Пример #1
0
function do_login()
{
    $status = "";
    if (!empty($_POST['openid_identifier'])) {
        $sreg = new Zend_OpenId_Extension_Sreg(array('nickname' => false, 'email' => false, 'fullname' => false), null, 1.1);
        $consumer = new Zend_OpenId_Consumer();
        if (!$consumer->login($_POST['openid_identifier'], '', null, $sreg)) {
            $status = "FAILED";
        }
    } else {
        if (isset($_GET['openid_mode'])) {
            if ($_GET['openid_mode'] == "id_res") {
                $consumer = new Zend_OpenId_Consumer();
                $sreg = new Zend_OpenId_Extension_Sreg(array('nickname' => false, 'email' => false, 'fullname' => false), null, 1.1);
                if ($consumer->verify($_GET, $id, $sreg)) {
                    $_SESSION['logged_in_user'] = true;
                    $status = true;
                    $open_id_addr = $_GET['openid_identity'];
                    if (strpos($open_id_addr, 'https') === 1) {
                        $open_id_addr = str_replace('https', 'http', $open_id_addr);
                    }
                    //$_SESSION['user_info'] = array();
                    //$_SESSION['user_info']['open_id'] = $_GET['openid_identity'];
                    /*
                    	$data = $sreg->getProperties();
                        if (isset($data['nickname'])) {
                            $status .= "<br>nickname: " . htmlspecialchars($data['nickname']) . "<br>\n";
                    		$_SESSION['user_info']['nickname'] = htmlspecialchars($data['nickname']);
                        }
                        if (isset($data['email'])) {
                            $status .= "email: " . htmlspecialchars($data['email']) . "<br>\n";
                    		$_SESSION['user_info']['email'] = htmlspecialchars($data['email']);
                    				
                        }
                        if (isset($data['fullname'])) {
                            $status .= "fullname: " . htmlspecialchars($data['fullname']) . "<br>\n";
                    		$_SESSION['user_info']['fullname'] = htmlspecialchars($data['fullname']);
                    				
                        }
                    */
                    login_user($open_id_addr);
                } else {
                    $status = "INVALID " . htmlspecialchars($id);
                }
            } else {
                if ($_GET['openid_mode'] == "cancel") {
                    $status = "CANCELED";
                }
            }
        }
    }
    return $status;
}
Пример #2
0
 /**
  * Performs discovery of identity and finds OpenID URL, OpenID server URL
  * and OpenID protocol version. Returns true on succees and false on
  * failure.
  *
  * @param string &$id OpenID identity URL
  * @param string &$server OpenID server URL
  * @param float &$version OpenID protocol version
  * @return bool
  * @todo OpenID 2.0 (7.3) XRI and Yadis discovery
  */
 protected function _discovery(&$id, &$server, &$version)
 {
     /* TODO: OpenID 2.0 (7.3) XRI and Yadis discovery */
     /* HTML-based discovery */
     $response = $this->_httpRequest($id, 'GET', array(), $status);
     if ($response === false) {
         $response = $this->_httpRequest('https://www.google.com/accounts/o8/user-xrds?uri=' . rawurlencode($id), 'GET', array(), $status);
     }
     if ($status != 200 || !is_string($response)) {
         return false;
     }
     if (preg_match('/<URI>([^<]+)<\\/URI>/i', $response, $r)) {
         $version = 2.0;
         $server = $r[1];
     } else {
         return parent::_discovery($id, $server, $version);
     }
     $expire = time() + 60 * 60;
     $this->_storage->addDiscoveryInfo($id, $realId, $server, $version, $expire);
     return true;
 }
Пример #3
0
 /**
  * Authenticates the given OpenId identity.
  * Defined by Zend_Auth_Adapter_Interface.
  *
  * @throws Zend_Auth_Adapter_Exception If answering the authentication query is impossible
  * @return Zend_Auth_Result
  */
 public function authenticate()
 {
     $id = $this->_id;
     if (!empty($id)) {
         $consumer = new Zend_OpenId_Consumer($this->_storage);
         $consumer->setHttpClient($this->_httpClient);
         /* login() is never returns on success */
         if (!$this->_check_immediate) {
             if (!$consumer->login($id, $this->_returnTo, $this->_root, $this->_extensions, $this->_response)) {
                 return new Zend_Auth_Result(Zend_Auth_Result::FAILURE, $id, array("Authentication failed", $consumer->getError()));
             }
         } else {
             if (!$consumer->check($id, $this->_returnTo, $this->_root, $this->_extensions, $this->_response)) {
                 return new Zend_Auth_Result(Zend_Auth_Result::FAILURE, $id, array("Authentication failed", $consumer->getError()));
             }
         }
     } else {
         $params = isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST' ? $_POST : $_GET;
         $consumer = new Zend_OpenId_Consumer($this->_storage);
         $consumer->setHttpClient($this->_httpClient);
         if ($consumer->verify($params, $id, $this->_extensions)) {
             return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $id, array("Authentication successful"));
         } else {
             return new Zend_Auth_Result(Zend_Auth_Result::FAILURE, $id, array("Authentication failed", $consumer->getError()));
         }
     }
 }
Пример #4
0
    /**
     * testing check
     *
     */
    public function testCheck()
    {
        $expiresIn = time() + 600;

        $_SERVER['SCRIPT_URI'] = "http://www.zf-test.com/test.php";
        $storage = new Zend_OpenId_Consumer_Storage_File(dirname(__FILE__)."/_files/consumer");
        $storage->delDiscoveryInfo(self::ID);
        $this->assertTrue( $storage->addDiscoveryInfo(self::ID, self::REAL_ID, self::SERVER, 1.1, $expiresIn) );
        $storage->delAssociation(self::SERVER);
        $this->assertTrue( $storage->addAssociation(self::SERVER, self::HANDLE, self::MAC_FUNC, self::SECRET, $expiresIn) );

        $response = new Zend_OpenId_ResponseHelper(true);
        $consumer = new Zend_OpenId_Consumer($storage);
        $this->assertTrue( $consumer->check(self::ID, null, null, null, $response) );
        $headers = $response->getHeaders();
        $this->assertSame( '', $response->getBody() );
        $this->assertTrue( is_array($headers) );
        $this->assertSame( 1, count($headers) );
        $this->assertTrue( is_array($headers[0]) );
        $this->assertSame( 3, count($headers[0]) );
        $this->assertSame( 'Location', $headers[0]['name'] );
        $this->assertSame( true, $headers[0]['replace'] );
        $url = $headers[0]['value'];
        $url = parse_url($url);
        $this->assertSame( "http", $url['scheme'] );
        $this->assertSame( "www.myopenid.com", $url['host'] );
        $this->assertSame( "/", $url['path'] );
        $q = explode("&", $url['query']);
        $query = array();
        foreach($q as $var) {
            if (list($key, $val) = explode("=", $var, 2)) {
                $query[$key] = $val;
            }
        }
        $this->assertTrue( is_array($query) );
        $this->assertSame( 6, count($query) );
        $this->assertSame( 'checkid_immediate', $query['openid.mode'] );
        $this->assertSame( 'http%3A%2F%2Freal_id.myopenid.com%2F', $query['openid.identity'] );
        $this->assertSame( 'http%3A%2F%2Fid.myopenid.com%2F', $query['openid.claimed_id'] );
        $this->assertSame( self::HANDLE, $query['openid.assoc_handle'] );
        $this->assertSame( 'http%3A%2F%2Fwww.zf-test.com%2Ftest.php', $query['openid.return_to'] );
        $this->assertSame( 'http%3A%2F%2Fwww.zf-test.com', $query['openid.trust_root'] );

        $storage->delDiscoveryInfo(self::ID);
        $storage->delAssociation(self::SERVER);
    }
Пример #5
0
 /**
  *    openidAction
  *
  *    Blah
  */
 public function openidAction()
 {
     $auth = Zend_Auth::getInstance();
     // Get url helper
     $urlHelper = $this->_helper->getHelper('url');
     // if user is already logged in redirect away from here
     if ($auth->hasIdentity()) {
         $target = $urlHelper->url(array('controller' => 'index', 'action' => 'index', 'language' => $this->view->language), 'lang_default', true);
         $this->_redirect($target);
     }
     // end if
     // if openid provider returns data
     //$status = "";
     if (isset($_POST['openid_action']) && !empty($_POST['openid_identifier'])) {
         $consumer = new Zend_OpenId_Consumer();
         if (!$consumer->login($_POST['openid_identifier'])) {
             //$status = "LOGIN FAILED";
             $this->view->errormsg = $this->view->translate('account-openid-login-not-successful');
         }
     } else {
         if (isset($_GET['openid_mode'])) {
             if ($_GET['openid_mode'] == "id_res") {
                 $consumer = new Zend_OpenId_Consumer();
                 if ($consumer->verify($_GET, $id)) {
                     $formOptions = htmlspecialchars($id);
                     $userProfiles = new Default_Model_UserProfiles();
                     $openIdResults = $userProfiles->searchUserOpenid($formOptions);
                     // if attached openid is found
                     if ($openIdResults) {
                         $userid = $openIdResults['id_usr_usp'];
                         //$status = "VALID " . $formOptions . " / " . $userid;
                         $user = new Default_Model_User($userid);
                         $user->loginSuccess();
                         $identity = $user->createAuthIdentity();
                         $auth->getStorage()->write($identity);
                         $target = $urlHelper->url(array('controller' => 'index', 'action' => 'index', 'language' => $this->view->language), 'lang_default', true);
                         $this->_redirect($target);
                     } else {
                         //$status = "INVALID, NO ATTACHED OPENID FOUND FOR " . $formOptions;
                         $this->view->errormsg = $this->view->translate('account-openid-login-not-successful');
                     }
                 } else {
                     //$status = "INVALID " . htmlspecialchars($id);
                     $this->view->errormsg = $this->view->translate('account-openid-login-not-successful');
                 }
             } else {
                 if ($_GET['openid_mode'] == "cancel") {
                     //$status = "CANCELLED";
                     $this->view->errormsg = $this->view->translate('account-openid-login-not-successful');
                 }
             }
         }
     }
     //echo $status;
     $form = new Default_Form_OpenIDLoginForm();
     $this->view->form = $form;
 }
Пример #6
0
                if ($_POST[$prop] === "optional") {
                    $props[$prop] = false;
                }
            }
        }
    }
    $sreg = new Zend_OpenId_Extension_Sreg($props, null, 1.1);
    $id = $_POST['openid_identifier'];
    if (!$consumer->login($id, null, null, $sreg)) {
        $status = "OpenID login failed (" . $consumer->getError() . ")";
    }
} else {
    if (isset($_GET['openid_mode'])) {
        if ($_GET['openid_mode'] == "id_res") {
            $sreg = new Zend_OpenId_Extension_Sreg();
            $consumer = new Zend_OpenId_Consumer();
            if ($consumer->verify($_GET, $id, $sreg)) {
                $status = "VALID {$id}";
                $data = $sreg->getProperties();
            } else {
                $status = "INVALID {$id} (" . $consumer->getError() . ")";
            }
        } else {
            if ($_GET['openid_mode'] == "cancel") {
                $status = "CANCELED";
            }
        }
    }
}
$sreg_html = "";
$sreg = new Zend_OpenId_Extension_Sreg();
Пример #7
0
 function eventCheckOpenIdCallBack(EventControler $eventControler)
 {
     if (!file_exists("Zend/OpenId/Consumer.php")) {
         return false;
     }
     $message_status = "";
     if ($_GET['openid_mode'] == 'id_res') {
         $consumer = new Zend_OpenId_Consumer();
         if ($consumer->verify($_GET, $this->openid_identifier)) {
             //$conx = $eventControler->getDbCon();
             $qCheck = new sqlQuery($this->getDbCon());
             $eventControler->setLog("\n OpenId check," . $this->openid_identifier . " table:" . $this->getTable());
             $this->query("select * from `" . $this->getTable() . "` where `openid`='" . $this->openid_identifier . "'");
             $eventControler->setLog("\n Query executed for sign on:" . $this->getSqlQuery());
             $eventControler->setLog("\n RegPage:" . $this->openid_regPage . " goto:" . $this->openid_goto . " errPage:" . $this->openid_errPage);
             if ($qCheck->getNumrows() == 1) {
                 $userdata = array();
                 $userdata['id'] = $this->getPrimaryKeyValue();
                 //$userdata['id'] = $this->iduser;
                 $userdata['firstname'] = $this->firstname;
                 $userdata['lastname'] = $this->lastname;
                 $userdata['email'] = $this->{$this->getEmailField()};
                 $userdata['username'] = $this->{$this->getUsernameField()};
                 if ($this->isadmin) {
                     $userdata['isadmin'] = 1;
                 }
                 $userdata['user_table'] = $user_table;
                 $_SESSION['userdata'] = $userdata;
                 if (!$this->isPersistent()) {
                     $this->sessionPersistent("do_" . $this->getObjectName(), "signout.php", 36000);
                 }
                 $eventControler->goto = $this->openid_goto;
                 $eventControler->setUrlNext($this->openid_goto);
                 return true;
             } else {
                 $eventControler->setLog("\n this user need to register:" . $this->openid_regPage);
                 $eventControler->goto = $this->openid_regPage;
                 $eventControler->setUrlNext($this->openid_regPage);
                 $eventControler->setLog("\n Redirected set to:" . $eventControler->getUrlNext());
                 return true;
             }
         } else {
             $message_status = 'The OpenID is invalid.';
         }
     } elseif ($_GET['openid_mode'] == 'cancel') {
         $message_status = 'The OpenID login was cancelled.';
     } else {
         $message_status = 'The OpenID is invalid.';
     }
     if (!empty($message_status)) {
         $err_disp = new Display($this->openid_errPage);
         $err_disp->addParam("openidmessage", $message_status);
         $eventControler->setDisplayNext($err_disp);
         return false;
     }
 }
 /**
  * Verify error
  *
  * @param  Zend_OpenId_Consumer $consumer
  * @return void
  */
 public function unverifiedCallback(Zend_OpenId_Consumer $consumer)
 {
     $message = 'Ошибка авторизации';
     if ('dev' == sfConfig::get('sf_environment')) {
         $message .= '<br />' . $consumer->getError();
     }
     $this->getUser()->setFlash('error', $message);
     $this->redirect(sfConfig::get('app_open_auth_redirect_signout'));
 }
Пример #9
0
                if ($_POST[$prop] === "optional") {
                    $props[$prop] = false;
                }
            }
        }
    }
    $sreg = new Zend_OpenId_Extension_Sreg($props, null, 1.1);
    $id = $_POST['openid_identifier'];
    if (!$consumer->login($id, null, null, $sreg)) {
        $status = "OpenID login failed";
    }
} else {
    if (isset($_GET['openid_mode'])) {
        if ($_GET['openid_mode'] == "id_res") {
            $sreg = new Zend_OpenId_Extension_Sreg();
            $consumer = new Zend_OpenId_Consumer();
            if ($consumer->verify($_GET, $id, $sreg)) {
                $status = "VALID {$id}";
                $data = $sreg->getProperties();
            } else {
                $status = "INVALID {$id}";
            }
        } else {
            if ($_GET['openid_mode'] == "cancel") {
                $status = "CANCELED";
            }
        }
    }
}
$sreg_html = "";
$sreg = new Zend_OpenId_Extension_Sreg();
Пример #10
0
 /**
  * This method is responsible for the complete OpenID authentication process.
  * In some cases this method does not return, for a redirect is done internally
  * by Zend.
  * 
  * @return Zend_Auth_Result
  */
 public function authenticate()
 {
     $app = Erfurt_App::getInstance();
     $this->_store = $app->getStore();
     // Check whether OpenId is supported (big integer support is needed.)
     if (!$this->_isOpenIdSupported()) {
         $result = false;
         $msg = 'OpenID is currently not supported!';
         require_once 'Zend/Auth/Result.php';
         return new Zend_Auth_Result($result, null, array($msg));
     }
     // If id is given, login the user.
     if (null !== $this->_id) {
         // If sReg is given, we want to register, so don't check whether user exists.
         // If it is not given, we need to check whether the user exists and is allowed
         // to login.
         if (null === $this->_sReg) {
             $userResult = $this->_checkOpenId($this->_id);
             if ($userResult['userUri'] === false) {
                 $result = false;
                 $msg = 'User (' . $this->_id . ') does not exist!';
                 require_once 'Zend/Auth/Result.php';
                 return new Zend_Auth_Result($result, null, array($msg));
             }
             if ($userResult['denyLogin'] === true) {
                 $result = false;
                 $msg = 'Login not allowed!';
                 require_once 'Zend/Auth/Result.php';
                 return new Zend_Auth_Result($result, null, array($msg));
             }
         }
         if (null !== $this->_redirectUrl) {
             // This is a hack, for the setHttpClient method in Zend_OpenId_Consumer seems not to work.
             $this->_verifyUrl = $this->_verifyUrl . '/?ow_redirect_url=' . urlencode($this->_redirectUrl);
         }
         require_once 'Zend/OpenId/Consumer.php';
         $consumer = new Zend_OpenId_Consumer();
         if (!$consumer->login($this->_id, $this->_verifyUrl, null, $this->_sReg)) {
             $result = false;
             $msg = 'OpenID authentication failed.';
             require_once 'Zend/Auth/Result.php';
             return new Zend_Auth_Result($result, null, array($msg));
         }
         // This point is never reached, for there will be a redirect on successful login.
     } else {
         // If no id is given, verify the result.
         if (!isset($this->_get['openid_identity'])) {
             $result = false;
             $msg = 'OpenID authentication failed.';
             /*
             $identity = array(
                 'uri'       => null, 
                 'dbuser'    => false, 
                 'anonymous' => false
             );
             */
             require_once 'Zend/Auth/Result.php';
             return new Zend_Auth_Result($result, null, array($msg));
         }
         $identity = array('uri' => $this->_get['openid_identity'], 'dbuser' => false, 'anonymous' => false, 'is_openid_user' => true);
         // This is just called in order to get the label for the user.
         $userResult = $this->_checkOpenId($this->_get['openid_identity']);
         if (isset($userResult['userLabel'])) {
             $identity['label'] = $userResult['userLabel'];
         }
         if (isset($userResult['username'])) {
             $identity['username'] = $userResult['username'];
         }
         if (isset($userResult['email'])) {
             $identity['email'] = $userResult['email'];
         }
         require_once 'Zend/OpenId/Consumer.php';
         $consumer = new Zend_OpenId_Consumer();
         if (!$consumer->verify($this->_get, $this->_get['openid_identity'], $this->_sReg)) {
             $result = false;
             $msg = 'OpenID authentication failed.';
             require_once 'Zend/Auth/Result.php';
             return new Zend_Auth_Result($result, null, array($msg));
         } else {
             $result = true;
             $msg = 'OpenID authentication successful.';
             require_once 'Erfurt/Auth/Identity.php';
             $identityObject = new Erfurt_Auth_Identity($identity);
             require_once 'Zend/Auth/Result.php';
             return new Zend_Auth_Result($result, $identityObject, array($msg));
         }
     }
 }
<?php

require_once dirname(__FILE__) . '/Zend/OpenId/Consumer.php';
require_once dirname(__FILE__) . '/Zend/OpenId/Extension/Sreg.php';
$sreg = new Zend_OpenId_Extension_Sreg(array('nickname' => false, 'email' => true, 'fullname' => false), null, 1.1);
//echo file_get_contents('https://www.google.com/accounts/o8/id');
$openid_identifier = 'https://www.google.com/accounts/o8/id';
$status = "";
$consumer = new Zend_OpenId_Consumer();
if (!$consumer->login($openid_identifier, 'google_openid_return.php', null, $sreg)) {
    //echo $consumer->getError();
    $status = "OpenID login failed.";
    //echo $status;exit();
}
Пример #12
0
         header('Location: login.php');
         die;
     }
 } elseif (isset($_POST['openid_identifier']) or isset($_GET['openid_mode'])) {
     $status = "";
     if (!empty($_POST['openid_identifier'])) {
         //login initiation
         $consumer = new Zend_OpenId_Consumer();
         if (!$consumer->login($_POST['openid_identifier'], "login.php?section=login_send&remember=" . $_POST['remember'])) {
             $status = "OpenID Login fehlgeschlagen.";
         }
     } else {
         if (isset($_GET['openid_mode'])) {
             //login result from openid server
             if ($_GET['openid_mode'] == "id_res") {
                 $consumer = new Zend_OpenId_Consumer();
                 if ($consumer->verify($_GET, $id)) {
                     $user_data = User_old::getUserByOpenID($id);
                     if (empty($user_data)) {
                         $messages[] = array("Mit dieser Open-ID ist kein gültiger Benutzer verknüpft.", 2);
                         Message::setMessage($messages);
                         header('Location: login.php');
                         die;
                     }
                 } else {
                     $messages[] = array("Diese Identität ist nicht gültig.", 2);
                     Message::setMessage($messages);
                     header('Location: login.php');
                     die;
                 }
             } else {