3 $noSecurityCheck = true;
4 require_once 'www-header.php';
6 if (isset($_REQUEST['logout'])) {
9 //delete last openid cookie.
10 // if you deliberately log out, you do not want to be logged in
11 // automatically on the next page reload.
12 setcookie('lastopenid', '0', time() - 3600);
14 header('Location: ' . Tools::fullUrl());
19 if (isset($_GET['autologin']) && $_GET['autologin']
20 && isset($_COOKIE['lastopenid'])
23 // autologin=1: start openid autologin
24 // autologin=2: response from openid server
25 if ($_GET['autologin'] == 1) {
26 $_POST['openid_url'] = $_COOKIE['lastopenid'];
30 if (!count($_GET) && !count($_POST)) {
34 'openid' => isset($_COOKIE['lastopenid'])
35 ? $_COOKIE['lastopenid'] : 'http://'
41 // Hackaround Non-Javascript Login Page
42 if (!count($_POST) && isset($_GET['openid_url'])) {
46 if (isset($_POST['openid_url'])) {
47 $openid_url = $_POST['openid_url'];
48 } else if (isset($_SESSION['openid_url'])) {
49 $openid_url = $_SESSION['openid_url'];
54 $realm = Tools::fullUrl();
55 $returnTo = Tools::fullUrl('login');
57 $returnTo = Tools::fullUrl('login?autologin=2');
61 $o = new \OpenID_RelyingParty($returnTo, $realm, $openid_url);
62 } catch (\OpenID_Exception $e) {
63 throw new Exception($e->getMessage());
66 if (!empty($_POST['disable_associations']) || !empty($_SESSION['disable_associations'])) {
67 $o->disableAssociations();
68 $_SESSION['disable_associations'] = true;
71 if (isset($_POST['openid_url'])) {
73 $_SESSION['openid_url'] = $openid_url;
75 $authRequest = $o->prepare();
77 $authRequest->setMode(\OpenID::MODE_CHECKID_IMMEDIATE);
79 } catch (\OpenID_Exception $e) {
81 $alres = new Login_AutologinResponse('error', $e->getMessage());
85 throw new Exception($e->getMessage());
86 } catch (\Exception $e) {
88 $alres = new Login_AutologinResponse('error', $e->getMessage());
96 $sreg = new \OpenID_Extension_SREG11(\OpenID_Extension::REQUEST);
97 $sreg->set('required', 'email,fullname');
98 $authRequest->addExtension($sreg);
100 // AX, http://stackoverflow.com/a/7657061/282601
101 $ax = new \OpenID_Extension_AX(\OpenID_Extension::REQUEST);
102 $ax->set('type.email', 'http://axschema.org/contact/email');
103 $ax->set('type.firstname', 'http://axschema.org/namePerson/first');
104 $ax->set('type.lastname', 'http://axschema.org/namePerson/last');
105 $ax->set('type.fullname', 'http://axschema.org/namePerson');
106 $ax->set('mode', 'fetch_request');
107 $ax->set('required', 'email,firstname,lastname,fullname');
108 $authRequest->addExtension($ax);
110 $url = $authRequest->getAuthorizeURL();
112 header("Location: $url");
117 if (isset($_SESSION['openid_url'])) {
118 $usid = $_SESSION['openid_url'];
119 unset($_SESSION['openid_url']);
124 unset($_SESSION['disable_associations']);
126 if (!count($_POST)) {
127 list(, $queryString) = explode('?', $_SERVER['REQUEST_URI']);
129 // I hate php sometimes
130 $queryString = file_get_contents('php://input');
133 $message = new \OpenID_Message($queryString, \OpenID_Message::FORMAT_HTTP);
134 $id = $message->get('openid.claimed_id');
135 $mode = $message->get('openid.mode');
139 if (strpos($returnTo, '?') !== false) {
142 $result = $o->verify(new \Net_URL2($returnTo . $sep . $queryString), $message);
144 if ($result->success()) {
145 $status = "<tr><td>Status:</td><td><font color='green'>SUCCESS!";
146 $status .= " ({$result->getAssertionMethod()})</font></td></tr>";
149 $alres = new Login_AutologinResponse(
150 'error', 'Error logging in: ' . $result->getAssertionMethod()
155 throw new Exception('Error logging in');
156 $status = "<tr><td>Status:</td><td><font color='red'>FAIL!";
157 $status .= " ({$result->getAssertionMethod()})</font></td></tr>";
159 } catch (\OpenID_Exception $e) {
161 $alres = new Login_AutologinResponse('error', $e->getMessage());
165 throw new Exception('Error logging in');
166 $status = "<tr><td>Status:</td><td><font color='red'>EXCEPTION!";
167 $status .= " ({$e->getMessage()} : {$e->getCode()})</font></td></tr>";
171 $openid = $message->getArrayFormat();
173 $email = isset($openid['openid.ext1.value.email'])
174 ? $openid['openid.ext1.value.email']
176 $email = isset($openid['openid.ext2.value.email']) && !isset($email)
177 ? $openid['openid.ext2.value.email']
179 $email = isset($openid['openid.sreg.email']) && !isset($email)
180 ? $openid['openid.sreg.email']
182 $email = isset($openid['openid.ax.value.email'])
183 && isset($openid['openid.ax.type.email'])
184 && $openid['openid.ax.type.email'] == 'http://axschema.org/contact/email'
186 ? $openid['openid.ax.value.email']
188 $_SESSION['email'] = isset($email)
190 : $GLOBALS['phorkie']['auth']['anonymousEmail'];
192 $name = isset($openid['openid.ext1.value.firstname'])
193 && isset($openid['openid.ext1.value.lastname'])
194 ? $openid['openid.ext1.value.firstname'] . ' '
195 . $openid['openid.ext1.value.lastname']
197 $name = isset($openid['openid.sreg.fullname']) && !isset($name)
198 ? $openid['openid.sreg.fullname']
200 $name = isset($openid['openid.ax.value.fullname'])
201 && isset($openid['openid.ax.type.fullname'])
202 && $openid['openid.ax.type.fullname'] == 'http://axschema.org/namePerson'
204 ? $openid['openid.ax.value.fullname']
207 $_SESSION['name'] = isset($name) ? $name : $_SERVER['REMOTE_ADDR'];
208 $_SESSION['identity'] = $openid['openid.identity'];
210 setcookie('tried-autologin', '0', time() - 3600);//delete
211 setcookie('lastopenid', $_SESSION['identity'], time() + 84600 * 60);
214 $alres = new Login_AutologinResponse('ok');
215 $alres->name = $_SESSION['name'];
216 $alres->identity = $_SESSION['identity'];
223 if (isset($_SESSION['REQUEST_URI'])) {
224 $url = substr($_SESSION['REQUEST_URI'], 1);
226 $redirect = Tools::fullUrl($url);
227 header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));