3 $pageRequiresLogin = false;
4 $noSecurityCheck = true;
5 require_once 'www-header.php';
7 if (isset($_REQUEST['logout'])) {
10 header('Location: ' . Tools::fullUrl('/'));
14 if (!count($_GET) && !count($_POST)) {
19 // Hackaround Non-Javascript Login Page
20 if (!count($_POST) && isset($_GET['openid_url'])) {
24 if (isset($_POST['openid_url'])) {
25 $openid_url = $_POST['openid_url'];
26 } else if (isset($_SESSION['openid_url'])) {
27 $openid_url = $_SESSION['openid_url'];
32 $realm = Tools::fullUrl('/');
33 $returnTo = Tools::fullUrl('/login');
36 $o = new \OpenID_RelyingParty($returnTo, $realm, $openid_url);
37 } catch (OpenID_Exception $e) {
38 $contents = "<div class='openid_results'>\n";
39 $contents .= "<pre>" . $e->getMessage() . "</pre>\n";
40 $contents .= "</div class='openid_results'>";
41 include_once 'openid/wrapper.php';
45 if (!empty($_POST['disable_associations']) || !empty($_SESSION['disable_associations'])) {
46 $o->disableAssociations();
47 $_SESSION['disable_associations'] = true;
50 $log = new \OpenID_Observer_Log;
51 \OpenID::attach($log);
53 if (isset($_POST['openid_url'])) {
55 $_SESSION['openid_url'] = $openid_url;
57 $authRequest = $o->prepare();
58 } catch (OpenID_Exception $e) {
59 $contents = "<div class='openid_results'>\n";
60 $contents .= "<pre>" . $e->getMessage() . "</pre>\n";
61 $contents .= "</div class='openid_results'>";
62 include_once 'openid/wrapper.php';
67 $sreg = new \OpenID_Extension_SREG11(\OpenID_Extension::REQUEST);
68 $sreg->set('required', 'email,fullname');
69 $authRequest->addExtension($sreg);
72 $ax = new \OpenID_Extension_AX(\OpenID_Extension::REQUEST);
73 $ax->set('type.email', 'http://axschema.org/contact/email');
74 $ax->set('type.firstname', 'http://axschema.org/namePerson/first');
75 $ax->set('type.lastname', 'http://axschema.org/namePerson/last');
76 $ax->set('mode', 'fetch_request');
77 $ax->set('required', 'email,firstname,lastname');
78 $authRequest->addExtension($ax);
80 $url = $authRequest->getAuthorizeURL();
82 header("Location: $url");
87 if (isset($_SESSION['openid_url'])) {
88 $usid = $_SESSION['openid_url'];
89 unset($_SESSION['openid_url']);
94 unset($_SESSION['disable_associations']);
97 list(, $queryString) = explode('?', $_SERVER['REQUEST_URI']);
99 // I hate php sometimes
100 $queryString = file_get_contents('php://input');
103 $message = new \OpenID_Message($queryString, \OpenID_Message::FORMAT_HTTP);
104 $id = $message->get('openid.claimed_id');
105 $mode = $message->get('openid.mode');
108 $result = $o->verify(new \Net_URL2($returnTo . '?' . $queryString), $message);
110 if ($result->success()) {
111 $status = "<tr><td>Status:</td><td><font color='green'>SUCCESS!";
112 $status .= " ({$result->getAssertionMethod()})</font></td></tr>";
114 $status = "<tr><td>Status:</td><td><font color='red'>FAIL!";
115 $status .= " ({$result->getAssertionMethod()})</font></td></tr>";
117 } catch (OpenID_Exception $e) {
118 $status = "<tr><td>Status:</td><td><font color='red'>EXCEPTION!";
119 $status .= " ({$e->getMessage()} : {$e->getCode()})</font></td></tr>";
123 $openid = $message->getArrayFormat();
125 $email = isset($openid['openid.ext1.value.email'])
126 ? $openid['openid.ext1.value.email']
128 $email = isset($openid['openid.ext2.value.email']) && !isset($email)
129 ? $openid['openid.ext2.value.email']
131 $email = isset($openid['openid.sreg.email']) && !isset($email)
132 ? $openid['openid.sreg.email']
134 $email = isset($openid['openid.ax.value.email']) && !isset($email)
135 ? $openid['openid.ax.value.email']
137 $_SESSION['email'] = isset($email)
139 : $GLOBALS['phorkie']['auth']['anonymousEmail'];
141 $name = isset($openid['openid.ext1.value.firstname'])
142 && isset($openid['openid.ext1.value.lastname'])
143 ? $openid['openid.ext1.value.firstname'] . ' '
144 . $openid['openid.ext1.value.lastname']
146 $name = isset($openid['openid.sreg.fullname']) && !isset($name)
147 ? $openid['openid.sreg.fullname']
150 $_SESSION['name'] = isset($name) ? $name : $_SERVER['REMOTE_ADDR'];
151 $_SESSION['identity'] = $openid['openid.identity'];
153 $redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SESSION['REQUEST_URI'];
154 header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));