diff options
Diffstat (limited to 'mod/openid_client/return.php')
| -rw-r--r-- | mod/openid_client/return.php | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/mod/openid_client/return.php b/mod/openid_client/return.php new file mode 100644 index 000000000..3aa728ea6 --- /dev/null +++ b/mod/openid_client/return.php @@ -0,0 +1,69 @@ +<?php
+/**
+ * Callback for return_to url redirection.
+ *
+ * The identity server will redirect back to this handler with the results of
+ * the authentication attempt.
+ *
+ * Note: the Janrain OpenID library is incompatible with Elgg's routing so
+ * this script needs to be directly accessed.
+ */
+
+require_once dirname(dirname(dirname(__FILE__))).'/engine/start.php';
+
+elgg_load_library('openid_consumer');
+elgg_load_library('openid_client');
+
+$persistent = get_input('persistent', false);
+
+// get user data from the response
+$consumer = new ElggOpenIDConsumer($store);
+$url = elgg_get_site_url() . "mod/openid_client/return.php?persistent=$persistent";
+$consumer->setReturnURL($url);
+$data = $consumer->completeAuthentication();
+if (!$data || !$data['openid_identifier']) {
+ register_error(elgg_echo('openid_client:error:bad_response'));
+ forward();
+}
+
+// is there an account already associated with this openid
+$user = null;
+$users = elgg_get_entities_from_annotations(array(
+ 'type' => 'user',
+ 'annotation_name' => 'openid_identifier',
+ 'annotation_value' => $data['openid_identifier'],
+));
+if ($users) {
+ // there should only be one account
+ $user = $users[0];
+} else {
+ $email = elgg_extract('email', $data);
+ if ($email) {
+ $users = get_user_by_email($email);
+ if (count($users)) {
+ register_error(elgg_echo('openid_client:email_register'));
+ forward();
+
+ }
+ }
+}
+
+if ($user) {
+ // log in user and maybe update account (admin setting, user prompt?)
+ try {
+ login($user, $persistent);
+ } catch (LoginException $e) {
+ register_error($e->getMessage());
+ forward();
+ }
+
+ system_message(elgg_echo('loginok'));
+ forward();
+} else {
+ // register the new user
+ $result = openid_client_registration_page_handler($data);
+ if (!$result) {
+ register_error(elgg_echo('openid_client:error:bad_register'));
+ forward();
+ }
+}
|