diff options
Diffstat (limited to 'models/openid-php-openid-782224d/examples')
21 files changed, 2622 insertions, 0 deletions
diff --git a/models/openid-php-openid-782224d/examples/README b/models/openid-php-openid-782224d/examples/README new file mode 100644 index 000000000..fd01ccbbd --- /dev/null +++ b/models/openid-php-openid-782224d/examples/README @@ -0,0 +1,134 @@ +OpenID Example Code +------------------- + +After you've installed this package (see ../README), you can use these +example packages to get started. They'll show you what this package +can do, and you can use them as the basis for your own OpenID support. + +consumer/: OpenID Example Consumer +================================== + +NOTE: If you want to try the example consumer without installing this +package, just make sure you add the package's 'Auth' directory to your +PHP include path. + +To try the example consumer implementation, just copy the consumer/ +directory into a place on your web server and point your browser at +the new directory. + +1. Check to be sure that /tmp is in your "open_basedir" configuration, + if open_basedir is being used to restrict PHP's file I/O. See + http://us2.php.net/features.safe-mode for more information. For + example, in your php.ini, change + + open_basedir = "..." + + to + + open_basedir = "/tmp:..." + + (If you really don't want to add /tmp to your open_basedir, you can + modify consumer/common.php and change $store_path so it doesn't + create the store directory in /tmp.) + +2. Copy or symlink the consumer/ directory into a part of your + webserver's docroot. For example, if your DocumentRoot is + /var/www/, do this: + + # cd /var/www + # ln -s /path/to/PHP-OpenID-X.Y.Z/examples/consumer + +3. Navigate to http://www.example.com/consumer and enter an OpenID + into the form presented there and click "Verify". + +consumer/ Files +=============== + +The 'index.php' file will render a form and get you started. These +are the example consumer files: + + consumer/index.php - Renders a form so you can begin the OpenID auth +process. The form submits the OpenID to try_auth.php. + + consumer/try_auth.php - Starts the authentication with the OpenID +server that manages your OpenID and redirects your browser to the +server's login page. Instructs the server to return to +finish_auth.php when you're done authenticating. + + consumer/finish_auth.php - Finishes the authentication by checking +the server's response. Tells you if the authentication was +successful. + + consumer/common.php - Includes the setup code you'll need to create +a Consumer object and participate in an OpenID authentication. + +server/: OpenID Example Server +============================== + +To try the example server, follow these steps: + +1. Copy or symlink the server/ directory into a part of your + webserver's docroot. For example, if your DocumentRoot is + /var/www/, do this: + + # cd /var/www + # ln -s /path/to/PHP-OpenID-X.Y.Z/examples/server + +2. Navigate to the server example. You'll be redirected to + server/setup.php where you can choose some configuration options to + generate a configuration. Once finished, you can download a file + "config.php." Save that file in the example server directory. + +The example server has the following features: + + - It serves its own identity pages, whose URLs are of the form + + http://.../server/server.php/idpage?user=USERNAME + + - It does not require passwords. + + - It does not support a "trusted sites" page, as you pointed out. + +In general, the example server is NOT supposed to be treated as a +fully-equiped OpenID server (i.e., with user accounts and other +state). It is supposed to demonstrate how to write PHP applications +that use the library. + +Upgrading from the 1.X.X example server +======================================= + +The 2.X.X library's example server is different from the 1.X.X example +server in the following ways: + + - The new example server does not support authenticating arbitrary + URLs. It serves its own URLs. This makes it easier to set up and + test. + + - The new example server does not support password authentication. + This makes it easier to set up and is not necessary for + illustrating the use of the library. + + - The new example server does not have a "trusted sites" page. + +server/ Files +============= + +These files make up the server example code: + + config.php - The configuration file you'll need to customize to run +the example server. + + server.php - The PHP rendering script that takes care of handling +server requests from both regular user agents and consumers. + + lib/actions.php - Handles the various types of requests that the +server supports. + + lib/common.php - Supplies functions that wrap the OpenID API calls +to make them easier to use. + + lib/render.php - Miscellaneous page rendering code. + + lib/session.php - Code to handle session data for user settings. + + lib/render/*.php - Files for each page presented by the server. diff --git a/models/openid-php-openid-782224d/examples/consumer/common.php b/models/openid-php-openid-782224d/examples/consumer/common.php new file mode 100644 index 000000000..2f01ba0a6 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/consumer/common.php @@ -0,0 +1,97 @@ +<?php + +$path_extra = dirname(dirname(dirname(__FILE__))); +$path = ini_get('include_path'); +$path = $path_extra . PATH_SEPARATOR . $path; +ini_set('include_path', $path); + +function displayError($message) { + $error = $message; + include 'index.php'; + exit(0); +} + +function doIncludes() { + /** + * Require the OpenID consumer code. + */ + require_once "Auth/OpenID/Consumer.php"; + + /** + * Require the "file store" module, which we'll need to store + * OpenID information. + */ + require_once "Auth/OpenID/FileStore.php"; + + /** + * Require the Simple Registration extension API. + */ + require_once "Auth/OpenID/SReg.php"; + + /** + * Require the PAPE extension module. + */ + require_once "Auth/OpenID/PAPE.php"; +} + +doIncludes(); + +global $pape_policy_uris; +$pape_policy_uris = array( + PAPE_AUTH_MULTI_FACTOR_PHYSICAL, + PAPE_AUTH_MULTI_FACTOR, + PAPE_AUTH_PHISHING_RESISTANT + ); + +function &getStore() { + /** + * This is where the example will store its OpenID information. + * You should change this path if you want the example store to be + * created elsewhere. After you're done playing with the example + * script, you'll have to remove this directory manually. + */ + $store_path = "/tmp/_php_consumer_test"; + + if (!file_exists($store_path) && + !mkdir($store_path)) { + print "Could not create the FileStore directory '$store_path'. ". + " Please check the effective permissions."; + exit(0); + } + + return new Auth_OpenID_FileStore($store_path); +} + +function &getConsumer() { + /** + * Create a consumer object using the store object created + * earlier. + */ + $store = getStore(); + $consumer =& new Auth_OpenID_Consumer($store); + return $consumer; +} + +function getScheme() { + $scheme = 'http'; + if (isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') { + $scheme .= 's'; + } + return $scheme; +} + +function getReturnTo() { + return sprintf("%s://%s:%s%s/finish_auth.php", + getScheme(), $_SERVER['SERVER_NAME'], + $_SERVER['SERVER_PORT'], + dirname($_SERVER['PHP_SELF'])); +} + +function getTrustRoot() { + return sprintf("%s://%s:%s%s/", + getScheme(), $_SERVER['SERVER_NAME'], + $_SERVER['SERVER_PORT'], + dirname($_SERVER['PHP_SELF'])); +} + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/consumer/finish_auth.php b/models/openid-php-openid-782224d/examples/consumer/finish_auth.php new file mode 100644 index 000000000..b19a665cf --- /dev/null +++ b/models/openid-php-openid-782224d/examples/consumer/finish_auth.php @@ -0,0 +1,98 @@ +<?php + +require_once "common.php"; +session_start(); + +function escape($thing) { + return htmlentities($thing); +} + +function run() { + $consumer = getConsumer(); + + // Complete the authentication process using the server's + // response. + $return_to = getReturnTo(); + $response = $consumer->complete($return_to); + + // Check the response status. + if ($response->status == Auth_OpenID_CANCEL) { + // This means the authentication was cancelled. + $msg = 'Verification cancelled.'; + } else if ($response->status == Auth_OpenID_FAILURE) { + // Authentication failed; display the error message. + $msg = "OpenID authentication failed: " . $response->message; + } else if ($response->status == Auth_OpenID_SUCCESS) { + // This means the authentication succeeded; extract the + // identity URL and Simple Registration data (if it was + // returned). + $openid = $response->getDisplayIdentifier(); + $esc_identity = escape($openid); + + $success = sprintf('You have successfully verified ' . + '<a href="%s">%s</a> as your identity.', + $esc_identity, $esc_identity); + + if ($response->endpoint->canonicalID) { + $escaped_canonicalID = escape($response->endpoint->canonicalID); + $success .= ' (XRI CanonicalID: '.$escaped_canonicalID.') '; + } + + $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); + + $sreg = $sreg_resp->contents(); + + if (@$sreg['email']) { + $success .= " You also returned '".escape($sreg['email']). + "' as your email."; + } + + if (@$sreg['nickname']) { + $success .= " Your nickname is '".escape($sreg['nickname']). + "'."; + } + + if (@$sreg['fullname']) { + $success .= " Your fullname is '".escape($sreg['fullname']). + "'."; + } + + $pape_resp = Auth_OpenID_PAPE_Response::fromSuccessResponse($response); + + if ($pape_resp) { + if ($pape_resp->auth_policies) { + $success .= "<p>The following PAPE policies affected the authentication:</p><ul>"; + + foreach ($pape_resp->auth_policies as $uri) { + $escaped_uri = escape($uri); + $success .= "<li><tt>$escaped_uri</tt></li>"; + } + + $success .= "</ul>"; + } else { + $success .= "<p>No PAPE policies affected the authentication.</p>"; + } + + if ($pape_resp->auth_age) { + $age = escape($pape_resp->auth_age); + $success .= "<p>The authentication age returned by the " . + "server is: <tt>".$age."</tt></p>"; + } + + if ($pape_resp->nist_auth_level) { + $auth_level = escape($pape_resp->nist_auth_level); + $success .= "<p>The NIST auth level returned by the " . + "server is: <tt>".$auth_level."</tt></p>"; + } + + } else { + $success .= "<p>No PAPE response was sent by the provider.</p>"; + } + } + + include 'index.php'; +} + +run(); + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/consumer/index.php b/models/openid-php-openid-782224d/examples/consumer/index.php new file mode 100644 index 000000000..1ff091125 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/consumer/index.php @@ -0,0 +1,73 @@ +<?php +require_once "common.php"; + +global $pape_policy_uris; +?> +<html> + <head><title>PHP OpenID Authentication Example</title></head> + <style type="text/css"> + * { + font-family: verdana,sans-serif; + } + body { + width: 50em; + margin: 1em; + } + div { + padding: .5em; + } + table { + margin: none; + padding: none; + } + .alert { + border: 1px solid #e7dc2b; + background: #fff888; + } + .success { + border: 1px solid #669966; + background: #88ff88; + } + .error { + border: 1px solid #ff0000; + background: #ffaaaa; + } + #verify-form { + border: 1px solid #777777; + background: #dddddd; + margin-top: 1em; + padding-bottom: 0em; + } + </style> + <body> + <h1>PHP OpenID Authentication Example</h1> + <p> + This example consumer uses the <a + href="http://github.com/openid/php-openid">PHP + OpenID</a> library. It just verifies that the URL that you enter + is your identity URL. + </p> + + <?php if (isset($msg)) { print "<div class=\"alert\">$msg</div>"; } ?> + <?php if (isset($error)) { print "<div class=\"error\">$error</div>"; } ?> + <?php if (isset($success)) { print "<div class=\"success\">$success</div>"; } ?> + + <div id="verify-form"> + <form method="get" action="try_auth.php"> + Identity URL: + <input type="hidden" name="action" value="verify" /> + <input type="text" name="openid_identifier" value="" /> + + <p>Optionally, request these PAPE policies:</p> + <p> + <?php foreach ($pape_policy_uris as $i => $uri) { + print "<input type=\"checkbox\" name=\"policies[]\" value=\"$uri\" />"; + print "$uri<br/>"; + } ?> + </p> + + <input type="submit" value="Verify" /> + </form> + </div> + </body> +</html> diff --git a/models/openid-php-openid-782224d/examples/consumer/try_auth.php b/models/openid-php-openid-782224d/examples/consumer/try_auth.php new file mode 100644 index 000000000..7efec7657 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/consumer/try_auth.php @@ -0,0 +1,83 @@ +<?php + +require_once "common.php"; +session_start(); + +function getOpenIDURL() { + // Render a default page if we got a submission without an openid + // value. + if (empty($_GET['openid_identifier'])) { + $error = "Expected an OpenID URL."; + include 'index.php'; + exit(0); + } + + return $_GET['openid_identifier']; +} + +function run() { + $openid = getOpenIDURL(); + $consumer = getConsumer(); + + // Begin the OpenID authentication process. + $auth_request = $consumer->begin($openid); + + // No auth request means we can't begin OpenID. + if (!$auth_request) { + displayError("Authentication error; not a valid OpenID."); + } + + $sreg_request = Auth_OpenID_SRegRequest::build( + // Required + array('nickname'), + // Optional + array('fullname', 'email')); + + if ($sreg_request) { + $auth_request->addExtension($sreg_request); + } + + $policy_uris = $_GET['policies']; + + $pape_request = new Auth_OpenID_PAPE_Request($policy_uris); + if ($pape_request) { + $auth_request->addExtension($pape_request); + } + + // Redirect the user to the OpenID server for authentication. + // Store the token for this authentication so we can verify the + // response. + + // For OpenID 1, send a redirect. For OpenID 2, use a Javascript + // form to send a POST request to the server. + if ($auth_request->shouldSendRedirect()) { + $redirect_url = $auth_request->redirectURL(getTrustRoot(), + getReturnTo()); + + // If the redirect URL can't be built, display an error + // message. + if (Auth_OpenID::isFailure($redirect_url)) { + displayError("Could not redirect to server: " . $redirect_url->message); + } else { + // Send redirect. + header("Location: ".$redirect_url); + } + } else { + // Generate form markup and render it. + $form_id = 'openid_message'; + $form_html = $auth_request->htmlMarkup(getTrustRoot(), getReturnTo(), + false, array('id' => $form_id)); + + // Display an error if the form markup couldn't be generated; + // otherwise, render the HTML. + if (Auth_OpenID::isFailure($form_html)) { + displayError("Could not redirect to server: " . $form_html->message); + } else { + print $form_html; + } + } +} + +run(); + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/detect.php b/models/openid-php-openid-782224d/examples/detect.php new file mode 100644 index 000000000..947fe4c95 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/detect.php @@ -0,0 +1,536 @@ +<?php + +$path_extra = dirname(dirname(__FILE__)); +$path = ini_get('include_path'); +$path = $path_extra . PATH_SEPARATOR . $path; +ini_set('include_path', $path); + +define('IS_WINDOWS', strtoupper(substr(PHP_OS, 0, 3)) === 'WIN'); + +class PlainText { + function start($title) + { + return ''; + } + + function tt($text) + { + return $text; + } + + function link($href, $text=null) + { + if ($text) { + return $text . ' <' . $href . '>'; + } else { + return $href; + } + } + + function b($text) + { + return '*' . $text . '*'; + } + + function contentType() + { + return 'text/plain'; + } + + function p($text) + { + return wordwrap($text) . "\n\n"; + } + + function pre($text) + { + $out = ''; + $lines = array_map('trim', explode("\n", $text)); + foreach ($lines as $line) { + $out .= ' ' . $line . "\n"; + } + $out .= "\n"; + return $out; + } + + function ol($items) + { + $out = ''; + $c = 1; + foreach ($items as $item) { + $item = wordwrap($item, 72); + $lines = array_map('trim', explode("\n", $item)); + $out .= $c . '. ' . $lines[0] . "\n"; + unset($lines[0]); + foreach ($lines as $line) { + $out .= ' ' . $line . "\n"; + } + $out .= "\n"; + $c += 1; + } + return $out; + } + + function h2($text) + { + return $this->h($text, 2); + } + + function h1($text) + { + return $this->h($text, 1); + } + + function h($text, $n) + { + $chars = '#=+-.'; + $c = $chars[$n - 1]; + return "\n" . $text . "\n" . str_repeat($c, strlen($text)) . "\n\n"; + } + + function end() + { + return ''; + } +} + +class HTML { + function start($title) + { + return '<html><head><title>' . $title . '</title>' . + $this->stylesheet(). + '</head><body>' . "\n"; + } + + function stylesheet() + { + return "<style type='text/css'>\n". + "p {\n". + " width: 50em;\n". + "}\n". + '</style>'; + } + + function tt($text) + { + return '<code>' . $text . '</code>'; + } + + function contentType() + { + return 'text/html'; + } + + function b($text) + { + return '<strong>' . $text . '</strong>'; + } + + function p($text) + { + return '<p>' . wordwrap($text) . "</p>\n"; + } + + function pre($text) + { + return '<pre>' . $text . "</pre>\n"; + } + + function ol($items) + { + $out = '<ol>'; + foreach ($items as $item) { + $out .= '<li>' . wordwrap($item) . "</li>\n"; + } + $out .= "</ol>\n"; + return $out; + } + + function h($text, $n) + { + return "<h$n>$text</h$n>\n"; + } + + function h2($text) + { + return $this->h($text, 2); + } + + function h1($text) + { + return $this->h($text, 1); + } + + function link($href, $text=null) + { + return '<a href="' . $href . '">' . ($text ? $text : $href) . '</a>'; + } + + function end() + { + return "</body>\n</html>\n"; + } +} + +if (isset($_SERVER['REQUEST_METHOD'])) { + $r = new HTML(); +} else { + $r = new PlainText(); +} + +function detect_math($r, &$out) +{ + $out .= $r->h2('Math support'); + $ext = Auth_OpenID_detectMathLibrary(Auth_OpenID_math_extensions()); + if (!isset($ext['extension']) || !isset($ext['class'])) { + $out .= $r->p( + 'Your PHP installation does not include big integer math ' . + 'support. This support is required if you wish to run a ' . + 'secure OpenID server without using SSL.'); + $out .= $r->p('To use this library, you have a few options:'); + + $gmp_lnk = $r->link('http://www.php.net/manual/en/ref.gmp.php', 'GMP'); + $bc_lnk = $r->link('http://www.php.net/manual/en/ref.bc.php', 'bcmath'); + $out .= $r->ol(array( + 'Install the ' . $gmp_lnk . ' PHP extension', + 'Install the ' . $bc_lnk . ' PHP extension', + 'If your site is low-security, call ' . + 'Auth_OpenID_setNoMathSupport(), defined in Auth/OpenID/BigMath.php. ', + 'The library will function, but ' . + 'the security of your OpenID server will depend on the ' . + 'security of the network links involved. If you are only ' . + 'using consumer support, you should still be able to operate ' . + 'securely when the users are communicating with a ' . + 'well-implemented server.')); + return false; + } else { + switch ($ext['extension']) { + case 'bcmath': + $out .= $r->p('Your PHP installation has bcmath support. This is ' . + 'adequate for small-scale use, but can be CPU-intensive. ' . + 'You may want to look into installing the GMP extension.'); + $lnk = $r->link('http://www.php.net/manual/en/ref.gmp.php'); + $out .= $r->p('See ' . $lnk .' for more information ' . + 'about the GMP extension.'); + break; + case 'gmp': + $out .= $r->p('Your PHP installation has gmp support. Good.'); + break; + default: + $class = $ext['class']; + $lib = new $class(); + $one = $lib->init(1); + $two = $lib->add($one, $one); + $t = $lib->toString($two); + $out .= $r->p('Uh-oh. I do not know about the ' . + $ext['extension'] . ' extension!'); + if ($t != '2') { + $out .= $r->p('It looks like it is broken. 1 + 1 = ' . + var_export($t, false)); + return false; + } else { + $out .= $r->p('But it seems to be able to add one and one.'); + } + } + return true; // Math library is OK + } +} + +function detect_random($r, &$out) +{ + $out .= $r->h2('Cryptographic-quality randomness source'); + if (Auth_OpenID_RAND_SOURCE === null) { + $out .= $r->p('Using (insecure) pseudorandom number source, because ' . + 'Auth_OpenID_RAND_SOURCE has been defined as null.'); + return false; + } + + $msg = 'The library will try to access ' . Auth_OpenID_RAND_SOURCE + . ' as a source of random data. '; + + $numbytes = 6; + + $f = @fopen(Auth_OpenID_RAND_SOURCE, 'r'); + if ($f !== false) { + $data = fread($f, $numbytes); + $stat = fstat($f); + $size = $stat['size']; + fclose($f); + } else { + $data = null; + $size = true; + } + + if ($f !== false) { + $dataok = (Auth_OpenID::bytes($data) == $numbytes); + $ok = $dataok && !$size; + $msg .= 'It seems to exist '; + if ($dataok) { + $msg .= 'and be readable. Here is some hex data: ' . + bin2hex($data) . '.'; + } else { + $msg .= 'but reading data failed.'; + } + if ($size) { + $msg .= ' This is a ' . $size . ' byte file. Unless you know ' . + 'what you are doing, it is likely that you are making a ' . + 'mistake by using a regular file as a randomness source.'; + } + } else { + $msg .= Auth_OpenID_RAND_SOURCE . + ' could not be opened. This could be because of restrictions on' . + ' your PHP environment or that randomness source may not exist' . + ' on this platform.'; + if (IS_WINDOWS) { + $msg .= ' You seem to be running Windows. This library does not' . + ' have access to a good source of randomness on Windows.'; + } + $ok = false; + } + + $out .= $r->p($msg); + + if (!$ok) { + $out .= $r->p( + 'To set a source of randomness, define Auth_OpenID_RAND_SOURCE ' . + 'to the path to the randomness source. If your platform does ' . + 'not provide a secure randomness source, the library can' . + 'operate in pseudorandom mode, but it is then vulnerable to ' . + 'theoretical attacks. If you wish to operate in pseudorandom ' . + 'mode, define Auth_OpenID_RAND_SOURCE to null.'); + $out .= $r->p('You are running on:'); + $out .= $r->pre(php_uname()); + $out .= $r->p('There does not seem to be an available source ' . + 'of randomness. On a Unix-like platform ' . + '(including MacOS X), try /dev/random and ' . + '/dev/urandom.'); + } + return $ok; +} + +function detect_stores($r, &$out) +{ + $out .= $r->h2('Data storage'); + + $found = array(); + foreach (array('sqlite', 'mysql', 'pgsql') as $dbext) { + if (extension_loaded($dbext) || @dl($dbext . '.' . PHP_SHLIB_SUFFIX)) { + $found[] = $dbext; + } + } + if (count($found) == 0) { + $text = 'No SQL database support was found in this PHP ' . + 'installation. See the PHP manual if you need to ' . + 'use an SQL database.'; + } else { + $text = 'Support was found for '; + if (count($found) == 1) { + $text .= $found[0] . '.'; + } else { + $last = array_pop($found); + $text .= implode(', ', $found) . ' and ' . $last . '.'; + } + $text = $r->b($text); + } + $text .= ' The library supports the MySQL, PostgreSQL, and SQLite ' . + 'database engines, as well as filesystem-based storage. In ' . + 'addition, PEAR DB is required to use databases.'; + $out .= $r->p($text); + + if (function_exists('posix_getpwuid') && + function_exists('posix_geteuid')) { + $processUser = posix_getpwuid(posix_geteuid()); + $web_user = $r->b($r->tt($processUser['name'])); + } else { + $web_user = 'the PHP process'; + } + + if (in_array('sqlite', $found)) { + $out .= $r->p('If you are using SQLite, your database must be ' . + 'writable by ' . $web_user . ' and not available over' . + ' the web.'); + } + + $basedir_str = ini_get('open_basedir'); + if (gettype($basedir_str) == 'string') { + $url = 'http://www.php.net/manual/en/features.safe-mode.php' . + '#ini.open-basedir'; + $lnk = $r->link($url, 'open_basedir'); + $out .= $r->p('If you are using a filesystem-based store or SQLite, ' . + 'be aware that ' . $lnk . ' is in effect. This means ' . + 'that your data will have to be stored in one of the ' . + 'following locations:'); + $out .= $r->pre(var_export($basedir_str, true)); + } else { + $out .= $r->p('The ' . $r->b($r->tt('open_basedir')) . ' configuration restriction ' . + 'is not in effect.'); + } + + $out .= $r->p('If you are using the filesystem store, your ' . + 'data directory must be readable and writable by ' . + $web_user . ' and not availabe over the Web.'); + return true; +} + +function detect_xml($r, &$out) +{ + global $__Auth_Yadis_xml_extensions; + + $out .= $r->h2('XML Support'); + + // Try to get an XML extension. + $ext = Auth_Yadis_getXMLParser(); + + if ($ext !== null) { + $out .= $r->p('XML parsing support is present using the '. + $r->b(get_class($ext)).' interface.'); + return true; + } else { + $out .= $r->p('XML parsing support is absent; please install one '. + 'of the following PHP extensions:'); + foreach ($__Auth_Yadis_xml_extensions as $name => $cls) { + $out .= "<li>" . $r->b($name) . "</li>"; + } + return false; + } +} + +function detect_query_corruption($r, &$out) +{ + $out .= $r->h2('Query Corruption'); + if ($_SERVER["QUERY_STRING"]!="test_query=a%26b") + { + $out.=$r->p("Your web server seems to corrupt queries. Received ".$_SERVER["QUERY_STRING"].", expected a=%26b. Check for mod_encoding."); + return false; + } + else + { + $out.=$r->p("Your web server does not corrupt queries. Good."); + return true; + } +} + +function detect_fetcher($r, &$out) +{ + $out .= $r->h2('HTTP Fetching'); + + $result = @include 'Auth/Yadis/Yadis.php'; + + if (!$result) { + $out .= $r->p('Yadis code unavailable; could not test fetcher support.'); + return false; + } + + if (Auth_Yadis_Yadis::curlPresent()) { + $out .= $r->p('This PHP installation has support for libcurl. Good.'); + } else { + $out .= $r->p('This PHP installation does not have support for ' . + 'libcurl. CURL is not required but is recommended. '. + 'The OpenID library will use an fsockopen()-based fetcher.'); + $lnk = $r->link('http://us3.php.net/manual/en/ref.curl.php'); + $out .= $r->p('See ' . $lnk . ' about enabling the libcurl support ' . + 'for PHP.'); + } + + $ok = true; + $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); + $fetch_url = 'http://www.openidenabled.com/resources/php-fetch-test'; + $expected_url = $fetch_url . '.txt'; + $result = $fetcher->get($fetch_url); + + if (isset($result)) { + $parts = array('An HTTP request was completed.'); + // list ($code, $url, $data) = $result; + if ($result->status != '200' && $result->status != '206') { + $ok = false; + $parts[] = $r->b( + sprintf( + 'Got %s instead of the expected HTTP status ' . + 'code (200 or 206).', $result->status)); + } + + $url = $result->final_url; + if ($url != $expected_url) { + $ok = false; + if ($url == $fetch_url) { + $msg = 'The redirected URL was not returned.'; + } else { + $msg = 'An unexpected URL was returned: <' . $url . '>.'; + } + $parts[] = $r->b($msg); + } + + $data = $result->body; + if ($data != 'Hello World!') { + $ok = false; + $parts[] = $r->b('Unexpected data was returned.'); + } + $out .= $r->p(implode(' ', $parts)); + } else { + $ok = false; + $out .= $r->p('Fetching URL ' . $lnk . ' failed!'); + } + + if ($fetcher->supportsSSL()) { + $out .= $r->p('Your PHP installation appears to support SSL, so it ' . + 'will be able to process HTTPS identity URLs and server URLs.'); + } else { + $out .= $r->p('Your PHP installation does not support SSL, so it ' . + 'will NOT be able to process HTTPS identity URLs and server URLs.'); + } + + return $ok; +} + +header('Content-Type: ' . $r->contentType() . '; charset=us-ascii'); +if (!$_GET["test_query"]) +{ + header("Location: ".$_SERVER['PHP_SELF']."?test_query=a%26b"); +} + + $title = 'OpenID Library Support Report'; +$out = $r->start($title) . + $r->h1($title) . + $r->p('This script checks your PHP installation to determine if you ' . + 'are set up to use the JanRain PHP OpenID library.'); + +$body = ''; + +$_include = include 'Auth/OpenID.php'; + +if (!$_include) { + $path = ini_get('include_path'); + $body .= $r->p( + 'Cannot find the OpenID library. It must be in your PHP include ' . + 'path. Your PHP include path is currently:'); + $body .= $r->pre($path); +} else { + $status = array(); + + $status[] = detect_math($r, $body); + $status[] = detect_random($r, $body); + $status[] = detect_stores($r, $body); + $status[] = detect_fetcher($r, $body); + $status[] = detect_xml($r, $body); + $status[] = detect_query_corruption($r, $body); + $result = true; + + foreach ($status as $v) { + if (!$v) { + $result = false; + break; + } + } + + if ($result) { + $out .= $r->h2('Setup Complete!'); + $out .= $r->p('Your system should be ready to run the OpenID library.'); + } else { + $out .= $r->h2('Setup Incomplete'); + $out .= $r->p('Your system needs a few changes before it will be ready to run the OpenID library.'); + } +} + +$out .= $body . $r->end(); +print $out; +?> diff --git a/models/openid-php-openid-782224d/examples/discover.php b/models/openid-php-openid-782224d/examples/discover.php new file mode 100644 index 000000000..31e6b61b7 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/discover.php @@ -0,0 +1,100 @@ +<?php + +require_once "consumer/common.php"; + +require_once "Auth/OpenID/Discover.php"; +require_once "Auth/Yadis/Yadis.php"; + +function getOpenIDIdentifier() +{ + return $_GET['openid_identifier']; +} + +function escape($x) +{ + return htmlentities($x); +} + + +$identifier = getOpenIDIdentifier(); +?> +<html> +<head> +<title>OpenID discovery</title> +</head> +<body> + <h2>OpenID discovery tool</h2> + <p> + Enter an OpenID URL to begin discovery: + </p> + <form> + <input type="text" name="openid_identifier" size="40" /> + <input type="submit" value="Begin" /> + </form> +<? +if ($identifier) { + + $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); + list($normalized_identifier, $endpoints) = Auth_OpenID_discover( + $identifier, $fetcher); + +?> + <h3>Discovery Results for <?= escape($identifier) ?></h3> + + <table cellpadding="7" cellspacing="0"> + <tbody> + <tr> + <th>Claimed Identifier</th> + <td><?= escape($normalized_identifier) ?></td> + </tr> +<? +if (!$endpoints) { +?> + <tr> + <td colspan="2">No OpenID services discovered.</td> + </tr> +<? +} else { +?> + <tr> + <td colspan="2">Discovered OpenID services:</td> + </tr> +<? +foreach ($endpoints as $endpoint) { +?> + <tr> + <td colspan="2"><hr/></td> + </tr> + <tr> + <th>Server URL</th> + <td><tt><?= escape($endpoint->server_url) ?></tt></td> + </tr> + <tr> + <th>Local ID</th> + <td><tt><?= escape($endpoint->local_id) ?></tt></td> + </tr> + <tr> + <td colspan="2"> + <h3>Service types:</h3> + <ul> +<? +foreach ($endpoint->type_uris as $type_uri) { +?> + <li><tt><?= escape($type_uri) ?></tt></li> +<? +} +?> + </ul> + </td> + </tr> +<? +} +} +?> + </tbody> +</table> +<? +} +?> +</body> +</html>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/index.php b/models/openid-php-openid-782224d/examples/server/index.php new file mode 100644 index 000000000..7a9506458 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/index.php @@ -0,0 +1,5 @@ +<?php + +header("Location: server.php"); + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/actions.php b/models/openid-php-openid-782224d/examples/server/lib/actions.php new file mode 100644 index 000000000..50dc19a1b --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/actions.php @@ -0,0 +1,164 @@ +<?php + +require_once "lib/common.php"; +require_once "lib/session.php"; +require_once "lib/render.php"; + +require_once "lib/render/login.php"; +require_once "lib/render/idpage.php"; +require_once "lib/render/idpXrds.php"; +require_once "lib/render/userXrds.php"; + +require_once "Auth/OpenID.php"; + +/** + * Handle a standard OpenID server request + */ +function action_default() +{ + header('X-XRDS-Location: '.buildURL('idpXrds')); + + $server =& getServer(); + $method = $_SERVER['REQUEST_METHOD']; + $request = null; + if ($method == 'GET') { + $request = $_GET; + } else { + $request = $_POST; + } + + $request = $server->decodeRequest(); + + if (!$request) { + return about_render(); + } + + setRequestInfo($request); + + if (in_array($request->mode, + array('checkid_immediate', 'checkid_setup'))) { + + if ($request->idSelect()) { + // Perform IDP-driven identifier selection + if ($request->mode == 'checkid_immediate') { + $response =& $request->answer(false); + } else { + return trust_render($request); + } + } else if ((!$request->identity) && + (!$request->idSelect())) { + // No identifier used or desired; display a page saying + // so. + return noIdentifier_render(); + } else if ($request->immediate) { + $response =& $request->answer(false, buildURL()); + } else { + if (!getLoggedInUser()) { + return login_render(); + } + return trust_render($request); + } + } else { + $response =& $server->handleRequest($request); + } + + $webresponse =& $server->encodeResponse($response); + + if ($webresponse->code != AUTH_OPENID_HTTP_OK) { + header(sprintf("HTTP/1.1 %d ", $webresponse->code), + true, $webresponse->code); + } + + foreach ($webresponse->headers as $k => $v) { + header("$k: $v"); + } + + header(header_connection_close); + print $webresponse->body; + exit(0); +} + +/** + * Log out the currently logged in user + */ +function action_logout() +{ + setLoggedInUser(null); + setRequestInfo(null); + return authCancel(null); +} + +/** + * Check the input values for a login request + */ +function login_checkInput($input) +{ + $openid_url = false; + $errors = array(); + + if (!isset($input['openid_url'])) { + $errors[] = 'Enter an OpenID URL to continue'; + } + if (count($errors) == 0) { + $openid_url = $input['openid_url']; + } + return array($errors, $openid_url); +} + +/** + * Log in a user and potentially continue the requested identity approval + */ +function action_login() +{ + $method = $_SERVER['REQUEST_METHOD']; + switch ($method) { + case 'GET': + return login_render(); + case 'POST': + $info = getRequestInfo(); + $fields = $_POST; + if (isset($fields['cancel'])) { + return authCancel($info); + } + + list ($errors, $openid_url) = login_checkInput($fields); + if (count($errors) || !$openid_url) { + $needed = $info ? $info->identity : false; + return login_render($errors, @$fields['openid_url'], $needed); + } else { + setLoggedInUser($openid_url); + return doAuth($info); + } + default: + return login_render(array('Unsupported HTTP method: $method')); + } +} + +/** + * Ask the user whether he wants to trust this site + */ +function action_trust() +{ + $info = getRequestInfo(); + $trusted = isset($_POST['trust']); + return doAuth($info, $trusted, true, @$_POST['idSelect']); +} + +function action_idpage() +{ + $identity = $_GET['user']; + return idpage_render($identity); +} + +function action_idpXrds() +{ + return idpXrds_render(); +} + +function action_userXrds() +{ + $identity = $_GET['user']; + return userXrds_render($identity); +} + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/common.php b/models/openid-php-openid-782224d/examples/server/lib/common.php new file mode 100644 index 000000000..80d05f51a --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/common.php @@ -0,0 +1,95 @@ +<?php + +require_once "lib/render.php"; +require_once "lib/session.php"; + +require_once "lib/render/login.php"; +require_once "lib/render/about.php"; +require_once "lib/render/trust.php"; + +require_once "Auth/OpenID/Server.php"; +require_once "Auth/OpenID/SReg.php"; + +function authCancel($info) +{ + if ($info) { + setRequestInfo(); + $url = $info->getCancelURL(); + } else { + $url = getServerURL(); + } + return redirect_render($url); +} + +function doAuth($info, $trusted=null, $fail_cancels=false, + $idpSelect=null) +{ + if (!$info) { + // There is no authentication information, so bail + return authCancel(null); + } + + if ($info->idSelect()) { + if ($idpSelect) { + $req_url = idURL($idpSelect); + } else { + $trusted = false; + } + } else { + $req_url = $info->identity; + } + + $user = getLoggedInUser(); + setRequestInfo($info); + + if ((!$info->idSelect()) && ($req_url != idURL($user))) { + return login_render(array(), $req_url, $req_url); + } + + $trust_root = $info->trust_root; + + if ($trusted) { + setRequestInfo(); + $server =& getServer(); + $response =& $info->answer(true, null, $req_url); + + // Answer with some sample Simple Registration data. + $sreg_data = array( + 'fullname' => 'Example User', + 'nickname' => 'example', + 'dob' => '1970-01-01', + 'email' => 'invalid@example.com', + 'gender' => 'F', + 'postcode' => '12345', + 'country' => 'ES', + 'language' => 'eu', + 'timezone' => 'America/New_York'); + + // Add the simple registration response values to the OpenID + // response message. + $sreg_request = Auth_OpenID_SRegRequest::fromOpenIDRequest( + $info); + + $sreg_response = Auth_OpenID_SRegResponse::extractResponse( + $sreg_request, $sreg_data); + + $sreg_response->toMessage($response->fields); + + // Generate a response to send to the user agent. + $webresponse =& $server->encodeResponse($response); + + $new_headers = array(); + + foreach ($webresponse->headers as $k => $v) { + $new_headers[] = $k.": ".$v; + } + + return array($new_headers, $webresponse->body); + } elseif ($fail_cancels) { + return authCancel($info); + } else { + return trust_render($info); + } +} + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/render.php b/models/openid-php-openid-782224d/examples/server/lib/render.php new file mode 100644 index 000000000..33d2aefcd --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render.php @@ -0,0 +1,114 @@ +<?php + +define('page_template', +'<html> + <head> + <meta http-equiv="cache-control" content="no-cache"/> + <meta http-equiv="pragma" content="no-cache"/> + <title>%s</title> +%s + </head> + <body> + %s +<div id="content"> + <h1>%s</h1> + %s +</div> + </body> +</html>'); + +define('logged_in_pat', 'You are logged in as %s (URL: %s)'); + +/** + * HTTP response line contstants + */ +define('http_bad_request', 'HTTP/1.1 400 Bad Request'); +define('http_found', 'HTTP/1.1 302 Found'); +define('http_ok', 'HTTP/1.1 200 OK'); +define('http_internal_error', 'HTTP/1.1 500 Internal Error'); + +/** + * HTTP header constants + */ +define('header_connection_close', 'Connection: close'); +define('header_content_text', 'Content-Type: text/plain; charset=us-ascii'); + +define('redirect_message', + 'Please wait; you are being redirected to <%s>'); + + +/** + * Return a string containing an anchor tag containing the given URL + * + * The URL does not need to be quoted, but if text is passed in, then + * it does. + */ +function link_render($url, $text=null) { + $esc_url = htmlspecialchars($url, ENT_QUOTES); + $text = ($text === null) ? $esc_url : $text; + return sprintf('<a href="%s">%s</a>', $esc_url, $text); +} + +/** + * Return an HTTP redirect response + */ +function redirect_render($redir_url) +{ + $headers = array(http_found, + header_content_text, + header_connection_close, + 'Location: ' . $redir_url, + ); + $body = sprintf(redirect_message, $redir_url); + return array($headers, $body); +} + +function navigation_render($msg, $items) +{ + $what = link_render(buildURL(), 'PHP OpenID Server'); + if ($msg) { + $what .= ' — ' . $msg; + } + if ($items) { + $s = '<p>' . $what . '</p><ul class="bottom">'; + foreach ($items as $action => $text) { + $url = buildURL($action); + $s .= sprintf('<li>%s</li>', link_render($url, $text)); + } + $s .= '</ul>'; + } else { + $s = '<p class="bottom">' . $what . '</p>'; + } + return sprintf('<div class="navigation">%s</div>', $s); +} + +/** + * Render an HTML page + */ +function page_render($body, $user, $title, $h1=null, $login=false) +{ + $h1 = $h1 ? $h1 : $title; + + if ($user) { + $msg = sprintf(logged_in_pat, link_render(idURL($user), $user), + link_render(idURL($user))); + $nav = array('logout' => 'Log Out'); + + $navigation = navigation_render($msg, $nav); + } else { + if (!$login) { + $msg = link_render(buildURL('login'), 'Log In'); + $navigation = navigation_render($msg, array()); + } else { + $navigation = ''; + } + } + + $style = getStyle(); + $text = sprintf(page_template, $title, $style, $navigation, $h1, $body); + // No special headers here + $headers = array(); + return array($headers, $text); +} + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/render/about.php b/models/openid-php-openid-782224d/examples/server/lib/render/about.php new file mode 100644 index 000000000..53e3694e9 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render/about.php @@ -0,0 +1,47 @@ +<?php + +require_once "lib/session.php"; +require_once "lib/render.php"; + +define('about_error_template', + '<div class="error"> +An error occurred when processing your request: +<br /> +%s +</div>'); + +define('about_body', + '<p> + This is an <a href="http://www.openid.net/">OpenID</a> server + endpoint. This server is built on the <a + href="http://github.com/openid/php-openid">JanRain PHP OpenID + library</a>. Since OpenID consumer sites will need to directly contact this + server, it must be accessible over the Internet (not behind a firewall). +</p> +<p> + To use this server, you will have to set up a URL to use as an identifier. + Insert the following markup into the <code><head></code> of the HTML + document at that URL: +</p> +<pre><link rel="openid.server" href="%s" /></pre> +<p> + Then configure this server so that you can log in with that URL. +</p> +'); + +/** + * Render the about page, potentially with an error message + */ +function about_render($error=false, $internal=true) +{ + $headers = array(); + $body = sprintf(about_body, buildURL()); + if ($error) { + $headers[] = $internal ? http_internal_error : http_bad_request; + $body .= sprintf(about_error_template, htmlspecialchars($error)); + } + $current_user = getLoggedInUser(); + return page_render($body, $current_user, 'OpenID Server Endpoint'); +} + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/render/idpXrds.php b/models/openid-php-openid-782224d/examples/server/lib/render/idpXrds.php new file mode 100644 index 000000000..6e4ae1ce7 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render/idpXrds.php @@ -0,0 +1,32 @@ +<?php + +require_once "lib/session.php"; +require_once "lib/render.php"; + +require_once "Auth/OpenID/Discover.php"; + +define('idp_xrds_pat', '<?xml version="1.0" encoding="UTF-8"?> +<xrds:XRDS + xmlns:xrds="xri://$xrds" + xmlns="xri://$xrd*($v*2.0)"> + <XRD> + <Service priority="0"> + <Type>%s</Type> + <URI>%s</URI> + </Service> + </XRD> +</xrds:XRDS> +'); + +function idpXrds_render() +{ + $headers = array('Content-type: application/xrds+xml'); + + $body = sprintf(idp_xrds_pat, + Auth_OpenID_TYPE_2_0_IDP, + buildURL()); + + return array($headers, $body); +} + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/render/idpage.php b/models/openid-php-openid-782224d/examples/server/lib/render/idpage.php new file mode 100644 index 000000000..48c2486df --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render/idpage.php @@ -0,0 +1,31 @@ +<?php + +require_once "lib/session.php"; +require_once "lib/render.php"; + +define('idpage_pat', + '<html> +<head> + <link rel="openid2.provider openid.server" href="%s"/> + <meta http-equiv="X-XRDS-Location" content="%s" /> +</head> +<body> + This is the identity page for users of this server. +</body> +</html>'); + +function idpage_render($identity) +{ + $xrdsurl = buildURL('userXrds')."?user=".urlencode($identity); + + $headers = array( + 'X-XRDS-Location: '.$xrdsurl); + + + $body = sprintf(idpage_pat, + buildURL(), + $xrdsurl); + return array($headers, $body); +} + +?> diff --git a/models/openid-php-openid-782224d/examples/server/lib/render/login.php b/models/openid-php-openid-782224d/examples/server/lib/render/login.php new file mode 100644 index 000000000..986a88545 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render/login.php @@ -0,0 +1,65 @@ +<?php + +require_once "lib/session.php"; +require_once "lib/render.php"; + +define('login_form_pat', + '<div class="form"> + <p> + + Enter your username into this form to log in to this server. It + can be anything; this is just for demonstration purposes. For + example, entering USERNAME will give you the identity URL + + <pre>%s</pre> + </p> + + <form method="post" action="%s"> + <table> + <tr> + <th><label for="openid_url">Name:</label></th> + <td><input type="text" name="openid_url" + value="%s" id="openid_url" /></td> + </tr> + <tr> + <td colspan="2"> + <input type="submit" value="Log in" /> + <input type="submit" name="cancel" value="Cancel" /> + </td> + </tr> + </table> + </form> +</div> +'); + +define('login_needed_pat', + 'You must be logged in as %s to approve this request.'); + +function login_render($errors=null, $input=null, $needed=null) +{ + $current_user = getLoggedInUser(); + if ($input === null) { + $input = $current_user; + } + if ($needed) { + $errors[] = sprintf(login_needed_pat, link_render($needed)); + } + + $esc_input = htmlspecialchars($input, ENT_QUOTES); + $login_url = buildURL('login', true); + $body = sprintf(login_form_pat, idURL('USERNAME'), $login_url, $esc_input); + if ($errors) { + $body = loginError_render($errors) . $body; + } + return page_render($body, $current_user, 'Log In', null, true); +} + +function loginError_render($errors) +{ + $text = ''; + foreach ($errors as $error) { + $text .= sprintf("<li>%s</li>\n", $error); + } + return sprintf("<ul class=\"error\">\n%s</ul>\n", $text); +} +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/render/trust.php b/models/openid-php-openid-782224d/examples/server/lib/render/trust.php new file mode 100644 index 000000000..681d4560a --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render/trust.php @@ -0,0 +1,56 @@ +<?php + +require_once "lib/session.php"; +require_once "lib/render.php"; + +define('trust_form_pat', + '<div class="form"> + <form method="post" action="%s"> + %s + <input type="submit" name="trust" value="Confirm" /> + <input type="submit" value="Do not confirm" /> + </form> +</div> +'); + +define('normal_pat', + '<p>Do you wish to confirm your identity ' . + '(<code>%s</code>) with <code>%s</code>?</p>'); + +define('id_select_pat', + '<p>You entered the server URL at the RP. +Please choose the name you wish to use. If you enter nothing, the request will be cancelled.<br/> +<input type="text" name="idSelect" /></p> +'); + +define('no_id_pat', +' +You did not send an identifier with the request, +and it was not an identifier selection request. +Please return to the relying party and try again. +'); + +function trust_render($info) +{ + $current_user = getLoggedInUser(); + $lnk = link_render(idURL($current_user)); + $trust_root = htmlspecialchars($info->trust_root); + $trust_url = buildURL('trust', true); + + if ($info->idSelect()) { + $prompt = id_select_pat; + } else { + $prompt = sprintf(normal_pat, $lnk, $trust_root); + } + + $form = sprintf(trust_form_pat, $trust_url, $prompt); + + return page_render($form, $current_user, 'Trust This Site'); +} + +function noIdentifier_render() +{ + return page_render(no_id_pat, null, 'No Identifier Sent'); +} + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/render/userXrds.php b/models/openid-php-openid-782224d/examples/server/lib/render/userXrds.php new file mode 100644 index 000000000..a9ea95ea3 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render/userXrds.php @@ -0,0 +1,34 @@ +<?php + +require_once "lib/session.php"; +require_once "lib/render.php"; + +require_once "Auth/OpenID/Discover.php"; + +define('user_xrds_pat', '<?xml version="1.0" encoding="UTF-8"?> +<xrds:XRDS + xmlns:xrds="xri://$xrds" + xmlns="xri://$xrd*($v*2.0)"> + <XRD> + <Service priority="0"> + <Type>%s</Type> + <Type>%s</Type> + <URI>%s</URI> + </Service> + </XRD> +</xrds:XRDS> +'); + +function userXrds_render($identity) +{ + $headers = array('Content-type: application/xrds+xml'); + + $body = sprintf(user_xrds_pat, + Auth_OpenID_TYPE_2_0, + Auth_OpenID_TYPE_1_1, + buildURL()); + + return array($headers, $body); +} + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/session.php b/models/openid-php-openid-782224d/examples/server/lib/session.php new file mode 100644 index 000000000..201b6ee23 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/session.php @@ -0,0 +1,178 @@ +<?php + +require_once "config.php"; +require_once "lib/render.php"; +require_once "Auth/OpenID/Server.php"; + +/** + * Set up the session + */ +function init() +{ + session_name('openid_server'); + session_start(); +} + +/** + * Get the style markup + */ +function getStyle() +{ + $parent = rtrim(dirname(getServerURL()), '/'); + $url = htmlspecialchars($parent . '/openid-server.css', ENT_QUOTES); + return sprintf('<link rel="stylesheet" type="text/css" href="%s" />', $url); +} + +/** + * Get the URL of the current script + */ +function getServerURL() +{ + $path = $_SERVER['SCRIPT_NAME']; + $host = $_SERVER['HTTP_HOST']; + $port = $_SERVER['SERVER_PORT']; + $s = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] ? 's' : ''; + if (($s && $port == "443") || (!$s && $port == "80")) { + $p = ''; + } else { + $p = ':' . $port; + } + + return "http$s://$host$p$path"; +} + +/** + * Build a URL to a server action + */ +function buildURL($action=null, $escaped=true) +{ + $url = getServerURL(); + if ($action) { + $url .= '/' . $action; + } + return $escaped ? htmlspecialchars($url, ENT_QUOTES) : $url; +} + +/** + * Extract the current action from the request + */ +function getAction() +{ + $path_info = @$_SERVER['PATH_INFO']; + $action = ($path_info) ? substr($path_info, 1) : ''; + $function_name = 'action_' . $action; + return $function_name; +} + +/** + * Write the response to the request + */ +function writeResponse($resp) +{ + list ($headers, $body) = $resp; + array_walk($headers, 'header'); + header(header_connection_close); + print $body; +} + +/** + * Instantiate a new OpenID server object + */ +function getServer() +{ + static $server = null; + if (!isset($server)) { + $server =& new Auth_OpenID_Server(getOpenIDStore(), + buildURL()); + } + return $server; +} + +/** + * Return a hashed form of the user's password + */ +function hashPassword($password) +{ + return bin2hex(Auth_OpenID_SHA1($password)); +} + +/** + * Get the openid_url out of the cookie + * + * @return mixed $openid_url The URL that was stored in the cookie or + * false if there is none present or if the cookie is bad. + */ +function getLoggedInUser() +{ + return isset($_SESSION['openid_url']) + ? $_SESSION['openid_url'] + : false; +} + +/** + * Set the openid_url in the cookie + * + * @param mixed $identity_url The URL to set. If set to null, the + * value will be unset. + */ +function setLoggedInUser($identity_url=null) +{ + if (!isset($identity_url)) { + unset($_SESSION['openid_url']); + } else { + $_SESSION['openid_url'] = $identity_url; + } +} + +function getRequestInfo() +{ + return isset($_SESSION['request']) + ? unserialize($_SESSION['request']) + : false; +} + +function setRequestInfo($info=null) +{ + if (!isset($info)) { + unset($_SESSION['request']); + } else { + $_SESSION['request'] = serialize($info); + } +} + + +function getSreg($identity) +{ + // from config.php + global $openid_sreg; + + if (!is_array($openid_sreg)) { + return null; + } + + return $openid_sreg[$identity]; + +} + +function idURL($identity) +{ + return buildURL('idpage') . "?user=" . $identity; +} + +function idFromURL($url) +{ + if (strpos($url, 'idpage') === false) { + return null; + } + + $parsed = parse_url($url); + + $q = $parsed['query']; + + $parts = array(); + parse_str($q, $parts); + + return @$parts['user']; +} + +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/openid-server.css b/models/openid-php-openid-782224d/examples/server/openid-server.css new file mode 100644 index 000000000..311d556a2 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/openid-server.css @@ -0,0 +1,74 @@ +body { + padding: 0; + margin: 0; +} + +#content { + padding: 0.5em; + max-width: 50em; +} + +ul.error { + background: #ffaaaa; + border: 1px solid #ff0000; + padding: 0.5em; + padding-left: 1.5em; +} + +.login th { + text-align: left; +} + +div.form { + border: thin solid #777777; + background: #dddddd; + padding: 0.5em; + margin-top: 1em; +} + +div.navigation { + border-bottom: thin solid #cccccc; + background: #eeeeee; + font-size: smaller; + padding: 0.5em; +} + +div.navigation h2 { + margin-top: 0; +} + +div.navigation p { + margin: 0; +} + +div.navigation ul { + margin: 0; +} + +div.login p { + margin-top: 0; +} + +h1 { + margin-top: 0; +} + +pre { + padding: 1em; + border: 1px solid black; + background: #ffeebb; +} + +#checkup { + background: url('http://openid.net/favicon.ico') no-repeat; + padding-left: 16px; +} + +th { + text-align: left; +} + +table { + border-collapse: collapse; + margin-bottom: 1em; +}
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/server.php b/models/openid-php-openid-782224d/examples/server/server.php new file mode 100644 index 000000000..f054be818 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/server.php @@ -0,0 +1,48 @@ +<?php + +$path_extra = dirname(dirname(dirname(__FILE__))); +$path = ini_get('include_path'); +$path = $path_extra . PATH_SEPARATOR . $path; +ini_set('include_path', $path); + +$try_include = @include 'config.php'; + +if (!$try_include) { + header("Location: setup.php"); +} + +header('Cache-Control: no-cache'); +header('Pragma: no-cache'); + +if (function_exists('getOpenIDStore')) { + require_once 'lib/session.php'; + require_once 'lib/actions.php'; + + init(); + + $action = getAction(); + if (!function_exists($action)) { + $action = 'action_default'; + } + + $resp = $action(); + + writeResponse($resp); +} else { +?> +<html> + <head> + <title>PHP OpenID Server</title> + <body> + <h1>PHP OpenID Server</h1> + <p> + This server needs to be configured before it can be used. Edit + <code>config.php</code> to reflect your server's setup, then + load this page again. + </p> + </body> + </head> +</html> +<?php +} +?>
\ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/setup.php b/models/openid-php-openid-782224d/examples/server/setup.php new file mode 100644 index 000000000..e25ef341a --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/setup.php @@ -0,0 +1,558 @@ +<?php + +/** + * OpenID server configuration script. + * + * This script generates a config.php file needed by the server + * example. + * + * @package OpenID.Examples + * @author JanRain, Inc. <openid@janrain.com> + * @copyright 2005-2008 Janrain, Inc. + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache + */ + +$path_extra = dirname(dirname(dirname(__FILE__))); +$path = ini_get('include_path'); +$path = $path_extra . PATH_SEPARATOR . $path; +ini_set('include_path', $path); +require_once "Auth/OpenID.php"; + +/** + * Data. + */ + +$store_types = array("Filesystem" => "Auth_OpenID_FileStore", + "MySQL" => "Auth_OpenID_MySQLStore", + "PostgreSQL" => "Auth_OpenID_PostgreSQLStore", + "SQLite" => "Auth_OpenID_SQLiteStore"); + +/** + * Main. + */ + +$messages = array(); + +session_start(); +init_session(); + +if (!check_session() || + isset($_GET['add_openid'])) { + render_form(); +} else { + print generate_config(isset($_GET['download'])); +} + +/** + * Functions. + */ + +function check_url($url) { + return (Auth_OpenID::normalizeUrl($url) !== null); +} + +function build_url() { + $port = (($_SERVER['SERVER_PORT'] == 80) ? null : $_SERVER['SERVER_PORT']); + + $parts = explode("/", $_SERVER['SERVER_PROTOCOL']); + $scheme = strtolower($parts[0]); + + if ($port) { + return sprintf("%s://%s:%s%s/server.php", $scheme, $_SERVER['SERVER_NAME'], + $port, dirname($_SERVER['PHP_SELF'])); + } else { + return sprintf("%s://%s%s/server.php", $scheme, $_SERVER['SERVER_NAME'], + dirname($_SERVER['PHP_SELF'])); + } +} + +function check_open_basedir($path) { + if (ini_get('open_basedir')) { + $parts = explode(PATH_SEPARATOR, ini_get('open_basedir')); + + $found = false; + + foreach ($parts as $p) { + if (strpos($path, $p) === 0) { + $found = true; + break; + } + } + + return $found; + } else { + return true; + } +} + +function check_session() { + + global $messages; + + if ($_GET && isset($_GET['clear'])) { + session_destroy(); + $_SESSION = array(); + init_session(); + return false; + } + + $bad_path = false; + + if (isset($_GET['generate'])) { + if (!$_SESSION['server_url']) { + $messages[] = "Please enter a server URL."; + } + + if (!isset($_SESSION['store_type'])) { + $messages[] = "No store type chosen."; + } else { + switch ($_SESSION['store_type']) { + case "Filesystem": + if (!@$_SESSION['store_data']['fs_path']) { + $messages[] = "Please specify a filesystem store path."; + } else { + if (!check_open_basedir($_SESSION['store_data']['fs_path'])) { + $messages[] = "The filesystem store path violates PHP's <code>open_basedir</code> setting."; + $bad_path = true; + } + } + break; + + case "SQLite": + if (!@$_SESSION['store_data']['sqlite_path']) { + $messages[] = "Please specify a SQLite database path."; + } else { + if (!check_open_basedir($_SESSION['store_data']['sqlite_path'])) { + $messages[] = "The SQLite store path violates PHP's <code>open_basedir</code> setting."; + $bad_path = true; + } + } + break; + + default: + if (!($_SESSION['store_data']['host'] && + $_SESSION['store_data']['database'] && + $_SESSION['store_data']['username'] && + $_SESSION['store_data']['password'])) { + $messages[] = "Please specify database connection details."; + } + } + } + } + + if ($_SESSION['store_type'] && + $_SESSION['server_url'] && + (parse_url($_SESSION['server_url']) !== false) && + ((($_SESSION['store_type'] == 'Filesystem') && + $_SESSION['store_data']['fs_path']) || + (($_SESSION['store_type'] == 'SQLite') && + $_SESSION['store_data']['sqlite_path']) || + ($_SESSION['store_data']['host'] && + $_SESSION['store_data']['username'] && + $_SESSION['store_data']['database'] && + $_SESSION['store_data']['password'])) && + !$bad_path) { + + return true; + } + + return false; +} + +function render_form() { + + global $store_types, $fields, $messages; + + $basedir_msg = ""; + + if (ini_get('open_basedir')) { + $basedir_msg = "</br><span class=\"notice\">Note: Due to the ". + "<code>open_basedir</code> php.ini setting, be sure to ". + "choose a path in one of the following directories:<ul><li>". + implode("<li>", + explode(PATH_SEPARATOR, ini_get('open_basedir'))). + "</ul></span>"; + } + + $sqlite_found = false; + if (extension_loaded('sqlite') || + @dl('sqlite.' . PHP_SHLIB_SUFFIX)) { + $sqlite_found = true; + } + + $mysql_found = false; + if (extension_loaded('mysql') || + @dl('mysql.' . PHP_SHLIB_SUFFIX)) { + $mysql_found = true; + } + + $pgsql_found = false; + if (extension_loaded('pgsql') || + @dl('pgsql.' . PHP_SHLIB_SUFFIX)) { + $pgsql_found = true; + } + +?> +<html> + <head> + <style type="text/css"> +span.label { + float: left; + width: 2in; +} + +span.notice { + color: red; + font-size: 80%; +} + +div p { + border-top: 1px solid #ccc; + font-style: italic; + padding-top: 0.5em; +} + +div { + padding: 3px; +} + +div.store_fields { + margin-left: 2in; + padding: default; +} + +div.store_fields label.field { + float: left; + width: 1.75in; +} + +div.store_fields > div { + border: 1px solid gray; + margin-bottom: 0.5em; + background: #eee; +} + +div.store_fields > div > div { + margin-left: 0.4in; +} + +div.errors { + background: #faa; + border: 1px solid red; +} + +</style> +</head> +<body> + +<h2>OpenID Example Server Configuration</h2> + +<?php +if ($messages) { + print "<div class=\"errors\">"; + foreach ($messages as $m) { + print "<div>$m</div>"; + } + print "</div>"; + +} +?> + +<p> +Your browser has been redirected to this page so you can configure the +server example. This form will auto-generate an OpenID example server +configuration for use with the OpenID server example. +</p> + +<form> +<div> + + <p> + The server URL is the URL that points to the "server.php" file. It + looks like your server URL should be <code><?php print build_url(); ?></code>. + </p> + + <span class="label"><label for="i_server_url">Server URL:</label></span> + <span> + <input type="text" id="i_server_url" size="35" name="server_url" + value="<?php print $_SESSION['server_url'] ?>"> + </span> +</div> + +<div> + + <p> + If this package isn't installed in the PHP include path, the package's + directory should be added. For example, if the package is in + <code>/home/me/PHP-OpenID/</code>, you should enter that directory here. + </p> + + <span class="label"> + <label for="i_include_path">Include path (optional):</label> + </span> + <span> + <input type="text" id="i_include_path" size="35" name="include_path" + value="<?php print $_SESSION['include_path'] ?>"> + </span> +</div> + +<div> + + <p> + The server needs to store OpenID information in a "store". The + following store types are available on your PHP installation: + </p> + + <span class="label">Store method:</span> + <div class="store_fields"> + + <div> + <input type="radio" name="store_type" value="Filesystem" + id="i_filesystem"<?php if ($_SESSION['store_type'] == 'Filesystem') { print " CHECKED"; } ?>> + <label for="i_filesystem">Filesystem</label> + <div> + <label for="i_fs_path" class="field">Filesystem path:</label> + <input type="text" name="fs_path" id="i_fs_path" + value="<?php print @$_SESSION['store_data']['fs_path']; ?>"> + <?php print $basedir_msg; ?> + </div> + </div> + +<?php if ($sqlite_found) { ?> + <div> + <input type="radio" name="store_type" value="SQLite" + id="i_sqlite"<?php if ($_SESSION['store_type'] == 'SQLite') { print " CHECKED"; } ?>> + <label for="i_sqlite">SQLite</label> + <div> + <label for="i_sqlite_path" class="field">SQLite database path:</label> + <input type="text" value="<?php print @$_SESSION['store_data']['sqlite_path']; ?>" + name="sqlite_path" id="i_sqlite_path"> + <?php print $basedir_msg; ?> + </div> + </div> +<?php } ?> + + +<?php if ($mysql_found || $pgsql_found) { ?> + <div> + +<?php if ($mysql_found) { ?> + <input type="radio" name="store_type" value="MySQL" + id="i_mysql"<?php if ($_SESSION['store_type'] == 'MySQL') { print " CHECKED"; } ?>> + <label for="i_mysql">MySQL</label> +<?php } ?> + +<?php if ($pgsql_found) { ?> + <input type="radio" name="store_type" value="PostgreSQL" + id="i_pgsql"<?php if ($_SESSION['store_type'] == 'PostgreSQL') { print " CHECKED"; } ?>> + <label for="i_pgsql">PostgreSQL</label> +<?php } ?> + + <div> + <label for="i_m_host" class="field">Host:</label> + <input type="text" value="<?php print @$_SESSION['store_data']['host']; ?>" name="host" id="i_m_host"> + </div> + <div> + <label for="i_m_database" class="field">Database:</label> + <input value="<?php print @$_SESSION['store_data']['database']; ?>" type="text" name="database" id="i_m_database"> + </div> + <div> + <label for="i_m_username" class="field">Username:</label> + <input type="text" name="username" id="i_m_username" value="<?php print @$_SESSION['store_data']['username']; ?>"> + </div> + <div> + <label for="i_m_password" class="field">Password:</label> + <input type="password" name="password" id="i_m_password" value="<?php print @$_SESSION['store_data']['password']; ?>"> + </div> + </div> +<?php } ?> +</div> +</div> + +<input type="submit" name="generate" value="Generate Configuration"> +</form> +</body> +</html> +<?php +} + +function init_session() { + + global $messages; + + // Set a guess value for the server url. + if (!array_key_exists('server_url', $_SESSION)) { + $_SESSION['server_url'] = build_url(); + } + + foreach (array('server_url', 'include_path', 'store_type') as $key) { + if (!isset($_SESSION[$key])) { + $_SESSION[$key] = ""; + } + } + + if (!isset($_SESSION['store_data'])) { + $_SESSION['store_data'] = array(); + } + + foreach (array('server_url', 'include_path', 'store_type') as $field) { + if (array_key_exists($field, $_GET)) { + $_SESSION[$field] = $_GET[$field]; + } + } + + foreach (array('username', 'password', 'database', 'host', 'fs_path', 'sqlite_path') as $field) { + if (array_key_exists($field, $_GET)) { + $_SESSION['store_data'][$field] = $_GET[$field]; + } + } +} + +function generate_config($download = false) { + + if ($download) { + // Emit headers to force browser download. + header("Content-type: text/plain"); + header("Content-disposition: attachment; filename=config.php"); + print "<?php\n"; + } else { +?> +<html> +<body> + +<h2>OpenID Example Server Configuration</h2> + +<p> +Put the following text into <strong><?php print dirname(__FILE__); print DIRECTORY_SEPARATOR; ?>config.php</strong>. +</p> + +<p> +<a href="setup.php?clear=1">Back to form</a> (resets settings) +</p> + +<p> +<a href="setup.php?download=1">Download this configuration</a> +</p> + +<pre style="border: 1px solid gray; background: #eee; padding: 5px;"> +<?php +print "<?php\n"; +} +?> +<?php if ($_SESSION['include_path']) { ?> +/** + * Set any extra include paths needed to use the library + */ +set_include_path(get_include_path() . PATH_SEPARATOR . "<?php +print $_SESSION['include_path']; +?>"); + +<?php } ?> +/** + * The URL for the server. + * + * This is the location of server.php. For example: + * + * $server_url = 'http://example.com/~user/server.php'; + * + * This must be a full URL. + */ +$server_url = "<?php +print $_SESSION['server_url']; +?>"; + +/** + * Initialize an OpenID store + * + * @return object $store an instance of OpenID store (see the + * documentation for how to create one) + */ +function getOpenIDStore() +{ + <?php + + switch ($_SESSION['store_type']) { + case "Filesystem": + + print "require_once \"Auth/OpenID/FileStore.php\";\n "; + print "return new Auth_OpenID_FileStore(\"".$_SESSION['store_data']['fs_path']."\");\n"; + break; + + case "SQLite": + + print "require_once \"Auth/OpenID/SQLiteStore.php\";\n "; + print "\$s = new Auth_OpenID_SQLiteStore(\"".$_SESSION['store_data']['sqlite_path']."\");\n "; + print "\$s->createTables();\n "; + print "return \$s;\n"; + break; + + case "MySQL": + + ?>require_once 'Auth/OpenID/MySQLStore.php'; + require_once 'DB.php'; + + $dsn = array( + 'phptype' => 'mysql', + 'username' => '<?php print $_SESSION['store_data']['username']; ?>', + 'password' => '<?php print $_SESSION['store_data']['password']; ?>', + 'hostspec' => '<?php print $_SESSION['store_data']['host']; ?>' + ); + + $db =& DB::connect($dsn); + + if (PEAR::isError($db)) { + return null; + } + + $db->query("USE <?php print $_SESSION['store_data']['database']; ?>"); + + $s =& new Auth_OpenID_MySQLStore($db); + + $s->createTables(); + + return $s; +<?php + break; + + case "PostgreSQL": + + ?>require_once 'Auth/OpenID/PostgreSQLStore.php'; + require_once 'DB.php'; + + $dsn = array( + 'phptype' => 'pgsql', + 'username' => '<?php print $_SESSION['store_data']['username']; ?>', + 'password' => '<?php print $_SESSION['store_data']['password']; ?>', + 'hostspec' => '<?php print $_SESSION['store_data']['host']; ?>', + 'database' => '<?php print $_SESSION['store_data']['database']; ?>' + ); + + $db =& DB::connect($dsn); + + if (PEAR::isError($db)) { + return null; + } + + $s =& new Auth_OpenID_PostgreSQLStore($db); + + $s->createTables(); + + return $s; +<?php + break; + } + + ?> +} + +<?php + print "?>"; + if (!$download) { +?> +</pre> +</body> +</html> +<?php + } + } // end function generate_config () +?> |