fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-28 15:49:57 +09:00
Code Issues Projects Releases Packages Wiki Activity

17515512: JanRain php-openid library included, normalization fix

Browse source 
git-svn-id: http://xe-core.googlecode.com/svn/sandbox@5137 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
araste 2008-12-19 11:00:19 +00:00
parent f541dd59b9
commit 658c0e6dbc
219 changed files with 41415 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

122
modules/member/php-openid-1.2.3/examples/README Normal file
View file

@ -0,0 +1,122 @@
OpenID Example Code
-------------------
After you've installed this package (see ../README), you can use these
example packages to get started. They'll show you what this package
can do, and you can use them as the basis for your own OpenID support.
consumer/: OpenID Example Consumer
==================================
NOTE: If you want to try the example consumer without installing this
package, just make sure you add the package's 'Auth' directory to your
PHP include path.
To try the example consumer implementation, just copy the consumer/
directory into a place on your web server and point your browser at
the new directory.
1. Check to be sure that /tmp is in your "open_basedir" configuration,
if open_basedir is being used to restrict PHP's file I/O. See
http://us2.php.net/features.safe-mode for more information. For
example, in your php.ini, change
open_basedir = "..."
to
open_basedir = "/tmp:..."
(If you really don't want to add /tmp to your open_basedir, you can
modify consumer/common.php and change $store_path so it doesn't
create the store directory in /tmp.)
2. Copy or symlink the consumer/ directory into a part of your
webserver's docroot. For example, if your DocumentRoot is
/var/www/, do this:
# cd /var/www
# ln -s /path/to/PHP-OpenID-X.Y.Z/examples/consumer
3. Navigate to http://www.example.com/consumer and enter an OpenID
into the form presented there and click "Verify".
consumer/ Files
===============
The 'index.php' file will render a form and get you started. These
are the example consumer files:
consumer/index.php - Renders a form so you can begin the OpenID auth
process. The form submits the OpenID to try_auth.php.
consumer/try_auth.php - Starts the authentication with the OpenID
server that manages your OpenID and redirects your browser to the
server's login page. Instructs the server to return to
finish_auth.php when you're done authenticating.
consumer/finish_auth.php - Finishes the authentication by checking
the server's response. Tells you if the authentication was
successful.
consumer/common.php - Includes the setup code you'll need to create
a Consumer object and participate in an OpenID authentication.
server/: OpenID Example Server
==============================
To try the example server, follow these steps:
1. Customize server/config.php based on what your PHP installation
supports. The documentation in the file describes what each value
is for.
2. Copy or symlink the server/ directory into a part of your
webserver's docroot. For example, if your DocumentRoot is
/var/www/, do this:
# cd /var/www
# ln -s /path/to/PHP-OpenID-X.Y.Z/examples/server
3. For each of the identity URLs you added to the $openid_users array
in config.php, add the following to the <HEAD> tag of the pages at
those URLs:
<link rel="openid.server" href="http://www.example.com/server/server.php" />
Where "www.example.com/server" is the path to the server symlink
that you created in step (2).
4. Navigate to http://www.example.com/server and click the "Log In"
link to test the OpenID(s) entered into the config file.
5. Use the OpenID checkup tool to try authenticating with your OpenID:
http://www.openidenabled.com/resources/openid-test/checkup
If your OpenID server isn't on the public internet, you can use the
example consumer packaged with this library. See the consumer
section above.
server/ Files
=============
These files make up the server example code:
config.php - The configuration file you'll need to customize to run
the example server.
server.php - The PHP rendering script that takes care of handling
server requests from both regular user agents and consumers.
lib/actions.php - Handles the various types of requests that the
server supports.
lib/common.php - Supplies functions that wrap the OpenID API calls
to make them easier to use.
lib/render.php - Miscellaneous page rendering code.
lib/session.php - Code to handle session data for user settings.
lib/render/*.php - Files for each page presented by the server.

41
modules/member/php-openid-1.2.3/examples/consumer/common.php Normal file
View file

@ -0,0 +1,41 @@
<?php
$path_extra = dirname(dirname(dirname(__FILE__)));
$path = ini_get('include_path');
$path = $path_extra . PATH_SEPARATOR . $path;
ini_set('include_path', $path);
/**
* Require the OpenID consumer code.
*/
require_once "Auth/OpenID/Consumer.php";
/**
* Require the "file store" module, which we'll need to store OpenID
* information.
*/
require_once "Auth/OpenID/FileStore.php";
/**
* This is where the example will store its OpenID information. You
* should change this path if you want the example store to be created
* elsewhere. After you're done playing with the example script,
* you'll have to remove this directory manually.
*/
$store_path = "/tmp/_php_consumer_test";
if (!file_exists($store_path) &&
!mkdir($store_path)) {
print "Could not create the FileStore directory '$store_path'. ".
" Please check the effective permissions.";
exit(0);
}
$store = new Auth_OpenID_FileStore($store_path);
/**
* Create a consumer object using the store object created earlier.
*/
$consumer = new Auth_OpenID_Consumer($store);
?>

38
modules/member/php-openid-1.2.3/examples/consumer/finish_auth.php Normal file
View file

@ -0,0 +1,38 @@
<?php
require_once "common.php";
session_start();
// Complete the authentication process using the server's response.
$response = $consumer->complete($_GET);
if ($response->status == Auth_OpenID_CANCEL) {
// This means the authentication was cancelled.
$msg = 'Verification cancelled.';
} else if ($response->status == Auth_OpenID_FAILURE) {
$msg = "OpenID authentication failed: " . $response->message;
} else if ($response->status == Auth_OpenID_SUCCESS) {
// This means the authentication succeeded.
$openid = $response->identity_url;
$esc_identity = htmlspecialchars($openid, ENT_QUOTES);
$success = sprintf('You have successfully verified ' .
'<a href="%s">%s</a> as your identity.',
$esc_identity, $esc_identity);
if ($response->endpoint->canonicalID) {
$success .= ' (XRI CanonicalID: '.$response->endpoint->canonicalID.') ';
}
$sreg = $response->extensionResponse('sreg');
if (@$sreg['email']) {
$success .= " You also returned '".$sreg['email']."' as your email.";
}
if (@$sreg['postcode']) {
$success .= " Your postal code is '".$sreg['postcode']."'";
}
}
include 'index.php';
?>

59
modules/member/php-openid-1.2.3/examples/consumer/index.php Normal file
View file

@ -0,0 +1,59 @@
<html>
<head><title>PHP OpenID Authentication Example</title></head>
<style type="text/css">
* {
font-family: verdana,sans-serif;
}
body {
width: 50em;
margin: 1em;
}
div {
padding: .5em;
}
table {
margin: none;
padding: none;
}
.alert {
border: 1px solid #e7dc2b;
background: #fff888;
}
.success {
border: 1px solid #669966;
background: #88ff88;
}
.error {
border: 1px solid #ff0000;
background: #ffaaaa;
}
#verify-form {
border: 1px solid #777777;
background: #dddddd;
margin-top: 1em;
padding-bottom: 0em;
}
</style>
<body>
<h1>PHP OpenID Authentication Example</h1>
<p>
This example consumer uses the <a
href="http://www.openidenabled.com/openid/libraries/php/">PHP
OpenID</a> library. It just verifies that the URL that you enter
is your identity URL.
</p>
<?php if (isset($msg)) { print "<div class=\"alert\">$msg</div>"; } ?>
<?php if (isset($error)) { print "<div class=\"error\">$error</div>"; } ?>
<?php if (isset($success)) { print "<div class=\"success\">$success</div>"; } ?>
<div id="verify-form">
<form method="get" action="try_auth.php">
Identity&nbsp;URL:
<input type="hidden" name="action" value="verify" />
<input type="text" name="openid_url" value="" />
<input type="submit" value="Verify" />
</form>
</div>
</body>
</html>

48
modules/member/php-openid-1.2.3/examples/consumer/try_auth.php Normal file
View file

@ -0,0 +1,48 @@
<?php
require_once "common.php";
session_start();
// Render a default page if we got a submission without an openid
// value.
if (empty($_GET['openid_url'])) {
$error = "Expected an OpenID URL.";
include 'index.php';
exit(0);
}
$scheme = 'http';
if (isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') {
$scheme .= 's';
}
$openid = $_GET['openid_url'];
$process_url = sprintf("$scheme://%s:%s%s/finish_auth.php",
$_SERVER['SERVER_NAME'], $_SERVER['SERVER_PORT'],
dirname($_SERVER['PHP_SELF']));
$trust_root = sprintf("$scheme://%s:%s%s",
$_SERVER['SERVER_NAME'], $_SERVER['SERVER_PORT'],
dirname($_SERVER['PHP_SELF']));
// Begin the OpenID authentication process.
$auth_request = $consumer->begin($openid);
// Handle failure status return values.
if (!$auth_request) {
$error = "Authentication error.";
include 'index.php';
exit(0);
}
$auth_request->addExtensionArg('sreg', 'optional', 'email');
// Redirect the user to the OpenID server for authentication. Store
// the token for this authentication so we can verify the response.
$redirect_url = $auth_request->redirectURL($trust_root,
$process_url);
header("Location: ".$redirect_url);
?>

496
modules/member/php-openid-1.2.3/examples/detect.php Normal file
View file

@ -0,0 +1,496 @@
<?php
$path_extra = dirname(dirname(__FILE__));
$path = ini_get('include_path');
$path = $path_extra . ':' . $path;
ini_set('include_path', $path);
define('IS_WINDOWS', strtoupper(substr(PHP_OS, 0, 3)) === 'WIN');
class PlainText {
function start($title)
{
return '';
}
function tt($text)
{
return $text;
}
function link($href, $text=null)
{
if ($text) {
return $text . ' <' . $href . '>';
} else {
return $href;
}
}
function b($text)
{
return '*' . $text . '*';
}
function contentType()
{
return 'text/plain';
}
function p($text)
{
return wordwrap($text) . "\n\n";
}
function pre($text)
{
$out = '';
$lines = array_map('trim', explode("\n", $text));
foreach ($lines as $line) {
$out .= ' ' . $line . "\n";
}
$out .= "\n";
return $out;
}
function ol($items)
{
$out = '';
$c = 1;
foreach ($items as $item) {
$item = wordwrap($item, 72);
$lines = array_map('trim', explode("\n", $item));
$out .= $c . '. ' . $lines[0] . "\n";
unset($lines[0]);
foreach ($lines as $line) {
$out .= ' ' . $line . "\n";
}
$out .= "\n";
$c += 1;
}
return $out;
}
function h2($text)
{
return $this->h($text, 2);
}
function h1($text)
{
return $this->h($text, 1);
}
function h($text, $n)
{
$chars = '#=+-.';
$c = $chars[$n - 1];
return "\n" . $text . "\n" . str_repeat($c, strlen($text)) . "\n\n";
}
function end()
{
return '';
}
}
class HTML {
function start($title)
{
return '<html><head><title>' . $title . '</title></head><body>' . "\n";
}
function tt($text)
{
return '<code>' . $text . '</code>';
}
function contentType()
{
return 'text/html';
}
function b($text)
{
return '<strong>' . $text . '</strong>';
}
function p($text)
{
return '<p>' . wordwrap($text) . "</p>\n";
}
function pre($text)
{
return '<pre>' . $text . "</pre>\n";
}
function ol($items)
{
$out = '<ol>';
foreach ($items as $item) {
$out .= '<li>' . wordwrap($item) . "</li>\n";
}
$out .= "</ol>\n";
return $out;
}
function h($text, $n)
{
return "<h$n>$text</h$n>\n";
}
function h2($text)
{
return $this->h($text, 2);
}
function h1($text)
{
return $this->h($text, 1);
}
function link($href, $text=null)
{
return '<a href="' . $href . '">' . ($text ? $text : $href) . '</a>';
}
function end()
{
return "</body>\n</html>\n";
}
}
if (isset($_SERVER['REQUEST_METHOD'])) {
$r = new HTML();
} else {
$r = new PlainText();
}
function detect_math($r, &$out)
{
global $_Auth_OpenID_math_extensions;
$out .= $r->h2('Math support');
$ext = Auth_OpenID_detectMathLibrary($_Auth_OpenID_math_extensions);
if (!isset($ext['extension']) || !isset($ext['class'])) {
$out .= $r->p(
'Your PHP installation does not include big integer math ' .
'support. This support is required if you wish to run a ' .
'secure OpenID server without using SSL.');
$out .= $r->p('To use this library, you have a few options:');
$gmp_lnk = $r->link('http://www.php.net/manual/en/ref.gmp.php', 'GMP');
$bc_lnk = $r->link('http://www.php.net/manual/en/ref.bc.php', 'bcmath');
$out .= $r->ol(array(
'Install the ' . $gmp_lnk . ' PHP extension',
'Install the ' . $bc_lnk . ' PHP extension',
'If your site is low-security, define ' .
'Auth_OpenID_NO_MATH_SUPPORT. The library will function, but ' .
'the security of your OpenID server will depend on the ' .
'security of the network links involved. If you are only ' .
'using consumer support, you should still be able to operate ' .
'securely when the users are communicating with a ' .
'well-implemented server.'));
return false;
} else {
switch ($ext['extension']) {
case 'bcmath':
$out .= $r->p('Your PHP installation has bcmath support. This is ' .
'adequate for small-scale use, but can be CPU-intensive. ' .
'You may want to look into installing the GMP extension.');
$lnk = $r->link('http://www.php.net/manual/en/ref.gmp.php');
$out .= $r->p('See ' . $lnk .' for more information ' .
'about the GMP extension.');
break;
case 'gmp':
$out .= $r->p('Your PHP installation has gmp support. Good.');
break;
default:
$class = $ext['class'];
$lib = new $class();
$one = $lib->init(1);
$two = $lib->add($one, $one);
$t = $lib->toString($two);
$out .= $r->p('Uh-oh. I do not know about the ' .
$ext['extension'] . ' extension!');
if ($t != '2') {
$out .= $r->p('It looks like it is broken. 1 + 1 = ' .
var_export($t, false));
return false;
} else {
$out .= $r->p('But it seems to be able to add one and one.');
}
}
return true; // Math library is OK
}
}
function detect_random($r, &$out)
{
$out .= $r->h2('Cryptographic-quality randomness source');
if (Auth_OpenID_RAND_SOURCE === null) {
$out .= $r->p('Using (insecure) pseudorandom number source, because ' .
'Auth_OpenID_RAND_SOURCE has been defined as null.');
return false;
}
$msg = 'The library will try to access ' . Auth_OpenID_RAND_SOURCE
. ' as a source of random data. ';
$numbytes = 6;
$f = @fopen(Auth_OpenID_RAND_SOURCE, 'r');
if ($f !== false) {
$data = fread($f, $numbytes);
$stat = fstat($f);
$size = $stat['size'];
fclose($f);
} else {
$data = null;
$size = true;
}
if ($f !== false) {
$dataok = (strlen($data) == $numbytes);
$ok = $dataok && !$size;
$msg .= 'It seems to exist ';
if ($dataok) {
$msg .= 'and be readable. Here is some hex data: ' .
bin2hex($data) . '.';
} else {
$msg .= 'but reading data failed.';
}
if ($size) {
$msg .= ' This is a ' . $size . ' byte file. Unless you know ' .
'what you are doing, it is likely that you are making a ' .
'mistake by using a regular file as a randomness source.';
}
} else {
$msg .= Auth_OpenID_RAND_SOURCE .
' could not be opened. This could be because of restrictions on' .
' your PHP environment or that randomness source may not exist' .
' on this platform.';
if (IS_WINDOWS) {
$msg .= ' You seem to be running Windows. This library does not' .
' have access to a good source of randomness on Windows.';
}
$ok = false;
}
$out .= $r->p($msg);
if (!$ok) {
$out .= $r->p(
'To set a source of randomness, define Auth_OpenID_RAND_SOURCE ' .
'to the path to the randomness source. If your platform does ' .
'not provide a secure randomness source, the library can' .
'operate in pseudorandom mode, but it is then vulnerable to ' .
'theoretical attacks. If you wish to operate in pseudorandom ' .
'mode, define Auth_OpenID_RAND_SOURCE to null.');
$out .= $r->p('You are running on:');
$out .= $r->pre(php_uname());
$out .= $r->p('There does not seem to be an available source ' .
'of randomness. On a Unix-like platform ' .
'(including MacOS X), try /dev/random and ' .
'/dev/urandom.');
}
return $ok;
}
function detect_stores($r, &$out)
{
$out .= $r->h2('Data storage');
$found = array();
foreach (array('sqlite', 'mysql', 'pgsql') as $dbext) {
if (extension_loaded($dbext) || @dl($dbext . '.' . PHP_SHLIB_SUFFIX)) {
$found[] = $dbext;
}
}
if (count($found) == 0) {
$text = 'No SQL database support was found in this PHP ' .
'installation. See the PHP manual if you need to ' .
'use an SQL database.';
} else {
$text = 'Support was found for ';
if (count($found) == 1) {
$text .= $found[0] . '.';
} else {
$last = array_pop($found);
$text .= implode(', ', $found) . ' and ' . $last . '.';
}
$text = $r->b($text);
}
$text .= ' The library supports the MySQL, PostgreSQL, and SQLite ' .
'database engines, as well as filesystem-based storage.';
$out .= $r->p($text);
if (function_exists('posix_getpwuid') &&
function_exists('posix_geteuid')) {
$processUser = posix_getpwuid(posix_geteuid());
$web_user = $r->b($r->tt($processUser['name']));
} else {
$web_user = 'the PHP process';
}
if (in_array('sqlite', $found)) {
$out .= $r->p('If you are using SQLite, your database must be ' .
'writable by ' . $web_user . ' and not available over' .
' the web.');
}
$basedir_str = ini_get('open_basedir');
if (gettype($basedir_str) == 'string') {
$url = 'http://www.php.net/manual/en/features.safe-mode.php' .
'#ini.open-basedir';
$lnk = $r->link($url, 'open_basedir');
$out .= $r->p('If you are using a filesystem-based store or SQLite, ' .
'be aware that ' . $lnk . ' is in effect. This means ' .
'that your data will have to be stored in one of the ' .
'following locations:');
$out .= $r->pre(var_export($basedir_str, true));
} else {
$out .= $r->p('The ' . $r->b($r->tt('open_basedir')) . ' configuration restriction ' .
'is not in effect.');
}
$out .= $r->p('If you are using the filesystem store, your ' .
'data directory must be readable and writable by ' .
$web_user . ' and not availabe over the Web.');
return true;
}
function detect_xml($r, &$out)
{
global $__Services_Yadis_xml_extensions;
$out .= $r->h2('XML Support');
// Try to get an XML extension.
$ext = Services_Yadis_getXMLParser();
if ($ext !== null) {
$out .= $r->p('XML parsing support is present using the '.
$r->b(get_class($ext)).' interface.');
return true;
} else {
$out .= $r->p('XML parsing support is absent; please install one '.
'of the following PHP extensions:');
foreach ($__Services_Yadis_xml_extensions as $name => $cls) {
$out .= "<li>" . $r->b($name) . "</li>";
}
return false;
}
}
function detect_fetcher($r, &$out)
{
$out .= $r->h2('HTTP Fetching');
$result = @include 'Services/Yadis/Yadis.php';
if (!$result) {
$out .= $r->p('Yadis code unavailable; could not test fetcher support.');
return false;
}
if (Services_Yadis_Yadis::curlPresent()) {
$out .= $r->p('This PHP installation has support for libcurl. Good.');
} else {
$out .= $r->p('This PHP installation does not have support for ' .
'libcurl. CURL is not required, but some functionality, ' .
'such as fetching HTTPS URLs, will be missing and ' .
' performance will not be as good.');
$lnk = $r->link('http://us3.php.net/manual/en/ref.curl.php');
$out .= $r->p('See ' . $lnk . ' about enabling the libcurl support ' .
'for PHP.');
}
$ok = true;
$fetcher = Services_Yadis_Yadis::getHTTPFetcher();
$fetch_url = 'http://www.openidenabled.com/resources/php-fetch-test';
$expected_url = $fetch_url . '.txt';
$result = $fetcher->get($fetch_url);
if (isset($result)) {
$parts = array('An HTTP request was completed.');
// list ($code, $url, $data) = $result;
if ($result->status != '200') {
$ok = false;
$parts[] = $r->b(
sprintf('Got %s instead of the expected HTTP status code ' .
'(200).', $result->status));
}
$url = $result->final_url;
if ($url != $expected_url) {
$ok = false;
if ($url == $fetch_url) {
$msg = 'The redirected URL was not returned.';
} else {
$msg = 'An unexpected URL was returned: <' . $url . '>.';
}
$parts[] = $r->b($msg);
}
$data = $result->body;
if ($data != 'Hello World!') {
$ok = false;
$parts[] = $r->b('Unexpected data was returned.');
}
$out .= $r->p(implode(' ', $parts));
} else {
$ok = false;
$out .= $r->p('Fetching URL ' . $lnk . ' failed!');
}
return $ok;
}
header('Content-Type: ' . $r->contentType() . '; charset=us-ascii');
$title = 'OpenID Library Support Report';
$out = $r->start($title) .
$r->h1($title) .
$r->p('This script checks your PHP installation to determine if you ' .
'are set up to use the JanRain PHP OpenID library.');
$body = '';
$_include = include 'Auth/OpenID.php';
if (!$_include) {
$path = ini_get('include_path');
$body .= $r->p(
'Cannot find the OpenID library. It must be in your PHP include ' .
'path. Your PHP include path is currently:');
$body .= $r->pre($path);
} else {
$status = array();
$status[] = detect_math($r, $body);
$status[] = detect_random($r, $body);
$status[] = detect_stores($r, $body);
$status[] = detect_fetcher($r, $body);
$status[] = detect_xml($r, $body);
$result = true;
foreach ($status as $v) {
if (!$v) {
$result = false;
break;
}
}
if ($result) {
$out .= $r->h2('Setup Complete!');
$out .= $r->p('Your system should be ready to run the OpenID library.');
} else {
$out .= $r->h2('Setup Incomplete');
$out .= $r->p('Your system needs a few changes before it will be ready to run the OpenID library.');
}
}
$out .= $body . $r->end();
print $out;
?>

5
modules/member/php-openid-1.2.3/examples/server/index.php Normal file
View file

@ -0,0 +1,5 @@
<?php
header("Location: server.php");
?>

169
modules/member/php-openid-1.2.3/examples/server/lib/actions.php Normal file
View file

@ -0,0 +1,169 @@
<?php
require_once "lib/common.php";
require_once "lib/session.php";
require_once "lib/render.php";
require_once "lib/render/login.php";
require_once "lib/render/sites.php";
require_once "Auth/OpenID.php";
/**
* Handle a standard OpenID server request
*/
function action_default()
{
$server =& getServer();
$method = $_SERVER['REQUEST_METHOD'];
$request = null;
if ($method == 'GET') {
$request = $_GET;
} else {
$request = $_POST;
}
$request = Auth_OpenID::fixArgs($request);
$request = $server->decodeRequest($request);
if (!$request) {
return about_render();
}
setRequestInfo($request);
if (in_array($request->mode,
array('checkid_immediate', 'checkid_setup'))) {
if (isTrusted($request->identity, $request->trust_root)) {
$response =& $request->answer(true);
$sreg = getSreg($request->identity);
if (is_array($sreg)) {
foreach ($sreg as $k => $v) {
$response->addField('sreg', $k,
$v);
}
}
} else if ($request->immediate) {
$response =& $request->answer(false, getServerURL());
} else {
if (!getLoggedInUser()) {
return login_render();
}
return trust_render($request);
}
} else {
$response =& $server->handleRequest($request);
}
$webresponse =& $server->encodeResponse($response);
foreach ($webresponse->headers as $k => $v) {
header("$k: $v");
}
header(header_connection_close);
print $webresponse->body;
exit(0);
}
/**
* Log out the currently logged in user
*/
function action_logout()
{
setLoggedInUser(null);
setRequestInfo(null);
return authCancel(null);
}
/**
* Check the input values for a login request
*/
function login_checkInput($input)
{
$openid_url = false;
$errors = array();
if (!isset($input['openid_url'])) {
$errors[] = 'Enter an OpenID URL to continue';
}
if (!isset($input['password'])) {
$errors[] = 'Enter a password to continue';
}
if (count($errors) == 0) {
$openid_url = $input['openid_url'];
$openid_url = Auth_OpenID::normalizeUrl($openid_url);
$password = $input['password'];
if (!checkLogin($openid_url, $password)) {
$errors[] = 'The entered password does not match the ' .
'entered identity URL.';
}
}
return array($errors, $openid_url);
}
/**
* Log in a user and potentially continue the requested identity approval
*/
function action_login()
{
$method = $_SERVER['REQUEST_METHOD'];
switch ($method) {
case 'GET':
return login_render();
case 'POST':
$info = getRequestInfo();
$fields = $_POST;
if (isset($fields['cancel'])) {
return authCancel($info);
}
list ($errors, $openid_url) = login_checkInput($fields);
if (count($errors) || !$openid_url) {
$needed = $info ? $info->identity : false;
return login_render($errors, @$fields['openid_url'], $needed);
} else {
setLoggedInUser($openid_url);
return doAuth($info);
}
default:
return login_render(array('Unsupported HTTP method: $method'));
}
}
/**
* Ask the user whether he wants to trust this site
*/
function action_trust()
{
$info = getRequestInfo();
$trusted = isset($_POST['trust']);
if ($info && isset($_POST['remember'])) {
$sites = getSessionSites();
$sites[$info->trust_root] = $trusted;
setSessionSites($sites);
}
return doAuth($info, $trusted, true);
}
function action_sites()
{
$sites = getSessionSites();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_POST['forget'])) {
$sites = null;
setSessionSites($sites);
} elseif (isset($_POST['remove'])) {
foreach ($_POST as $k => $v) {
if (preg_match('/^site[0-9]+$/', $k) && isset($sites[$v])) {
unset($sites[$v]);
}
}
setSessionSites($sites);
}
}
return sites_render($sites);
}
?>

63
modules/member/php-openid-1.2.3/examples/server/lib/common.php Normal file
View file

@ -0,0 +1,63 @@
<?php
require_once "lib/render.php";
require_once "lib/session.php";
require_once "lib/render/login.php";
require_once "lib/render/about.php";
require_once "lib/render/trust.php";
require_once "Auth/OpenID/Server.php";
require_once "Auth/OpenID/HMACSHA1.php";
function authCancel($info)
{
if ($info) {
setRequestInfo();
$url = $info->getCancelURL();
} else {
$url = getServerURL();
}
return redirect_render($url);
}
function doAuth($info, $trusted=null, $fail_cancels=false)
{
if (!$info) {
// There is no authentication information, so bail
return authCancel(null);
}
$req_url = $info->identity;
$user = getLoggedInUser();
setRequestInfo($info);
if ($req_url != $user) {
return login_render(array(), $req_url, $req_url);
}
$sites = getSessionSites();
$trust_root = $info->trust_root;
$fail_cancels = $fail_cancels || isset($sites[$trust_root]);
$trusted = isset($trusted) ? $trusted : isTrusted($req_url, $trust_root);
if ($trusted) {
setRequestInfo();
$server =& getServer();
$response =& $info->answer(true);
$webresponse =& $server->encodeResponse($response);
$new_headers = array();
foreach ($webresponse->headers as $k => $v) {
$new_headers[] = $k.": ".$v;
}
return array($new_headers, $webresponse->body);
} elseif ($fail_cancels) {
return authCancel($info);
} else {
return trust_render($info);
}
}
?>

112
modules/member/php-openid-1.2.3/examples/server/lib/render.php Normal file
View file

@ -0,0 +1,112 @@
<?php
define('page_template',
'<html>
<head>
<title>%s</title>
%s
</head>
<body>
%s
<div id="content">
<h1>%s</h1>
%s
</div>
</body>
</html>');
define('logged_in_pat', 'You are logged in as %s.');
/**
* HTTP response line contstants
*/
define('http_bad_request', 'HTTP/1.1 400 Bad Request');
define('http_found', 'HTTP/1.1 302 Found');
define('http_ok', 'HTTP/1.1 200 OK');
define('http_internal_error', 'HTTP/1.1 500 Internal Error');
/**
* HTTP header constants
*/
define('header_connection_close', 'Connection: close');
define('header_content_text', 'Content-Type: text/plain; charset=us-ascii');
define('redirect_message',
'Please wait; you are being redirected to <%s>');
/**
* Return a string containing an anchor tag containing the given URL
*
* The URL does not need to be quoted, but if text is passed in, then
* it does.
*/
function link_render($url, $text=null) {
$esc_url = htmlspecialchars($url, ENT_QUOTES);
$text = ($text === null) ? $esc_url : $text;
return sprintf('<a href="%s">%s</a>', $esc_url, $text);
}
/**
* Return an HTTP redirect response
*/
function redirect_render($redir_url)
{
$headers = array(http_found,
header_content_text,
header_connection_close,
'Location: ' . $redir_url,
);
$body = sprintf(redirect_message, $redir_url);
return array($headers, $body);
}
function navigation_render($msg, $items)
{
$what = link_render(buildURL(), 'PHP OpenID Server');
if ($msg) {
$what .= ' &mdash; ' . $msg;
}
if ($items) {
$s = '<p>' . $what . '</p><ul class="bottom">';
foreach ($items as $action => $text) {
$url = buildURL($action);
$s .= sprintf('<li>%s</li>', link_render($url, $text));
}
$s .= '</ul>';
} else {
$s = '<p class="bottom">' . $what . '</p>';
}
return sprintf('<div class="navigation">%s</div>', $s);
}
/**
* Render an HTML page
*/
function page_render($body, $user, $title, $h1=null, $login=false)
{
$h1 = $h1 ? $h1 : $title;
if ($user) {
$msg = sprintf(logged_in_pat, link_render($user));
$nav = array('logout' => 'Log Out',
'sites' => 'Remembered Sites',
);
$navigation = navigation_render($msg, $nav);
} else {
if (!$login) {
$msg = link_render(buildURL('login'), 'Log In');
$navigation = navigation_render($msg, array());
} else {
$navigation = '';
}
}
$style = getStyle();
$text = sprintf(page_template, $title, $style, $navigation, $h1, $body);
// No special headers here
$headers = array();
return array($headers, $text);
}
?>

58
modules/member/php-openid-1.2.3/examples/server/lib/render/about.php Normal file
View file

@ -0,0 +1,58 @@
<?php
require_once "lib/session.php";
require_once "lib/render.php";
define('about_error_template',
'<div class="error">
An error occurred when processing your request:
<br />
%s
</div>');
define('about_body',
'<p>
This is an <a href="http://www.openid.net/">OpenID</a> server
endpoint. This server is built on the <a
href="http://www.openidenabled.com/openid/libraries/php">JanRain PHP OpenID
library</a>. Since OpenID consumer sites will need to directly contact this
server, it must be accessible over the Internet (not behind a firewall).
</p>
<p>
To use this server, you will have to set up a URL to use as an identifier.
Insert the following markup into the <code>&lt;head&gt;</code> of the HTML
document at that URL:
</p>
<pre>&lt;link rel="openid.server" href="%s" /&gt;</pre>
<p>
Then configure this server so that you can log in with that URL. Once you
have configured the server, and marked up your identity URL, you can verify
that it is working by using the <a href="http://www.openidenabled.com/"
>openidenabled.com</a>
<a href="http://www.openidenabled.com/resources/openid-test/checkup">OpenID
Checkup tool</a>:
<form method="post"
action="http://www.openidenabled.com/resources/openid-test/checkup/start">
<label for="checkup">OpenID URL:
</label><input id="checkup" type="text" name="openid_url" />
<input type="submit" value="Check" />
</form>
</p>
');
/**
* Render the about page, potentially with an error message
*/
function about_render($error=false, $internal=true)
{
$headers = array();
$body = sprintf(about_body, buildURL());
if ($error) {
$headers[] = $internal ? http_internal_error : http_bad_request;
$body .= sprintf(about_error_template, htmlspecialchars($error));
}
$current_user = getLoggedInUser();
return page_render($body, $current_user, 'OpenID Server Endpoint');
}
?>

65
modules/member/php-openid-1.2.3/examples/server/lib/render/login.php Normal file
View file

@ -0,0 +1,65 @@
<?php
require_once "lib/session.php";
require_once "lib/render.php";
define('login_form_pat',
'<div class="form">
<p>
Enter your identity URL and password into this form to log in to
this server. This server must be configured to accept your identity URL.
</p>
<form method="post" action="%s">
<table>
<tr>
<th><label for="openid_url">OpenID URL:</label></th>
<td><input type="text" name="openid_url"
value="%s" id="openid_url" /></td>
</tr>
<tr>
<th><label for="password">Password:</label></th>
<td><input type="password" name="password" id="password" /></td>
</tr>
<tr>
<td colspan="2">
<input type="submit" value="Log in" />
<input type="submit" name="cancel" value="Cancel" />
</td>
</tr>
</table>
</form>
</div>
');
define('login_needed_pat',
'You must be logged in as %s to approve this request.');
function login_render($errors=null, $input=null, $needed=null)
{
$current_user = getLoggedInUser();
if ($input === null) {
$input = $current_user;
}
if ($needed) {
$errors[] = sprintf(login_needed_pat, link_render($needed));
}
$esc_input = htmlspecialchars($input, ENT_QUOTES);
$login_url = buildURL('login', true);
$body = sprintf(login_form_pat, $login_url, $esc_input);
if ($errors) {
$body = loginError_render($errors) . $body;
}
return page_render($body, $current_user, 'Log In', null, true);
}
function loginError_render($errors)
{
$text = '';
foreach ($errors as $error) {
$text .= sprintf("<li>%s</li>\n", $error);
}
return sprintf("<ul class=\"error\">\n%s</ul>\n", $text);
}
?>

83
modules/member/php-openid-1.2.3/examples/server/lib/render/sites.php Normal file
View file

@ -0,0 +1,83 @@
<?php
require_once "lib/session.php";
define('sites_form',
'<p>These decisions have been remembered for this session. All decisions
will be forgotten when the session ends.</p>
<div class="form">
<form method="post" action="%s">
<table>
<tbody>
%s
</tbody>
</table>
<input type="submit" name="remove" value="Remove Selected" />
<input type="submit" name="refresh" value="Refresh List" />
<input type="submit" name="forget" value="Forget All" />
</form>
</div>
');
define('sites_empty_message',
'<p>
No sites are remembered for this session. When you authenticate with a site,
you can choose to add it to this list by choosing <q>Remember this
decision</q>.
</p>
<p>%s</p>
');
define('sites_row',
'<tr>
<td><input type="checkbox" name=%s value="%s" id=%s /></td>
<td><label for=%s><code>%s</code></label></td>
</tr>');
function siteListRow_render($i, $site)
{
$esc_site = htmlspecialchars($site, ENT_QUOTES);
$id = sprintf('"site%s"', $i);
return sprintf(sites_row, $id, $esc_site, $id, $id, $esc_site);
}
function siteList_render($sites)
{
$trusted_sites = array();
$untrusted_sites = array();
foreach ($sites as $site => $trusted) {
if ($trusted) {
$trusted_sites[] = $site;
} else {
$untrusted_sites[] = $site;
}
}
$rows = '';
$i = 0;
foreach (array('Trusted Sites' => $trusted_sites,
'Untrusted Sites' => $untrusted_sites) as
$name => $sites) {
if ($sites) {
$rows .= '<tr><th colspan="2">'. $name . '</th></tr>';
foreach ($sites as $site) {
$rows .= siteListRow_render($i, $site);
$i += 1;
}
}
}
return $rows;
}
function sites_render($sites)
{
if ($sites) {
$rows = siteList_render($sites);
$form = sprintf(sites_form, buildURL('sites'), $rows);
$body = $pre . $form;
} else {
$body = sprintf(sites_empty_message, link_render(buildURL(''), 'Return home'));
}
return page_render($body, getLoggedInUser(), 'Remembered Sites');
}
?>

29
modules/member/php-openid-1.2.3/examples/server/lib/render/trust.php Normal file
View file

@ -0,0 +1,29 @@
<?php
require_once "lib/session.php";
require_once "lib/render.php";
define('trust_form_pat',
'<div class="form">
<p>Do you wish to confirm your identity URL (<code>%s</code>) with <code>%s</code>?</p>
<form method="post" action="%s">
<input type="checkbox" name="remember" value="on" id="remember"><label
for="remember">Remember this decision</label>
<br />
<input type="submit" name="trust" value="Confirm" />
<input type="submit" value="Do not confirm" />
</form>
</div>
');
function trust_render($info)
{
$current_user = getLoggedInUser();
$lnk = link_render($current_user);
$trust_root = htmlspecialchars($info->trust_root);
$trust_url = buildURL('trust', true);
$form = sprintf(trust_form_pat, $lnk, $trust_root, $trust_url);
return page_render($form, $current_user, 'Trust This Site');
}
?>

205
modules/member/php-openid-1.2.3/examples/server/lib/session.php Normal file
View file

@ -0,0 +1,205 @@
<?php
require_once "config.php";
require_once "lib/render.php";
require_once "Auth/OpenID/Server.php";
/**
* Set up the session
*/
function init()
{
session_name('openid_server');
session_start();
}
/**
* Get the style markup
*/
function getStyle()
{
$parent = rtrim(dirname(getServerURL()), '/');
$url = htmlspecialchars($parent . '/openid-server.css', ENT_QUOTES);
return sprintf('<link rel="stylesheet" type="text/css" href="%s" />', $url);
}
/**
* Get the URL of the current script
*/
function getServerURL()
{
$path = $_SERVER['SCRIPT_NAME'];
$host = $_SERVER['HTTP_HOST'];
$port = $_SERVER['SERVER_PORT'];
$s = $_SERVER['HTTPS'] ? 's' : '';
if (($s && $port == "443") || (!$s && $port == "80")) {
$p = '';
} else {
$p = ':' . $port;
}
return "http$s://$host$p$path";
}
/**
* Build a URL to a server action
*/
function buildURL($action=null, $escaped=true)
{
$url = getServerURL();
if ($action) {
$url .= '/' . $action;
}
return $escaped ? htmlspecialchars($url, ENT_QUOTES) : $url;
}
/**
* Extract the current action from the request
*/
function getAction()
{
$path_info = @$_SERVER['PATH_INFO'];
$action = ($path_info) ? substr($path_info, 1) : '';
$function_name = 'action_' . $action;
return $function_name;
}
/**
* Write the response to the request
*/
function writeResponse($resp)
{
list ($headers, $body) = $resp;
array_walk($headers, 'header');
header(header_connection_close);
print $body;
}
/**
* Instantiate a new OpenID server object
*/
function getServer()
{
static $server = null;
if (!isset($server)) {
$server =& new Auth_OpenID_Server(getOpenIDStore());
}
return $server;
}
/**
* Return whether the trust root is currently trusted
*/
function isTrusted($identity_url, $trust_root)
{
// from config.php
global $trusted_sites;
if ($identity_url != getLoggedInUser()) {
return false;
}
if (in_array($trust_root, $trusted_sites)) {
return true;
}
$sites = getSessionSites();
return isset($sites[$trust_root]) && $sites[$trust_root];
}
/**
* Return a hashed form of the user's password
*/
function hashPassword($password)
{
return bin2hex(Auth_OpenID_SHA1($password));
}
/**
* Check the user's login information
*/
function checkLogin($openid_url, $password)
{
// from config.php
global $openid_users;
$hash = hashPassword($password);
return isset($openid_users[$openid_url])
&& $hash == $openid_users[$openid_url];
}
/**
* Get the openid_url out of the cookie
*
* @return mixed $openid_url The URL that was stored in the cookie or
* false if there is none present or if the cookie is bad.
*/
function getLoggedInUser()
{
return isset($_SESSION['openid_url'])
? $_SESSION['openid_url']
: false;
}
/**
* Set the openid_url in the cookie
*
* @param mixed $identity_url The URL to set. If set to null, the
* value will be unset.
*/
function setLoggedInUser($identity_url=null)
{
if (!isset($identity_url)) {
unset($_SESSION['openid_url']);
} else {
$_SESSION['openid_url'] = $identity_url;
}
}
function setSessionSites($sites=null)
{
if (!isset($sites)) {
unset($_SESSION['session_sites']);
} else {
$_SESSION['session_sites'] = serialize($sites);
}
}
function getSessionSites()
{
return isset($_SESSION['session_sites'])
? unserialize($_SESSION['session_sites'])
: false;
}
function getRequestInfo()
{
return isset($_SESSION['request'])
? unserialize($_SESSION['request'])
: false;
}
function setRequestInfo($info=null)
{
if (!isset($info)) {
unset($_SESSION['request']);
} else {
$_SESSION['request'] = serialize($info);
}
}
function getSreg($identity)
{
// from config.php
global $openid_sreg;
if (!is_array($openid_sreg)) {
return null;
}
return $openid_sreg[$identity];
}
?>

74
modules/member/php-openid-1.2.3/examples/server/openid-server.css Normal file
View file

@ -0,0 +1,74 @@
body {
padding: 0;
margin: 0;
}
#content {
padding: 0.5em;
max-width: 50em;
}
ul.error {
background: #ffaaaa;
border: 1px solid #ff0000;
padding: 0.5em;
padding-left: 1.5em;
}
.login th {
text-align: left;
}
div.form {
border: thin solid #777777;
background: #dddddd;
padding: 0.5em;
margin-top: 1em;
}
div.navigation {
border-bottom: thin solid #cccccc;
background: #eeeeee;
font-size: smaller;
padding: 0.5em;
}
div.navigation h2 {
margin-top: 0;
}
div.navigation p {
margin: 0;
}
div.navigation ul {
margin: 0;
}
div.login p {
margin-top: 0;
}
h1 {
margin-top: 0;
}
pre {
padding: 1em;
border: 1px solid black;
background: #ffeebb;
}
#checkup {
background: url('http://www.openidenabled.com/favicon.ico') no-repeat;
padding-left: 16px;
}
th {
text-align: left;
}
table {
border-collapse: collapse;
margin-bottom: 1em;
}

45
modules/member/php-openid-1.2.3/examples/server/server.php Normal file
View file

@ -0,0 +1,45 @@
<?php
$path_extra = dirname(dirname(dirname(__FILE__)));
$path = ini_get('include_path');
$path = $path_extra . PATH_SEPARATOR . $path;
ini_set('include_path', $path);
$try_include = @include 'config.php';
if (!$try_include) {
header("Location: setup.php");
}
if (function_exists('getOpenIDStore') && isset($openid_users)) {
require_once 'lib/session.php';
require_once 'lib/actions.php';
init();
$action = getAction();
if (!function_exists($action)) {
$action = 'action_default';
}
$resp = $action();
writeResponse($resp);
} else {
?>
<html>
<head>
<title>PHP OpenID Server</title>
<body>
<h1>PHP OpenID Server</h1>
<p>
This server needs to be configured before it can be used. Edit
<code>config.php</code> to reflect your server's setup, then
load this page again.
</p>
</body>
</head>
</html>
<?php
}
?>

690
modules/member/php-openid-1.2.3/examples/server/setup.php Normal file
View file

@ -0,0 +1,690 @@
<?php
/**
* OpenID server configuration script.
*
* This script generates a config.php file needed by the server
* example.
*
* @package OpenID.Examples
* @author JanRain, Inc. <openid@janrain.com>
* @copyright 2005 Janrain, Inc.
* @license http://www.gnu.org/copyleft/lesser.html LGPL
*/
$path_extra = dirname(dirname(dirname(__FILE__)));
$path = ini_get('include_path');
$path = $path_extra . PATH_SEPARATOR . $path;
ini_set('include_path', $path);
require_once "Auth/OpenID.php";
/**
* Data.
*/
$store_types = array("Filesystem" => "Auth_OpenID_FileStore",
"MySQL" => "Auth_OpenID_MySQLStore",
"PostgreSQL" => "Auth_OpenID_PostgreSQLStore",
"SQLite" => "Auth_OpenID_SQLiteStore");
/**
* Main.
*/
$messages = array();
session_start();
init_session();
if (!check_session() ||
isset($_GET['add_openid'])) {
render_form();
} else {
print generate_config(isset($_GET['download']));
}
/**
* Functions.
*/
function check_url($url) {
return (Auth_OpenID::normalizeUrl($url) !== null);
}
function build_url() {
$port = (($_SERVER['SERVER_PORT'] == 80) ? null : $_SERVER['SERVER_PORT']);
$parts = explode("/", $_SERVER['SERVER_PROTOCOL']);
$scheme = strtolower($parts[0]);
if ($port) {
return sprintf("%s://%s:%s%s/server.php", $scheme, $_SERVER['SERVER_NAME'],
$port, dirname($_SERVER['PHP_SELF']));
} else {
return sprintf("%s://%s%s/server.php", $scheme, $_SERVER['SERVER_NAME'],
dirname($_SERVER['PHP_SELF']));
}
}
function check_open_basedir($path) {
if (ini_get('open_basedir')) {
$parts = explode(PATH_SEPARATOR, ini_get('open_basedir'));
$found = false;
foreach ($parts as $p) {
if (strpos($path, $p) === 0) {
$found = true;
break;
}
}
return $found;
} else {
return true;
}
}
function check_session() {
global $messages;
if ($_GET && isset($_GET['clear'])) {
session_destroy();
$_SESSION = array();
init_session();
return false;
}
$bad_path = false;
if (isset($_GET['generate'])) {
if (!$_SESSION['server_url']) {
$messages[] = "Please enter a server URL.";
}
if (!$_SESSION['store_type']) {
$messages[] = "No store type chosen.";
} else {
switch ($_SESSION['store_type']) {
case "Filesystem":
if (!$_SESSION['store_data']['fs_path']) {
$messages[] = "Please specify a filesystem store path.";
} else {
if (!check_open_basedir($_SESSION['store_data']['fs_path'])) {
$messages[] = "The filesystem store path violates PHP's <code>open_basedir</code> setting.";
$bad_path = true;
}
}
break;
case "SQLite":
if (!$_SESSION['store_data']['sqlite_path']) {
$messages[] = "Please specify a SQLite database path.";
} else {
if (!check_open_basedir($_SESSION['store_data']['sqlite_path'])) {
$messages[] = "The SQLite store path violates PHP's <code>open_basedir</code> setting.";
$bad_path = true;
}
}
break;
default:
if (!($_SESSION['store_data']['host'] &&
$_SESSION['store_data']['database'] &&
$_SESSION['store_data']['username'] &&
$_SESSION['store_data']['password'])) {
$messages[] = "Please specify database connection details.";
}
}
}
}
if ($_SESSION['store_type'] &&
$_SESSION['server_url'] &&
(parse_url($_SESSION['server_url']) !== false) &&
((($_SESSION['store_type'] == 'Filesystem') &&
$_SESSION['store_data']['fs_path']) ||
(($_SESSION['store_type'] == 'SQLite') &&
$_SESSION['store_data']['sqlite_path']) ||
($_SESSION['store_data']['host'] &&
$_SESSION['store_data']['username'] &&
$_SESSION['store_data']['database'] &&
$_SESSION['store_data']['password'])) &&
!$bad_path) {
return true;
}
return false;
}
function render_form() {
global $store_types, $fields, $messages;
$basedir_msg = "";
if (ini_get('open_basedir')) {
$basedir_msg = "</br><span class=\"notice\">Note: Due to the ".
"<code>open_basedir</code> php.ini setting, be sure to ".
"choose a path in one of the following directories:<ul><li>".
implode("<li>",
explode(PATH_SEPARATOR, ini_get('open_basedir'))).
"</ul></span>";
}
$sqlite_found = false;
if (extension_loaded('sqlite') ||
@dl('sqlite.' . PHP_SHLIB_SUFFIX)) {
$sqlite_found = true;
}
$mysql_found = false;
if (extension_loaded('mysql') ||
@dl('mysql.' . PHP_SHLIB_SUFFIX)) {
$mysql_found = true;
}
$pgsql_found = false;
if (extension_loaded('pgsql') ||
@dl('pgsql.' . PHP_SHLIB_SUFFIX)) {
$pgsql_found = true;
}
?>
<html>
<head>
<style type="text/css">
span.label {
float: left;
width: 2in;
}
span.notice {
color: red;
font-size: 80%;
}
div p {
border-top: 1px solid #ccc;
font-style: italic;
padding-top: 0.5em;
}
div {
padding: 3px;
}
div.store_fields {
margin-left: 2in;
padding: default;
}
div.store_fields label.field {
float: left;
width: 1.75in;
}
div.store_fields > div {
border: 1px solid gray;
margin-bottom: 0.5em;
background: #eee;
}
div.store_fields > div > div {
margin-left: 0.4in;
}
div.errors {
background: #faa;
border: 1px solid red;
}
</style>
</head>
<body>
<h2>OpenID Example Server Configuration</h2>
<?
if ($messages) {
print "<div class=\"errors\">";
foreach ($messages as $m) {
print "<div>$m</div>";
}
print "</div>";
}
?>
<p>
Your browser has been redirected to this page so you can configure the
server example. This form will auto-generate an OpenID example server
configuration for use with the OpenID server example.
</p>
<form>
<div>
<p>
The server URL is the URL that points to the "server.php" file. It
looks like your server URL should be <code><? print build_url(); ?></code>.
</p>
<span class="label"><label for="i_server_url">Server URL:</label></span>
<span>
<input type="text" id="i_server_url" size="35" name="server_url"
value="<? print $_SESSION['server_url'] ?>">
</span>
</div>
<div>
<p>
If this package isn't installed in the PHP include path, the package's
directory should be added. For example, if the package is in
<code>/home/me/PHP-OpenID/</code>, you should enter that directory here.
</p>
<span class="label">
<label for="i_include_path">Include path (optional):</label>
</span>
<span>
<input type="text" id="i_include_path" size="35" name="include_path"
value="<? print $_SESSION['include_path'] ?>">
</span>
</div>
<div>
<p>
The server needs to store OpenID information in a "store". The
following store types are available on your PHP installation:
</p>
<span class="label">Store method:</span>
<div class="store_fields">
<div>
<input type="radio" name="store_type" value="Filesystem"
id="i_filesystem"<? if ($_SESSION['store_type'] == 'Filesystem') { print " CHECKED"; } ?>>
<label for="i_filesystem">Filesystem</label>
<div>
<label for="i_fs_path" class="field">Filesystem path:</label>
<input type="text" name="fs_path" id="i_fs_path"
value="<? print $_SESSION['store_data']['fs_path']; ?>">
<? print $basedir_msg; ?>
</div>
</div>
<? if ($sqlite_found) { ?>
<div>
<input type="radio" name="store_type" value="SQLite"
id="i_sqlite"<? if ($_SESSION['store_type'] == 'SQLite') { print " CHECKED"; } ?>>
<label for="i_sqlite">SQLite</label>
<div>
<label for="i_sqlite_path" class="field">SQLite database path:</label>
<input type="text" value="<? print $_SESSION['store_data']['sqlite_path']; ?>"
name="sqlite_path" id="i_sqlite_path">
<? print $basedir_msg; ?>
</div>
</div>
<? } ?>
<? if ($mysql_found || $pgsql_found) { ?>
<div>
<? if ($mysql_found) { ?>
<input type="radio" name="store_type" value="MySQL"
id="i_mysql"<? if ($_SESSION['store_type'] == 'MySQL') { print " CHECKED"; } ?>>
<label for="i_mysql">MySQL</label>
<? } ?>
<? if ($pgsql_found) { ?>
<input type="radio" name="store_type" value="PostgreSQL"
id="i_pgsql"<? if ($_SESSION['store_type'] == 'PostgreSQL') { print " CHECKED"; } ?>>
<label for="i_pgsql">PostgreSQL</label>
<? } ?>
<div>
<label for="i_m_host" class="field">Host:</label>
<input type="text" value="<? print $_SESSION['store_data']['host']; ?>" name="host" id="i_m_host">
</div>
<div>
<label for="i_m_database" class="field">Database:</label>
<input value="<? print $_SESSION['store_data']['database']; ?>" type="text" name="database" id="i_m_database">
</div>
<div>
<label for="i_m_username" class="field">Username:</label>
<input type="text" name="username" id="i_m_username" value="<? print $_SESSION['store_data']['username']; ?>">
</div>
<div>
<label for="i_m_password" class="field">Password:</label>
<input type="password" name="password" id="i_m_password" value="<? print $_SESSION['store_data']['password']; ?>">
</div>
</div>
<? } ?>
</div>
</div>
<div>
<p>
Your OpenID server will need to know what URLs it can authenticate. Supply URLs and passwords here.
</p>
<span class="label">OpenID URLs to serve:</span>
<div class="store_fields">
<?
if ($_SESSION['users']) {
print "<div><table><tr><th>OpenID URL</th><th>Password Hash</th></tr>";
foreach ($_SESSION['users'] as $url => $p) {
print "<tr><td>".$url."</td><td>".$p."</td></tr>";
}
print "</table></div>";
}
?>
<div>
<span>Add an OpenID:</span>
<div>
<label for="i_add_user" class="field">OpenID URL:</label><input type="text" name="openid_url" id="i_add_user">
</div>
<div>
<label for="i_p1" class="field">Password:</label><input type="password" name="p1" id="i_p1">
</div>
<div>
<label for="i_p2" class="field">Password (confirm):</label><input type="password" name="p2" id="i_p2">
</div>
<input type="submit" name="add_openid" value="Add OpenID">
</div>
</div>
</div>
<div>
<p>
Your OpenID server can be configured to trust a set of sites by default. Enter those here.
</p>
<span class="label">Trusted sites:</span>
<div class="store_fields">
<?
if ($_SESSION['trust_roots']) {
print "<div><table><tr><th>Trusted site URL</th></tr>";
foreach ($_SESSION['trust_roots'] as $url) {
print "<tr><td>".$url."</td></tr>";
}
print "</table></div>";
}
?>
<div>
<span>Add a trusted site:</span>
<div>
<label for="i_tr" class="field">Trusted site URL:</label><input type="text" name="trust_root" id="i_tr">
</div>
</div>
</div>
</div>
<input type="submit" name="generate" value="Generate Configuration">
</form>
</body>
</html>
<?
}
function init_session() {
global $messages;
// Set a guess value for the server url.
if (!array_key_exists('server_url', $_SESSION)) {
$_SESSION['server_url'] = build_url();
}
foreach (array('server_url', 'include_path', 'store_type') as $key) {
if (!isset($_SESSION[$key])) {
$_SESSION[$key] = "";
}
}
if (!isset($_SESSION['store_data'])) {
$_SESSION['store_data'] = array();
}
if (!isset($_SESSION['users'])) {
$_SESSION['users'] = array();
}
if (!isset($_SESSION['trust_roots'])) {
$_SESSION['trust_roots'] = array();
}
foreach (array('server_url', 'include_path', 'store_type') as $field) {
if (array_key_exists($field, $_GET)) {
$_SESSION[$field] = $_GET[$field];
}
}
foreach (array('username', 'password', 'database', 'host', 'fs_path', 'sqlite_path') as $field) {
if (array_key_exists($field, $_GET)) {
$_SESSION['store_data'][$field] = $_GET[$field];
}
}
if ($_GET &&
isset($_GET['add_openid']) &&
isset($_GET['openid_url']) &&
isset($_GET['p1']) &&
isset($_GET['p2']) &&
$_GET['p1'] == $_GET['p2'] &&
$_GET['p1']) {
if (check_url($_GET['openid_url'])) {
$normalized = Auth_OpenID::normalizeUrl($_GET['openid_url']);
$_SESSION['users'][$normalized] = sha1($_GET['p1']);
} else {
$messages[] = "Cannot add OpenID URL; '".$_GET['openid_url']."' doesn't look like a URL.";
}
} else if ($_GET &&
isset($_GET['trust_root']) &&
$_GET['trust_root']) {
if (!in_array($_GET['trust_root'], $_SESSION['trust_roots'])) {
$_SESSION['trust_roots'][] = $_GET['trust_root'];
}
} else if ($_GET &&
isset($_GET['del_user'])) {
unset($_SESSION['users'][$_GET['del_user']]);
}
}
function generate_config($download = false) {
if ($download) {
// Emit headers to force browser download.
header("Content-type: text/plain");
header("Content-disposition: attachment; filename=config.php");
} else {
?>
<html>
<body>
<h2>OpenID Example Server Configuration</h2>
<p>
Put the following text into <strong><? print dirname(__FILE__); print DIRECTORY_SEPARATOR; ?>config.php</strong>.
</p>
<p>
<a href="setup.php?clear=1">Back to form</a> (resets settings)
</p>
<p>
<a href="setup.php?download=1">Download this configuration</a>
</p>
<pre style="border: 1px solid gray; background: #eee; padding: 5px;">
<?
}
?>
<? if ($_SESSION['include_path']) { ?>
/**
* Set any extra include paths needed to use the library
*/
set_include_path(get_include_path() . PATH_SEPARATOR . "<?
print $_SESSION['include_path'];
?>");
<? } ?>
/**
* The URL for the server.
*
* This is the location of server.php. For example:
*
* $server_url = 'http://example.com/~user/server.php';
*
* This must be a full URL.
*/
$server_url = "<?
print $_SESSION['server_url'];
?>";
/**
* Initialize an OpenID store
*
* @return object $store an instance of OpenID store (see the
* documentation for how to create one)
*/
function getOpenIDStore()
{
<?
switch ($_SESSION['store_type']) {
case "Filesystem":
print "require_once \"Auth/OpenID/FileStore.php\";\n ";
print "return new Auth_OpenID_FileStore(\"".$_SESSION['store_data']['fs_path']."\");\n";
break;
case "SQLite":
print "require_once \"Auth/OpenID/SQLiteStore.php\";\n ";
print "return new Auth_OpenID_SQLiteStore(\"".$_SESSION['store_data']['sqlite_path']."\");\n";
break;
case "MySQL":
?>require_once 'Auth/OpenID/MySQLStore.php';
require_once 'DB.php';
$dsn = array(
'phptype' => 'mysql',
'username' => '<? print $_SESSION['store_data']['username']; ?>',
'password' => '<? print $_SESSION['store_data']['password']; ?>',
'hostspec' => '<? print $_SESSION['store_data']['host']; ?>'
);
$db =& DB::connect($dsn);
if (PEAR::isError($db)) {
return null;
}
$db->query("USE <? print $_SESSION['store_data']['database']; ?>");
return new Auth_OpenID_MySQLStore($db);
<?
break;
case "PostgreSQL":
?>require_once 'Auth/OpenID/PostgreSQLStore.php';
require_once 'DB.php';
$dsn = array(
'phptype' => 'pgsql',
'username' => '<? print $_SESSION['store_data']['username']; ?>',
'password' => '<? print $_SESSION['store_data']['password']; ?>',
'hostspec' => '<? print $_SESSION['store_data']['host']; ?>',
'database' => '<? print $_SESSION['store_data']['database']; ?>'
);
$db =& DB::connect($dsn);
if (PEAR::isError($db)) {
return null;
}
return new Auth_OpenID_PostgreSQLStore($db);
<?
break;
}
?>
}
/**
* Users who are allowed to log in to this OpenID server.
*
* This is an array from URL to password hash. The URL must include
* the proper OpenID server information in order to work with this
* server.
*
* This must be set for the server to be usable. If it is not set, no
* users will be able to log in.
*
* Example:
* $openid_users = array(
* 'http://joe.example.com/' => sha1('foo')
* )
*/
$openid_users = array(<?
$i = 0;
foreach ($_SESSION['users'] as $url => $hash) {
$i++;
print "\n '$url' => '$hash'";
if ($i < count($_SESSION['users'])) {
print ",";
}
}
?>
);
/**
* Trusted sites is an array of trust roots.
*
* Sites in this list will not have to be approved by the user in
* order to be used. It is OK to leave this value as-is.
*
* In a more robust server, this should be a per-user setting.
*/
$trusted_sites = array(<?
$i = 0;
foreach ($_SESSION['trust_roots'] as $url) {
$i++;
print "\n '$url'";
if ($i < count($_SESSION['trust_roots'])) {
print ",";
}
}
?>
);
<?
if (!$download) {
?>
</pre>
</body>
</html>
<?
}
} // end function generate_config ()
?>