public function BackUrl() { return OpenStackIdCommon::getRedirectBackUrl(); }
function index() { try { $member = Member::currentUser(); if ($member) { // user is already logged in return $this->redirect(OpenStackIdCommon::getRedirectBackUrl()); } $consumer = Injector::inst()->get('MyOpenIDConsumer'); $query = Auth_OpenID::getQuery(); $message = Auth_OpenID_Message::fromPostArgs($query); $nonce = $message->getArg(Auth_OpenID_OPENID2_NS, 'response_nonce'); list($timestamp, $salt) = Auth_OpenID_splitNonce($nonce); $claimed_id = $message->getArg(Auth_OpenID_OPENID2_NS, 'claimed_id'); error_log(sprintf('OpenStackIdAuthenticator : id %s - salt %s - timestamp %s', $claimed_id, $salt, $timestamp)); // Complete the authentication process using the server's response. $response = $consumer->complete(OpenStackIdCommon::getReturnTo()); if ($response->status == Auth_OpenID_CANCEL) { error_log('OpenStackIdAuthenticator : Auth_OpenID_CANCEL'); SS_Log::log('OpenStackIdAuthenticator : Auth_OpenID_CANCEL', SS_Log::WARN); throw new Exception('The verification was cancelled. Please try again.'); } else { if ($response->status == Auth_OpenID_FAILURE) { error_log('OpenStackIdAuthenticator : Auth_OpenID_FAILURE'); SS_Log::log('OpenStackIdAuthenticator : Auth_OpenID_FAILURE', SS_Log::WARN); throw new Exception("The OpenID authentication failed."); } else { if ($response->status == Auth_OpenID_SUCCESS) { error_log('OpenStackIdAuthenticator : Auth_OpenID_SUCCESS'); $openid = $response->getDisplayIdentifier(); $openid = OpenStackIdCommon::escape($openid); if ($response->endpoint->canonicalID) { $openid = escape($response->endpoint->canonicalID); } //get user info from openid response $member = null; list($email, $full_name) = $this->getUserProfileInfo($response); if (!is_null($email)) { //try to get user by email $member = $this->member_repository->findByEmail($email); } if (!$member) { // or by openid $member = Member::get()->filter('IdentityURL', $openid)->first(); } if ($member) { $result = $member->canLogIn(); if ($result->valid()) { $member->setIdentityUrl($openid); $member->write(); $member->LogIn(true); return $this->redirect(OpenStackIdCommon::getRedirectBackUrl()); } throw new Exception("Inactive User!"); } throw new Exception("The OpenID authentication failed: can not find user " . $openid); } } } } catch (Exception $ex) { Session::set("Security.Message.message", $ex->getMessage()); Session::set("Security.Message.type", "bad"); SS_Log::log($ex, SS_Log::WARN); return $this->redirect("Security/badlogin"); } }