projects / busui.git / blobdiff
search:
summary | shortlog | log | commit | commitdiff | tree
side by side | plain
Add OpenID auth for editing pages
[busui.git] / include / common-auth.inc.php
blob:a/include/common-auth.inc.php -> blob:b/include/common-auth.inc.php 
--- a/include/common-auth.inc.php
+++ b/include/common-auth.inc.php
@@ -1,1 +1,91 @@
+<?php
+function getScheme()
+{
+     $scheme = 'http';
+     if (isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') {
+        $scheme .= 's';
+         } 
+    return $scheme;
+    } 
 
+function getTrustRoot()
+{
+     return sprintf("%s://%s:%s%s/",
+         getScheme(), $_SERVER['SERVER_NAME'],
+         $_SERVER['SERVER_PORT'],
+         dirname($_SERVER['PHP_SELF']));
+    } 
+
+
+// Includes required files
+set_include_path(get_include_path() . PATH_SEPARATOR . $labsPath."lib/openid-php/");
+require_once "Auth/OpenID/Consumer.php";
+require_once "Auth/OpenID/FileStore.php";
+require_once "Auth/OpenID/AX.php";
+
+
+
+function login()
+{
+  // Just tested this with/for Google, needs trying with others ...
+$oid_identifier = 'https://www.google.com/accounts/o8/id';
+    // Create file storage area for OpenID data
+    $store = new Auth_OpenID_FileStore('lib/openid-php/oid_store');
+    // Create OpenID consumer
+    $consumer = new Auth_OpenID_Consumer($store);
+    // Create an authentication request to the OpenID provider
+    $auth = $consumer -> begin($oid_identifier);
+    
+    // Create attribute request object
+    // See http://code.google.com/apis/accounts/docs/OpenID.html#Parameters for parameters
+    // Usage: make($type_uri, $count=1, $required=false, $alias=null)
+    $attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/contact/email', 2, 1, 'email');
+    $attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/namePerson/first', 1, 1, 'firstname');
+    $attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/namePerson/last', 1, 1, 'lastname');
+    
+    // Create AX fetch request
+    $ax = new Auth_OpenID_AX_FetchRequest;
+    
+    // Add attributes to AX fetch request
+    foreach($attribute as $attr) {
+        $ax -> add($attr);
+        } 
+    
+    // Add AX fetch request to authentication request
+    $auth -> addExtension($ax);
+    $_SESSION['returnURL'] = curPageURL();
+    // Redirect to OpenID provider for authentication
+    $url = $auth -> redirectURL(getTrustRoot(), $_SESSION['returnURL']);
+    header('Location: ' . $url);
+    } 
+
+
+function auth()
+
+{
+  if ($_SESSION['authed'] == true) return true;
+
+     // Create file storage area for OpenID data
+    $store = new Auth_OpenID_FileStore('lib/openid-php/oid_store');
+     // Create OpenID consumer
+    $consumer = new Auth_OpenID_Consumer($store);
+     // Create an authentication request to the OpenID provider
+    $response = $consumer -> complete($_SESSION['returnURL']);
+    
+     if ($response -> status == Auth_OpenID_SUCCESS) {
+        // Get registration informations
+        $ax = new Auth_OpenID_AX_FetchResponse();
+         $obj = $ax -> fromSuccessResponse($response);
+         $email = $obj -> data['http://axschema.org/contact/email'][0];
+         var_dump($email);
+         if ($email != "maxious@gmail.com") {
+            die("Access Denied");
+             } else {
+               $_SESSION['authed'] = true;
+             }
+        } else {
+        login();
+         } 
+    } 
+    if ($_REQUEST['janrain_nonce']) auth();
+?>
Unnamed repository; edit this file to name it for gitweb.
GitPHP by Chris Han