3 /** External authentication via OpenID for FusionForge
4 * Copyright 2011, Roland Mas
5 * Copyright 2011, Olivier Berger & Institut Telecom
7 * This program was developped in the frame of the COCLICO project
8 * (http://www.coclico-project.org/) with financial support of the Paris
11 * This file is part of FusionForge. FusionForge is free software;
12 * you can redistribute it and/or modify it under the terms of the
13 * GNU General Public License as published by the Free Software
14 * Foundation; either version 2 of the Licence, or (at your option)
17 * FusionForge is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License along
23 * with FusionForge; if not, write to the Free Software Foundation, Inc.,
24 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
27 require_once '../../../www/env.inc.php';
28 require_once $gfcommon.'include/pre.php';
30 // from lightopenid (http://code.google.com/p/lightopenid/)
31 require_once 'openid.php';
33 session_require_login();
35 // get global users vars
36 $u = user_get_object(user_getid());
37 if (!$u || !is_object($u)) {
38 exit_error(_('Could Not Get User'));
39 } elseif ($u->isError()) {
40 exit_error($u->getErrorMessage(),'my');
43 $openid_identity = htmlspecialchars(trim(getStringFromRequest('openid_identity', 'http://')));
47 // initialize the OpenID lib handler which will read the posted args
48 $plugin->openid = new LightOpenID;
49 // check the 'openid_mode' that may be set on returning from OpenID provider
50 if($plugin->openid->mode) {
52 // or we are called back by the OpenID provider
53 if($plugin->openid->mode == 'cancel') {
54 $warning_msg .= _('User has canceled authentication. Identity not added.');
57 // Authentication should have been attempted by OpenID provider
58 if ($plugin->openid->validate()) {
59 // If user successfully logged in to OpenID provider
60 $res = db_query_params('INSERT INTO plugin_authopenid_user_identities (user_id, openid_identity) VALUES ($1,$2)',
62 $plugin->openid->identity)) ;
63 if (!$res || db_affected_rows($res) < 1) {
64 $error_msg = sprintf(_('Cannot insert new identity: %s'),
67 $feedback = _('Identity successfully added');
68 $openid_identity = 'http://';
73 } catch(ErrorException $e) {
74 $error_msg = 'OpenID error: '. $e->getMessage();
78 // called to add a new identity
79 if (getStringFromRequest('addidentity') != '') {
80 if ($openid_identity == '' || $openid_identity == 'http://') {
81 $error_msg = _('Error: Missing URL for the new identity');
82 } elseif (!util_check_url($openid_identity)) {
83 $error_msg = _('Error: Malformed URL (only http, https and ftp allowed)');
85 $res = db_query_params('SELECT openid_identity FROM plugin_authopenid_user_identities WHERE openid_identity =$1',
86 array($openid_identity));
87 if ($res && db_numrows($res) > 0) {
88 $error_msg = _('Error: identity already used by a forge user.');
91 // TODO : redirect and check that the identity is authorized for the user
94 // initialize the OpenID lib handler which will read the posted args
95 $plugin->openid = new LightOpenID;
96 // check the 'openid_mode' that may be set on returning from OpenID provider
98 $plugin->openid->identity = htmlspecialchars_decode($openid_identity);
99 session_redirect_external($plugin->openid->authUrl());
101 } catch(ErrorException $e) {
102 $error_msg = 'OpenID error: '. $e->getMessage();
107 } elseif (getStringFromRequest('delete') != '') {
108 $openid_identity = urldecode(htmlspecialchars_decode($openid_identity));
110 print_r($openid_identity);
111 $res = db_query_params('DELETE FROM plugin_authopenid_user_identities WHERE user_id=$1 AND openid_identity=$2',
112 array($u->getID(), $openid_identity));
113 if (!$res || db_affected_rows($res) < 1) {
114 $error_msg = sprintf(_('Cannot delete identity: %s'), db_error());
117 $feedback = _('Identity successfully deleted');
118 $openid_identity = 'http://';
122 $title = sprintf(_('Manage OpenID identities for user %s'), $u->getUnixName());
123 site_user_header(array('title'=>$title));
125 echo $HTML->boxTop(_('My OpenID identities'));
128 <h2><?php echo _('Add new identity'); ?></h2>
130 <p><?php echo _('You can add your own OpenID identities in the form below.') ?></p>
132 <form name="new_identity" action="<?php echo util_make_uri ('/plugins/authopenid/'); ?>" method="post">
134 <legend><?php echo _('Add new identity'); ?></legend>
136 <input type="hidden" name="user_id" value="<?php echo $u->getID() ?>" />
137 <input type="hidden" name="addidentity" value="1" />
138 <strong><?php echo _('OpenID identity URL:') ?></strong><?php echo utils_requiredField(); ?>
140 <input type="text" size="150" name="openid_identity" value="<?php echo $openid_identity ?>" /><br />
143 <input type="submit" value="<?php echo _('Add identity') ?>" />
149 echo $HTML->listTableTop(array(_('Identity'), ''));
151 $res = db_query_params('SELECT openid_identity FROM plugin_authopenid_user_identities WHERE user_id =$1',
156 while ($row = db_fetch_array($res)) {
157 $openid_identity = $row['openid_identity'];
159 echo '<tr '.$HTML->boxGetAltRowStyle($i).'>';
160 echo '<td>'. $openid_identity .'</td>';
161 echo '<td><a href="'.util_make_uri ('/plugins/authopenid/').'?openid_identity='. urlencode($openid_identity) .'&delete=1">delete</a></td>';
167 echo $HTML->listTableBottom();
169 echo $HTML->boxBottom();
171 site_user_footer(array());
175 // c-file-style: "bsd"