diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2013-12-29 20:45:58 -0200 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2013-12-29 20:45:58 -0200 |
commit | 97e689213ff4e829f251af526ed4e796a3cc2b71 (patch) | |
tree | b04d03ec56305041216b72328fc9b5afde27bc76 /mod/openid_server/openid_server_include.php | |
parent | 0ab6351abb7a602d96c62b0ad35413c88113a6cf (diff) | |
parent | 69e2d8c5d8732042c9319aef1fdea45a82b63e42 (diff) | |
download | elgg-97e689213ff4e829f251af526ed4e796a3cc2b71.tar.gz elgg-97e689213ff4e829f251af526ed4e796a3cc2b71.tar.bz2 |
Merge branch 'master' into saravea
Conflicts:
.gitmodules
mod/admins
mod/assemblies
mod/audio_html5
mod/beechat
mod/crud
mod/elgg-activitystreams
mod/elggman
mod/elggpg
mod/favorites
mod/federated-objects
mod/friendly_time
mod/group_alias
mod/group_operators
mod/languages
mod/lightpics
mod/openid_client
mod/spotlight
mod/suicide
mod/tasks
mod/videolist
Diffstat (limited to 'mod/openid_server/openid_server_include.php')
-rwxr-xr-x | mod/openid_server/openid_server_include.php | 340 |
1 files changed, 340 insertions, 0 deletions
diff --git a/mod/openid_server/openid_server_include.php b/mod/openid_server/openid_server_include.php new file mode 100755 index 000000000..6fbd319c4 --- /dev/null +++ b/mod/openid_server/openid_server_include.php @@ -0,0 +1,340 @@ +<?php
+/**
+ * An Elgg 1.x compatible store implementation
+ */
+
+ /**
+ * Require base class for creating a new interface.
+ */
+
+require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php");
+
+require_once 'Auth/OpenID.php';
+require_once 'Auth/OpenID/Interface.php';
+require_once 'Auth/OpenID/Consumer.php';
+try {
+ // include_once "Auth/OpenID/HMACSHA1.php";
+} catch(Exception $e) {
+ // new way :P
+ require_once "Auth/OpenID/HMAC.php";
+}
+require_once 'Auth/OpenID/Nonce.php';
+require_once 'Auth/OpenID/SReg.php';
+
+define('header_connection_close', 'Connection: close');
+
+function openid_server_delete_entity($entity)
+{
+ global $CONFIG;
+
+ $entity->clearMetadata();
+ $entity->clearAnnotations();
+ $guid = $entity->getGUID();
+ delete_data("DELETE from {$CONFIG->dbprefix}entities where guid={$guid}");
+}
+
+
+
+function openid_server_delete_entities($type = "", $subtype = "", $owner_guid = 0)
+ {
+ $entities = get_entities($type, $subtype, $owner_guid, "time_created desc", 0);
+
+ foreach ($entities as $entity) {
+ openid_server_delete_entity($entity);
+ }
+
+ return true;
+ }
+
+
+
+class OpenIDServer_ElggStore extends Auth_OpenID_OpenIDStore {
+
+ function resetAssociations () {
+ openid_server_delete_entities('object', 'openid_client::association');
+ }
+ function resetNonces () {
+ openid_server_delete_entities('object', 'openid_client::nonce');
+ }
+ function getAssociation ($server_url, $handle = null) {
+ if (isset($handle)) {
+ $meta_array = array(
+ 'server_url' => $server_url,
+ 'handle' => $handle
+ );
+ $assocs = elgg_get_entities_from_metadata(array('metadata_name_value_pairs' => $meta_array, 'types' => 'object', 'subtypes' => 'openid_client::association', 'metadata_name_value_pairs_operator' => 'and'));
+ } else {
+ $assocs = elgg_get_entities_from_metadata(array('metadata_names' => 'server_url', 'metadata_values' => $server_url, 'types' => 'object', 'subtypes' => 'openid_client::association', 'metadata_case_sensitive' => FALSE));
+ }
+
+ if (!$assocs || (count($assocs) == 0)) {
+ return null;
+ } else {
+ $associations = array();
+
+ foreach ($assocs as $assoc_row) {
+ $assoc = new Auth_OpenID_Association($assoc_row->handle,
+ base64_decode($assoc_row->secret),
+ $assoc_row->issued,
+ $assoc_row->lifetime,
+ $assoc_row->assoc_type);
+
+ if ($assoc->getExpiresIn() == 0) {
+ OpenIDServer_ElggStore::removeAssociation($server_url, $assoc->handle);
+ } else {
+ $associations[] = array($assoc->issued, $assoc);
+ }
+ }
+
+ if ($associations) {
+ $issued = array();
+ $assocs = array();
+ foreach ($associations as $key => $assoc) {
+ $issued[$key] = $assoc[0];
+ $assocs[$key] = $assoc[1];
+ }
+
+ array_multisort($issued, SORT_DESC, $assocs, SORT_DESC,
+ $associations);
+
+ // return the most recently issued one.
+ list($issued, $assoc) = $associations[0];
+ return $assoc;
+ } else {
+ return null;
+ }
+ }
+ }
+
+ function removeAssociation ($server_url, $handle) {
+ if (isset($handle)) {
+ $meta_array = array(
+ 'server_url' => $server_url,
+ 'handle' => $handle
+ );
+ $entities = elgg_get_entities_from_metadata(array('metadata_name_value_pairs' => $meta_array, 'types' => 'object', 'subtypes' => 'openid_client::association', 'metadata_name_value_pairs_operator' => 'and'));
+ } else {
+ $entities = elgg_get_entities_from_metadata(array('metadata_names' => 'server_url', 'metadata_values' => $server_url, 'types' => 'object', 'subtypes' => 'openid_client::association', 'metadata_case_sensitive' => FALSE));
+ }
+ if ($entities) {
+ foreach ($entities as $entity) {
+ openid_server_delete_entity($entity);
+ }
+ }
+ }
+ function reset () {
+ OpenIDServer_ElggStore::resetAssociations ();
+ OpenIDServer_ElggStore::resetNonces ();
+ }
+
+ function storeAssociation ($server_url, $association) {
+
+ // Initialise a new ElggObject
+ $association_obj = new ElggObject();
+
+ $association_obj->subtype = 'openid_client::association';
+ $association_obj->owner_guid = 0;
+ $association_obj->access_id = 2;
+ $association_obj->title = 'association';
+
+ if ($association_obj->save()) {
+ $association_obj->server_url = $server_url;
+ $association_obj->handle = $association->handle;
+ $association_obj->secret = base64_encode($association->secret);
+ $association_obj->issued = $association->issued;
+ $association_obj->lifetime = $association->lifetime;
+ $association_obj->assoc_type = $association->assoc_type;
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ function useNonce ( $server_url, $timestamp, $salt) {
+ global $Auth_OpenID_SKEW;
+
+ if ( abs($timestamp - time()) > $Auth_OpenID_SKEW ) {
+ return false;
+ }
+
+ // check to see if the nonce already exists
+
+ $meta_array = array(
+ 'server_url' => $server_url,
+ 'timestamp' => $timestamp,
+ 'salt' => $salt
+ );
+
+ $entities = elgg_get_entities_from_metadata(array('metadata_name_value_pairs' => $meta_array, 'types' => 'object', 'subtypes' => 'openid_client::nonce', 'metadata_name_value_pairs_operator' => 'and'));
+
+ if ($entities) {
+ // bad - this nonce is already in use
+ return false;
+ } else {
+ // Initialise a new ElggObject
+ $nonce_obj = new ElggObject();
+
+ $nonce_obj->subtype = 'openid_client::nonce';
+ $nonce_obj->owner_guid = 0;
+ $nonce_obj->title = 'nonce';
+
+ if ($nonce_obj->save()) {
+ $nonce_obj->server_url = $server_url;
+ $nonce_obj->timestamp = $timestamp;
+ $nonce_obj->salt = $salt;
+ return true;
+ } else {
+ return false;
+ }
+ }
+ }
+
+ function getTrustedSites() {
+
+ $results = elgg_get_entities_from_metadata(array('metadata_names' => 'openid_url', 'metadata_values' => getLoggedInUser(), 'types' => 'object', 'subtypes' => 'openid_server::trust_root', 'metadata_case_sensitive' => FALSE));
+
+ $sites = array();
+ if ($results) {
+ foreach ($results as $site) {
+ $sites[] = $site->trust_root;
+ }
+ }
+ return $sites;
+ }
+
+/**
+ * Returns the autologin URLs for every trusted site
+ */
+
+ function getAutoLoginSites() {
+
+ $default_trusted_sites = elgg_get_entities_from_metadata(array('metadata_names' => 'openid_url', 'metadata_values' => '', 'types' => 'object', 'subtypes' => 'openid_server::trust_root', 'metadata_case_sensitive' => FALSE));
+
+ $sites = array();
+ if ($default_trusted_sites) {
+ foreach ($default_trusted_sites as $site) {
+ if ($site->auto_login_url) {
+ $sites[] = $site;
+ }
+ }
+ }
+ return $sites;
+ }
+
+/**
+ * Returns the autologout URLs for every trusted site
+ */
+
+ function getAutoLogoutSites() {
+
+ $default_trusted_sites = elgg_get_entities_from_metadata(array('metadata_names' => 'openid_url', 'metadata_values' => '', 'types' => 'object', 'subtypes' => 'openid_server::trust_root', 'metadata_case_sensitive' => FALSE));
+
+ $sites = array();
+ if ($default_trusted_sites) {
+ foreach ($default_trusted_sites as $site) {
+ if ($site->auto_logout_url) {
+ $sites[] = $site;
+ }
+ }
+ }
+ return $sites;
+ }
+
+
+ function setTrustedSite($trust_root) {
+ $openid_url = getLoggedInUser();
+ $site = new ElggObject();
+ $site->subtype = 'openid_server::trust_root';
+ $site->owner_guid = 0;
+ $site->title = 'association';
+ $site->access_id = 2;
+
+ if ($site->save()) {
+ $site->openid_url = $openid_url;
+ $site->trust_root = $trust_root->trust_root;
+ $site->site_name = $trust_root->site_name;
+ $site->autologin = $trust_root->autologin;
+ $site->autologout = $trust_root->autologout;
+ $site->width = $trust_root->width;
+ $site->height = $trust_root->height;
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ function removeAllTrustedSites() {
+
+ $openid_url = getLoggedInUser();
+
+ if ($openid_url != null) {
+ $results = elgg_get_entities_from_metadata(array('metadata_names' => 'openid_url', 'metadata_values' => $openid_url, 'types' => 'object', 'subtypes' => 'openid_server::trust_root', 'metadata_case_sensitive' => FALSE));
+
+ if ($results) {
+ foreach($results as $trust_root) {
+ $trust_root->delete();
+ }
+ }
+ }
+ return true;
+ }
+
+ function removeTrustedSite($trust_root) {
+
+ $openid_url = getLoggedInUser();
+
+ if ($openid_url != null) {
+ $meta_array = array(
+ 'openid_url' => $openid_url,
+ 'trust_root' => $trust_root
+ );
+
+ $results = elgg_get_entities_from_metadata(array('metadata_name_value_pairs' => $meta_array, 'types' => 'object', 'subtypes' => 'openid_server::trust_root', 'metadata_name_value_pairs_operator' => 'and'));
+
+ if ($results) {
+ foreach($results as $trust_root) {
+ $trust_root->delete();
+ }
+ }
+ }
+ return true;
+ }
+}
+
+function getOpenIDServerStore() {
+ return new OpenIDServer_ElggStore();
+}
+
+
+if (!function_exists('fnmatch')) {
+function fnmatch($pattern, $string) {
+ for ($op = 0, $npattern = '', $n = 0, $l = strlen($pattern); $n < $l; $n++) {
+ switch ($c = $pattern[$n]) {
+ case '\\':
+ $npattern .= '\\' . @$pattern[++$n];
+ break;
+ case '.': case '+': case '^': case '$': case '(': case ')': case '{': case '}': case '=': case '!': case '<': case '>': case '|':
+ $npattern .= '\\' . $c;
+ break;
+ case '?': case '*':
+ $npattern .= '.' . $c;
+ break;
+ case '[': case ']': default:
+ $npattern .= $c;
+ if ($c == '[') {
+ $op++;
+ } else if ($c == ']') {
+ if ($op == 0) return false;
+ $op--;
+ }
+ break;
+ }
+ }
+
+ if ($op != 0) return false;
+
+ return preg_match('/' . $npattern . '/i', $string);
+}
+}
+
+?>
|