1 <?php if (!defined('BASEPATH')) exit('No direct script access allowed');
7 * @see http://cakebaker.42dh.com/2007/01/11/cakephp-and-openid/
8 * & http://openidenabled.com/php-openid/
13 var $storePath = 'tmp';
15 var $sreg_enable = false;
16 var $sreg_required = null;
17 var $sreg_optional = null;
18 var $sreg_policy = null;
20 var $pape_enable = false;
21 var $pape_policy_uris = null;
29 $CI =& get_instance();
30 $CI->config->load('openid');
31 $this->storePath = $CI->config->item('openid_storepath');
36 log_message('debug', "OpenID Class Initialized");
39 function _doIncludes()
41 set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path());
43 require_once "Auth/OpenID/Consumer.php";
44 require_once "Auth/OpenID/FileStore.php";
45 require_once "Auth/OpenID/SReg.php";
46 require_once "Auth/OpenID/PAPE.php";
49 function set_sreg($enable, $required = null, $optional = null, $policy = null)
51 $this->sreg_enable = $enable;
52 $this->sreg_required = $required;
53 $this->sreg_optional = $optional;
54 $this->sreg_policy = $policy;
57 function set_pape($enable, $policy_uris = null)
59 $this->pape_enable = $enable;
60 $this->pape_policy_uris = $policy_uris;
63 function set_request_to($uri)
65 $this->request_to = $uri;
68 function set_trust_root($trust_root)
70 $this->trust_root = $trust_root;
73 function set_args($args)
75 $this->ext_args = $args;
78 function _set_message($error, $msg, $val = '', $sub = '%s')
80 $CI =& get_instance();
81 $CI->lang->load('openid', 'english');
82 echo str_replace($sub, $val, $CI->lang->line($msg));
90 function authenticate($openId)
92 $consumer = $this->_getConsumer();
93 $authRequest = $consumer->begin($openId);
95 // No auth request means we can't begin OpenID.
98 $this->_set_message(true,'openid_auth_error');
101 if ($this->sreg_enable)
103 $sreg_request = Auth_OpenID_SRegRequest::build($this->sreg_required, $this->sreg_optional, $this->sreg_policy);
107 $authRequest->addExtension($sreg_request);
111 $this->_set_message(true,'openid_sreg_failed');
115 if ($this->pape_enable)
117 $pape_request = new Auth_OpenID_PAPE_Request($this->pape_policy_uris);
121 $authRequest->addExtension($pape_request);
125 $this->_set_message(true,'openid_pape_failed');
129 if ($this->ext_args != null)
131 foreach ($this->ext_args as $extensionArgument)
133 if (count($extensionArgument) == 3)
135 $authRequest->addExtensionArg($extensionArgument[0], $extensionArgument[1], $extensionArgument[2]);
140 // Redirect the user to the OpenID server for authentication.
141 // Store the token for this authentication so we can verify the
144 // For OpenID 1, send a redirect. For OpenID 2, use a Javascript
145 // form to send a POST request to the server.
146 if ($authRequest->shouldSendRedirect())
148 $redirect_url = $authRequest->redirectURL($this->trust_root, $this->request_to);
150 // If the redirect URL can't be built, display an error
152 if (Auth_OpenID::isFailure($redirect_url))
154 $this->_set_message(true,'openid_redirect_failed', $redirect_url->message);
159 header("Location: ".$redirect_url);
164 // Generate form markup and render it.
165 $form_id = 'openid_message';
166 $form_html = $authRequest->formMarkup($this->trust_root, $this->request_to, false, array('id' => $form_id));
168 // Display an error if the form markup couldn't be generated;
169 // otherwise, render the HTML.
170 if (Auth_OpenID::isFailure($form_html))
172 $this->_set_message(true,'openid_redirect_failed', $form_html->message);
176 $page_contents = array(
177 "<html><head><title>",
178 "OpenID transaction in progress",
180 "<body onload='document.getElementById(\"".$form_id."\").submit()'>",
184 print implode("\n", $page_contents);
190 function getResponse()
192 $consumer = $this->_getConsumer();
193 $response = $consumer->complete($this->request_to);
198 function _getConsumer()
200 if (!file_exists($this->storePath) && !mkdir($this->storePath))
202 $this->_set_message(true,'openid_storepath_failed', $this->storePath);
205 $store = new Auth_OpenID_FileStore($this->storePath);
206 $consumer = new Auth_OpenID_Consumer($store);