www/login.php

   1 <?php
   2 namespace phorkie;
   3 $noSecurityCheck = true;
   4 require_once 'www-header.php';
   5
   6 if (isset($_REQUEST['logout'])) {
   7     unset($_SESSION);
   8     session_destroy();
   9     header('Location: ' . Tools::fullUrl('/'));
  10     exit();
  11 }
  12
  13 if (!count($_GET) && !count($_POST)) {
  14     render('login');
  15     exit();
  16 }
  17
  18 // Hackaround Non-Javascript Login Page
  19 if (!count($_POST) && isset($_GET['openid_url'])) {
  20     $_POST = $_GET;
  21 }
  22
  23 if (isset($_POST['openid_url'])) {
  24     $openid_url = $_POST['openid_url'];
  25 } else if (isset($_SESSION['openid_url'])) {
  26     $openid_url = $_SESSION['openid_url'];
  27 } else {
  28     $openid_url = null;
  29 }
  30
  31 $realm    = Tools::fullUrl('/');
  32 $returnTo = Tools::fullUrl('/login');
  33
  34 try {
  35     $o = new \OpenID_RelyingParty($returnTo, $realm, $openid_url);
  36 } catch (OpenID_Exception $e) {
  37     $contents  = "<div class='openid_results'>\n";
  38     $contents .= "<pre>" . $e->getMessage() . "</pre>\n";
  39     $contents .= "</div class='openid_results'>";
  40     include_once 'openid/wrapper.php';
  41     exit;
  42 }
  43
  44 if (!empty($_POST['disable_associations']) || !empty($_SESSION['disable_associations'])) {
  45     $o->disableAssociations();
  46     $_SESSION['disable_associations'] = true;
  47 }
  48
  49 $log = new \OpenID_Observer_Log;
  50 \OpenID::attach($log);
  51
  52 if (isset($_POST['openid_url'])) {
  53
  54     $_SESSION['openid_url'] = $openid_url;
  55     try {
  56         $authRequest = $o->prepare();
  57     } catch (OpenID_Exception $e) {
  58         $contents  = "<div class='openid_results'>\n";
  59         $contents .= "<pre>" . $e->getMessage() . "</pre>\n";
  60         $contents .= "</div class='openid_results'>";
  61         include_once 'openid/wrapper.php';
  62         exit;
  63     }
  64
  65     // SREG
  66     $sreg = new \OpenID_Extension_SREG11(\OpenID_Extension::REQUEST);
  67     $sreg->set('required', 'email,fullname');
  68     $authRequest->addExtension($sreg);
  69
  70     // AX
  71     $ax = new \OpenID_Extension_AX(\OpenID_Extension::REQUEST);
  72     $ax->set('type.email', 'http://axschema.org/contact/email');
  73     $ax->set('type.firstname', 'http://axschema.org/namePerson/first');
  74     $ax->set('type.lastname', 'http://axschema.org/namePerson/last');
  75     $ax->set('mode', 'fetch_request');
  76     $ax->set('required', 'email,firstname,lastname');
  77     $authRequest->addExtension($ax);
  78
  79     $url = $authRequest->getAuthorizeURL();
  80
  81     header("Location: $url");
  82     exit;
  83
  84 }
  85
  86 if (isset($_SESSION['openid_url'])) {
  87     $usid = $_SESSION['openid_url'];
  88     unset($_SESSION['openid_url']);
  89 } else {
  90     $usid = null;
  91 }
  92
  93 unset($_SESSION['disable_associations']);
  94
  95 if (!count($_POST)) {
  96     list(, $queryString) = explode('?', $_SERVER['REQUEST_URI']);
  97 } else {
  98     // I hate php sometimes
  99     $queryString = file_get_contents('php://input');
 100 }
 101
 102 $message = new \OpenID_Message($queryString, \OpenID_Message::FORMAT_HTTP);
 103 $id      = $message->get('openid.claimed_id');
 104 $mode    = $message->get('openid.mode');
 105
 106 try {
 107     $result = $o->verify(new \Net_URL2($returnTo . '?' . $queryString), $message);
 108
 109     if ($result->success()) {
 110         $status  = "<tr><td>Status:</td><td><font color='green'>SUCCESS!";
 111         $status .= " ({$result->getAssertionMethod()})</font></td></tr>";
 112     } else {
 113         $status  = "<tr><td>Status:</td><td><font color='red'>FAIL!";
 114         $status .= " ({$result->getAssertionMethod()})</font></td></tr>";
 115     }
 116 } catch (OpenID_Exception $e) {
 117     $status  = "<tr><td>Status:</td><td><font color='red'>EXCEPTION!";
 118     $status .= " ({$e->getMessage()} : {$e->getCode()})</font></td></tr>";
 119   }
 120
 121
 122 $openid = $message->getArrayFormat();
 123
 124 $email = isset($openid['openid.ext1.value.email'])
 125     ? $openid['openid.ext1.value.email']
 126     : null;
 127 $email = isset($openid['openid.ext2.value.email']) && !isset($email)
 128     ? $openid['openid.ext2.value.email']
 129     : $email;
 130 $email = isset($openid['openid.sreg.email']) && !isset($email)
 131     ? $openid['openid.sreg.email']
 132     : $email;
 133 $email = isset($openid['openid.ax.value.email']) && !isset($email)
 134     ? $openid['openid.ax.value.email']
 135     : $email;
 136 $_SESSION['email'] = isset($email)
 137     ? $email
 138     : $GLOBALS['phorkie']['auth']['anonymousEmail'];
 139
 140 $name = isset($openid['openid.ext1.value.firstname'])
 141     && isset($openid['openid.ext1.value.lastname'])
 142     ? $openid['openid.ext1.value.firstname'] . ' '
 143     . $openid['openid.ext1.value.lastname']
 144     : null;
 145 $name = isset($openid['openid.sreg.fullname']) && !isset($name)
 146     ? $openid['openid.sreg.fullname']
 147     : $name;
 148
 149 $_SESSION['name'] = isset($name) ? $name : $_SERVER['REMOTE_ADDR'];
 150 $_SESSION['identity'] = $openid['openid.identity'];
 151
 152 $redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SESSION['REQUEST_URI'];
 153 header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
 154 exit;
 155 ?>