Add OpenID auth for editing pages
[busui.git] / include / common-auth.inc.php
blob:a/include/common-auth.inc.php -> blob:b/include/common-auth.inc.php
--- a/include/common-auth.inc.php
+++ b/include/common-auth.inc.php
@@ -1,91 +1,32 @@
 <?php
-function getScheme()
-{
-     $scheme = 'http';
-     if (isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') {
-        $scheme .= 's';
-         } 
-    return $scheme;
-    } 
 
-function getTrustRoot()
-{
-     return sprintf("%s://%s:%s%s/",
-         getScheme(), $_SERVER['SERVER_NAME'],
-         $_SERVER['SERVER_PORT'],
-         dirname($_SERVER['PHP_SELF']));
-    } 
+require ROOT . '/../lib/openid.php';
+$openid = new LightOpenID($_SERVER['HTTP_HOST']);
+
+function login() {
+    global $openid;
+    if (!$openid->mode) {
+        $openid->required = array('contact/email');
+        $openid->identity = 'https://www.google.com/accounts/o8/id';
+        header('Location: ' . $openid->authUrl());
+    }
+}
+
+function auth() {
+    if ($_SESSION['authed'] == true)
+        return true;
+    global $openid;
+
+    if ($openid->mode) {
+        $attr = $openid->getAttributes();
+        if ($attr['contact/email'] != 'maxious@gmail.com') {
+            die('Access Denied');
+        } else {
+            $_SESSION['authed'] = true;
+        }
+    } else {
+        login();
+    }
+}
 
 
-// Includes required files
-set_include_path(get_include_path() . PATH_SEPARATOR . $labsPath."lib/openid-php/");
-require_once "Auth/OpenID/Consumer.php";
-require_once "Auth/OpenID/FileStore.php";
-require_once "Auth/OpenID/AX.php";
-
-
-
-function login()
-{
-  // Just tested this with/for Google, needs trying with others ...
-$oid_identifier = 'https://www.google.com/accounts/o8/id';
-    // Create file storage area for OpenID data
-    $store = new Auth_OpenID_FileStore('lib/openid-php/oid_store');
-    // Create OpenID consumer
-    $consumer = new Auth_OpenID_Consumer($store);
-    // Create an authentication request to the OpenID provider
-    $auth = $consumer -> begin($oid_identifier);
-    
-    // Create attribute request object
-    // See http://code.google.com/apis/accounts/docs/OpenID.html#Parameters for parameters
-    // Usage: make($type_uri, $count=1, $required=false, $alias=null)
-    $attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/contact/email', 2, 1, 'email');
-    $attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/namePerson/first', 1, 1, 'firstname');
-    $attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/namePerson/last', 1, 1, 'lastname');
-    
-    // Create AX fetch request
-    $ax = new Auth_OpenID_AX_FetchRequest;
-    
-    // Add attributes to AX fetch request
-    foreach($attribute as $attr) {
-        $ax -> add($attr);
-        } 
-    
-    // Add AX fetch request to authentication request
-    $auth -> addExtension($ax);
-    $_SESSION['returnURL'] = curPageURL();
-    // Redirect to OpenID provider for authentication
-    $url = $auth -> redirectURL(getTrustRoot(), $_SESSION['returnURL']);
-    header('Location: ' . $url);
-    } 
-
-
-function auth()
-
-{
-  if ($_SESSION['authed'] == true) return true;
-
-     // Create file storage area for OpenID data
-    $store = new Auth_OpenID_FileStore('lib/openid-php/oid_store');
-     // Create OpenID consumer
-    $consumer = new Auth_OpenID_Consumer($store);
-     // Create an authentication request to the OpenID provider
-    $response = $consumer -> complete($_SESSION['returnURL']);
-    
-     if ($response -> status == Auth_OpenID_SUCCESS) {
-        // Get registration informations
-        $ax = new Auth_OpenID_AX_FetchResponse();
-         $obj = $ax -> fromSuccessResponse($response);
-         $email = $obj -> data['http://axschema.org/contact/email'][0];
-         var_dump($email);
-         if ($email != "maxious@gmail.com") {
-            die("Access Denied");
-             } else {
-               $_SESSION['authed'] = true;
-             }
-        } else {
-        login();
-         } 
-    } 
-    if ($_REQUEST['janrain_nonce']) auth();
-?>