aboutsummaryrefslogtreecommitdiff
path: root/mod/openid_server/actions
diff options
context:
space:
mode:
Diffstat (limited to 'mod/openid_server/actions')
-rwxr-xr-xmod/openid_server/actions/admin.php90
-rwxr-xr-xmod/openid_server/actions/autologin.php52
-rwxr-xr-xmod/openid_server/actions/autologout.php48
-rwxr-xr-xmod/openid_server/actions/trust.php93
4 files changed, 283 insertions, 0 deletions
diff --git a/mod/openid_server/actions/admin.php b/mod/openid_server/actions/admin.php
new file mode 100755
index 000000000..bdf3b8261
--- /dev/null
+++ b/mod/openid_server/actions/admin.php
@@ -0,0 +1,90 @@
+<?php
+
+/**
+ * Elgg openid_server admin action page
+ *
+ * @package openid_server
+ * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
+ * @author Kevin Jardiner <kevin@radagast.biz>
+ * @copyright Curverider Ltd 2008-2009
+ * @link http://elgg.com/
+ *
+ * @uses the following values in $vars:
+ *
+ * 'trust' the trust object with the database information and action type
+ */
+
+require_once('../openid_server_include.php');
+
+if (isadminloggedin()) {
+ $action = trim(get_input('action'));
+ $trust_id = get_input('trust_id');
+ $show_full_form = true;
+ $body = '';
+ if ($action) {
+ $trust = new StdClass;
+ $trust->trust_root = get_input('trust_root');
+ $trust->site_name = get_input('site_name');
+ $trust->auto_login = get_input('auto_login');
+ $trust->auto_logout = get_input('auto_logout');
+ $trust->width = get_input('width');
+ $trust->height = get_input('height');
+
+ switch($action) {
+ case 'change':
+ $trust->ident = $trust_id;
+ $store->update_default_trust_root($trust_id,$trust);
+ system_message(elgg_echo('openid_server:trust_root_updated'));
+ break;
+ case 'add':
+ $store->insert_default_trust_root($trust);
+ system_message(elgg_echo('openid_server:trust_root_added'));
+ break;
+ case 'delete':
+ $store->delete_default_trust_root($trust_id);
+ system_message(elgg_echo('openid_server:trust_root_deleted'));
+ break;
+ }
+ } else {
+ if ($trust_id) {
+ $trust = $store->get_trust_root($trust_id);
+ $trust->action = 'change';
+ $body = generate_trust_form($trust);
+ $title = elgg_echo('openid_server:edit_trust_root_title');
+ $show_full_form = false;
+ }
+ }
+
+ if ($show_full_form) {
+
+ // KJ - TODO: Move this into a separate form view
+ $edit_url = $CFG->wwwroot.'mod/openid_server/admin.php?trust_id=';
+ $delete_url = $CFG->wwwroot.'mod/openid_server/admin.php?action=delete&trust_id=';
+ $title = elgg_echo('openid_server:manage_trust_root_title');
+ $results = $store->get_all_default_trust_roots();
+ if ($results) {
+ $body .= '<h2>'.elgg_echo('openid_server:trust_root_title').'</h2>'."\n";
+ $body.= '<table border="0">'."\n";
+ foreach($results as $item) {
+ $body .= '<tr><td width="150">'.$item->site_name.'</td><td width="250">'.$item->trust_root.'</td><td><a href="'
+ .$edit_url.$item->ident.'">'.elgg_echo('openid_server:edit_option').'</a></td><td><a href="'
+ .$delete_url.$item->ident.'">'.elgg_echo('openid_server:delete_option').'</a></td></tr>'."\n";
+ }
+ }
+ $body .= "</table>\n";
+ $body .= '<h2>'.elgg_echo('openid_server:add_trust_root_title').'</h2>';
+ $trust = new StdClass;
+ $trust->trust_root = '';
+ $trust->site_name = '';
+ $trust->auto_login = '';
+ $trust->auto_logout = '';
+ $trust->width = 0;
+ $trust->height = 0;
+ $trust->action = 'add';
+ $body .= generate_trust_form($trust);
+ }
+}
+
+elgg_view_page($title,$body);
+
+?>
diff --git a/mod/openid_server/actions/autologin.php b/mod/openid_server/actions/autologin.php
new file mode 100755
index 000000000..4a200fcfb
--- /dev/null
+++ b/mod/openid_server/actions/autologin.php
@@ -0,0 +1,52 @@
+<?php
+
+/**
+ * Elgg openid_server: autologin form
+ *
+ * @package ElggOpenID
+ * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
+ * @author Kevin Jardine <kevin@radagast.biz>
+ * @copyright Curverider Ltd 2008-2009
+ * @link http://elgg.org/
+ */
+
+require_once(dirname(dirname(__FILE__)).'/openid_server_include.php');
+
+require_once ('lib/common.php');
+require_once ('lib/session.php');
+
+$iframe_template = <<<END
+<iframe
+width="%s"
+height="%s"
+src="%s"
+>
+</iframe>');
+END;
+
+$openid_url = getLoggedinUser();
+$store = getOpenIDServerStore();
+$sites = $store->getAutoLoginSites();
+$request = getRequestInfo();
+if ($request) {
+ $return_url = $request->return_to;
+ setRequestInfo(null);
+} else {
+ $return_url = $CONFIG->wwwroot;
+}
+// TODO: get this to work with posts
+$iframes = '';
+foreach ($sites as $site) {
+ $iframes .= sprintf($iframe_template,$site->width,$site->height,sprintf($site->auto_login,$openid_url));
+}
+$body = elgg_view("openid_server/forms/autologin",
+ array(
+ 'iframes' => $iframes,
+ 'return_to' => $return_url,
+
+ ));
+$CONFIG->events['login'] = array();
+login();
+header("Content-type:text/html");
+print $body;
+?>
diff --git a/mod/openid_server/actions/autologout.php b/mod/openid_server/actions/autologout.php
new file mode 100755
index 000000000..36a7191c2
--- /dev/null
+++ b/mod/openid_server/actions/autologout.php
@@ -0,0 +1,48 @@
+<?php
+
+/**
+ * Elgg openid_server: autologout form
+ *
+ * @package ElggOpenID
+ * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
+ * @author Kevin Jardine <kevin@radagast.biz>
+ * @copyright Curverider Ltd 2008-2009
+ * @link http://elgg.org/
+ */
+
+require_once(dirname(dirname(__FILE__)).'/openid_server_include.php');
+
+require_once ('lib/common.php');
+require_once ('lib/session.php');
+
+$iframe_template = <<<END
+<iframe
+width="%s"
+height="%s"
+src="%s"
+>
+</iframe>');
+END;
+
+$store = getOpenIDServerStore();
+
+$openid_url = getLoggedinUser();
+$sites = $store->getAutoLogoutSites();
+
+// TODO: get this to work with posts
+$iframes = '';
+foreach ($sites as $site) {
+ $iframes .= sprintf($iframe_template,$site->width,$site->height,sprintf($site->auto_logout,$openid_url));
+}
+$body = elgg_view("openid_server/forms/autologout",
+ array(
+ 'iframes' => $iframes,
+
+ ));
+
+$CONFIG->events['logout'] = array();
+
+logout();
+header("Content-type:text/html");
+print $body;
+?>
diff --git a/mod/openid_server/actions/trust.php b/mod/openid_server/actions/trust.php
new file mode 100755
index 000000000..3f882125d
--- /dev/null
+++ b/mod/openid_server/actions/trust.php
@@ -0,0 +1,93 @@
+<?php
+
+/**
+ * Elgg openid_server: handle trust form
+ *
+ * @package ElggOpenID
+ * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
+ * @author Kevin Jardine <kevin@radagast.biz>
+ * @copyright Curverider Ltd 2008-2009
+ * @link http://elgg.org/
+ */
+
+//error_log("in trust.php");
+
+require_once(dirname(dirname(__FILE__)).'/openid_server_include.php');
+
+require_once ('lib/common.php');
+require_once ('lib/session.php');
+
+$info = getRequestInfo();
+$trusted = get_input('trust');
+$remember = get_input('remember');
+$trust_root = get_input('trust_root');
+
+$store = getOpenIDServerStore();
+if ($remember) {
+ $store->setTrustedSite($info);
+ //$store->setTrustedSite($info->trust_root);
+}
+
+if (!$info) {
+ // There is no authentication information, so bail
+ system_message(elgg_echo("openid_server:cancelled"));
+ forward();
+} else {
+
+ if ($idpSelect = $info->idSelect()) {
+ if ($idpSelect) {
+ $identity = getLoggedInUser();
+ //$req_url = idURL($idpSelect);
+ $req_url = $info->identity;
+ //XXX fixing dirty https stuff
+ //$req_url = str_replace('http', 'https', $req_url);
+ } else {
+ $trusted = false;
+ }
+ } else {
+ $req_url = normaliseUsername($info->identity);
+ }
+
+
+ $user = getLoggedInUser();
+ $identity = $user;
+
+ setRequestInfo($info);
+ $req_url_path = substr($req_url, strpos($req_url, ":"));
+ $user_path = substr($user, strpos($user, ":"));
+
+ if ($info->message->isOpenID1() && $req_url_path != $user_path) {
+ register_error(sprintf(elgg_echo("openid_server:loggedin_as_wrong_user"),$req_url, $user));
+ forward();
+ } else {
+ $trust_root = $info->trust_root;
+ $trusted = isset($trusted) ? $trusted : isTrusted($identity, $trust_root);
+ if ($trusted) {
+ setRequestInfo();
+ $server =& getServer();
+ if ($info->message->isOpenID1())
+ $response =& $info->answer(true, null, $req_url);
+ else
+ $response =& $info->answer(true, null, getServerURL(), $identity);
+
+ addSregFields($response, $info, $identity);
+ $webresponse =& $server->encodeResponse($response);
+
+ $new_headers = array();
+
+ foreach ($webresponse->headers as $k => $v) {
+ $new_headers[] = $k.": ".$v;
+ }
+
+ writeResponse( array($new_headers, $webresponse->body));
+ exit(0);
+ } elseif ($fail_cancels) {
+ setRequestInfo();
+ forward($info->getCancelURL());
+ } else {
+ writeResponse(trust_render($info));
+ }
+ }
+}
+
+?>