/**
* Returns identity URL of logged in user or false
*
* @return mixed
*/
public function getLoggedInUser()
{
// user is logged in via Tine 2.0 already
if (($user = Tinebase_Core::getUser()) instanceof Tinebase_Model_FullUser) {
return dirname(Zend_OpenId::selfUrl()) . '/users/' . (isset($user->openid) ? $user->openid : $user->accountLoginName);
}
// user has authenticated via OpenId before
if (isset($this->_sessionNameSpace->logged_in)) {
return $this->_sessionNameSpace->logged_in;
}
return false;
}
function HandleObjectCategories($objectCategoryIds)
{
global $prefs;
$perspectivelib = TikiLib::lib('perspective');
$current_object = current_object();
if (!$current_object) {
// only used on tiki objects
return;
}
$descendants = $this->get_category_descendants($prefs['areas_root']);
$objectPerspective = 0;
if (!empty($objectCategoryIds)) {
if (!isset($_SESSION['current_perspective'])) {
unset($_SESSION['current_perspective']);
}
foreach ($objectCategoryIds as $categId) {
// If category is inside $prefs['areas_root']
if (in_array($categId, $descendants)) {
$area = $this->getAreaByCategId($categId);
if ($area) {
$objectPerspective = $area['perspectives'][0];
// use 1st persp
break;
}
}
}
if ($objectPerspective && $objectPerspective != $_SESSION['current_perspective']) {
$area = $this->getAreaByPerspId($_SESSION['current_perspective']);
$objectArea = $this->getAreaByPerspId($objectPerspective);
if ($area && !$area['share_common'] || $objectArea && $objectArea['exclusive']) {
$perspectivelib->set_perspective($objectPerspective, true);
Zend_OpenId::redirect(Zend_OpenId::selfUrl());
}
}
}
if ($objectPerspective < 1 && !empty($_SESSION['current_perspective'])) {
// uncategorised objects
$area = $this->getAreaByPerspId($_SESSION['current_perspective']);
if ($area) {
if (!$area['share_common']) {
$perspectivelib->set_perspective($objectPerspective, true);
Zend_OpenId::redirect(Zend_OpenId::selfUrl());
}
}
}
}
/**
* Returns an absolute URL for the given one
*
* @param string $url absilute or relative URL
* @return string
*/
public static function absoluteUrl($url)
{
if (empty($url)) {
return Zend_OpenId::selfUrl();
} else {
if (!preg_match('|^([^:]+)://|', $url)) {
if (preg_match('|^([^:]+)://([^:@]*(?:[:][^@]*)?@)?([^/:@?#]*)(?:[:]([^/?#]*))?(/[^?]*)?((?:[?](?:[^#]*))?(?:#.*)?)$|', Zend_OpenId::selfUrl(), $reg)) {
$scheme = $reg[1];
$auth = $reg[2];
$host = $reg[3];
$port = $reg[4];
$path = $reg[5];
$query = $reg[6];
if ($url[0] == '/') {
return $scheme . '://' . $auth . $host . (empty($port) ? '' : ':' . $port) . $url;
} else {
$dir = dirname($path);
return $scheme . '://' . $auth . $host . (empty($port) ? '' : ':' . $port) . (strlen($dir) > 1 ? $dir : '') . '/' . $url;
}
}
}
}
return $url;
}
/**
* Performs check of OpenID identity.
*
* This is the first step of OpenID authentication process.
* On success the function does not return (it does HTTP redirection to
* server and exits). On failure it returns false.
*
* @param bool $immediate enables or disables interaction with user
* @param string $id OpenID identity
* @param string $returnTo HTTP URL to redirect response from server to
* @param string $root HTTP URL to identify consumer on server
* @param mixed $extensions extension object or array of extensions objects
* @param Zend_Controller_Response_Abstract $response an optional response
* object to perform HTTP or HTML form redirection
* @return bool
*/
protected function _checkId($immediate, $id, $returnTo = null, $root = null, $extensions = null, Zend_Controller_Response_Abstract $response = null)
{
$this->_setError('');
if (!Zend_OpenId::normalize($id)) {
$this->_setError("Normalisation failed");
return false;
}
$claimedId = $id;
if (!$this->_discovery($id, $server, $version)) {
$this->_setError("Discovery failed: " . $this->getError());
return false;
}
if (!$this->_associate($server, $version)) {
$this->_setError("Association failed: " . $this->getError());
return false;
}
if (!$this->_getAssociation($server, $handle, $macFunc, $secret, $expires)) {
/* Use dumb mode */
unset($handle);
unset($macFunc);
unset($secret);
unset($expires);
}
$params = array();
if ($version >= 2.0) {
$params['openid.ns'] = Zend_OpenId::NS_2_0;
}
$params['openid.mode'] = $immediate ? 'checkid_immediate' : 'checkid_setup';
$params['openid.identity'] = $id;
$params['openid.claimed_id'] = $claimedId;
if ($version <= 2.0) {
if ($this->_session !== null) {
$this->_session->identity = $id;
$this->_session->claimed_id = $claimedId;
} else {
if (defined('SID')) {
$_SESSION["zend_openid"] = array("identity" => $id, "claimed_id" => $claimedId);
} else {
require_once "Zend/Session/Namespace.php";
$this->_session = new Zend_Session_Namespace("zend_openid");
$this->_session->identity = $id;
$this->_session->claimed_id = $claimedId;
}
}
}
if (isset($handle)) {
$params['openid.assoc_handle'] = $handle;
}
$params['openid.return_to'] = Zend_OpenId::absoluteUrl($returnTo);
if (empty($root)) {
$root = Zend_OpenId::selfUrl();
if ($root[strlen($root) - 1] != '/') {
$root = dirname($root);
}
}
if ($version >= 2.0) {
$params['openid.realm'] = $root;
} else {
$params['openid.trust_root'] = $root;
}
if (!Zend_OpenId_Extension::forAll($extensions, 'prepareRequest', $params)) {
$this->_setError("Extension::prepareRequest failure");
return false;
}
Zend_OpenId::redirect($server, $params, $response);
return true;
}
/**
* Perepares information to send back to consumer's authentication request
* and signs it using shared secret.
*
* @param float $version OpenID protcol version
* @param array $ret arguments to be send back to consumer
* @param array $params GET or POST request variables
* @param mixed $extensions extension object or array of extensions objects
* @return array
*/
protected function _respond($version, $ret, $params, $extensions = null)
{
if (empty($params['openid_assoc_handle']) || !$this->_storage->getAssociation($params['openid_assoc_handle'], $macFunc, $secret, $expires)) {
/* Use dumb mode */
if (!empty($params['openid_assoc_handle'])) {
$ret['openid.invalidate_handle'] = $params['openid_assoc_handle'];
}
$macFunc = $version >= 2.0 ? 'sha256' : 'sha1';
$secret = $this->_genSecret($macFunc);
$handle = uniqid();
$expiresIn = $this->_sessionTtl;
$this->_storage->addAssociation($handle, $macFunc, $secret, time() + $expiresIn);
$ret['openid.assoc_handle'] = $handle;
} else {
$ret['openid.assoc_handle'] = $params['openid_assoc_handle'];
}
if (isset($params['openid_return_to'])) {
$ret['openid.return_to'] = $params['openid_return_to'];
}
if (isset($params['openid_claimed_id'])) {
$ret['openid.claimed_id'] = $params['openid_claimed_id'];
}
if (isset($params['openid_identity'])) {
$ret['openid.identity'] = $params['openid_identity'];
}
if ($version >= 2.0) {
if (!empty($this->_opEndpoint)) {
$ret['openid.op_endpoint'] = $this->_opEndpoint;
} else {
$ret['openid.op_endpoint'] = Zend_OpenId::selfUrl();
}
}
$ret['openid.response_nonce'] = gmdate('Y-m-d\\TH:i:s\\Z') . uniqid();
$ret['openid.mode'] = 'id_res';
Zend_OpenId_Extension::forAll($extensions, 'prepareResponse', $ret);
$signed = '';
$data = '';
foreach ($ret as $key => $val) {
if (strpos($key, 'openid.') === 0) {
$key = substr($key, strlen('openid.'));
if (!empty($signed)) {
$signed .= ',';
}
$signed .= $key;
$data .= $key . ':' . $val . "\n";
}
}
$signed .= ',signed';
$data .= 'signed:' . $signed . "\n";
$ret['openid.signed'] = $signed;
$ret['openid.sig'] = base64_encode(Zend_OpenId::hashHmac($macFunc, $data, $secret));
return $ret;
}
/**
* handle all kinds of openId requests
*
* @return void
*/
public function openId()
{
Tinebase_Core::startCoreSession();
$server = new Tinebase_OpenId_Provider(null, null, new Tinebase_OpenId_Provider_User_Tine20(), new Tinebase_OpenId_Provider_Storage());
$server->setOpEndpoint(dirname(Zend_OpenId::selfUrl()) . '/index.php?method=Tinebase.openId');
// handle openId login form
if (isset($_POST['openid_action']) && $_POST['openid_action'] === 'login') {
$server->login($_POST['openid_identifier'], $_POST['password'], $_POST['username']);
unset($_GET['openid_action']);
$this->_setJsonKeyCookie();
Zend_OpenId::redirect(dirname(Zend_OpenId::selfUrl()) . '/index.php', $_GET);
// display openId login form
} else {
if (isset($_GET['openid_action']) && $_GET['openid_action'] === 'login') {
$view = new Zend_View();
$view->setScriptPath('Tinebase/views');
$view->openIdIdentity = $_GET['openid_identity'];
$view->loginName = $_GET['openid_identity'];
header('Content-Type: text/html; charset=utf-8');
echo $view->render('openidLogin.php');
// handle openId trust form
} else {
if (isset($_POST['openid_action']) && $_POST['openid_action'] === 'trust') {
if (isset($_POST['allow'])) {
if (isset($_POST['forever'])) {
$server->allowSite($server->getSiteRoot($_GET));
}
$server->respondToConsumer($_GET);
} else {
if (isset($_POST['deny'])) {
if (isset($_POST['forever'])) {
$server->denySite($server->getSiteRoot($_GET));
}
Zend_OpenId::redirect($_GET['openid_return_to'], array('openid.mode' => 'cancel'));
}
}
// display openId trust form
} else {
if (isset($_GET['openid_action']) && $_GET['openid_action'] === 'trust') {
if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) {
Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . " Display openId trust screen");
}
$view = new Zend_View();
$view->setScriptPath('Tinebase/views');
$view->openIdConsumer = $server->getSiteRoot($_GET);
$view->openIdIdentity = $server->getLoggedInUser();
header('Content-Type: text/html; charset=utf-8');
echo $view->render('openidTrust.php');
// handle all other openId requests
} else {
$result = $server->handle();
if (is_string($result)) {
echo $result;
} elseif ($result !== true) {
header('HTTP/1.0 403 Forbidden');
return;
}
}
}
}
}
}
/**
* testing testSelfUrl
*
*/
public function testSelfUrl()
{
unset($_SERVER['SCRIPT_URI']);
unset($_SERVER['HTTPS']);
unset($_SERVER['HTTP_HOST']);
unset($_SERVER['SERVER_NAME']);
unset($_SERVER['SERVER_PORT']);
unset($_SERVER['SCRIPT_URL']);
unset($_SERVER['REDIRECT_URL']);
unset($_SERVER['PHP_SELF']);
unset($_SERVER['SCRIPT_NAME']);
unset($_SERVER['PATH_INFO']);
$this->assertSame( 'http://', Zend_OpenId::selfUrl() );
$_SERVER['SCRIPT_URI'] = "http://www.test.com/";
$this->assertSame( 'http://www.test.com/', Zend_OpenId::selfUrl() );
unset($_SERVER['SCRIPT_URI']);
$_SERVER['HTTP_HOST'] = "www.test.com";
$_SERVER['SERVER_NAME'] = "www.wrong.com";
$this->assertSame( 'http://www.test.com', Zend_OpenId::selfUrl() );
$_SERVER['HTTP_HOST'] = "www.test.com:80";
$this->assertSame( 'http://www.test.com', Zend_OpenId::selfUrl() );
$_SERVER['HTTP_HOST'] = "www.test.com:8080";
$this->assertSame( 'http://www.test.com:8080', Zend_OpenId::selfUrl() );
$_SERVER['HTTP_HOST'] = "www.test.com";
$_SERVER['SERVER_PORT'] = "80";
$this->assertSame( 'http://www.test.com', Zend_OpenId::selfUrl() );
$_SERVER['SERVER_PORT'] = "8080";
$this->assertSame( 'http://www.test.com:8080', Zend_OpenId::selfUrl() );
unset($_SERVER['HTTP_HOST']);
unset($_SERVER['SERVER_PORT']);
$_SERVER['SERVER_NAME'] = "www.test.com";
$this->assertSame( 'http://www.test.com', Zend_OpenId::selfUrl() );
$_SERVER['SERVER_PORT'] = "80";
$this->assertSame( 'http://www.test.com', Zend_OpenId::selfUrl() );
$_SERVER['SERVER_PORT'] = "8080";
$this->assertSame( 'http://www.test.com:8080', Zend_OpenId::selfUrl() );
unset($_SERVER['SERVER_PORT']);
$_SERVER['HTTPS'] = "on";
$this->assertSame( 'https://www.test.com', Zend_OpenId::selfUrl() );
$_SERVER['SERVER_PORT'] = "443";
$this->assertSame( 'https://www.test.com', Zend_OpenId::selfUrl() );
$_SERVER['SERVER_PORT'] = "8080";
$this->assertSame( 'https://www.test.com:8080', Zend_OpenId::selfUrl() );
unset($_SERVER['SERVER_PORT']);
unset($_SERVER['HTTPS']);
$_SERVER['SCRIPT_URL'] = '/test.php';
$_SERVER['PHP_SELF'] = '/bug.php';
$_SERVER['SCRIPT_NAME'] = '/bug.php';
$_SERVER['PATH_INFO'] = '/bug';
$this->assertSame( 'http://www.test.com/test.php', Zend_OpenId::selfUrl() );
unset($_SERVER['SCRIPT_URL']);
$_SERVER['REDIRECT_URL'] = '/ok';
$_SERVER['PHP_SELF'] = '/bug.php';
$_SERVER['SCRIPT_NAME'] = '/bug.php';
$_SERVER['PATH_INFO'] = '/bug';
$this->assertSame( 'http://www.test.com/ok', Zend_OpenId::selfUrl() );
unset($_SERVER['REDIRECT_URL']);
$_SERVER['PHP_SELF'] = '/test.php';
$this->assertSame( 'http://www.test.com/test.php', Zend_OpenId::selfUrl() );
unset($_SERVER['PHP_SELF']);
$_SERVER['SCRIPT_NAME'] = '/test.php';
$_SERVER['PATH_INFO'] = '/ok';
$this->assertSame( 'http://www.test.com/test.php/ok', Zend_OpenId::selfUrl() );
unset($_SERVER['PATH_INFO']);
$this->assertSame( 'http://www.test.com/test.php', Zend_OpenId::selfUrl() );
}
/**
* testing setSelfUrl
*
*/
public function testSetSelfUrl()
{
unset($_SERVER['SCRIPT_URI']);
unset($_SERVER['HTTPS']);
unset($_SERVER['HTTP_HOST']);
unset($_SERVER['SERVER_NAME']);
unset($_SERVER['SERVER_PORT']);
unset($_SERVER['SCRIPT_URL']);
unset($_SERVER['REDIRECT_URL']);
unset($_SERVER['PHP_SELF']);
unset($_SERVER['SCRIPT_NAME']);
unset($_SERVER['PATH_INFO']);
$_SERVER['SCRIPT_URI'] = "http://www.test.com/";
$this->assertSame('http://www.test.com/', Zend_OpenId::selfUrl());
$this->assertSame(null, Zend_OpenId::setSelfUrl("http://localhost/test"));
$this->assertSame("http://localhost/test", Zend_OpenId::selfUrl());
$this->assertSame("http://localhost/test", Zend_OpenId::setSelfUrl());
$this->assertSame('http://www.test.com/', Zend_OpenId::selfUrl());
$this->assertSame(null, Zend_OpenId::setSelfUrl());
$this->assertSame('http://www.test.com/', Zend_OpenId::selfUrl());
}
echo Zend_OpenId::selfUrl();
?>
"
method="post" onsubmit="this.login.disabled=true;">
<fieldset id="openid">
<legend>OpenID Login</legend>
<input type="hidden" name="openid_action" value="login">
<div>
<input type="text" name="openid_identifier" class="openid_login" value="<?php
echo $id;
?>
">
<input type="submit" name="login" value="login">
<table border="0" cellpadding="2" cellspacing="2">
<tr><td> </td><td>requird</td><td>optional</td><td>none</td><td> </td></tr>
<?php
echo "{$sreg_html}<br>\n";
?>
</table>
<br>
<a href="<?php
echo dirname(Zend_OpenId::selfUrl());
?>
/test_server.php?openid.action=register">register</a>
</div>
</fieldset>
</form>
</div>
</body>
</html>
/**
* Performs check of OpenID identity.
*
* This is the first step of OpenID authentication process.
* On success the function does not return (it does HTTP redirection to
* server and exits). On failure it returns false.
*
* @param bool $immediate enables or disables interaction with user
* @param string $id OpenID identity
* @param string $returnTo HTTP URL to redirect response from server to
* @param string $root HTTP URL to identify consumer on server
* @param mixed $extensions extension object or array of extensions objects
* @param Zend_Controller_Response_Abstract $response an optional response
* object to perform HTTP or HTML form redirection
* @return bool
*/
protected function _checkId($immediate, $id, $returnTo = null, $root = null, $extensions = null, Zend_Controller_Response_Abstract $response = null)
{
if (!Zend_OpenId::normalize($id)) {
return false;
}
$claimedId = $id;
if (!$this->_discovery($id, $server, $version)) {
return false;
}
if (!$this->_associate($server, $version)) {
return false;
}
if (!$this->_getAssociation($server, $handle, $macFunc, $secret, $expires)) {
/* Use dumb mode */
unset($handle);
unset($macFunc);
unset($secret);
unset($expires);
}
$params = array();
if ($version >= 2.0) {
$params['openid.ns'] = Zend_OpenId::NS_2_0;
}
$params['openid.mode'] = $immediate ? 'checkid_immediate' : 'checkid_setup';
$params['openid.identity'] = $id;
$params['openid.claimed_id'] = $claimedId;
if (isset($handle)) {
$params['openid.assoc_handle'] = $handle;
}
$params['openid.return_to'] = Zend_OpenId::absoluteUrl($returnTo);
if (empty($root)) {
$root = dirname(Zend_OpenId::selfUrl());
}
if ($version >= 2.0) {
$params['openid.realm'] = $root;
} else {
$params['openid.trust_root'] = $root;
}
if (!Zend_OpenId_Extension::forAll($extensions, 'prepareRequest', $params)) {
return false;
}
Zend_OpenId::redirect($server, $params, $response);
return true;
}
function wikiplugin_subscribegroup($data, $params)
{
global $tiki_p_subscribe_groups, $userlib, $user, $smarty;
static $iSubscribeGroup = 0;
++$iSubscribeGroup;
if (empty($user)) {
return '';
}
if ($tiki_p_subscribe_groups != 'y') {
return tra('Permission denied');
}
extract($params, EXTR_SKIP);
if (empty($group)) {
if (!empty($_REQUEST['group'])) {
$group = $_REQUEST['group'];
} else {
return tra('Missing parameter');
}
}
if ($group == 'Anonymous' || $group == 'Registered') {
return tra('Incorrect param');
}
if (!($info = $userlib->get_group_info($group)) || $info['groupName'] != $group) {
// must have the right case
return tra('Incorrect param');
}
if ($info['userChoice'] != 'y') {
return tra('Permission denied');
}
$groups = $userlib->get_user_groups_inclusion($user);
$current_defgroup = $userlib->get_user_default_group($user);
if (!empty($_REQUEST['subscribeGroup']) && !empty($_REQUEST['iSubscribeGroup']) && $_REQUEST['iSubscribeGroup'] == $iSubscribeGroup && $_REQUEST['group'] == $group) {
if (isset($defgroup) || isset($defgroup_action) || isset($undefgroup) || isset($undefgroup_action)) {
if ($current_defgroup == $group) {
$new_group = !empty($undefgroup_group) ? $undefgroup_group : 'Registered';
$userlib->set_default_group($user, $new_group);
} else {
if (!isset($groups[$group])) {
$userlib->assign_user_to_group($user, $group);
}
$userlib->set_default_group($user, $group);
}
if (!empty($params['defgroup_url']) && $params['defgroup_url'] === 'n') {
Zend_OpenId::redirect(Zend_OpenId::selfUrl());
} else {
global $tikiroot;
Zend_OpenId::redirect($tikiroot);
}
die;
} else {
if (isset($groups[$group])) {
$userlib->remove_user_from_group($user, $group);
unset($groups[$group]);
if (!empty($postunsubscribe_url)) {
header("Location: {$postunsubscribe_url}");
die;
}
} else {
$userlib->assign_user_to_group($user, $group);
$groups[$group] = 'real';
if (!empty($postsubscribe_url)) {
header("Location: {$postsubscribe_url}");
die;
}
}
}
}
if (isset($undefgroup) || isset($undefgroup_action)) {
if ($current_defgroup == $group) {
$text = isset($undefgroup) ? $undefgroup : '';
if (!isset($undefgroup_action)) {
$undefgroup_action = tra('OK');
}
$smarty->assign('action', $undefgroup_action);
} else {
$text = isset($defgroup) ? $defgroup : '';
if (!isset($defgroup_action)) {
$defgroup_action = tra('OK');
}
$smarty->assign('action', $defgroup_action);
}
} else {
if (isset($groups[$group])) {
//user already in the group->
if ($groups[$group] == 'included') {
return tra('Incorrect param');
}
$text = isset($unsubscribe) ? $unsubscribe : tra('Unsubscribe') . '%s';
if (!isset($unsubscribe_action)) {
$unsubscribe_action = tra('OK');
}
$smarty->assign('action', $unsubscribe_action);
} else {
$text = isset($subscribe) ? $subscribe : tra('Subscribe') . '%s';
if (!isset($subscribe_action)) {
$subscribe_action = tra('OK');
}
$smarty->assign('action', $subscribe_action);
}
}
$smarty->assign('text', sprintf(tra($text), $group));
$smarty->assign('subscribeGroup', $group);
$smarty->assign('iSubscribeGroup', $iSubscribeGroup);
$data = $data . $smarty->fetch('wiki-plugins/wikiplugin_subscribegroup.tpl');
return $data;
}
color: #000;
padding-left: 18px;
width: 220px;
margin-right: 10px;
}
</style>
</head>
<body>
<?php echo "$status<br>\n";?>
<div>
<form action="<?php echo Zend_OpenId::selfUrl(); ?>"
method="post" onsubmit="this.login.disabled=true;">
<fieldset id="openid">
<legend>OpenID Login</legend>
<input type="hidden" name="openid_action" value="login">
<div>
<input type="text" name="openid_identifier" class="openid_login" value="<?php echo $id;?>">
<input type="submit" name="login" value="login">
<table border="0" cellpadding="2" cellspacing="2">
<tr><td> </td><td>requird</td><td>optional</td><td>none</td><td> </td></tr>
<?php echo "$sreg_html<br>\n";?>
</table>
<br>
<a href="<?php echo dirname(Zend_OpenId::selfUrl()); ?>/test_server.php?openid.action=register">register</a>
</div>
</fieldset>
</form>
</div>
</body>
</html>
/**
* Performs check of OpenID identity.
*
* This is the first step of OpenID authentication process.
* On success the function does not return (it does HTTP redirection to
* server and exits). On failure it returns false.
*
* @param bool $immediate enables or disables interaction with user
* @param string $id OpenID identity
* @param string $returnTo HTTP URL to redirect response from server to
* @param string $root HTTP URL to identify consumer on server
* @param mixed $extensions extension object or array of extensions objects
* @param Zend_Controller_Response_Abstract $response an optional response
* object to perform HTTP or HTML form redirection
* @return bool
*/
protected function _checkId($immediate, $id, $returnTo = null, $root = null, $extensions = null, Zend_Controller_Response_Abstract $response = null)
{
$this->_setError('');
if (!Zend_OpenId::normalize($id)) {
$this->_setError("Normalisation failed");
return false;
}
$claimedId = $id;
if (!$this->_discovery($id, $server, $version)) {
$this->_setError("Discovery failed: " . $this->getError());
return false;
}
if (!$this->_associate($server, $version)) {
$this->_setError("Association failed: " . $this->getError());
return false;
}
if (!$this->_getAssociation($server, $handle, $macFunc, $secret, $expires)) {
/* Use dumb mode */
unset($handle);
unset($macFunc);
unset($secret);
unset($expires);
}
$params = array();
if ($version >= 2.0) {
$params['openid.ns'] = Zend_OpenId::NS_2_0;
}
$params['openid.mode'] = $immediate ? 'checkid_immediate' : 'checkid_setup';
$params['openid.identity'] = $id;
$params['openid.claimed_id'] = $claimedId;
if ($version <= 2.0) {
if ($this->_session !== null) {
$this->_session->identity = $id;
$this->_session->claimed_id = $claimedId;
if ($server == 'https://www.google.com/accounts/o8/ud') {
$params['openid.identity'] = 'http://specs.openid.net/auth/2.0/identifier_select';
$params['openid.claimed_id'] = 'http://specs.openid.net/auth/2.0/identifier_select';
$params['openid.ns.ax'] = 'http://openid.net/srv/ax/1.0';
$params['openid.ax.mode'] = 'fetch_request';
$params['openid.ax.type.email'] = 'http://axschema.org/contact/email';
$params['openid.ax.type.country'] = 'http://axschema.org/contact/country/home';
$params['openid.ax.type.firstname'] = 'http://axschema.org/namePerson/first';
$params['openid.ax.type.lastname'] = 'http://axschema.org/namePerson/last';
$params['openid.ax.type.language'] = 'http://axschema.org/pref/language';
$params['openid.ax.required'] = 'country,firstname,email,language,lastname';
}
} else {
if (defined('SID')) {
$_SESSION["zend_openid"] = array("identity" => $id, "claimed_id" => $claimedId);
} else {
require_once "Zend/Session/Namespace.php";
$this->_session = new Zend_Session_Namespace("zend_openid");
$this->_session->identity = $id;
$this->_session->claimed_id = $claimedId;
}
}
}
if (isset($handle)) {
$params['openid.assoc_handle'] = $handle;
}
$params['openid.return_to'] = Zend_OpenId::absoluteUrl($returnTo);
if (empty($root)) {
$root = Zend_OpenId::selfUrl();
if ($root[strlen($root) - 1] != '/') {
$root = dirname($root);
}
}
if ($version >= 2.0) {
$params['openid.realm'] = $root;
} else {
$params['openid.trust_root'] = $root;
}
if (!Zend_OpenId_Extension::forAll($extensions, 'prepareRequest', $params)) {
$this->_setError("Extension::prepareRequest failure");
return false;
}
Zend_OpenId::redirect($server, $params, $response);
return true;
}