aboutsummaryrefslogtreecommitdiff
path: root/mod/openid_server/lib/common.php
blob: 3e3e6b0349336a0690770bf09cf3129f660d5e32 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
<?php

require_once "session.php";

require_once "Auth/OpenID/Server.php";
require_once "Auth/OpenID/SReg.php";
try {
 //               include_once "Auth/OpenID/HMACSHA1.php";
} catch(Exception $e) {
                // new way :P
                require_once "Auth/OpenID/HMAC.php";
}

function getUsernameFromUrl($url)
{
	$un = trim($url);
    $lun = strlen($un);
    $last_stroke_pos = strrpos($un,"/");
    if ($last_stroke_pos === false) {
	    // no slash, so assume that this is already a username
	    $username = $url;
	} else {
	    if ($last_stroke_pos == ($lun - 1)) {
			// this url ends in a slash - ignore it	    
	    	$un = substr($un, 0,-1);
		}
	    $last_stroke_pos = strrpos($un,"/");
	    $username = substr($un,$last_stroke_pos+1);
	}
    
    return $username;
}

function normaliseUsername($username)
// check to see if the current username contains a slash
// if so, assume that this is an OpenID URL
// if not, munge it until it is
// normalise OpenID URLs to include a closing slash
{
	global $CONFIG;
	
	$stroke_pos = strpos($username,"/");
	if ($stroke_pos === false) {
		return $CONFIG->wwwroot."profile/".$username;
	} else {
		if (substr($username,-1,1) == "/") {
			return substr($username, 0, strlen($username-1));
		} else {
			return $username;
		}
	}
}

function addSregFields(&$response,$info, $req_url)
{
	$username = getUsernameFromUrl($req_url);
	$user = get_user_by_username($username);
	if ($user) {
    	$email = $user->email;
    	$fullname = $user->name;
    	
    	$sreg_data = array(
                           'fullname'   => $fullname,
                           'email'      => $email
        );
    	
    	// Add the simple registration response values to the OpenID
        // response message.
        $sreg_request = Auth_OpenID_SRegRequest::fromOpenIDRequest($info);
    
        $sreg_response = Auth_OpenID_SRegResponse::extractResponse(
                                              $sreg_request, $sreg_data);
	//error_log('DEBUG:' . (string)($response->fields));
        $sreg_response->toMessage($response->fields);
    }

}

// KJ - this code is now used in trust.php

/*function authCancel($info)
{
    if ($info) {
        setRequestInfo();
        $url = $info->getCancelURL();
    } else {
        $url = getServerURL();
    }
    return redirect_render($url);
}

function doAuth($info, $trusted=null, $fail_cancels=false,$idpSelect=null)
{
    if (!$info) {
        // There is no authentication information, so bail
        return authCancel(null);
    }

    if ($info->idSelect()) {
        if ($idpSelect) {
            $req_url = idURL($idpSelect);
        } else {
            $trusted = false;
        }
    } else {
        $req_url = normaliseUsername($info->identity);
    }

    $user = getLoggedInUser();
    setRequestInfo($info);

    if ($req_url != $user) {
        return login_render(array(), $req_url, $req_url);
    }

    $trust_root = $info->trust_root;
    // $fail_cancels = $fail_cancels || isset($sites[$trust_root]);
    $trusted = isset($trusted) ? $trusted : isTrusted($req_url,$trust_root);
    if ($trusted) {
        setRequestInfo();
        $server =& getServer();
        $response =& $info->answer(true, null, $req_url);

        addSregFields($response, $info, $req_url);

        $webresponse =& $server->encodeResponse($response);

        $new_headers = array();

        foreach ($webresponse->headers as $k => $v) {
            $new_headers[] = $k.": ".$v;
        }

        return array($new_headers, $webresponse->body);
    } elseif ($fail_cancels) {
        return authCancel($info);
    } else {
        return trust_render($info);
    }
}*/


function trust_render($info) {
    
    $vars = array('openid_url' =>getLoggedInUser(), 'openid_trust_root' =>htmlspecialchars($info->trust_root));
	$title = elgg_echo('openid_server:trust_title');
	return array(
		array(),
		elgg_view_page(
			$title,
			elgg_view_layout('content', array(
				'title' => $title,
				'content' => elgg_view_form("openid_server/trust", array(), $vars),
				'filter' => false,
			))
		));
}

function login_render($errors=null, $input=null, $needed=null) {
    system_message(elgg_echo('openid_server:not_logged_in'));
    forward(current_page_url());
}

?>