From: <lph...@us...> - 2007-09-08 18:03:10
|
Update of /cvsroot/tikiwiki/tiki In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv18611 Added Files: tiki-login_openid.php Log Message: First version (not working yet). --- NEW FILE: tiki-login_openid.php --- <?php // $Header: /cvsroot/tikiwiki/tiki/tiki-login_openid.php,v 1.1 2007/09/08 18:03:08 lphuberdeau Exp $ // Based on tiki-galleries.php // Copyright (c) 2002-2007, Luis Argerich, Garland Foster, Eduardo Polidor, et. al. // All Rights Reserved. See copyright.txt for details and a complete list of authors. // Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details. // Initialization require_once ('tiki-setup.php'); if ($feature_openid != 'y') { $smarty->assign('msg', tra("This feature is disabled").": feature_openid"); $smarty->display("error.tpl"); die; } function displayError($message) { global $smarty; $smarty->assign('msg', tra("Failure").": " . $message); $smarty->display("error.tpl"); die; } function doIncludes() { /** * Require the OpenID consumer code. */ require_once "Auth/OpenID/Consumer.php"; /** * Require the "file store" module, which we'll need to store * OpenID information. */ require_once "Auth/OpenID/FileStore.php"; /** * Require the Simple Registration extension API. */ require_once "Auth/OpenID/SReg.php"; } doIncludes(); function &getStore() { /** * This is where the example will store its OpenID information. * You should change this path if you want the example store to be * created elsewhere. After you're done playing with the example * script, you'll have to remove this directory manually. */ $store_path = "/tmp/_php_consumer_test"; if (!file_exists($store_path) && !mkdir($store_path)) { print "Could not create the FileStore directory '$store_path'. ". " Please check the effective permissions."; exit(0); } return new Auth_OpenID_FileStore($store_path); } function &getConsumer() { /** * Create a consumer object using the store object created * earlier. */ $store = getStore(); return new Auth_OpenID_Consumer($store); } function getOpenIDURL() { // Render a default page if we got a submission without an openid // value. if (empty($_GET['openid_url'])) { // TODO : Do something better displayError( 'Call the page properly' ); } return $_GET['openid_url']; } function getScheme() { $scheme = 'http'; if (isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') { $scheme .= 's'; } return $scheme; } function getReturnTo() { $dirname = dirname( $_SERVER['REQUEST_URI'] ); return sprintf("%s://%s:%s%s/$dirname/tiki-login_openid.php?action=return", getScheme(), $_SERVER['SERVER_NAME'], $_SERVER['SERVER_PORT'], dirname($_SERVER['PHP_SELF'])); } function getTrustRoot() { return sprintf("%s://%s:%s%s/", getScheme(), $_SERVER['SERVER_NAME'], $_SERVER['SERVER_PORT'], dirname($_SERVER['PHP_SELF'])); } function runAuth() { $openid = getOpenIDURL(); $consumer = getConsumer(); // Begin the OpenID authentication process. $auth_request = $consumer->begin($openid); // No auth request means we can't begin OpenID. if (!$auth_request) { displayError("Authentication error; not a valid OpenID."); } $sreg_request = Auth_OpenID_SRegRequest::build( // Required array('nickname', 'email'), // Optional array('fullname')); if ($sreg_request) { $auth_request->addExtension($sreg_request); } // Redirect the user to the OpenID server for authentication. // Store the token for this authentication so we can verify the // response. // For OpenID 1, send a redirect. For OpenID 2, use a Javascript // form to send a POST request to the server. if ($auth_request->shouldSendRedirect()) { $redirect_url = $auth_request->redirectURL(getTrustRoot(), getReturnTo()); // If the redirect URL can't be built, display an error // message. if (Auth_OpenID::isFailure($redirect_url)) { displayError("Could not redirect to server: " . $redirect_url->message); } else { // Send redirect. header("Location: ".$redirect_url); } } else { // Generate form markup and render it. $form_id = 'openid_message'; $form_html = $auth_request->formMarkup(getTrustRoot(), getReturnTo(), false, array('id' => $form_id)); // Display an error if the form markup couldn't be generated; // otherwise, render the HTML. if (Auth_OpenID::isFailure($form_html)) { displayError("Could not redirect to server: " . $form_html->message); } else { $page_contents = array( "<html><head><title>", "OpenID transaction in progress", "</title></head>", "<body onload='document.getElementById(\"".$form_id."\").submit()'>", $form_html, "</body></html>"); print implode("\n", $page_contents); } } } function runFinish() { $consumer = getConsumer(); // Complete the authentication process using the server's // response. $response = $consumer->complete(); // Check the response status. if ($response->status == Auth_OpenID_CANCEL) { // This means the authentication was cancelled. $msg = 'Verification cancelled.'; } else if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message. $msg = "OpenID authentication failed: " . $response->message; } else if ($response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded; extract the // identity URL and Simple Registration data (if it was // returned). $openid = $response->identity_url; $esc_identity = htmlspecialchars($openid, ENT_QUOTES); $success = sprintf('You have successfully verified ' . '<a href="%s">%s</a> as your identity.', $esc_identity, $esc_identity); if ($response->endpoint->canonicalID) { $success .= ' (XRI CanonicalID: '.$response->endpoint->canonicalID.') '; } $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); $sreg = $sreg_resp->contents(); if (@$sreg['email']) { $success .= " You also returned '".$sreg['email']."' as your email."; } if (@$sreg['nickname']) { $success .= " Your nickname is '".$sreg['nickname']."'."; } if (@$sreg['fullname']) { $success .= " Your fullname is '".$sreg['fullname']."'."; } } echo $success; } if( isset( $_GET['action'] ) && $_GET['action'] == 'return' ) runFinish(); else runAuth(); ?> |