function do_login()
{
$status = "";
if (!empty($_POST['openid_identifier'])) {
$sreg = new Zend_OpenId_Extension_Sreg(array('nickname' => false, 'email' => false, 'fullname' => false), null, 1.1);
$consumer = new Zend_OpenId_Consumer();
if (!$consumer->login($_POST['openid_identifier'], '', null, $sreg)) {
$status = "FAILED";
}
} else {
if (isset($_GET['openid_mode'])) {
if ($_GET['openid_mode'] == "id_res") {
$consumer = new Zend_OpenId_Consumer();
$sreg = new Zend_OpenId_Extension_Sreg(array('nickname' => false, 'email' => false, 'fullname' => false), null, 1.1);
if ($consumer->verify($_GET, $id, $sreg)) {
$_SESSION['logged_in_user'] = true;
$status = true;
$open_id_addr = $_GET['openid_identity'];
if (strpos($open_id_addr, 'https') === 1) {
$open_id_addr = str_replace('https', 'http', $open_id_addr);
}
//$_SESSION['user_info'] = array();
//$_SESSION['user_info']['open_id'] = $_GET['openid_identity'];
/*
$data = $sreg->getProperties();
if (isset($data['nickname'])) {
$status .= "<br>nickname: " . htmlspecialchars($data['nickname']) . "<br>\n";
$_SESSION['user_info']['nickname'] = htmlspecialchars($data['nickname']);
}
if (isset($data['email'])) {
$status .= "email: " . htmlspecialchars($data['email']) . "<br>\n";
$_SESSION['user_info']['email'] = htmlspecialchars($data['email']);
}
if (isset($data['fullname'])) {
$status .= "fullname: " . htmlspecialchars($data['fullname']) . "<br>\n";
$_SESSION['user_info']['fullname'] = htmlspecialchars($data['fullname']);
}
*/
login_user($open_id_addr);
} else {
$status = "INVALID " . htmlspecialchars($id);
}
} else {
if ($_GET['openid_mode'] == "cancel") {
$status = "CANCELED";
}
}
}
}
return $status;
}
/**
* Authenticates the given OpenId identity.
* Defined by Zend_Auth_Adapter_Interface.
*
* @throws Zend_Auth_Adapter_Exception If answering the authentication query is impossible
* @return Zend_Auth_Result
*/
public function authenticate()
{
$id = $this->_id;
if (!empty($id)) {
$consumer = new Zend_OpenId_Consumer($this->_storage);
$consumer->setHttpClient($this->_httpClient);
/* login() is never returns on success */
if (!$this->_check_immediate) {
if (!$consumer->login($id, $this->_returnTo, $this->_root, $this->_extensions, $this->_response)) {
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE, $id, array("Authentication failed", $consumer->getError()));
}
} else {
if (!$consumer->check($id, $this->_returnTo, $this->_root, $this->_extensions, $this->_response)) {
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE, $id, array("Authentication failed", $consumer->getError()));
}
}
} else {
$params = isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST' ? $_POST : $_GET;
$consumer = new Zend_OpenId_Consumer($this->_storage);
$consumer->setHttpClient($this->_httpClient);
if ($consumer->verify($params, $id, $this->_extensions)) {
return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $id, array("Authentication successful"));
} else {
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE, $id, array("Authentication failed", $consumer->getError()));
}
}
}
/**
* testing login
*
*/
public function testLogin()
{
$expiresIn = time() + 600;
$_SERVER['SCRIPT_URI'] = "http://www.zf-test.com/test.php";
$storage = new Zend_OpenId_Consumer_Storage_File(dirname(__FILE__)."/_files/consumer");
$storage->delDiscoveryInfo(self::ID);
$this->assertTrue( $storage->addDiscoveryInfo(self::ID, self::REAL_ID, self::SERVER, 1.1, $expiresIn) );
$storage->delAssociation(self::SERVER);
$this->assertTrue( $storage->addAssociation(self::SERVER, self::HANDLE, self::MAC_FUNC, self::SECRET, $expiresIn) );
$response = new Zend_OpenId_ResponseHelper(true);
$consumer = new Zend_OpenId_Consumer($storage);
$this->assertTrue( $consumer->login(self::ID, null, null, null, $response) );
$headers = $response->getHeaders();
$this->assertSame( '', $response->getBody() );
$this->assertTrue( is_array($headers) );
$this->assertSame( 1, count($headers) );
$this->assertTrue( is_array($headers[0]) );
$this->assertSame( 3, count($headers[0]) );
$this->assertSame( 'Location', $headers[0]['name'] );
$this->assertSame( true, $headers[0]['replace'] );
$url = $headers[0]['value'];
$url = parse_url($url);
$this->assertSame( "http", $url['scheme'] );
$this->assertSame( "www.myopenid.com", $url['host'] );
$this->assertSame( "/", $url['path'] );
$q = explode("&", $url['query']);
$query = array();
foreach($q as $var) {
if (list($key, $val) = explode("=", $var, 2)) {
$query[$key] = $val;
}
}
$this->assertTrue( is_array($query) );
$this->assertSame( 6, count($query) );
$this->assertSame( 'checkid_setup', $query['openid.mode'] );
$this->assertSame( 'http%3A%2F%2Freal_id.myopenid.com%2F', $query['openid.identity'] );
$this->assertSame( 'http%3A%2F%2Fid.myopenid.com%2F', $query['openid.claimed_id'] );
$this->assertSame( self::HANDLE, $query['openid.assoc_handle'] );
$this->assertSame( 'http%3A%2F%2Fwww.zf-test.com%2Ftest.php', $query['openid.return_to'] );
$this->assertSame( 'http%3A%2F%2Fwww.zf-test.com', $query['openid.trust_root'] );
// Test user defined return_to and trust_root
$response = new Zend_OpenId_ResponseHelper(true);
$consumer = new Zend_OpenId_Consumer($storage);
$this->assertTrue( $consumer->login(self::ID, "http://www.zf-test.com/return.php", "http://www.zf-test.com/trust.php", null, $response) );
$headers = $response->getHeaders();
$url = $headers[0]['value'];
$url = parse_url($url);
$q = explode("&", $url['query']);
$query = array();
foreach($q as $var) {
if (list($key, $val) = explode("=", $var, 2)) {
$query[$key] = $val;
}
}
$this->assertTrue( is_array($query) );
$this->assertSame( 6, count($query) );
$this->assertSame( 'checkid_setup', $query['openid.mode'] );
$this->assertSame( 'http%3A%2F%2Freal_id.myopenid.com%2F', $query['openid.identity'] );
$this->assertSame( 'http%3A%2F%2Fid.myopenid.com%2F', $query['openid.claimed_id'] );
$this->assertSame( self::HANDLE, $query['openid.assoc_handle'] );
$this->assertSame( 'http%3A%2F%2Fwww.zf-test.com%2Freturn.php', $query['openid.return_to'] );
$this->assertSame( 'http%3A%2F%2Fwww.zf-test.com%2Ftrust.php', $query['openid.trust_root'] );
$storage->delDiscoveryInfo(self::ID);
$this->assertTrue( $storage->addDiscoveryInfo(self::ID, self::REAL_ID, self::SERVER, 2.0, $expiresIn) );
// Test login with OpenID 2.0
$response = new Zend_OpenId_ResponseHelper(true);
$consumer = new Zend_OpenId_Consumer($storage);
$this->assertTrue( $consumer->login(self::ID, "http://www.zf-test.com/return.php", "http://www.zf-test.com/trust.php", null, $response) );
$headers = $response->getHeaders();
$url = $headers[0]['value'];
$url = parse_url($url);
$q = explode("&", $url['query']);
$query = array();
foreach($q as $var) {
if (list($key, $val) = explode("=", $var, 2)) {
$query[$key] = $val;
}
}
$this->assertTrue( is_array($query) );
$this->assertSame( 7, count($query) );
$this->assertSame( 'http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0', $query['openid.ns'] );
$this->assertSame( 'checkid_setup', $query['openid.mode'] );
$this->assertSame( 'http%3A%2F%2Freal_id.myopenid.com%2F', $query['openid.identity'] );
$this->assertSame( 'http%3A%2F%2Fid.myopenid.com%2F', $query['openid.claimed_id'] );
$this->assertSame( self::HANDLE, $query['openid.assoc_handle'] );
$this->assertSame( 'http%3A%2F%2Fwww.zf-test.com%2Freturn.php', $query['openid.return_to'] );
$this->assertSame( 'http%3A%2F%2Fwww.zf-test.com%2Ftrust.php', $query['openid.realm'] );
// Test login with SREG extension
$ext = new Zend_OpenId_Extension_Sreg(array("nickname"=>true,"email"=>false));
$response = new Zend_OpenId_ResponseHelper(true);
$consumer = new Zend_OpenId_Consumer($storage);
$this->assertTrue( $consumer->login(self::ID, "http://www.zf-test.com/return.php", "http://www.zf-test.com/trust.php", $ext, $response) );
$headers = $response->getHeaders();
$url = $headers[0]['value'];
$url = parse_url($url);
$q = explode("&", $url['query']);
$query = array();
foreach($q as $var) {
if (list($key, $val) = explode("=", $var, 2)) {
$query[$key] = $val;
}
}
$this->assertTrue( is_array($query) );
$this->assertSame( 9, count($query) );
$this->assertSame( 'http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0', $query['openid.ns'] );
$this->assertSame( 'checkid_setup', $query['openid.mode'] );
$this->assertSame( 'http%3A%2F%2Freal_id.myopenid.com%2F', $query['openid.identity'] );
$this->assertSame( 'http%3A%2F%2Fid.myopenid.com%2F', $query['openid.claimed_id'] );
$this->assertSame( self::HANDLE, $query['openid.assoc_handle'] );
$this->assertSame( 'http%3A%2F%2Fwww.zf-test.com%2Freturn.php', $query['openid.return_to'] );
$this->assertSame( 'http%3A%2F%2Fwww.zf-test.com%2Ftrust.php', $query['openid.realm'] );
$this->assertSame( 'nickname', $query['openid.sreg.required'] );
$this->assertSame( 'email', $query['openid.sreg.optional'] );
// Test login in dumb mode
$storage->delAssociation(self::SERVER);
$response = new Zend_OpenId_ResponseHelper(true);
$consumer = new Zend_OpenId_Consumer($storage, true);
$this->assertTrue( $consumer->login(self::ID, "http://www.zf-test.com/return.php", "http://www.zf-test.com/trust.php", null, $response) );
$headers = $response->getHeaders();
$url = $headers[0]['value'];
$url = parse_url($url);
$q = explode("&", $url['query']);
$query = array();
foreach($q as $var) {
if (list($key, $val) = explode("=", $var, 2)) {
$query[$key] = $val;
}
}
$this->assertTrue( is_array($query) );
$this->assertSame( 6, count($query) );
$this->assertSame( 'http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0', $query['openid.ns'] );
$this->assertSame( 'checkid_setup', $query['openid.mode'] );
$this->assertSame( 'http%3A%2F%2Freal_id.myopenid.com%2F', $query['openid.identity'] );
$this->assertSame( 'http%3A%2F%2Fid.myopenid.com%2F', $query['openid.claimed_id'] );
$this->assertSame( 'http%3A%2F%2Fwww.zf-test.com%2Freturn.php', $query['openid.return_to'] );
$this->assertSame( 'http%3A%2F%2Fwww.zf-test.com%2Ftrust.php', $query['openid.realm'] );
$storage->delDiscoveryInfo(self::ID);
}
/**
* openidAction
*
* Blah
*/
public function openidAction()
{
$auth = Zend_Auth::getInstance();
// Get url helper
$urlHelper = $this->_helper->getHelper('url');
// if user is already logged in redirect away from here
if ($auth->hasIdentity()) {
$target = $urlHelper->url(array('controller' => 'index', 'action' => 'index', 'language' => $this->view->language), 'lang_default', true);
$this->_redirect($target);
}
// end if
// if openid provider returns data
//$status = "";
if (isset($_POST['openid_action']) && !empty($_POST['openid_identifier'])) {
$consumer = new Zend_OpenId_Consumer();
if (!$consumer->login($_POST['openid_identifier'])) {
//$status = "LOGIN FAILED";
$this->view->errormsg = $this->view->translate('account-openid-login-not-successful');
}
} else {
if (isset($_GET['openid_mode'])) {
if ($_GET['openid_mode'] == "id_res") {
$consumer = new Zend_OpenId_Consumer();
if ($consumer->verify($_GET, $id)) {
$formOptions = htmlspecialchars($id);
$userProfiles = new Default_Model_UserProfiles();
$openIdResults = $userProfiles->searchUserOpenid($formOptions);
// if attached openid is found
if ($openIdResults) {
$userid = $openIdResults['id_usr_usp'];
//$status = "VALID " . $formOptions . " / " . $userid;
$user = new Default_Model_User($userid);
$user->loginSuccess();
$identity = $user->createAuthIdentity();
$auth->getStorage()->write($identity);
$target = $urlHelper->url(array('controller' => 'index', 'action' => 'index', 'language' => $this->view->language), 'lang_default', true);
$this->_redirect($target);
} else {
//$status = "INVALID, NO ATTACHED OPENID FOUND FOR " . $formOptions;
$this->view->errormsg = $this->view->translate('account-openid-login-not-successful');
}
} else {
//$status = "INVALID " . htmlspecialchars($id);
$this->view->errormsg = $this->view->translate('account-openid-login-not-successful');
}
} else {
if ($_GET['openid_mode'] == "cancel") {
//$status = "CANCELLED";
$this->view->errormsg = $this->view->translate('account-openid-login-not-successful');
}
}
}
}
//echo $status;
$form = new Default_Form_OpenIDLoginForm();
$this->view->form = $form;
}
$consumer = new Zend_OpenId_Consumer();
$props = array();
foreach (Zend_OpenId_Extension_Sreg::getSregProperties() as $prop) {
if (isset($_POST[$prop])) {
if ($_POST[$prop] === "required") {
$props[$prop] = true;
} else {
if ($_POST[$prop] === "optional") {
$props[$prop] = false;
}
}
}
}
$sreg = new Zend_OpenId_Extension_Sreg($props, null, 1.1);
$id = $_POST['openid_identifier'];
if (!$consumer->login($id, null, null, $sreg)) {
$status = "OpenID login failed (" . $consumer->getError() . ")";
}
} else {
if (isset($_GET['openid_mode'])) {
if ($_GET['openid_mode'] == "id_res") {
$sreg = new Zend_OpenId_Extension_Sreg();
$consumer = new Zend_OpenId_Consumer();
if ($consumer->verify($_GET, $id, $sreg)) {
$status = "VALID {$id}";
$data = $sreg->getProperties();
} else {
$status = "INVALID {$id} (" . $consumer->getError() . ")";
}
} else {
if ($_GET['openid_mode'] == "cancel") {
/**
* Event registration.openid_signon
* Check the OpenID using Zend Franework.
* FIXME
* @param EventControler object
* @package registration
* @author Jay Link
* @version 1.3
*/
function eventOpenIdSignon(EventControler $evtcl)
{
if (file_exists("Zend/OpenId/Consumer.php")) {
include_once "Zend/OpenId/Consumer.php";
$strWrongLoginPassword = $evtcl->strWrongLoginPassword;
if (empty($strWrongLoginPassword)) {
$strWrongLoginPassword = _('Wrong_login_or_password');
}
$this->setLog("\n(User) OpenID Sign on " . date("Y/m/d H:i:s"));
$openid_action = $evtcl->openid_action;
$openid_identifier = $evtcl->openid_identifier;
$_SESSION['openid_identifier'] = $openid_identifier;
$_SESSION['openid_userclass'] = $this->getObjectName();
$this->openid_identifier = $openid_identifier;
//$this->openid_goto = $evtcl->goto;
//$this->openid_regPage = $evtcl->regPage;
//$this->openid_errPage = $evtcl->errPage;
if (isset($openid_action) && $openid_action == 'Login' && !empty($openid_identifier)) {
$consumer = new Zend_OpenId_Consumer();
if (!$consumer->login($openid_identifier, 'openid_verify.sys.php')) {
$dispError = new Display($this->errPage);
$dispError->addParam("openidmessage", $strWrongLoginPassword);
$evtcl->setDisplayNext($dispError);
}
} else {
if (empty($openid_identifier)) {
$dispError = new Display($evtcl->errPage);
$dispError->addParam("openidmessage", $strWrongLoginPassword);
$evtcl->setDisplayNext($dispError);
}
}
}
}
/**
* This method is responsible for the complete OpenID authentication process.
* In some cases this method does not return, for a redirect is done internally
* by Zend.
*
* @return Zend_Auth_Result
*/
public function authenticate()
{
$app = Erfurt_App::getInstance();
$this->_store = $app->getStore();
// Check whether OpenId is supported (big integer support is needed.)
if (!$this->_isOpenIdSupported()) {
$result = false;
$msg = 'OpenID is currently not supported!';
require_once 'Zend/Auth/Result.php';
return new Zend_Auth_Result($result, null, array($msg));
}
// If id is given, login the user.
if (null !== $this->_id) {
// If sReg is given, we want to register, so don't check whether user exists.
// If it is not given, we need to check whether the user exists and is allowed
// to login.
if (null === $this->_sReg) {
$userResult = $this->_checkOpenId($this->_id);
if ($userResult['userUri'] === false) {
$result = false;
$msg = 'User (' . $this->_id . ') does not exist!';
require_once 'Zend/Auth/Result.php';
return new Zend_Auth_Result($result, null, array($msg));
}
if ($userResult['denyLogin'] === true) {
$result = false;
$msg = 'Login not allowed!';
require_once 'Zend/Auth/Result.php';
return new Zend_Auth_Result($result, null, array($msg));
}
}
if (null !== $this->_redirectUrl) {
// This is a hack, for the setHttpClient method in Zend_OpenId_Consumer seems not to work.
$this->_verifyUrl = $this->_verifyUrl . '/?ow_redirect_url=' . urlencode($this->_redirectUrl);
}
require_once 'Zend/OpenId/Consumer.php';
$consumer = new Zend_OpenId_Consumer();
if (!$consumer->login($this->_id, $this->_verifyUrl, null, $this->_sReg)) {
$result = false;
$msg = 'OpenID authentication failed.';
require_once 'Zend/Auth/Result.php';
return new Zend_Auth_Result($result, null, array($msg));
}
// This point is never reached, for there will be a redirect on successful login.
} else {
// If no id is given, verify the result.
if (!isset($this->_get['openid_identity'])) {
$result = false;
$msg = 'OpenID authentication failed.';
/*
$identity = array(
'uri' => null,
'dbuser' => false,
'anonymous' => false
);
*/
require_once 'Zend/Auth/Result.php';
return new Zend_Auth_Result($result, null, array($msg));
}
$identity = array('uri' => $this->_get['openid_identity'], 'dbuser' => false, 'anonymous' => false, 'is_openid_user' => true);
// This is just called in order to get the label for the user.
$userResult = $this->_checkOpenId($this->_get['openid_identity']);
if (isset($userResult['userLabel'])) {
$identity['label'] = $userResult['userLabel'];
}
if (isset($userResult['username'])) {
$identity['username'] = $userResult['username'];
}
if (isset($userResult['email'])) {
$identity['email'] = $userResult['email'];
}
require_once 'Zend/OpenId/Consumer.php';
$consumer = new Zend_OpenId_Consumer();
if (!$consumer->verify($this->_get, $this->_get['openid_identity'], $this->_sReg)) {
$result = false;
$msg = 'OpenID authentication failed.';
require_once 'Zend/Auth/Result.php';
return new Zend_Auth_Result($result, null, array($msg));
} else {
$result = true;
$msg = 'OpenID authentication successful.';
require_once 'Erfurt/Auth/Identity.php';
$identityObject = new Erfurt_Auth_Identity($identity);
require_once 'Zend/Auth/Result.php';
return new Zend_Auth_Result($result, $identityObject, array($msg));
}
}
}
<?php
require_once dirname(__FILE__) . '/Zend/OpenId/Consumer.php';
require_once dirname(__FILE__) . '/Zend/OpenId/Extension/Sreg.php';
$sreg = new Zend_OpenId_Extension_Sreg(array('nickname' => false, 'email' => true, 'fullname' => false), null, 1.1);
//echo file_get_contents('https://www.google.com/accounts/o8/id');
$openid_identifier = 'https://www.google.com/accounts/o8/id';
$status = "";
$consumer = new Zend_OpenId_Consumer();
if (!$consumer->login($openid_identifier, 'google_openid_return.php', null, $sreg)) {
//echo $consumer->getError();
$status = "OpenID login failed.";
//echo $status;exit();
}
//check if login is successfull and if not, go back to loginpage with errormessage
if (isset($_POST['nickname']) and isset($_POST['password'])) {
$user_data = User_old::getUserByNickname($_POST['nickname']);
$phpass = new PasswordHash(8, false);
if (empty($user_data) or !$phpass->CheckPassword($_POST['password'], $user_data['password'])) {
$messages[] = array("Passwort oder Benutzername stimmen nicht.", 2);
Message::setMessage($messages);
header('Location: login.php');
die;
}
} elseif (isset($_POST['openid_identifier']) or isset($_GET['openid_mode'])) {
$status = "";
if (!empty($_POST['openid_identifier'])) {
//login initiation
$consumer = new Zend_OpenId_Consumer();
if (!$consumer->login($_POST['openid_identifier'], "login.php?section=login_send&remember=" . $_POST['remember'])) {
$status = "OpenID Login fehlgeschlagen.";
}
} else {
if (isset($_GET['openid_mode'])) {
//login result from openid server
if ($_GET['openid_mode'] == "id_res") {
$consumer = new Zend_OpenId_Consumer();
if ($consumer->verify($_GET, $id)) {
$user_data = User_old::getUserByOpenID($id);
if (empty($user_data)) {
$messages[] = array("Mit dieser Open-ID ist kein gültiger Benutzer verknüpft.", 2);
Message::setMessage($messages);
header('Location: login.php');
die;
}