1 <?php # vim:ts=2:sw=2:et:
2 /* For licensing and copyright terms, see the file named LICENSE */
4 die("open id code needs migrating.... - do not need it at present...");
7 require_once 'Auth/OpenID/Consumer.php';
8 require_once 'Auth/OpenID/FileStore.php';
9 require_once 'Auth/OpenID/SReg.php';
10 require_once 'Auth/OpenID/PAPE.php';
12 $store_location = MTrackConfig::get('openid', 'store_dir');
13 if (!$store_location) {
14 $store_location = MTrackConfig::get('core', 'vardir') . '/openid';
16 if (!is_dir($store_location)) {
17 mkdir($store_location);
19 $store = new Auth_OpenID_FileStore($store_location);
20 $consumer = new Auth_OpenID_Consumer($store);
24 $pi = mtrack_get_pathinfo();
25 if ($_SERVER['REQUEST_METHOD'] == 'POST' && $pi != 'register') {
29 if (!isset($_POST['openid_identifier']) ||
30 !strlen($_POST['openid_identifier'])) {
31 $message = "you must fill in your OpenID";
33 $id = $_POST['openid_identifier'];
34 if (!preg_match('/^https?:\/\//', $id)) {
37 $req = $consumer->begin($id);
39 $message = "not a valid OpenID";
43 $sreg = Auth_OpenID_SRegRequest::build(
44 array('nickname', 'fullname', 'email')
46 $req->addExtension($sreg);
48 if ($req->shouldSendRedirect()) {
49 $rurl = $req->redirectURL(
50 $ABSWEB, $ABSWEB . 'openid.php/callback');
51 if (Auth_OpenID::isFailure($rurl)) {
52 $message = "Unable to redirect to server: " . $rurl->message;
54 header("Location: $rurl");
58 $html = $req->htmlMarkup($ABSWEB, $ABSWEB . 'openid.php/callback',
59 false, array('id' => 'openid_message'));
60 if (Auth_OpenID::isFailure($html)) {
61 $message = "Unable to redirect to server: " . $html->message;
67 } else if ($pi == 'callback') {
68 $res = $consumer->complete($ABSWEB . 'openid.php/callback');
70 if ($res->status == Auth_OpenID_CANCEL) {
71 $message = 'Verification cancelled';
72 } else if ($res->status == Auth_OpenID_FAILURE) {
73 $message = 'OpenID authentication failed: ' . $res->message;
74 } else if ($res->status == Auth_OpenID_SUCCESS) {
75 $id = $res->getDisplayIdentifier();
76 $sreg = Auth_OpenID_SRegResponse::fromSuccessResponse($res)->contents();
78 if (!empty($sreg['nickname'])) {
79 $name = $sreg['nickname'];
80 } else if (!empty($sreg['fullname'])) {
81 $name = $sreg['fullname'];
85 $message = 'Authenticated as ' . $name;
87 $_SESSION['openid.id'] = $id;
88 unset($_SESSION['openid.userid']);
89 $_SESSION['openid.name'] = $name;
90 if (!empty($sreg['email'])) {
91 $_SESSION['openid.email'] = $sreg['email'];
93 /* See if we can find a canonical identity for the user */
94 foreach (MTrackDB::q('select userid from useraliases where alias = ?',
95 $id)->fetchAll() as $row) {
96 $_SESSION['openid.userid'] = $row[0];
100 if (!isset($_SESSION['openid.userid'])) {
101 /* no alias; is there a direct userinfo entry? */
102 foreach (MTrackDB::q('select userid from userinfo where userid = ?',
103 $id)->fetchAll() as $row) {
104 $_SERVER['openid.userid'] = $row[0];
109 if (!isset($_SESSION['openid.userid'])) {
110 /* prompt the user to fill out some basic details so that we can create
111 * a local identity and associate their OpenID with it */
112 header("Location: {$ABSWEB}openid.php/register?" .
113 http_build_query($sreg));
115 header("Location: " . $ABSWEB);
119 $message = 'An error occurred while talking to your OpenID provider';
121 } else if ($pi == 'signout') {
123 header('Location: ' . $ABSWEB);
125 } else if ($pi == 'register') {
127 if (!isset($_SESSION['openid.id'])) {
128 header("Location: " . $ABSWEB);
132 $userid = isset($_REQUEST['nickname']) ? $_REQUEST['nickname'] : '';
133 $email = isset($_REQUEST['email']) ? $_REQUEST['email'] : '';
136 /* See if we can find a canonical identity for the user */
137 foreach (MTrackDB::q('select userid from useraliases where alias = ?',
138 $_SESSION['openid.id'])->fetchAll() as $row) {
139 header("Location: " . $ABSWEB);
143 if ($_SERVER['REQUEST_METHOD'] == 'POST') {
144 if (!strlen($userid)) {
145 $message = 'You must enter a userid';
147 /* is the requested id available? */
149 foreach (MTrackDB::q('select userid from userinfo where userid = ?',
150 $userid)->fetchAll() as $row) {
152 $message = "Your selected user ID is not available";
155 MTrackDB::q('insert into userinfo (userid, email, active) values (?, ?, 1)', $userid, $email);
156 /* we know the alias doesn't already exist, because we double-checked
158 MTrackDB::q('insert into useraliases (userid, alias) values (?,?)',
159 $userid, $_SESSION['openid.id']);
160 header("Location: {$ABSWEB}user.php?user=$userid&edit=1");
166 mtrack_head('Register');
168 $userid = htmlentities($userid, ENT_QUOTES, 'utf-8');
169 $email = htmlentities($email, ENT_QUOTES, 'utf-8');
172 $message = htmlentities($message, ENT_QUOTES, 'utf-8');
174 <div class='ui-state-error ui-corner-all'>
175 <span class='ui-icon ui-icon-alert'></span>
182 <h1>Set up your local account</h1>
184 User ID: <input type='text' name='nickname' value='$userid'><br>
185 Email: <input type='text' name='email' value='$email'><br>
186 <button type='submit'>Save</button>
195 mtrack_head('Authentication Required');
196 echo "<h1>Please sign in with your <a id='openidlink' href='http://openid.net'><img src='{$ABSWEB}images/logo_openid.png' alt='OpenID' border='0'></a></h1>\n";
197 echo "<form method='post' action='{$ABSWEB}openid.php'>";
198 echo "<input type='text' name='openid_identifier' id='openid_identifier'>";
199 echo " <button type='submit' id='openid-sign-in'>Sign In</button>";
202 $message = htmlentities($message, ENT_QUOTES, 'utf-8');
204 <div class='ui-state-highlight ui-corner-all'>
205 <span class='ui-icon ui-icon-info'></span>