* @link http://indiewebcamp.com/auth-brainstorming
* @link https://indieauth.com/developers
*/
+header('IndieAuth: authorization_endpoint');
+if (($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD')
+ && count($_GET) == 0
+) {
+ include 'about.php';
+ exit();
+}
require_once 'Net/URL2.php';
+require_once 'OpenID.php';
require_once 'OpenID/RelyingParty.php';
require_once 'OpenID/Message.php';
require_once 'OpenID/Exception.php';
function loadDb()
{
- $db = new PDO('sqlite:' . __DIR__ . '/../data/tokens.sq3');
+ $pharFile = \Phar::running();
+ if ($pharFile == '') {
+ $dsn = 'sqlite:' . __DIR__ . '/../data/tokens.sq3';
+ $cfgFilePath = __DIR__ . '/config.php';
+ } else {
+ //remove phar:// from the path
+ $dir = dirname(substr($pharFile, 7)) . '/';
+ $dsn = 'sqlite:' . $dir . '/tokens.sq3';
+ $cfgFilePath = substr($pharFile, 7) . '.config.php';
+ }
+ //allow overriding DSN
+ if (file_exists($cfgFilePath)) {
+ include $cfgFilePath;
+ }
+
+ $db = new PDO($dsn);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->exec("CREATE TABLE IF NOT EXISTS authtokens(
code TEXT,
. $file;
}
-header('IndieAuth: authorization_endpoint');
session_start();
$returnTo = getBaseUrl();
$realm = getBaseUrl();
$message = new \OpenID_Message($queryString, \OpenID_Message::FORMAT_HTTP);
$id = $message->get('openid.claimed_id');
- if ($id != $_SESSION['me']) {
+ if (OpenID::normalizeIdentifier($id) != OpenID::normalizeIdentifier($_SESSION['me'])) {
error(
sprintf(
'Given identity URL "%s" and claimed OpenID "%s" do not match',
}
} catch (OpenID_Exception $e) {
error('Error verifying OpenID login: ' . $e->getMessage());
+ } catch (Exception $e) {
+ error(get_class($e) . ': ' . $e->getMessage());
}
}
try {
$o = new \OpenID_RelyingParty($returnTo, $realm, $me);
+ //if you get timeouts (errors like
+ // OpenID error: Request timed out after 3 second(s)
+ //) then uncomment the following line which disables
+ // all timeouts:
+ //$o->setRequestOptions(array('follow_redirects' => true));
$authRequest = $o->prepare();
$url = $authRequest->getAuthorizeURL();
header("Location: $url");
exit(0);
} catch (OpenID_Exception $e) {
error('OpenID error: ' . $e->getMessage());
+ } catch (Exception $e) {
+ error(get_class($e) . ': ' . $e->getMessage());
}
} else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$redirect_uri = verifyUrlParameter($_POST, 'redirect_uri');
$me = validate_token($token, $redirect_uri, $client_id, $state);
if ($me === false) {
- header('HTTP/1.0 400 Bad Request');
- echo "Validating token failed\n";
- exit(1);
+ error('Validating token failed');
}
header('Content-type: application/x-www-form-urlencoded');
echo 'me=' . urlencode($me);