| <?php | <?php |
| function getScheme() | |
| { | |
| $scheme = 'http'; | |
| if (isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') { | |
| $scheme .= 's'; | |
| } | |
| return $scheme; | |
| } | |
| function getTrustRoot() | require ROOT . '/../lib/openid.php'; |
| { | $openid = new LightOpenID($_SERVER['HTTP_HOST']); |
| return sprintf("%s://%s:%s%s/", | |
| getScheme(), $_SERVER['SERVER_NAME'], | function login() { |
| $_SERVER['SERVER_PORT'], | global $openid; |
| dirname($_SERVER['PHP_SELF'])); | if (!$openid->mode) { |
| } | $openid->required = array('contact/email'); |
| $openid->identity = 'https://www.google.com/accounts/o8/id'; | |
| header('Location: ' . $openid->authUrl()); | |
| } | |
| } | |
| function auth() { | |
| if ($_SESSION['authed'] == true) | |
| return true; | |
| global $openid; | |
| if ($openid->mode) { | |
| $attr = $openid->getAttributes(); | |
| if ($attr['contact/email'] != 'maxious@gmail.com') { | |
| die('Access Denied'); | |
| } else { | |
| $_SESSION['authed'] = true; | |
| } | |
| } else { | |
| login(); | |
| } | |
| } | |
| // Includes required files | |
| set_include_path(get_include_path() . PATH_SEPARATOR . $labsPath."lib/openid-php/"); | |
| require_once "Auth/OpenID/Consumer.php"; | |
| require_once "Auth/OpenID/FileStore.php"; | |
| require_once "Auth/OpenID/AX.php"; | |
| function login() | |
| { | |
| // Just tested this with/for Google, needs trying with others ... | |
| $oid_identifier = 'https://www.google.com/accounts/o8/id'; | |
| // Create file storage area for OpenID data | |
| $store = new Auth_OpenID_FileStore('lib/openid-php/oid_store'); | |
| // Create OpenID consumer | |
| $consumer = new Auth_OpenID_Consumer($store); | |
| // Create an authentication request to the OpenID provider | |
| $auth = $consumer -> begin($oid_identifier); | |
| // Create attribute request object | |
| // See http://code.google.com/apis/accounts/docs/OpenID.html#Parameters for parameters | |
| // Usage: make($type_uri, $count=1, $required=false, $alias=null) | |
| $attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/contact/email', 2, 1, 'email'); | |
| $attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/namePerson/first', 1, 1, 'firstname'); | |
| $attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/namePerson/last', 1, 1, 'lastname'); | |
| // Create AX fetch request | |
| $ax = new Auth_OpenID_AX_FetchRequest; | |
| // Add attributes to AX fetch request | |
| foreach($attribute as $attr) { | |
| $ax -> add($attr); | |
| } | |
| // Add AX fetch request to authentication request | |
| $auth -> addExtension($ax); | |
| $_SESSION['returnURL'] = curPageURL(); | |
| // Redirect to OpenID provider for authentication | |
| $url = $auth -> redirectURL(getTrustRoot(), $_SESSION['returnURL']); | |
| header('Location: ' . $url); | |
| } | |
| function auth() | |
| { | |
| if ($_SESSION['authed'] == true) return true; | |
| // Create file storage area for OpenID data | |
| $store = new Auth_OpenID_FileStore('lib/openid-php/oid_store'); | |
| // Create OpenID consumer | |
| $consumer = new Auth_OpenID_Consumer($store); | |
| // Create an authentication request to the OpenID provider | |
| $response = $consumer -> complete($_SESSION['returnURL']); | |
| if ($response -> status == Auth_OpenID_SUCCESS) { | |
| // Get registration informations | |
| $ax = new Auth_OpenID_AX_FetchResponse(); | |
| $obj = $ax -> fromSuccessResponse($response); | |
| $email = $obj -> data['http://axschema.org/contact/email'][0]; | |
| var_dump($email); | |
| if ($email != "maxious@gmail.com") { | |
| die("Access Denied"); | |
| } else { | |
| $_SESSION['authed'] = true; | |
| } | |
| } else { | |
| login(); | |
| } | |
| } | |
| if ($_REQUEST['janrain_nonce']) auth(); | |
| ?> |