[pLog-svn] r4415 - in plugins/branches/lifetype-1.1: . openid
openid/class openid/class/action openid/class/view
openid/locale openid/templates
pwestbro at devel.lifetype.net
pwestbro at devel.lifetype.net
Sat Dec 23 06:54:48 GMT 2006
Author: pwestbro
Date: 2006-12-23 06:54:46 +0000 (Sat, 23 Dec 2006)
New Revision: 4415
Added:
plugins/branches/lifetype-1.1/openid/
plugins/branches/lifetype-1.1/openid/OpenID.php
plugins/branches/lifetype-1.1/openid/README.txt
plugins/branches/lifetype-1.1/openid/class/
plugins/branches/lifetype-1.1/openid/class/action/
plugins/branches/lifetype-1.1/openid/class/action/pluginopenidconfigaction.class.php
plugins/branches/lifetype-1.1/openid/class/action/pluginopenidupdateconfigaction.class.php
plugins/branches/lifetype-1.1/openid/class/view/
plugins/branches/lifetype-1.1/openid/class/view/pluginopenidconfigview.class.php
plugins/branches/lifetype-1.1/openid/locale/
plugins/branches/lifetype-1.1/openid/locale/locale_en_UK.php
plugins/branches/lifetype-1.1/openid/pluginopenid.class.php
plugins/branches/lifetype-1.1/openid/templates/
plugins/branches/lifetype-1.1/openid/templates/openid.template
Log:
First pass at the OpenID plugin.
When using your blog url as the OpenID, you can use your LifeType
username/password to authenticate your OpenID identity.
Ideally, this would use digest authentication, but there isn't an api on the
users object that takes the md5 version of the username and password
Added: plugins/branches/lifetype-1.1/openid/OpenID.php
===================================================================
--- plugins/branches/lifetype-1.1/openid/OpenID.php 2006-12-20 21:14:59 UTC (rev 4414)
+++ plugins/branches/lifetype-1.1/openid/OpenID.php 2006-12-23 06:54:46 UTC (rev 4415)
@@ -0,0 +1,801 @@
+<?
+/*
+ * OpenID implementation for LifeType
+ * based on
+ *
+ * phpMyID - A standalone, single user, OpenID Identity Provider
+ *
+ * by: CJ Niemira <siege (at) siege (dot) org>
+ * (c) 2006
+ * http://siege.org/projects/phpMyID
+ *
+ * Version: 0.3
+ *
+ * This code is licensed under the GNU General Public License
+ * http://www.gnu.org/licenses/gpl.html
+ *
+ *
+ * *************************************************************************** *
+ * CONFIGURATION
+ * *************************************************************************** *
+ * You must change these values:
+ * auth_username = login name
+ * auth_password = md5(username:phpMyID:password)
+ *
+ * Default username = 'test', password = 'test'
+ */
+
+$profile = array(
+ 'auth_username' => 'test',
+ 'auth_password' => 'e8358914a32e1ce3c62836db4babaa01'
+);
+
+/*
+ * Optional - Simple Registration Extension:
+ *
+ * If you would like to add any of the following optional registration
+ * parameters to your login profile, simply uncomment the line, and enter the
+ * correct values.
+ *
+ * Details on the exact allowed values for these paramters can be found at:
+ * http://openid.net/specs/openid-simple-registration-extension-1_0.html
+ */
+
+$sreg = array (
+# 'nickname' => 'Joe',
+# 'email' => 'joe at example.com',
+# 'fullname' => 'Joe Example',
+# 'dob' => '1970-10-31',
+# 'gender' => 'M',
+# 'postcode' => '22000',
+# 'country' => 'US',
+# 'language' => 'en',
+# 'timezone' => 'America/New_York'
+);
+
+
+
+/******************************************************************************/
+
+/*
+ * Internal configuration
+ * DO NOT ALTER ANYTHING BELOW THIS POINT UNLESS YOU KNOW WHAT YOU ARE DOING!
+ */
+
+$idp_url = sprintf("%s://%s%s",
+ ($_SERVER["HTTPS"] == 'on' ? 'https' : 'http'),
+ $_SERVER['SERVER_NAME'],
+ $_SERVER['PHP_SELF']);
+
+$req_url = sprintf("%s://%s%s",
+ ($_SERVER["HTTPS"] == 'on' ? 'https' : 'http'),
+ $_SERVER['HTTP_HOST'],
+ $_SERVER["REQUEST_URI"]);
+
+$profile['auth_domain'] = "$req_url $idp_url";
+$profile['auth_realm'] = 'phpMyID';
+$profile['lifetime'] = ((session_cache_expire() * 60) - 10);
+
+$known = array(
+ 'assoc_types' => array('HMAC-SHA1'),
+
+ 'openid_modes' => array('associate',
+ 'checkid_immediate',
+ 'checkid_setup',
+ 'check_authentication',
+ 'error',
+ 'logout'),
+
+ 'session_types' => array('',
+ 'DH-SHA1'),
+
+ 'bigmath_types' => array('DH-SHA1'),
+);
+
+$g = 2;
+
+$p = '15517289818147369747123225776371553991572480196691540447970779531405762' .
+'9378541917580651227423698188993727816152646631438561595825688188889951272158' .
+'8426754199503412587065565498035801048705376814767265132557470407658574792912' .
+'9157233451064324509471500722962109419434978392598476037559498584825335930558' .
+'5439638443';
+
+
+
+/******************************************************************************/
+
+/*
+ * Runmode functions
+ */
+
+function associate_mode () {
+ global $g, $known, $p, $profile;
+
+ // Validate the request
+ if (! isset($_POST['openid_mode']) || $_POST['openid_mode'] != 'associate')
+ error_400();
+
+ // Get the options, use defaults as necessary
+ $assoc_type = (strlen($_POST['openid_assoc_type'])
+ && in_array($_POST['openid_assoc_type'], $known['assoc_types']))
+ ? $_POST['openid_assoc_type']
+ : 'HMAC-SHA1';
+
+ $session_type = (strlen($_POST['openid_session_type'])
+ && in_array($_POST['openid_session_type'], $known['session_types']))
+ ? $_POST['openid_session_type']
+ : '';
+
+ $dh_modulus = (strlen($_POST['openid_dh_modulus']))
+ ? $_POST['openid_dh_modulus']
+ : ($session_type == 'DH-SHA1'
+ ? $p
+ : null);
+
+ $dh_gen = (strlen($_POST['openid_dh_gen']))
+ ? $_POST['openid_dh_gen']
+ : ($session_type == 'DH-SHA1'
+ ? $g
+ : null);
+
+ $dh_consumer_public = (strlen($_POST['openid_dh_consumer_public']))
+ ? $_POST['openid_dh_consumer_public']
+ : ($session_type == 'DH-SHA1'
+ ? error_post('dh_consumer_public was not specified')
+ : null);
+
+ // Create the associate id and shared secret now
+ $lifetime = time() + $profile['lifetime'];
+
+ // Create standard keys
+ $keys = array(
+ 'assoc_type' => $assoc_type,
+ 'expires_in' => $profile['lifetime']
+ );
+
+ // If I can't handle bigmath, default to plaintext sessions
+ if (in_array($session_type, $known['bigmath_types']) && ! extension_loaded('bcmath'))
+ $session_type = null;
+
+ // Add response keys based on the session type
+ switch ($session_type) {
+ case 'DH-SHA1':
+ list ($assoc_handle, $shared_secret) = new_assoc($lifetime);
+
+ // Compute the Diffie-Hellman stuff
+ $private_key = random($dh_modulus);
+ $public_key = bcpowmod($dh_gen, $private_key, $dh_modulus);
+ $remote_key = long(base64_decode($dh_consumer_public));
+ $ss = bcpowmod($remote_key, $private_key, $dh_modulus);
+
+ $keys['assoc_handle'] = $assoc_handle;
+ $keys['session_type'] = $session_type;
+ $keys['dh_server_public'] = base64_encode(bin($public_key));
+ $keys['enc_mac_key'] = base64_encode(x_or(sha1_20(bin($ss)), $shared_secret));
+
+ break;
+
+ default:
+ list ($assoc_handle, $shared_secret) = new_assoc();
+
+ $keys['assoc_handle'] = $assoc_handle;
+ $keys['mac_key'] = base64_encode($shared_secret);
+ }
+
+ // Return the keys
+ wrap_kv($keys);
+}
+
+
+function check_authentication_mode () {
+ // Validate the request
+ if (! isset($_POST['openid_mode']) || $_POST['openid_mode'] != 'check_authentication')
+ error_400();
+
+ $assoc_handle = strlen($_POST['openid_assoc_handle'])
+ ? $_POST['openid_assoc_handle']
+ : error_post('Missing assoc_handle');
+
+ $sig = strlen($_POST['openid_sig'])
+ ? $_POST['openid_sig']
+ : error_post('Missing sig');
+
+ $signed = strlen($_POST['openid_signed'])
+ ? $_POST['openid_signed']
+ : error_post('Missing signed');
+
+ // Prepare the return keys
+ $keys = array(
+ 'openid.mode' => 'id_res'
+ );
+
+ // Invalidate the assoc handle if we need to
+ if (strlen($_POST['openid_invalidate_handle'])) {
+ destroy_assoc_handle($_POST['openid_invalidate_handle']);
+
+ $keys['invalidate_handle'] = $_POST['openid_invalidate_handle'];
+ }
+
+ // Validate the sig by recreating the kv pair and signing
+ $_POST['openid_mode'] = 'id_res';
+ $tokens = '';
+ foreach (explode(',', $signed) as $param) {
+ $post = preg_replace('/\./', '_', $param);
+ $tokens .= sprintf("%s:%s\n", $param, $_POST['openid_' . $post]);
+ }
+
+ // Add the sreg stuff, if we've got it
+ foreach (explode(',', $sreg_required) as $key) {
+ if (! isset($sreg[$key]))
+ continue;
+ $skey = 'sreg.' . $key;
+
+ $tokens .= sprintf("%s:%s\n", $skey, $sreg[$key]);
+ $keys[$skey] = $sreg[$key];
+ $fields[] = $skey;
+ }
+
+ list ($shared_secret, $expires) = secret($assoc_handle);
+
+ // A 'smart mode' id will have an expiration time set, don't allow it
+ if ($shared_secret == false || is_numeric($expires)) {
+ $keys['is_valid'] = 'false';
+
+ } else {
+ $ok = base64_encode(hmac($shared_secret, $tokens));
+ $keys['is_valid'] = ($sig == $ok) ? 'true' : 'false';
+ }
+
+ // Return the keys
+ wrap_kv($keys);
+}
+
+
+function checkid ( $wait ) {
+ debug("checkid : $wait");
+ global $idp_url, $known, $profile, $sreg, $user_authenticated;
+
+ // Get the options, use defaults as necessary
+ $return_to = strlen($_GET['openid_return_to'])
+ ? $_GET['openid_return_to']
+ : error_400('Missing return_to');
+
+ $identity = strlen($_GET['openid_identity'])
+ ? $_GET['openid_identity']
+ : error_get($return_to, 'Missing identity');
+
+ $assoc_handle = strlen($_GET['openid_assoc_handle'])
+ ? $_GET['openid_assoc_handle']
+ : null;
+
+ $trust_root = strlen($_GET['openid_trust_root'])
+ ? $_GET['openid_trust_root']
+ : $return_to;
+
+ $sreg_required = strlen($_GET['openid_sreg_required'])
+ ? $_GET['openid_sreg_required']
+ : '';
+
+ $sreg_optional = strlen($_GET['openid_sreg_optional'])
+ ? $_GET['openid_sreg_optional']
+ : '';
+
+ // required and optional make no difference to us
+ $sreg_required .= ',' . $sreg_optional;
+
+ $keys = array(
+ 'mode' => 'id_res'
+ );
+
+/*
+ // try to get the digest headers - what a PITA!
+ if (version_compare(phpversion(), '5.0.0', 'lt')) {
+ if (function_exists('apache_request_headers')) {
+ $arh = apache_request_headers();
+ $hdr = $arh['Authorization'];
+
+ } elseif (isset($_SERVER['HTTP_AUTHORIZATION'])) {
+ $hdr = $_SERVER['HTTP_AUTHORIZATION'];
+
+ } else {
+ $hdr = null;
+ }
+
+ $digest = substr($hdr,0,7) == 'Digest '
+ ? substr($hdr, strpos($hdr, ' ') + 1)
+ : null;
+
+ } else {
+ $digest = empty($_SERVER['PHP_AUTH_DIGEST'])
+ ? null
+ : $_SERVER['PHP_AUTH_DIGEST'];
+ }
+*/
+ $username = empty($_SERVER['PHP_AUTH_USER']) ? null : $_SERVER['PHP_AUTH_USER'];
+ $password = empty($_SERVER['PHP_AUTH_PW']) ? null : $_SERVER['PHP_AUTH_PW'];
+
+ $stale = false;
+
+ // is the user trying to log in?
+ if ($wait && ! is_null($username) && $user_authenticated === false) {
+ /*
+ debug($digest);
+ $hdr = array();
+
+ // decode the Digest authentication headers
+ preg_match_all('/(\w+)=(?:"([^"]+)"|([^\s,]+))/', $digest, $mtx, PREG_SET_ORDER);
+
+ foreach ($mtx as $m)
+ $hdr[$m[1]] = $m[2] ? $m[2] : $m[3];
+ debug($hdr);
+
+ if ($hdr['nonce'] != $_SESSION['uniqid'])
+ $stale = true;
+
+ if ($profile['auth_username'] == $hdr['username'] && ! $stale) {
+
+ // the entity body should always be null in this case
+ $entity_body = '';
+ $a1 = $profile['auth_password'];
+ $a2 = $hdr['qop'] == 'auth-int'
+ ? md5(implode(':', array($_SERVER['REQUEST_METHOD'], $hdr['uri'], md5($entity_body))))
+ : md5(implode(':', array($_SERVER['REQUEST_METHOD'], $hdr['uri'])));
+ $ok = md5(implode(':', array($a1, $hdr['nonce'], $hdr['nc'], $hdr['cnonce'], $hdr['qop'], $a2)));
+
+ // successful login!
+ if ($hdr['response'] == $ok) {
+ $_SESSION['auth_username'] = $hdr['username'];
+ $user_authenticated = true;
+
+ // too many failures
+ } elseif (strcmp($hdr['nc'], 5) > 0) {
+ wrap_refresh($return_to . $q . 'openid.mode=cancel');
+ }
+ }
+ */
+ if (!defined( "PLOG_CLASS_PATH" )) {
+ define( "PLOG_CLASS_PATH", dirname(__FILE__)."/");
+ }
+ include_once( PLOG_CLASS_PATH."class/dao/users.class.php");
+
+ $users = new Users();
+
+ $auth = $users->authenticateUser( $username, $password );
+
+ if ($auth)
+ {
+ $_SESSION['auth_username'] = $username;
+ $user_authenticated = true;
+ }
+ }
+
+ // make sure i am this identifier
+ if ($identity != $idp_url) {
+ if ($wait) {
+ $keys['mode'] = 'cancel';
+ } else {
+ $keys['user_setup_url'] = $idp_url;
+ }
+
+ // if the user is not logged in, send the login headers
+ } elseif ($user_authenticated === false) {
+ if ($wait) {
+ $uid = uniqid(mt_rand(1,9));
+ $_SESSION['uniqid'] = $uid;
+
+ header('HTTP/1.0 401 Unauthorized');
+
+ header(sprintf('WWW-Authenticate: Basic realm="%s"', $profile['auth_realm']));
+// header(sprintf('WWW-Authenticate: Digest qop="auth-int, auth", realm="%s", domain="%s", nonce="%s", opaque="%s", stale="%s", algorithm="MD5"', $profile['auth_realm'], $profile['auth_domain'], $uid, md5($profile['auth_realm']), $stale ? 'true' : 'false'));
+ $q = strpos($return_to, '?') ? '&' : '?';
+ wrap_refresh($return_to . $q . 'openid.mode=cancel');
+
+ } else {
+ $keys['user_setup_url'] = $idp_url;
+ }
+
+ // the user is logged in
+ } else {
+ // check the assoc handle
+ list($shared_secret, $expires) = secret($assoc_handle);
+ if ($shared_secret == false || (is_numeric($expires) && $expires < time())) {
+ if ($assoc_handle != null)
+ $keys['invalidate_handle'] = $assoc_handle;
+ list ($assoc_handle, $shared_secret) = new_assoc();
+ }
+
+ $keys['identity'] = $idp_url;
+ $keys['assoc_handle'] = $assoc_handle;
+ $keys['return_to'] = $return_to;
+
+ $fields = array_keys($keys);
+ $tokens = '';
+ foreach ($fields as $key)
+ $tokens .= sprintf("%s:%s\n", $key, $keys[$key]);
+
+ // add sreg keys
+ foreach (explode(',', $sreg_required) as $key) {
+ if (! isset($sreg[$key]))
+ continue;
+ $skey = 'sreg.' . $key;
+
+ $tokens .= sprintf("%s:%s\n", $skey, $sreg[$key]);
+ $keys[$skey] = $sreg[$key];
+ $fields[] = $skey;
+ }
+
+ $keys['signed'] = implode(',', $fields);
+ $keys['sig'] = base64_encode(hmac($shared_secret, $tokens));
+ }
+
+ wrap_location($return_to, $keys);
+}
+
+
+function checkid_immediate_mode () {
+ if (! isset($_GET['openid_mode']) || $_GET['openid_mode'] != 'checkid_setup')
+ error_500();
+
+ checkid(false);
+}
+
+
+function checkid_setup_mode () {
+ if (! isset($_GET['openid_mode']) || $_GET['openid_mode'] != 'checkid_setup')
+ error_500();
+
+ checkid(true);
+}
+
+
+function error_mode () {
+ isset($_REQUEST['openid_error'])
+ ? wrap_html($_REQUEST['openid_error'])
+ : error_500();
+}
+
+
+function logout_mode () {
+ global $idp_url, $user_authenticated;
+
+ if (! $user_authenticated)
+ error_400();
+
+ session_destroy();
+ wrap_refresh($idp_url);
+}
+
+
+function no_mode () {
+ global $idp_url, $user_authenticated;
+
+ wrap_html('This is an OpenID server endpoint. For more information, see http://openid.net/<br/>' . $idp_url);
+}
+
+
+
+/*
+ * Support functions
+ */
+function append_openid ($array) {
+ $keys = array_keys($array);
+ $vals = array_values($array);
+
+ $r = array();
+ for ($i=0; $i<sizeof($keys); $i++)
+ $r['openid.' . $keys[$i]] = $vals[$i];
+ return $r;
+}
+
+// Borrowed from http://php.net/manual/en/function.bcpowmod.php#57241
+if (! function_exists('bcpowmod')) {
+function bcpowmod ($value, $exponent, $mod) {
+ $r = 1;
+ while (true) {
+ if (bcmod($exponent, 2) == "1")
+ break;
+ if (($exponent = bcdiv($exponent, 2)) == '0')
+ break;
+ $value = bcmod(bcmul($value, $value), $mod);
+ }
+ return $r;
+}}
+
+
+// Borrowed from PHP-OpenID; http://openidenabled.com
+function bin ($n) {
+ $bytes = array();
+ while (bccomp($n, 0) > 0) {
+ array_unshift($bytes, bcmod($n, 256));
+ $n = bcdiv($n, pow(2,8));
+ }
+
+ if ($bytes && ($bytes[0] > 127))
+ array_unshift($bytes, 0);
+
+ $b = '';
+ foreach ($bytes as $byte)
+ $b .= pack('C', $byte);
+
+ return $b;
+}
+
+
+function debug ($x) {
+ return true; // debugging off
+ if (is_array($x)) {
+ ob_start();
+ print_r($x);
+ $x = ob_get_clean();
+ }
+
+ error_log($x . "\n", 3, "/var/tmp/phpMyID.debug.log");
+}
+
+
+function destroy_assoc_handle ( $id ) {
+ debug("Destroy $id");
+ $old = session_id();
+ session_write_close();
+
+ session_id($id);
+ session_start();
+ session_destroy();
+
+ session_id($old);
+ session_start();
+}
+
+
+function error_400 ( $message = 'Bad Request' ) {
+ header("HTTP/1.1 400 Bad Request");
+ wrap_html($message);
+}
+
+
+function error_500 ( $message = 'Internal Server Error' ) {
+ header("HTTP/1.1 500 Internal Server Error");
+ wrap_html($message);
+}
+
+
+function error_get ( $url, $message = 'Bad Request') {
+ wrap_location($url, array('mode' => 'error', 'error' => $message));
+}
+
+
+function error_post ( $message = 'Bad Request' ) {
+ header("HTTP/1.1 400 Bad Request");
+ echo ('error:' . $message);
+ exit(0);
+}
+
+
+// Borrowed from - http://php.net/manual/en/function.sha1.php#39492
+function hmac($key, $data, $hash = 'sha1_20') {
+ $blocksize=64;
+
+ if (strlen($key) > $blocksize)
+ $key = $hash($key);
+
+ $key = str_pad($key, $blocksize,chr(0x00));
+ $ipad = str_repeat(chr(0x36),$blocksize);
+ $opad = str_repeat(chr(0x5c),$blocksize);
+
+ $h1 = $hash(($key ^ $ipad) . $data);
+ $hmac = $hash(($key ^ $opad) . $h1);
+ return $hmac;
+}
+
+
+if (! function_exists('http_build_query')) {
+function http_build_query ($array) {
+ $r = array();
+ foreach ($array as $key => $val)
+ $r[] = sprintf('%s=%s', $key, urlencode($val));
+ return implode('&', $r);
+}}
+
+
+// Borrowed from PHP-OpenID; http://openidenabled.com
+function long($b) {
+ $bytes = array_merge(unpack('C*', $b));
+ $n = 0;
+ foreach ($bytes as $byte) {
+ $n = bcmul($n, bcpow(2,8));
+ $n = bcadd($n, $byte);
+ }
+ return $n;
+}
+
+
+function new_assoc ( $expiration = null ) {
+ $old = session_id();
+ session_write_close();
+
+ session_start();
+ session_regenerate_id('false');
+
+ $new = session_id();
+ $shared_secret = new_secret();
+
+ $_SESSION = array();
+ $_SESSION['expiration'] = $expiration;
+ $_SESSION['shared_secret'] = base64_encode($shared_secret);
+ session_write_close();
+
+ session_id($old);
+ session_start();
+
+ return array($new, $shared_secret);
+}
+
+
+function new_secret () {
+ $r = '';
+ for($i=0; $i<20; $i++)
+ $r .= chr(mt_rand(0, 255));
+ debug("New secret >>>$r<<<\nsize = " . strlen($r));
+ return $r;
+}
+
+
+function random ( $max ) {
+ if (strlen($max) < 4)
+ return mt_rand(1, $max - 1);
+
+ $r = '';
+ for($i=1; $i<strlen($max) - 1; $i++)
+ $r .= mt_rand(0,9);
+ $r .= mt_rand(1,9);
+
+ return $r;
+}
+
+
+function secret ( $handle ) {
+ $len = strlen(session_id());
+ $regex = '/^\w{' . $len . '}$/';
+
+ debug("Get secret for '$handle', which must match '$regex'");
+
+ if (! preg_match($regex, $handle))
+ return array(false, 0);
+
+ $sid = session_id();
+ session_write_close();
+
+ session_id($handle);
+ session_start();
+
+ $secret = session_is_registered('shared_secret')
+ ? base64_decode($_SESSION['shared_secret'])
+ : false;
+
+ $expiration = session_is_registered('expiration')
+ ? $_SESSION['expiration']
+ : null;
+
+ session_write_close();
+
+ session_id($sid);
+ session_start();
+
+ debug("expires '$expiration'");
+ return array($secret, $expiration);
+}
+
+
+// Borrowed from PHP-OpenID; http://openidenabled.com
+function sha1_20 ($v) {
+ $hex = sha1($v);
+ $r = '';
+ for ($i = 0; $i < 40; $i += 2) {
+ $hexcode = substr($hex, $i, 2);
+ $charcode = (int)base_convert($hexcode, 16, 10);
+ $r .= chr($charcode);
+ }
+ return $r;
+}
+
+
+function wrap_html ( $message ) {
+ global $idp_url, $req_url;
+
+ header('Content-Type: text/html; charset=UTF-8');
+ echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html>
+<head>
+<title>phpMyID</title>
+<link rel="openid.server" href="' . $req_url . '" />
+<link rel="openid.delegate" href="' . $idp_url . '" />
+</head>
+<body>
+<p>' . $message . '</p>
+</body>
+</html>
+';
+
+ exit(0);
+}
+
+
+function wrap_kv ( $keys ) {
+ debug($keys);
+ header('Content-Type: text/plain; charset=UTF-8');
+ foreach ($keys as $key => $value)
+ printf("%s:%s\n", $key, $value);
+
+ exit(0);
+}
+
+
+function wrap_location ($url, $keys) {
+ $keys = append_openid($keys);
+ debug($keys);
+
+ $q = strpos($url, '?') ? '&' : '?';
+ header('Location: ' . $url . $q . http_build_query($keys));
+ debug('Location: ' . $url . $q . http_build_query($keys));
+ exit(0);
+}
+
+
+function wrap_refresh ($url) {
+ header('Content-Type: text/html; charset=UTF-8');
+ echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html>
+<head>
+<title>phpMyID</title>
+<meta http-equiv="refresh" content="0;url=' . $url . '">
+</head>
+<body>
+<p>Redirecting to <a href="' . $url . '">' . $url . '</a></p>
+</body>
+</html>
+';
+
+ exit(0);
+}
+
+
+function x_or ($a, $b) {
+ $r = "";
+
+ for ($i = 0; $i < strlen($b); $i++)
+ $r .= $a[$i] ^ $b[$i];
+ debug("Xor >>>$r<<< : " . strlen($r));
+ return $r;
+}
+
+
+
+/*
+ * App Initialization
+ */
+
+// Start the user session
+session_name('phpMyID_Server');
+session_set_cookie_params(0, dirname($_SERVER['PHP_SELF']), $profile['domain']);
+session_start();
+
+
+// Decide if the user is authenticated
+$user_authenticated = (isset($_SESSION['auth_username'])
+ && $_SESSION['auth_username'] == $profile['auth_username'])
+ ? true
+ : false;
+
+
+// Decide which runmode, based on user request or default
+$run_mode = (isset($_REQUEST['openid_mode'])
+ && in_array($_REQUEST['openid_mode'], $known['openid_modes']))
+ ? $_REQUEST['openid_mode']
+ : 'no';
+
+
+// Run in the determined runmode
+debug("mode: $run_mode " . time());
+debug($_REQUEST);
+eval($run_mode . '_mode();');
+?>
Added: plugins/branches/lifetype-1.1/openid/README.txt
===================================================================
--- plugins/branches/lifetype-1.1/openid/README.txt 2006-12-20 21:14:59 UTC (rev 4414)
+++ plugins/branches/lifetype-1.1/openid/README.txt 2006-12-23 06:54:46 UTC (rev 4415)
@@ -0,0 +1,20 @@
+[USAGES]:
+1. Upload: Upload all the extract files and directorys to $LifeType_Install_Dir/plugin/openid
+2. Move OpenID.php to $LifeType_Install_Dir
+3. Modify template: Use $openid->show() in header template file to allow the OpenID tags to be added..
+
+
+OpenID web site:
+http://www.openid.net/
+
+
+[EXAMPLE]:
+Add the following code in header.template, within the <head>, </head> tags:
+
+Code:
+
+<head>
+...
+{$openid->show()}
+</head>
+
Added: plugins/branches/lifetype-1.1/openid/class/action/pluginopenidconfigaction.class.php
===================================================================
--- plugins/branches/lifetype-1.1/openid/class/action/pluginopenidconfigaction.class.php 2006-12-20 21:14:59 UTC (rev 4414)
+++ plugins/branches/lifetype-1.1/openid/class/action/pluginopenidconfigaction.class.php 2006-12-23 06:54:46 UTC (rev 4415)
@@ -0,0 +1,26 @@
+<?php
+
+ include_once( PLOG_CLASS_PATH."class/action/admin/adminaction.class.php" );
+ include_once( PLOG_CLASS_PATH."plugins/openid/class/view/pluginopenidconfigview.class.php" );
+
+ /**
+ * shows a form with the current configuration
+ */
+ class PluginOpenidConfigAction extends AdminAction
+ {
+
+ function PluginOpenidConfigAction( $actionInfo, $request )
+ {
+ $this->AdminAction( $actionInfo, $request );
+ }
+
+ function perform()
+ {
+ $this->_view = new PluginOpenidConfigView( $this->_blogInfo );
+
+ $this->setCommonData();
+
+ return true;
+ }
+ }
+?>
\ No newline at end of file
Added: plugins/branches/lifetype-1.1/openid/class/action/pluginopenidupdateconfigaction.class.php
===================================================================
--- plugins/branches/lifetype-1.1/openid/class/action/pluginopenidupdateconfigaction.class.php 2006-12-20 21:14:59 UTC (rev 4414)
+++ plugins/branches/lifetype-1.1/openid/class/action/pluginopenidupdateconfigaction.class.php 2006-12-23 06:54:46 UTC (rev 4415)
@@ -0,0 +1,58 @@
+<?php
+
+ include_once( PLOG_CLASS_PATH."class/action/admin/adminaction.class.php" );
+ include_once( PLOG_CLASS_PATH."plugins/openid/class/view/pluginopenidconfigview.class.php" );
+
+ /**
+ * updates the plugin configuration
+ */
+ class PluginOpenidUpdateConfigAction extends AdminAction
+ {
+ var $_pluginEnabled;
+
+ function PluginOpenidUpdateConfigAction( $actionInfo, $request )
+ {
+ $this->AdminAction( $actionInfo, $request );
+ }
+
+ function validate()
+ {
+ $this->_pluginEnabled = $this->_request->getValue( "pluginEnabled" );
+ $this->_pluginEnabled = ($this->_pluginEnabled != "" );
+
+ return true;
+ }
+
+ function perform()
+ {
+ // update the plugin configurations to blog setting
+ $blogSettings = $this->_blogInfo->getSettings();
+ $blogSettings->setValue( "plugin_openid_enabled", $this->_pluginEnabled );
+ $this->_blogInfo->setSettings( $blogSettings );
+
+ // save the blogs settings
+ $blogs = new Blogs();
+ if( !$blogs->updateBlog( $this->_blogInfo )) {
+ $this->_view = new PluginOpenidConfigView( $this->_blogInfo );
+ $this->_view->setErrorMessage( $this->_locale->tr("error_updating_settings"));
+ $this->setCommonData();
+
+ return false;
+ }
+
+ // if everything went ok...
+ $this->_blogInfo->setSettings( $blogSettings );
+ $this->_session->setValue( "blogInfo", $this->_blogInfo );
+ $this->saveSession();
+
+ $this->_view = new PluginOpenidConfigView( $this->_blogInfo );
+ $this->_view->setSuccessMessage( $this->_locale->tr("openid_settings_saved_ok"));
+ $this->setCommonData();
+
+ // clear the cache
+ CacheControl::resetBlogCache( $this->_blogInfo->getId());
+
+ return true;
+ }
+ }
+?>
\ No newline at end of file
Added: plugins/branches/lifetype-1.1/openid/class/view/pluginopenidconfigview.class.php
===================================================================
--- plugins/branches/lifetype-1.1/openid/class/view/pluginopenidconfigview.class.php 2006-12-20 21:14:59 UTC (rev 4414)
+++ plugins/branches/lifetype-1.1/openid/class/view/pluginopenidconfigview.class.php 2006-12-23 06:54:46 UTC (rev 4415)
@@ -0,0 +1,28 @@
+<?php
+
+ include_once( PLOG_CLASS_PATH."class/view/admin/adminplugintemplatedview.class.php" );
+
+ /**
+ * implements the main view of the feed reader plugin
+ */
+ class PluginOpenidConfigView extends AdminPluginTemplatedView
+ {
+
+ function PluginOpenidConfigView( $blogInfo )
+ {
+ $this->AdminPluginTemplatedView( $blogInfo, "openid", "openid" );
+ }
+
+ function render()
+ {
+ // load some configuration settings
+ $blogSettings = $this->_blogInfo->getSettings();
+ $pluginEnabled = $blogSettings->getValue( "plugin_openid_enabled" );
+
+ // create a view and export the settings to the template
+ $this->setValue( "pluginEnabled", $pluginEnabled );
+
+ parent::render();
+ }
+ }
+?>
\ No newline at end of file
Added: plugins/branches/lifetype-1.1/openid/locale/locale_en_UK.php
===================================================================
--- plugins/branches/lifetype-1.1/openid/locale/locale_en_UK.php 2006-12-20 21:14:59 UTC (rev 4414)
+++ plugins/branches/lifetype-1.1/openid/locale/locale_en_UK.php 2006-12-23 06:54:46 UTC (rev 4415)
@@ -0,0 +1,15 @@
+<?php
+$messages["manageAppearancePlugins"] = "Appearance Management";
+$messages["openid"] = "OpenID";
+
+$messages["openid_plugin_enabled"] = "Enable this plugin";
+$messages["openid_plugin"] = "OpenID Plugin";
+$messages["detail"] = "Detail";
+$messages["openid_enable_help"] = "Enable this setting to allow this blogs users' credentials to be used for OpenID authentication.";
+
+
+$messages["openid_settings_saved_ok"] = "OpenID settings saved successfully!";
+
+$messages["label_configuration"] = "Configuration";
+$messages["label_enable"] = "Enable";
+?>
\ No newline at end of file
Added: plugins/branches/lifetype-1.1/openid/pluginopenid.class.php
===================================================================
--- plugins/branches/lifetype-1.1/openid/pluginopenid.class.php 2006-12-20 21:14:59 UTC (rev 4414)
+++ plugins/branches/lifetype-1.1/openid/pluginopenid.class.php 2006-12-23 06:54:46 UTC (rev 4415)
@@ -0,0 +1,80 @@
+<?php
+ /*
+ Copyright 2006 Paul Westbrook (paul at westbrooks.org)
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+ include_once( PLOG_CLASS_PATH."class/plugin/pluginbase.class.php" );
+ include_once( PLOG_CLASS_PATH."class/plugin/pluginmanager.class.php" );
+
+ class PluginOpenid extends PluginBase
+ {
+ var $pluginEnabled;
+
+ function PluginOpenid()
+ {
+ $this->PluginBase();
+
+ $this->id = "openid";
+ $this->author = "Paul Westbrook";
+ $this->desc = "Plugin to add OpenID support to LifeType.";
+
+ $this->locales = Array( "en_UK");
+
+ $this->init();
+ }
+
+ function init()
+ {
+ $this->registerAdminAction( "openidConfig", "PluginOpenidConfigAction" );
+ $this->registerAdminAction( "updateOpenidConfig", "PluginOpenidUpdateConfigAction" );
+
+ $menu =& Menu::getMenu();
+ if( !$menu->entryExists( "/menu/controlCenter/manageAppearancePlugins" ))
+ $this->addMenuEntry( "/menu/controlCenter", "manageAppearancePlugins", "", "", true, false );
+ $this->addMenuEntry( "/menu/controlCenter/manageAppearancePlugins", "openid", "?op=openidConfig", "" );
+ }
+
+ function register()
+ {
+ $blogSettings = $this->blogInfo->getSettings();
+ $this->pluginEnabled = $blogSettings->getValue( "plugin_openid_enabled" );
+ }
+
+ function isEnabled()
+ {
+ return $this->pluginEnabled;
+ }
+
+ function show()
+ {
+
+ $str = '';
+
+ if ($this->isEnabled())
+ {
+ $rg = $this->blogInfo->getBlogRequestGenerator();
+
+ $str .= '<link rel="openid.server" href="' . $rg->blogLink() . '/OpenID.php">';
+ $str .= "\n";
+ $str .= '<link rel="openid.delegate" href="' . $rg->blogLink() . '/OpenID.php">';
+ $str .= "\n";
+ }
+ return $str;
+ }
+ }
+?>
\ No newline at end of file
Added: plugins/branches/lifetype-1.1/openid/templates/openid.template
===================================================================
--- plugins/branches/lifetype-1.1/openid/templates/openid.template 2006-12-20 21:14:59 UTC (rev 4414)
+++ plugins/branches/lifetype-1.1/openid/templates/openid.template 2006-12-23 06:54:46 UTC (rev 4415)
@@ -0,0 +1,23 @@
+{include file="$admintemplatepath/header.template"}
+{include file="$admintemplatepath/navigation.template" showOpt=openid title=$locale->tr("openid_plugin")}
+<form name="openidPluginConfig" method="post">
+ <fieldset class="inputField">
+ <legend>{$locale->tr("label_configuration")}</legend>
+ {include file="$admintemplatepath/successmessage.template"}
+ {include file="$admintemplatepath/errormessage.template"}
+ <div class="field">
+ <label for="pluginEnabled">{$locale->tr("label_enable")}</label>
+ <div class="formHelp"> {$locale->tr("openid_enable_help")} </div>
+ <input class="checkbox" type="checkbox" name="pluginEnabled" id="pluginEnabled" {if $pluginEnabled} checked="checked" {/if} value="1" />{$locale->tr("openid_plugin_enabled")}
+ </div>
+
+ </fieldset>
+
+ <div class="buttons">
+ <input type="hidden" name="op" value="updateOpenidConfig" />
+ <input type="reset" name="{$locale->tr("reset")}" />
+ <input type="submit" name="{$locale->tr("update_settings")}" value="{$locale->tr("update")}" />
+ </div>
+</form>
+{include file="$admintemplatepath/footernavigation.template"}
+{include file="$admintemplatepath/footer.template"}
\ No newline at end of file
More information about the pLog-svn
mailing list