/**
* Performs authentication (or authentication check).
*
* @param float $version OpenID version
* @param array $params GET or POST request variables
* @param bool $immediate enables or disables interaction with user
* @param mixed $extensions extension object or array of extensions objects
* @param Zend\Controller\Response\AbstractResponse $response
* @return array
*/
protected function _checkId($version, $params, $immediate, $extensions = null, Response\AbstractResponse $response = null)
{
$ret = array();
if ($version >= 2.0) {
$ret['openid.ns'] = OpenID\OpenID::NS_2_0;
}
$root = $this->getSiteRoot($params);
if ($root === false) {
return false;
}
if (isset($params['openid_identity']) && !$this->_storage->hasUser($params['openid_identity'])) {
$ret['openid.mode'] = $immediate && $version >= 2.0 ? 'setup_needed' : 'cancel';
return $ret;
}
/* Check if user already logged in into the server */
if (!isset($params['openid_identity']) || $this->_user->getLoggedInUser() !== $params['openid_identity']) {
$params2 = array();
foreach ($params as $key => $val) {
if (strpos($key, 'openid_ns_') === 0) {
$key = 'openid.ns.' . substr($key, strlen('openid_ns_'));
} else {
if (strpos($key, 'openid_sreg_') === 0) {
$key = 'openid.sreg.' . substr($key, strlen('openid_sreg_'));
} else {
if (strpos($key, 'openid_') === 0) {
$key = 'openid.' . substr($key, strlen('openid_'));
}
}
}
$params2[$key] = $val;
}
if ($immediate) {
$params2['openid.mode'] = 'checkid_setup';
$ret['openid.mode'] = $version >= 2.0 ? 'setup_needed' : 'id_res';
$ret['openid.user_setup_url'] = $this->_loginUrl . (strpos($this->_loginUrl, '?') === false ? '?' : '&') . OpenID\OpenID::paramsToQuery($params2);
return $ret;
} else {
/* Redirect to Server Login Screen */
OpenID\OpenID::redirect($this->_loginUrl, $params2, $response);
return true;
}
}
if (!Extension\AbstractExtension::forAll($extensions, 'parseRequest', $params)) {
$ret['openid.mode'] = $immediate && $version >= 2.0 ? 'setup_needed' : 'cancel';
return $ret;
}
/* Check if user trusts to the consumer */
$trusted = null;
$sites = $this->_storage->getTrustedSites($params['openid_identity']);
if (isset($params['openid_return_to'])) {
$root = $params['openid_return_to'];
}
if (isset($sites[$root])) {
$trusted = $sites[$root];
} else {
foreach ($sites as $site => $t) {
if (strpos($root, $site) === 0) {
$trusted = $t;
break;
} else {
/* OpenID 2.0 (9.2) check for realm wild-card matching */
$n = strpos($site, '://*.');
if ($n != false) {
$regex = '/^' . preg_quote(substr($site, 0, $n + 3), '/') . '[A-Za-z1-9_\\.]+?' . preg_quote(substr($site, $n + 4), '/') . '/';
if (preg_match($regex, $root)) {
$trusted = $t;
break;
}
}
}
}
}
if (is_array($trusted)) {
if (!Extension\AbstractExtension::forAll($extensions, 'checkTrustData', $trusted)) {
$trusted = null;
}
}
if ($trusted === false) {
$ret['openid.mode'] = 'cancel';
return $ret;
} else {
if ($trusted === null) {
/* Redirect to Server Trust Screen */
$params2 = array();
foreach ($params as $key => $val) {
if (strpos($key, 'openid_ns_') === 0) {
$key = 'openid.ns.' . substr($key, strlen('openid_ns_'));
} else {
if (strpos($key, 'openid_sreg_') === 0) {
$key = 'openid.sreg.' . substr($key, strlen('openid_sreg_'));
} else {
if (strpos($key, 'openid_') === 0) {
$key = 'openid.' . substr($key, strlen('openid_'));
}
}
}
$params2[$key] = $val;
}
if ($immediate) {
$params2['openid.mode'] = 'checkid_setup';
$ret['openid.mode'] = $version >= 2.0 ? 'setup_needed' : 'id_res';
$ret['openid.user_setup_url'] = $this->_trustUrl . (strpos($this->_trustUrl, '?') === false ? '?' : '&') . OpenID\OpenID::paramsToQuery($params2);
return $ret;
} else {
OpenID\OpenID::redirect($this->_trustUrl, $params2, $response);
return true;
}
}
}
return $this->_respond($version, $ret, $params, $extensions);
}
/**
* testing testParamsToQuery
*
*/
public function testParamsToQuery()
{
$this->assertSame('', OpenID::paramsToQuery(array()));
$this->assertSame('a=1', OpenID::paramsToQuery(array('a' => 1)));
$this->assertSame('a=1&b=2', OpenID::paramsToQuery(array('a' => 1, 'b' => 2)));
$this->assertSame('a=x+y', OpenID::paramsToQuery(array('a' => 'x y')));
}
