--- a/include/common-auth.inc.php +++ b/include/common-auth.inc.php @@ -1,1 +1,91 @@ +<?php +function getScheme() +{ + $scheme = 'http'; + if (isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') { + $scheme .= 's'; + } + return $scheme; + } +function getTrustRoot() +{ + return sprintf("%s://%s:%s%s/", + getScheme(), $_SERVER['SERVER_NAME'], + $_SERVER['SERVER_PORT'], + dirname($_SERVER['PHP_SELF'])); + } + + +// Includes required files +set_include_path(get_include_path() . PATH_SEPARATOR . $labsPath."lib/openid-php/"); +require_once "Auth/OpenID/Consumer.php"; +require_once "Auth/OpenID/FileStore.php"; +require_once "Auth/OpenID/AX.php"; + + + +function login() +{ + // Just tested this with/for Google, needs trying with others ... +$oid_identifier = 'https://www.google.com/accounts/o8/id'; + // Create file storage area for OpenID data + $store = new Auth_OpenID_FileStore('lib/openid-php/oid_store'); + // Create OpenID consumer + $consumer = new Auth_OpenID_Consumer($store); + // Create an authentication request to the OpenID provider + $auth = $consumer -> begin($oid_identifier); + + // Create attribute request object + // See http://code.google.com/apis/accounts/docs/OpenID.html#Parameters for parameters + // Usage: make($type_uri, $count=1, $required=false, $alias=null) + $attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/contact/email', 2, 1, 'email'); + $attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/namePerson/first', 1, 1, 'firstname'); + $attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/namePerson/last', 1, 1, 'lastname'); + + // Create AX fetch request + $ax = new Auth_OpenID_AX_FetchRequest; + + // Add attributes to AX fetch request + foreach($attribute as $attr) { + $ax -> add($attr); + } + + // Add AX fetch request to authentication request + $auth -> addExtension($ax); + $_SESSION['returnURL'] = curPageURL(); + // Redirect to OpenID provider for authentication + $url = $auth -> redirectURL(getTrustRoot(), $_SESSION['returnURL']); + header('Location: ' . $url); + } + + +function auth() + +{ + if ($_SESSION['authed'] == true) return true; + + // Create file storage area for OpenID data + $store = new Auth_OpenID_FileStore('lib/openid-php/oid_store'); + // Create OpenID consumer + $consumer = new Auth_OpenID_Consumer($store); + // Create an authentication request to the OpenID provider + $response = $consumer -> complete($_SESSION['returnURL']); + + if ($response -> status == Auth_OpenID_SUCCESS) { + // Get registration informations + $ax = new Auth_OpenID_AX_FetchResponse(); + $obj = $ax -> fromSuccessResponse($response); + $email = $obj -> data['http://axschema.org/contact/email'][0]; + var_dump($email); + if ($email != "maxious@gmail.com") { + die("Access Denied"); + } else { + $_SESSION['authed'] = true; + } + } else { + login(); + } + } + if ($_REQUEST['janrain_nonce']) auth(); +?>