phpPoA2
[ class tree: phpPoA2 ] [ index: phpPoA2 ] [ all elements ]

Source for file OpenIDAuthnEngine.php

Documentation is available at OpenIDAuthnEngine.php

  1. <?php
  2. /**
  3.  *
  4.  * This file is part of phpPoA2.
  5.  *
  6.  * phpPoA2 is free software: you can redistribute it and/or modify
  7.  * it under the terms of the GNU General Public License as published by
  8.  * the Free Software Foundation, either version 3 of the License, or
  9.  * (at your option) any later version.
  10.  *
  11.  * phpPoA2 is distributed in the hope that it will be useful,
  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14.  * GNU General Public License for more details.
  15.  *
  16.  * You should have received a copy of the GNU General Public License
  17.  * along with phpPoA2. If not, see <http://www.gnu.org/licenses/>.
  18.  *
  19.  * @license http://www.gnu.org/licenses/gpl.html GNU General Public License
  20.  * @version 2.0
  21.  * @author Miguel Macías <miguel.macias@upv.es>
  22.  * @filesource
  23.  */
  24.  
  25. /**
  26.  * Authentication engine for the OpenID protocol.
  27.  * PLEASE NOTE THAT THIS ENGINE WORKS ONLY FOR WEB-BASED APPLICATIONS.
  28.  * @package phpPoA2
  29.  * @subpackage OpenIDAuthnEngine
  30.  */
  31.  
  32.     protected $lOpenID;
  33.     protected $status;
  34.     protected $attributes;
  35.  
  36.     // attributes via OpenID (AX -> SREG)
  37.     protected $reqAttributes = array (
  38.         'namePerson/friendly'     => 'nickname',
  39.         'contact/email'           => 'email'
  40.     );
  41.  
  42.     public function __construct($file$site{
  43.         parent::__construct ($file$site);
  44.  
  45.         $this->status = AUTHN_FAILED;
  46.         $this->attributes = array();
  47.  
  48.         if (!class_exists("LightOpenID")) {
  49.             trigger_error(PoAUtils::msg('library-required'array("LightOpenID"))E_USER_ERROR);
  50.         }
  51.  
  52.         $this->lOpenID = new LightOpenID();       
  53.     }
  54.  
  55.     public function configure($file,$site{
  56.         parent::configure ($file$site);
  57.     }
  58.  
  59.     public function authenticate({
  60.         $providers $this->cfg->getProviders();
  61.  
  62.         if (!$this->lOpenID->mode// start authentication
  63.             if (isset($_POST['openid_identifier'])) {
  64.                 // we already have an OpenID, autodetect where to go
  65.                 $this->lOpenID->identity $_POST['openid_identifier'];
  66.                 $this->lOpenID->required array_keys($this->reqAttributes);
  67.                 header('Location: ' $this->lOpenID->authUrl());
  68.                 exit();
  69.             else // no OpenID available
  70.                 $loginURL$this->cfg->getLoginURL();
  71.                 if (!empty($loginURL&& $this->lOpenID->returnUrl != $loginURL{
  72.                     // show user custom login form
  73.                     header('Location: ' $loginURL);
  74.                     exit();
  75.                 else if ($this->cfg->isAutoLogin()) {
  76.                     // go to the first provider available
  77.                     foreach ($providers as $provider{
  78.                         if (!empty($provider['IDstart'])) {
  79.                             $this->lOpenID->identity $provider['IDstart'];
  80.                             $this->lOpenID->required array_keys($this->reqAttributes);
  81.                             header('Location: ' $this->lOpenID->authUrl());
  82.                             exit();
  83.                             break;
  84.                         }
  85.                     }
  86.                 }
  87.             }
  88.         else if ($this->lOpenID->mode == 'cancel'// user cancels
  89.             $this->status = AUTHN_FAILED;
  90.         else // returning back after authentication
  91.             if ($this->lOpenID->validate()) {
  92.                 $this->status = AUTHN_SUCCESS;
  93.                 $ax_attributes $this->lOpenID->getAttributes();
  94.                 if (!empty($ax_attributes))
  95.                     foreach ($ax_attributes as $ax_attribute => $ax_value)
  96.                         $ax_attributes[$this->reqAttributes[$ax_attribute]]$ax_value;
  97.                 $ax_attributes['identity']$this->lOpenID->identity;
  98.                 foreach ($providers as $provider{
  99.                     if (preg_match($provider['IDend']$this->lOpenID->identity$listAttr)) {
  100.                         foreach ($provider['IDfields'as $numAttr => $nameAttr)
  101.                             if (isset($listAttr[$numAttr 1]))
  102.                                 $ax_attributes[$nameAttr]$listAttr[$numAttr 1];
  103.                         break;
  104.                     }
  105.                 }
  106.                 $this->attributes = $ax_attributes;
  107.                 $this->status = AUTHN_SUCCESS;
  108.             else {
  109.                 $this->status = AUTHN_FAILED;
  110.             }
  111.         }
  112.         return $this->status;
  113.     }
  114.  
  115.     public function isAuthenticated({  
  116.         return $this->status;
  117.     }
  118.  
  119.     public function getAttributes({
  120.         return $this->attributes;
  121.     }
  122.  
  123.     public function getAttribute($name$namespace null{
  124.         $attr null;
  125.         if (array_key_exists($name$this->attributes)) {
  126.             $attr $this->attributes[$name];
  127.         }
  128.         return $attr;
  129.     }
  130.  
  131.     public function logout($slo false{
  132.         // first check if we really need to logout!
  133.         if (!$this->isAuthenticated()) {
  134.             trigger_error(PoAUtils::msg('already-logged-out'array())E_USER_NOTICE);
  135.             return true;
  136.         }
  137.         
  138.         // there's no logout for OpenID, so we just mark the user as logged out
  139.         $this->status = AUTHN_FAILED;
  140.         trigger_error(PoAUtils::msg('local-logout-success'array())E_USER_NOTICE);
  141.  
  142.         // check if we have a logout URL where to redirect
  143.         $urlLogout $this->cfg->getLogoutURL();
  144.         if ($urlLogout{
  145.             header('Location: '.$urlLogout);
  146.             exit();
  147.         }
  148.         return true;
  149.     }
  150. }
  151. ?>

Documentation generated on Mon, 20 Feb 2012 12:07:07 +0100 by phpDocumentor 1.4.3