();
     foreach ($attributes as $key => $attr) {
         if (is_array($attr) && count($attr) === 1) {
             $attributes[$key] = $attr[0];
         }
     }
     $pc = new SimpleSAML_Auth_ProcessingChain($this->authProc, array(), 'idp');
     $state = array('Attributes' => $attributes, 'isPassive' => TRUE);
     $pc->processStatePassive($state);
     $attributes = $state['Attributes'];
     //Process SREG requests
     $sreg_resp = Auth_OpenID_SRegResponse::extractResponse($sreg_req, $attributes);
     $sreg_resp->toMessage($response->fields);
     //Process AX requests
     if (!Auth_OpenID_AX::isError($ax_req)) {
         $ax_resp = new Auth_OpenID_AX_FetchResponse();
         foreach ($ax_req->iterTypes() as $type_uri) {
             if (isset($attributes[$type_uri])) {
                 $ax_resp->addValue($type_uri, $attributes[$type_uri]);
             }
         }
         $ax_resp->toMessage($response->fields);
     }
     /* The user is authenticated, and trusts this site. */
     $this->sendResponse($response);
 }
 /**
  * @return $result Auth_OpenID_AX_Error on failure or true on
  * success.
  */
 function parseExtensionArgs($ax_args)
 {
     $result = parent::parseExtensionArgs($ax_args);
     if (Auth_OpenID_AX::isError($result)) {
         return $result;
     }
     $this->update_url = Auth_OpenID::arrayGet($ax_args, 'update_url');
     return true;
 }
Пример #5
0
function send_geni_user($server, $info)
{
    $geni_user = geni_loadUser();
    $req_url = idURL($geni_user->username);
    $response =& $info->answer(true, null, $req_url);
    // Answer with some sample Simple Registration data.
    global $portal_cert_file;
    global $portal_private_key_file;
    $sreg_data = array();
    if ($geni_user) {
        $sreg_data['nickname'] = $geni_user->username;
        $sreg_data['email'] = $geni_user->email();
    }
    if (empty($sreg_data)) {
        error_log("OpenID: Unable to access user information.");
    }
    // Add the simple registration response values to the OpenID
    // response message.
    $sreg_request = Auth_OpenID_SRegRequest::fromOpenIDRequest($info);
    $sreg_response = Auth_OpenID_SRegResponse::extractResponse($sreg_request, $sreg_data);
    $sreg_response->toMessage($response->fields);
    /*
     * Attribute Exchange (AX) is an OpenID extension to pass additional
     * attributes. This code was derived by looking at some client
     * examples and the AX code. No server-side examples of PHP OpenID
     * AX were found.
     *
     * AX seems to be fragile. Small changes to the code below can
     * result in authentication failures.
     *
     * The user URN has '+' characters but these consistently caused
     * authentication failures in testing. Replacing the '+' with '|'
     * worked, so that is a necessary transformation below.
     */
    $ax_request = Auth_OpenID_AX_FetchRequest::fromOpenIDRequest($info);
    if ($ax_request and !Auth_OpenID_AX::isError($ax_request)) {
        /* error_log("received AX request: " . print_r($ax_request, true)); */
        $ax_response = new Auth_OpenID_AX_FetchResponse();
        add_project_slice_info($geni_user, $projects, $slices);
        foreach ($ax_request->iterTypes() as $ax_req_type) {
            switch ($ax_req_type) {
                case 'http://geni.net/projects':
                    $ax_response->setValues($ax_req_type, $projects);
                    break;
                case 'http://geni.net/slices':
                    $ax_response->setValues($ax_req_type, $slices);
                    break;
                case 'http://geni.net/user/urn':
                    $urn = $geni_user->urn();
                    $urn = str_replace('+', '|', $urn);
                    $ax_response->addValue('http://geni.net/user/urn', $urn);
                    break;
                case 'http://geni.net/user/prettyname':
                    $ax_response->addValue($ax_req_type, $geni_user->prettyName());
                    break;
                case 'http://geni.net/wimax/username':
                case 'http://geni.net/wimax/wimax_username':
                    $wimax_name = null;
                    if (isset($geni_user->ma_member->wimax_username)) {
                        $wimax_name = $geni_user->ma_member->wimax_username;
                    }
                    /* Only send wimax name if it exists. */
                    if ($wimax_name) {
                        $ax_response->addValue($ax_req_type, $wimax_name);
                    }
                    break;
                case 'http://geni.net/irods/username':
                    /* Get the iRODS username. Do we need to respect the
                     * 'irods_enabled' flag?
                     */
                    $irods_username = null;
                    if (isset($geni_user->ma_member->irods_username)) {
                        $irods_username = $geni_user->ma_member->irods_username;
                    }
                    /* Only send it if it exists. */
                    if ($irods_username) {
                        error_log("Returning iRODS username {$irods_username} for user " . $geni_user->urn());
                        $ax_response->addValue($ax_req_type, $irods_username);
                    } else {
                        error_log("No iRODS username in OpenID for user " . $geni_user->urn());
                    }
                    break;
                case 'http://geni.net/irods/zone':
                    /* Get the IRods zone for this user. */
                    $irods_zone = irods_default_zone();
                    /* Only send it if it exists. */
                    if ($irods_zone) {
                        error_log("Returning iRODS zone {$irods_zone} for user " . $geni_user->urn());
                        $ax_response->addValue($ax_req_type, $irods_zone);
                    } else {
                        error_log("No iRODS zone in OpenID for user " . $geni_user->urn());
                    }
                    break;
            }
        }
        $ax_response->toMessage($response->fields);
    }
    // Generate a response to send to the user agent.
    $webresponse =& $server->encodeResponse($response);
    $new_headers = array();
    foreach ($webresponse->headers as $k => $v) {
        $new_headers[] = $k . ": " . $v;
    }
    return array($new_headers, $webresponse->body);
}