public function checkAuth()
{
//if (!empty($_SESSION[$this->config->appname]['user']['id'])) {
if (api_session::get('user')) {
//api_log::log(api_log::INFO, 'Session exists');
//echo "Session exists";
return true;
}
return false;
}
/**
* Generate an authentication response
*
* @param
*/
function openid_provider_authentication_response($request)
{
//global $user;
// If the user is not yet logged in, redirect to the login page before continuing.
$user = api_session::get('user');
if (!$user) {
//$_SESSION['openid_provider']['request'] = $request;
// Set in endpoint method
// api_session::set('openid_request', $request);
$this->openid_redirect_http('/login');
}
// Determine the realm (openid.trust_root in 1.x)
$realm = empty($request['openid.realm']) ? $request['openid.trust_root'] : $request['openid.realm'];
// Check if realm is OK?
if (!$this->check_realm($realm)) {
throw new Exception("Realm not ok");
$this->openid_redirect_http('/error');
}
// Check for a directed identity request.
if ($request['openid.identity'] == 'http://specs.openid.net/auth/2.0/identifier_select') {
//$identity = url(openid_provider_user_url($user->uid), array('absolute' => TRUE));
$identity = 'http://local.openid_provider/user/' . $user['id'] . '/identity';
} else {
$identity = $request['openid.identity'];
if ($identity != url(openid_provider_user_url($user['id']), array('absolute' => TRUE))) {
$response = openid_provider_authentication_error($request['openid.mode']);
openid_redirect($request['openid.return_to'], $response);
}
}
$response = array('openid.ns' => OPENID_NS_2_0, 'openid.mode' => 'id_res', 'openid.op_endpoint' => 'http://local.openid_provider/openid/provider', 'openid.identity' => $identity, 'openid.claimed_id' => $identity, 'openid.return_to' => $request['openid.return_to'], 'openid.response_nonce' => $this->openid_provider_nonce(), 'openid.assoc_handle' => $request['openid.assoc_handle'], 'openid.sreg.nickname' => $user['username'], 'openid.sreg.email' => $user['email']);
// Is the RP requesting Immediate or Indirect mode?
if ($request['openid.mode'] == 'checkid_immediate') {
// TODO
}
$parts = parse_url($request['openid.return_to']);
if (isset($parts['query'])) {
$query = $parts['query'];
$q = $this->openid_get_params($query);
foreach ($q as $key => $val) {
$response[$key] = $val;
}
}
// calling hook_openid so we can do response parsing and send any pertinent data back to the user
// TODO ???? //$response = array_merge($response, module_invoke_all('openid_provider', 'response', $response, $request));
// Skipping trust step, if the realm is ok then its trusted.
$rp = $this->openid_provider_rp_load($user['id'], $realm);
if (empty($rp)) {
echo "Create rp";
$this->openid_provider_rp_save($user['id'], $realm, TRUE);
}
$rp = $this->openid_provider_rp_load($user['id'], $realm);
echo "\nrp: ";
print_r($rp);
echo "\n";
if ($rp) {
//$rp->auto_release) {
$response = $this->openid_provider_sign($response);
//$this->openid_provider_rp_save($user['id'], $realm, TRUE);
return $this->openid_redirect_http($response['openid.return_to'], $response);
} else {
// Unset global post variable, otherwise FAPI will assume it has been
// submitted against openid_provider_form.
unset($_POST);
//return drupal_get_form('openid_provider_form', $response, $realm);
//$this->openid_redirect_http('/trust');
throw new Exception("Association error");
}
}
