<?php
/**
 * An Elgg 1.x compatible store implementation 
 */
 
 /**
 * Require base class for creating a new interface.
 */
 
require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php");
 
require_once 'Auth/OpenID.php';
require_once 'Auth/OpenID/Interface.php';
require_once 'Auth/OpenID/Consumer.php';
try {
 //               include_once "Auth/OpenID/HMACSHA1.php";
} catch(Exception $e) {
		// new way :P
                require_once "Auth/OpenID/HMAC.php";
}
require_once 'Auth/OpenID/Nonce.php';
require_once 'Auth/OpenID/SReg.php';

define('header_connection_close', 'Connection: close');

function openid_server_delete_entity($entity)
{
    global $CONFIG;

    $entity->clearMetadata();
    $entity->clearAnnotations();
    $guid = $entity->getGUID();
        delete_data("DELETE from {$CONFIG->dbprefix}entities where guid={$guid}");
}



function openid_server_delete_entities($type = "", $subtype = "", $owner_guid = 0)
        {
                $entities = get_entities($type, $subtype, $owner_guid, "time_created desc", 0);

                foreach ($entities as $entity) {
                        openid_server_delete_entity($entity);
                }

                return true;
        }



class OpenIDServer_ElggStore extends Auth_OpenID_OpenIDStore {

    function resetAssociations () {
        openid_server_delete_entities('object', 'openid_client::association');
    }
    function resetNonces () {
        openid_server_delete_entities('object', 'openid_client::nonce');
    }
    function getAssociation ($server_url, $handle = null) {
        if (isset($handle)) {
            $meta_array = array(
                        'server_url'    => $server_url,
                        'handle'        => $handle
            );
	    $assocs = elgg_get_entities_from_metadata(array('metadata_name_value_pairs' => $meta_array, 'types' => 'object', 'subtypes' => 'openid_client::association', 'metadata_name_value_pairs_operator' => 'and'));
        } else {
	    $assocs = elgg_get_entities_from_metadata(array('metadata_names' => 'server_url', 'metadata_values' => $server_url, 'types' => 'object', 'subtypes' => 'openid_client::association', 'metadata_case_sensitive' => FALSE));
        }
        
        if (!$assocs || (count($assocs) == 0)) {
            return null;
        } else {
            $associations = array();

            foreach ($assocs as $assoc_row) {
                $assoc = new Auth_OpenID_Association($assoc_row->handle,
                                                     base64_decode($assoc_row->secret),
                                                     $assoc_row->issued,
                                                     $assoc_row->lifetime,
                                                     $assoc_row->assoc_type);

                if ($assoc->getExpiresIn() == 0) {
                    OpenIDServer_ElggStore::removeAssociation($server_url, $assoc->handle);
                } else {
                    $associations[] = array($assoc->issued, $assoc);
                }
            }

            if ($associations) {
                $issued = array();
                $assocs = array();
                foreach ($associations as $key => $assoc) {
                    $issued[$key] = $assoc[0];
                    $assocs[$key] = $assoc[1];
                }

                array_multisort($issued, SORT_DESC, $assocs, SORT_DESC,
                                $associations);

                // return the most recently issued one.
                list($issued, $assoc) = $associations[0];
                return $assoc;
            } else {
                return null;
            }
        }
    }
    
    function removeAssociation ($server_url, $handle) {
        if (isset($handle)) {
            $meta_array = array(
                        'server_url'    => $server_url,
                        'handle'        => $handle
            );
	    $entities = elgg_get_entities_from_metadata(array('metadata_name_value_pairs' => $meta_array, 'types' => 'object', 'subtypes' => 'openid_client::association', 'metadata_name_value_pairs_operator' => 'and'));
        } else {
	    $entities = elgg_get_entities_from_metadata(array('metadata_names' => 'server_url', 'metadata_values' => $server_url, 'types' => 'object', 'subtypes' => 'openid_client::association', 'metadata_case_sensitive' => FALSE));
        }
        if ($entities) {
            foreach ($entities as $entity) {
    			openid_server_delete_entity($entity);
    		}
		}
	}
    function reset () {
        OpenIDServer_ElggStore::resetAssociations ();
        OpenIDServer_ElggStore::resetNonces ();
    }
        
    function storeAssociation ($server_url, $association) {
        
        // Initialise a new ElggObject
		$association_obj = new ElggObject();
		
		$association_obj->subtype = 'openid_client::association';
		$association_obj->owner_guid = 0;
		$association_obj->access_id = 2;
		$association_obj->title = 'association';
		
		if ($association_obj->save()) {		
    		$association_obj->server_url = $server_url;
    		$association_obj->handle = $association->handle;
            $association_obj->secret = base64_encode($association->secret);
            $association_obj->issued = $association->issued;
            $association_obj->lifetime = $association->lifetime;
            $association_obj->assoc_type = $association->assoc_type;
    		return true;
		} else {
    		return false;
		}
	}
		
    function useNonce ( $server_url,  $timestamp,  $salt) {
        global $Auth_OpenID_SKEW;

        if ( abs($timestamp - time()) > $Auth_OpenID_SKEW ) {
            return false;
        }
        
        // check to see if the nonce already exists
        
        $meta_array = array(
                        'server_url'    => $server_url,
                        'timestamp'     => $timestamp,
                        'salt'          => $salt
        );
        
	$entities = elgg_get_entities_from_metadata(array('metadata_name_value_pairs' => $meta_array, 'types' => 'object', 'subtypes' => 'openid_client::nonce', 'metadata_name_value_pairs_operator' => 'and'));
        
        if ($entities) {
            // bad - this nonce is already in use
            return false;
        } else {        
            // Initialise a new ElggObject
    		$nonce_obj = new ElggObject();
    		
    		$nonce_obj->subtype = 'openid_client::nonce';
    		$nonce_obj->owner_guid = 0;
    		$nonce_obj->title = 'nonce';
    		
    		if ($nonce_obj->save()) {
        		$nonce_obj->server_url = $server_url;
        		$nonce_obj->timestamp = $timestamp;
        		$nonce_obj->salt = $salt;
        		return true;
    		} else {
        		return false;
    		}
		}
	}
	
	function getTrustedSites() {
    	
		$results = elgg_get_entities_from_metadata(array('metadata_names' => 'openid_url', 'metadata_values' => getLoggedInUser(), 'types' => 'object', 'subtypes' => 'openid_server::trust_root', 'metadata_case_sensitive' => FALSE));
	   	
		$sites = array();
		if ($results) {
    		foreach ($results as $site) {
    			$sites[] = $site->trust_root;
    		}
		}
		return $sites;
	}
	
/**
 * Returns the autologin URLs for every trusted site
 */ 	
	
	function getAutoLoginSites() {
	   	
		$default_trusted_sites = elgg_get_entities_from_metadata(array('metadata_names' => 'openid_url', 'metadata_values' => '', 'types' => 'object', 'subtypes' => 'openid_server::trust_root', 'metadata_case_sensitive' => FALSE));
   		
		$sites = array();
		if ($default_trusted_sites) {
			foreach ($default_trusted_sites as $site) {
    			if ($site->auto_login_url) {
				    $sites[] = $site;
			    }
			}
		}
		return $sites;
	}

/**
 * Returns the autologout URLs for every trusted site
 */ 	
	
	function getAutoLogoutSites() {
	   	
		$default_trusted_sites = elgg_get_entities_from_metadata(array('metadata_names' => 'openid_url', 'metadata_values' => '', 'types' => 'object', 'subtypes' => 'openid_server::trust_root', 'metadata_case_sensitive' => FALSE));
   		
		$sites = array();
		if ($default_trusted_sites) {
			foreach ($default_trusted_sites as $site) {
    			if ($site->auto_logout_url) {
				    $sites[] = $site;
			    }
			}
		}
		return $sites;
	}
	
	
	function setTrustedSite($trust_root) {
   		$openid_url = getLoggedInUser();
   		$site = new ElggObject();
		$site->subtype = 'openid_server::trust_root';
		$site->owner_guid = 0;
		$site->title = 'association';
		$site->access_id = 2;
		
		if ($site->save()) {
    		$site->openid_url = $openid_url;
    		$site->trust_root = $trust_root->trust_root;
    		$site->site_name = $trust_root->site_name;
    		$site->autologin = $trust_root->autologin;
    		$site->autologout = $trust_root->autologout;
    		$site->width = $trust_root->width;
    		$site->height = $trust_root->height;
    		return true;
		} else {
    		return false;
		} 	
	}
	
	function removeAllTrustedSites() {
		
		$openid_url = getLoggedInUser();
		
		if ($openid_url != null) {
			$results = elgg_get_entities_from_metadata(array('metadata_names' => 'openid_url', 'metadata_values' => $openid_url, 'types' => 'object', 'subtypes' => 'openid_server::trust_root', 'metadata_case_sensitive' => FALSE));
	   	
   			if ($results) {
       			foreach($results as $trust_root) {
           			$trust_root->delete();
       			}
   			}
		}
		return true;
	}
	
	function removeTrustedSite($trust_root) {
		
		$openid_url = getLoggedInUser();
		
		if ($openid_url != null) {
    		$meta_array = array(
                        'openid_url'    => $openid_url,
                        'trust_root'    => $trust_root
            );
        
	    $results = elgg_get_entities_from_metadata(array('metadata_name_value_pairs' => $meta_array, 'types' => 'object', 'subtypes' => 'openid_server::trust_root', 'metadata_name_value_pairs_operator' => 'and'));
	   	
   			if ($results) {
       			foreach($results as $trust_root) {
           			$trust_root->delete();
       			}
   			}
		}
		return true;
	}
}

function getOpenIDServerStore() {
    return new OpenIDServer_ElggStore();
}


if (!function_exists('fnmatch')) {
function fnmatch($pattern, $string) {
   for ($op = 0, $npattern = '', $n = 0, $l = strlen($pattern); $n < $l; $n++) {
       switch ($c = $pattern[$n]) {
           case '\\':
               $npattern .= '\\' . @$pattern[++$n];
           break;
           case '.': case '+': case '^': case '$': case '(': case ')': case '{': case '}': case '=': case '!': case '<': case '>': case '|':
               $npattern .= '\\' . $c;
           break;
           case '?': case '*':
               $npattern .= '.' . $c;
           break;
           case '[': case ']': default:
               $npattern .= $c;
               if ($c == '[') {
                   $op++;
               } else if ($c == ']') {
                   if ($op == 0) return false;
                   $op--;
               }
           break;
       }
   }

   if ($op != 0) return false;

   return preg_match('/' . $npattern . '/i', $string);
}
}

?>