fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-27 23:29:57 +09:00
Code Issues Projects Releases Packages Wiki Activity

17515512: JanRain php-openid library included, normalization fix

Browse source 
git-svn-id: http://xe-core.googlecode.com/svn/sandbox@5137 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
araste 2008-12-19 11:00:19 +00:00
parent f541dd59b9
commit 658c0e6dbc
219 changed files with 41415 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

5
modules/member/php-openid-1.2.3/examples/server/index.php Normal file
View file

@ -0,0 +1,5 @@
<?php
header("Location: server.php");
?>

169
modules/member/php-openid-1.2.3/examples/server/lib/actions.php Normal file
View file

@ -0,0 +1,169 @@
<?php
require_once "lib/common.php";
require_once "lib/session.php";
require_once "lib/render.php";
require_once "lib/render/login.php";
require_once "lib/render/sites.php";
require_once "Auth/OpenID.php";
/**
* Handle a standard OpenID server request
*/
function action_default()
{
$server =& getServer();
$method = $_SERVER['REQUEST_METHOD'];
$request = null;
if ($method == 'GET') {
$request = $_GET;
} else {
$request = $_POST;
}
$request = Auth_OpenID::fixArgs($request);
$request = $server->decodeRequest($request);
if (!$request) {
return about_render();
}
setRequestInfo($request);
if (in_array($request->mode,
array('checkid_immediate', 'checkid_setup'))) {
if (isTrusted($request->identity, $request->trust_root)) {
$response =& $request->answer(true);
$sreg = getSreg($request->identity);
if (is_array($sreg)) {
foreach ($sreg as $k => $v) {
$response->addField('sreg', $k,
$v);
}
}
} else if ($request->immediate) {
$response =& $request->answer(false, getServerURL());
} else {
if (!getLoggedInUser()) {
return login_render();
}
return trust_render($request);
}
} else {
$response =& $server->handleRequest($request);
}
$webresponse =& $server->encodeResponse($response);
foreach ($webresponse->headers as $k => $v) {
header("$k: $v");
}
header(header_connection_close);
print $webresponse->body;
exit(0);
}
/**
* Log out the currently logged in user
*/
function action_logout()
{
setLoggedInUser(null);
setRequestInfo(null);
return authCancel(null);
}
/**
* Check the input values for a login request
*/
function login_checkInput($input)
{
$openid_url = false;
$errors = array();
if (!isset($input['openid_url'])) {
$errors[] = 'Enter an OpenID URL to continue';
}
if (!isset($input['password'])) {
$errors[] = 'Enter a password to continue';
}
if (count($errors) == 0) {
$openid_url = $input['openid_url'];
$openid_url = Auth_OpenID::normalizeUrl($openid_url);
$password = $input['password'];
if (!checkLogin($openid_url, $password)) {
$errors[] = 'The entered password does not match the ' .
'entered identity URL.';
}
}
return array($errors, $openid_url);
}
/**
* Log in a user and potentially continue the requested identity approval
*/
function action_login()
{
$method = $_SERVER['REQUEST_METHOD'];
switch ($method) {
case 'GET':
return login_render();
case 'POST':
$info = getRequestInfo();
$fields = $_POST;
if (isset($fields['cancel'])) {
return authCancel($info);
}
list ($errors, $openid_url) = login_checkInput($fields);
if (count($errors) || !$openid_url) {
$needed = $info ? $info->identity : false;
return login_render($errors, @$fields['openid_url'], $needed);
} else {
setLoggedInUser($openid_url);
return doAuth($info);
}
default:
return login_render(array('Unsupported HTTP method: $method'));
}
}
/**
* Ask the user whether he wants to trust this site
*/
function action_trust()
{
$info = getRequestInfo();
$trusted = isset($_POST['trust']);
if ($info && isset($_POST['remember'])) {
$sites = getSessionSites();
$sites[$info->trust_root] = $trusted;
setSessionSites($sites);
}
return doAuth($info, $trusted, true);
}
function action_sites()
{
$sites = getSessionSites();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_POST['forget'])) {
$sites = null;
setSessionSites($sites);
} elseif (isset($_POST['remove'])) {
foreach ($_POST as $k => $v) {
if (preg_match('/^site[0-9]+$/', $k) && isset($sites[$v])) {
unset($sites[$v]);
}
}
setSessionSites($sites);
}
}
return sites_render($sites);
}
?>

63
modules/member/php-openid-1.2.3/examples/server/lib/common.php Normal file
View file

@ -0,0 +1,63 @@
<?php
require_once "lib/render.php";
require_once "lib/session.php";
require_once "lib/render/login.php";
require_once "lib/render/about.php";
require_once "lib/render/trust.php";
require_once "Auth/OpenID/Server.php";
require_once "Auth/OpenID/HMACSHA1.php";
function authCancel($info)
{
if ($info) {
setRequestInfo();
$url = $info->getCancelURL();
} else {
$url = getServerURL();
}
return redirect_render($url);
}
function doAuth($info, $trusted=null, $fail_cancels=false)
{
if (!$info) {
// There is no authentication information, so bail
return authCancel(null);
}
$req_url = $info->identity;
$user = getLoggedInUser();
setRequestInfo($info);
if ($req_url != $user) {
return login_render(array(), $req_url, $req_url);
}
$sites = getSessionSites();
$trust_root = $info->trust_root;
$fail_cancels = $fail_cancels || isset($sites[$trust_root]);
$trusted = isset($trusted) ? $trusted : isTrusted($req_url, $trust_root);
if ($trusted) {
setRequestInfo();
$server =& getServer();
$response =& $info->answer(true);
$webresponse =& $server->encodeResponse($response);
$new_headers = array();
foreach ($webresponse->headers as $k => $v) {
$new_headers[] = $k.": ".$v;
}
return array($new_headers, $webresponse->body);
} elseif ($fail_cancels) {
return authCancel($info);
} else {
return trust_render($info);
}
}
?>

112
modules/member/php-openid-1.2.3/examples/server/lib/render.php Normal file
View file

@ -0,0 +1,112 @@
<?php
define('page_template',
'<html>
<head>
<title>%s</title>
%s
</head>
<body>
%s
<div id="content">
<h1>%s</h1>
%s
</div>
</body>
</html>');
define('logged_in_pat', 'You are logged in as %s.');
/**
* HTTP response line contstants
*/
define('http_bad_request', 'HTTP/1.1 400 Bad Request');
define('http_found', 'HTTP/1.1 302 Found');
define('http_ok', 'HTTP/1.1 200 OK');
define('http_internal_error', 'HTTP/1.1 500 Internal Error');
/**
* HTTP header constants
*/
define('header_connection_close', 'Connection: close');
define('header_content_text', 'Content-Type: text/plain; charset=us-ascii');
define('redirect_message',
'Please wait; you are being redirected to <%s>');
/**
* Return a string containing an anchor tag containing the given URL
*
* The URL does not need to be quoted, but if text is passed in, then
* it does.
*/
function link_render($url, $text=null) {
$esc_url = htmlspecialchars($url, ENT_QUOTES);
$text = ($text === null) ? $esc_url : $text;
return sprintf('<a href="%s">%s</a>', $esc_url, $text);
}
/**
* Return an HTTP redirect response
*/
function redirect_render($redir_url)
{
$headers = array(http_found,
header_content_text,
header_connection_close,
'Location: ' . $redir_url,
);
$body = sprintf(redirect_message, $redir_url);
return array($headers, $body);
}
function navigation_render($msg, $items)
{
$what = link_render(buildURL(), 'PHP OpenID Server');
if ($msg) {
$what .= ' &mdash; ' . $msg;
}
if ($items) {
$s = '<p>' . $what . '</p><ul class="bottom">';
foreach ($items as $action => $text) {
$url = buildURL($action);
$s .= sprintf('<li>%s</li>', link_render($url, $text));
}
$s .= '</ul>';
} else {
$s = '<p class="bottom">' . $what . '</p>';
}
return sprintf('<div class="navigation">%s</div>', $s);
}
/**
* Render an HTML page
*/
function page_render($body, $user, $title, $h1=null, $login=false)
{
$h1 = $h1 ? $h1 : $title;
if ($user) {
$msg = sprintf(logged_in_pat, link_render($user));
$nav = array('logout' => 'Log Out',
'sites' => 'Remembered Sites',
);
$navigation = navigation_render($msg, $nav);
} else {
if (!$login) {
$msg = link_render(buildURL('login'), 'Log In');
$navigation = navigation_render($msg, array());
} else {
$navigation = '';
}
}
$style = getStyle();
$text = sprintf(page_template, $title, $style, $navigation, $h1, $body);
// No special headers here
$headers = array();
return array($headers, $text);
}
?>

58
modules/member/php-openid-1.2.3/examples/server/lib/render/about.php Normal file
View file

@ -0,0 +1,58 @@
<?php
require_once "lib/session.php";
require_once "lib/render.php";
define('about_error_template',
'<div class="error">
An error occurred when processing your request:
<br />
%s
</div>');
define('about_body',
'<p>
This is an <a href="http://www.openid.net/">OpenID</a> server
endpoint. This server is built on the <a
href="http://www.openidenabled.com/openid/libraries/php">JanRain PHP OpenID
library</a>. Since OpenID consumer sites will need to directly contact this
server, it must be accessible over the Internet (not behind a firewall).
</p>
<p>
To use this server, you will have to set up a URL to use as an identifier.
Insert the following markup into the <code>&lt;head&gt;</code> of the HTML
document at that URL:
</p>
<pre>&lt;link rel="openid.server" href="%s" /&gt;</pre>
<p>
Then configure this server so that you can log in with that URL. Once you
have configured the server, and marked up your identity URL, you can verify
that it is working by using the <a href="http://www.openidenabled.com/"
>openidenabled.com</a>
<a href="http://www.openidenabled.com/resources/openid-test/checkup">OpenID
Checkup tool</a>:
<form method="post"
action="http://www.openidenabled.com/resources/openid-test/checkup/start">
<label for="checkup">OpenID URL:
</label><input id="checkup" type="text" name="openid_url" />
<input type="submit" value="Check" />
</form>
</p>
');
/**
* Render the about page, potentially with an error message
*/
function about_render($error=false, $internal=true)
{
$headers = array();
$body = sprintf(about_body, buildURL());
if ($error) {
$headers[] = $internal ? http_internal_error : http_bad_request;
$body .= sprintf(about_error_template, htmlspecialchars($error));
}
$current_user = getLoggedInUser();
return page_render($body, $current_user, 'OpenID Server Endpoint');
}
?>

65
modules/member/php-openid-1.2.3/examples/server/lib/render/login.php Normal file
View file

@ -0,0 +1,65 @@
<?php
require_once "lib/session.php";
require_once "lib/render.php";
define('login_form_pat',
'<div class="form">
<p>
Enter your identity URL and password into this form to log in to
this server. This server must be configured to accept your identity URL.
</p>
<form method="post" action="%s">
<table>
<tr>
<th><label for="openid_url">OpenID URL:</label></th>
<td><input type="text" name="openid_url"
value="%s" id="openid_url" /></td>
</tr>
<tr>
<th><label for="password">Password:</label></th>
<td><input type="password" name="password" id="password" /></td>
</tr>
<tr>
<td colspan="2">
<input type="submit" value="Log in" />
<input type="submit" name="cancel" value="Cancel" />
</td>
</tr>
</table>
</form>
</div>
');
define('login_needed_pat',
'You must be logged in as %s to approve this request.');
function login_render($errors=null, $input=null, $needed=null)
{
$current_user = getLoggedInUser();
if ($input === null) {
$input = $current_user;
}
if ($needed) {
$errors[] = sprintf(login_needed_pat, link_render($needed));
}
$esc_input = htmlspecialchars($input, ENT_QUOTES);
$login_url = buildURL('login', true);
$body = sprintf(login_form_pat, $login_url, $esc_input);
if ($errors) {
$body = loginError_render($errors) . $body;
}
return page_render($body, $current_user, 'Log In', null, true);
}
function loginError_render($errors)
{
$text = '';
foreach ($errors as $error) {
$text .= sprintf("<li>%s</li>\n", $error);
}
return sprintf("<ul class=\"error\">\n%s</ul>\n", $text);
}
?>

83
modules/member/php-openid-1.2.3/examples/server/lib/render/sites.php Normal file
View file

@ -0,0 +1,83 @@
<?php
require_once "lib/session.php";
define('sites_form',
'<p>These decisions have been remembered for this session. All decisions
will be forgotten when the session ends.</p>
<div class="form">
<form method="post" action="%s">
<table>
<tbody>
%s
</tbody>
</table>
<input type="submit" name="remove" value="Remove Selected" />
<input type="submit" name="refresh" value="Refresh List" />
<input type="submit" name="forget" value="Forget All" />
</form>
</div>
');
define('sites_empty_message',
'<p>
No sites are remembered for this session. When you authenticate with a site,
you can choose to add it to this list by choosing <q>Remember this
decision</q>.
</p>
<p>%s</p>
');
define('sites_row',
'<tr>
<td><input type="checkbox" name=%s value="%s" id=%s /></td>
<td><label for=%s><code>%s</code></label></td>
</tr>');
function siteListRow_render($i, $site)
{
$esc_site = htmlspecialchars($site, ENT_QUOTES);
$id = sprintf('"site%s"', $i);
return sprintf(sites_row, $id, $esc_site, $id, $id, $esc_site);
}
function siteList_render($sites)
{
$trusted_sites = array();
$untrusted_sites = array();
foreach ($sites as $site => $trusted) {
if ($trusted) {
$trusted_sites[] = $site;
} else {
$untrusted_sites[] = $site;
}
}
$rows = '';
$i = 0;
foreach (array('Trusted Sites' => $trusted_sites,
'Untrusted Sites' => $untrusted_sites) as
$name => $sites) {
if ($sites) {
$rows .= '<tr><th colspan="2">'. $name . '</th></tr>';
foreach ($sites as $site) {
$rows .= siteListRow_render($i, $site);
$i += 1;
}
}
}
return $rows;
}
function sites_render($sites)
{
if ($sites) {
$rows = siteList_render($sites);
$form = sprintf(sites_form, buildURL('sites'), $rows);
$body = $pre . $form;
} else {
$body = sprintf(sites_empty_message, link_render(buildURL(''), 'Return home'));
}
return page_render($body, getLoggedInUser(), 'Remembered Sites');
}
?>

29
modules/member/php-openid-1.2.3/examples/server/lib/render/trust.php Normal file
View file

@ -0,0 +1,29 @@
<?php
require_once "lib/session.php";
require_once "lib/render.php";
define('trust_form_pat',
'<div class="form">
<p>Do you wish to confirm your identity URL (<code>%s</code>) with <code>%s</code>?</p>
<form method="post" action="%s">
<input type="checkbox" name="remember" value="on" id="remember"><label
for="remember">Remember this decision</label>
<br />
<input type="submit" name="trust" value="Confirm" />
<input type="submit" value="Do not confirm" />
</form>
</div>
');
function trust_render($info)
{
$current_user = getLoggedInUser();
$lnk = link_render($current_user);
$trust_root = htmlspecialchars($info->trust_root);
$trust_url = buildURL('trust', true);
$form = sprintf(trust_form_pat, $lnk, $trust_root, $trust_url);
return page_render($form, $current_user, 'Trust This Site');
}
?>

205
modules/member/php-openid-1.2.3/examples/server/lib/session.php Normal file
View file

@ -0,0 +1,205 @@
<?php
require_once "config.php";
require_once "lib/render.php";
require_once "Auth/OpenID/Server.php";
/**
* Set up the session
*/
function init()
{
session_name('openid_server');
session_start();
}
/**
* Get the style markup
*/
function getStyle()
{
$parent = rtrim(dirname(getServerURL()), '/');
$url = htmlspecialchars($parent . '/openid-server.css', ENT_QUOTES);
return sprintf('<link rel="stylesheet" type="text/css" href="%s" />', $url);
}
/**
* Get the URL of the current script
*/
function getServerURL()
{
$path = $_SERVER['SCRIPT_NAME'];
$host = $_SERVER['HTTP_HOST'];
$port = $_SERVER['SERVER_PORT'];
$s = $_SERVER['HTTPS'] ? 's' : '';
if (($s && $port == "443") || (!$s && $port == "80")) {
$p = '';
} else {
$p = ':' . $port;
}
return "http$s://$host$p$path";
}
/**
* Build a URL to a server action
*/
function buildURL($action=null, $escaped=true)
{
$url = getServerURL();
if ($action) {
$url .= '/' . $action;
}
return $escaped ? htmlspecialchars($url, ENT_QUOTES) : $url;
}
/**
* Extract the current action from the request
*/
function getAction()
{
$path_info = @$_SERVER['PATH_INFO'];
$action = ($path_info) ? substr($path_info, 1) : '';
$function_name = 'action_' . $action;
return $function_name;
}
/**
* Write the response to the request
*/
function writeResponse($resp)
{
list ($headers, $body) = $resp;
array_walk($headers, 'header');
header(header_connection_close);
print $body;
}
/**
* Instantiate a new OpenID server object
*/
function getServer()
{
static $server = null;
if (!isset($server)) {
$server =& new Auth_OpenID_Server(getOpenIDStore());
}
return $server;
}
/**
* Return whether the trust root is currently trusted
*/
function isTrusted($identity_url, $trust_root)
{
// from config.php
global $trusted_sites;
if ($identity_url != getLoggedInUser()) {
return false;
}
if (in_array($trust_root, $trusted_sites)) {
return true;
}
$sites = getSessionSites();
return isset($sites[$trust_root]) && $sites[$trust_root];
}
/**
* Return a hashed form of the user's password
*/
function hashPassword($password)
{
return bin2hex(Auth_OpenID_SHA1($password));
}
/**
* Check the user's login information
*/
function checkLogin($openid_url, $password)
{
// from config.php
global $openid_users;
$hash = hashPassword($password);
return isset($openid_users[$openid_url])
&& $hash == $openid_users[$openid_url];
}
/**
* Get the openid_url out of the cookie
*
* @return mixed $openid_url The URL that was stored in the cookie or
* false if there is none present or if the cookie is bad.
*/
function getLoggedInUser()
{
return isset($_SESSION['openid_url'])
? $_SESSION['openid_url']
: false;
}
/**
* Set the openid_url in the cookie
*
* @param mixed $identity_url The URL to set. If set to null, the
* value will be unset.
*/
function setLoggedInUser($identity_url=null)
{
if (!isset($identity_url)) {
unset($_SESSION['openid_url']);
} else {
$_SESSION['openid_url'] = $identity_url;
}
}
function setSessionSites($sites=null)
{
if (!isset($sites)) {
unset($_SESSION['session_sites']);
} else {
$_SESSION['session_sites'] = serialize($sites);
}
}
function getSessionSites()
{
return isset($_SESSION['session_sites'])
? unserialize($_SESSION['session_sites'])
: false;
}
function getRequestInfo()
{
return isset($_SESSION['request'])
? unserialize($_SESSION['request'])
: false;
}
function setRequestInfo($info=null)
{
if (!isset($info)) {
unset($_SESSION['request']);
} else {
$_SESSION['request'] = serialize($info);
}
}
function getSreg($identity)
{
// from config.php
global $openid_sreg;
if (!is_array($openid_sreg)) {
return null;
}
return $openid_sreg[$identity];
}
?>

74
modules/member/php-openid-1.2.3/examples/server/openid-server.css Normal file
View file

@ -0,0 +1,74 @@
body {
padding: 0;
margin: 0;
}
#content {
padding: 0.5em;
max-width: 50em;
}
ul.error {
background: #ffaaaa;
border: 1px solid #ff0000;
padding: 0.5em;
padding-left: 1.5em;
}
.login th {
text-align: left;
}
div.form {
border: thin solid #777777;
background: #dddddd;
padding: 0.5em;
margin-top: 1em;
}
div.navigation {
border-bottom: thin solid #cccccc;
background: #eeeeee;
font-size: smaller;
padding: 0.5em;
}
div.navigation h2 {
margin-top: 0;
}
div.navigation p {
margin: 0;
}
div.navigation ul {
margin: 0;
}
div.login p {
margin-top: 0;
}
h1 {
margin-top: 0;
}
pre {
padding: 1em;
border: 1px solid black;
background: #ffeebb;
}
#checkup {
background: url('http://www.openidenabled.com/favicon.ico') no-repeat;
padding-left: 16px;
}
th {
text-align: left;
}
table {
border-collapse: collapse;
margin-bottom: 1em;
}

45
modules/member/php-openid-1.2.3/examples/server/server.php Normal file
View file

@ -0,0 +1,45 @@
<?php
$path_extra = dirname(dirname(dirname(__FILE__)));
$path = ini_get('include_path');
$path = $path_extra . PATH_SEPARATOR . $path;
ini_set('include_path', $path);
$try_include = @include 'config.php';
if (!$try_include) {
header("Location: setup.php");
}
if (function_exists('getOpenIDStore') && isset($openid_users)) {
require_once 'lib/session.php';
require_once 'lib/actions.php';
init();
$action = getAction();
if (!function_exists($action)) {
$action = 'action_default';
}
$resp = $action();
writeResponse($resp);
} else {
?>
<html>
<head>
<title>PHP OpenID Server</title>
<body>
<h1>PHP OpenID Server</h1>
<p>
This server needs to be configured before it can be used. Edit
<code>config.php</code> to reflect your server's setup, then
load this page again.
</p>
</body>
</head>
</html>
<?php
}
?>

690
modules/member/php-openid-1.2.3/examples/server/setup.php Normal file
View file

@ -0,0 +1,690 @@
<?php
/**
* OpenID server configuration script.
*
* This script generates a config.php file needed by the server
* example.
*
* @package OpenID.Examples
* @author JanRain, Inc. <openid@janrain.com>
* @copyright 2005 Janrain, Inc.
* @license http://www.gnu.org/copyleft/lesser.html LGPL
*/
$path_extra = dirname(dirname(dirname(__FILE__)));
$path = ini_get('include_path');
$path = $path_extra . PATH_SEPARATOR . $path;
ini_set('include_path', $path);
require_once "Auth/OpenID.php";
/**
* Data.
*/
$store_types = array("Filesystem" => "Auth_OpenID_FileStore",
"MySQL" => "Auth_OpenID_MySQLStore",
"PostgreSQL" => "Auth_OpenID_PostgreSQLStore",
"SQLite" => "Auth_OpenID_SQLiteStore");
/**
* Main.
*/
$messages = array();
session_start();
init_session();
if (!check_session() ||
isset($_GET['add_openid'])) {
render_form();
} else {
print generate_config(isset($_GET['download']));
}
/**
* Functions.
*/
function check_url($url) {
return (Auth_OpenID::normalizeUrl($url) !== null);
}
function build_url() {
$port = (($_SERVER['SERVER_PORT'] == 80) ? null : $_SERVER['SERVER_PORT']);
$parts = explode("/", $_SERVER['SERVER_PROTOCOL']);
$scheme = strtolower($parts[0]);
if ($port) {
return sprintf("%s://%s:%s%s/server.php", $scheme, $_SERVER['SERVER_NAME'],
$port, dirname($_SERVER['PHP_SELF']));
} else {
return sprintf("%s://%s%s/server.php", $scheme, $_SERVER['SERVER_NAME'],
dirname($_SERVER['PHP_SELF']));
}
}
function check_open_basedir($path) {
if (ini_get('open_basedir')) {
$parts = explode(PATH_SEPARATOR, ini_get('open_basedir'));
$found = false;
foreach ($parts as $p) {
if (strpos($path, $p) === 0) {
$found = true;
break;
}
}
return $found;
} else {
return true;
}
}
function check_session() {
global $messages;
if ($_GET && isset($_GET['clear'])) {
session_destroy();
$_SESSION = array();
init_session();
return false;
}
$bad_path = false;
if (isset($_GET['generate'])) {
if (!$_SESSION['server_url']) {
$messages[] = "Please enter a server URL.";
}
if (!$_SESSION['store_type']) {
$messages[] = "No store type chosen.";
} else {
switch ($_SESSION['store_type']) {
case "Filesystem":
if (!$_SESSION['store_data']['fs_path']) {
$messages[] = "Please specify a filesystem store path.";
} else {
if (!check_open_basedir($_SESSION['store_data']['fs_path'])) {
$messages[] = "The filesystem store path violates PHP's <code>open_basedir</code> setting.";
$bad_path = true;
}
}
break;
case "SQLite":
if (!$_SESSION['store_data']['sqlite_path']) {
$messages[] = "Please specify a SQLite database path.";
} else {
if (!check_open_basedir($_SESSION['store_data']['sqlite_path'])) {
$messages[] = "The SQLite store path violates PHP's <code>open_basedir</code> setting.";
$bad_path = true;
}
}
break;
default:
if (!($_SESSION['store_data']['host'] &&
$_SESSION['store_data']['database'] &&
$_SESSION['store_data']['username'] &&
$_SESSION['store_data']['password'])) {
$messages[] = "Please specify database connection details.";
}
}
}
}
if ($_SESSION['store_type'] &&
$_SESSION['server_url'] &&
(parse_url($_SESSION['server_url']) !== false) &&
((($_SESSION['store_type'] == 'Filesystem') &&
$_SESSION['store_data']['fs_path']) ||
(($_SESSION['store_type'] == 'SQLite') &&
$_SESSION['store_data']['sqlite_path']) ||
($_SESSION['store_data']['host'] &&
$_SESSION['store_data']['username'] &&
$_SESSION['store_data']['database'] &&
$_SESSION['store_data']['password'])) &&
!$bad_path) {
return true;
}
return false;
}
function render_form() {
global $store_types, $fields, $messages;
$basedir_msg = "";
if (ini_get('open_basedir')) {
$basedir_msg = "</br><span class=\"notice\">Note: Due to the ".
"<code>open_basedir</code> php.ini setting, be sure to ".
"choose a path in one of the following directories:<ul><li>".
implode("<li>",
explode(PATH_SEPARATOR, ini_get('open_basedir'))).
"</ul></span>";
}
$sqlite_found = false;
if (extension_loaded('sqlite') ||
@dl('sqlite.' . PHP_SHLIB_SUFFIX)) {
$sqlite_found = true;
}
$mysql_found = false;
if (extension_loaded('mysql') ||
@dl('mysql.' . PHP_SHLIB_SUFFIX)) {
$mysql_found = true;
}
$pgsql_found = false;
if (extension_loaded('pgsql') ||
@dl('pgsql.' . PHP_SHLIB_SUFFIX)) {
$pgsql_found = true;
}
?>
<html>
<head>
<style type="text/css">
span.label {
float: left;
width: 2in;
}
span.notice {
color: red;
font-size: 80%;
}
div p {
border-top: 1px solid #ccc;
font-style: italic;
padding-top: 0.5em;
}
div {
padding: 3px;
}
div.store_fields {
margin-left: 2in;
padding: default;
}
div.store_fields label.field {
float: left;
width: 1.75in;
}
div.store_fields > div {
border: 1px solid gray;
margin-bottom: 0.5em;
background: #eee;
}
div.store_fields > div > div {
margin-left: 0.4in;
}
div.errors {
background: #faa;
border: 1px solid red;
}
</style>
</head>
<body>
<h2>OpenID Example Server Configuration</h2>
<?
if ($messages) {
print "<div class=\"errors\">";
foreach ($messages as $m) {
print "<div>$m</div>";
}
print "</div>";
}
?>
<p>
Your browser has been redirected to this page so you can configure the
server example. This form will auto-generate an OpenID example server
configuration for use with the OpenID server example.
</p>
<form>
<div>
<p>
The server URL is the URL that points to the "server.php" file. It
looks like your server URL should be <code><? print build_url(); ?></code>.
</p>
<span class="label"><label for="i_server_url">Server URL:</label></span>
<span>
<input type="text" id="i_server_url" size="35" name="server_url"
value="<? print $_SESSION['server_url'] ?>">
</span>
</div>
<div>
<p>
If this package isn't installed in the PHP include path, the package's
directory should be added. For example, if the package is in
<code>/home/me/PHP-OpenID/</code>, you should enter that directory here.
</p>
<span class="label">
<label for="i_include_path">Include path (optional):</label>
</span>
<span>
<input type="text" id="i_include_path" size="35" name="include_path"
value="<? print $_SESSION['include_path'] ?>">
</span>
</div>
<div>
<p>
The server needs to store OpenID information in a "store". The
following store types are available on your PHP installation:
</p>
<span class="label">Store method:</span>
<div class="store_fields">
<div>
<input type="radio" name="store_type" value="Filesystem"
id="i_filesystem"<? if ($_SESSION['store_type'] == 'Filesystem') { print " CHECKED"; } ?>>
<label for="i_filesystem">Filesystem</label>
<div>
<label for="i_fs_path" class="field">Filesystem path:</label>
<input type="text" name="fs_path" id="i_fs_path"
value="<? print $_SESSION['store_data']['fs_path']; ?>">
<? print $basedir_msg; ?>
</div>
</div>
<? if ($sqlite_found) { ?>
<div>
<input type="radio" name="store_type" value="SQLite"
id="i_sqlite"<? if ($_SESSION['store_type'] == 'SQLite') { print " CHECKED"; } ?>>
<label for="i_sqlite">SQLite</label>
<div>
<label for="i_sqlite_path" class="field">SQLite database path:</label>
<input type="text" value="<? print $_SESSION['store_data']['sqlite_path']; ?>"
name="sqlite_path" id="i_sqlite_path">
<? print $basedir_msg; ?>
</div>
</div>
<? } ?>
<? if ($mysql_found || $pgsql_found) { ?>
<div>
<? if ($mysql_found) { ?>
<input type="radio" name="store_type" value="MySQL"
id="i_mysql"<? if ($_SESSION['store_type'] == 'MySQL') { print " CHECKED"; } ?>>
<label for="i_mysql">MySQL</label>
<? } ?>
<? if ($pgsql_found) { ?>
<input type="radio" name="store_type" value="PostgreSQL"
id="i_pgsql"<? if ($_SESSION['store_type'] == 'PostgreSQL') { print " CHECKED"; } ?>>
<label for="i_pgsql">PostgreSQL</label>
<? } ?>
<div>
<label for="i_m_host" class="field">Host:</label>
<input type="text" value="<? print $_SESSION['store_data']['host']; ?>" name="host" id="i_m_host">
</div>
<div>
<label for="i_m_database" class="field">Database:</label>
<input value="<? print $_SESSION['store_data']['database']; ?>" type="text" name="database" id="i_m_database">
</div>
<div>
<label for="i_m_username" class="field">Username:</label>
<input type="text" name="username" id="i_m_username" value="<? print $_SESSION['store_data']['username']; ?>">
</div>
<div>
<label for="i_m_password" class="field">Password:</label>
<input type="password" name="password" id="i_m_password" value="<? print $_SESSION['store_data']['password']; ?>">
</div>
</div>
<? } ?>
</div>
</div>
<div>
<p>
Your OpenID server will need to know what URLs it can authenticate. Supply URLs and passwords here.
</p>
<span class="label">OpenID URLs to serve:</span>
<div class="store_fields">
<?
if ($_SESSION['users']) {
print "<div><table><tr><th>OpenID URL</th><th>Password Hash</th></tr>";
foreach ($_SESSION['users'] as $url => $p) {
print "<tr><td>".$url."</td><td>".$p."</td></tr>";
}
print "</table></div>";
}
?>
<div>
<span>Add an OpenID:</span>
<div>
<label for="i_add_user" class="field">OpenID URL:</label><input type="text" name="openid_url" id="i_add_user">
</div>
<div>
<label for="i_p1" class="field">Password:</label><input type="password" name="p1" id="i_p1">
</div>
<div>
<label for="i_p2" class="field">Password (confirm):</label><input type="password" name="p2" id="i_p2">
</div>
<input type="submit" name="add_openid" value="Add OpenID">
</div>
</div>
</div>
<div>
<p>
Your OpenID server can be configured to trust a set of sites by default. Enter those here.
</p>
<span class="label">Trusted sites:</span>
<div class="store_fields">
<?
if ($_SESSION['trust_roots']) {
print "<div><table><tr><th>Trusted site URL</th></tr>";
foreach ($_SESSION['trust_roots'] as $url) {
print "<tr><td>".$url."</td></tr>";
}
print "</table></div>";
}
?>
<div>
<span>Add a trusted site:</span>
<div>
<label for="i_tr" class="field">Trusted site URL:</label><input type="text" name="trust_root" id="i_tr">
</div>
</div>
</div>
</div>
<input type="submit" name="generate" value="Generate Configuration">
</form>
</body>
</html>
<?
}
function init_session() {
global $messages;
// Set a guess value for the server url.
if (!array_key_exists('server_url', $_SESSION)) {
$_SESSION['server_url'] = build_url();
}
foreach (array('server_url', 'include_path', 'store_type') as $key) {
if (!isset($_SESSION[$key])) {
$_SESSION[$key] = "";
}
}
if (!isset($_SESSION['store_data'])) {
$_SESSION['store_data'] = array();
}
if (!isset($_SESSION['users'])) {
$_SESSION['users'] = array();
}
if (!isset($_SESSION['trust_roots'])) {
$_SESSION['trust_roots'] = array();
}
foreach (array('server_url', 'include_path', 'store_type') as $field) {
if (array_key_exists($field, $_GET)) {
$_SESSION[$field] = $_GET[$field];
}
}
foreach (array('username', 'password', 'database', 'host', 'fs_path', 'sqlite_path') as $field) {
if (array_key_exists($field, $_GET)) {
$_SESSION['store_data'][$field] = $_GET[$field];
}
}
if ($_GET &&
isset($_GET['add_openid']) &&
isset($_GET['openid_url']) &&
isset($_GET['p1']) &&
isset($_GET['p2']) &&
$_GET['p1'] == $_GET['p2'] &&
$_GET['p1']) {
if (check_url($_GET['openid_url'])) {
$normalized = Auth_OpenID::normalizeUrl($_GET['openid_url']);
$_SESSION['users'][$normalized] = sha1($_GET['p1']);
} else {
$messages[] = "Cannot add OpenID URL; '".$_GET['openid_url']."' doesn't look like a URL.";
}
} else if ($_GET &&
isset($_GET['trust_root']) &&
$_GET['trust_root']) {
if (!in_array($_GET['trust_root'], $_SESSION['trust_roots'])) {
$_SESSION['trust_roots'][] = $_GET['trust_root'];
}
} else if ($_GET &&
isset($_GET['del_user'])) {
unset($_SESSION['users'][$_GET['del_user']]);
}
}
function generate_config($download = false) {
if ($download) {
// Emit headers to force browser download.
header("Content-type: text/plain");
header("Content-disposition: attachment; filename=config.php");
} else {
?>
<html>
<body>
<h2>OpenID Example Server Configuration</h2>
<p>
Put the following text into <strong><? print dirname(__FILE__); print DIRECTORY_SEPARATOR; ?>config.php</strong>.
</p>
<p>
<a href="setup.php?clear=1">Back to form</a> (resets settings)
</p>
<p>
<a href="setup.php?download=1">Download this configuration</a>
</p>
<pre style="border: 1px solid gray; background: #eee; padding: 5px;">
<?
}
?>
<? if ($_SESSION['include_path']) { ?>
/**
* Set any extra include paths needed to use the library
*/
set_include_path(get_include_path() . PATH_SEPARATOR . "<?
print $_SESSION['include_path'];
?>");
<? } ?>
/**
* The URL for the server.
*
* This is the location of server.php. For example:
*
* $server_url = 'http://example.com/~user/server.php';
*
* This must be a full URL.
*/
$server_url = "<?
print $_SESSION['server_url'];
?>";
/**
* Initialize an OpenID store
*
* @return object $store an instance of OpenID store (see the
* documentation for how to create one)
*/
function getOpenIDStore()
{
<?
switch ($_SESSION['store_type']) {
case "Filesystem":
print "require_once \"Auth/OpenID/FileStore.php\";\n ";
print "return new Auth_OpenID_FileStore(\"".$_SESSION['store_data']['fs_path']."\");\n";
break;
case "SQLite":
print "require_once \"Auth/OpenID/SQLiteStore.php\";\n ";
print "return new Auth_OpenID_SQLiteStore(\"".$_SESSION['store_data']['sqlite_path']."\");\n";
break;
case "MySQL":
?>require_once 'Auth/OpenID/MySQLStore.php';
require_once 'DB.php';
$dsn = array(
'phptype' => 'mysql',
'username' => '<? print $_SESSION['store_data']['username']; ?>',
'password' => '<? print $_SESSION['store_data']['password']; ?>',
'hostspec' => '<? print $_SESSION['store_data']['host']; ?>'
);
$db =& DB::connect($dsn);
if (PEAR::isError($db)) {
return null;
}
$db->query("USE <? print $_SESSION['store_data']['database']; ?>");
return new Auth_OpenID_MySQLStore($db);
<?
break;
case "PostgreSQL":
?>require_once 'Auth/OpenID/PostgreSQLStore.php';
require_once 'DB.php';
$dsn = array(
'phptype' => 'pgsql',
'username' => '<? print $_SESSION['store_data']['username']; ?>',
'password' => '<? print $_SESSION['store_data']['password']; ?>',
'hostspec' => '<? print $_SESSION['store_data']['host']; ?>',
'database' => '<? print $_SESSION['store_data']['database']; ?>'
);
$db =& DB::connect($dsn);
if (PEAR::isError($db)) {
return null;
}
return new Auth_OpenID_PostgreSQLStore($db);
<?
break;
}
?>
}
/**
* Users who are allowed to log in to this OpenID server.
*
* This is an array from URL to password hash. The URL must include
* the proper OpenID server information in order to work with this
* server.
*
* This must be set for the server to be usable. If it is not set, no
* users will be able to log in.
*
* Example:
* $openid_users = array(
* 'http://joe.example.com/' => sha1('foo')
* )
*/
$openid_users = array(<?
$i = 0;
foreach ($_SESSION['users'] as $url => $hash) {
$i++;
print "\n '$url' => '$hash'";
if ($i < count($_SESSION['users'])) {
print ",";
}
}
?>
);
/**
* Trusted sites is an array of trust roots.
*
* Sites in this list will not have to be approved by the user in
* order to be used. It is OK to leave this value as-is.
*
* In a more robust server, this should be a per-user setting.
*/
$trusted_sites = array(<?
$i = 0;
foreach ($_SESSION['trust_roots'] as $url) {
$i++;
print "\n '$url'";
if ($i < count($_SESSION['trust_roots'])) {
print ",";
}
}
?>
);
<?
if (!$download) {
?>
</pre>
</body>
</html>
<?
}
} // end function generate_config ()
?>