diff options
Diffstat (limited to 'models/openid-php-openid-782224d/examples/server')
14 files changed, 1501 insertions, 0 deletions
diff --git a/models/openid-php-openid-782224d/examples/server/index.php b/models/openid-php-openid-782224d/examples/server/index.php new file mode 100644 index 000000000..7a9506458 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/index.php @@ -0,0 +1,5 @@ +<?php + +header("Location: server.php"); + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/actions.php b/models/openid-php-openid-782224d/examples/server/lib/actions.php new file mode 100644 index 000000000..50dc19a1b --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/actions.php @@ -0,0 +1,164 @@ +<?php + +require_once "lib/common.php"; +require_once "lib/session.php"; +require_once "lib/render.php"; + +require_once "lib/render/login.php"; +require_once "lib/render/idpage.php"; +require_once "lib/render/idpXrds.php"; +require_once "lib/render/userXrds.php"; + +require_once "Auth/OpenID.php"; + +/** + * Handle a standard OpenID server request + */ +function action_default() +{ + header('X-XRDS-Location: '.buildURL('idpXrds')); + + $server =& getServer(); + $method = $_SERVER['REQUEST_METHOD']; + $request = null; + if ($method == 'GET') { + $request = $_GET; + } else { + $request = $_POST; + } + + $request = $server->decodeRequest(); + + if (!$request) { + return about_render(); + } + + setRequestInfo($request); + + if (in_array($request->mode, + array('checkid_immediate', 'checkid_setup'))) { + + if ($request->idSelect()) { + // Perform IDP-driven identifier selection + if ($request->mode == 'checkid_immediate') { + $response =& $request->answer(false); + } else { + return trust_render($request); + } + } else if ((!$request->identity) && + (!$request->idSelect())) { + // No identifier used or desired; display a page saying + // so. + return noIdentifier_render(); + } else if ($request->immediate) { + $response =& $request->answer(false, buildURL()); + } else { + if (!getLoggedInUser()) { + return login_render(); + } + return trust_render($request); + } + } else { + $response =& $server->handleRequest($request); + } + + $webresponse =& $server->encodeResponse($response); + + if ($webresponse->code != AUTH_OPENID_HTTP_OK) { + header(sprintf("HTTP/1.1 %d ", $webresponse->code), + true, $webresponse->code); + } + + foreach ($webresponse->headers as $k => $v) { + header("$k: $v"); + } + + header(header_connection_close); + print $webresponse->body; + exit(0); +} + +/** + * Log out the currently logged in user + */ +function action_logout() +{ + setLoggedInUser(null); + setRequestInfo(null); + return authCancel(null); +} + +/** + * Check the input values for a login request + */ +function login_checkInput($input) +{ + $openid_url = false; + $errors = array(); + + if (!isset($input['openid_url'])) { + $errors[] = 'Enter an OpenID URL to continue'; + } + if (count($errors) == 0) { + $openid_url = $input['openid_url']; + } + return array($errors, $openid_url); +} + +/** + * Log in a user and potentially continue the requested identity approval + */ +function action_login() +{ + $method = $_SERVER['REQUEST_METHOD']; + switch ($method) { + case 'GET': + return login_render(); + case 'POST': + $info = getRequestInfo(); + $fields = $_POST; + if (isset($fields['cancel'])) { + return authCancel($info); + } + + list ($errors, $openid_url) = login_checkInput($fields); + if (count($errors) || !$openid_url) { + $needed = $info ? $info->identity : false; + return login_render($errors, @$fields['openid_url'], $needed); + } else { + setLoggedInUser($openid_url); + return doAuth($info); + } + default: + return login_render(array('Unsupported HTTP method: $method')); + } +} + +/** + * Ask the user whether he wants to trust this site + */ +function action_trust() +{ + $info = getRequestInfo(); + $trusted = isset($_POST['trust']); + return doAuth($info, $trusted, true, @$_POST['idSelect']); +} + +function action_idpage() +{ + $identity = $_GET['user']; + return idpage_render($identity); +} + +function action_idpXrds() +{ + return idpXrds_render(); +} + +function action_userXrds() +{ + $identity = $_GET['user']; + return userXrds_render($identity); +} + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/common.php b/models/openid-php-openid-782224d/examples/server/lib/common.php new file mode 100644 index 000000000..80d05f51a --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/common.php @@ -0,0 +1,95 @@ +<?php + +require_once "lib/render.php"; +require_once "lib/session.php"; + +require_once "lib/render/login.php"; +require_once "lib/render/about.php"; +require_once "lib/render/trust.php"; + +require_once "Auth/OpenID/Server.php"; +require_once "Auth/OpenID/SReg.php"; + +function authCancel($info) +{ + if ($info) { + setRequestInfo(); + $url = $info->getCancelURL(); + } else { + $url = getServerURL(); + } + return redirect_render($url); +} + +function doAuth($info, $trusted=null, $fail_cancels=false, + $idpSelect=null) +{ + if (!$info) { + // There is no authentication information, so bail + return authCancel(null); + } + + if ($info->idSelect()) { + if ($idpSelect) { + $req_url = idURL($idpSelect); + } else { + $trusted = false; + } + } else { + $req_url = $info->identity; + } + + $user = getLoggedInUser(); + setRequestInfo($info); + + if ((!$info->idSelect()) && ($req_url != idURL($user))) { + return login_render(array(), $req_url, $req_url); + } + + $trust_root = $info->trust_root; + + if ($trusted) { + setRequestInfo(); + $server =& getServer(); + $response =& $info->answer(true, null, $req_url); + + // Answer with some sample Simple Registration data. + $sreg_data = array( + 'fullname' => 'Example User', + 'nickname' => 'example', + 'dob' => '1970-01-01', + 'email' => 'invalid@example.com', + 'gender' => 'F', + 'postcode' => '12345', + 'country' => 'ES', + 'language' => 'eu', + 'timezone' => 'America/New_York'); + + // Add the simple registration response values to the OpenID + // response message. + $sreg_request = Auth_OpenID_SRegRequest::fromOpenIDRequest( + $info); + + $sreg_response = Auth_OpenID_SRegResponse::extractResponse( + $sreg_request, $sreg_data); + + $sreg_response->toMessage($response->fields); + + // Generate a response to send to the user agent. + $webresponse =& $server->encodeResponse($response); + + $new_headers = array(); + + foreach ($webresponse->headers as $k => $v) { + $new_headers[] = $k.": ".$v; + } + + return array($new_headers, $webresponse->body); + } elseif ($fail_cancels) { + return authCancel($info); + } else { + return trust_render($info); + } +} + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/render.php b/models/openid-php-openid-782224d/examples/server/lib/render.php new file mode 100644 index 000000000..33d2aefcd --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render.php @@ -0,0 +1,114 @@ +<?php + +define('page_template', +'<html> + <head> + <meta http-equiv="cache-control" content="no-cache"/> + <meta http-equiv="pragma" content="no-cache"/> + <title>%s</title> +%s + </head> + <body> + %s +<div id="content"> + <h1>%s</h1> + %s +</div> + </body> +</html>'); + +define('logged_in_pat', 'You are logged in as %s (URL: %s)'); + +/** + * HTTP response line contstants + */ +define('http_bad_request', 'HTTP/1.1 400 Bad Request'); +define('http_found', 'HTTP/1.1 302 Found'); +define('http_ok', 'HTTP/1.1 200 OK'); +define('http_internal_error', 'HTTP/1.1 500 Internal Error'); + +/** + * HTTP header constants + */ +define('header_connection_close', 'Connection: close'); +define('header_content_text', 'Content-Type: text/plain; charset=us-ascii'); + +define('redirect_message', + 'Please wait; you are being redirected to <%s>'); + + +/** + * Return a string containing an anchor tag containing the given URL + * + * The URL does not need to be quoted, but if text is passed in, then + * it does. + */ +function link_render($url, $text=null) { + $esc_url = htmlspecialchars($url, ENT_QUOTES); + $text = ($text === null) ? $esc_url : $text; + return sprintf('<a href="%s">%s</a>', $esc_url, $text); +} + +/** + * Return an HTTP redirect response + */ +function redirect_render($redir_url) +{ + $headers = array(http_found, + header_content_text, + header_connection_close, + 'Location: ' . $redir_url, + ); + $body = sprintf(redirect_message, $redir_url); + return array($headers, $body); +} + +function navigation_render($msg, $items) +{ + $what = link_render(buildURL(), 'PHP OpenID Server'); + if ($msg) { + $what .= ' — ' . $msg; + } + if ($items) { + $s = '<p>' . $what . '</p><ul class="bottom">'; + foreach ($items as $action => $text) { + $url = buildURL($action); + $s .= sprintf('<li>%s</li>', link_render($url, $text)); + } + $s .= '</ul>'; + } else { + $s = '<p class="bottom">' . $what . '</p>'; + } + return sprintf('<div class="navigation">%s</div>', $s); +} + +/** + * Render an HTML page + */ +function page_render($body, $user, $title, $h1=null, $login=false) +{ + $h1 = $h1 ? $h1 : $title; + + if ($user) { + $msg = sprintf(logged_in_pat, link_render(idURL($user), $user), + link_render(idURL($user))); + $nav = array('logout' => 'Log Out'); + + $navigation = navigation_render($msg, $nav); + } else { + if (!$login) { + $msg = link_render(buildURL('login'), 'Log In'); + $navigation = navigation_render($msg, array()); + } else { + $navigation = ''; + } + } + + $style = getStyle(); + $text = sprintf(page_template, $title, $style, $navigation, $h1, $body); + // No special headers here + $headers = array(); + return array($headers, $text); +} + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/render/about.php b/models/openid-php-openid-782224d/examples/server/lib/render/about.php new file mode 100644 index 000000000..53e3694e9 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render/about.php @@ -0,0 +1,47 @@ +<?php + +require_once "lib/session.php"; +require_once "lib/render.php"; + +define('about_error_template', + '<div class="error"> +An error occurred when processing your request: +<br /> +%s +</div>'); + +define('about_body', + '<p> + This is an <a href="http://www.openid.net/">OpenID</a> server + endpoint. This server is built on the <a + href="http://github.com/openid/php-openid">JanRain PHP OpenID + library</a>. Since OpenID consumer sites will need to directly contact this + server, it must be accessible over the Internet (not behind a firewall). +</p> +<p> + To use this server, you will have to set up a URL to use as an identifier. + Insert the following markup into the <code><head></code> of the HTML + document at that URL: +</p> +<pre><link rel="openid.server" href="%s" /></pre> +<p> + Then configure this server so that you can log in with that URL. +</p> +'); + +/** + * Render the about page, potentially with an error message + */ +function about_render($error=false, $internal=true) +{ + $headers = array(); + $body = sprintf(about_body, buildURL()); + if ($error) { + $headers[] = $internal ? http_internal_error : http_bad_request; + $body .= sprintf(about_error_template, htmlspecialchars($error)); + } + $current_user = getLoggedInUser(); + return page_render($body, $current_user, 'OpenID Server Endpoint'); +} + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/render/idpXrds.php b/models/openid-php-openid-782224d/examples/server/lib/render/idpXrds.php new file mode 100644 index 000000000..6e4ae1ce7 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render/idpXrds.php @@ -0,0 +1,32 @@ +<?php + +require_once "lib/session.php"; +require_once "lib/render.php"; + +require_once "Auth/OpenID/Discover.php"; + +define('idp_xrds_pat', '<?xml version="1.0" encoding="UTF-8"?> +<xrds:XRDS + xmlns:xrds="xri://$xrds" + xmlns="xri://$xrd*($v*2.0)"> + <XRD> + <Service priority="0"> + <Type>%s</Type> + <URI>%s</URI> + </Service> + </XRD> +</xrds:XRDS> +'); + +function idpXrds_render() +{ + $headers = array('Content-type: application/xrds+xml'); + + $body = sprintf(idp_xrds_pat, + Auth_OpenID_TYPE_2_0_IDP, + buildURL()); + + return array($headers, $body); +} + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/render/idpage.php b/models/openid-php-openid-782224d/examples/server/lib/render/idpage.php new file mode 100644 index 000000000..48c2486df --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render/idpage.php @@ -0,0 +1,31 @@ +<?php + +require_once "lib/session.php"; +require_once "lib/render.php"; + +define('idpage_pat', + '<html> +<head> + <link rel="openid2.provider openid.server" href="%s"/> + <meta http-equiv="X-XRDS-Location" content="%s" /> +</head> +<body> + This is the identity page for users of this server. +</body> +</html>'); + +function idpage_render($identity) +{ + $xrdsurl = buildURL('userXrds')."?user=".urlencode($identity); + + $headers = array( + 'X-XRDS-Location: '.$xrdsurl); + + + $body = sprintf(idpage_pat, + buildURL(), + $xrdsurl); + return array($headers, $body); +} + +?> diff --git a/models/openid-php-openid-782224d/examples/server/lib/render/login.php b/models/openid-php-openid-782224d/examples/server/lib/render/login.php new file mode 100644 index 000000000..986a88545 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render/login.php @@ -0,0 +1,65 @@ +<?php + +require_once "lib/session.php"; +require_once "lib/render.php"; + +define('login_form_pat', + '<div class="form"> + <p> + + Enter your username into this form to log in to this server. It + can be anything; this is just for demonstration purposes. For + example, entering USERNAME will give you the identity URL + + <pre>%s</pre> + </p> + + <form method="post" action="%s"> + <table> + <tr> + <th><label for="openid_url">Name:</label></th> + <td><input type="text" name="openid_url" + value="%s" id="openid_url" /></td> + </tr> + <tr> + <td colspan="2"> + <input type="submit" value="Log in" /> + <input type="submit" name="cancel" value="Cancel" /> + </td> + </tr> + </table> + </form> +</div> +'); + +define('login_needed_pat', + 'You must be logged in as %s to approve this request.'); + +function login_render($errors=null, $input=null, $needed=null) +{ + $current_user = getLoggedInUser(); + if ($input === null) { + $input = $current_user; + } + if ($needed) { + $errors[] = sprintf(login_needed_pat, link_render($needed)); + } + + $esc_input = htmlspecialchars($input, ENT_QUOTES); + $login_url = buildURL('login', true); + $body = sprintf(login_form_pat, idURL('USERNAME'), $login_url, $esc_input); + if ($errors) { + $body = loginError_render($errors) . $body; + } + return page_render($body, $current_user, 'Log In', null, true); +} + +function loginError_render($errors) +{ + $text = ''; + foreach ($errors as $error) { + $text .= sprintf("<li>%s</li>\n", $error); + } + return sprintf("<ul class=\"error\">\n%s</ul>\n", $text); +} +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/render/trust.php b/models/openid-php-openid-782224d/examples/server/lib/render/trust.php new file mode 100644 index 000000000..681d4560a --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render/trust.php @@ -0,0 +1,56 @@ +<?php + +require_once "lib/session.php"; +require_once "lib/render.php"; + +define('trust_form_pat', + '<div class="form"> + <form method="post" action="%s"> + %s + <input type="submit" name="trust" value="Confirm" /> + <input type="submit" value="Do not confirm" /> + </form> +</div> +'); + +define('normal_pat', + '<p>Do you wish to confirm your identity ' . + '(<code>%s</code>) with <code>%s</code>?</p>'); + +define('id_select_pat', + '<p>You entered the server URL at the RP. +Please choose the name you wish to use. If you enter nothing, the request will be cancelled.<br/> +<input type="text" name="idSelect" /></p> +'); + +define('no_id_pat', +' +You did not send an identifier with the request, +and it was not an identifier selection request. +Please return to the relying party and try again. +'); + +function trust_render($info) +{ + $current_user = getLoggedInUser(); + $lnk = link_render(idURL($current_user)); + $trust_root = htmlspecialchars($info->trust_root); + $trust_url = buildURL('trust', true); + + if ($info->idSelect()) { + $prompt = id_select_pat; + } else { + $prompt = sprintf(normal_pat, $lnk, $trust_root); + } + + $form = sprintf(trust_form_pat, $trust_url, $prompt); + + return page_render($form, $current_user, 'Trust This Site'); +} + +function noIdentifier_render() +{ + return page_render(no_id_pat, null, 'No Identifier Sent'); +} + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/render/userXrds.php b/models/openid-php-openid-782224d/examples/server/lib/render/userXrds.php new file mode 100644 index 000000000..a9ea95ea3 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render/userXrds.php @@ -0,0 +1,34 @@ +<?php + +require_once "lib/session.php"; +require_once "lib/render.php"; + +require_once "Auth/OpenID/Discover.php"; + +define('user_xrds_pat', '<?xml version="1.0" encoding="UTF-8"?> +<xrds:XRDS + xmlns:xrds="xri://$xrds" + xmlns="xri://$xrd*($v*2.0)"> + <XRD> + <Service priority="0"> + <Type>%s</Type> + <Type>%s</Type> + <URI>%s</URI> + </Service> + </XRD> +</xrds:XRDS> +'); + +function userXrds_render($identity) +{ + $headers = array('Content-type: application/xrds+xml'); + + $body = sprintf(user_xrds_pat, + Auth_OpenID_TYPE_2_0, + Auth_OpenID_TYPE_1_1, + buildURL()); + + return array($headers, $body); +} + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/session.php b/models/openid-php-openid-782224d/examples/server/lib/session.php new file mode 100644 index 000000000..201b6ee23 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/session.php @@ -0,0 +1,178 @@ +<?php + +require_once "config.php"; +require_once "lib/render.php"; +require_once "Auth/OpenID/Server.php"; + +/** + * Set up the session + */ +function init() +{ + session_name('openid_server'); + session_start(); +} + +/** + * Get the style markup + */ +function getStyle() +{ + $parent = rtrim(dirname(getServerURL()), '/'); + $url = htmlspecialchars($parent . '/openid-server.css', ENT_QUOTES); + return sprintf('<link rel="stylesheet" type="text/css" href="%s" />', $url); +} + +/** + * Get the URL of the current script + */ +function getServerURL() +{ + $path = $_SERVER['SCRIPT_NAME']; + $host = $_SERVER['HTTP_HOST']; + $port = $_SERVER['SERVER_PORT']; + $s = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] ? 's' : ''; + if (($s && $port == "443") || (!$s && $port == "80")) { + $p = ''; + } else { + $p = ':' . $port; + } + + return "http$s://$host$p$path"; +} + +/** + * Build a URL to a server action + */ +function buildURL($action=null, $escaped=true) +{ + $url = getServerURL(); + if ($action) { + $url .= '/' . $action; + } + return $escaped ? htmlspecialchars($url, ENT_QUOTES) : $url; +} + +/** + * Extract the current action from the request + */ +function getAction() +{ + $path_info = @$_SERVER['PATH_INFO']; + $action = ($path_info) ? substr($path_info, 1) : ''; + $function_name = 'action_' . $action; + return $function_name; +} + +/** + * Write the response to the request + */ +function writeResponse($resp) +{ + list ($headers, $body) = $resp; + array_walk($headers, 'header'); + header(header_connection_close); + print $body; +} + +/** + * Instantiate a new OpenID server object + */ +function getServer() +{ + static $server = null; + if (!isset($server)) { + $server =& new Auth_OpenID_Server(getOpenIDStore(), + buildURL()); + } + return $server; +} + +/** + * Return a hashed form of the user's password + */ +function hashPassword($password) +{ + return bin2hex(Auth_OpenID_SHA1($password)); +} + +/** + * Get the openid_url out of the cookie + * + * @return mixed $openid_url The URL that was stored in the cookie or + * false if there is none present or if the cookie is bad. + */ +function getLoggedInUser() +{ + return isset($_SESSION['openid_url']) + ? $_SESSION['openid_url'] + : false; +} + +/** + * Set the openid_url in the cookie + * + * @param mixed $identity_url The URL to set. If set to null, the + * value will be unset. + */ +function setLoggedInUser($identity_url=null) +{ + if (!isset($identity_url)) { + unset($_SESSION['openid_url']); + } else { + $_SESSION['openid_url'] = $identity_url; + } +} + +function getRequestInfo() +{ + return isset($_SESSION['request']) + ? unserialize($_SESSION['request']) + : false; +} + +function setRequestInfo($info=null) +{ + if (!isset($info)) { + unset($_SESSION['request']); + } else { + $_SESSION['request'] = serialize($info); + } +} + + +function getSreg($identity) +{ + // from config.php + global $openid_sreg; + + if (!is_array($openid_sreg)) { + return null; + } + + return $openid_sreg[$identity]; + +} + +function idURL($identity) +{ + return buildURL('idpage') . "?user=" . $identity; +} + +function idFromURL($url) +{ + if (strpos($url, 'idpage') === false) { + return null; + } + + $parsed = parse_url($url); + + $q = $parsed['query']; + + $parts = array(); + parse_str($q, $parts); + + return @$parts['user']; +} + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/openid-server.css b/models/openid-php-openid-782224d/examples/server/openid-server.css new file mode 100644 index 000000000..311d556a2 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/openid-server.css @@ -0,0 +1,74 @@ +body { + padding: 0; + margin: 0; +} + +#content { + padding: 0.5em; + max-width: 50em; +} + +ul.error { + background: #ffaaaa; + border: 1px solid #ff0000; + padding: 0.5em; + padding-left: 1.5em; +} + +.login th { + text-align: left; +} + +div.form { + border: thin solid #777777; + background: #dddddd; + padding: 0.5em; + margin-top: 1em; +} + +div.navigation { + border-bottom: thin solid #cccccc; + background: #eeeeee; + font-size: smaller; + padding: 0.5em; +} + +div.navigation h2 { + margin-top: 0; +} + +div.navigation p { + margin: 0; +} + +div.navigation ul { + margin: 0; +} + +div.login p { + margin-top: 0; +} + +h1 { + margin-top: 0; +} + +pre { + padding: 1em; + border: 1px solid black; + background: #ffeebb; +} + +#checkup { + background: url('http://openid.net/favicon.ico') no-repeat; + padding-left: 16px; +} + +th { + text-align: left; +} + +table { + border-collapse: collapse; + margin-bottom: 1em; +}
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/server.php b/models/openid-php-openid-782224d/examples/server/server.php new file mode 100644 index 000000000..f054be818 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/server.php @@ -0,0 +1,48 @@ +<?php + +$path_extra = dirname(dirname(dirname(__FILE__))); +$path = ini_get('include_path'); +$path = $path_extra . PATH_SEPARATOR . $path; +ini_set('include_path', $path); + +$try_include = @include 'config.php'; + +if (!$try_include) { + header("Location: setup.php"); +} + +header('Cache-Control: no-cache'); +header('Pragma: no-cache'); + +if (function_exists('getOpenIDStore')) { + require_once 'lib/session.php'; + require_once 'lib/actions.php'; + + init(); + + $action = getAction(); + if (!function_exists($action)) { + $action = 'action_default'; + } + + $resp = $action(); + + writeResponse($resp); +} else { +?> +<html> + <head> + <title>PHP OpenID Server</title> + <body> + <h1>PHP OpenID Server</h1> + <p> + This server needs to be configured before it can be used. Edit + <code>config.php</code> to reflect your server's setup, then + load this page again. + </p> + </body> + </head> +</html> +<?php +} +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/setup.php b/models/openid-php-openid-782224d/examples/server/setup.php new file mode 100644 index 000000000..e25ef341a --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/setup.php @@ -0,0 +1,558 @@ +<?php + +/** + * OpenID server configuration script. + * + * This script generates a config.php file needed by the server + * example. + * + * @package OpenID.Examples + * @author JanRain, Inc. <openid@janrain.com> + * @copyright 2005-2008 Janrain, Inc. + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache + */ + +$path_extra = dirname(dirname(dirname(__FILE__))); +$path = ini_get('include_path'); +$path = $path_extra . PATH_SEPARATOR . $path; +ini_set('include_path', $path); +require_once "Auth/OpenID.php"; + +/** + * Data. + */ + +$store_types = array("Filesystem" => "Auth_OpenID_FileStore", + "MySQL" => "Auth_OpenID_MySQLStore", + "PostgreSQL" => "Auth_OpenID_PostgreSQLStore", + "SQLite" => "Auth_OpenID_SQLiteStore"); + +/** + * Main. + */ + +$messages = array(); + +session_start(); +init_session(); + +if (!check_session() || + isset($_GET['add_openid'])) { + render_form(); +} else { + print generate_config(isset($_GET['download'])); +} + +/** + * Functions. + */ + +function check_url($url) { + return (Auth_OpenID::normalizeUrl($url) !== null); +} + +function build_url() { + $port = (($_SERVER['SERVER_PORT'] == 80) ? null : $_SERVER['SERVER_PORT']); + + $parts = explode("/", $_SERVER['SERVER_PROTOCOL']); + $scheme = strtolower($parts[0]); + + if ($port) { + return sprintf("%s://%s:%s%s/server.php", $scheme, $_SERVER['SERVER_NAME'], + $port, dirname($_SERVER['PHP_SELF'])); + } else { + return sprintf("%s://%s%s/server.php", $scheme, $_SERVER['SERVER_NAME'], + dirname($_SERVER['PHP_SELF'])); + } +} + +function check_open_basedir($path) { + if (ini_get('open_basedir')) { + $parts = explode(PATH_SEPARATOR, ini_get('open_basedir')); + + $found = false; + + foreach ($parts as $p) { + if (strpos($path, $p) === 0) { + $found = true; + break; + } + } + + return $found; + } else { + return true; + } +} + +function check_session() { + + global $messages; + + if ($_GET && isset($_GET['clear'])) { + session_destroy(); + $_SESSION = array(); + init_session(); + return false; + } + + $bad_path = false; + + if (isset($_GET['generate'])) { + if (!$_SESSION['server_url']) { + $messages[] = "Please enter a server URL."; + } + + if (!isset($_SESSION['store_type'])) { + $messages[] = "No store type chosen."; + } else { + switch ($_SESSION['store_type']) { + case "Filesystem": + if (!@$_SESSION['store_data']['fs_path']) { + $messages[] = "Please specify a filesystem store path."; + } else { + if (!check_open_basedir($_SESSION['store_data']['fs_path'])) { + $messages[] = "The filesystem store path violates PHP's <code>open_basedir</code> setting."; + $bad_path = true; + } + } + break; + + case "SQLite": + if (!@$_SESSION['store_data']['sqlite_path']) { + $messages[] = "Please specify a SQLite database path."; + } else { + if (!check_open_basedir($_SESSION['store_data']['sqlite_path'])) { + $messages[] = "The SQLite store path violates PHP's <code>open_basedir</code> setting."; + $bad_path = true; + } + } + break; + + default: + if (!($_SESSION['store_data']['host'] && + $_SESSION['store_data']['database'] && + $_SESSION['store_data']['username'] && + $_SESSION['store_data']['password'])) { + $messages[] = "Please specify database connection details."; + } + } + } + } + + if ($_SESSION['store_type'] && + $_SESSION['server_url'] && + (parse_url($_SESSION['server_url']) !== false) && + ((($_SESSION['store_type'] == 'Filesystem') && + $_SESSION['store_data']['fs_path']) || + (($_SESSION['store_type'] == 'SQLite') && + $_SESSION['store_data']['sqlite_path']) || + ($_SESSION['store_data']['host'] && + $_SESSION['store_data']['username'] && + $_SESSION['store_data']['database'] && + $_SESSION['store_data']['password'])) && + !$bad_path) { + + return true; + } + + return false; +} + +function render_form() { + + global $store_types, $fields, $messages; + + $basedir_msg = ""; + + if (ini_get('open_basedir')) { + $basedir_msg = "</br><span class=\"notice\">Note: Due to the ". + "<code>open_basedir</code> php.ini setting, be sure to ". + "choose a path in one of the following directories:<ul><li>". + implode("<li>", + explode(PATH_SEPARATOR, ini_get('open_basedir'))). + "</ul></span>"; + } + + $sqlite_found = false; + if (extension_loaded('sqlite') || + @dl('sqlite.' . PHP_SHLIB_SUFFIX)) { + $sqlite_found = true; + } + + $mysql_found = false; + if (extension_loaded('mysql') || + @dl('mysql.' . PHP_SHLIB_SUFFIX)) { + $mysql_found = true; + } + + $pgsql_found = false; + if (extension_loaded('pgsql') || + @dl('pgsql.' . PHP_SHLIB_SUFFIX)) { + $pgsql_found = true; + } + +?> +<html> + <head> + <style type="text/css"> +span.label { + float: left; + width: 2in; +} + +span.notice { + color: red; + font-size: 80%; +} + +div p { + border-top: 1px solid #ccc; + font-style: italic; + padding-top: 0.5em; +} + +div { + padding: 3px; +} + +div.store_fields { + margin-left: 2in; + padding: default; +} + +div.store_fields label.field { + float: left; + width: 1.75in; +} + +div.store_fields > div { + border: 1px solid gray; + margin-bottom: 0.5em; + background: #eee; +} + +div.store_fields > div > div { + margin-left: 0.4in; +} + +div.errors { + background: #faa; + border: 1px solid red; +} + +</style> +</head> +<body> + +<h2>OpenID Example Server Configuration</h2> + +<?php +if ($messages) { + print "<div class=\"errors\">"; + foreach ($messages as $m) { + print "<div>$m</div>"; + } + print "</div>"; + +} +?> + +<p> +Your browser has been redirected to this page so you can configure the +server example. This form will auto-generate an OpenID example server +configuration for use with the OpenID server example. +</p> + +<form> +<div> + + <p> + The server URL is the URL that points to the "server.php" file. It + looks like your server URL should be <code><?php print build_url(); ?></code>. + </p> + + <span class="label"><label for="i_server_url">Server URL:</label></span> + <span> + <input type="text" id="i_server_url" size="35" name="server_url" + value="<?php print $_SESSION['server_url'] ?>"> + </span> +</div> + +<div> + + <p> + If this package isn't installed in the PHP include path, the package's + directory should be added. For example, if the package is in + <code>/home/me/PHP-OpenID/</code>, you should enter that directory here. + </p> + + <span class="label"> + <label for="i_include_path">Include path (optional):</label> + </span> + <span> + <input type="text" id="i_include_path" size="35" name="include_path" + value="<?php print $_SESSION['include_path'] ?>"> + </span> +</div> + +<div> + + <p> + The server needs to store OpenID information in a "store". The + following store types are available on your PHP installation: + </p> + + <span class="label">Store method:</span> + <div class="store_fields"> + + <div> + <input type="radio" name="store_type" value="Filesystem" + id="i_filesystem"<?php if ($_SESSION['store_type'] == 'Filesystem') { print " CHECKED"; } ?>> + <label for="i_filesystem">Filesystem</label> + <div> + <label for="i_fs_path" class="field">Filesystem path:</label> + <input type="text" name="fs_path" id="i_fs_path" + value="<?php print @$_SESSION['store_data']['fs_path']; ?>"> + <?php print $basedir_msg; ?> + </div> + </div> + +<?php if ($sqlite_found) { ?> + <div> + <input type="radio" name="store_type" value="SQLite" + id="i_sqlite"<?php if ($_SESSION['store_type'] == 'SQLite') { print " CHECKED"; } ?>> + <label for="i_sqlite">SQLite</label> + <div> + <label for="i_sqlite_path" class="field">SQLite database path:</label> + <input type="text" value="<?php print @$_SESSION['store_data']['sqlite_path']; ?>" + name="sqlite_path" id="i_sqlite_path"> + <?php print $basedir_msg; ?> + </div> + </div> +<?php } ?> + + +<?php if ($mysql_found || $pgsql_found) { ?> + <div> + +<?php if ($mysql_found) { ?> + <input type="radio" name="store_type" value="MySQL" + id="i_mysql"<?php if ($_SESSION['store_type'] == 'MySQL') { print " CHECKED"; } ?>> + <label for="i_mysql">MySQL</label> +<?php } ?> + +<?php if ($pgsql_found) { ?> + <input type="radio" name="store_type" value="PostgreSQL" + id="i_pgsql"<?php if ($_SESSION['store_type'] == 'PostgreSQL') { print " CHECKED"; } ?>> + <label for="i_pgsql">PostgreSQL</label> +<?php } ?> + + <div> + <label for="i_m_host" class="field">Host:</label> + <input type="text" value="<?php print @$_SESSION['store_data']['host']; ?>" name="host" id="i_m_host"> + </div> + <div> + <label for="i_m_database" class="field">Database:</label> + <input value="<?php print @$_SESSION['store_data']['database']; ?>" type="text" name="database" id="i_m_database"> + </div> + <div> + <label for="i_m_username" class="field">Username:</label> + <input type="text" name="username" id="i_m_username" value="<?php print @$_SESSION['store_data']['username']; ?>"> + </div> + <div> + <label for="i_m_password" class="field">Password:</label> + <input type="password" name="password" id="i_m_password" value="<?php print @$_SESSION['store_data']['password']; ?>"> + </div> + </div> +<?php } ?> +</div> +</div> + +<input type="submit" name="generate" value="Generate Configuration"> +</form> +</body> +</html> +<?php +} + +function init_session() { + + global $messages; + + // Set a guess value for the server url. + if (!array_key_exists('server_url', $_SESSION)) { + $_SESSION['server_url'] = build_url(); + } + + foreach (array('server_url', 'include_path', 'store_type') as $key) { + if (!isset($_SESSION[$key])) { + $_SESSION[$key] = ""; + } + } + + if (!isset($_SESSION['store_data'])) { + $_SESSION['store_data'] = array(); + } + + foreach (array('server_url', 'include_path', 'store_type') as $field) { + if (array_key_exists($field, $_GET)) { + $_SESSION[$field] = $_GET[$field]; + } + } + + foreach (array('username', 'password', 'database', 'host', 'fs_path', 'sqlite_path') as $field) { + if (array_key_exists($field, $_GET)) { + $_SESSION['store_data'][$field] = $_GET[$field]; + } + } +} + +function generate_config($download = false) { + + if ($download) { + // Emit headers to force browser download. + header("Content-type: text/plain"); + header("Content-disposition: attachment; filename=config.php"); + print "<?php\n"; + } else { +?> +<html> +<body> + +<h2>OpenID Example Server Configuration</h2> + +<p> +Put the following text into <strong><?php print dirname(__FILE__); print DIRECTORY_SEPARATOR; ?>config.php</strong>. +</p> + +<p> +<a href="setup.php?clear=1">Back to form</a> (resets settings) +</p> + +<p> +<a href="setup.php?download=1">Download this configuration</a> +</p> + +<pre style="border: 1px solid gray; background: #eee; padding: 5px;"> +<?php +print "<?php\n"; +} +?> +<?php if ($_SESSION['include_path']) { ?> +/** + * Set any extra include paths needed to use the library + */ +set_include_path(get_include_path() . PATH_SEPARATOR . "<?php +print $_SESSION['include_path']; +?>"); + +<?php } ?> +/** + * The URL for the server. + * + * This is the location of server.php. For example: + * + * $server_url = 'http://example.com/~user/server.php'; + * + * This must be a full URL. + */ +$server_url = "<?php +print $_SESSION['server_url']; +?>"; + +/** + * Initialize an OpenID store + * + * @return object $store an instance of OpenID store (see the + * documentation for how to create one) + */ +function getOpenIDStore() +{ + <?php + + switch ($_SESSION['store_type']) { + case "Filesystem": + + print "require_once \"Auth/OpenID/FileStore.php\";\n "; + print "return new Auth_OpenID_FileStore(\"".$_SESSION['store_data']['fs_path']."\");\n"; + break; + + case "SQLite": + + print "require_once \"Auth/OpenID/SQLiteStore.php\";\n "; + print "\$s = new Auth_OpenID_SQLiteStore(\"".$_SESSION['store_data']['sqlite_path']."\");\n "; + print "\$s->createTables();\n "; + print "return \$s;\n"; + break; + + case "MySQL": + + ?>require_once 'Auth/OpenID/MySQLStore.php'; + require_once 'DB.php'; + + $dsn = array( + 'phptype' => 'mysql', + 'username' => '<?php print $_SESSION['store_data']['username']; ?>', + 'password' => '<?php print $_SESSION['store_data']['password']; ?>', + 'hostspec' => '<?php print $_SESSION['store_data']['host']; ?>' + ); + + $db =& DB::connect($dsn); + + if (PEAR::isError($db)) { + return null; + } + + $db->query("USE <?php print $_SESSION['store_data']['database']; ?>"); + + $s =& new Auth_OpenID_MySQLStore($db); + + $s->createTables(); + + return $s; +<?php + break; + + case "PostgreSQL": + + ?>require_once 'Auth/OpenID/PostgreSQLStore.php'; + require_once 'DB.php'; + + $dsn = array( + 'phptype' => 'pgsql', + 'username' => '<?php print $_SESSION['store_data']['username']; ?>', + 'password' => '<?php print $_SESSION['store_data']['password']; ?>', + 'hostspec' => '<?php print $_SESSION['store_data']['host']; ?>', + 'database' => '<?php print $_SESSION['store_data']['database']; ?>' + ); + + $db =& DB::connect($dsn); + + if (PEAR::isError($db)) { + return null; + } + + $s =& new Auth_OpenID_PostgreSQLStore($db); + + $s->createTables(); + + return $s; +<?php + break; + } + + ?> +} + +<?php + print "?>"; + if (!$download) { +?> +</pre> +</body> +</html> +<?php + } + } // end function generate_config () +?> |