diff options
author | Theo Chatzimichos <tampakrap@gentoo.org> | 2010-10-27 11:13:08 +0300 |
---|---|---|
committer | Theo Chatzimichos <tampakrap@gentoo.org> | 2010-10-27 11:13:08 +0300 |
commit | e7fac954e7932db9a62c717ba0acf078401fbe96 (patch) | |
tree | 9ef7cb9a42ea18a659b5d8857e6a7a282d0c9463 /plugins/openid/consumer.php | |
parent | small fixes in update script (diff) | |
download | blogs-gentoo-e7fac954e7932db9a62c717ba0acf078401fbe96.tar.gz blogs-gentoo-e7fac954e7932db9a62c717ba0acf078401fbe96.tar.bz2 blogs-gentoo-e7fac954e7932db9a62c717ba0acf078401fbe96.zip |
Add the following plugins:
- aksimet
- clean archives reloaded
- google intergration toolkit
- openid
- smart youtube
- wp stats
- wp-syntax
- wp-security scan
Diffstat (limited to 'plugins/openid/consumer.php')
-rw-r--r-- | plugins/openid/consumer.php | 255 |
1 files changed, 255 insertions, 0 deletions
diff --git a/plugins/openid/consumer.php b/plugins/openid/consumer.php new file mode 100644 index 00000000..d88eeac0 --- /dev/null +++ b/plugins/openid/consumer.php @@ -0,0 +1,255 @@ +<?php +/** + * Functions related to the OpenID Consumer. + */ + + +// hooks for getting user data +add_filter('openid_auth_request_extensions', 'openid_add_sreg_extension', 10, 2); +add_filter('openid_auth_request_extensions', 'openid_add_ax_extension', 10, 2); + +add_filter( 'xrds_simple', 'openid_consumer_xrds_simple'); + +/** + * Get the internal OpenID Consumer object. If it is not already initialized, do so. + * + * @return Auth_OpenID_Consumer OpenID consumer object + */ +function openid_getConsumer() { + static $consumer; + + if (!$consumer) { + set_include_path( dirname(__FILE__) . PATH_SEPARATOR . get_include_path() ); + require_once 'Auth/OpenID/Consumer.php'; + restore_include_path(); + + $store = openid_getStore(); + $consumer = new Auth_OpenID_Consumer($store); + if( null === $consumer ) { + openid_error('OpenID consumer could not be created properly.'); + openid_enabled(false); + } + + } + + return $consumer; +} + + +/** + * Send the user to their OpenID provider to authenticate. + * + * @param Auth_OpenID_AuthRequest $auth_request OpenID authentication request object + * @param string $trust_root OpenID trust root + * @param string $return_to URL where the OpenID provider should return the user + */ +function openid_redirect($auth_request, $trust_root, $return_to) { + do_action('openid_redirect', $auth_request, $trust_root, $return_to); + + $message = $auth_request->getMessage($trust_root, $return_to, false); + + if (Auth_OpenID::isFailure($message)) { + return openid_error('Could not redirect to server: '.$message->message); + } + + $_SESSION['openid_return_to'] = $message->getArg(Auth_OpenID_OPENID_NS, 'return_to'); + + // send 302 redirect or POST + if ($auth_request->shouldSendRedirect()) { + $redirect_url = $auth_request->redirectURL($trust_root, $return_to); + wp_redirect( $redirect_url ); + } else { + openid_repost($auth_request->endpoint->server_url, $message->toPostArgs()); + } +} + + +/** + * Finish OpenID Authentication. + * + * @return String authenticated identity URL, or null if authentication failed. + */ +function finish_openid_auth() { + @session_start(); + + $consumer = openid_getConsumer(); + if ( array_key_exists('openid_return_to', $_SESSION) ) { + $openid_return_to = $_SESSION['openid_return_to']; + } + if ( empty($openid_return_to) ) { + $openid_return_to = openid_service_url('consumer'); + } + + $response = $consumer->complete($openid_return_to); + + unset($_SESSION['openid_return_to']); + openid_response($response); + + switch( $response->status ) { + case Auth_OpenID_CANCEL: + openid_message(__('OpenID login was cancelled.', 'openid')); + openid_status('error'); + break; + + case Auth_OpenID_FAILURE: + openid_message(sprintf(__('OpenID login failed: %s', 'openid'), $response->message)); + openid_status('error'); + break; + + case Auth_OpenID_SUCCESS: + openid_message(__('OpenID login successful', 'openid')); + openid_status('success'); + + $identity_url = $response->identity_url; + $escaped_url = htmlspecialchars($identity_url, ENT_QUOTES); + return $escaped_url; + + default: + openid_message(__('Unknown Status. Bind not successful. This is probably a bug.', 'openid')); + openid_status('error'); + } + + return null; +} + + +/** + * Begin login by activating the OpenID consumer. + * + * @param string $url claimed ID + * @return Auth_OpenID_Request OpenID Request + */ +function openid_begin_consumer($url) { + static $request; + + @session_start(); + if ($request == NULL) { + set_error_handler( 'openid_customer_error_handler'); + + $consumer = openid_getConsumer(); + $request = $consumer->begin($url); + + restore_error_handler(); + } + + return $request; +} + + +/** + * Start the OpenID authentication process. + * + * @param string $claimed_url claimed OpenID URL + * @param string $action OpenID action being performed + * @param string $finish_url stored in user session for later redirect + * @uses apply_filters() Calls 'openid_auth_request_extensions' to gather extensions to be attached to auth request + */ +function openid_start_login( $claimed_url, $action, $finish_url = null) { + if ( empty($claimed_url) ) return; // do nothing. + + $auth_request = openid_begin_consumer( $claimed_url ); + + if ( null === $auth_request ) { + openid_status('error'); + openid_message(sprintf( + __('Could not discover an OpenID identity server endpoint at the url: %s', 'openid'), + htmlentities($claimed_url) + )); + + return; + } + + @session_start(); + $_SESSION['openid_action'] = $action; + $_SESSION['openid_finish_url'] = $finish_url; + + $extensions = apply_filters('openid_auth_request_extensions', array(), $auth_request); + foreach ($extensions as $e) { + if (is_a($e, 'Auth_OpenID_Extension')) { + $auth_request->addExtension($e); + } + } + + $return_to = openid_service_url('consumer', 'login_post'); + $return_to = apply_filters('openid_return_to', $return_to); + + $trust_root = openid_trust_root($return_to); + + openid_redirect($auth_request, $trust_root, $return_to); + exit(0); +} + + +/** + * Build an Attribute Exchange attribute query extension if we've never seen this OpenID before. + */ +function openid_add_ax_extension($extensions, $auth_request) { + if(!get_user_by_openid($auth_request->endpoint->claimed_id)) { + set_include_path( dirname(__FILE__) . PATH_SEPARATOR . get_include_path() ); + require_once('Auth/OpenID/AX.php'); + restore_include_path(); + + if ($auth_request->endpoint->usesExtension(Auth_OpenID_AX_NS_URI)) { + $ax_request = new Auth_OpenID_AX_FetchRequest(); + $ax_request->add(Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/friendly', 1, true)); + $ax_request->add(Auth_OpenID_AX_AttrInfo::make('http://axschema.org/contact/email', 1, true)); + $ax_request->add(Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson', 1, true)); + + $extensions[] = $ax_request; + } + } + + return $extensions; +} + + +/** + * Build an SReg attribute query extension if we've never seen this OpenID before. + */ +function openid_add_sreg_extension($extensions, $auth_request) { + if(!get_user_by_openid($auth_request->endpoint->claimed_id)) { + set_include_path( dirname(__FILE__) . PATH_SEPARATOR . get_include_path() ); + require_once('Auth/OpenID/SReg.php'); + restore_include_path(); + + if ($auth_request->endpoint->usesExtension(Auth_OpenID_SREG_NS_URI_1_0) || $auth_request->endpoint->usesExtension(Auth_OpenID_SREG_NS_URI_1_1)) { + $extensions[] = Auth_OpenID_SRegRequest::build(array(),array('nickname','email','fullname')); + } + } + + return $extensions; +} + + +/** + * Finish OpenID authentication. + * + * @param string $action login action that is being performed + * @uses do_action() Calls 'openid_finish_auth' hook action after processing the authentication response. + */ +function finish_openid($action) { + $identity_url = finish_openid_auth(); + do_action('openid_finish_auth', $identity_url, $action); +} + + +/** + * + * @uses apply_filters() Calls 'openid_consumer_return_urls' to collect return_to URLs to be included in XRDS document. + */ +function openid_consumer_xrds_simple($xrds) { + + if (get_option('openid_xrds_returnto')) { + // OpenID Consumer Service + $return_urls = array_unique(apply_filters('openid_consumer_return_urls', array(openid_service_url('consumer', 'login_post')))); + if (!empty($return_urls)) { + $xrds = xrds_add_simple_service($xrds, 'OpenID Consumer Service', 'http://specs.openid.net/auth/2.0/return_to', $return_urls); + } + } + + return $xrds; +} + + + + |