|
From: Ivan1986 <iva...@us...> - 2010-06-23 11:29:44
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "quickfw".
The branch, master has been updated
via ad1aa1301e994cf93356b8dfaad508f5f9f65064 (commit)
from c430200b547ae5480b26ea387d427a09eb17325c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit ad1aa1301e994cf93356b8dfaad508f5f9f65064
Author: Ivan1986 <iva...@li...>
Date: Wed Jun 23 12:40:20 2010 +0400
Доработка OpenID контроллера, ZendStore
diff --git a/application/default/controllers/OidController.php b/application/default/controllers/OidController.php
index 1eeee69..e129325 100644
--- a/application/default/controllers/OidController.php
+++ b/application/default/controllers/OidController.php
@@ -1,7 +1,7 @@
<?php
require_once "Auth/OpenID/Consumer.php";
-require_once "Auth/OpenID/FileStore.php";
+require_once dirname(__FILE__)."/ZendStore.php";
require_once "Auth/OpenID/SReg.php";
require_once "Auth/OpenID/PAPE.php";
@@ -10,33 +10,32 @@ require_once QFWPATH.'/QuickFW/Auth.php';
class OidController extends QuickFW_Auth
{
- public function __construct()
+ public function indexAction($return = false)
{
- QFW::$view->mainTemplate='';
- $this->session();
- }
-
- public function indexAction($clean = false)
- {
- if ($clean == 1)
+ var_dump($_SESSION);
+ $return = $return ? $return : $_SERVER['REQUEST_URI'];
+ if (!empty($_SESSION['openID']['error']))
{
- unset($_SESSION['openID']);
- QFW::$router->redirect(Url::A());
- }
- if (!empty($_SESSION['openID']))
- {
- var_dump($_SESSION['openID']);
- }
- ?>
+ echo '<p class="error">'.$_SESSION['openID']['error'].'</p>';
+ unset($_SESSION['openID']['error']);
+ } ?>
+
<form method="get" action="<?php echo Url::C('try') ?>">
+<input type="hidden" name="return" value="<?php echo QFW::$view->esc($return); ?>" />
<input type="text" name="openid_identifier" value="<?php echo QFW::$view->esc(
'http://quickfw.ib.br/openid/server.php/idpage?user=ivan') ?>" />
<input type="submit" value="Verify" />
</form>
-<a href="<?php echo Url::A('1') ?>">выйти</a>
+<a href="<?php echo Url::C('clean') ?>">выйти</a>
<?php
}
+ public function cleanAction()
+ {
+ unset($_SESSION['openID']);
+ QFW::$router->redirect(Url::C());
+ }
+
/* array(
'fullname' => 'Full Name',
'nickname' => 'Nickname',
@@ -49,8 +48,13 @@ class OidController extends QuickFW_Auth
'timezone' => 'Time Zone',
); */
+ /**
+ * Действеи перенаправляет пользователя на сервер для авторизации
+ */
public function tryAction()
{
+ $this->session();
+ $_SESSION['openID']['return'] = $_REQUEST['return'];
if (empty($_GET['openid_identifier']))
$this->err('Expected an OpenID URL');
$consumer = $this->getConsumer();
@@ -68,8 +72,6 @@ class OidController extends QuickFW_Auth
$redirect = $auth_request->shouldSendRedirect();
$server = $this->getServer();
- $trustRoot = $server.Url::C('');
- echo $trustRoot;
$query = $redirect ?
$auth_request->redirectURL($server.Url::C(''), $server.Url::C('finish')) :
@@ -84,8 +86,15 @@ class OidController extends QuickFW_Auth
die($query);
}
+ /**
+ * Сюда приходит пользователь с сервера авторизации
+ *
+ * После пользователь перенаправляется на url,
+ * <br>в $_SESSION['openID'] данные авторизации
+ */
public function finishAction()
{
+ $this->session();
if (empty($_GET['openid_identity']))
$this->err('Expected an OpenID URL');
$consumer = $this->getConsumer();
@@ -97,29 +106,45 @@ class OidController extends QuickFW_Auth
else if ($response->status == Auth_OpenID_SUCCESS)
{
$openid = $response->getDisplayIdentifier();
+ $return = $_SESSION['openID']['return'];
$sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response);
$sreg = $sreg_resp->contents();
- $_SESSION['openID'] = $sreg + array('id' => $openid);
- QFW::$router->redirect(Url::C('index'));
+ $_SESSION['openID'] = array(
+ 'sreg' => $sreg,
+ 'id' => $openid,
+ );
+ QFW::$router->redirect($return);
}
}
+ /**
+ * Сообщение при ошибке авторизации - в $_SESSION['openID']['error']
+ *
+ * @param string $msg сообщение об ошибке
+ */
private function err($msg)
{
- die($msg);
+ $_SESSION['openID']['error'] = $msg;
+ QFW::$router->redirect($_SESSION['openID']['return']);
}
+ /**
+ * Возвращает класс хранилища для библиотеки
+ *
+ * @return Auth_OpenID_Consumer класс хранилища
+ */
private function getConsumer()
{
- $path = TMPPATH.'/openid';
- if (!is_dir($path))
- mkdir($path);
- $store = new Auth_OpenID_FileStore($path);
- return new Auth_OpenID_Consumer($store);
+ return new Auth_OpenID_Consumer(new Auth_OpenID_ZendStore(Cache::get()));
}
+ /**
+ * формирует имя сервера
+ *
+ * @return string url сервера
+ */
private function getServer()
{
return 'http://'.$_SERVER['HTTP_HOST'].
diff --git a/application/default/controllers/ZendStore.php b/application/default/controllers/ZendStore.php
new file mode 100644
index 0000000..628a4ab
--- /dev/null
+++ b/application/default/controllers/ZendStore.php
@@ -0,0 +1,203 @@
+<?php
+
+/**
+ * This file supplies a memcached store backend for OpenID servers and
+ * consumers.
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @package OpenID
+ * @author Artemy Tregubenko <me...@ar...>
+ * @author Ivan Borzenkov <iva...@li...>
+ * @copyright 2008 JanRain, Inc.
+ * @copyright 2010 Ivan Borzenkov <iva...@li...>
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ * Contributed by Open Web Technologies <http://openwebtech.ru/>
+ */
+
+/**
+ * Import the interface for creating a new store class.
+ */
+require_once 'Auth/OpenID/Interface.php';
+
+/**
+ * This is a Zend_Cache_Backend_Interface-based store for
+ * OpenID associations and nonces.
+ *
+ * Most of the methods of this class are implementation details.
+ * People wishing to just use this store need only pay attention to
+ * the constructor.
+ *
+ * @package OpenID
+ */
+class Auth_OpenID_ZendStore extends Auth_OpenID_OpenIDStore {
+
+ /**
+ * Initializes a new {@link Auth_OpenID_ZendStore} instance.
+ * Just saves connection object as property.
+ *
+ * @param Zend_Cache_Backend_Interface $connection resourse
+ */
+ function Auth_OpenID_ZendStore($connection)
+ {
+ $this->connection = $connection;
+ }
+
+ /**
+ * Store association until its expiration time in memcached.
+ * Overwrites any existing association with same server_url and
+ * handle. Handles list of associations for every server.
+ */
+ function storeAssociation($server_url, $association)
+ {
+ // create memcached keys for association itself
+ // and list of associations for this server
+ $associationKey = $this->associationKey($server_url,
+ $association->handle);
+ $serverKey = $this->associationServerKey($server_url);
+
+ // get list of associations
+ $serverAssociations = $this->connection->load($serverKey);
+
+ // if no such list, initialize it with empty array
+ if (!$serverAssociations) {
+ $serverAssociations = array();
+ }
+ // and store given association key in it
+ $serverAssociations[$association->issued] = $associationKey;
+
+ // save associations' keys list
+ $this->connection->save(
+ $serverAssociations,
+ $serverKey);
+ // save association itself
+ $this->connection->save(
+ $association,
+ $associationKey,
+ array(),
+ $association->issued + $association->lifetime);
+ }
+
+ /**
+ * Read association from memcached. If no handle given
+ * and multiple associations found, returns latest issued
+ */
+ function getAssociation($server_url, $handle = null)
+ {
+ // simple case: handle given
+ if ($handle !== null) {
+ // get association, return null if failed
+ $association = $this->connection->load(
+ $this->associationKey($server_url, $handle));
+ return $association ? $association : null;
+ }
+
+ // no handle given, working with list
+ // create key for list of associations
+ $serverKey = $this->associationServerKey($server_url);
+
+ // get list of associations
+ $serverAssociations = $this->connection->load($serverKey);
+ // return null if failed or got empty list
+ if (!$serverAssociations) {
+ return null;
+ }
+
+ // get key of most recently issued association
+ $keys = array_keys($serverAssociations);
+ sort($keys);
+ $lastKey = $serverAssociations[array_pop($keys)];
+
+ // get association, return null if failed
+ $association = $this->connection->load($lastKey);
+ return $association ? $association : null;
+ }
+
+ /**
+ * Immediately delete association from memcache.
+ */
+ function removeAssociation($server_url, $handle)
+ {
+ // create memcached keys for association itself
+ // and list of associations for this server
+ $serverKey = $this->associationServerKey($server_url);
+ $associationKey = $this->associationKey($server_url,
+ $handle);
+
+ // get list of associations
+ $serverAssociations = $this->connection->load($serverKey);
+ // return null if failed or got empty list
+ if (!$serverAssociations) {
+ return false;
+ }
+
+ // ensure that given association key exists in list
+ $serverAssociations = array_flip($serverAssociations);
+ if (!array_key_exists($associationKey, $serverAssociations)) {
+ return false;
+ }
+
+ // remove given association key from list
+ unset($serverAssociations[$associationKey]);
+ $serverAssociations = array_flip($serverAssociations);
+
+ // save updated list
+ $this->connection->save(
+ $serverAssociations,
+ $serverKey
+ );
+
+ // delete association
+ return $this->connection->remove($associationKey);
+ }
+
+ /**
+ * Create nonce for server and salt, expiring after
+ * $Auth_OpenID_SKEW seconds.
+ */
+ function useNonce($server_url, $timestamp, $salt)
+ {
+ global $Auth_OpenID_SKEW;
+
+ // save one request to memcache when nonce obviously expired
+ if (abs($timestamp - time()) > $Auth_OpenID_SKEW) {
+ return false;
+ }
+
+ // returns false when nonce already exists
+ // otherwise adds nonce
+ $key = 'openid_nonce_' . sha1($server_url) . '_' . sha1($salt);
+ if ($this->connection->test($key))
+ return false;
+
+ $this->connection->save(1, $key, array(), $Auth_OpenID_SKEW);
+ return true;
+ }
+
+ /**
+ * Memcache key is prefixed with 'openid_association_' string.
+ */
+ function associationKey($server_url, $handle = null)
+ {
+ return 'openid_association_' . sha1($server_url) . '_' . sha1($handle);
+ }
+
+ /**
+ * Memcache key is prefixed with 'openid_association_' string.
+ */
+ function associationServerKey($server_url)
+ {
+ return 'openid_association_server_' . sha1($server_url);
+ }
+
+ /**
+ * Report that this storage doesn't support cleanup
+ */
+ function supportsCleanup()
+ {
+ return false;
+ }
+}
+
-----------------------------------------------------------------------
Summary of changes:
application/default/controllers/OidController.php | 81 ++++++---
application/default/controllers/ZendStore.php | 203 +++++++++++++++++++++
2 files changed, 256 insertions(+), 28 deletions(-)
create mode 100644 application/default/controllers/ZendStore.php
hooks/post-receive
--
quickfw
|
