From d9bf22a0e29c2a70049443a0ae8521a2c0492c8b Mon Sep 17 00:00:00 2001 From: Cash Costello Date: Sun, 11 Dec 2011 06:38:23 -0500 Subject: initial commit for git repository --- models/openid-php-openid-782224d/examples/README | 134 +++++ .../examples/consumer/common.php | 97 ++++ .../examples/consumer/finish_auth.php | 98 ++++ .../examples/consumer/index.php | 73 +++ .../examples/consumer/try_auth.php | 83 +++ .../openid-php-openid-782224d/examples/detect.php | 536 ++++++++++++++++++++ .../examples/discover.php | 100 ++++ .../examples/server/index.php | 5 + .../examples/server/lib/actions.php | 164 ++++++ .../examples/server/lib/common.php | 95 ++++ .../examples/server/lib/render.php | 114 +++++ .../examples/server/lib/render/about.php | 47 ++ .../examples/server/lib/render/idpXrds.php | 32 ++ .../examples/server/lib/render/idpage.php | 31 ++ .../examples/server/lib/render/login.php | 65 +++ .../examples/server/lib/render/trust.php | 56 +++ .../examples/server/lib/render/userXrds.php | 34 ++ .../examples/server/lib/session.php | 178 +++++++ .../examples/server/openid-server.css | 74 +++ .../examples/server/server.php | 48 ++ .../examples/server/setup.php | 558 +++++++++++++++++++++ 21 files changed, 2622 insertions(+) create mode 100644 models/openid-php-openid-782224d/examples/README create mode 100644 models/openid-php-openid-782224d/examples/consumer/common.php create mode 100644 models/openid-php-openid-782224d/examples/consumer/finish_auth.php create mode 100644 models/openid-php-openid-782224d/examples/consumer/index.php create mode 100644 models/openid-php-openid-782224d/examples/consumer/try_auth.php create mode 100644 models/openid-php-openid-782224d/examples/detect.php create mode 100644 models/openid-php-openid-782224d/examples/discover.php create mode 100644 models/openid-php-openid-782224d/examples/server/index.php create mode 100644 models/openid-php-openid-782224d/examples/server/lib/actions.php create mode 100644 models/openid-php-openid-782224d/examples/server/lib/common.php create mode 100644 models/openid-php-openid-782224d/examples/server/lib/render.php create mode 100644 models/openid-php-openid-782224d/examples/server/lib/render/about.php create mode 100644 models/openid-php-openid-782224d/examples/server/lib/render/idpXrds.php create mode 100644 models/openid-php-openid-782224d/examples/server/lib/render/idpage.php create mode 100644 models/openid-php-openid-782224d/examples/server/lib/render/login.php create mode 100644 models/openid-php-openid-782224d/examples/server/lib/render/trust.php create mode 100644 models/openid-php-openid-782224d/examples/server/lib/render/userXrds.php create mode 100644 models/openid-php-openid-782224d/examples/server/lib/session.php create mode 100644 models/openid-php-openid-782224d/examples/server/openid-server.css create mode 100644 models/openid-php-openid-782224d/examples/server/server.php create mode 100644 models/openid-php-openid-782224d/examples/server/setup.php (limited to 'models/openid-php-openid-782224d/examples') diff --git a/models/openid-php-openid-782224d/examples/README b/models/openid-php-openid-782224d/examples/README new file mode 100644 index 000000000..fd01ccbbd --- /dev/null +++ b/models/openid-php-openid-782224d/examples/README @@ -0,0 +1,134 @@ +OpenID Example Code +------------------- + +After you've installed this package (see ../README), you can use these +example packages to get started. They'll show you what this package +can do, and you can use them as the basis for your own OpenID support. + +consumer/: OpenID Example Consumer +================================== + +NOTE: If you want to try the example consumer without installing this +package, just make sure you add the package's 'Auth' directory to your +PHP include path. + +To try the example consumer implementation, just copy the consumer/ +directory into a place on your web server and point your browser at +the new directory. + +1. Check to be sure that /tmp is in your "open_basedir" configuration, + if open_basedir is being used to restrict PHP's file I/O. See + http://us2.php.net/features.safe-mode for more information. For + example, in your php.ini, change + + open_basedir = "..." + + to + + open_basedir = "/tmp:..." + + (If you really don't want to add /tmp to your open_basedir, you can + modify consumer/common.php and change $store_path so it doesn't + create the store directory in /tmp.) + +2. Copy or symlink the consumer/ directory into a part of your + webserver's docroot. For example, if your DocumentRoot is + /var/www/, do this: + + # cd /var/www + # ln -s /path/to/PHP-OpenID-X.Y.Z/examples/consumer + +3. Navigate to http://www.example.com/consumer and enter an OpenID + into the form presented there and click "Verify". + +consumer/ Files +=============== + +The 'index.php' file will render a form and get you started. These +are the example consumer files: + + consumer/index.php - Renders a form so you can begin the OpenID auth +process. The form submits the OpenID to try_auth.php. + + consumer/try_auth.php - Starts the authentication with the OpenID +server that manages your OpenID and redirects your browser to the +server's login page. Instructs the server to return to +finish_auth.php when you're done authenticating. + + consumer/finish_auth.php - Finishes the authentication by checking +the server's response. Tells you if the authentication was +successful. + + consumer/common.php - Includes the setup code you'll need to create +a Consumer object and participate in an OpenID authentication. + +server/: OpenID Example Server +============================== + +To try the example server, follow these steps: + +1. Copy or symlink the server/ directory into a part of your + webserver's docroot. For example, if your DocumentRoot is + /var/www/, do this: + + # cd /var/www + # ln -s /path/to/PHP-OpenID-X.Y.Z/examples/server + +2. Navigate to the server example. You'll be redirected to + server/setup.php where you can choose some configuration options to + generate a configuration. Once finished, you can download a file + "config.php." Save that file in the example server directory. + +The example server has the following features: + + - It serves its own identity pages, whose URLs are of the form + + http://.../server/server.php/idpage?user=USERNAME + + - It does not require passwords. + + - It does not support a "trusted sites" page, as you pointed out. + +In general, the example server is NOT supposed to be treated as a +fully-equiped OpenID server (i.e., with user accounts and other +state). It is supposed to demonstrate how to write PHP applications +that use the library. + +Upgrading from the 1.X.X example server +======================================= + +The 2.X.X library's example server is different from the 1.X.X example +server in the following ways: + + - The new example server does not support authenticating arbitrary + URLs. It serves its own URLs. This makes it easier to set up and + test. + + - The new example server does not support password authentication. + This makes it easier to set up and is not necessary for + illustrating the use of the library. + + - The new example server does not have a "trusted sites" page. + +server/ Files +============= + +These files make up the server example code: + + config.php - The configuration file you'll need to customize to run +the example server. + + server.php - The PHP rendering script that takes care of handling +server requests from both regular user agents and consumers. + + lib/actions.php - Handles the various types of requests that the +server supports. + + lib/common.php - Supplies functions that wrap the OpenID API calls +to make them easier to use. + + lib/render.php - Miscellaneous page rendering code. + + lib/session.php - Code to handle session data for user settings. + + lib/render/*.php - Files for each page presented by the server. diff --git a/models/openid-php-openid-782224d/examples/consumer/common.php b/models/openid-php-openid-782224d/examples/consumer/common.php new file mode 100644 index 000000000..2f01ba0a6 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/consumer/common.php @@ -0,0 +1,97 @@ + \ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/consumer/finish_auth.php b/models/openid-php-openid-782224d/examples/consumer/finish_auth.php new file mode 100644 index 000000000..b19a665cf --- /dev/null +++ b/models/openid-php-openid-782224d/examples/consumer/finish_auth.php @@ -0,0 +1,98 @@ +complete($return_to); + + // Check the response status. + if ($response->status == Auth_OpenID_CANCEL) { + // This means the authentication was cancelled. + $msg = 'Verification cancelled.'; + } else if ($response->status == Auth_OpenID_FAILURE) { + // Authentication failed; display the error message. + $msg = "OpenID authentication failed: " . $response->message; + } else if ($response->status == Auth_OpenID_SUCCESS) { + // This means the authentication succeeded; extract the + // identity URL and Simple Registration data (if it was + // returned). + $openid = $response->getDisplayIdentifier(); + $esc_identity = escape($openid); + + $success = sprintf('You have successfully verified ' . + '%s as your identity.', + $esc_identity, $esc_identity); + + if ($response->endpoint->canonicalID) { + $escaped_canonicalID = escape($response->endpoint->canonicalID); + $success .= ' (XRI CanonicalID: '.$escaped_canonicalID.') '; + } + + $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); + + $sreg = $sreg_resp->contents(); + + if (@$sreg['email']) { + $success .= " You also returned '".escape($sreg['email']). + "' as your email."; + } + + if (@$sreg['nickname']) { + $success .= " Your nickname is '".escape($sreg['nickname']). + "'."; + } + + if (@$sreg['fullname']) { + $success .= " Your fullname is '".escape($sreg['fullname']). + "'."; + } + + $pape_resp = Auth_OpenID_PAPE_Response::fromSuccessResponse($response); + + if ($pape_resp) { + if ($pape_resp->auth_policies) { + $success .= "

The following PAPE policies affected the authentication:

"; + } else { + $success .= "

No PAPE policies affected the authentication.

"; + } + + if ($pape_resp->auth_age) { + $age = escape($pape_resp->auth_age); + $success .= "

The authentication age returned by the " . + "server is: ".$age."

"; + } + + if ($pape_resp->nist_auth_level) { + $auth_level = escape($pape_resp->nist_auth_level); + $success .= "

The NIST auth level returned by the " . + "server is: ".$auth_level."

"; + } + + } else { + $success .= "

No PAPE response was sent by the provider.

"; + } + } + + include 'index.php'; +} + +run(); + +?> \ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/consumer/index.php b/models/openid-php-openid-782224d/examples/consumer/index.php new file mode 100644 index 000000000..1ff091125 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/consumer/index.php @@ -0,0 +1,73 @@ + + + PHP OpenID Authentication Example + + +

PHP OpenID Authentication Example

+

+ This example consumer uses the PHP + OpenID library. It just verifies that the URL that you enter + is your identity URL. +

+ + $msg"; } ?> + $error"; } ?> + $success"; } ?> + +
+
+ Identity URL: + + + +

Optionally, request these PAPE policies:

+

+ $uri) { + print ""; + print "$uri
"; + } ?> +

+ + +
+
+ + diff --git a/models/openid-php-openid-782224d/examples/consumer/try_auth.php b/models/openid-php-openid-782224d/examples/consumer/try_auth.php new file mode 100644 index 000000000..7efec7657 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/consumer/try_auth.php @@ -0,0 +1,83 @@ +begin($openid); + + // No auth request means we can't begin OpenID. + if (!$auth_request) { + displayError("Authentication error; not a valid OpenID."); + } + + $sreg_request = Auth_OpenID_SRegRequest::build( + // Required + array('nickname'), + // Optional + array('fullname', 'email')); + + if ($sreg_request) { + $auth_request->addExtension($sreg_request); + } + + $policy_uris = $_GET['policies']; + + $pape_request = new Auth_OpenID_PAPE_Request($policy_uris); + if ($pape_request) { + $auth_request->addExtension($pape_request); + } + + // Redirect the user to the OpenID server for authentication. + // Store the token for this authentication so we can verify the + // response. + + // For OpenID 1, send a redirect. For OpenID 2, use a Javascript + // form to send a POST request to the server. + if ($auth_request->shouldSendRedirect()) { + $redirect_url = $auth_request->redirectURL(getTrustRoot(), + getReturnTo()); + + // If the redirect URL can't be built, display an error + // message. + if (Auth_OpenID::isFailure($redirect_url)) { + displayError("Could not redirect to server: " . $redirect_url->message); + } else { + // Send redirect. + header("Location: ".$redirect_url); + } + } else { + // Generate form markup and render it. + $form_id = 'openid_message'; + $form_html = $auth_request->htmlMarkup(getTrustRoot(), getReturnTo(), + false, array('id' => $form_id)); + + // Display an error if the form markup couldn't be generated; + // otherwise, render the HTML. + if (Auth_OpenID::isFailure($form_html)) { + displayError("Could not redirect to server: " . $form_html->message); + } else { + print $form_html; + } + } +} + +run(); + +?> \ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/detect.php b/models/openid-php-openid-782224d/examples/detect.php new file mode 100644 index 000000000..947fe4c95 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/detect.php @@ -0,0 +1,536 @@ +'; + } else { + return $href; + } + } + + function b($text) + { + return '*' . $text . '*'; + } + + function contentType() + { + return 'text/plain'; + } + + function p($text) + { + return wordwrap($text) . "\n\n"; + } + + function pre($text) + { + $out = ''; + $lines = array_map('trim', explode("\n", $text)); + foreach ($lines as $line) { + $out .= ' ' . $line . "\n"; + } + $out .= "\n"; + return $out; + } + + function ol($items) + { + $out = ''; + $c = 1; + foreach ($items as $item) { + $item = wordwrap($item, 72); + $lines = array_map('trim', explode("\n", $item)); + $out .= $c . '. ' . $lines[0] . "\n"; + unset($lines[0]); + foreach ($lines as $line) { + $out .= ' ' . $line . "\n"; + } + $out .= "\n"; + $c += 1; + } + return $out; + } + + function h2($text) + { + return $this->h($text, 2); + } + + function h1($text) + { + return $this->h($text, 1); + } + + function h($text, $n) + { + $chars = '#=+-.'; + $c = $chars[$n - 1]; + return "\n" . $text . "\n" . str_repeat($c, strlen($text)) . "\n\n"; + } + + function end() + { + return ''; + } +} + +class HTML { + function start($title) + { + return '' . $title . '' . + $this->stylesheet(). + '' . "\n"; + } + + function stylesheet() + { + return "'; + } + + function tt($text) + { + return '' . $text . ''; + } + + function contentType() + { + return 'text/html'; + } + + function b($text) + { + return '' . $text . ''; + } + + function p($text) + { + return '

' . wordwrap($text) . "

\n"; + } + + function pre($text) + { + return '
' . $text . "
\n"; + } + + function ol($items) + { + $out = '
    '; + foreach ($items as $item) { + $out .= '
  1. ' . wordwrap($item) . "
    2. \n"; + } + $out .= "
\n"; + return $out; + } + + function h($text, $n) + { + return "$text\n"; + } + + function h2($text) + { + return $this->h($text, 2); + } + + function h1($text) + { + return $this->h($text, 1); + } + + function link($href, $text=null) + { + return '' . ($text ? $text : $href) . ''; + } + + function end() + { + return "\n\n"; + } +} + +if (isset($_SERVER['REQUEST_METHOD'])) { + $r = new HTML(); +} else { + $r = new PlainText(); +} + +function detect_math($r, &$out) +{ + $out .= $r->h2('Math support'); + $ext = Auth_OpenID_detectMathLibrary(Auth_OpenID_math_extensions()); + if (!isset($ext['extension']) || !isset($ext['class'])) { + $out .= $r->p( + 'Your PHP installation does not include big integer math ' . + 'support. This support is required if you wish to run a ' . + 'secure OpenID server without using SSL.'); + $out .= $r->p('To use this library, you have a few options:'); + + $gmp_lnk = $r->link('http://www.php.net/manual/en/ref.gmp.php', 'GMP'); + $bc_lnk = $r->link('http://www.php.net/manual/en/ref.bc.php', 'bcmath'); + $out .= $r->ol(array( + 'Install the ' . $gmp_lnk . ' PHP extension', + 'Install the ' . $bc_lnk . ' PHP extension', + 'If your site is low-security, call ' . + 'Auth_OpenID_setNoMathSupport(), defined in Auth/OpenID/BigMath.php. ', + 'The library will function, but ' . + 'the security of your OpenID server will depend on the ' . + 'security of the network links involved. If you are only ' . + 'using consumer support, you should still be able to operate ' . + 'securely when the users are communicating with a ' . + 'well-implemented server.')); + return false; + } else { + switch ($ext['extension']) { + case 'bcmath': + $out .= $r->p('Your PHP installation has bcmath support. This is ' . + 'adequate for small-scale use, but can be CPU-intensive. ' . + 'You may want to look into installing the GMP extension.'); + $lnk = $r->link('http://www.php.net/manual/en/ref.gmp.php'); + $out .= $r->p('See ' . $lnk .' for more information ' . + 'about the GMP extension.'); + break; + case 'gmp': + $out .= $r->p('Your PHP installation has gmp support. Good.'); + break; + default: + $class = $ext['class']; + $lib = new $class(); + $one = $lib->init(1); + $two = $lib->add($one, $one); + $t = $lib->toString($two); + $out .= $r->p('Uh-oh. I do not know about the ' . + $ext['extension'] . ' extension!'); + if ($t != '2') { + $out .= $r->p('It looks like it is broken. 1 + 1 = ' . + var_export($t, false)); + return false; + } else { + $out .= $r->p('But it seems to be able to add one and one.'); + } + } + return true; // Math library is OK + } +} + +function detect_random($r, &$out) +{ + $out .= $r->h2('Cryptographic-quality randomness source'); + if (Auth_OpenID_RAND_SOURCE === null) { + $out .= $r->p('Using (insecure) pseudorandom number source, because ' . + 'Auth_OpenID_RAND_SOURCE has been defined as null.'); + return false; + } + + $msg = 'The library will try to access ' . Auth_OpenID_RAND_SOURCE + . ' as a source of random data. '; + + $numbytes = 6; + + $f = @fopen(Auth_OpenID_RAND_SOURCE, 'r'); + if ($f !== false) { + $data = fread($f, $numbytes); + $stat = fstat($f); + $size = $stat['size']; + fclose($f); + } else { + $data = null; + $size = true; + } + + if ($f !== false) { + $dataok = (Auth_OpenID::bytes($data) == $numbytes); + $ok = $dataok && !$size; + $msg .= 'It seems to exist '; + if ($dataok) { + $msg .= 'and be readable. Here is some hex data: ' . + bin2hex($data) . '.'; + } else { + $msg .= 'but reading data failed.'; + } + if ($size) { + $msg .= ' This is a ' . $size . ' byte file. Unless you know ' . + 'what you are doing, it is likely that you are making a ' . + 'mistake by using a regular file as a randomness source.'; + } + } else { + $msg .= Auth_OpenID_RAND_SOURCE . + ' could not be opened. This could be because of restrictions on' . + ' your PHP environment or that randomness source may not exist' . + ' on this platform.'; + if (IS_WINDOWS) { + $msg .= ' You seem to be running Windows. This library does not' . + ' have access to a good source of randomness on Windows.'; + } + $ok = false; + } + + $out .= $r->p($msg); + + if (!$ok) { + $out .= $r->p( + 'To set a source of randomness, define Auth_OpenID_RAND_SOURCE ' . + 'to the path to the randomness source. If your platform does ' . + 'not provide a secure randomness source, the library can' . + 'operate in pseudorandom mode, but it is then vulnerable to ' . + 'theoretical attacks. If you wish to operate in pseudorandom ' . + 'mode, define Auth_OpenID_RAND_SOURCE to null.'); + $out .= $r->p('You are running on:'); + $out .= $r->pre(php_uname()); + $out .= $r->p('There does not seem to be an available source ' . + 'of randomness. On a Unix-like platform ' . + '(including MacOS X), try /dev/random and ' . + '/dev/urandom.'); + } + return $ok; +} + +function detect_stores($r, &$out) +{ + $out .= $r->h2('Data storage'); + + $found = array(); + foreach (array('sqlite', 'mysql', 'pgsql') as $dbext) { + if (extension_loaded($dbext) || @dl($dbext . '.' . PHP_SHLIB_SUFFIX)) { + $found[] = $dbext; + } + } + if (count($found) == 0) { + $text = 'No SQL database support was found in this PHP ' . + 'installation. See the PHP manual if you need to ' . + 'use an SQL database.'; + } else { + $text = 'Support was found for '; + if (count($found) == 1) { + $text .= $found[0] . '.'; + } else { + $last = array_pop($found); + $text .= implode(', ', $found) . ' and ' . $last . '.'; + } + $text = $r->b($text); + } + $text .= ' The library supports the MySQL, PostgreSQL, and SQLite ' . + 'database engines, as well as filesystem-based storage. In ' . + 'addition, PEAR DB is required to use databases.'; + $out .= $r->p($text); + + if (function_exists('posix_getpwuid') && + function_exists('posix_geteuid')) { + $processUser = posix_getpwuid(posix_geteuid()); + $web_user = $r->b($r->tt($processUser['name'])); + } else { + $web_user = 'the PHP process'; + } + + if (in_array('sqlite', $found)) { + $out .= $r->p('If you are using SQLite, your database must be ' . + 'writable by ' . $web_user . ' and not available over' . + ' the web.'); + } + + $basedir_str = ini_get('open_basedir'); + if (gettype($basedir_str) == 'string') { + $url = 'http://www.php.net/manual/en/features.safe-mode.php' . + '#ini.open-basedir'; + $lnk = $r->link($url, 'open_basedir'); + $out .= $r->p('If you are using a filesystem-based store or SQLite, ' . + 'be aware that ' . $lnk . ' is in effect. This means ' . + 'that your data will have to be stored in one of the ' . + 'following locations:'); + $out .= $r->pre(var_export($basedir_str, true)); + } else { + $out .= $r->p('The ' . $r->b($r->tt('open_basedir')) . ' configuration restriction ' . + 'is not in effect.'); + } + + $out .= $r->p('If you are using the filesystem store, your ' . + 'data directory must be readable and writable by ' . + $web_user . ' and not availabe over the Web.'); + return true; +} + +function detect_xml($r, &$out) +{ + global $__Auth_Yadis_xml_extensions; + + $out .= $r->h2('XML Support'); + + // Try to get an XML extension. + $ext = Auth_Yadis_getXMLParser(); + + if ($ext !== null) { + $out .= $r->p('XML parsing support is present using the '. + $r->b(get_class($ext)).' interface.'); + return true; + } else { + $out .= $r->p('XML parsing support is absent; please install one '. + 'of the following PHP extensions:'); + foreach ($__Auth_Yadis_xml_extensions as $name => $cls) { + $out .= "
  • " . $r->b($name) . "
    • "; + } + return false; + } +} + +function detect_query_corruption($r, &$out) +{ + $out .= $r->h2('Query Corruption'); + if ($_SERVER["QUERY_STRING"]!="test_query=a%26b") + { + $out.=$r->p("Your web server seems to corrupt queries. Received ".$_SERVER["QUERY_STRING"].", expected a=%26b. Check for mod_encoding."); + return false; + } + else + { + $out.=$r->p("Your web server does not corrupt queries. Good."); + return true; + } +} + +function detect_fetcher($r, &$out) +{ + $out .= $r->h2('HTTP Fetching'); + + $result = @include 'Auth/Yadis/Yadis.php'; + + if (!$result) { + $out .= $r->p('Yadis code unavailable; could not test fetcher support.'); + return false; + } + + if (Auth_Yadis_Yadis::curlPresent()) { + $out .= $r->p('This PHP installation has support for libcurl. Good.'); + } else { + $out .= $r->p('This PHP installation does not have support for ' . + 'libcurl. CURL is not required but is recommended. '. + 'The OpenID library will use an fsockopen()-based fetcher.'); + $lnk = $r->link('http://us3.php.net/manual/en/ref.curl.php'); + $out .= $r->p('See ' . $lnk . ' about enabling the libcurl support ' . + 'for PHP.'); + } + + $ok = true; + $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); + $fetch_url = 'http://www.openidenabled.com/resources/php-fetch-test'; + $expected_url = $fetch_url . '.txt'; + $result = $fetcher->get($fetch_url); + + if (isset($result)) { + $parts = array('An HTTP request was completed.'); + // list ($code, $url, $data) = $result; + if ($result->status != '200' && $result->status != '206') { + $ok = false; + $parts[] = $r->b( + sprintf( + 'Got %s instead of the expected HTTP status ' . + 'code (200 or 206).', $result->status)); + } + + $url = $result->final_url; + if ($url != $expected_url) { + $ok = false; + if ($url == $fetch_url) { + $msg = 'The redirected URL was not returned.'; + } else { + $msg = 'An unexpected URL was returned: <' . $url . '>.'; + } + $parts[] = $r->b($msg); + } + + $data = $result->body; + if ($data != 'Hello World!') { + $ok = false; + $parts[] = $r->b('Unexpected data was returned.'); + } + $out .= $r->p(implode(' ', $parts)); + } else { + $ok = false; + $out .= $r->p('Fetching URL ' . $lnk . ' failed!'); + } + + if ($fetcher->supportsSSL()) { + $out .= $r->p('Your PHP installation appears to support SSL, so it ' . + 'will be able to process HTTPS identity URLs and server URLs.'); + } else { + $out .= $r->p('Your PHP installation does not support SSL, so it ' . + 'will NOT be able to process HTTPS identity URLs and server URLs.'); + } + + return $ok; +} + +header('Content-Type: ' . $r->contentType() . '; charset=us-ascii'); +if (!$_GET["test_query"]) +{ + header("Location: ".$_SERVER['PHP_SELF']."?test_query=a%26b"); +} + + $title = 'OpenID Library Support Report'; +$out = $r->start($title) . + $r->h1($title) . + $r->p('This script checks your PHP installation to determine if you ' . + 'are set up to use the JanRain PHP OpenID library.'); + +$body = ''; + +$_include = include 'Auth/OpenID.php'; + +if (!$_include) { + $path = ini_get('include_path'); + $body .= $r->p( + 'Cannot find the OpenID library. It must be in your PHP include ' . + 'path. Your PHP include path is currently:'); + $body .= $r->pre($path); +} else { + $status = array(); + + $status[] = detect_math($r, $body); + $status[] = detect_random($r, $body); + $status[] = detect_stores($r, $body); + $status[] = detect_fetcher($r, $body); + $status[] = detect_xml($r, $body); + $status[] = detect_query_corruption($r, $body); + $result = true; + + foreach ($status as $v) { + if (!$v) { + $result = false; + break; + } + } + + if ($result) { + $out .= $r->h2('Setup Complete!'); + $out .= $r->p('Your system should be ready to run the OpenID library.'); + } else { + $out .= $r->h2('Setup Incomplete'); + $out .= $r->p('Your system needs a few changes before it will be ready to run the OpenID library.'); + } +} + +$out .= $body . $r->end(); +print $out; +?> diff --git a/models/openid-php-openid-782224d/examples/discover.php b/models/openid-php-openid-782224d/examples/discover.php new file mode 100644 index 000000000..31e6b61b7 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/discover.php @@ -0,0 +1,100 @@ + + + +OpenID discovery + + +

    OpenID discovery tool

    +

    + Enter an OpenID URL to begin discovery: +

    +
    + + +
    + +

    Discovery Results for

    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    Claimed Identifier
    No OpenID services discovered.
    Discovered OpenID services:
    Server URLserver_url) ?>
    Local IDlocal_id) ?>
    +

    Service types:

    +
      +type_uris as $type_uri) { +?> +
      • + +
    +
    + + + \ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/index.php b/models/openid-php-openid-782224d/examples/server/index.php new file mode 100644 index 000000000..7a9506458 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/index.php @@ -0,0 +1,5 @@ + \ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/actions.php b/models/openid-php-openid-782224d/examples/server/lib/actions.php new file mode 100644 index 000000000..50dc19a1b --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/actions.php @@ -0,0 +1,164 @@ +decodeRequest(); + + if (!$request) { + return about_render(); + } + + setRequestInfo($request); + + if (in_array($request->mode, + array('checkid_immediate', 'checkid_setup'))) { + + if ($request->idSelect()) { + // Perform IDP-driven identifier selection + if ($request->mode == 'checkid_immediate') { + $response =& $request->answer(false); + } else { + return trust_render($request); + } + } else if ((!$request->identity) && + (!$request->idSelect())) { + // No identifier used or desired; display a page saying + // so. + return noIdentifier_render(); + } else if ($request->immediate) { + $response =& $request->answer(false, buildURL()); + } else { + if (!getLoggedInUser()) { + return login_render(); + } + return trust_render($request); + } + } else { + $response =& $server->handleRequest($request); + } + + $webresponse =& $server->encodeResponse($response); + + if ($webresponse->code != AUTH_OPENID_HTTP_OK) { + header(sprintf("HTTP/1.1 %d ", $webresponse->code), + true, $webresponse->code); + } + + foreach ($webresponse->headers as $k => $v) { + header("$k: $v"); + } + + header(header_connection_close); + print $webresponse->body; + exit(0); +} + +/** + * Log out the currently logged in user + */ +function action_logout() +{ + setLoggedInUser(null); + setRequestInfo(null); + return authCancel(null); +} + +/** + * Check the input values for a login request + */ +function login_checkInput($input) +{ + $openid_url = false; + $errors = array(); + + if (!isset($input['openid_url'])) { + $errors[] = 'Enter an OpenID URL to continue'; + } + if (count($errors) == 0) { + $openid_url = $input['openid_url']; + } + return array($errors, $openid_url); +} + +/** + * Log in a user and potentially continue the requested identity approval + */ +function action_login() +{ + $method = $_SERVER['REQUEST_METHOD']; + switch ($method) { + case 'GET': + return login_render(); + case 'POST': + $info = getRequestInfo(); + $fields = $_POST; + if (isset($fields['cancel'])) { + return authCancel($info); + } + + list ($errors, $openid_url) = login_checkInput($fields); + if (count($errors) || !$openid_url) { + $needed = $info ? $info->identity : false; + return login_render($errors, @$fields['openid_url'], $needed); + } else { + setLoggedInUser($openid_url); + return doAuth($info); + } + default: + return login_render(array('Unsupported HTTP method: $method')); + } +} + +/** + * Ask the user whether he wants to trust this site + */ +function action_trust() +{ + $info = getRequestInfo(); + $trusted = isset($_POST['trust']); + return doAuth($info, $trusted, true, @$_POST['idSelect']); +} + +function action_idpage() +{ + $identity = $_GET['user']; + return idpage_render($identity); +} + +function action_idpXrds() +{ + return idpXrds_render(); +} + +function action_userXrds() +{ + $identity = $_GET['user']; + return userXrds_render($identity); +} + +?> \ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/common.php b/models/openid-php-openid-782224d/examples/server/lib/common.php new file mode 100644 index 000000000..80d05f51a --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/common.php @@ -0,0 +1,95 @@ +getCancelURL(); + } else { + $url = getServerURL(); + } + return redirect_render($url); +} + +function doAuth($info, $trusted=null, $fail_cancels=false, + $idpSelect=null) +{ + if (!$info) { + // There is no authentication information, so bail + return authCancel(null); + } + + if ($info->idSelect()) { + if ($idpSelect) { + $req_url = idURL($idpSelect); + } else { + $trusted = false; + } + } else { + $req_url = $info->identity; + } + + $user = getLoggedInUser(); + setRequestInfo($info); + + if ((!$info->idSelect()) && ($req_url != idURL($user))) { + return login_render(array(), $req_url, $req_url); + } + + $trust_root = $info->trust_root; + + if ($trusted) { + setRequestInfo(); + $server =& getServer(); + $response =& $info->answer(true, null, $req_url); + + // Answer with some sample Simple Registration data. + $sreg_data = array( + 'fullname' => 'Example User', + 'nickname' => 'example', + 'dob' => '1970-01-01', + 'email' => 'invalid@example.com', + 'gender' => 'F', + 'postcode' => '12345', + 'country' => 'ES', + 'language' => 'eu', + 'timezone' => 'America/New_York'); + + // Add the simple registration response values to the OpenID + // response message. + $sreg_request = Auth_OpenID_SRegRequest::fromOpenIDRequest( + $info); + + $sreg_response = Auth_OpenID_SRegResponse::extractResponse( + $sreg_request, $sreg_data); + + $sreg_response->toMessage($response->fields); + + // Generate a response to send to the user agent. + $webresponse =& $server->encodeResponse($response); + + $new_headers = array(); + + foreach ($webresponse->headers as $k => $v) { + $new_headers[] = $k.": ".$v; + } + + return array($new_headers, $webresponse->body); + } elseif ($fail_cancels) { + return authCancel($info); + } else { + return trust_render($info); + } +} + +?> \ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/render.php b/models/openid-php-openid-782224d/examples/server/lib/render.php new file mode 100644 index 000000000..33d2aefcd --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render.php @@ -0,0 +1,114 @@ + + + + + %s +%s + + + %s +
    +

    %s

    + %s +
    + +'); + +define('logged_in_pat', 'You are logged in as %s (URL: %s)'); + +/** + * HTTP response line contstants + */ +define('http_bad_request', 'HTTP/1.1 400 Bad Request'); +define('http_found', 'HTTP/1.1 302 Found'); +define('http_ok', 'HTTP/1.1 200 OK'); +define('http_internal_error', 'HTTP/1.1 500 Internal Error'); + +/** + * HTTP header constants + */ +define('header_connection_close', 'Connection: close'); +define('header_content_text', 'Content-Type: text/plain; charset=us-ascii'); + +define('redirect_message', + 'Please wait; you are being redirected to <%s>'); + + +/** + * Return a string containing an anchor tag containing the given URL + * + * The URL does not need to be quoted, but if text is passed in, then + * it does. + */ +function link_render($url, $text=null) { + $esc_url = htmlspecialchars($url, ENT_QUOTES); + $text = ($text === null) ? $esc_url : $text; + return sprintf('%s', $esc_url, $text); +} + +/** + * Return an HTTP redirect response + */ +function redirect_render($redir_url) +{ + $headers = array(http_found, + header_content_text, + header_connection_close, + 'Location: ' . $redir_url, + ); + $body = sprintf(redirect_message, $redir_url); + return array($headers, $body); +} + +function navigation_render($msg, $items) +{ + $what = link_render(buildURL(), 'PHP OpenID Server'); + if ($msg) { + $what .= ' — ' . $msg; + } + if ($items) { + $s = '

    ' . $what . '

    '; + } else { + $s = '

    ' . $what . '

    '; + } + return sprintf('
    %s
    ', $s); +} + +/** + * Render an HTML page + */ +function page_render($body, $user, $title, $h1=null, $login=false) +{ + $h1 = $h1 ? $h1 : $title; + + if ($user) { + $msg = sprintf(logged_in_pat, link_render(idURL($user), $user), + link_render(idURL($user))); + $nav = array('logout' => 'Log Out'); + + $navigation = navigation_render($msg, $nav); + } else { + if (!$login) { + $msg = link_render(buildURL('login'), 'Log In'); + $navigation = navigation_render($msg, array()); + } else { + $navigation = ''; + } + } + + $style = getStyle(); + $text = sprintf(page_template, $title, $style, $navigation, $h1, $body); + // No special headers here + $headers = array(); + return array($headers, $text); +} + +?> \ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/render/about.php b/models/openid-php-openid-782224d/examples/server/lib/render/about.php new file mode 100644 index 000000000..53e3694e9 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render/about.php @@ -0,0 +1,47 @@ + +An error occurred when processing your request: +
    +%s +'); + +define('about_body', + '

    + This is an OpenID server + endpoint. This server is built on the JanRain PHP OpenID + library. Since OpenID consumer sites will need to directly contact this + server, it must be accessible over the Internet (not behind a firewall). +

    +

    + To use this server, you will have to set up a URL to use as an identifier. + Insert the following markup into the <head> of the HTML + document at that URL: +

    +
    <link rel="openid.server" href="%s" />
    +

    + Then configure this server so that you can log in with that URL. +

    +'); + +/** + * Render the about page, potentially with an error message + */ +function about_render($error=false, $internal=true) +{ + $headers = array(); + $body = sprintf(about_body, buildURL()); + if ($error) { + $headers[] = $internal ? http_internal_error : http_bad_request; + $body .= sprintf(about_error_template, htmlspecialchars($error)); + } + $current_user = getLoggedInUser(); + return page_render($body, $current_user, 'OpenID Server Endpoint'); +} + +?> \ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/render/idpXrds.php b/models/openid-php-openid-782224d/examples/server/lib/render/idpXrds.php new file mode 100644 index 000000000..6e4ae1ce7 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render/idpXrds.php @@ -0,0 +1,32 @@ + + + + + %s + %s + + + +'); + +function idpXrds_render() +{ + $headers = array('Content-type: application/xrds+xml'); + + $body = sprintf(idp_xrds_pat, + Auth_OpenID_TYPE_2_0_IDP, + buildURL()); + + return array($headers, $body); +} + +?> \ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/render/idpage.php b/models/openid-php-openid-782224d/examples/server/lib/render/idpage.php new file mode 100644 index 000000000..48c2486df --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render/idpage.php @@ -0,0 +1,31 @@ + + + + + + + This is the identity page for users of this server. + +'); + +function idpage_render($identity) +{ + $xrdsurl = buildURL('userXrds')."?user=".urlencode($identity); + + $headers = array( + 'X-XRDS-Location: '.$xrdsurl); + + + $body = sprintf(idpage_pat, + buildURL(), + $xrdsurl); + return array($headers, $body); +} + +?> diff --git a/models/openid-php-openid-782224d/examples/server/lib/render/login.php b/models/openid-php-openid-782224d/examples/server/lib/render/login.php new file mode 100644 index 000000000..986a88545 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render/login.php @@ -0,0 +1,65 @@ + +

    + + Enter your username into this form to log in to this server. It + can be anything; this is just for demonstration purposes. For + example, entering USERNAME will give you the identity URL + + 

    %s
    +

    + +
    + + + + + + + + +
    + + +
    +
    + +'); + +define('login_needed_pat', + 'You must be logged in as %s to approve this request.'); + +function login_render($errors=null, $input=null, $needed=null) +{ + $current_user = getLoggedInUser(); + if ($input === null) { + $input = $current_user; + } + if ($needed) { + $errors[] = sprintf(login_needed_pat, link_render($needed)); + } + + $esc_input = htmlspecialchars($input, ENT_QUOTES); + $login_url = buildURL('login', true); + $body = sprintf(login_form_pat, idURL('USERNAME'), $login_url, $esc_input); + if ($errors) { + $body = loginError_render($errors) . $body; + } + return page_render($body, $current_user, 'Log In', null, true); +} + +function loginError_render($errors) +{ + $text = ''; + foreach ($errors as $error) { + $text .= sprintf("
  • %s
    • \n", $error); + } + return sprintf("\n", $text); +} +?> \ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/render/trust.php b/models/openid-php-openid-782224d/examples/server/lib/render/trust.php new file mode 100644 index 000000000..681d4560a --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render/trust.php @@ -0,0 +1,56 @@ + +
    + %s + + +
    + +'); + +define('normal_pat', + '

    Do you wish to confirm your identity ' . + '(%s) with %s?

    '); + +define('id_select_pat', + '

    You entered the server URL at the RP. +Please choose the name you wish to use. If you enter nothing, the request will be cancelled.
    +

    +'); + +define('no_id_pat', +' +You did not send an identifier with the request, +and it was not an identifier selection request. +Please return to the relying party and try again. +'); + +function trust_render($info) +{ + $current_user = getLoggedInUser(); + $lnk = link_render(idURL($current_user)); + $trust_root = htmlspecialchars($info->trust_root); + $trust_url = buildURL('trust', true); + + if ($info->idSelect()) { + $prompt = id_select_pat; + } else { + $prompt = sprintf(normal_pat, $lnk, $trust_root); + } + + $form = sprintf(trust_form_pat, $trust_url, $prompt); + + return page_render($form, $current_user, 'Trust This Site'); +} + +function noIdentifier_render() +{ + return page_render(no_id_pat, null, 'No Identifier Sent'); +} + +?> \ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/render/userXrds.php b/models/openid-php-openid-782224d/examples/server/lib/render/userXrds.php new file mode 100644 index 000000000..a9ea95ea3 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/render/userXrds.php @@ -0,0 +1,34 @@ + + + + + %s + %s + %s + + + +'); + +function userXrds_render($identity) +{ + $headers = array('Content-type: application/xrds+xml'); + + $body = sprintf(user_xrds_pat, + Auth_OpenID_TYPE_2_0, + Auth_OpenID_TYPE_1_1, + buildURL()); + + return array($headers, $body); +} + +?> \ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/lib/session.php b/models/openid-php-openid-782224d/examples/server/lib/session.php new file mode 100644 index 000000000..201b6ee23 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/lib/session.php @@ -0,0 +1,178 @@ +', $url); +} + +/** + * Get the URL of the current script + */ +function getServerURL() +{ + $path = $_SERVER['SCRIPT_NAME']; + $host = $_SERVER['HTTP_HOST']; + $port = $_SERVER['SERVER_PORT']; + $s = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] ? 's' : ''; + if (($s && $port == "443") || (!$s && $port == "80")) { + $p = ''; + } else { + $p = ':' . $port; + } + + return "http$s://$host$p$path"; +} + +/** + * Build a URL to a server action + */ +function buildURL($action=null, $escaped=true) +{ + $url = getServerURL(); + if ($action) { + $url .= '/' . $action; + } + return $escaped ? htmlspecialchars($url, ENT_QUOTES) : $url; +} + +/** + * Extract the current action from the request + */ +function getAction() +{ + $path_info = @$_SERVER['PATH_INFO']; + $action = ($path_info) ? substr($path_info, 1) : ''; + $function_name = 'action_' . $action; + return $function_name; +} + +/** + * Write the response to the request + */ +function writeResponse($resp) +{ + list ($headers, $body) = $resp; + array_walk($headers, 'header'); + header(header_connection_close); + print $body; +} + +/** + * Instantiate a new OpenID server object + */ +function getServer() +{ + static $server = null; + if (!isset($server)) { + $server =& new Auth_OpenID_Server(getOpenIDStore(), + buildURL()); + } + return $server; +} + +/** + * Return a hashed form of the user's password + */ +function hashPassword($password) +{ + return bin2hex(Auth_OpenID_SHA1($password)); +} + +/** + * Get the openid_url out of the cookie + * + * @return mixed $openid_url The URL that was stored in the cookie or + * false if there is none present or if the cookie is bad. + */ +function getLoggedInUser() +{ + return isset($_SESSION['openid_url']) + ? $_SESSION['openid_url'] + : false; +} + +/** + * Set the openid_url in the cookie + * + * @param mixed $identity_url The URL to set. If set to null, the + * value will be unset. + */ +function setLoggedInUser($identity_url=null) +{ + if (!isset($identity_url)) { + unset($_SESSION['openid_url']); + } else { + $_SESSION['openid_url'] = $identity_url; + } +} + +function getRequestInfo() +{ + return isset($_SESSION['request']) + ? unserialize($_SESSION['request']) + : false; +} + +function setRequestInfo($info=null) +{ + if (!isset($info)) { + unset($_SESSION['request']); + } else { + $_SESSION['request'] = serialize($info); + } +} + + +function getSreg($identity) +{ + // from config.php + global $openid_sreg; + + if (!is_array($openid_sreg)) { + return null; + } + + return $openid_sreg[$identity]; + +} + +function idURL($identity) +{ + return buildURL('idpage') . "?user=" . $identity; +} + +function idFromURL($url) +{ + if (strpos($url, 'idpage') === false) { + return null; + } + + $parsed = parse_url($url); + + $q = $parsed['query']; + + $parts = array(); + parse_str($q, $parts); + + return @$parts['user']; +} + +?> \ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/openid-server.css b/models/openid-php-openid-782224d/examples/server/openid-server.css new file mode 100644 index 000000000..311d556a2 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/openid-server.css @@ -0,0 +1,74 @@ +body { + padding: 0; + margin: 0; +} + +#content { + padding: 0.5em; + max-width: 50em; +} + +ul.error { + background: #ffaaaa; + border: 1px solid #ff0000; + padding: 0.5em; + padding-left: 1.5em; +} + +.login th { + text-align: left; +} + +div.form { + border: thin solid #777777; + background: #dddddd; + padding: 0.5em; + margin-top: 1em; +} + +div.navigation { + border-bottom: thin solid #cccccc; + background: #eeeeee; + font-size: smaller; + padding: 0.5em; +} + +div.navigation h2 { + margin-top: 0; +} + +div.navigation p { + margin: 0; +} + +div.navigation ul { + margin: 0; +} + +div.login p { + margin-top: 0; +} + +h1 { + margin-top: 0; +} + +pre { + padding: 1em; + border: 1px solid black; + background: #ffeebb; +} + +#checkup { + background: url('http://openid.net/favicon.ico') no-repeat; + padding-left: 16px; +} + +th { + text-align: left; +} + +table { + border-collapse: collapse; + margin-bottom: 1em; +} \ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/server.php b/models/openid-php-openid-782224d/examples/server/server.php new file mode 100644 index 000000000..f054be818 --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/server.php @@ -0,0 +1,48 @@ + + + + PHP OpenID Server + +

    PHP OpenID Server

    +

    + This server needs to be configured before it can be used. Edit + config.php to reflect your server's setup, then + load this page again. +

    + + + + \ No newline at end of file diff --git a/models/openid-php-openid-782224d/examples/server/setup.php b/models/openid-php-openid-782224d/examples/server/setup.php new file mode 100644 index 000000000..e25ef341a --- /dev/null +++ b/models/openid-php-openid-782224d/examples/server/setup.php @@ -0,0 +1,558 @@ + + * @copyright 2005-2008 Janrain, Inc. + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache + */ + +$path_extra = dirname(dirname(dirname(__FILE__))); +$path = ini_get('include_path'); +$path = $path_extra . PATH_SEPARATOR . $path; +ini_set('include_path', $path); +require_once "Auth/OpenID.php"; + +/** + * Data. + */ + +$store_types = array("Filesystem" => "Auth_OpenID_FileStore", + "MySQL" => "Auth_OpenID_MySQLStore", + "PostgreSQL" => "Auth_OpenID_PostgreSQLStore", + "SQLite" => "Auth_OpenID_SQLiteStore"); + +/** + * Main. + */ + +$messages = array(); + +session_start(); +init_session(); + +if (!check_session() || + isset($_GET['add_openid'])) { + render_form(); +} else { + print generate_config(isset($_GET['download'])); +} + +/** + * Functions. + */ + +function check_url($url) { + return (Auth_OpenID::normalizeUrl($url) !== null); +} + +function build_url() { + $port = (($_SERVER['SERVER_PORT'] == 80) ? null : $_SERVER['SERVER_PORT']); + + $parts = explode("/", $_SERVER['SERVER_PROTOCOL']); + $scheme = strtolower($parts[0]); + + if ($port) { + return sprintf("%s://%s:%s%s/server.php", $scheme, $_SERVER['SERVER_NAME'], + $port, dirname($_SERVER['PHP_SELF'])); + } else { + return sprintf("%s://%s%s/server.php", $scheme, $_SERVER['SERVER_NAME'], + dirname($_SERVER['PHP_SELF'])); + } +} + +function check_open_basedir($path) { + if (ini_get('open_basedir')) { + $parts = explode(PATH_SEPARATOR, ini_get('open_basedir')); + + $found = false; + + foreach ($parts as $p) { + if (strpos($path, $p) === 0) { + $found = true; + break; + } + } + + return $found; + } else { + return true; + } +} + +function check_session() { + + global $messages; + + if ($_GET && isset($_GET['clear'])) { + session_destroy(); + $_SESSION = array(); + init_session(); + return false; + } + + $bad_path = false; + + if (isset($_GET['generate'])) { + if (!$_SESSION['server_url']) { + $messages[] = "Please enter a server URL."; + } + + if (!isset($_SESSION['store_type'])) { + $messages[] = "No store type chosen."; + } else { + switch ($_SESSION['store_type']) { + case "Filesystem": + if (!@$_SESSION['store_data']['fs_path']) { + $messages[] = "Please specify a filesystem store path."; + } else { + if (!check_open_basedir($_SESSION['store_data']['fs_path'])) { + $messages[] = "The filesystem store path violates PHP's open_basedir setting."; + $bad_path = true; + } + } + break; + + case "SQLite": + if (!@$_SESSION['store_data']['sqlite_path']) { + $messages[] = "Please specify a SQLite database path."; + } else { + if (!check_open_basedir($_SESSION['store_data']['sqlite_path'])) { + $messages[] = "The SQLite store path violates PHP's open_basedir setting."; + $bad_path = true; + } + } + break; + + default: + if (!($_SESSION['store_data']['host'] && + $_SESSION['store_data']['database'] && + $_SESSION['store_data']['username'] && + $_SESSION['store_data']['password'])) { + $messages[] = "Please specify database connection details."; + } + } + } + } + + if ($_SESSION['store_type'] && + $_SESSION['server_url'] && + (parse_url($_SESSION['server_url']) !== false) && + ((($_SESSION['store_type'] == 'Filesystem') && + $_SESSION['store_data']['fs_path']) || + (($_SESSION['store_type'] == 'SQLite') && + $_SESSION['store_data']['sqlite_path']) || + ($_SESSION['store_data']['host'] && + $_SESSION['store_data']['username'] && + $_SESSION['store_data']['database'] && + $_SESSION['store_data']['password'])) && + !$bad_path) { + + return true; + } + + return false; +} + +function render_form() { + + global $store_types, $fields, $messages; + + $basedir_msg = ""; + + if (ini_get('open_basedir')) { + $basedir_msg = "
    Note: Due to the ". + "open_basedir php.ini setting, be sure to ". + "choose a path in one of the following directories:"; + } + + $sqlite_found = false; + if (extension_loaded('sqlite') || + @dl('sqlite.' . PHP_SHLIB_SUFFIX)) { + $sqlite_found = true; + } + + $mysql_found = false; + if (extension_loaded('mysql') || + @dl('mysql.' . PHP_SHLIB_SUFFIX)) { + $mysql_found = true; + } + + $pgsql_found = false; + if (extension_loaded('pgsql') || + @dl('pgsql.' . PHP_SHLIB_SUFFIX)) { + $pgsql_found = true; + } + +?> + + + + + + +

    OpenID Example Server Configuration

    + +"; + foreach ($messages as $m) { + print "
    $m
    "; + } + print ""; + +} +?> + +

    +Your browser has been redirected to this page so you can configure the +server example. This form will auto-generate an OpenID example server +configuration for use with the OpenID server example. +

    + +
    +
    + +

    + The server URL is the URL that points to the "server.php" file. It + looks like your server URL should be . +

    + + + + + +
    + +
    + +

    + If this package isn't installed in the PHP include path, the package's + directory should be added. For example, if the package is in + /home/me/PHP-OpenID/, you should enter that directory here. +

    + + + + + + + +
    + +
    + +

    + The server needs to store OpenID information in a "store". The + following store types are available on your PHP installation: +

    + + Store method: +
    + +
    + > + +
    + + + +
    +
    + + +
    + > + +
    + + + +
    +
    + + + + +
    + + + > + + + + + > + + + +
    + + +
    +
    + + +
    +
    + + +
    +
    + + +
    +
    + +
    +
    + + +
    + + + + + + +

    OpenID Example Server Configuration

    + +

    +Put the following text into config.php. +

    + +

    +Back to form (resets settings) +

    + +

    +Download this configuration +

    + +
    +
+
+/**
+ * Set any extra include paths needed to use the library
+ */
+set_include_path(get_include_path() . PATH_SEPARATOR . "");
+
+
+/**
+ * The URL for the server.
+ *
+ * This is the location of server.php. For example:
+ *
+ * $server_url = 'http://example.com/~user/server.php';
+ *
+ * This must be a full URL.
+ */
+$server_url = "";
+
+/**
+ * Initialize an OpenID store
+ *
+ * @return object $store an instance of OpenID store (see the
+ * documentation for how to create one)
+ */
+function getOpenIDStore()
+{
+    createTables();\n    ";
+        print "return \$s;\n";
+        break;
+
+    case "MySQL":
+
+        ?>require_once 'Auth/OpenID/MySQLStore.php';
+    require_once 'DB.php';
+
+    $dsn = array(
+                 'phptype'  => 'mysql',
+                 'username' => '',
+                 'password' => '',
+                 'hostspec' => ''
+                 );
+
+    $db =& DB::connect($dsn);
+
+    if (PEAR::isError($db)) {
+        return null;
+    }
+
+    $db->query("USE ");
+        
+    $s =& new Auth_OpenID_MySQLStore($db);
+
+    $s->createTables();
+
+    return $s;
+require_once 'Auth/OpenID/PostgreSQLStore.php';
+    require_once 'DB.php';
+
+    $dsn = array(
+                 'phptype'  => 'pgsql',
+                 'username' => '',
+                 'password' => '',
+                 'hostspec' => '',
+                 'database' => ''
+                 );
+
+    $db =& DB::connect($dsn);
+
+    if (PEAR::isError($db)) {
+        return null;
+    }
+
+    $s =& new Auth_OpenID_PostgreSQLStore($db);
+
+    $s->createTables();
+
+    return $s;
+
+}
+
+";
+    if (!$download) {
+?>
+
    + + + -- cgit v1.2.3