projects / busui.git / commitdiff
search:
summary | shortlog | log | commit | commitdiff | tree
unified | plain
Purge openid-php
Purge openid-php

file:a/.gitignore -> file:b/.gitignore
   
/labs/tiles/12 /labs/tiles/12
/labs/tiles/13 /labs/tiles/13
/labs/tiles/14 /labs/tiles/14
/labs/tiles/15 /labs/tiles/15
/labs/tiles/16 /labs/tiles/16
/labs/tiles/17 /labs/tiles/17
/labs/tiles/19 /labs/tiles/19
  /nbproject/private/
file:a/aws/busuiphp.sh -> file:b/aws/busuiphp.sh
cp /root/aws.php /tmp/ cp /root/aws.php /tmp/
mkdir /var/www/lib/staticmaplite/cache mkdir /var/www/lib/staticmaplite/cache
chcon -h system_u:object_r:httpd_sys_content_t /var/www chcon -h system_u:object_r:httpd_sys_content_t /var/www
chcon -R -h root:object_r:httpd_sys_content_t /var/www/* chcon -R -h root:object_r:httpd_sys_content_t /var/www/*
   
chcon -R -t httpd_sys_content_rw_t /var/www/lib/staticmaplite/cache chcon -R -t httpd_sys_content_rw_t /var/www/lib/staticmaplite/cache
chmod -R 777 /var/www/lib/staticmaplite/cache chmod -R 777 /var/www/lib/staticmaplite/cache
   
chcon -R -t httpd_sys_content_rw_t /var/www/labs/tiles chcon -R -t httpd_sys_content_rw_t /var/www/labs/tiles
chmod -R 777 /var/www/labs/tiles chmod -R 777 /var/www/labs/tiles
   
  mkdir /var/www/lib/openid-php/oid_store
chcon -R -t httpd_sys_content_rw_t /var/www/lib/openid-php/oid_store chcon -R -t httpd_sys_content_rw_t /var/www/lib/openid-php/oid_store
chmod -R 777 /var/www/lib/openid-php/oid_store chmod -R 777 /var/www/lib/openid-php/oid_store
   
wget http://s3-ap-southeast-1.amazonaws.com/busresources/cbrfeed.zip \ wget http://s3-ap-southeast-1.amazonaws.com/busresources/cbrfeed.zip \
-O /var/www/cbrfeed.zip -O /var/www/cbrfeed.zip
file:a/include/common-auth.inc.php -> file:b/include/common-auth.inc.php
<?php <?php
function getScheme() require $basePath.'lib/openid.php';
{ $openid = new LightOpenID($_SERVER['HTTP_HOST']);
$scheme = 'http';  
if (isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') {  
$scheme .= 's';  
}  
return $scheme;  
}  
   
function getTrustRoot()  
{  
return sprintf("%s://%s:%s%s/",  
getScheme(), $_SERVER['SERVER_NAME'],  
$_SERVER['SERVER_PORT'],  
dirname($_SERVER['PHP_SELF']));  
}  
   
   
// Includes required files  
set_include_path(get_include_path() . PATH_SEPARATOR . $labsPath."lib/openid-php/");  
require_once "Auth/OpenID/Consumer.php";  
require_once "Auth/OpenID/FileStore.php";  
require_once "Auth/OpenID/AX.php";  
   
   
   
function login() function login()
{ {
// Just tested this with/for Google, needs trying with others ... global $openid;
$oid_identifier = 'https://www.google.com/accounts/o8/id'; if(!$openid->mode) {
// Create file storage area for OpenID data $openid->required = array('contact/email');
$store = new Auth_OpenID_FileStore('lib/openid-php/oid_store'); $openid->identity = 'https://www.google.com/accounts/o8/id';
// Create OpenID consumer header('Location: ' . $openid->authUrl());
$consumer = new Auth_OpenID_Consumer($store); }
// Create an authentication request to the OpenID provider  
$auth = $consumer -> begin($oid_identifier);  
   
// Create attribute request object  
// See http://code.google.com/apis/accounts/docs/OpenID.html#Parameters for parameters  
// Usage: make($type_uri, $count=1, $required=false, $alias=null)  
$attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/contact/email', 2, 1, 'email');  
$attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/namePerson/first', 1, 1, 'firstname');  
$attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/namePerson/last', 1, 1, 'lastname');  
   
// Create AX fetch request  
$ax = new Auth_OpenID_AX_FetchRequest;  
   
// Add attributes to AX fetch request  
foreach($attribute as $attr) {  
$ax -> add($attr);  
}  
   
// Add AX fetch request to authentication request  
$auth -> addExtension($ax);  
$_SESSION['returnURL'] = curPageURL();  
// Redirect to OpenID provider for authentication  
$url = $auth -> redirectURL(getTrustRoot(), $_SESSION['returnURL']);  
header('Location: ' . $url);  
} }
   
   
function auth() function auth()
   
{ {
if ($_SESSION['authed'] == true) return true; if ($_SESSION['authed'] == true) return true;
  global $openid;
// Create file storage area for OpenID data  
$store = new Auth_OpenID_FileStore('lib/openid-php/oid_store'); if($openid->mode) {
// Create OpenID consumer $attr = $openid->getAttributes();
$consumer = new Auth_OpenID_Consumer($store); if ($attr["contact/email"] != "maxious@gmail.com") {
// Create an authentication request to the OpenID provider  
$response = $consumer -> complete($_SESSION['returnURL']);  
   
if ($response -> status == Auth_OpenID_SUCCESS) {  
// Get registration informations  
$ax = new Auth_OpenID_AX_FetchResponse();  
$obj = $ax -> fromSuccessResponse($response);  
$email = $obj -> data['http://axschema.org/contact/email'][0];  
var_dump($email);  
if ($email != "maxious@gmail.com") {  
die("Access Denied"); die("Access Denied");
} else { } else {
$_SESSION['authed'] = true; $_SESSION['authed'] = true;
} }
} else { } else {
login(); login();
} }
} }
if ($_REQUEST['janrain_nonce']) auth();  
?> ?>
file:a/lib/openid-php/Auth/OpenID.php (deleted)
<?php  
 
/**  
* This is the PHP OpenID library by JanRain, Inc.  
*  
* This module contains core utility functionality used by the  
* library. See Consumer.php and Server.php for the consumer and  
* server implementations.  
*  
* PHP versions 4 and 5  
*  
* LICENSE: See the COPYING file included in this distribution.  
*  
* @package OpenID  
* @author JanRain, Inc. <openid@janrain.com>  
* @copyright 2005-2008 Janrain, Inc.  
* @license http://www.apache.org/licenses/LICENSE-2.0 Apache  
*/  
 
/**  
* The library version string  
*/  
define('Auth_OpenID_VERSION', '2.2.2');  
 
/**  
* Require the fetcher code.  
*/  
require_once "Auth/Yadis/PlainHTTPFetcher.php";  
require_once "Auth/Yadis/ParanoidHTTPFetcher.php";  
require_once "Auth/OpenID/BigMath.php";  
require_once "Auth/OpenID/URINorm.php";  
 
/**  
* Status code returned by the server when the only option is to show  
* an error page, since we do not have enough information to redirect  
* back to the consumer. The associated value is an error message that  
* should be displayed on an HTML error page.  
*  
* @see Auth_OpenID_Server  
*/  
define('Auth_OpenID_LOCAL_ERROR', 'local_error');  
 
/**  
* Status code returned when there is an error to return in key-value  
* form to the consumer. The caller should return a 400 Bad Request  
* response with content-type text/plain and the value as the body.  
*  
* @see Auth_OpenID_Server  
*/  
define('Auth_OpenID_REMOTE_ERROR', 'remote_error');  
 
/**  
* Status code returned when there is a key-value form OK response to  
* the consumer. The value associated with this code is the  
* response. The caller should return a 200 OK response with  
* content-type text/plain and the value as the body.  
*  
* @see Auth_OpenID_Server  
*/  
define('Auth_OpenID_REMOTE_OK', 'remote_ok');  
 
/**  
* Status code returned when there is a redirect back to the  
* consumer. The value is the URL to redirect back to. The caller  
* should return a 302 Found redirect with a Location: header  
* containing the URL.  
*  
* @see Auth_OpenID_Server  
*/  
define('Auth_OpenID_REDIRECT', 'redirect');  
 
/**  
* Status code returned when the caller needs to authenticate the  
* user. The associated value is a {@link Auth_OpenID_ServerRequest}  
* object that can be used to complete the authentication. If the user  
* has taken some authentication action, use the retry() method of the  
* {@link Auth_OpenID_ServerRequest} object to complete the request.  
*  
* @see Auth_OpenID_Server  
*/  
define('Auth_OpenID_DO_AUTH', 'do_auth');  
 
/**  
* Status code returned when there were no OpenID arguments  
* passed. This code indicates that the caller should return a 200 OK  
* response and display an HTML page that says that this is an OpenID  
* server endpoint.  
*  
* @see Auth_OpenID_Server  
*/  
define('Auth_OpenID_DO_ABOUT', 'do_about');  
 
/**  
* Defines for regexes and format checking.  
*/  
define('Auth_OpenID_letters',  
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ");  
 
define('Auth_OpenID_digits',  
"0123456789");  
 
define('Auth_OpenID_punct',  
"!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~");  
 
Auth_OpenID_include_init();  
 
/**  
* The OpenID utility function class.  
*  
* @package OpenID  
* @access private  
*/  
class Auth_OpenID {  
 
/**  
* Return true if $thing is an Auth_OpenID_FailureResponse object;  
* false if not.  
*  
* @access private  
*/  
static function isFailure($thing)  
{  
return is_a($thing, 'Auth_OpenID_FailureResponse');  
}  
 
/**  
* Gets the query data from the server environment based on the  
* request method used. If GET was used, this looks at  
* $_SERVER['QUERY_STRING'] directly. If POST was used, this  
* fetches data from the special php://input file stream.  
*  
* Returns an associative array of the query arguments.  
*  
* Skips invalid key/value pairs (i.e. keys with no '=value'  
* portion).  
*  
* Returns an empty array if neither GET nor POST was used, or if  
* POST was used but php://input cannot be opened.  
*  
* See background:  
* http://lists.openidenabled.com/pipermail/dev/2007-March/000395.html  
*  
* @access private  
*/  
static function getQuery($query_str=null)  
{  
$data = array();  
 
if ($query_str !== null) {  
$data = Auth_OpenID::params_from_string($query_str);  
} else if (!array_key_exists('REQUEST_METHOD', $_SERVER)) {  
// Do nothing.  
} else {  
// XXX HACK FIXME HORRIBLE.  
//  
// POSTing to a URL with query parameters is acceptable, but  
// we don't have a clean way to distinguish those parameters  
// when we need to do things like return_to verification  
// which only want to look at one kind of parameter. We're  
// going to emulate the behavior of some other environments  
// by defaulting to GET and overwriting with POST if POST  
// data is available.  
$data = Auth_OpenID::params_from_string($_SERVER['QUERY_STRING']);  
 
if ($_SERVER['REQUEST_METHOD'] == 'POST') {  
$str = file_get_contents('php://input');  
 
if ($str === false) {  
$post = array();  
} else {  
$post = Auth_OpenID::params_from_string($str);  
}  
 
$data = array_merge($data, $post);  
}  
}  
 
return $data;  
}  
 
static function params_from_string($str)  
{  
$chunks = explode("&", $str);  
 
$data = array();  
foreach ($chunks as $chunk) {  
$parts = explode("=", $chunk, 2);  
 
if (count($parts) != 2) {  
continue;  
}  
 
list($k, $v) = $parts;  
$data[urldecode($k)] = urldecode($v);  
}  
 
return $data;  
}  
 
/**  
* Create dir_name as a directory if it does not exist. If it  
* exists, make sure that it is, in fact, a directory. Returns  
* true if the operation succeeded; false if not.  
*  
* @access private  
*/  
static function ensureDir($dir_name)  
{  
if (is_dir($dir_name) || @mkdir($dir_name)) {  
return true;  
} else {  
$parent_dir = dirname($dir_name);  
 
// Terminal case; there is no parent directory to create.  
if ($parent_dir == $dir_name) {  
return true;  
}