| Nico Huber | ee52fbc | 2023-06-24 11:52:57 +0000 | [diff] [blame^] | 1 | <?php |
| 2 | /* |
| 3 | * SimpleID |
| 4 | * |
| 5 | * Copyright (C) Kelvin Mo 2007-8 |
| 6 | * |
| 7 | * Includes code Drupal OpenID module (http://drupal.org/project/openid) |
| 8 | * Rowan Kerr <rowan@standardinteractive.com> |
| 9 | * James Walker <james@bryght.com> |
| 10 | * |
| 11 | * Copyright (C) Rowan Kerr and James Walker |
| 12 | * |
| 13 | * This program is free software; you can redistribute it and/or |
| 14 | * modify it under the terms of the GNU General Public |
| 15 | * License as published by the Free Software Foundation; either |
| 16 | * version 2 of the License, or (at your option) any later version. |
| 17 | * |
| 18 | * This program is distributed in the hope that it will be useful, |
| 19 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 20 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| 21 | * General Public License for more details. |
| 22 | * |
| 23 | * You should have received a copy of the GNU General Public |
| 24 | * License along with this program; if not, write to the Free |
| 25 | * Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
| 26 | * |
| 27 | * $Id$ |
| 28 | */ |
| 29 | |
| 30 | /** |
| 31 | * Implements the Simple Registration extension. |
| 32 | * |
| 33 | * |
| 34 | * @package simpleid |
| 35 | * @subpackage extensions |
| 36 | * @filesource |
| 37 | */ |
| 38 | |
| 39 | /** Namespace for the Simple Registration extension */ |
| 40 | define('OPENID_NS_SREG', 'http://openid.net/extensions/sreg/1.1'); |
| 41 | |
| 42 | /** |
| 43 | * @see hook_response() |
| 44 | */ |
| 45 | function sreg_response($assertion, $request) { |
| 46 | global $user; |
| 47 | global $version; |
| 48 | |
| 49 | // We only deal with positive assertions |
| 50 | if (!$assertion) return array(); |
| 51 | |
| 52 | // We only respond if the extension is requested |
| 53 | if (!openid_extension_requested(OPENID_NS_SREG, $request)) return array(); |
| 54 | |
| 55 | $request = openid_extension_filter_request(OPENID_NS_SREG, $request); |
| 56 | $required = (isset($request['required'])) ? explode(',', $request['required']) : array(); |
| 57 | $optional = (isset($request['optional'])) ? explode(',', $request['optional']) : array(); |
| 58 | $fields = array_merge($required, $optional); |
| 59 | $alias = openid_extension_alias(OPENID_NS_SREG); |
| 60 | $response = array(); |
| 61 | |
| 62 | if ($version == OPENID_VERSION_2) $response['openid.ns.' . $alias] = OPENID_NS_SREG; |
| 63 | |
| 64 | foreach ($fields as $field) { |
| 65 | $value = _sreg_get_value($field); |
| 66 | |
| 67 | if ($value != NULL) $response['openid.' . $alias . '.' . $field] = $value; |
| 68 | } |
| 69 | |
| 70 | return $response; |
| 71 | } |
| 72 | |
| 73 | /** |
| 74 | * Returns an array of fields that need signing. |
| 75 | * |
| 76 | * @see hook_signed_fields() |
| 77 | */ |
| 78 | function sreg_signed_fields($response) { |
| 79 | // We only respond if the extension is requested |
| 80 | if (!openid_extension_requested(OPENID_NS_SREG, $response)) return array(); |
| 81 | |
| 82 | $fields = array_keys(openid_extension_filter_request(OPENID_NS_SREG, $response)); |
| 83 | $alias = openid_extension_alias(OPENID_NS_SREG); |
| 84 | $signed_fields = array(); |
| 85 | |
| 86 | if (isset($response['openid.ns.' . $alias])) $signed_fields[] = 'ns.' . $alias; |
| 87 | foreach ($fields as $field) { |
| 88 | if (isset($response['openid.' . $alias . '.' . $field])) $signed_fields[] = $alias . '.' . $field; |
| 89 | } |
| 90 | |
| 91 | return $signed_fields; |
| 92 | } |
| 93 | |
| 94 | /** |
| 95 | * @see hook_consent_form() |
| 96 | */ |
| 97 | function sreg_consent_form($request, $response, $rp) { |
| 98 | global $user; |
| 99 | |
| 100 | // We only respond if the extension is requested |
| 101 | if (!openid_extension_requested(OPENID_NS_SREG, $request)) return ''; |
| 102 | |
| 103 | $request = openid_extension_filter_request(OPENID_NS_SREG, $request); |
| 104 | $required = (isset($request['required'])) ? explode(',', $request['required']) : array(); |
| 105 | $optional = (isset($request['optional'])) ? explode(',', $request['optional']) : array(); |
| 106 | $fields = array_merge($required, $optional); |
| 107 | |
| 108 | if ((count($request)) && isset($user['sreg'])) { |
| 109 | $xtpl2 = new XTemplate('extensions/sreg/sreg.xtpl'); |
| 110 | |
| 111 | $xtpl2->assign('alias', openid_extension_alias(OPENID_NS_SREG)); |
| 112 | |
| 113 | if (isset($request['policy_url'])) { |
| 114 | $xtpl2->assign('policy', t('You can view the site\'s policy in relation to the use of this information at this URL: <a href="@url">@url</a>.', array('@url' => $request['policy_url']))); |
| 115 | } |
| 116 | |
| 117 | foreach ($fields as $field) { |
| 118 | $value = _sreg_get_value($field); |
| 119 | |
| 120 | if ($value != NULL) { |
| 121 | $xtpl2->assign('name', htmlspecialchars($field, ENT_QUOTES, 'UTF-8')); |
| 122 | $xtpl2->assign('value', htmlspecialchars($value, ENT_QUOTES, 'UTF-8')); |
| 123 | |
| 124 | $xtpl2->assign('checked', (in_array($field, $required) || !isset($rp['sreg_consents']) || in_array($field, $rp['sreg_consents'])) ? 'checked="checked"' : ''); |
| 125 | $xtpl2->assign('disabled', (in_array($field, $required)) ? 'disabled="disabled"' : ''); |
| 126 | if (in_array($field, $required)) $xtpl2->parse('form.sreg.required'); |
| 127 | |
| 128 | $xtpl2->parse('form.sreg'); |
| 129 | } |
| 130 | } |
| 131 | |
| 132 | $xtpl2->assign('sreg_data', t('SimpleID will also be sending the following registration information to the site.')); |
| 133 | $xtpl2->assign('name_label', t('Name')); |
| 134 | $xtpl2->assign('value_label', t('Value')); |
| 135 | |
| 136 | $xtpl2->parse('form'); |
| 137 | return $xtpl2->text('form'); |
| 138 | } |
| 139 | } |
| 140 | |
| 141 | /** |
| 142 | * @see hook_consent() |
| 143 | */ |
| 144 | function sreg_consent($form_request, &$response, &$rp) { |
| 145 | // We only respond if the extension is requested |
| 146 | if (!openid_extension_requested(OPENID_NS_SREG, $response)) return; |
| 147 | |
| 148 | $fields = array_keys(openid_extension_filter_request(OPENID_NS_SREG, $response)); |
| 149 | $alias = openid_extension_alias(OPENID_NS_SREG); |
| 150 | |
| 151 | foreach ($fields as $field) { |
| 152 | if (isset($response['openid.' . $alias . '.' . $field])) { |
| 153 | if (!in_array($field, $form_request['sreg_consents'])) { |
| 154 | unset($response['openid.' . $alias . '.' . $field]); |
| 155 | } |
| 156 | } |
| 157 | } |
| 158 | |
| 159 | if (count(array_keys(openid_extension_filter_request(OPENID_NS_SREG, $response))) == 0) { |
| 160 | // We have removed all the responses, so we remove the namespace as well |
| 161 | unset($response['openid.ns.' . $alias]); |
| 162 | } |
| 163 | |
| 164 | $rp['sreg_consents'] = $form_request['sreg_consents']; |
| 165 | } |
| 166 | |
| 167 | /** |
| 168 | * @see hook_page_profile() |
| 169 | */ |
| 170 | function sreg_page_profile() { |
| 171 | global $user; |
| 172 | $xtpl2 = new XTemplate('extensions/sreg/sreg.xtpl'); |
| 173 | |
| 174 | if (isset($user['sreg'])) { |
| 175 | foreach ($user['sreg'] as $name => $value) { |
| 176 | $xtpl2->assign('name', htmlspecialchars($name, ENT_QUOTES, 'UTF-8')); |
| 177 | $xtpl2->assign('value', htmlspecialchars($value, ENT_QUOTES, 'UTF-8')); |
| 178 | $xtpl2->parse('user_page.sreg'); |
| 179 | } |
| 180 | } |
| 181 | |
| 182 | $xtpl2->assign('sreg_data', t('SimpleID will send the following information to sites which supports the Simple Registration Extension.')); |
| 183 | $xtpl2->assign('connect_data', t('If you have also supplied OpenID Connect user information in your identity file, these may also be sent as part of this Extension.')); |
| 184 | $xtpl2->assign('edit_identity_file', t('To change these, <a href="!url">edit your identity file</a>.', array('!url' => 'http://simpleid.org/docs/1/identity-files/'))); |
| 185 | $xtpl2->assign('name_label', t('Name')); |
| 186 | $xtpl2->assign('value_label', t('Value')); |
| 187 | |
| 188 | $xtpl2->parse('user_page'); |
| 189 | |
| 190 | return array(array( |
| 191 | 'id' => 'sreg', |
| 192 | 'title' => t('Simple Registration Extension'), |
| 193 | 'content' => $xtpl2->text('user_page') |
| 194 | )); |
| 195 | } |
| 196 | |
| 197 | |
| 198 | /** |
| 199 | * Looks up the value of a specified Simple Registration Extension field. |
| 200 | * |
| 201 | * This function looks up the sreg section of the user's identity file. If the |
| 202 | * specified field cannot be found, it looks up the corresponding field in the |
| 203 | * OpenID Connect user information (user_info section). |
| 204 | * |
| 205 | * @param string $field the field to look up |
| 206 | * @return string the value or NULL if not found |
| 207 | */ |
| 208 | function _sreg_get_value($field) { |
| 209 | global $user; |
| 210 | |
| 211 | if (isset($user['sreg'][$field])) { |
| 212 | return $user['sreg'][$field]; |
| 213 | } else { |
| 214 | switch ($field) { |
| 215 | case 'nickname': |
| 216 | case 'email': |
| 217 | if (isset($user['user_info'][$field])) return $user['user_info'][$field]; |
| 218 | break; |
| 219 | case 'fullname': |
| 220 | if (isset($user['user_info']['name'])) return $user['user_info']['name']; |
| 221 | break; |
| 222 | case 'timezone': |
| 223 | if (isset($user['user_info']['zoneinfo'])) return $user['user_info']['zoneinfo']; |
| 224 | break; |
| 225 | case 'gender': |
| 226 | if (isset($user['user_info']['gender'])) return strtoupper(substr($user['user_info']['gender'], 0, 1)); |
| 227 | break; |
| 228 | case 'postcode': |
| 229 | if (isset($user['user_info']['address']['postal_code'])) return $user['user_info']['address']['postcal_code']; |
| 230 | break; |
| 231 | default: |
| 232 | return NULL; |
| 233 | } |
| 234 | return NULL; |
| 235 | } |
| 236 | } |
| 237 | |
| 238 | |
| 239 | |
| 240 | ?> |