www/login.php

   1 <?php
   2 namespace phorkie;
   3 $pageRequiresLogin = false;
   4 $noSecurityCheck = true;
   5 require_once 'www-header.php';
   6
   7 if (isset($_REQUEST['logout'])) {
   8     unset($_SESSION);
   9     session_destroy();
  10     header('Location: ' . Tools::fullUrl('/'));
  11     exit();
  12 }
  13
  14 if (!count($_GET) && !count($_POST)) {
  15     render('login');
  16     exit();
  17 }
  18
  19 // Hackaround Non-Javascript Login Page
  20 if (!count($_POST) && isset($_GET['openid_url'])) {
  21     $_POST = $_GET;
  22 }
  23
  24 if (isset($_POST['openid_url'])) {
  25     $openid_url = $_POST['openid_url'];
  26 } else if (isset($_SESSION['openid_url'])) {
  27     $openid_url = $_SESSION['openid_url'];
  28 } else {
  29     $openid_url = null;
  30 }
  31
  32 $realm    = Tools::fullUrl('/');
  33 $returnTo = Tools::fullUrl('/login');
  34
  35 try {
  36     $o = new \OpenID_RelyingParty($returnTo, $realm, $openid_url);
  37 } catch (OpenID_Exception $e) {
  38     $contents  = "<div class='openid_results'>\n";
  39     $contents .= "<pre>" . $e->getMessage() . "</pre>\n";
  40     $contents .= "</div class='openid_results'>";
  41     include_once 'openid/wrapper.php';
  42     exit;
  43 }
  44
  45 if (!empty($_POST['disable_associations']) || !empty($_SESSION['disable_associations'])) {
  46     $o->disableAssociations();
  47     $_SESSION['disable_associations'] = true;
  48 }
  49
  50 $log = new \OpenID_Observer_Log;
  51 \OpenID::attach($log);
  52
  53 if (isset($_POST['openid_url'])) {
  54
  55     $_SESSION['openid_url'] = $openid_url;
  56     try {
  57         $authRequest = $o->prepare();
  58     } catch (OpenID_Exception $e) {
  59         $contents  = "<div class='openid_results'>\n";
  60         $contents .= "<pre>" . $e->getMessage() . "</pre>\n";
  61         $contents .= "</div class='openid_results'>";
  62         include_once 'openid/wrapper.php';
  63         exit;
  64     }
  65
  66     // SREG
  67     $sreg = new \OpenID_Extension_SREG11(\OpenID_Extension::REQUEST);
  68     $sreg->set('required', 'email,fullname');
  69     $authRequest->addExtension($sreg);
  70
  71     // AX
  72     $ax = new \OpenID_Extension_AX(\OpenID_Extension::REQUEST);
  73     $ax->set('type.email', 'http://axschema.org/contact/email');
  74     $ax->set('type.firstname', 'http://axschema.org/namePerson/first');
  75     $ax->set('type.lastname', 'http://axschema.org/namePerson/last');
  76     $ax->set('mode', 'fetch_request');
  77     $ax->set('required', 'email,firstname,lastname');
  78     $authRequest->addExtension($ax);
  79
  80     $url = $authRequest->getAuthorizeURL();
  81
  82     header("Location: $url");
  83     exit;
  84
  85 }
  86
  87 if (isset($_SESSION['openid_url'])) {
  88     $usid = $_SESSION['openid_url'];
  89     unset($_SESSION['openid_url']);
  90 } else {
  91     $usid = null;
  92 }
  93
  94 unset($_SESSION['disable_associations']);
  95
  96 if (!count($_POST)) {
  97     list(, $queryString) = explode('?', $_SERVER['REQUEST_URI']);
  98 } else {
  99     // I hate php sometimes
 100     $queryString = file_get_contents('php://input');
 101 }
 102
 103 $message = new \OpenID_Message($queryString, \OpenID_Message::FORMAT_HTTP);
 104 $id      = $message->get('openid.claimed_id');
 105 $mode    = $message->get('openid.mode');
 106
 107 try {
 108     $result = $o->verify(new \Net_URL2($returnTo . '?' . $queryString), $message);
 109
 110     if ($result->success()) {
 111         $status  = "<tr><td>Status:</td><td><font color='green'>SUCCESS!";
 112         $status .= " ({$result->getAssertionMethod()})</font></td></tr>";
 113     } else {
 114         $status  = "<tr><td>Status:</td><td><font color='red'>FAIL!";
 115         $status .= " ({$result->getAssertionMethod()})</font></td></tr>";
 116     }
 117 } catch (OpenID_Exception $e) {
 118     $status  = "<tr><td>Status:</td><td><font color='red'>EXCEPTION!";
 119     $status .= " ({$e->getMessage()} : {$e->getCode()})</font></td></tr>";
 120   }
 121
 122
 123 $openid = $message->getArrayFormat();
 124
 125 $email = isset($openid['openid.ext1.value.email'])
 126     ? $openid['openid.ext1.value.email']
 127     : null;
 128 $email = isset($openid['openid.ext2.value.email']) && !isset($email)
 129     ? $openid['openid.ext2.value.email']
 130     : $email;
 131 $email = isset($openid['openid.sreg.email']) && !isset($email)
 132     ? $openid['openid.sreg.email']
 133     : $email;
 134 $email = isset($openid['openid.ax.value.email']) && !isset($email)
 135     ? $openid['openid.ax.value.email']
 136     : $email;
 137 $_SESSION['email'] = isset($email)
 138     ? $email
 139     : $GLOBALS['phorkie']['auth']['anonymousEmail'];
 140
 141 $name = isset($openid['openid.ext1.value.firstname'])
 142     && isset($openid['openid.ext1.value.lastname'])
 143     ? $openid['openid.ext1.value.firstname'] . ' '
 144     . $openid['openid.ext1.value.lastname']
 145     : null;
 146 $name = isset($openid['openid.sreg.fullname']) && !isset($name)
 147     ? $openid['openid.sreg.fullname']
 148     : $name;
 149
 150 $_SESSION['name'] = isset($name) ? $name : $_SERVER['REMOTE_ADDR'];
 151 $_SESSION['identity'] = $openid['openid.identity'];
 152
 153 $redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SESSION['REQUEST_URI'];
 154 header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
 155 exit;
 156 ?>