$handler = new SimpleActionHandler($query, $consumer); if (isset($query['identity_url']) && $query['identity_url'] != 'http://') { $identity_url = $query['identity_url']; $ret = $consumer->find_identity_info($identity_url); if (!$ret) { COM_updateSpeedlimit('login'); $property = sprintf('%x', crc32($query['identity_url'])); COM_updateSpeedlimit('openid', $property); COM_errorLog('Unable to find an OpenID server for the identity URL ' . $identity_url); echo COM_refresh($_CONF['site_url'] . '/users.php?msg=89'); } else { // Found identity server info. list($identity_url, $server_id, $server_url) = $ret; // Redirect the user-agent to the OpenID server // which we are requesting information from. header('Location: ' . $consumer->handle_request($server_id, $server_url, oidUtil::append_args($_CONF['site_url'] . '/users.php', array('openid_login' => '1', 'open_id' => $identity_url)), $_CONF['site_url'], null, "email,nickname,fullname")); // Required fields. exit; } } elseif (isset($query['openid.mode']) || isset($query['openid_mode'])) { $openid_mode = ''; if (isset($query['openid.mode'])) { $openid_mode = $query['openid.mode']; } else { if (isset($query['openid_mode'])) { $openid_mode = $query['openid_mode']; } } if ($openid_mode == 'cancel') { COM_updateSpeedlimit('login'); echo COM_refresh($_CONF['site_url'] . '/users.php?msg=90');
function checkid($req) { // This function does the logic for the checkid functions. // Since the only difference in behavior between them is how // authentication errors are handled, this does all logic for // dealing with successful authentication, and raises an // exception for its caller to handle on a failed authentication. $tr = TrustRoot::parse($req->get('trust_root')); if (!$tr) { //raise ProtocolError('Malformed trust_root: %s' % req.trust_root) $error = sprintf('Malformed trust_root: %s', $req->get('trust_root')); return OpenIDServer::_error_page($error); } if (!$tr->isSane()) { // raise ProtocolError('trust_root %r makes no sense' % req.trust_root) $error = sprintf('trust_root %s makes no sense', $req->get('trust_root')); return OpenIDServer::_error_page($error); } if (!$tr->validateURL($req->get('return_to'))) { // raise ProtocolError('url(%s) not valid against trust_root(%s)' % ( // req.return_to, req.trust_root)) $error = sprintf('url(%s) not valid against trust_root(%s)', $req->get('return_to'), $req->get('trust_root')); return OpenIDServer::_error_page($error); } if (!$this->is_valid($req)) { // raise AuthenticationError return _oid_authentication_error; } $reply = array('openid.mode' => 'id_res', 'openid.return_to' => $req->get('return_to'), 'openid.identity' => $req->get('identity')); $assoc_handle = $req->get('assoc_handle'); if ($assoc_handle) { $assoc = $this->estore->lookup($assoc_handle, 'HMAC-SHA1'); // fall back to dumb mode if assoc_handle not found, // and send the consumer an invalidate_handle message if (!$assoc || $assoc->get_expires_in() <= 0) { if ($assoc && $assoc->get_expires_in() <= 0) { $this->estore->remove($assoc->handle); } $assoc = $this->istore->get('HMAC-SHA1'); $reply['openid.invalidate_handle'] = $assoc_handle; } } else { $assoc = $this->istore->get('HMAC-SHA1'); } $reply['openid.assoc_handle'] = $assoc->handle; $_signed_fields = array('mode', 'identity', 'return_to'); list($signed, $sig) = oidUtil::sign_reply($reply, $assoc->secret, $_signed_fields); $reply['openid.signed'] = $signed; $reply['openid.sig'] = $sig; return redirect(oidUtil::append_args($req->get('return_to'), $reply)); }
function get_setup_response($req) { $args = array('identity' => $req->get('identity'), 'trust_root' => $req->get('trust_root'), 'fail_to' => oidUtil::append_args($req->get('return_to'), array('openid.mode' => 'cancel')), 'success_to' => oidUtil::append_args(addr, $req->args), 'action' => 'allow'); return redirect(oidUtil::append_args(addr, $args)); }
function create_return_to($url, $identity_url, $kwargs) { // Returns an return_to url, with required identity_url, and // optional args $kwargs['identity'] = $identity_url; return oidUtil::append_args($url, $kwargs); }
function createReturnTo($base_url, $identity_url, $args = null) { if (!is_array($args)) { $args = array(); } $args['open_id'] = $identity_url; return oidUtil::append_args($base_url, $args); }
function create_return_to($base, $identity) { $args = array('id' => $identity, 'time' => (string) time()); $args['v'] = oidUtil::to_b64(oidUtil::hmacsha1($this->secret, $args['id'] . $args['time'])); return oidUtil::append_args($base, $args); }