www/login.php

   1 <?php
   2 /**
   3  * OpenID
   4  *
   5  * PHP Version 5.2.0+
   6  *
   7  * @category  Auth
   8  * @package   OpenID
   9  * @author    Bill Shupp <hostmaster@shupp.org>
  10  * @copyright 2009 Bill Shupp
  11  * @license   http://www.opensource.org/licenses/bsd-license.php FreeBSD
  12  * @link      http://github.com/shupp/openid
  13  */
  14 namespace phorkie;
  15 // A tool for testing Relying Party functionality
  16 set_include_path(
  17     __DIR__ . '/../../src/'
  18     . PATH_SEPARATOR . get_include_path()
  19 );
  20
  21 $pageRequiresLogin = false;
  22 require_once 'www-header.php';
  23 require_once 'openid/config.php';
  24
  25
  26 if (isset($_REQUEST['logout'])) {
  27     unset($_SESSION);
  28     session_destroy();
  29     $redirect = 'http://' . $_SERVER['HTTP_HOST'];
  30     header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
  31     exit;
  32 }
  33
  34 if (!count($_GET) && !count($_POST)) {
  35     render(
  36         'login',
  37         null
  38     );
  39     exit;
  40 }
  41
  42 // Hackaround Non-Javascript Login Page
  43 if (!count($_POST) && isset($_GET['start'])) {
  44     $_POST = $_GET;
  45 }
  46
  47 if (isset($_POST['openid_url'])) {
  48     $openid_url = $_POST['openid_url'];
  49 } else if (isset($_SESSION['openid_url'])) {
  50     $openid_url = $_SESSION['openid_url'];
  51 } else {
  52     $openid_url = null;
  53 }
  54
  55 try {
  56     $o = new \OpenID_RelyingParty($returnTo, $realm, $openid_url);
  57 } catch (OpenID_Exception $e) {
  58     $contents  = "<div class='openid_results'>\n";
  59     $contents .= "<pre>" . $e->getMessage() . "</pre>\n";
  60     $contents .= "</div class='openid_results'>";
  61     include_once 'openid/wrapper.php';
  62     exit;
  63 }
  64
  65 if (!empty($_POST['disable_associations']) || !empty($_SESSION['disable_associations'])) {
  66     $o->disableAssociations();
  67     $_SESSION['disable_associations'] = true;
  68 }
  69
  70 $log = new \OpenID_Observer_Log;
  71 \OpenID::attach($log);
  72
  73 if (isset($_POST['start'])) {
  74
  75     $_SESSION['openid_url'] = $openid_url;
  76     try {
  77         $authRequest = $o->prepare();
  78     } catch (OpenID_Exception $e) {
  79         $contents  = "<div class='openid_results'>\n";
  80         $contents .= "<pre>" . $e->getMessage() . "</pre>\n";
  81         $contents .= "</div class='openid_results'>";
  82         include_once 'openid/wrapper.php';
  83         exit;
  84     }
  85
  86     // SREG
  87     $sreg = new \OpenID_Extension_SREG11(\OpenID_Extension::REQUEST);
  88     $sreg->set('required', 'email,fullname');
  89     $authRequest->addExtension($sreg);
  90
  91     // AX
  92     $ax = new \OpenID_Extension_AX(\OpenID_Extension::REQUEST);
  93     $ax->set('type.email', 'http://axschema.org/contact/email');
  94     $ax->set('type.firstname', 'http://axschema.org/namePerson/first');
  95     $ax->set('type.lastname', 'http://axschema.org/namePerson/last');
  96     $ax->set('mode', 'fetch_request');
  97     $ax->set('required', 'email,firstname,lastname');
  98     $authRequest->addExtension($ax);
  99
 100     $url = $authRequest->getAuthorizeURL();
 101
 102     header("Location: $url");
 103     exit;
 104
 105 } else {
 106     if (isset($_SESSION['openid_url'])) {
 107         $usid = $_SESSION['openid_url'];
 108         unset($_SESSION['openid_url']);
 109     } else {
 110         $usid = null;
 111     }
 112
 113     unset($_SESSION['disable_associations']);
 114
 115     if (!count($_POST)) {
 116         list(, $queryString) = explode('?', $_SERVER['REQUEST_URI']);
 117     } else {
 118         // I hate php sometimes
 119         $queryString = file_get_contents('php://input');
 120     }
 121
 122     $message = new \OpenID_Message($queryString, \OpenID_Message::FORMAT_HTTP);
 123     $id      = $message->get('openid.claimed_id');
 124     $mode    = $message->get('openid.mode');
 125
 126     try {
 127         $result = $o->verify(new \Net_URL2($returnTo . '?' . $queryString), $message);
 128
 129         if ($result->success()) {
 130             $status  = "<tr><td>Status:</td><td><font color='green'>SUCCESS!";
 131             $status .= " ({$result->getAssertionMethod()})</font></td></tr>";
 132         } else {
 133             $status  = "<tr><td>Status:</td><td><font color='red'>FAIL!";
 134             $status .= " ({$result->getAssertionMethod()})</font></td></tr>";
 135         }
 136     } catch (OpenID_Exception $e) {
 137         $status  = "<tr><td>Status:</td><td><font color='red'>EXCEPTION!";
 138         $status .= " ({$e->getMessage()} : {$e->getCode()})</font></td></tr>";
 139     }
 140
 141     // OAuth hyprid fetching access token
 142     if (isset($_SESSION['OAuth_consumer_key'],
 143               $_SESSION['OAuth_consumer_secret'],
 144               $_SESSION['OAuth_access_token_url'],
 145               $_SESSION['OAuth_access_token_method'])) {
 146
 147         try {
 148             $oauth = new \OpenID_Extension_OAuth(\OpenID_Extension::RESPONSE,
 149                                                 $message);
 150
 151             // Fix line lengths.
 152             $consumerKey    = $_SESSION['OAuth_consumer_key'];
 153             $consumerSecret = $_SESSION['OAuth_consumer_key'];
 154             $tokenURL       = $_SESSION['OAuth_access_token_url'];
 155             $tokenMethod    = $_SESSION['OAuth_access_token_method'];
 156
 157             $oauthData = $oauth->getAccessToken($consumerKey,
 158                                                 $consumerSecret,
 159                                                 $tokenURL,
 160                                                 array(),
 161                                                 $tokenMethod);
 162
 163         } catch (Exception $e) {
 164         }
 165     }
 166
 167     $openid = $message->getArrayFormat();
 168
 169     $email = isset($openid['openid.ext1.value.email'])
 170         ? $openid['openid.ext1.value.email']
 171         : null;
 172     $email = isset($openid['openid.ext2.value.email']) && !isset($email)
 173         ? $openid['openid.ext2.value.email']
 174         : $email;
 175     $email = isset($openid['openid.sreg.email']) && !isset($email)
 176         ? $openid['openid.sreg.email']
 177         : $email;
 178     $email = isset($openid['openid.ax.value.email']) && !isset($email)
 179         ? $openid['openid.ax.value.email']
 180         : $email;
 181     $_SESSION['email'] = isset($email)
 182         ? $email
 183         : $GLOBALS['phorkie']['auth']['anonymousEmail'];
 184
 185     $name = isset($openid['openid.ext1.value.firstname'])
 186         && isset($openid['openid.ext1.value.lastname'])
 187         ? $openid['openid.ext1.value.firstname'] . ' '
 188         . $openid['openid.ext1.value.lastname']
 189         : null;
 190     $name = isset($openid['openid.sreg.fullname']) && !isset($name)
 191         ? $openid['openid.sreg.fullname']
 192         : $name;
 193
 194     $_SESSION['name'] = isset($name) ? $name : $_SERVER['REMOTE_ADDR'];
 195     $_SESSION['identity'] = $openid['openid.identity'];
 196
 197     $redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SESSION['REQUEST_URI'];
 198     header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
 199     exit;
 200 }
 201
 202 ?>