From d9bf22a0e29c2a70049443a0ae8521a2c0492c8b Mon Sep 17 00:00:00 2001 From: Cash Costello Date: Sun, 11 Dec 2011 06:38:23 -0500 Subject: initial commit for git repository --- return.php | 210 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 210 insertions(+) create mode 100644 return.php (limited to 'return.php') diff --git a/return.php b/return.php new file mode 100644 index 000000000..3d949b492 --- /dev/null +++ b/return.php @@ -0,0 +1,210 @@ +wwwroot.'mod/openid_client/return.php'; + +// TODO - handle passthru_url properly +// $dest = $query['destination']; +$response = $consumer->complete($return_url); + +if ($response->status == Auth_OpenID_CANCEL) { + register_error(elgg_echo("openid_client:authentication_cancelled")); +} else if ($response->status != Auth_OpenID_SUCCESS) { + register_error(sprintf(elgg_echo("openid_client:authentication_failed"),$response->status,$response->message) ); +} else { // SUCCESS. + $openid_url = $response->getDisplayIdentifier(); + + // Look for sreg data. + $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); + $sreg = $sreg_resp->contents(); + if ($sreg) { + $email = trim($sreg['email']); + $fullname = trim($sreg['fullname']); + //print ($email.' '.$fullname); + } + + $entities = get_entities_from_metadata('alias', $openid_url, 'user', 'openid'); + + if (!$entities || $entities[0]->active == 'no') { + if (!$entities) { + // this account does not exist + if (!$email || !validate_email_address($email)) { + // there is a problem with the email provided by the profile exchange, so generate a form to collect it + if ($user = openid_client_create_openid_user($openid_url,$email, $fullname, true)) { + $details = openid_client_create_invitation('a',$openid_url,$user->getGUID(),$email,$fullname); + $body = openid_client_generate_missing_data_form($openid_url,'',$fullname,true,$details); + } + $missing_data = true; + } elseif (!$fullname) { + // the name is missing + $email_confirmation = openid_client_check_email_confirmation($openid_url); + if ($email_confirmation) { + $prefix = 'a'; + } else { + $prefix = 'n'; + } + // create the account + if ($user = openid_client_create_openid_user($openid_url,$email, $fullname, $email_confirmation)) { + $details = openid_client_create_invitation($prefix,$openid_url,$user->getGUID(),$email,$fullname); + $body = openid_client_generate_missing_data_form($openid_url,$email,'',$email_confirmation,$details); + } + $missing_data = true; + } else { + // email address and name look good + + $login = false; + + // create a new account + + $email_confirmation = openid_client_check_email_confirmation($openid_url); + + $user = openid_client_create_openid_user($openid_url,$email, $fullname, $email_confirmation); + $missing_data = false; + } + } else { + // this is an inactive account + $user = $entities[0]; + + // need to figure out why the account is inactive + + $email_confirmation = openid_client_check_email_confirmation($openid_url); + + if ($user->email && $user->name) { + $missing_data = false; + // no missing information + if (!$email_confirmation) { + // OK, this is weird - no email confirmation required and all the information has been supplied + // this should not happen, so just go ahead and activate the account + $user->active = 'yes'; + $user->save(); + } + } else { + // missing information + $missing_data = true; + // does this person have an existing magic code? + if ($details = openid_client_get_invitation_by_username($user->alias)) { + $body = openid_client_generate_missing_data_form($openid_url,$user->email,$user->name,$email_confirmation,$details); + } else { + // create a new magic code + $details = openid_client_create_invitation('a',$openid_url,$user->getGUID(),$user->email,$user->name); + $body = openid_client_generate_missing_data_form($openid_url,$user->email,$user->name,$email_confirmation,$details); + } + } + } + if ($user && !$missing_data) { + + if ($email_confirmation) { + $i_code = openid_client_create_invitation('a',$openid_url,$user->guid,$email,$fullname); + openid_client_send_activate_confirmation_message($i_code); + system_message(sprintf(elgg_echo("openid_client:activate_confirmation"), $email)); + } else { + system_message(sprintf(elgg_echo("openid_client:created_openid_account"),$email, $fullname)); + $login = true; + } + } + + } else { + + $user = $entities[0]; + + // account is active, check to see if this user has been banned + + if (isset($user->banned) && $user->banned == 'yes') { // this needs to change. + register_error(elgg_echo("openid_client:banned")); + } else { + // user has not been banned + // check to see if email address has changed + if ($email && $email != $user->email && validate_email_address($email)) { + // the email on the OpenID server is not the same as the email registered on this local client system + $email_confirmation = openid_client_check_email_confirmation($openid_url); + if ($CONFIG->openid_client_always_sync == 'yes') { + // this client always forces client/server data syncs + if ($fullname) { + $user->name = $fullname; + } + if ($email_confirmation) { + // don't let this user in until the email address change is confirmed + $login = false; + $i_code = openid_client_create_invitation('c',$openid_url,$user->guid,$email,$fullname); + openid_client_send_change_confirmation_message($i_code); + system_message(sprintf(elgg_echo("openid_client:change_confirmation"), $email)); + } else { + $login = true; + if (openid_client_get_user_by_email($email)) { + register_error(elgg_echo("openid_client:email_in_use"),$email); + } else { + $user->email = $email; + system_message(sprintf(elgg_echo("openid_client:email_updated"),$email)); + } + } + } else { + $login = true; + if (!$store->getNoSyncStatus($user)) { + // the following conditions are true: + // the email address has changed on the server, + // this client does not *require* syncing with the server, + // but this user has not turned off syncing + // therefore the user needs to be offered the chance to sync his or her data + $body = openid_client_generate_sync_form($email,$fullname,$user,$email_confirmation); + } + } + } elseif ($fullname && $fullname != $user->name) { + // the fullname on the OpenID server is not the same as the name registered on this local client system + $login = true; + if ($CONFIG->openid_client_always_sync == 'yes') { + // this client always forces client/server data syncs + $user->name = $fullname; + } else { + if (!$store->getNoSyncStatus($user)) { + // the following conditions are true: + // the fullname has changed on the server, + // this client does not *require* syncing with the server, + // but this user has not turned off syncing + // therefore the user needs to be offered the chance to sync his or her data + $body = openid_client_generate_sync_form($email,$fullname,$user,false); + } + } + } else { + // nothing has changed or the data is null so let this person in + $login = true; + } + } + } + + if ($login) { + + $rememberme = get_input('remember',0); + if (!empty($rememberme)) { + login($user,true); + } else { + login($user); + } + } +} + +if(isset($body) && $body) { + + page_draw(elgg_echo('openid_client:information_title'),$body); + +} else { + forward(); +} -- cgit v1.2.3