dolibarr 20.0.0
functions_openid.php
Go to the documentation of this file.
1<?php
2/* Copyright (C) 2007-2013 Laurent Destailleur <eldy@users.sourceforge.net>
3 * Copyright (C) 2007-2009 Regis Houssin <regis.houssin@inodbox.com>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 3 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <https://www.gnu.org/licenses/>.
17 */
18
28include_once DOL_DOCUMENT_ROOT.'/core/class/openid.class.php';
29
30
40function check_user_password_openid($usertotest, $passwordtotest, $entitytotest)
41{
42 global $db, $conf;
43
44 dol_syslog("functions_openid::check_user_password_openid usertotest=".$usertotest);
45
46 $login = '';
47
48 // Get identity from user and redirect browser to OpenID Server
49 if (GETPOSTISSET('username')) {
50 $openid = new SimpleOpenID();
51 $openid->SetIdentity(GETPOST('username'));
52 $protocol = ($conf->file->main_force_https ? 'https://' : 'http://');
53 $openid->SetTrustRoot($protocol.$_SERVER["HTTP_HOST"]);
54 $openid->SetRequiredFields(array('email', 'fullname'));
55 $_SESSION['dol_entity'] = GETPOSTINT("entity");
56 //$openid->SetOptionalFields(array('dob','gender','postcode','country','language','timezone'));
57 if ($openid->sendDiscoveryRequestToGetXRDS()) {
58 $openid->SetApprovedURL($protocol.$_SERVER["HTTP_HOST"].$_SERVER["SCRIPT_NAME"]); // Send Response from OpenID server to this script
59 $openid->Redirect(); // This will redirect user to OpenID Server
60 } else {
61 $_SESSION["dol_loginmesg"] = $openid->GetError();
62 return false;
63 }
64 return false;
65 } elseif (GETPOST('openid_mode') == 'id_res') {
66 // Perform HTTP Request to OpenID server to validate key
67 $openid = new SimpleOpenID();
68 $openid->SetIdentity(GETPOST('openid_identity'));
69 $openid_validation_result = $openid->validateWithServer();
70 if ($openid_validation_result === true) {
71 // OK HERE KEY IS VALID
72
73 $sql = "SELECT login, entity, datestartvalidity, dateendvalidity";
74 $sql .= " FROM ".MAIN_DB_PREFIX."user";
75 $sql .= " WHERE openid = '".$db->escape(GETPOST('openid_identity'))."'";
76 $sql .= " AND entity IN (0,".(!empty($_SESSION["dol_entity"]) ? ((int) $_SESSION["dol_entity"]) : 1).")";
77
78 dol_syslog("functions_openid::check_user_password_openid", LOG_DEBUG);
79 $resql = $db->query($sql);
80 if ($resql) {
81 $obj = $db->fetch_object($resql);
82 if ($obj) {
83 // Note: Test on date validity is done later natively with isNotIntoValidityDateRange() by core after calling checkLoginPassEntity() that call this method
84 $login = $obj->login;
85 }
86 }
87 } elseif ($openid->IsError() === true) {
88 // ON THE WAY, WE GOT SOME ERROR
89 $_SESSION["dol_loginmesg"] = $openid->GetError();
90 return false;
91 } else {
92 // Signature Verification Failed
93 //echo "INVALID AUTHORIZATION";
94 return false;
95 }
96 } elseif (GETPOST('openid_mode') == 'cancel') {
97 // User Canceled your Request
98 //echo "USER CANCELED REQUEST";
99 return false;
100 }
101
102 return $login;
103}
Class to manage OpenID.
GETPOSTINT($paramname, $method=0)
Return the value of a $_GET or $_POST supervariable, converted into integer.
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
check_user_password_openid($usertotest, $passwordtotest, $entitytotest)
Check validity of user/password/entity If test is ko, reason must be filled into $_SESSION["dol_login...