--- a/include/common-auth.inc.php +++ b/include/common-auth.inc.php @@ -1,91 +1,32 @@ <?php -function getScheme() -{ - $scheme = 'http'; - if (isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') { - $scheme .= 's'; - } - return $scheme; - } -function getTrustRoot() -{ - return sprintf("%s://%s:%s%s/", - getScheme(), $_SERVER['SERVER_NAME'], - $_SERVER['SERVER_PORT'], - dirname($_SERVER['PHP_SELF'])); - } +require ROOT . '/../lib/openid.php'; +$openid = new LightOpenID($_SERVER['HTTP_HOST']); + +function login() { + global $openid; + if (!$openid->mode) { + $openid->required = array('contact/email'); + $openid->identity = 'https://www.google.com/accounts/o8/id'; + header('Location: ' . $openid->authUrl()); + } +} + +function auth() { + if ($_SESSION['authed'] == true) + return true; + global $openid; + + if ($openid->mode) { + $attr = $openid->getAttributes(); + if ($attr['contact/email'] != 'maxious@gmail.com') { + die('Access Denied'); + } else { + $_SESSION['authed'] = true; + } + } else { + login(); + } +} -// Includes required files -set_include_path(get_include_path() . PATH_SEPARATOR . $labsPath."lib/openid-php/"); -require_once "Auth/OpenID/Consumer.php"; -require_once "Auth/OpenID/FileStore.php"; -require_once "Auth/OpenID/AX.php"; - - - -function login() -{ - // Just tested this with/for Google, needs trying with others ... -$oid_identifier = 'https://www.google.com/accounts/o8/id'; - // Create file storage area for OpenID data - $store = new Auth_OpenID_FileStore('lib/openid-php/oid_store'); - // Create OpenID consumer - $consumer = new Auth_OpenID_Consumer($store); - // Create an authentication request to the OpenID provider - $auth = $consumer -> begin($oid_identifier); - - // Create attribute request object - // See http://code.google.com/apis/accounts/docs/OpenID.html#Parameters for parameters - // Usage: make($type_uri, $count=1, $required=false, $alias=null) - $attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/contact/email', 2, 1, 'email'); - $attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/namePerson/first', 1, 1, 'firstname'); - $attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/namePerson/last', 1, 1, 'lastname'); - - // Create AX fetch request - $ax = new Auth_OpenID_AX_FetchRequest; - - // Add attributes to AX fetch request - foreach($attribute as $attr) { - $ax -> add($attr); - } - - // Add AX fetch request to authentication request - $auth -> addExtension($ax); - $_SESSION['returnURL'] = curPageURL(); - // Redirect to OpenID provider for authentication - $url = $auth -> redirectURL(getTrustRoot(), $_SESSION['returnURL']); - header('Location: ' . $url); - } - - -function auth() - -{ - if ($_SESSION['authed'] == true) return true; - - // Create file storage area for OpenID data - $store = new Auth_OpenID_FileStore('lib/openid-php/oid_store'); - // Create OpenID consumer - $consumer = new Auth_OpenID_Consumer($store); - // Create an authentication request to the OpenID provider - $response = $consumer -> complete($_SESSION['returnURL']); - - if ($response -> status == Auth_OpenID_SUCCESS) { - // Get registration informations - $ax = new Auth_OpenID_AX_FetchResponse(); - $obj = $ax -> fromSuccessResponse($response); - $email = $obj -> data['http://axschema.org/contact/email'][0]; - var_dump($email); - if ($email != "maxious@gmail.com") { - die("Access Denied"); - } else { - $_SESSION['authed'] = true; - } - } else { - login(); - } - } - if ($_REQUEST['janrain_nonce']) auth(); -?>