X-Git-Url: https://git.cweiske.de/phorkie.git/blobdiff_plain/97c4ac59eed8b66b2e7f85d8ac325b063fb8a0ce..8c762aa599e4022654cf707125d7ac2ed6f194b0:/www/login.php diff --git a/www/login.php b/www/login.php index 87c34f4..5782521 100644 --- a/www/login.php +++ b/www/login.php @@ -1,11 +1,158 @@ getMessage()); +} + +if (!empty($_POST['disable_associations']) || !empty($_SESSION['disable_associations'])) { + $o->disableAssociations(); + $_SESSION['disable_associations'] = true; +} + +if (isset($_POST['openid_url'])) { + + $_SESSION['openid_url'] = $openid_url; + try { + $authRequest = $o->prepare(); + } catch (OpenID_Exception $e) { + throw new Exception($e->getMessage()); + } + + // SREG + $sreg = new \OpenID_Extension_SREG11(\OpenID_Extension::REQUEST); + $sreg->set('required', 'email,fullname'); + $authRequest->addExtension($sreg); + + // AX, http://stackoverflow.com/a/7657061/282601 + $ax = new \OpenID_Extension_AX(\OpenID_Extension::REQUEST); + $ax->set('type.email', 'http://axschema.org/contact/email'); + $ax->set('type.firstname', 'http://axschema.org/namePerson/first'); + $ax->set('type.lastname', 'http://axschema.org/namePerson/last'); + $ax->set('type.fullname', 'http://axschema.org/namePerson'); + $ax->set('mode', 'fetch_request'); + $ax->set('required', 'email,firstname,lastname,fullname'); + $authRequest->addExtension($ax); + + $url = $authRequest->getAuthorizeURL(); + + header("Location: $url"); + exit; + +} + +if (isset($_SESSION['openid_url'])) { + $usid = $_SESSION['openid_url']; + unset($_SESSION['openid_url']); +} else { + $usid = null; +} + +unset($_SESSION['disable_associations']); + +if (!count($_POST)) { + list(, $queryString) = explode('?', $_SERVER['REQUEST_URI']); +} else { + // I hate php sometimes + $queryString = file_get_contents('php://input'); +} + +$message = new \OpenID_Message($queryString, \OpenID_Message::FORMAT_HTTP); +$id = $message->get('openid.claimed_id'); +$mode = $message->get('openid.mode'); + +try { + $result = $o->verify(new \Net_URL2($returnTo . '?' . $queryString), $message); + + if ($result->success()) { + $status = "