diff options
-rw-r--r-- | mod/foafssl/AUTHORS | 3 | ||||
-rwxr-xr-x | mod/foafssl/COPYING | 340 | ||||
-rw-r--r-- | mod/foafssl/README.txt | 53 | ||||
-rw-r--r-- | mod/foafssl/actions/add.php | 43 | ||||
-rw-r--r-- | mod/foafssl/actions/generate.php | 53 | ||||
-rwxr-xr-x | mod/foafssl/actions/register.php | 81 | ||||
-rw-r--r-- | mod/foafssl/actions/suck.php | 56 | ||||
-rw-r--r-- | mod/foafssl/add.php | 24 | ||||
-rw-r--r-- | mod/foafssl/authenticationlogin.php | 71 | ||||
-rw-r--r-- | mod/foafssl/cert_proxy.php | 64 | ||||
-rw-r--r-- | mod/foafssl/foafssl.png | bin | 0 -> 1355 bytes | |||
-rw-r--r-- | mod/foafssl/generate.php | 22 | ||||
-rwxr-xr-x | mod/foafssl/languages/en.php | 25 | ||||
-rwxr-xr-x | mod/foafssl/languages/es.php | 26 | ||||
-rw-r--r-- | mod/foafssl/manage.php | 27 | ||||
-rw-r--r-- | mod/foafssl/manifest.xml | 9 | ||||
-rw-r--r-- | mod/foafssl/start.php | 83 | ||||
-rw-r--r-- | mod/foafssl/views/default/foafssl/loginbox.php | 4 | ||||
-rwxr-xr-x | mod/foafssl/views/default/foafssl/register.php | 54 | ||||
-rw-r--r-- | mod/foafssl/views/foaf/canvas/layouts/widgets.php | 2 | ||||
-rw-r--r-- | mod/foafssl/views/foaf/foafssl/profile.php | 16 | ||||
-rwxr-xr-x | mod/foafssl/views/foaf/pageshells/pageshell.php | 54 |
22 files changed, 1110 insertions, 0 deletions
diff --git a/mod/foafssl/AUTHORS b/mod/foafssl/AUTHORS new file mode 100644 index 000000000..d69e4f4ab --- /dev/null +++ b/mod/foafssl/AUTHORS @@ -0,0 +1,3 @@ +Sean Donovan / mrsdonovanca at bitbucket +Pablo Martin <devel@lorea.cc> + diff --git a/mod/foafssl/COPYING b/mod/foafssl/COPYING new file mode 100755 index 000000000..60549be51 --- /dev/null +++ b/mod/foafssl/COPYING @@ -0,0 +1,340 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc. + 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Library General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + <one line to give the program's name and a brief idea of what it does.> + Copyright (C) 19yy <name of author> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) 19yy name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + <signature of Ty Coon>, 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Library General +Public License instead of this License. diff --git a/mod/foafssl/README.txt b/mod/foafssl/README.txt new file mode 100644 index 000000000..ee06969d4 --- /dev/null +++ b/mod/foafssl/README.txt @@ -0,0 +1,53 @@ +Elgg Foaf-SSL support +---------------------- + +Foaf ssl support for elgg. Allows to manage client certificates, link them in the foaf file, and login with a certificate authenticating with foaf-ssl. + + installation: + place in mod/ folder as "foafssl" + + expects "lib" and "arc" folders from libAuthentications inside the module folder. + (check git://github.com/melvincarvalho/libAuthentication.git) + also, you need to configure a database for libAuthentication, you can find the details + in the authentication.php file ;) + + apache config: + yes, you need some apache config to get this running... basically the following should go + in your vhost file (change the location dirs if you have a different root): +# --------------- + + SSLOptions +ExportCertData +StdEnvVars + + # location to login + <Location /pg/foafssl/login> + SSLRequireSSL + SSLVerifyClient optional_no_ca + SSLVerifyDepth 1 + SSLOptions +ExportCertData +StdEnvVars + </Location> + + # location to suck a certificate into a logged in account + <Location /action/foafssl/suck> + SSLRequireSSL + SSLVerifyClient optional_no_ca + SSLVerifyDepth 1 + SSLOptions +ExportCertData +StdEnvVars + </Location> + + +# --------------- + + elgg mod: + if you want elgg to work with content-type appropriately, you need to apply the following patch to elgglib.php (approximate): + http://trac.elgg.org/ticket/2223 + +------ + + code repo: + https://rhizomatik@bitbucket.org/rhizomatik/elgg_foafssl + license: + GPLv2 (see COPYING) + +-- + +devel@lorea.cc diff --git a/mod/foafssl/actions/add.php b/mod/foafssl/actions/add.php new file mode 100644 index 000000000..494229aad --- /dev/null +++ b/mod/foafssl/actions/add.php @@ -0,0 +1,43 @@ +<?php +global $CONFIG; +$user = get_loggedin_user(); +$name = get_input('name'); +$webid = get_input('webid'); +$modulus = get_input('modulus'); +$exponent = get_input('exponent'); + +error_log($name); +error_log($webid); +error_log($modulus); +error_log($exponent); + +if (isset($_FILES['cert_file'])) { + $cert = get_uploaded_file('cert_file'); + $res = openssl_x509_read($cert); + $cert_data = openssl_x509_parse($cert); + $pubKey = openssl_pkey_get_public($res); + $keyData = openssl_pkey_get_details($pubKey); + $webid = $cert_data["extensions"]["subjectAltName"]; + + //Remove certificate armour + $unpacked_n = unpack("H*",$keyData['rsa']['n']); + $modulus = strtoupper($unpacked_n[1]); + + $unpacked_e = unpack("H*",$keyData['rsa']['e']); + $exponent = hexdec($unpacked_e[1]); + $name = $cert_data["subject"]["CN"]; + error_log("load file"); + error_log("webid:".$webid); + error_log("exponent".$exponent); + error_log("mod".$modulus); +} + +if ($modulus && $exponent && $user && $webid) { + $key = elgg_foafssl_createkey($modulus, $exponent, $user, $webid, $name); + system_message(elgg_echo("foafssl:addkey")); +} +else { + register_error(elgg_echo("foafssl:cantadd")); +} +forward($CONFIG->wwwroot."pg/foafssl/manage"); +?> diff --git a/mod/foafssl/actions/generate.php b/mod/foafssl/actions/generate.php new file mode 100644 index 000000000..e899d3dd0 --- /dev/null +++ b/mod/foafssl/actions/generate.php @@ -0,0 +1,53 @@ +<?php + +require_once($CONFIG->pluginspath."foafssl/lib/Authentication.php"); +require_once($CONFIG->pluginspath."foafssl/cert_proxy.php"); + +global $CONFIG; + + +function toBASE64($encodeMe) { + // does openssl really need this? + $data = base64_encode($encodeMe); + $datalb = ""; + while (strlen($data) > 64) { + $datalb .= substr($data, 0, 64) . "\n"; + $data = substr($data,64); + } + $datalb .= $data; + return $datalb; +} + + +$user = get_loggedin_user(); +$webid = $user->getURL(); +$name = get_input("name"); +$pubkey = get_input("pubkey"); + +$cert = request_identity_p12($name, $webid, $pubkey); + +if ($cert && $user) { + $armored_cert = "-----BEGIN CERTIFICATE-----\n"; + $armored_cert .= toBase64($cert); + $armored_cert .= "\n-----END CERTIFICATE-----\n"; + $res = openssl_x509_read($armored_cert); + $cert_data = openssl_x509_parse($armored_cert); + $uid = $cert_data["subject"]["UID"]; + $altName = $cert_data["extensions"]["subjectAltName"]; + $pubKey = openssl_pkey_get_public($res); + $keyData = openssl_pkey_get_details($pubKey); + + //Remove certificate armour + $unpacked_n = unpack("H*",$keyData['rsa']['n']); + $modulus = strtoupper($unpacked_n[1]); + $unpacked_e = unpack("H*",$keyData['rsa']['e']); + $exponent = hexdec($unpacked_e[1]); + set_input("name",$cert_data["subject"]["CN"]); + set_input("webid",$altName); + set_input("modulus",$modulus); + set_input("exponent",$exponent); + // now really include + include($CONFIG->pluginspath."foafssl/actions/add.php"); +} + +?> diff --git a/mod/foafssl/actions/register.php b/mod/foafssl/actions/register.php new file mode 100755 index 000000000..ff5e495b5 --- /dev/null +++ b/mod/foafssl/actions/register.php @@ -0,0 +1,81 @@ +<?php +/** + * Elgg registration action + * + * @package Elgg + * @subpackage Core + * @author Curverider Ltd + * @link http://elgg.org/ + */ + +global $CONFIG; +error_log("register user foaf!"); +// Get variables +$username = get_input('username'); +$password = get_input('password'); +$password2 = get_input('password2'); +$email = get_input('email'); +$name = get_input('name'); +$friend_guid = (int) get_input('friend_guid',0); +$invitecode = get_input('invitecode'); +$exponent = get_input('key_exp'); +$modulus = get_input('key_mod'); +$webid = get_input('key_webid'); + +if (!($exponent && $modulus && $webid)) + forward(); + +$admin = get_input('admin'); +if (is_array($admin)) { + $admin = $admin[0]; +} + +if (!$CONFIG->disable_registration) { +// For now, just try and register the user + try { + $guid = register_user($username, $password, $name, $email, false, $friend_guid, $invitecode); + if (((trim($password) != "") && (strcmp($password, $password2) == 0)) && ($guid)) { + $new_user = get_entity($guid); +error_log("register user foaf2!"); + elgg_set_ignore_access(true); + elgg_foafssl_createkey($modulus, $exponent, $new_user, $webid, $name." register cert"); + elgg_set_ignore_access(false); + if (($guid) && ($admin)) { + // Only admins can make someone an admin + admin_gatekeeper(); + $new_user->makeAdmin(); + } + + // Send user validation request on register only + global $registering_admin; + if (!$registering_admin) { + request_user_validation($guid); + } + + if (!$new_user->isAdmin()) { + // Now disable if not an admin + // Don't do a recursive disable. Any entities owned by the user at this point + // are products of plugins that hook into create user and might need + // access to the entities. + $new_user->disable('new_user', false); + } + + system_message(sprintf(elgg_echo("registerok"),$CONFIG->sitename)); + + // Forward on success, assume everything else is an error... + forward(); + } else { + register_error(elgg_echo("registerbad")); + } + } catch (RegistrationException $r) { + register_error($r->getMessage()); + } +} else { + register_error(elgg_echo('registerdisabled')); +} + +$qs = explode('?',$_SERVER['HTTP_REFERER']); +$qs = $qs[0]; +$qs .= "?u=" . urlencode($username) . "&e=" . urlencode($email) . "&n=" . urlencode($name) . "&friend_guid=" . $friend_guid; + +forward($qs); diff --git a/mod/foafssl/actions/suck.php b/mod/foafssl/actions/suck.php new file mode 100644 index 000000000..fd801e2de --- /dev/null +++ b/mod/foafssl/actions/suck.php @@ -0,0 +1,56 @@ +<?php + +//require_once("config.php"); +global $CONFIG; +require_once($CONFIG->pluginspath."foafssl/lib/Authentication.php"); + +$config = array('db_name'=>'arc','db_user'=>'arc','db_pwd'=>'chjdladhsjk34!arcarc','store_name'=>'arc_tests'); +if ($_SERVER['SSL_CLIENT_CERT']) { + error_log("going to add"); + $cert = $_SERVER['SSL_CLIENT_CERT']; + $res = openssl_x509_read($cert); + $cert_data = openssl_x509_parse($cert); + $uid = $cert_data["subject"]["UID"]; + $altName = $cert_data["extensions"]["subjectAltName"]; + $pubKey = openssl_pkey_get_public($res); + $keyData = openssl_pkey_get_details($pubKey); + + //Remove certificate armour + $unpacked_n = unpack("H*",$keyData['rsa']['n']); + $modulus = strtoupper($unpacked_n[1]); + $unpacked_e = unpack("H*",$keyData['rsa']['e']); + $exponent = hexdec($unpacked_e[1]); + set_input("name",$cert_data["subject"]["CN"]); + set_input("webid",$altName); + set_input("modulus",$modulus); + set_input("exponent",$exponent); + include($CONFIG->pluginspath."foafssl/actions/add.php"); +} + + +/* +$auth = new Authentication_FoafSSLARC($config); +//$auth = new Authentication_AgentARC($config, $webId); +//var_dump($auth); +//if ($auth->agentId !== $auth->agentURI) { +if ($auth->isAuthenticated()) { + //print "Hello : $auth->webid<br/>"; + $base_url = $CONFIG->wwwroot."pg/profile/"; + if (strpos($auth->webid, $base_url) == 0) { + $root_len = strlen($base_url); + $username = substr($auth->webid, $root_len, strlen($auth->webid)-$root_len-strlen("?view=foaf")); + $user = get_user_by_username($username); + login($user, true); + system_message(elgg_echo("you logged in successfully with your certificate!")); + forward(); + + } +} +else { + print "Sorry you are not logged in<br/>"; + print $auth->authnDiagnostic; +} +*/ +//$auth->logout(); + +?> diff --git a/mod/foafssl/add.php b/mod/foafssl/add.php new file mode 100644 index 000000000..b06bc4218 --- /dev/null +++ b/mod/foafssl/add.php @@ -0,0 +1,24 @@ +<?php +set_context("settings"); +global $CONFIG; +$form_body = elgg_echo('foafssl:name'); +$form_body .= elgg_view('input/text',array('internalname' => 'name')); +/*$form_body .= elgg_echo('foafssl:modulus'); +$form_body .= elgg_view('input/text',array('internalname' => 'modulus')); +$form_body .= elgg_echo('foafssl:exponent'); +$form_body .= elgg_view('input/text',array('internalname' => 'exponent'));*/ +$form_body .= elgg_view("input/file", array( + 'internalname' => 'cert_file')).'</p><br>'; +$form_body .= elgg_view('input/submit', array('value'=>'submit')); +$objects = elgg_view('input/form',array('body' => $form_body, 'action' => $CONFIG->wwwroot . 'action/foafssl/add', 'method' => 'post')); + +$body = elgg_view_title($title); +$body .= $objects; + +$body = elgg_view_layout('two_column_left_sidebar', '', $body, $area3); + +// Finally draw the page +page_draw($title, $body); + + +?> diff --git a/mod/foafssl/authenticationlogin.php b/mod/foafssl/authenticationlogin.php new file mode 100644 index 000000000..556fbe3b0 --- /dev/null +++ b/mod/foafssl/authenticationlogin.php @@ -0,0 +1,71 @@ +<?php + +//require_once("config.php"); +global $CONFIG; +require_once("lib/Authentication.php"); + +$config = array('db_name'=>'arc','db_user'=>'arc','db_pwd'=>'chjdladhsjk34!arcarc','store_name'=>'arc_tests'); + +$auth = new Authentication_FoafSSLARC($config); +if ($auth->isAuthenticated()) { + $base_url = $CONFIG->wwwroot."pg/profile/"; + if (strpos($auth->webid, $base_url) === 0) { + // local + $root_len = strlen($base_url); + $trim = 0; + if (!strpos($auth->webid, "?view=foaf") === false) { + $trim = strlen("?view=foaf"); + } + $username = substr($auth->webid, $root_len, strlen($auth->webid)-$root_len-$trim); + $user = get_user_by_username($username); + } + else { + // remote + $options = array('metadata_name' => 'webid', + 'metadata_value' => "URI:".$auth->webid, + 'owner_guid' => ELGG_ENTITIES_ANY_VALUE, + 'types' => 'object', + 'subtypes' => 'sslkey'); + $certs = elgg_get_entities_from_metadata($options); + if ($certs) { + $user = $certs[0]->getOwnerEntity(); + } + else { + // maybe you already exist here? + $options = array('metadata_name' => 'webid', + 'metadata_value' => $auth->webid, + 'owner_guid' => ELGG_ENTITIES_ANY_VALUE, + 'types'=>'user'); + $remote_users = elgg_get_entities_from_metadata($options); + //if ($remote_users) { + if (false) { + $user = $remote_users[0]; + $user->foreign = false; // not foreign any more + } + else { + // maybe you want to create an account here + $register = true; + set_input("u", $username); + set_input("n", $username); + $mod = $auth->certModulus; + $exp = $auth->certExponent; + $body = elgg_view("foafssl/register", array('exp'=>$exp, 'mod'=>$mod, 'webid' => "URI:".$auth->webid)); + echo page_draw(elgg_echo('register'), $body); + } + } + } +} +// now login if we found a user +if ($user) { + login($user, true); + system_message(elgg_echo("foafssl:loggedin")); + forward(); +} +elseif (!$register) { + register_error(elgg_echo('foafssl:cantlogin').":".$auth->authnDiagnostic); + forward(); +} + +// logout the cert session since we dont need it + +?> diff --git a/mod/foafssl/cert_proxy.php b/mod/foafssl/cert_proxy.php new file mode 100644 index 000000000..5dc4f8b67 --- /dev/null +++ b/mod/foafssl/cert_proxy.php @@ -0,0 +1,64 @@ +<?php + +//----------------------------------------------------------------------------------------------------------------------------------- +// +// Filename : cert.php +// Version : 1.0 +// Date : 3rd Jan 2009 +// +// Decription : This script creates an PKCS12 encoded SSL Certificate which is file transfered to the script caller. +// +// Usage : cert.php?foaf=http://foaf.me/jsmith& +// commonName=J Smith& +// emailAddress=jsmith@example.com& +// organizationName=My Company Ltd& +// organizationalUnitName=Technology Division& +// localityName=Newbury& +// stateOrProvinceName=Berkshire& +// countryName=GB& +// password=secret +// +// All parameters except 'foaf' are optional. Some parameters if missing will default as per openssl.cnf +// +// See Also : Using PHP to create self-signed X.509 Client Certificates +// http://foaf.me/Using_PHP_to_create_X.509_Client_Certificates.php +// +//----------------------------------------------------------------------------------------------------------------------------------- + +// Check if the foaf loaction is specified in the script call + +function request_identity_p12($commonName, $webid, $pubkey, $hours=0.0, $days=0.0) { + $post_fields = array(); + $post_fields['webid'] = $webid; + $post_fields['spkac'] = $pubkey; + $post_fields['hours'] = $hours; + $post_fields['days'] = $days; + $post_fields['keygensubmit'] = "submit certificate request"; + $post_fields['cn'] = $commonName; + $ch = curl_init('http://webid.myxwiki.org/xwiki/bin/view/WebId/CreateCert'); + curl_setopt($ch, CURLOPT_POST ,1); + curl_setopt($ch, CURLOPT_POSTFIELDS ,$post_fields); + curl_setopt($ch, CURLOPT_FOLLOWLOCATION ,1); + curl_setopt($ch, CURLOPT_HEADER ,0); // DO NOT RETURN HTTP HEADERS + curl_setopt($ch, CURLOPT_RETURNTRANSFER ,1); // RETURN THE CONTENTS OF THE CALL + // should check the error code and warn if something goes wrong + $Rec_Data = curl_exec($ch); + header('Last-Modified: '.date('r+b')); + header('Accept-Ranges: bytes'); + header('Content-Length: '.strlen($Rec_Data)); + header('Content-Type: application/x-x509-user-cert'); + echo $Rec_Data; + return $Rec_Data; + +} + +/*// Create a PKCS12 encoded SSL certificate +if ( $p12 = request_identity_p12( + $countryName, $stateOrProvinceName, $localityName, $organizationName, $organizationalUnitName, $commonName, $emailAddress, + $foafLocation, $pubkey ) ) +{ + // Send the PKCS12 encoded SSL certificate to the script caller as a file transfer + download_identity_p12($p12, $foafLocation); +}*/ + +?> diff --git a/mod/foafssl/foafssl.png b/mod/foafssl/foafssl.png Binary files differnew file mode 100644 index 000000000..17fa6da59 --- /dev/null +++ b/mod/foafssl/foafssl.png diff --git a/mod/foafssl/generate.php b/mod/foafssl/generate.php new file mode 100644 index 000000000..1e86a7070 --- /dev/null +++ b/mod/foafssl/generate.php @@ -0,0 +1,22 @@ +<?php +set_context("settings"); +global $CONFIG; +$form_body = "<p>".elgg_echo('foafssl:generate:description')."</p>"; +$form_body .= elgg_echo('foafssl:name').":"; +$form_body .= elgg_view('input/text',array('internalname' => 'name')); +$form_body .= '<keygen name="pubkey" challenge="TheChallenge1" style="display:none">'; +$form_body .= elgg_view('input/submit', array('value'=>elgg_echo('foafssl:generate'))); +$objects = elgg_view('input/form',array('body' => $form_body, 'action' => $CONFIG->wwwroot . 'action/foafssl/generate', 'method' => 'post')); + + +$title = elgg_echo('foafssl:generatecert'); +$body = elgg_view_title($title); +$body .= $objects; +$body .= "<a href='".$CONFIG->wwwroot."pg/foafssl/manage"."'>".elgg_echo('foafssl:return')."</a>"; + +$body = elgg_view_layout('two_column_left_sidebar', '', $body, $area3); + +// Finally draw the page +echo page_draw($title, $body); + +?> diff --git a/mod/foafssl/languages/en.php b/mod/foafssl/languages/en.php new file mode 100755 index 000000000..13141fd41 --- /dev/null +++ b/mod/foafssl/languages/en.php @@ -0,0 +1,25 @@ +<?php
+
+ $english = array(
+ "foafssl:manage" => "Manage ssl certificates",
+ "foafssl:suck" => "Suck an identity",
+ "foafssl:addforeign" => "Import a certificate",
+ "foafssl:generate" => "Generate",
+ "foafssl:generatecert" => "Generate a certificate",
+ "foafssl:your" => "Your ssl certificates",
+ "foafssl:name" => "Name",
+ "foafssl:generate:description" => "Write a name for your certificate (it should describe your identity on this network) and click on generate.",
+ "foafssl:return" => "After generating the certificate return to the manage page",
+ "foafssl:modulus" => "Modulus",
+ "foafssl:exponent" => "Exponent",
+ "foafssl:loggedin" => "You logged in successfully with your certificate!",
+ "foafssl:cantlogin" => "Couldnt login with the certificate",
+ "foafssl:addkey" => "Your new key has been added",
+ "foafssl:cantadd" => "Couldnt add the certificate, check that it is a correct foaf ssl certificate",
+ "foafssl:login" => "Foaf-ssl Login",
+ "foafssl:explain" => "You can generate your certificate for this network by using the generate button, also you can import from a file, or suck one you have installed on your browser.",
+ );
+
+ add_translation("en",$english);
+
+?>
diff --git a/mod/foafssl/languages/es.php b/mod/foafssl/languages/es.php new file mode 100755 index 000000000..fbe170595 --- /dev/null +++ b/mod/foafssl/languages/es.php @@ -0,0 +1,26 @@ +<?php
+/**
+ * Elgg spotlight lorea
+ *
+ * @package
+ * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
+ * @author lorea
+ * @copyright lorea
+ * @link http://lorea.cc
+ */
+
+ $spanish = array(
+ "foafssl:manage" => "Gestionar certificados ssl",
+ "foafssl:addforeign" => "Importar un certificado",
+ "foafssl:generate" => "Generar",
+ "foafssl:your" => "Tus certificados ssl",
+ "foafssl:name" => "Nombre",
+ "foafssl:modulus" => "Modulo",
+ "foafssl:exponent" => "Exponente",
+ "foafssl:loggedin" => "Has entrado a la red con tu certificado",
+ "foafssl:cantlogin" => "No se ha podido validar tu certificado",
+ );
+
+ add_translation("es",$spanish);
+
+?>
diff --git a/mod/foafssl/manage.php b/mod/foafssl/manage.php new file mode 100644 index 000000000..4a38c7342 --- /dev/null +++ b/mod/foafssl/manage.php @@ -0,0 +1,27 @@ +<?php +gatekeeper(); +global $CONFIG; +set_context("settings"); +$user = get_loggedin_user(); + +$title = elgg_echo("foafssl:your"); +$options = array('types'=>'object','subtypes'=>'sslkey','owner_guid'=>$user->getGUID(),'full_view'=>false); +$objects = elgg_list_entities($options); + +$body = elgg_view_title($title); +$body .= "<div class='contentWrapper'>"; +$body .= sprintf(elgg_echo("foafssl:explain"), $user->getURL()."?view=foaf")."<br/><br/>"; +$body .= "<a class='add_topic_button' href='".$CONFIG->wwwroot."pg/foafssl/add'>".elgg_echo('foafssl:addforeign')."</a> "; +$body .= "<a class='add_topic_button' href='".$CONFIG->wwwroot."pg/foafssl/generate'>".elgg_echo('foafssl:generate')."</a> "; +$body .= "<a class='add_topic_button' href='".elgg_add_action_tokens_to_url($CONFIG->wwwroot."action/foafssl/suck")."'>".elgg_echo('foafssl:suck')."</a><br/>"; +$body .= "</div>"; + +//$body .= elgg_view("pages/welcome", array('entity' => $welcome_message)); +$body .= $objects; + +$body = elgg_view_layout('two_column_left_sidebar', '', $body, $area3); + +// Finally draw the page +page_draw($title, $body); + +?> diff --git a/mod/foafssl/manifest.xml b/mod/foafssl/manifest.xml new file mode 100644 index 000000000..5cb3b9afa --- /dev/null +++ b/mod/foafssl/manifest.xml @@ -0,0 +1,9 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<plugin_manifest>
+ <field key="author" value="Pablo Martin" />
+ <field key="version" value="0.5" />
+ <field key="license" value="GPLv2" />
+ <field key="description" value="Brings the power of foaf ssl to elgg" />
+ <field key="copyright" value="(c) Pablo Martin 2010" />
+ <field key="website" value="http://bitbucket.org/rhizomatik/elgg_foafssl" />
+</plugin_manifest>
diff --git a/mod/foafssl/start.php b/mod/foafssl/start.php new file mode 100644 index 000000000..a9e20c77f --- /dev/null +++ b/mod/foafssl/start.php @@ -0,0 +1,83 @@ +<?php +/** + * Elgg powered plugin + * + * @package + * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2 + * @author lorea + * @copyright lorea + * @link http://lorea.cc + */ + + function elgg_foafssl_createkey($modulus, $exponent, $user, $webid, $name) { + error_log("create foaf ssl key:".$modulus.":".$exponent); + $user_guid = $user->getGUID(); + $key = new ElggObject(); + $key->name = $name; + $key->title = $name; + $key->subtype = 'sslkey'; + $key->owner_guid = $user_guid; + $key->container_guid = $user_guid; + $key->access_id = ACCESS_PUBLIC; + $key->save(); + $key->webid = $webid; + $key->modulus = $modulus; + $key->exponent = $exponent; + return $key; + } + + + function foafssl_page_handler($page) { + global $CONFIG; + switch ($page[0]) { + case 'manage': + include($CONFIG->pluginspath.'foafssl/manage.php'); + break; + case 'add': + include($CONFIG->pluginspath.'foafssl/add.php'); + break; + case 'generate': + include($CONFIG->pluginspath.'foafssl/generate.php'); + break; + case 'login': + include($CONFIG->pluginspath.'foafssl/authenticationlogin.php'); + break; + } + } + + function foafssl_pagesetup() { + global $CONFIG; + if (get_context() == 'settings') { + add_submenu_item(elgg_echo('foafssl:manage'), $CONFIG->wwwroot . "pg/foafssl/manage"); + } + } + + + function foafssl_init(){ + global $CONFIG; + register_action("foafssl/add",false, $CONFIG->pluginspath . "foafssl/actions/add.php"); + register_action("foafssl/generate",false, $CONFIG->pluginspath . "foafssl/actions/generate.php"); + register_action("foafssl/suck",false, $CONFIG->pluginspath . "foafssl/actions/suck.php"); + register_action("foafssl/delete",false, $CONFIG->pluginspath . "foafssl/actions/delete.php"); + register_action('entities/delete'); + register_page_handler('foafssl','foafssl_page_handler'); + register_elgg_event_handler('pagesetup','system','foafssl_pagesetup'); + elgg_extend_view("account/forms/login", "foafssl/loginbox"); + register_action("foafssl/register",true, $CONFIG->pluginspath . "foafssl/actions/register.php"); + + + //elgg_extend_view("canvas/layouts/widgets", "foafssl/profile"); + /* + register_action("microthemes/clear",false, $CONFIG->pluginspath . "microthemes/actions/microthemes/clear.php"); + register_action("microthemes/edit",false, $CONFIG->pluginspath . "microthemes/actions/microthemes/edit.php"); + register_action("microthemes/choose",false, $CONFIG->pluginspath . "microthemes/actions/microthemes/choose.php"); + register_plugin_hook('entity:icon:url', 'object', 'microthemes_tasksicon_hook'); + register_elgg_event_handler('pagesetup','system','microthemes_pagesetup'); + + elgg_extend_view("metatags", "microthemes/metatags"); + //elgg_extend_view('profile/menu/linksownpage','microthemes/profilemenu');*/ + } + +register_elgg_event_handler('init','system','foafssl_init'); + +?> diff --git a/mod/foafssl/views/default/foafssl/loginbox.php b/mod/foafssl/views/default/foafssl/loginbox.php new file mode 100644 index 000000000..732074d9f --- /dev/null +++ b/mod/foafssl/views/default/foafssl/loginbox.php @@ -0,0 +1,4 @@ +<?php + $loginurl = $vars['url']."pg/foafssl/login"; + echo " <a href='".$loginurl."'>".elgg_echo("foafssl:login")." <img src='".$vars['url']."mod/foafssl/foafssl.png"."' /></a>"; +?> diff --git a/mod/foafssl/views/default/foafssl/register.php b/mod/foafssl/views/default/foafssl/register.php new file mode 100755 index 000000000..4681db9c5 --- /dev/null +++ b/mod/foafssl/views/default/foafssl/register.php @@ -0,0 +1,54 @@ +<?php +/** + * Elgg register form + * + * @package Elgg + * @subpackage Core + * @author Curverider Ltd + * @link http://elgg.org/ + */ + +$username = get_input('u'); +$email = get_input('e'); +$name = get_input('n'); + +$admin_option = false; +$loggedin_user = get_loggedin_user(); + +if ($loggedin_user && $loggedin_user->isAdmin() && isset($vars['show_admin'])) { + $admin_option = true; +} + +$form_body = "<p><label>" . elgg_echo('name') . "<br />" . elgg_view('input/text' , array('internalname' => 'name', 'class' => "general-textarea", 'value' => $name)) . "</label><br />"; + +$form_body .= "<label>" . elgg_echo('email') . "<br />" . elgg_view('input/text' , array('internalname' => 'email', 'class' => "general-textarea", 'value' => $email)) . "</label><br />"; +$form_body .= "<label>" . elgg_echo('username') . "<br />" . elgg_view('input/text' , array('internalname' => 'username', 'class' => "general-textarea", 'value' => $username)) . "</label><br />"; +$form_body .= "<label>" . elgg_echo('password') . "<br />" . elgg_view('input/password' , array('internalname' => 'password', 'class' => "general-textarea")) . "</label><br />"; +$form_body .= "<label>" . elgg_echo('passwordagain') . "<br />" . elgg_view('input/password' , array('internalname' => 'password2', 'class' => "general-textarea")) . "</label><br />"; + +// view to extend to add more fields to the registration form +$form_body .= elgg_view('register/extend'); + +// Add captcha hook +$form_body .= elgg_view('input/captcha'); + +if ($admin_option) { + $form_body .= elgg_view('input/checkboxes', array('internalname' => "admin", 'options' => array(elgg_echo('admin_option')))); +} + +$form_body .= elgg_view('input/hidden', array('internalname' => 'key_mod', 'value' => $vars['mod'])); +//$form_body .= $vars['mod']; +$form_body .= elgg_view('input/hidden', array('internalname' => 'key_exp', 'value' => $vars['exp'])); +$form_body .= elgg_view('input/hidden', array('internalname' => 'key_webid', 'value' => $vars['webid'])); +//$form_body .= $vars['webid']; + +$form_body .= elgg_view('input/hidden', array('internalname' => 'friend_guid', 'value' => $vars['friend_guid'])); +$form_body .= elgg_view('input/hidden', array('internalname' => 'invitecode', 'value' => $vars['invitecode'])); +//$form_body .= elgg_view('input/hidden', array('internalname' => 'action', 'value' => 'register')); +$form_body .= elgg_view('input/submit', array('internalname' => 'submit', 'value' => elgg_echo('register'))) . "</p>"; +?> + +<div id="register-box"> +<h2><?php echo elgg_echo('register'); ?></h2> +<?php echo elgg_view('input/form', array('action' => "{$vars['url']}action/foafssl/register", 'body' => $form_body, 'method'=>'post')) ?> +</div> diff --git a/mod/foafssl/views/foaf/canvas/layouts/widgets.php b/mod/foafssl/views/foaf/canvas/layouts/widgets.php new file mode 100644 index 000000000..acb6c3546 --- /dev/null +++ b/mod/foafssl/views/foaf/canvas/layouts/widgets.php @@ -0,0 +1,2 @@ +<?php +?> diff --git a/mod/foafssl/views/foaf/foafssl/profile.php b/mod/foafssl/views/foaf/foafssl/profile.php new file mode 100644 index 000000000..b11708a32 --- /dev/null +++ b/mod/foafssl/views/foaf/foafssl/profile.php @@ -0,0 +1,16 @@ +<?php +$user = $vars['user']; +if ($user) { + $options = array('types'=>'object','subtypes'=>'sslkey','owner_guid'=>$user->getGUID()); + $userkeys = elgg_get_entities($options); + foreach($userkeys as $key) { +?> +<rsa:RSAPublicKey> + <cert:identity rdf:resource="#me"/> + <rsa:public_exponent cert:decimal="<?php echo $key->exponent; ?>"/> + <rsa:modulus cert:hex="<?php echo $key->modulus; ?>"/> +</rsa:RSAPublicKey> +<?php + } +} +?> diff --git a/mod/foafssl/views/foaf/pageshells/pageshell.php b/mod/foafssl/views/foaf/pageshells/pageshell.php new file mode 100755 index 000000000..909c9aa58 --- /dev/null +++ b/mod/foafssl/views/foaf/pageshells/pageshell.php @@ -0,0 +1,54 @@ +<?php +/** + * Elgg XML output pageshell + * + * @package Elgg + * @subpackage Core + * @author Curverider Ltd + * @link http://elgg.org/ + * + */ + +header("Content-Type: application/rdf+xml"); +// echo $vars['body']; + +echo "<?xml version='1.0'?>\n"; + +if (!$owner = page_owner_entity()) { + if (!isloggedin()) { + exit; + } else { + $owner = $vars['user']; + } +} + +?> +<rdf:RDF + xml:lang="en" + xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" + xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#" + xmlns:foaf="http://xmlns.com/foaf/0.1/" + xmlns:cert="http://www.w3.org/ns/auth/cert#" + xmlns:rsa="http://www.w3.org/ns/auth/rsa#" + xmlns:ya="http://blogs.yandex.ru/schema/foaf/" + xmlns:geo="http://www.w3.org/2003/01/geo/wgs84_pos#" + xmlns:dc="http://purl.org/dc/elements/1.1/"> + <rdf:Description rdf:about=""> + <rdf:type rdf:resource="http://xmlns.com/foaf/0.1/PersonalProfileDocument"/> + <foaf:maker rdf:resource="#me"/> + <foaf:primaryTopic rdf:resource="#me"/> + </rdf:Description> + <foaf:Person rdf:about="#me"> + <foaf:nick><?php echo $owner->username; ?></foaf:nick> + <foaf:name><?php echo $owner->name; ?></foaf:name> + <foaf:homepage rdf:resource="<?php echo $owner->getURL(); ?>" /> + <foaf:mbox_sha1sum><?php echo sha1("mailto:" . $owner->email); ?></foaf:mbox_sha1sum> + <foaf:img rdf:resource="<?php echo $vars['url']; ?>pg/icon/<?php echo $owner->username; ?>/large/icon.jpg" /> + <?php + echo $vars['body']; + ?> + </foaf:Person> + <?php + echo elgg_view('foafssl/profile', array('user'=>$owner)); + ?> +</rdf:RDF> |