Context Navigation

source: extensions/oAuth/include/hybridauth/Hybrid/Endpoint.php @ 20293

Last change on this file since 20293 was 20293, checked in by mistic100, 11 years ago
first commit of oAuth plugin, still in developpement
File size: 5.9 KB

Line
1	<?php
2	/*!
3	* HybridAuth
4	* http://hybridauth.sourceforge.net \| http://github.com/hybridauth/hybridauth
5	* (c) 2009-2012, HybridAuth authors \| http://hybridauth.sourceforge.net/licenses.html
6	*/
7
8	/**
9	* Hybrid_Endpoint class
10	*
11	* Hybrid_Endpoint class provides a simple way to handle the OpenID and OAuth endpoint.
12	*/
13	class Hybrid_Endpoint {
14	public static $request = NULL;
15	public static $initDone = FALSE;
16
17	/**
18	* Process the current request
19	*
20	* $request - The current request parameters. Leave as NULL to default to use $_REQUEST.
21	*/
22	public static function process( $request = NULL )
23	{
24	// Setup request variable
25	Hybrid_Endpoint::$request = $request;
26
27	if ( is_null(Hybrid_Endpoint::$request) ){
28	// Fix a strange behavior when some provider call back ha endpoint
29	// with /index.php?hauth.done={provider}?{args}...
30	// >here we need to recreate the $_REQUEST
31	if ( strrpos( $_SERVER["QUERY_STRING"], '?' ) ) {
32	$_SERVER["QUERY_STRING"] = str_replace( "?", "&", $_SERVER["QUERY_STRING"] );
33
34	parse_str( $_SERVER["QUERY_STRING"], $_REQUEST );
35	}
36
37	Hybrid_Endpoint::$request = $_REQUEST;
38	}
39
40	// If openid_policy requested, we return our policy document
41	if ( isset( Hybrid_Endpoint::$request["get"] ) && Hybrid_Endpoint::$request["get"] == "openid_policy" ) {
42	Hybrid_Endpoint::processOpenidPolicy();
43	}
44
45	// If openid_xrds requested, we return our XRDS document
46	if ( isset( Hybrid_Endpoint::$request["get"] ) && Hybrid_Endpoint::$request["get"] == "openid_xrds" ) {
47	Hybrid_Endpoint::processOpenidXRDS();
48	}
49
50	// If we get a hauth.start
51	if ( isset( Hybrid_Endpoint::$request["hauth_start"] ) && Hybrid_Endpoint::$request["hauth_start"] ) {
52	Hybrid_Endpoint::processAuthStart();
53	}
54	// Else if hauth.done
55	elseif ( isset( Hybrid_Endpoint::$request["hauth_done"] ) && Hybrid_Endpoint::$request["hauth_done"] ) {
56	Hybrid_Endpoint::processAuthDone();
57	}
58	// Else we advertise our XRDS document, something supposed to be done from the Realm URL page
59	else {
60	Hybrid_Endpoint::processOpenidRealm();
61	}
62	}
63
64	/**
65	* Process OpenID policy request
66	*/
67	public static function processOpenidPolicy()
68	{
69	$output = file_get_contents( dirname(__FILE__) . "/resources/openid_policy.html" );
70	print $output;
71	die();
72	}
73
74	/**
75	* Process OpenID XRDS request
76	*/
77	public static function processOpenidXRDS()
78	{
79	header("Content-Type: application/xrds+xml");
80
81	$output = str_replace
82	(
83	"{RETURN_TO_URL}",
84	str_replace(
85	array("<", ">", "\"", "'", "&"), array("<", ">", """, "'", "&"),
86	Hybrid_Auth::getCurrentUrl( false )
87	),
88	file_get_contents( dirname(__FILE__) . "/resources/openid_xrds.xml" )
89	);
90	print $output;
91	die();
92	}
93
94	/**
95	* Process OpenID realm request
96	*/
97	public static function processOpenidRealm()
98	{
99	$output = str_replace
100	(
101	"{X_XRDS_LOCATION}",
102	htmlentities( Hybrid_Auth::getCurrentUrl( false ), ENT_QUOTES, 'UTF-8' ) . "?get=openid_xrds&v=" . Hybrid_Auth::$version,
103	file_get_contents( dirname(__FILE__) . "/resources/openid_realm.html" )
104	);
105	print $output;
106	die();
107	}
108
109	/**
110	* define:endpoint step 3.
111	*/
112	public static function processAuthStart()
113	{
114	Hybrid_Endpoint::authInit();
115
116	$provider_id = trim( strip_tags( Hybrid_Endpoint::$request["hauth_start"] ) );
117
118	# check if page accessed directly
119	if( ! Hybrid_Auth::storage()->get( "hauth_session.$provider_id.hauth_endpoint" ) ) {
120	Hybrid_Logger::error( "Endpoint: hauth_endpoint parameter is not defined on hauth_start, halt login process!" );
121
122	header( "HTTP/1.0 404 Not Found" );
123	die( "You cannot access this page directly." );
124	}
125
126	# define:hybrid.endpoint.php step 2.
127	$hauth = Hybrid_Auth::setup( $provider_id );
128
129	# if REQUESTed hauth_idprovider is wrong, session not created, etc.
130	if( ! $hauth ) {
131	Hybrid_Logger::error( "Endpoint: Invalid parameter on hauth_start!" );
132
133	header( "HTTP/1.0 404 Not Found" );
134	die( "Invalid parameter! Please return to the login page and try again." );
135	}
136
137	try {
138	Hybrid_Logger::info( "Endpoint: call adapter [{$provider_id}] loginBegin()" );
139
140	$hauth->adapter->loginBegin();
141	}
142	catch ( Exception $e ) {
143	Hybrid_Logger::error( "Exception:" . $e->getMessage(), $e );
144	Hybrid_Error::setError( $e->getMessage(), $e->getCode(), $e->getTraceAsString(), $e );
145
146	$hauth->returnToCallbackUrl();
147	}
148
149	die();
150	}
151
152	/**
153	* define:endpoint step 3.1 and 3.2
154	*/
155	public static function processAuthDone()
156	{
157	Hybrid_Endpoint::authInit();
158
159	$provider_id = trim( strip_tags( Hybrid_Endpoint::$request["hauth_done"] ) );
160
161	$hauth = Hybrid_Auth::setup( $provider_id );
162
163	if( ! $hauth ) {
164	Hybrid_Logger::error( "Endpoint: Invalid parameter on hauth_done!" );
165
166	$hauth->adapter->setUserUnconnected();
167
168	header("HTTP/1.0 404 Not Found");
169	die( "Invalid parameter! Please return to the login page and try again." );
170	}
171
172	try {
173	Hybrid_Logger::info( "Endpoint: call adapter [{$provider_id}] loginFinish() " );
174
175	$hauth->adapter->loginFinish();
176	}
177	catch( Exception $e ){
178	Hybrid_Logger::error( "Exception:" . $e->getMessage(), $e );
179	Hybrid_Error::setError( $e->getMessage(), $e->getCode(), $e->getTraceAsString(), $e );
180
181	$hauth->adapter->setUserUnconnected();
182	}
183
184	Hybrid_Logger::info( "Endpoint: job done. retrun to callback url." );
185
186	$hauth->returnToCallbackUrl();
187	die();
188	}
189
190	public static function authInit()
191	{
192	if ( ! Hybrid_Endpoint::$initDone) {
193	Hybrid_Endpoint::$initDone = TRUE;
194
195	# Init Hybrid_Auth
196	try {
197	require_once realpath( dirname( __FILE__ ) ) . "/Storage.php";
198
199	$storage = new Hybrid_Storage();
200
201	// Check if Hybrid_Auth session already exist
202	if ( ! $storage->config( "CONFIG" ) ) {
203	header( "HTTP/1.0 404 Not Found" );
204	die( "You cannot access this page directly.2" );
205	}
206
207	Hybrid_Auth::initialize( $storage->config( "CONFIG" ) );
208	}
209	catch ( Exception $e ){
210	Hybrid_Logger::error( "Endpoint: Error while trying to init Hybrid_Auth" );
211
212	header( "HTTP/1.0 404 Not Found" );
213	die( "Oophs. Error!" );
214	}
215	}
216	}
217	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: