openid.php

简介：一款免费开源的内容管理系统(CMS)

<?php
/**
 * @version		$Id: openid.php 10497 2008-07-03 16:36:12Z ircmaxell $
 * @package		Joomla
 * @subpackage	JFramework
 * @copyright	Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved.
 * @license		GNU/GPL, see LICENSE.php
 * Joomla! is free software. This version may have been modified pursuant
 * to the GNU General Public License, and as distributed it includes or
 * is derivative of works licensed under the GNU General Public License or
 * other free or open source software licenses.
 * See COPYRIGHT.php for copyright notices and details.
 */

// Check to ensure this file is included in Joomla!
defined('_JEXEC') or die( 'Restricted access' );

jimport( 'joomla.plugin.plugin' );

/**
 * OpenID Authentication Plugin
 *
 * @author	Johan Janssens <johan.janssens@joomla.org>
 * @package		Joomla
 * @subpackage	openID
 * @since 1.5
 */

class plgAuthenticationOpenID extends JPlugin
{
	/**
	 * Constructor
	 *
	 * For php4 compatability we must not use the __constructor as a constructor for plugins
	 * because func_get_args ( void ) returns a copy of all passed arguments NOT references.
	 * This causes problems with cross-referencing necessary for the observer design pattern.
	 *
	 * @param 	object $subject The object to observe
	 * @param 	array  $config  An array that holds the plugin configuration
	 * @since 1.5
	 */
	function plgAuthenticationOpenID(& $subject, $config)
	{
		parent::__construct($subject, $config);
	}

	/**
	 * This method should handle any authentication and report back to the subject
	 *
	 * @access	public
	 * @param   array 	$credentials Array holding the user credentials
	 * @param 	array   $options     Array of extra options (return, entry_url)
	 * @param	object	$response	Authentication response object
	 * @return	boolean
	 * @since 1.5
	 */
	function onAuthenticate( $credentials, $options, &$response )
	{
		global $mainframe;

		if ( !defined('Auth_OpenID_RAND_SOURCE') ) {
			define ("Auth_OpenID_RAND_SOURCE", null);
		}

		require_once(JPATH_LIBRARIES.DS.'openid'.DS.'consumer.php');
		jimport('joomla.filesystem.folder');

		// Access the session data
		$session =& JFactory::getSession();

		// Need to check for bcmath or gmp - if not, use the dumb mode.
		// TODO: Should dump an error to debug saying we are dumb

		global $_Auth_OpenID_math_extensions;
		$ext = Auth_OpenID_detectMathLibrary($_Auth_OpenID_math_extensions);
		if (!isset($ext['extension']) || !isset($ext['class'])) {
			define ("Auth_OpenID_NO_MATH_SUPPORT", true);
		}

		// Create and/or start using the data store
		$store_path = JPATH_ROOT . '/tmp/_joomla_openid_store';
		if (!JFolder::exists($store_path) && !JFolder::create($store_path))
		{
			$response->type = JAUTHENTICATE_STATUS_FAILURE;
			$response->error_message = "Could not create the FileStore directory '$store_path'. " . " Please check the effective permissions.";
			return false;
		}

		// Create store object
		$store = new Auth_OpenID_FileStore($store_path);

		// Create a consumer object
		$consumer = new Auth_OpenID_Consumer($store);

		if (!isset($_SESSION['_openid_consumer_last_token']))
		{
			// Begin the OpenID authentication process.
			if(!$request = $consumer->begin($credentials['username']))
			{
				$response->type = JAUTHENTICATE_STATUS_FAILURE;
				$response->error_message = 'Authentication error : could not connect to the openid server';
				return false;
			}

			// Request simple registration information
			$request->addExtensionArg('sreg', 'required' , 'email');
			$request->addExtensionArg('sreg', 'optional', 'fullname, language, timezone');

			//Create the entry url
			$entry_url  = isset($options['entry_url'])  ? $options['entry_url'] : JURI::base();
			$entry_url  = JURI::getInstance($entry_url);

			unset($options['entry_url']); //We don't need this anymore

			//Create the url query information
			$options['return'] = isset($options['return']) ? base64_encode($options['return']) : base64_encode(JURI::base());
			$options[JUtility::getToken()] = 1;

			$process_url  = sprintf($entry_url->toString()."&username=%s", $credentials['username']);
			$process_url .= '&'.JURI::buildQuery($options);

			$trust_url    = $entry_url->toString(array('path', 'host', 'port', 'scheme'));
			$redirect_url = $request->redirectURL($trust_url, $process_url);

			$session->set('trust_url', $trust_url);

			// Redirect the user to the OpenID server for authentication.  Store
			// the token for this authentication so we can verify the response.
			$mainframe->redirect($redirect_url);

			return false;
		}

		$result = $consumer->complete(JRequest::get('get'));

		switch ($result->status)
		{
			case Auth_OpenID_SUCCESS :
			{
				$sreg = $result->extensionResponse('sreg');

				$response->status	      = JAUTHENTICATE_STATUS_SUCCESS;
				$response->error_message  = '';
				$response->email	= isset($sreg['email'])	? $sreg['email']	: "";
				$response->fullname	= isset($sreg['fullname']) ? $sreg['fullname'] : "";
				$response->language	= isset($sreg['language']) ? $sreg['language'] : "";
				$response->timezone	= isset($sreg['timezone']) ? $sreg['timezone'] : "";

			} break;

			case Auth_OpenID_CANCEL :
			{
				$response->status = JAUTHENTICATE_STATUS_CANCEL;
				$response->error_message = 'Authentication cancelled';
			} break;

			case Auth_OpenID_FAILURE :
			{
				$response->status = JAUTHENTICATE_STATUS_FAILURE;
				$response->error_message = 'Authentication failed';
			} break;
		}
	}
}