[20293] | 1 | <?php |
---|
| 2 | defined('OAUTH_PATH') or die('Hacking attempt!'); |
---|
| 3 | |
---|
| 4 | function load_hybridauth_conf() |
---|
| 5 | { |
---|
[20368] | 6 | global $hybridauth_conf, $conf; |
---|
[20293] | 7 | |
---|
| 8 | if (file_exists(PHPWG_ROOT_PATH.OAUTH_CONFIG)) |
---|
| 9 | { |
---|
| 10 | $hybridauth_conf = include(PHPWG_ROOT_PATH.OAUTH_CONFIG); |
---|
| 11 | $hybridauth_conf['base_url'] = OAUTH_PUBLIC; |
---|
[20368] | 12 | if (!empty($conf['oauth_debug_file'])) |
---|
| 13 | { |
---|
| 14 | $hybridauth_conf['debug_mode'] = true; |
---|
| 15 | $hybridauth_conf['debug_file'] = $conf['oauth_debug_file']; |
---|
| 16 | } |
---|
[20293] | 17 | return true; |
---|
| 18 | } |
---|
| 19 | else |
---|
| 20 | { |
---|
| 21 | return false; |
---|
| 22 | } |
---|
| 23 | } |
---|
| 24 | |
---|
[26604] | 25 | function oauth_assign_template_vars($u_redirect=null) |
---|
[20293] | 26 | { |
---|
[26605] | 27 | global $template, $conf, $hybridauth_conf, $user; |
---|
[20293] | 28 | |
---|
[26604] | 29 | $conf['oauth']['include_common_template'] = true; |
---|
[20293] | 30 | |
---|
[26604] | 31 | if ($template->get_template_vars('OAUTH') == null) |
---|
[20293] | 32 | { |
---|
[26605] | 33 | if (!empty($user['oauth_id'])) |
---|
| 34 | { |
---|
| 35 | list($provider, $identifier) = explode('---', $user['oauth_id'], 2); |
---|
| 36 | if ($provider == 'Persona') |
---|
| 37 | { |
---|
| 38 | $persona_email = $identifier; |
---|
| 39 | } |
---|
| 40 | } |
---|
| 41 | |
---|
[26604] | 42 | $template->assign('OAUTH', array( |
---|
| 43 | 'conf' => $conf['oauth'], |
---|
| 44 | 'u_login' => get_root_url() . OAUTH_PATH . 'auth.php?provider=', |
---|
| 45 | 'providers' => $hybridauth_conf['providers'], |
---|
[26605] | 46 | 'persona_email' => @$persona_email, |
---|
[26608] | 47 | 'key' => get_ephemeral_key(0), |
---|
[26604] | 48 | )); |
---|
[23808] | 49 | $template->assign(array( |
---|
| 50 | 'OAUTH_PATH' => OAUTH_PATH, |
---|
| 51 | 'OAUTH_ABS_PATH' => realpath(OAUTH_PATH) . '/', |
---|
| 52 | 'ABS_ROOT_URL' => rtrim(get_gallery_home_url(), '/') . '/', |
---|
| 53 | )); |
---|
[20293] | 54 | } |
---|
[26604] | 55 | |
---|
| 56 | if (isset($u_redirect)) |
---|
| 57 | { |
---|
| 58 | $template->append('OAUTH', compact('u_redirect'), true); |
---|
| 59 | } |
---|
[20293] | 60 | } |
---|
[26604] | 61 | |
---|
| 62 | function get_oauth_id($user_id) |
---|
| 63 | { |
---|
| 64 | global $conf; |
---|
| 65 | |
---|
| 66 | $query = ' |
---|
| 67 | SELECT oauth_id FROM ' . USERS_TABLE . ' |
---|
| 68 | WHERE ' . $conf['user_fields']['id'] . ' = ' . $user_id . ' |
---|
| 69 | AND oauth_id != "" |
---|
| 70 | ;'; |
---|
| 71 | $result = pwg_query($query); |
---|
| 72 | |
---|
| 73 | if (!pwg_db_num_rows($result)) |
---|
| 74 | { |
---|
| 75 | return null; |
---|
| 76 | } |
---|
| 77 | else |
---|
| 78 | { |
---|
| 79 | list($oauth_id) = pwg_db_fetch_row($result); |
---|
| 80 | return $oauth_id; |
---|
| 81 | } |
---|
| 82 | } |
---|
[26605] | 83 | |
---|
[26608] | 84 | function get_servername($with_port=false) |
---|
| 85 | { |
---|
| 86 | $scheme = 'http'; |
---|
| 87 | if ( (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443 ) |
---|
| 88 | { |
---|
| 89 | $scheme = 'https'; |
---|
| 90 | } |
---|
| 91 | |
---|
| 92 | $servername = $scheme . '://' . $_SERVER['HTTP_HOST']; |
---|
| 93 | if ($with_port) |
---|
| 94 | { |
---|
| 95 | $servername.= ':' . $_SERVER['SERVER_PORT']; |
---|
| 96 | } |
---|
| 97 | |
---|
| 98 | return $servername; |
---|
| 99 | } |
---|
| 100 | |
---|
[26605] | 101 | // http://www.sitepoint.com/authenticate-users-with-mozilla-persona/ |
---|
| 102 | function persona_verify() |
---|
| 103 | { |
---|
| 104 | $url = 'https://verifier.login.persona.org/verify'; |
---|
| 105 | |
---|
| 106 | $assert = filter_input( |
---|
| 107 | INPUT_POST, |
---|
| 108 | 'assertion', |
---|
| 109 | FILTER_UNSAFE_RAW, |
---|
| 110 | FILTER_FLAG_STRIP_LOW|FILTER_FLAG_STRIP_HIGH |
---|
| 111 | ); |
---|
| 112 | |
---|
[26608] | 113 | $params = 'assertion=' . urlencode($assert) . '&audience=' . urlencode(get_servername(true)); |
---|
[26605] | 114 | |
---|
| 115 | $options = array( |
---|
| 116 | CURLOPT_URL => $url, |
---|
| 117 | CURLOPT_RETURNTRANSFER => true, |
---|
| 118 | CURLOPT_POST => true, |
---|
| 119 | CURLOPT_POSTFIELDS => $params, |
---|
| 120 | CURLOPT_SSL_VERIFYPEER => true, |
---|
| 121 | CURLOPT_SSL_VERIFYHOST => 2, |
---|
| 122 | ); |
---|
| 123 | |
---|
| 124 | $ch = curl_init(); |
---|
| 125 | curl_setopt_array($ch, $options); |
---|
| 126 | $result = curl_exec($ch); |
---|
| 127 | curl_close($ch); |
---|
| 128 | |
---|
| 129 | if ($result === false) |
---|
| 130 | { |
---|
| 131 | return false; |
---|
| 132 | } |
---|
| 133 | else |
---|
| 134 | { |
---|
| 135 | return json_decode($result, true); |
---|
| 136 | } |
---|
| 137 | } |
---|