1 files changed, 71 insertions, 0 deletions

diff --git a/mod/foafssl/authenticationlogin.php b/mod/foafssl/authenticationlogin.php
new file mode 100644
index 000000000..556fbe3b0
--- /dev/null
+++ b/mod/foafssl/authenticationlogin.php
@@ -0,0 +1,71 @@
+<?php
+
+//require_once("config.php");
+global $CONFIG;
+require_once("lib/Authentication.php");
+
+$config = array('db_name'=>'arc','db_user'=>'arc','db_pwd'=>'chjdladhsjk34!arcarc','store_name'=>'arc_tests');
+
+$auth = new Authentication_FoafSSLARC($config);
+if ($auth->isAuthenticated()) {
+    $base_url = $CONFIG->wwwroot."pg/profile/";
+    if (strpos($auth->webid, $base_url) === 0) {
+	// local
+	$root_len = strlen($base_url);
+	$trim = 0;
+	if (!strpos($auth->webid, "?view=foaf") === false) {
+		$trim = strlen("?view=foaf");
+	}
+    	$username = substr($auth->webid, $root_len, strlen($auth->webid)-$root_len-$trim);
+	$user = get_user_by_username($username);
+    }
+    else {
+	// remote
+	$options = array('metadata_name' => 'webid', 
+			'metadata_value' => "URI:".$auth->webid, 
+			'owner_guid' => ELGG_ENTITIES_ANY_VALUE, 
+			'types' => 'object', 
+			'subtypes' => 'sslkey');
+	$certs = elgg_get_entities_from_metadata($options);
+	if ($certs) {
+		$user = $certs[0]->getOwnerEntity();
+	}
+	else {
+		// maybe you already exist here?
+		$options = array('metadata_name' => 'webid',
+				'metadata_value' => $auth->webid,
+				'owner_guid' => ELGG_ENTITIES_ANY_VALUE,
+				'types'=>'user');
+		$remote_users = elgg_get_entities_from_metadata($options);
+		//if ($remote_users) {
+		if (false) {
+			$user = $remote_users[0];
+			$user->foreign = false; // not foreign any more
+		}
+		else {
+			// maybe you want to create an account here
+			$register = true;
+			set_input("u", $username);
+			set_input("n", $username);
+			$mod = $auth->certModulus;
+			$exp = $auth->certExponent;
+			$body = elgg_view("foafssl/register", array('exp'=>$exp, 'mod'=>$mod, 'webid' => "URI:".$auth->webid));
+			echo page_draw(elgg_echo('register'), $body);
+		}
+	}
+    }
+}
+// now login if we found a user
+if ($user) {
+	login($user, true);
+        system_message(elgg_echo("foafssl:loggedin"));
+        forward();
+}
+elseif (!$register) {
+	register_error(elgg_echo('foafssl:cantlogin').":".$auth->authnDiagnostic);
+        forward();
+}
+
+// logout the cert session since we dont need it
+
+?>