1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
<?php
//require_once("config.php");
global $CONFIG;
require_once("lib/Authentication.php");
$config = array('db_name'=>'arc','db_user'=>'arc','db_pwd'=>'chjdladhsjk34!arcarc','store_name'=>'arc_tests');
$auth = new Authentication_FoafSSLARC($config);
if ($auth->isAuthenticated()) {
$base_url = $CONFIG->wwwroot."pg/profile/";
if (strpos($auth->webid, $base_url) === 0) {
// local
$root_len = strlen($base_url);
$trim = 0;
if (!strpos($auth->webid, "?view=foaf") === false) {
$trim = strlen("?view=foaf");
}
$username = substr($auth->webid, $root_len, strlen($auth->webid)-$root_len-$trim);
$user = get_user_by_username($username);
}
else {
// remote
$options = array('metadata_name' => 'webid',
'metadata_value' => "URI:".$auth->webid,
'owner_guid' => ELGG_ENTITIES_ANY_VALUE,
'types' => 'object',
'subtypes' => 'sslkey');
$certs = elgg_get_entities_from_metadata($options);
if ($certs) {
$user = $certs[0]->getOwnerEntity();
}
else {
// maybe you already exist here?
$options = array('metadata_name' => 'webid',
'metadata_value' => $auth->webid,
'owner_guid' => ELGG_ENTITIES_ANY_VALUE,
'types'=>'user');
$remote_users = elgg_get_entities_from_metadata($options);
//if ($remote_users) {
if (false) {
$user = $remote_users[0];
$user->foreign = false; // not foreign any more
}
else {
// maybe you want to create an account here
$register = true;
set_input("u", $username);
set_input("n", $username);
$mod = $auth->certModulus;
$exp = $auth->certExponent;
$body = elgg_view("foafssl/register", array('exp'=>$exp, 'mod'=>$mod, 'webid' => "URI:".$auth->webid));
echo page_draw(elgg_echo('register'), $body);
}
}
}
}
// now login if we found a user
if ($user) {
login($user, true);
system_message(elgg_echo("foafssl:loggedin"));
forward();
}
elseif (!$register) {
register_error(elgg_echo('foafssl:cantlogin').":".$auth->authnDiagnostic);
forward();
}
// logout the cert session since we dont need it
?>
|