<?php |
<?php |
function getScheme() |
require $basePath.'lib/openid.php'; |
{ |
$openid = new LightOpenID($_SERVER['HTTP_HOST']); |
$scheme = 'http'; |
|
if (isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') { |
|
$scheme .= 's'; |
|
} |
|
return $scheme; |
|
} |
|
|
|
function getTrustRoot() |
|
{ |
|
return sprintf("%s://%s:%s%s/", |
|
getScheme(), $_SERVER['SERVER_NAME'], |
|
$_SERVER['SERVER_PORT'], |
|
dirname($_SERVER['PHP_SELF'])); |
|
} |
|
|
|
|
|
// Includes required files |
|
set_include_path(get_include_path() . PATH_SEPARATOR . $labsPath."lib/openid-php/"); |
|
require_once "Auth/OpenID/Consumer.php"; |
|
require_once "Auth/OpenID/FileStore.php"; |
|
require_once "Auth/OpenID/AX.php"; |
|
|
|
|
|
|
|
function login() |
function login() |
{ |
{ |
// Just tested this with/for Google, needs trying with others ... |
global $openid; |
$oid_identifier = 'https://www.google.com/accounts/o8/id'; |
if(!$openid->mode) { |
// Create file storage area for OpenID data |
$openid->required = array('contact/email'); |
$store = new Auth_OpenID_FileStore('lib/openid-php/oid_store'); |
$openid->identity = 'https://www.google.com/accounts/o8/id'; |
// Create OpenID consumer |
header('Location: ' . $openid->authUrl()); |
$consumer = new Auth_OpenID_Consumer($store); |
} |
// Create an authentication request to the OpenID provider |
|
$auth = $consumer -> begin($oid_identifier); |
|
|
|
// Create attribute request object |
|
// See http://code.google.com/apis/accounts/docs/OpenID.html#Parameters for parameters |
|
// Usage: make($type_uri, $count=1, $required=false, $alias=null) |
|
$attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/contact/email', 2, 1, 'email'); |
|
$attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/namePerson/first', 1, 1, 'firstname'); |
|
$attribute[] = Auth_OpenID_AX_AttrInfo :: make('http://axschema.org/namePerson/last', 1, 1, 'lastname'); |
|
|
|
// Create AX fetch request |
|
$ax = new Auth_OpenID_AX_FetchRequest; |
|
|
|
// Add attributes to AX fetch request |
|
foreach($attribute as $attr) { |
|
$ax -> add($attr); |
|
} |
|
|
|
// Add AX fetch request to authentication request |
|
$auth -> addExtension($ax); |
|
$_SESSION['returnURL'] = curPageURL(); |
|
// Redirect to OpenID provider for authentication |
|
$url = $auth -> redirectURL(getTrustRoot(), $_SESSION['returnURL']); |
|
header('Location: ' . $url); |
|
} |
} |
|
|
|
|
function auth() |
function auth() |
|
|
{ |
{ |
if ($_SESSION['authed'] == true) return true; |
if ($_SESSION['authed'] == true) return true; |
|
global $openid; |
// Create file storage area for OpenID data |
|
$store = new Auth_OpenID_FileStore('lib/openid-php/oid_store'); |
if($openid->mode) { |
// Create OpenID consumer |
$attr = $openid->getAttributes(); |
$consumer = new Auth_OpenID_Consumer($store); |
if ($attr["contact/email"] != "maxious@gmail.com") { |
// Create an authentication request to the OpenID provider |
|
$response = $consumer -> complete($_SESSION['returnURL']); |
|
|
|
if ($response -> status == Auth_OpenID_SUCCESS) { |
|
// Get registration informations |
|
$ax = new Auth_OpenID_AX_FetchResponse(); |
|
$obj = $ax -> fromSuccessResponse($response); |
|
$email = $obj -> data['http://axschema.org/contact/email'][0]; |
|
var_dump($email); |
|
if ($email != "maxious@gmail.com") { |
|
die("Access Denied"); |
die("Access Denied"); |
} else { |
} else { |
$_SESSION['authed'] = true; |
$_SESSION['authed'] = true; |
} |
} |
} else { |
} else { |
login(); |
login(); |
} |
} |
} |
} |
if ($_REQUEST['janrain_nonce']) auth(); |
|
?> |
|