Ignore:
Timestamp:
Jan 11, 2014, 12:08:40 PM (10 years ago)
Author:
mistic100
Message:

finish updating guides, fix flow issues, update language file

File:
1 edited

Legend:

Unmodified
Added
Removed

  • extensions/oAuth/auth.php

    r26605 r26608  
    44
    55global $hybridauth_conf;
     6
     7// OpenID is always enabled
     8$hybridauth_conf['providers']['OpenID']['enabled'] = true;
     9
    610require_once(OAUTH_PATH . 'include/hybridauth/Hybrid/Auth.php');
    711
     
    913
    1014try {
    11   // inputs
    12   if ($provider == 'OpenID' and !isset($_GET['openid_identifier']))
    13   {
    14     throw new Exception('Invalid OpenID!', 1003);
    15   }
    16  
    17   // OpenID is always enabled
    18   $hybridauth_conf['providers']['OpenID']['enabled'] = true;
    19  
    2015  if (!array_key_exists($provider, $hybridauth_conf['providers'])
    2116      or !$hybridauth_conf['providers'][$provider]['enabled']
     
    2722  if ($provider == 'Persona')
    2823  {
     24    if (!verify_ephemeral_key(@$_POST['key']) | empty($_POST['assertion']))
     25    {
     26      header('HTTP/1.1 403 Forbidden');
     27      exit;
     28    }
     29   
    2930    $response = persona_verify($_POST['assertion']);
    3031   
     
    4142  else
    4243  {
     44    if ($provider == 'OpenID' and empty($_GET['openid_identifier']))
     45    {
     46      throw new Exception('Invalid OpenID!', 1003);
     47    }
     48   
    4349    $hybridauth = new Hybrid_Auth($hybridauth_conf);
    4450   
    45     // connected
    4651    if ($hybridauth->isConnectedWith($provider))
    4752    {
     
    5358  }
    5459 
     60  // connected
    5561  if (!empty($oauth_id))
    5662  {
     
    6167;';
    6268    $result = pwg_query($query);
     69
    6370    // registered : log_user and redirect
    6471    if (pwg_db_num_rows($result))
     
    111118  else
    112119  {
     120    if (!verify_ephemeral_key(@$_GET['key']))
     121    {
     122      throw new Exception('Forbidden', 403);
     123    }
     124   
    113125    $template->assign('LOADING', '&openid_identifier='.@$_GET['openid_identifier'].'&init_auth=1');
    114126  }
     
    125137   404 : User not found
    126138 other errors :
     139   403 : Invalid ephemeral key
    127140   503 : Persona error
    128141  1002 : Invalid provider
     
    149162 
    150163  'OAUTH_PATH' => OAUTH_PATH,
    151   'PROVIDER' => $provider,
     164  'PROVIDER' => $hybridauth_conf['providers'][$provider]['name'],
    152165  'SELF_URL' => OAUTH_PATH . 'auth.php?provider='.$provider,
    153166  ));
Note: See TracChangeset for help on using the changeset viewer.