if (isset($_REQUEST['logout'])) {
unset($_SESSION);
session_destroy();
- header('Location: ' . Tools::fullUrl('/'));
+ //delete last openid cookie.
+ // if you deliberately log out, you do not want to be logged in
+ // automatically on the next page reload.
+ setcookie('lastopenid', '0', time() - 3600);
+
+ header('Location: ' . Tools::fullUrl());
exit();
}
+$bAutologin = false;
+if (isset($_GET['autologin']) && $_GET['autologin']
+ && isset($_COOKIE['lastopenid'])
+) {
+ $bAutologin = true;
+ // autologin=1: start openid autologin
+ // autologin=2: response from openid server
+ if ($_GET['autologin'] == 1) {
+ $_POST['openid_url'] = $_COOKIE['lastopenid'];
+ }
+}
+
if (!count($_GET) && !count($_POST)) {
- render('login');
+ render(
+ 'login',
+ array(
+ 'openid' => isset($_COOKIE['lastopenid'])
+ ? $_COOKIE['lastopenid'] : 'http://'
+ )
+ );
exit();
}
$openid_url = null;
}
-$realm = Tools::fullUrl('/');
-$returnTo = Tools::fullUrl('/login');
+$realm = Tools::fullUrl();
+$returnTo = Tools::fullUrl('login');
+if ($bAutologin) {
+ $returnTo = Tools::fullUrl('login?autologin=2');
+}
try {
$o = new \OpenID_RelyingParty($returnTo, $realm, $openid_url);
-} catch (OpenID_Exception $e) {
- $contents = "<div class='openid_results'>\n";
- $contents .= "<pre>" . $e->getMessage() . "</pre>\n";
- $contents .= "</div class='openid_results'>";
- include_once 'openid/wrapper.php';
- exit;
+} catch (\OpenID_Exception $e) {
+ throw new Exception($e->getMessage());
}
if (!empty($_POST['disable_associations']) || !empty($_SESSION['disable_associations'])) {
$_SESSION['disable_associations'] = true;
}
-$log = new \OpenID_Observer_Log;
-\OpenID::attach($log);
-
if (isset($_POST['openid_url'])) {
$_SESSION['openid_url'] = $openid_url;
try {
$authRequest = $o->prepare();
- } catch (OpenID_Exception $e) {
- $contents = "<div class='openid_results'>\n";
- $contents .= "<pre>" . $e->getMessage() . "</pre>\n";
- $contents .= "</div class='openid_results'>";
- include_once 'openid/wrapper.php';
- exit;
+ if ($bAutologin) {
+ $authRequest->setMode(\OpenID::MODE_CHECKID_IMMEDIATE);
+ }
+ } catch (\OpenID_Exception $e) {
+ if ($bAutologin) {
+ $alres = new Login_AutologinResponse('error', $e->getMessage());
+ $alres->send();
+ exit(0);
+ }
+ throw new Exception($e->getMessage());
+ } catch (\Exception $e) {
+ if ($bAutologin) {
+ $alres = new Login_AutologinResponse('error', $e->getMessage());
+ $alres->send();
+ exit(0);
+ }
+ throw $e;
}
// SREG
$sreg->set('required', 'email,fullname');
$authRequest->addExtension($sreg);
- // AX
+ // AX, http://stackoverflow.com/a/7657061/282601
$ax = new \OpenID_Extension_AX(\OpenID_Extension::REQUEST);
$ax->set('type.email', 'http://axschema.org/contact/email');
$ax->set('type.firstname', 'http://axschema.org/namePerson/first');
$ax->set('type.lastname', 'http://axschema.org/namePerson/last');
+ $ax->set('type.fullname', 'http://axschema.org/namePerson');
$ax->set('mode', 'fetch_request');
- $ax->set('required', 'email,firstname,lastname');
+ $ax->set('required', 'email,firstname,lastname,fullname');
$authRequest->addExtension($ax);
$url = $authRequest->getAuthorizeURL();
$mode = $message->get('openid.mode');
try {
- $result = $o->verify(new \Net_URL2($returnTo . '?' . $queryString), $message);
+ $sep = '?';
+ if (strpos($returnTo, '?') !== false) {
+ $sep = '&';
+ }
+ $result = $o->verify(new \Net_URL2($returnTo . $sep . $queryString), $message);
if ($result->success()) {
$status = "<tr><td>Status:</td><td><font color='green'>SUCCESS!";
$status .= " ({$result->getAssertionMethod()})</font></td></tr>";
} else {
+ if ($bAutologin) {
+ $alres = new Login_AutologinResponse(
+ 'error', 'Error logging in: ' . $result->getAssertionMethod()
+ );
+ $alres->send();
+ exit(0);
+ }
+ throw new Exception('Error logging in');
$status = "<tr><td>Status:</td><td><font color='red'>FAIL!";
$status .= " ({$result->getAssertionMethod()})</font></td></tr>";
}
-} catch (OpenID_Exception $e) {
+} catch (\OpenID_Exception $e) {
+ if ($bAutologin) {
+ $alres = new Login_AutologinResponse('error', $e->getMessage());
+ $alres->send();
+ exit(0);
+ }
+ throw new Exception('Error logging in');
$status = "<tr><td>Status:</td><td><font color='red'>EXCEPTION!";
$status .= " ({$e->getMessage()} : {$e->getCode()})</font></td></tr>";
}
$email = isset($openid['openid.sreg.email']) && !isset($email)
? $openid['openid.sreg.email']
: $email;
-$email = isset($openid['openid.ax.value.email']) && !isset($email)
+$email = isset($openid['openid.ax.value.email'])
+ && isset($openid['openid.ax.type.email'])
+ && $openid['openid.ax.type.email'] == 'http://axschema.org/contact/email'
+ && !isset($email)
? $openid['openid.ax.value.email']
: $email;
$_SESSION['email'] = isset($email)
$name = isset($openid['openid.sreg.fullname']) && !isset($name)
? $openid['openid.sreg.fullname']
: $name;
+$name = isset($openid['openid.ax.value.fullname'])
+ && isset($openid['openid.ax.type.fullname'])
+ && $openid['openid.ax.type.fullname'] == 'http://axschema.org/namePerson'
+ && !isset($name)
+ ? $openid['openid.ax.value.fullname']
+ : $name;
$_SESSION['name'] = isset($name) ? $name : $_SERVER['REMOTE_ADDR'];
$_SESSION['identity'] = $openid['openid.identity'];
+setcookie('tried-autologin', '0', time() - 3600);//delete
+setcookie('lastopenid', $_SESSION['identity'], time() + 84600 * 60);
+
+if ($bAutologin) {
+ $alres = new Login_AutologinResponse('ok');
+ $alres->name = $_SESSION['name'];
+ $alres->identity = $_SESSION['identity'];
+ $alres->send();
+ exit(0);
+}
+
+
+$url = '';
if (isset($_SESSION['REQUEST_URI'])) {
- $redirect = Tools::fullUrl($_SESSION['REQUEST_URI']);
-} else {
- $redirect = Tools::fullUrl('/');
+ $url = substr($_SESSION['REQUEST_URI'], 1);
}
+$redirect = Tools::fullUrl($url);
header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
exit;
?>
git.cweiske.de / phorkie.git / blobdiff