Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once 'Validate.php';
- require_once 'Net/URL2.php';
- class Auth_OpenID
- {
- protected $fields = array(
- 'required' => array(),
- 'optional' => array(),
- );
- protected $params = array(
- 'ns' => '',
- 'claimed_id' => '',
- 'cancel' => '',
- 'identity' => '',
- 'assoc_handle' => '',
- 'return_to' => '',
- 'realm' => '',
- 'mode' => 'checkid_setup',
- 'trust_root' => '',
- 'server' => ''
- );
- public function __get($var)
- {
- if (isset($this->params[$var])) {
- return $this->params[$var];
- }
- }
- public function __set($var, $val)
- {
- switch ($var) {
- case 'required':
- case 'optional':
- $this->fields[$var] = $val;
- return;
- default:
- break;
- }
- if (isset($this->params[$var])) {
- $func = '_set_' . $var;
- if (method_exists($this, $func)) {
- $this->params[$var] = $this->$func($val);
- } else {
- $this->params[$var] = $val;
- }
- } else {
- throw new Auth_OpenID_Exception($var . ' is invalid');
- }
- }
- protected function _set_identify($val)
- {
- if (!strlen($val) || !Validate::uri($val)) {
- throw new Auth_OpenID_Exception($val . ' is an invalid identifier');
- }
- $url = new Net_URL2($val);
- return $url->getURL();
- }
- public function redirect()
- {
- $info = $this->getIdentityInfo();
- if (isset($info['delegate'])) {
- $this->identity = $info['delegate'];
- }
- if (isset($info['server'])) {
- $this->server = $info['server'];
- }
- $sets = array();
- foreach ($this->params as $var => $val) {
- if (!strlen($val)) {
- continue;
- }
- $sets[] = 'openid.' . $var . '=' . urlencode($val);
- }
- foreach ($this->fields as $type => $val) {
- if ((is_array($val) && !count($val)) || !strlen($val)) {
- continue;
- }
- if (is_array($val)) {
- $val = implode(',', $val);
- }
- $sets[] = 'openid.sreg.' . $type . '=' . urlencode($val);
- }
- return $this->server . '?' . implode('&', $sets);
- }
- public function validate($req)
- {
- if (!isset($req['openid_identity'])) {
- throw new Auth_OpenID_Exception('No identity in request');
- } else {
- $this->identity = $req['openid_identity'];
- }
- static $import = array(
- 'assoc_handle', 'signed', 'sig'
- );
- $params = array(
- 'openid.mode' => 'check_authentication'
- );
- foreach ($import as $f) {
- if (isset($req['openid_' . $f]) && strlen($req['openid_' . $f])) {
- $params['openid.' . $f] = $req['openid_' . $f];
- }
- }
- $fields = explode(',', str_replace('sreg.', 'sreg_', $req['openid_signed']));
- foreach ($fields as $f) {
- $p = str_replace('sreg_', 'sreg.', $f);
- if (isset($req['openid_' . $f]) && $f != 'mode') {
- $params['openid.' . $p] = $req['openid_' . $f];
- }
- }
- $info = $this->getIdentityInfo();
- if (!isset($info['server'])) {
- throw new Auth_OpenID_Exception('Could not look up server');
- }
- $response = $this->sendRequest($info['server'], $params, 'POST');
- $ret = $this->parseResponse($response);
- if ($ret['is_valid'] != 'true') {
- throw new Auth_OpenID_Exception('Could not validate authentication');
- }
- return $ret;
- }
- protected function sendRequest($url, $params = array(), $method = 'GET')
- {
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($ch, CURLOPT_USERAGENT, 'Auth_OpenID');
- curl_setopt($ch, CURLOPT_HEADER, false);
- curl_setopt($ch, CURLOPT_URL, $url);
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
- curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
- curl_setopt($ch, CURLOPT_TIMEOUT, 5);
- $sets = array();
- foreach ($params as $key => $val) {
- $sets[] = $key . '=' . urlencode($val);
- }
- if ($method == 'POST') {
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS, implode('&', $sets));
- } else {
- if (count($sets)) {
- $url .= '?' . implode('&', $sets);
- }
- }
- $res = trim(curl_exec($ch));
- $err = curl_errno($ch);
- if ($err !== CURLE_OK) {
- throw new Auth_OpenID_Exception(curl_error($ch), $err);
- }
- $code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
- if (substr($code, 0, 1) != '2') {
- echo '<pre>' . htmlspecialchars($res) . '</pre>';
- throw new Auth_OpenID_Exception('Unrecognized HTTP status: ' . $code, $code);
- }
- curl_close($ch);
- return $res;
- }
- protected function getIdentityInfo()
- {
- if (!strlen($this->identity)) {
- throw new Auth_OpenID_Exception('Identity is required');
- }
- $res = $this->sendRequest($this->identity);
- $m = array();
- if (preg_match_all('/<link[^>]+rel=["\']openid\.[^>]+>/i', $res, $m)) {
- $openID = array();
- foreach ($m[0] as $match) {
- $a = array();
- if (preg_match('/openid\.(server|delegate)/i', $match, $a)) {
- $h = array();
- if (preg_match('/href=[\'"]([^\'"]+)[\'"]/', $match, $h)) {
- $openID[$a[1]] = $h[1];
- }
- }
- }
- }
- return $openID;
- }
- protected function parseResponse($response)
- {
- $res = array();
- $response = explode("\n", $response);
- foreach($response as $line) {
- $line = trim($line);
- if ($line != "") {
- list($key, $value) = explode(":", $line, 2);
- $ret[trim($key)] = trim($value);
- }
- }
- return $ret;
- }
- }
- ?>
Add Comment
Please, Sign In to add comment