git.cweiske.de / phorkie.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge branch 'master' into milestone
[phorkie.git] / www / login.php
1 <?php
2 namespace phorkie;
3 $noSecurityCheck = true;
4 require_once 'www-header.php';
5
6 if (isset($_REQUEST['logout'])) {
7     unset($_SESSION);
8     session_destroy();
9     header('Location: ' . Tools::fullUrl('/'));
10     exit();
11 }
12
13 if (!count($_GET) && !count($_POST)) {
14     render('login');
15     exit();
16 }
17
18 // Hackaround Non-Javascript Login Page
19 if (!count($_POST) && isset($_GET['openid_url'])) {
20     $_POST = $_GET;
21 }
22
23 if (isset($_POST['openid_url'])) {
24     $openid_url = $_POST['openid_url'];
25 } else if (isset($_SESSION['openid_url'])) {
26     $openid_url = $_SESSION['openid_url'];
27 } else {
28     $openid_url = null;
29 }
30
31 $realm    = Tools::fullUrl('/');
32 $returnTo = Tools::fullUrl('/login');
33
34 try {
35     $o = new \OpenID_RelyingParty($returnTo, $realm, $openid_url);
36 } catch (OpenID_Exception $e) {
37     throw new Exception($e->getMessage());
38 }
39
40 if (!empty($_POST['disable_associations']) || !empty($_SESSION['disable_associations'])) {
41     $o->disableAssociations();
42     $_SESSION['disable_associations'] = true;
43 }
44
45 $log = new \OpenID_Observer_Log;
46 \OpenID::attach($log);
47
48 if (isset($_POST['openid_url'])) {
49
50     $_SESSION['openid_url'] = $openid_url;
51     try {
52         $authRequest = $o->prepare();
53     } catch (OpenID_Exception $e) {
54         throw new Exception($e->getMessage());
55     }
56
57     // SREG
58     $sreg = new \OpenID_Extension_SREG11(\OpenID_Extension::REQUEST);
59     $sreg->set('required', 'email,fullname');
60     $authRequest->addExtension($sreg);
61
62     // AX, http://stackoverflow.com/a/7657061/282601
63     $ax = new \OpenID_Extension_AX(\OpenID_Extension::REQUEST);
64     $ax->set('type.email', 'http://axschema.org/contact/email');
65     $ax->set('type.firstname', 'http://axschema.org/namePerson/first');
66     $ax->set('type.lastname', 'http://axschema.org/namePerson/last');
67     $ax->set('type.fullname', 'http://axschema.org/namePerson');
68     $ax->set('mode', 'fetch_request');
69     $ax->set('required', 'email,firstname,lastname,fullname');
70     $authRequest->addExtension($ax);
71
72     $url = $authRequest->getAuthorizeURL();
73
74     header("Location: $url");
75     exit;
76     
77 }
78
79 if (isset($_SESSION['openid_url'])) {
80     $usid = $_SESSION['openid_url'];
81     unset($_SESSION['openid_url']);
82 } else {
83     $usid = null;
84 }
85
86 unset($_SESSION['disable_associations']);
87
88 if (!count($_POST)) {
89     list(, $queryString) = explode('?', $_SERVER['REQUEST_URI']);
90 } else {
91     // I hate php sometimes
92     $queryString = file_get_contents('php://input');
93 }
94
95 $message = new \OpenID_Message($queryString, \OpenID_Message::FORMAT_HTTP);
96 $id      = $message->get('openid.claimed_id');
97 $mode    = $message->get('openid.mode');
98
99 try {
100     $result = $o->verify(new \Net_URL2($returnTo . '?' . $queryString), $message);
101
102     if ($result->success()) {
103         $status  = "<tr><td>Status:</td><td><font color='green'>SUCCESS!";
104         $status .= " ({$result->getAssertionMethod()})</font></td></tr>";
105     } else {
106         $status  = "<tr><td>Status:</td><td><font color='red'>FAIL!";
107         $status .= " ({$result->getAssertionMethod()})</font></td></tr>";
108     }
109 } catch (OpenID_Exception $e) {
110     $status  = "<tr><td>Status:</td><td><font color='red'>EXCEPTION!";
111     $status .= " ({$e->getMessage()} : {$e->getCode()})</font></td></tr>";
112 }
113
114
115 $openid = $message->getArrayFormat();
116
117 $email = isset($openid['openid.ext1.value.email'])
118     ? $openid['openid.ext1.value.email']
119     : null;
120 $email = isset($openid['openid.ext2.value.email']) && !isset($email)
121     ? $openid['openid.ext2.value.email']
122     : $email;
123 $email = isset($openid['openid.sreg.email']) && !isset($email)
124     ? $openid['openid.sreg.email']
125     : $email;
126 $email = isset($openid['openid.ax.value.email'])
127     && isset($openid['openid.ax.type.email'])
128     && $openid['openid.ax.type.email'] == 'http://axschema.org/contact/email'
129     && !isset($email)
130     ? $openid['openid.ax.value.email']
131     : $email;
132 $_SESSION['email'] = isset($email)
133     ? $email
134     : $GLOBALS['phorkie']['auth']['anonymousEmail'];
135
136 $name = isset($openid['openid.ext1.value.firstname'])
137     && isset($openid['openid.ext1.value.lastname'])
138     ? $openid['openid.ext1.value.firstname'] . ' '
139     . $openid['openid.ext1.value.lastname']
140     : null;
141 $name = isset($openid['openid.sreg.fullname']) && !isset($name)
142     ? $openid['openid.sreg.fullname']
143     : $name;
144 $name = isset($openid['openid.ax.value.fullname'])
145     && isset($openid['openid.ax.type.fullname'])
146     && $openid['openid.ax.type.fullname'] == 'http://axschema.org/namePerson'
147     && !isset($name)
148     ? $openid['openid.ax.value.fullname']
149     : $name;
150
151 $_SESSION['name'] = isset($name) ? $name : $_SERVER['REMOTE_ADDR'];
152 $_SESSION['identity'] = $openid['openid.identity'];
153
154 if (isset($_SESSION['REQUEST_URI'])) {
155     $redirect = Tools::fullUrl($_SESSION['REQUEST_URI']);
156 } else {
157     $redirect = Tools::fullUrl('/');
158 }
159 header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
160 exit;
161 ?>
Self-hosted pastebin software written in PHP. Pastes are editable, may have multiple files and are stored in git repositories.