blob: 0f73b8bb1fad65e17566694b2ce3cad1ac079f1b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
<?php
require_once "lib/common.php";
require_once "lib/session.php";
require_once "lib/render.php";
require_once "lib/render/login.php";
require_once "lib/render/sites.php";
/**
* Handle a standard OpenID server request
*/
function action_default()
{
$server = getServer();
return handleResponse($server->getOpenIDResponse());
}
/**
* Log out the currently logged in user
*/
function action_logout()
{
setLoggedInUser(null);
setRequestInfo(null);
return authCancel(null);
}
/**
* Check the input values for a login request
*/
function login_checkInput($input)
{
$openid_url = false;
$errors = array();
if (!isset($input['openid_url'])) {
$errors[] = 'Enter an OpenID URL to continue';
}
if (!isset($input['password'])) {
$errors[] = 'Enter a password to continue';
}
if (count($errors) == 0) {
$openid_url = $input['openid_url'];
$openid_url = Auth_OpenID_normalizeUrl($openid_url);
$password = $input['password'];
if (!checkLogin($openid_url, $password)) {
$errors[] = 'The entered password does not match the ' .
'entered identity URL.';
}
}
return array($errors, $openid_url);
}
/**
* Log in a user and potentially continue the requested identity approval
*/
function action_login()
{
$method = $_SERVER['REQUEST_METHOD'];
switch ($method) {
case 'GET':
return login_render();
case 'POST':
$info = getRequestInfo();
$fields = $_POST;
if (isset($fields['cancel'])) {
return authCancel($info);
}
list ($errors, $openid_url) = login_checkInput($fields);
if (count($errors) || !$openid_url) {
$needed = $info ? $info->getIdentityURL() : false;
return login_render($errors, @$fields['openid_url'], $needed);
} else {
setLoggedInUser($openid_url);
return doAuth($info);
}
default:
return login_render(array('Unsupported HTTP method: $method'));
}
}
/**
* Ask the user whether he wants to trust this site
*/
function action_trust()
{
$info = getRequestInfo();
$trusted = isset($_POST['trust']);
if ($info && isset($_POST['remember'])) {
$sites = getSessionSites();
$sites[$info->getTrustRoot()] = $trusted;
setSessionSites($sites);
}
return doAuth($info, $trusted, true);
}
function htmlRepr(&$x)
{
return '<pre>' . htmlspecialchars(var_export($_POST, true)) . '</pre>';
}
function action_sites()
{
$sites = getSessionSites();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_POST['clear'])) {
$sites = null;
} else {
foreach ($_POST as $k => $v) {
if (preg_match('/^site[0-9]+$/', $k) && isset($sites[$v])) {
unset($sites[$v]);
}
}
}
setSessionSites($sites);
}
return sites_render($sites);
}
?>
|
