[smarcet]- Refs #4578 - OpenId - Server Core Logic - Authentication Workflow
This commit is contained in:
parent
d1e6d73f8f
commit
e278608a15
File diff suppressed because it is too large
Load Diff
|
@ -114,7 +114,6 @@ return array(
|
|||
'Illuminate\View\ViewServiceProvider',
|
||||
'Illuminate\Workbench\WorkbenchServiceProvider',
|
||||
'openid\OpenIdServiceProvider',
|
||||
'repositories\RepositoriesServiceProvider',
|
||||
'auth\AuthenticationServiceProvider',
|
||||
'services\ServicesProvider',
|
||||
'strategies\OpenIdResponseStrategyProvider'
|
||||
|
|
|
@ -46,11 +46,6 @@ return array(
|
|||
|
||||
'connections' => array(
|
||||
|
||||
'sqlite' => array(
|
||||
'driver' => 'sqlite',
|
||||
'database' => __DIR__.'/../database/production.sqlite',
|
||||
'prefix' => '',
|
||||
),
|
||||
|
||||
'mysql' => array(
|
||||
'driver' => 'mysql',
|
||||
|
@ -63,25 +58,17 @@ return array(
|
|||
'prefix' => '',
|
||||
),
|
||||
|
||||
'pgsql' => array(
|
||||
'driver' => 'pgsql',
|
||||
'host' => 'localhost',
|
||||
'database' => 'database',
|
||||
'username' => 'root',
|
||||
'password' => '',
|
||||
'charset' => 'utf8',
|
||||
'prefix' => '',
|
||||
'schema' => 'public',
|
||||
),
|
||||
|
||||
'sqlsrv' => array(
|
||||
'driver' => 'sqlsrv',
|
||||
'host' => 'localhost',
|
||||
'database' => 'database',
|
||||
'username' => 'root',
|
||||
'password' => '',
|
||||
'prefix' => '',
|
||||
),
|
||||
'mysql_external' => array(
|
||||
'driver' => 'mysql',
|
||||
'host' => 'localhost',
|
||||
'database' => 'database',
|
||||
'username' => 'root',
|
||||
'password' => '',
|
||||
'charset' => 'utf8',
|
||||
'collation' => 'utf8_unicode_ci',
|
||||
'prefix' => '',
|
||||
),
|
||||
|
||||
),
|
||||
|
||||
|
|
|
@ -54,7 +54,17 @@ return array(
|
|||
'charset' => 'utf8',
|
||||
'collation' => 'utf8_unicode_ci',
|
||||
'prefix' => '',
|
||||
)
|
||||
),
|
||||
'mysql_external' => array(
|
||||
'driver' => 'mysql',
|
||||
'host' => 'localhost',
|
||||
'database' => '506635_oslive',
|
||||
'username' => 'root',
|
||||
'password' => 'Koguryo@1981',
|
||||
'charset' => 'utf8',
|
||||
'collation' => 'utf8_unicode_ci',
|
||||
'prefix' => '',
|
||||
),
|
||||
),
|
||||
|
||||
/*
|
||||
|
|
|
@ -26,7 +26,7 @@ return array(
|
|||
|
|
||||
*/
|
||||
|
||||
'default' => 'sqlite',
|
||||
'default' => 'mysql',
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
|
@ -45,10 +45,28 @@ return array(
|
|||
*/
|
||||
|
||||
'connections' => array(
|
||||
'sqlite' => array(
|
||||
'driver' => 'sqlite',
|
||||
'database' => ':memory:',
|
||||
'prefix' => '',
|
||||
|
||||
'mysql' => array(
|
||||
'driver' => 'mysql',
|
||||
'host' => 'localhost',
|
||||
'database' => 'openstackid_openid',
|
||||
'username' => 'root',
|
||||
'password' => 'Koguryo@1981',
|
||||
'charset' => 'utf8',
|
||||
'collation' => 'utf8_unicode_ci',
|
||||
'prefix' => '',
|
||||
),
|
||||
|
||||
|
||||
'mysql_external' => array(
|
||||
'driver' => 'mysql',
|
||||
'host' => 'localhost',
|
||||
'database' => '506635_oslive',
|
||||
'username' => 'root',
|
||||
'password' => 'Koguryo@1981',
|
||||
'charset' => 'utf8',
|
||||
'collation' => 'utf8_unicode_ci',
|
||||
'prefix' => '',
|
||||
),
|
||||
),
|
||||
|
||||
|
|
|
@ -15,7 +15,6 @@ use openid\services\IMementoOpenIdRequestService;
|
|||
|
||||
class OpenIdProviderController extends BaseController
|
||||
{
|
||||
|
||||
private $openid_protocol;
|
||||
private $memento_service;
|
||||
|
||||
|
@ -25,7 +24,6 @@ class OpenIdProviderController extends BaseController
|
|||
$this->memento_service = $memento_service;
|
||||
}
|
||||
|
||||
|
||||
public function op_endpoint()
|
||||
{
|
||||
$msg = $this->memento_service->getCurrentRequest();
|
||||
|
|
|
@ -72,6 +72,10 @@ class UserController extends BaseController{
|
|||
}
|
||||
|
||||
public function postConsent(){
|
||||
return Redirect::to('/accounts/openid/v2');
|
||||
$trust_action = input::get("trust");
|
||||
if(!is_null($trust_action) && is_array($trust_action)){
|
||||
$this->auth_service->setUserAuthorizationResponse($trust_action[0]);
|
||||
return Redirect::to('/accounts/openid/v2');
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,40 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by JetBrains PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/18/13
|
||||
* Time: 11:31 AM
|
||||
* To change this template use File | Settings | File Templates.
|
||||
*/
|
||||
|
||||
namespace auth;
|
||||
use Zend\Crypt\Hash;
|
||||
|
||||
class AuthHelper {
|
||||
|
||||
private static $algorithms = array(
|
||||
"none"=>"none",
|
||||
"md5"=>"md5",
|
||||
"sha1"=>"sha1",
|
||||
"md5_v2.4"=>"md5",
|
||||
"sha1_v2.4"=>"sha1",
|
||||
);
|
||||
/**
|
||||
* @param $password user password
|
||||
* @param $salt password salt
|
||||
* @param string $algorithm Name of selected hashing algorithm (i.e. "md5", "sha256", "haval160,4", etc..)
|
||||
*/
|
||||
public static function encrypt_password($password, $salt, $algorithm="sha1"){
|
||||
if(!isset(self::$algorithms[$algorithm]))
|
||||
throw new \Exception(sprintf("non supported algorithm %s",$algorithm));
|
||||
if($algorithm!='none')
|
||||
return Hash::compute(self::$algorithms[$algorithm],$password.$salt);
|
||||
return $password;
|
||||
}
|
||||
|
||||
public static function compare($hash1, $hash2) {
|
||||
// Due to flawed base_convert() floating poing precision,
|
||||
// only the first 10 characters are consistently useful for comparisons.
|
||||
return (substr($hash1, 0, 10) === substr($hash2, 0, 10));
|
||||
}
|
||||
}
|
|
@ -50,6 +50,13 @@ class AuthService implements IAuthService {
|
|||
*/
|
||||
public function getUserAuthorizationResponse()
|
||||
{
|
||||
return Session::get("openid.authorization.response");
|
||||
if(Session::has("openid.authorization.response"))
|
||||
return Session::get("openid.authorization.response");
|
||||
return IAuthService::AuthorizationResponse_None;
|
||||
}
|
||||
|
||||
public function setUserAuthorizationResponse($auth_response){
|
||||
//todo : check valid response
|
||||
Session::set("openid.authorization.response",$auth_response);
|
||||
}
|
||||
}
|
|
@ -9,11 +9,13 @@
|
|||
|
||||
namespace auth;
|
||||
use Illuminate\Support\ServiceProvider;
|
||||
use openid\services\Registry;
|
||||
|
||||
class AuthenticationServiceProvider extends ServiceProvider {
|
||||
|
||||
public function register()
|
||||
{
|
||||
$this->app->singleton('openid\\services\\IAuthService','auth\\AuthService');
|
||||
Registry::getInstance()->set("openid\\services\\IAuthService",$this->app->make("openid\\services\\IAuthService"));
|
||||
}
|
||||
}
|
|
@ -10,6 +10,9 @@ namespace auth;
|
|||
|
||||
use Illuminate\Auth\UserInterface;
|
||||
use Illuminate\Auth\UserProviderInterface;
|
||||
use auth\exceptions\AuthenticationException;
|
||||
use \Member;
|
||||
use \Zend\Crypt\Hash;
|
||||
|
||||
class CustomAuthProvider implements UserProviderInterface{
|
||||
|
||||
|
@ -30,6 +33,12 @@ class CustomAuthProvider implements UserProviderInterface{
|
|||
*/
|
||||
public function retrieveById($identifier)
|
||||
{
|
||||
$user = OpenIdUser::where('external_id', '=', $identifier)->first();
|
||||
$member = Member::where('Email', '=', $identifier)->first();
|
||||
if(!is_null($member) && !is_null($user)){
|
||||
$user->setMember($member);
|
||||
return $user;
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
|
@ -41,8 +50,24 @@ class CustomAuthProvider implements UserProviderInterface{
|
|||
*/
|
||||
public function retrieveByCredentials(array $credentials)
|
||||
{
|
||||
$username = $credentials['username'];
|
||||
if(!isset($credentials['username']) || !isset($credentials['password']))
|
||||
throw new AuthenticationException("invalid crendentials");
|
||||
$identifier = $credentials['username'];
|
||||
$password = $credentials['password'];
|
||||
$user = OpenIdUser::where('external_id', '=', $identifier)->first();
|
||||
$member = Member::where('Email', '=', $identifier)->first();
|
||||
if(!is_null($member) && $member->checkPassword($password)){
|
||||
if(is_null($user)){
|
||||
//create user
|
||||
$user = new OpenIdUser();
|
||||
$user->external_id = $member->Email;
|
||||
$user->active = true;
|
||||
$user->identifier = Hash::compute("sha1",$user->external_id);
|
||||
$user->Save();
|
||||
}
|
||||
$user->setMember($member);
|
||||
return $user;
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
|
@ -55,8 +80,11 @@ class CustomAuthProvider implements UserProviderInterface{
|
|||
*/
|
||||
public function validateCredentials(UserInterface $user, array $credentials)
|
||||
{
|
||||
$username = $credentials['username'];
|
||||
if(!isset($credentials['username']) || !isset($credentials['password']))
|
||||
throw new AuthenticationException("invalid crendentials");
|
||||
$identifier = $credentials['username'];
|
||||
$password = $credentials['password'];
|
||||
return null;
|
||||
$member = Member::where('Email', '=', $identifier)->first();
|
||||
return $member->checkPassword($password);
|
||||
}
|
||||
}
|
|
@ -12,8 +12,15 @@ namespace auth;
|
|||
use Illuminate\Auth\UserInterface;
|
||||
use openid\model\IOpenIdUser;
|
||||
|
||||
class OpenIdUser extends Eloquent implements UserInterface , IOpenIdUser{
|
||||
|
||||
class OpenIdUser extends \Eloquent implements UserInterface , IOpenIdUser{
|
||||
|
||||
protected $table = 'openid_users';
|
||||
private $member;
|
||||
|
||||
public function setMember($member){
|
||||
$this->member=$member;
|
||||
}
|
||||
/**
|
||||
* Get the unique identifier for the user.
|
||||
*
|
||||
|
@ -21,7 +28,10 @@ class OpenIdUser extends Eloquent implements UserInterface , IOpenIdUser{
|
|||
*/
|
||||
public function getAuthIdentifier()
|
||||
{
|
||||
// TODO: Implement getAuthIdentifier() method.
|
||||
if(is_null($this->member)){
|
||||
$this->member = Member::where('Email', '=', $this->external_id)->first();
|
||||
}
|
||||
return $this->external_id;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -31,61 +41,88 @@ class OpenIdUser extends Eloquent implements UserInterface , IOpenIdUser{
|
|||
*/
|
||||
public function getAuthPassword()
|
||||
{
|
||||
// TODO: Implement getAuthPassword() method.
|
||||
if(is_null($this->member)){
|
||||
$this->member = Member::where('Email', '=', $this->external_id)->first();
|
||||
}
|
||||
return $this->member->Password;
|
||||
}
|
||||
|
||||
public function getIdentifier()
|
||||
{
|
||||
// TODO: Implement getIdentifier() method.
|
||||
if(is_null($this->member)){
|
||||
$this->member = Member::where('Email', '=', $this->external_id)->first();
|
||||
}
|
||||
return $this->identifier;
|
||||
}
|
||||
|
||||
public function getEmail()
|
||||
{
|
||||
// TODO: Implement getEmail() method.
|
||||
$this->external_id;
|
||||
}
|
||||
|
||||
public function getFirstName()
|
||||
{
|
||||
// TODO: Implement getFirstName() method.
|
||||
if(is_null($this->member)){
|
||||
$this->member = Member::where('Email', '=', $this->external_id)->first();
|
||||
}
|
||||
return $this->member->FirstName;
|
||||
}
|
||||
|
||||
public function getLastName()
|
||||
{
|
||||
// TODO: Implement getLastName() method.
|
||||
if(is_null($this->member)){
|
||||
$this->member = Member::where('Email', '=', $this->external_id)->first();
|
||||
}
|
||||
return $this->member->Surname;
|
||||
}
|
||||
|
||||
public function getFullName()
|
||||
{
|
||||
// TODO: Implement getFullName() method.
|
||||
return $this->getFirstName()." ". $this->getLastName();
|
||||
}
|
||||
|
||||
public function getNickName()
|
||||
{
|
||||
// TODO: Implement getNickName() method.
|
||||
return $this->getFullName;
|
||||
}
|
||||
|
||||
public function getGender()
|
||||
{
|
||||
// TODO: Implement getGender() method.
|
||||
if(is_null($this->member)){
|
||||
$this->member = Member::where('Email', '=', $this->external_id)->first();
|
||||
}
|
||||
return "";
|
||||
}
|
||||
|
||||
public function getCountry()
|
||||
{
|
||||
// TODO: Implement getCountry() method.
|
||||
if(is_null($this->member)){
|
||||
$this->member = Member::where('Email', '=', $this->external_id)->first();
|
||||
}
|
||||
return $this->member->Country;
|
||||
}
|
||||
|
||||
public function getLanguage()
|
||||
{
|
||||
// TODO: Implement getLanguage() method.
|
||||
if(is_null($this->member)){
|
||||
$this->member = Member::where('Email', '=', $this->external_id)->first();
|
||||
}
|
||||
return $this->member->Locale;
|
||||
}
|
||||
|
||||
public function getTimeZone()
|
||||
{
|
||||
// TODO: Implement getTimeZone() method.
|
||||
if(is_null($this->member)){
|
||||
$this->member = Member::where('Email', '=', $this->external_id)->first();
|
||||
}
|
||||
return "";
|
||||
}
|
||||
|
||||
public function getDateOfBirth()
|
||||
{
|
||||
// TODO: Implement getDateOfBirth() method.
|
||||
if(is_null($this->member)){
|
||||
$this->member = Member::where('Email', '=', $this->external_id)->first();
|
||||
}
|
||||
return "";
|
||||
}
|
||||
}
|
|
@ -0,0 +1,21 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by JetBrains PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/18/13
|
||||
* Time: 12:06 PM
|
||||
* To change this template use File | Settings | File Templates.
|
||||
*/
|
||||
|
||||
namespace auth\exceptions;
|
||||
|
||||
use \Exception;
|
||||
|
||||
class AuthenticationException extends Exception{
|
||||
|
||||
public function __construct($message = "") {
|
||||
$message = "AuthenticationException : ".$message;
|
||||
parent::__construct($message, 0 , null);
|
||||
}
|
||||
|
||||
}
|
|
@ -15,8 +15,6 @@ use openid\handlers\OpenIdAuthenticationRequestHandler;
|
|||
use openid\handlers\OpenIdSessionAssociationRequestHandler;
|
||||
use openid\handlers\OpenIdCheckAuthenticationRequestHandler;
|
||||
|
||||
use openid\repositories\IServerExtensionsRepository;
|
||||
use openid\repositories\IServerConfigurationRepository;
|
||||
use openid\XRDS\XRDSService;
|
||||
use openid\XRDS\XRDSDocumentBuilder;
|
||||
use openid\IOpenIdProtocol;
|
||||
|
@ -99,16 +97,12 @@ class OpenIdProtocol implements IOpenIdProtocol {
|
|||
}
|
||||
|
||||
public static function param($param, $separator='.'){
|
||||
return Self::OpenIdPrefix.$separator.self::$protocol_definition[$param];
|
||||
return self::OpenIdPrefix.$separator.self::$protocol_definition[$param];
|
||||
}
|
||||
|
||||
private $server_extension_repository;
|
||||
private $server_configuration;
|
||||
private $request_handlers;
|
||||
|
||||
public function __construct(IServerConfigurationRepository $server_configuration,IServerExtensionsRepository $server_extension_repository){
|
||||
$this->server_extension_repository = $server_extension_repository;
|
||||
$this->server_configuration = $server_configuration;
|
||||
public function __construct(){
|
||||
//create chain of responsibility
|
||||
$auth_service = \App::make("openid\\services\\IAuthService");
|
||||
$memento_request_service = \App::make("openid\\services\\IMementoOpenIdRequestService");
|
||||
|
@ -116,9 +110,10 @@ class OpenIdProtocol implements IOpenIdProtocol {
|
|||
$server_extension_service = \App::make("openid\\services\\IServerExtensionsService");
|
||||
$association_service = \App::make("openid\\services\\IAssociationService");
|
||||
$trusted_sites_service = \App::make("openid\\services\\ITrustedSitesService");
|
||||
$server_config_service = \App::make("openid\\services\\IServerConfigurationService");
|
||||
|
||||
$successor = new OpenIdSessionAssociationRequestHandler(new OpenIdCheckAuthenticationRequestHandler(null));
|
||||
$this->request_handlers = new OpenIdAuthenticationRequestHandler($auth_service,$memento_request_service,$auth_strategy,$server_extension_service,$association_service,$trusted_sites_service,$successor);
|
||||
$this->request_handlers = new OpenIdAuthenticationRequestHandler($auth_service,$memento_request_service,$auth_strategy,$server_extension_service,$association_service,$trusted_sites_service,$server_config_service,$successor);
|
||||
}
|
||||
|
||||
public function getXRDSDiscovery(){
|
||||
|
|
|
@ -0,0 +1,20 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by JetBrains PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/18/13
|
||||
* Time: 1:50 PM
|
||||
* To change this template use File | Settings | File Templates.
|
||||
*/
|
||||
|
||||
namespace openid\exceptions;
|
||||
use \Exception;
|
||||
|
||||
class OpenIdCrytoException extends Exception{
|
||||
|
||||
public function __construct($message = "") {
|
||||
$message = "OpenIdCrytoException : ".$message;
|
||||
parent::__construct($message, 0 , null);
|
||||
}
|
||||
|
||||
}
|
|
@ -1,21 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by JetBrains PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/16/13
|
||||
* Time: 2:29 PM
|
||||
* To change this template use File | Settings | File Templates.
|
||||
*/
|
||||
|
||||
namespace openid\extensions;
|
||||
|
||||
use openid\requests\OpenIdRequest;
|
||||
use openid\requests\contexts\RequestContext;
|
||||
use openid\responses\OpenIdResponse;
|
||||
use openid\responses\contexts\ResponseContext;
|
||||
|
||||
interface IOpenIdExtension {
|
||||
|
||||
public function apply(OpenIdRequest $request,RequestContext $context);
|
||||
public function transform(OpenIdRequest $request,OpenIdResponse $response ,ResponseContext $context);
|
||||
}
|
|
@ -0,0 +1,36 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by JetBrains PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/16/13
|
||||
* Time: 2:29 PM
|
||||
* To change this template use File | Settings | File Templates.
|
||||
*/
|
||||
|
||||
namespace openid\extensions;
|
||||
|
||||
use openid\requests\OpenIdRequest;
|
||||
use openid\requests\contexts\RequestContext;
|
||||
use openid\responses\OpenIdResponse;
|
||||
use openid\responses\contexts\ResponseContext;
|
||||
|
||||
abstract class OpenIdExtension {
|
||||
protected $namespace;
|
||||
protected $name;
|
||||
protected $description;
|
||||
|
||||
public function __construct($name,$namespace,$description){
|
||||
$this->namespace=$namespace;
|
||||
$this->name=$name;
|
||||
$this->description = $description;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param OpenIdRequest $request
|
||||
* @param RequestContext $context
|
||||
* @return mixed
|
||||
* @throws InvalidOpenIdMessageException
|
||||
*/
|
||||
abstract public function parseRequest(OpenIdRequest $request,RequestContext $context);
|
||||
abstract public function prepareResponse(OpenIdRequest $request,OpenIdResponse $response ,ResponseContext $context);
|
||||
}
|
|
@ -10,21 +10,140 @@
|
|||
namespace openid\extensions\implementations;
|
||||
|
||||
|
||||
use openid\extensions\IOpenIdExtension;
|
||||
use openid\extensions\OpenIdExtension;
|
||||
use openid\OpenIdProtocol;
|
||||
use openid\requests\contexts\RequestContext;
|
||||
use openid\requests\OpenIdRequest;
|
||||
use openid\responses\contexts\ResponseContext;
|
||||
use openid\responses\OpenIdResponse;
|
||||
use openid\services\Registry;
|
||||
use openid\OpenIdMessage;
|
||||
|
||||
class OpenIdAXExtension implements IOpenIdExtension {
|
||||
class OpenIdAXRequest extends OpenIdRequest
|
||||
{
|
||||
|
||||
public function apply(OpenIdRequest $request, RequestContext $context)
|
||||
private $attributes;
|
||||
|
||||
public function __construct(OpenIdMessage $message)
|
||||
{
|
||||
// TODO: Implement apply() method.
|
||||
parent::__construct($message);
|
||||
$this->attributes = array();
|
||||
}
|
||||
|
||||
public function transform(OpenIdRequest $request, OpenIdResponse $response, ResponseContext $context)
|
||||
/**
|
||||
* @return bool
|
||||
* @throws InvalidOpenIdMessageException
|
||||
*/
|
||||
public function IsValid()
|
||||
{
|
||||
// TODO: Implement transform() method.
|
||||
|
||||
//check identifier
|
||||
if (
|
||||
isset($this->message[OpenIdProtocol::OpenIdPrefix . "_" . OpenIdProtocol::OpenIDProtocol_NS . "_" . OpenIdAXExtension::Prefix])
|
||||
&& $this->message[OpenIdProtocol::OpenIdPrefix . "_" . OpenIdProtocol::OpenIDProtocol_NS . "_" . OpenIdAXExtension::Prefix] == OpenIdAXExtension::NamespaceUrl
|
||||
) {
|
||||
|
||||
//check required fields
|
||||
|
||||
if (!isset($this->message[OpenIdProtocol::OpenIdPrefix . "_" . OpenIdAXExtension::Prefix . "_" . OpenIdAXExtension::Mode])
|
||||
|| $this->message[OpenIdProtocol::OpenIdPrefix . "_" . OpenIdAXExtension::Prefix . "_" . OpenIdAXExtension::Mode] != OpenIdAXExtension::FetchRequest
|
||||
)
|
||||
throw new InvalidOpenIdMessageException("AX: not set or invalid mode mode");
|
||||
|
||||
if (isset($this->message[OpenIdProtocol::OpenIdPrefix . "_" . OpenIdAXExtension::Prefix . "_" . OpenIdAXExtension::RequiredAttributes]))
|
||||
throw new InvalidOpenIdMessageException("AX: not set required attributes!");
|
||||
|
||||
$attributes = $this->message[OpenIdProtocol::OpenIdPrefix . "_" . OpenIdAXExtension::Prefix . "_" . OpenIdAXExtension::RequiredAttributes];
|
||||
$attributes = explode(",", $attributes);
|
||||
foreach ($attributes as $attr) {
|
||||
$attr = trim($attr);
|
||||
if (!isset(OpenIdAXExtension::$available_properties[$attr]))
|
||||
throw new InvalidOpenIdMessageException(sprintf("AX: invalid attribute requested %s", $attr));
|
||||
if (!isset($this->message[OpenIdProtocol::OpenIdPrefix . "_" . self::Prefix . "_" . self::Type . "_" . $attr]))
|
||||
throw new InvalidOpenIdMessageException(sprintf("AX: invalid ns for attribute %s", $attr));
|
||||
$ns = $this->message[OpenIdProtocol::OpenIdPrefix . "_" . self::Prefix . "_" . self::Type . "_" . $attr];
|
||||
if ($ns != OpenIdAXExtension::$available_properties[$attr])
|
||||
throw new InvalidOpenIdMessageException(sprintf("AX: invalid ns for attribute %s", $attr));
|
||||
array_push($this->$attributes, $attr);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
|
||||
}
|
||||
|
||||
public function getRequiredAttributes()
|
||||
{
|
||||
return $this->attributes;
|
||||
}
|
||||
}
|
||||
|
||||
class OpenIdAXExtension extends OpenIdExtension
|
||||
{
|
||||
public static $available_properties;
|
||||
const Prefix = "ax";
|
||||
const NamespaceUrl = "http://openid.net/srv/ax/1.0";
|
||||
const RequiredAttributes = "required";
|
||||
const Mode = "mode";
|
||||
const Country = "country";
|
||||
const Email = "email";
|
||||
const FirstMame = "firstname";
|
||||
const Language = "language";
|
||||
const LastName = "lastname";
|
||||
const Type = "type";
|
||||
const Value = "value";
|
||||
const FetchResponse = "fetch_response";
|
||||
const FetchRequest = "fetch_request";
|
||||
|
||||
public function __construct($name, $namespace, $description)
|
||||
{
|
||||
parent::__construct($name, $namespace, $description);
|
||||
self::$available_properties[OpenIdAXExtension::Country] = "http://axschema.org/contact/country/home";
|
||||
self::$available_properties[OpenIdAXExtension::Email] = "http://axschema.org/contact/email";
|
||||
self::$available_properties[OpenIdAXExtension::FirstMame] = "http://axschema.org/namePerson/first";
|
||||
self::$available_properties[OpenIdAXExtension::LastName] = "http://axschema.org/pref/language";
|
||||
self::$available_properties[OpenIdAXExtension::Language] = "http://axschema.org/pref/language";
|
||||
}
|
||||
|
||||
|
||||
public function parseRequest(OpenIdRequest $request, RequestContext $context)
|
||||
{
|
||||
$ax_request = new OpenIdAXRequest($request->getMessage());
|
||||
if (!$ax_request->IsValid()) return;
|
||||
//todo : build sub view ....
|
||||
}
|
||||
|
||||
public function prepareResponse(OpenIdRequest $request, OpenIdResponse $response, ResponseContext $context)
|
||||
{
|
||||
$ax_request = new OpenIdAXRequest($request->getMessage());
|
||||
if (!$ax_request->IsValid()) return;
|
||||
$response->addParam(OpenIdProtocol::OpenIdPrefix . "." . OpenIdProtocol::OpenIDProtocol_NS . "." . self::Prefix, self::NamespaceUrl);
|
||||
$response->addParam(OpenIdProtocol::OpenIdPrefix . "." . self::Prefix . "." . self::Mode, self::FetchResponse);
|
||||
$context->addSignParam(OpenIdProtocol::OpenIdPrefix . "." . self::Prefix . "." . self::Mode);
|
||||
$attributes = $ax_request->getRequiredAttributes();
|
||||
$auth_service = Registry::getInstance()->get("openid\\services\\IAuthService");
|
||||
$user = $auth_service->getCurrentUser();
|
||||
foreach ($attributes as $attr) {
|
||||
$response->addParam(OpenIdProtocol::OpenIdPrefix . "." . self::Prefix . "." . self::Type . "." . $attr, self::$available_properties[$attr]);
|
||||
$context->addSignParam(OpenIdProtocol::OpenIdPrefix . "." . self::Prefix . "." . self::Type . "." . $attr);
|
||||
$context->addSignParam(OpenIdProtocol::OpenIdPrefix . "." . self::Prefix . "." . self::Value . "." . $attr);
|
||||
if ($attr == "email") {
|
||||
$response->addParam(OpenIdProtocol::OpenIdPrefix . "." . self::Prefix . "." . self::Value . "." . $attr, $user->getEmail());
|
||||
}
|
||||
if ($attr == "country") {
|
||||
$response->addParam(OpenIdProtocol::OpenIdPrefix . "." . self::Prefix . "." . self::Value . "." . $attr, $user->getCountry());
|
||||
}
|
||||
if ($attr == "firstname") {
|
||||
$response->addParam(OpenIdProtocol::OpenIdPrefix . "." . self::Prefix . "." . self::Value . "." . $attr, $user->getFirstName());
|
||||
}
|
||||
if ($attr == "lastname") {
|
||||
$response->addParam(OpenIdProtocol::OpenIdPrefix . "." . self::Prefix . "." . self::Value . "." . $attr, $user->getLastName());
|
||||
}
|
||||
if ($attr == "language") {
|
||||
$response->addParam(OpenIdProtocol::OpenIdPrefix . "." . self::Prefix . "." . self::Value . "." . $attr, $user->getLanguage());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
}
|
|
@ -8,21 +8,26 @@
|
|||
*/
|
||||
|
||||
namespace openid\extensions\implementations;
|
||||
use openid\extensions\IOpenIdExtension;
|
||||
use openid\extensions\OpenIdExtension;
|
||||
use openid\requests\contexts\RequestContext;
|
||||
use openid\requests\OpenIdRequest;
|
||||
use openid\responses\contexts\ResponseContext;
|
||||
use openid\responses\OpenIdResponse;
|
||||
|
||||
class OpenIdOAuthExtension implements IOpenIdExtension {
|
||||
class OpenIdOAuthExtension extends OpenIdExtension {
|
||||
|
||||
public function apply(OpenIdRequest $request, RequestContext $context)
|
||||
protected function populateProperties()
|
||||
{
|
||||
// TODO: Implement apply() method.
|
||||
// TODO: Implement populateProperties() method.
|
||||
}
|
||||
|
||||
public function transform(OpenIdRequest $request, OpenIdResponse $response, ResponseContext $context)
|
||||
public function parseRequest(OpenIdRequest $request, RequestContext $context)
|
||||
{
|
||||
// TODO: Implement transform() method.
|
||||
// TODO: Implement parseRequest() method.
|
||||
}
|
||||
|
||||
public function prepareResponse(OpenIdRequest $request, OpenIdResponse $response, ResponseContext $context)
|
||||
{
|
||||
// TODO: Implement prepareResponse() method.
|
||||
}
|
||||
}
|
|
@ -8,21 +8,27 @@
|
|||
*/
|
||||
|
||||
namespace openid\extensions\implementations;
|
||||
use openid\extensions\IOpenIdExtension;
|
||||
use openid\extensions\OpenIdExtension;
|
||||
use openid\requests\contexts\RequestContext;
|
||||
use openid\requests\OpenIdRequest;
|
||||
use openid\responses\contexts\ResponseContext;
|
||||
use openid\responses\OpenIdResponse;
|
||||
|
||||
class OpenIdPAPEExtension implements IOpenIdExtension {
|
||||
class OpenIdPAPEExtension extends OpenIdExtension {
|
||||
|
||||
public function apply(OpenIdRequest $request, RequestContext $context)
|
||||
|
||||
protected function populateProperties()
|
||||
{
|
||||
// TODO: Implement apply() method.
|
||||
// TODO: Implement populateProperties() method.
|
||||
}
|
||||
|
||||
public function transform(OpenIdRequest $request, OpenIdResponse $response, ResponseContext $context)
|
||||
public function parseRequest(OpenIdRequest $request, RequestContext $context)
|
||||
{
|
||||
// TODO: Implement transform() method.
|
||||
// TODO: Implement parseRequest() method.
|
||||
}
|
||||
|
||||
public function prepareResponse(OpenIdRequest $request, OpenIdResponse $response, ResponseContext $context)
|
||||
{
|
||||
// TODO: Implement prepareResponse() method.
|
||||
}
|
||||
}
|
|
@ -8,22 +8,26 @@
|
|||
*/
|
||||
|
||||
namespace openid\extensions\implementations;
|
||||
use openid\extensions\IOpenIdExtension;
|
||||
use openid\extensions\OpenIdExtension;
|
||||
use openid\requests\contexts\RequestContext;
|
||||
use openid\requests\OpenIdRequest;
|
||||
use openid\responses\contexts\ResponseContext;
|
||||
use openid\responses\OpenIdResponse;
|
||||
|
||||
class OpenIdSREGExtension implements IOpenIdExtension
|
||||
class OpenIdSREGExtension extends OpenIdExtension
|
||||
{
|
||||
|
||||
public function apply(OpenIdRequest $request, RequestContext $context)
|
||||
protected function populateProperties()
|
||||
{
|
||||
// TODO: Implement apply() method.
|
||||
// TODO: Implement populateProperties() method.
|
||||
}
|
||||
|
||||
public function transform(OpenIdRequest $request, OpenIdResponse $response, ResponseContext $context)
|
||||
public function parseRequest(OpenIdRequest $request, RequestContext $context)
|
||||
{
|
||||
// TODO: Implement transform() method.
|
||||
// TODO: Implement parseRequest() method.
|
||||
}
|
||||
|
||||
public function prepareResponse(OpenIdRequest $request, OpenIdResponse $response, ResponseContext $context)
|
||||
{
|
||||
// TODO: Implement prepareResponse() method.
|
||||
}
|
||||
}
|
|
@ -30,6 +30,7 @@ use openid\model\IAssociation;
|
|||
use openid\responses\OpenIdPositiveAssertionResponse;
|
||||
use openid\services\IServerConfigurationService;
|
||||
use openid\helpers\OpenIdSignatureBuilder;
|
||||
use openid\exceptions\InvalidOpenIdMessageException;
|
||||
|
||||
/**
|
||||
* Class OpenIdAuthenticationRequestHandler
|
||||
|
@ -56,144 +57,156 @@ class OpenIdAuthenticationRequestHandler extends OpenIdMessageHandler
|
|||
{
|
||||
parent::__construct($successor);
|
||||
|
||||
$this->authService = $authService;
|
||||
$this->mementoRequestService = $mementoRequestService;
|
||||
$this->auth_strategy = $auth_strategy;
|
||||
$this->server_extensions_service = $server_extensions_service;
|
||||
$this->association_service = $association_service;
|
||||
$this->trusted_sites_service = $trusted_sites_service;
|
||||
$this->authService = $authService;
|
||||
$this->mementoRequestService = $mementoRequestService;
|
||||
$this->auth_strategy = $auth_strategy;
|
||||
$this->server_extensions_service = $server_extensions_service;
|
||||
$this->association_service = $association_service;
|
||||
$this->trusted_sites_service = $trusted_sites_service;
|
||||
$this->server_configuration_service = $server_configuration_service;
|
||||
}
|
||||
|
||||
|
||||
private function doAssertion(OpenIdAuthenticationRequest $request,$extensions){
|
||||
private function doAssertion(OpenIdAuthenticationRequest $request, $extensions)
|
||||
{
|
||||
|
||||
$currentUser = $this->authService->getCurrentUser();
|
||||
$context = new ResponseContext;
|
||||
|
||||
//initial signature params
|
||||
$context->addSignParam(OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_OpEndpoint));
|
||||
$context->addSignParam(OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo));
|
||||
$context->addSignParam(OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Nonce));
|
||||
$context->addSignParam(OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_AssocHandle));
|
||||
$context->addSignParam(OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ClaimedId));
|
||||
$context->addSignParam(OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Identity));
|
||||
|
||||
$op_endpoint = $this->server_configuration_service->getOPEndpointURL();
|
||||
$identity = $currentUser->getIdentifier();
|
||||
$response = new OpenIdPositiveAssertionResponse($op_endpoint,$identity,$identity,$request->getReturnTo());
|
||||
foreach($extensions as $ext){
|
||||
$ext->transform($request,$response,$context);
|
||||
$response = new OpenIdPositiveAssertionResponse($op_endpoint, $identity, $identity, $request->getReturnTo());
|
||||
foreach ($extensions as $ext) {
|
||||
$ext->prepareResponse($request, $response, $context);
|
||||
}
|
||||
//check former assoc handle...
|
||||
$assoc_handle = $request->getAssocHandle();
|
||||
$association = $this->association_service->getAssociation($assoc_handle);
|
||||
if(empty($assoc_handle) || is_null($association)){
|
||||
if (empty($assoc_handle) || is_null($association)) {
|
||||
// if not present or if it already void then enter on dumb mode
|
||||
$new_secret = OpenIdCryptoHelper::generateSecret(OpenIdProtocol::SignatureAlgorithmHMAC_SHA256);
|
||||
$new_handle = uniqid();
|
||||
//todo: get from somewhere?
|
||||
$lifetime = 120;
|
||||
$issued = gmdate("Y-m-d H:i:s", time());
|
||||
$this->association_service->addAssociation($new_handle,$new_secret,$lifetime,$issued,IAssociation::TypePrivate);
|
||||
$lifetime = $this->server_configuration_service->getPrivateAssociationLifetime();
|
||||
$issued = gmdate("Y-m-d H:i:s", time());
|
||||
$this->association_service->addAssociation($new_handle, $new_secret,OpenIdProtocol::SignatureAlgorithmHMAC_SHA256,$lifetime, $issued,IAssociation::TypePrivate);
|
||||
$response->setAssocHandle($new_handle);
|
||||
if(!empty($assoc_handle)){
|
||||
if (!empty($assoc_handle)) {
|
||||
$response->setInvalidateHandle($assoc_handle);
|
||||
}
|
||||
$association = $this->association_service->getAssociation($new_handle);
|
||||
}
|
||||
else{
|
||||
} else {
|
||||
$response->setAssocHandle($assoc_handle);
|
||||
}
|
||||
OpenIdSignatureBuilder::build($context,$association->getMacFunction(),$association->getSecret(),$response);
|
||||
OpenIdSignatureBuilder::build($context, $association->getMacFunction(), $association->getSecret(), $response);
|
||||
return $response;
|
||||
}
|
||||
|
||||
protected function InternalHandle(OpenIdMessage $message)
|
||||
{
|
||||
$request = new OpenIdAuthenticationRequest($message);
|
||||
$extensions = $this->server_extensions_service->getAllActiveExtensions();
|
||||
$context = new RequestContext;
|
||||
$mode = $request->getMode();
|
||||
switch($mode){
|
||||
case OpenIdProtocol::SetupMode:
|
||||
{
|
||||
if(!$this->authService->isUserLogged()){
|
||||
//do login process
|
||||
$context->setStage(RequestContext::StageLogin);
|
||||
foreach($extensions as $ext){
|
||||
$ext->apply($request,$context);
|
||||
}
|
||||
$this->mementoRequestService->saveCurrentRequest();
|
||||
return $this->auth_strategy->doLogin($request,$context);
|
||||
}
|
||||
else {
|
||||
//user already logged
|
||||
$currentUser = $this->authService->getCurrentUser();
|
||||
$site = $this->trusted_sites_service->getTrustedSite($currentUser,$request->getTrustedRoot());
|
||||
$authorization_response = $this->authService->getUserAuthorizationResponse();
|
||||
if($authorization_response == IAuthService::AuthorizationResponse_None){
|
||||
if(is_null($site)){
|
||||
//do consent process
|
||||
$this->mementoRequestService->saveCurrentRequest();
|
||||
$context->setStage(RequestContext::StageConsent);
|
||||
foreach($extensions as $ext){
|
||||
$ext->apply($request,$context);
|
||||
try
|
||||
{
|
||||
$request = new OpenIdAuthenticationRequest($message);
|
||||
$extensions = $this->server_extensions_service->getAllActiveExtensions();
|
||||
$context = new RequestContext;
|
||||
$mode = $request->getMode();
|
||||
switch ($mode) {
|
||||
case OpenIdProtocol::SetupMode:
|
||||
{
|
||||
if (!$this->authService->isUserLogged()) {
|
||||
//do login process
|
||||
$context->setStage(RequestContext::StageLogin);
|
||||
foreach ($extensions as $ext) {
|
||||
$ext->parseRequest($request, $context);
|
||||
}
|
||||
$this->mementoRequestService->saveCurrentRequest();
|
||||
return $this->auth_strategy->doLogin($request, $context);
|
||||
} else {
|
||||
//user already logged
|
||||
$currentUser = $this->authService->getCurrentUser();
|
||||
$site = $this->trusted_sites_service->getTrustedSite($currentUser, $request->getTrustedRoot());
|
||||
$authorization_response = $this->authService->getUserAuthorizationResponse();
|
||||
if ($authorization_response == IAuthService::AuthorizationResponse_None) {
|
||||
if (is_null($site)) {
|
||||
//do consent process
|
||||
$this->mementoRequestService->saveCurrentRequest();
|
||||
$context->setStage(RequestContext::StageConsent);
|
||||
foreach ($extensions as $ext) {
|
||||
$ext->parseRequest($request, $context);
|
||||
}
|
||||
return $this->auth_strategy->doConsent($request, $context);
|
||||
} else {
|
||||
$policy = $site->getAuthorizationPolicy();
|
||||
switch ($policy) {
|
||||
case IAuthService::AuthorizationResponse_AllowForever:
|
||||
return $this->doAssertion($request, $extensions);
|
||||
break;
|
||||
case IAuthService::AuthorizationResponse_DenyForever:
|
||||
// black listed site
|
||||
return new OpenIdIndirectGenericErrorResponse(sprintf(OpenIdErrorMessages::RealmNotAllowedByUserMessage, $site->getRealm()));
|
||||
break;
|
||||
default:
|
||||
throw new \Exception("Invalid Realm Policy");
|
||||
break;
|
||||
}
|
||||
}
|
||||
} else {
|
||||
// check response
|
||||
switch ($authorization_response) {
|
||||
case IAuthService::AuthorizationResponse_AllowForever:
|
||||
$this->trusted_sites_service->addTrustedSite($currentUser, $request->getTrustedRoot(), IAuthService::AuthorizationResponse_AllowForever);
|
||||
return $this->doAssertion($request, $extensions);
|
||||
break;
|
||||
case IAuthService::AuthorizationResponse_AllowOnce:
|
||||
return $this->doAssertion($request, $extensions);
|
||||
break;
|
||||
case IAuthService::AuthorizationResponse_DenyOnce:
|
||||
return new OpenIdNonImmediateNegativeAssertion;
|
||||
break;
|
||||
case IAuthService::AuthorizationResponse_DenyForever:
|
||||
$this->trusted_sites_service->addTrustedSite($currentUser, $request->getTrustedRoot(), IAuthService::AuthorizationResponse_DenyForever);
|
||||
return new OpenIdNonImmediateNegativeAssertion;
|
||||
break;
|
||||
default:
|
||||
throw new \Exception("Invalid Authorization response!");
|
||||
break;
|
||||
}
|
||||
$this->auth_strategy->doConsent($request,$context);
|
||||
}
|
||||
else{
|
||||
$policy = $site->getAuthorizationPolicy();
|
||||
switch($policy){
|
||||
case IAuthService::AuthorizationResponse_AllowForever:
|
||||
return $this->doAssertion($request,$extensions);
|
||||
break;
|
||||
case IAuthService::AuthorizationResponse_DenyForever:
|
||||
// black listed site
|
||||
return new OpenIdIndirectGenericErrorResponse(sprintf(OpenIdErrorMessages::RealmNotAllowedByUserMessage,$site->getRealm()));
|
||||
break;
|
||||
default:
|
||||
throw new \Exception("Invalid Realm Policy");
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
else {
|
||||
// check response
|
||||
switch ($authorization_response){
|
||||
case IAuthService::AuthorizationResponse_AllowForever:
|
||||
$this->trusted_sites_service->addTrustedSite($currentUser,$request->getTrustedRoot(),IAuthService::AuthorizationResponse_AllowForever);
|
||||
return $this->doAssertion($request,$extensions);
|
||||
break;
|
||||
case IAuthService::AuthorizationResponse_AllowOnce:
|
||||
return $this->doAssertion($request,$extensions);
|
||||
break;
|
||||
case IAuthService::AuthorizationResponse_DenyOnce:
|
||||
return new OpenIdNonImmediateNegativeAssertion;
|
||||
break;
|
||||
case IAuthService::AuthorizationResponse_DenyForever:
|
||||
$this->trusted_sites_service->addTrustedSite($currentUser,$request->getTrustedRoot(),IAuthService::AuthorizationResponse_DenyForever);
|
||||
return new OpenIdNonImmediateNegativeAssertion;
|
||||
break;
|
||||
default:
|
||||
throw new \Exception("Invalid Authorization response!");
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
break;
|
||||
case OpenIdProtocol::ImmediateMode:
|
||||
{
|
||||
if (!$this->authService->isUserLogged()) {
|
||||
return new OpenIdImmediateNegativeAssertion;
|
||||
}
|
||||
$currentUser = $this->authService->getCurrentUser();
|
||||
$site = $this->trusted_sites_service->getTrustedSite($currentUser, $request->getTrustedRoot());
|
||||
if (is_null($site)) {
|
||||
return new OpenIdImmediateNegativeAssertion;
|
||||
}
|
||||
$policy = $site->getAuthorizationPolicy();
|
||||
if ($policy == IAuthService::AuthorizationResponse_DenyForever) {
|
||||
// black listed site
|
||||
return new OpenIdIndirectGenericErrorResponse(sprintf(OpenIdErrorMessages::RealmNotAllowedByUserMessage, $site->getRealm()));
|
||||
}
|
||||
return $this->doAssertion($request, $extensions);
|
||||
}
|
||||
break;
|
||||
default:
|
||||
throw new InvalidOpenIdAuthenticationRequestMode;
|
||||
break;
|
||||
}
|
||||
break;
|
||||
case OpenIdProtocol::ImmediateMode:
|
||||
{
|
||||
if(!$this->authService->isUserLogged()){
|
||||
return new OpenIdImmediateNegativeAssertion;
|
||||
}
|
||||
$currentUser = $this->authService->getCurrentUser();
|
||||
$site = $this->trusted_sites_service->getTrustedSite($currentUser,$request->getTrustedRoot());
|
||||
if(is_null($site)){
|
||||
return new OpenIdImmediateNegativeAssertion;
|
||||
}
|
||||
$policy = $site->getAuthorizationPolicy();
|
||||
if($policy == IAuthService::AuthorizationResponse_DenyForever){
|
||||
// black listed site
|
||||
return new OpenIdIndirectGenericErrorResponse(sprintf(OpenIdErrorMessages::RealmNotAllowedByUserMessage,$site->getRealm()));
|
||||
}
|
||||
return $this->doAssertion($request,$extensions);
|
||||
}
|
||||
break;
|
||||
default:
|
||||
throw new InvalidOpenIdAuthenticationRequestMode;
|
||||
break;
|
||||
}
|
||||
catch (InvalidOpenIdMessageException $ex) {
|
||||
return new OpenIdIndirectGenericErrorResponse($ex->getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -10,10 +10,16 @@
|
|||
namespace openid\helpers;
|
||||
use openid\OpenIdProtocol;
|
||||
use Zend\Math\Rand;
|
||||
use openid\exceptions\OpenIdCrytoException;
|
||||
|
||||
class OpenIdCryptoHelper
|
||||
{
|
||||
|
||||
private static $signature_algorithms= array(
|
||||
OpenIdProtocol::SignatureAlgorithmHMAC_SHA1 => "sha1",
|
||||
OpenIdProtocol::SignatureAlgorithmHMAC_SHA256 => "sha256",
|
||||
);
|
||||
|
||||
public static function generateSecret($func)
|
||||
{
|
||||
if ($func == OpenIdProtocol::SignatureAlgorithmHMAC_SHA1) {
|
||||
|
@ -23,7 +29,8 @@ class OpenIdCryptoHelper
|
|||
} else {
|
||||
return false;
|
||||
}
|
||||
return self::randomBytes($macLen);
|
||||
$bytes = self::randomBytes($macLen);
|
||||
return base64_encode($bytes);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -34,11 +41,22 @@ class OpenIdCryptoHelper
|
|||
*/
|
||||
static public function randomBytes($len)
|
||||
{
|
||||
Rand::getBytes($len,true);
|
||||
return Rand::getBytes($len,true);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param $macFunc
|
||||
* @param $data
|
||||
* @param $secret
|
||||
* @return string
|
||||
* @throws \openid\exceptions\OpenIdCrytoException
|
||||
*/
|
||||
static public function computeHMAC($macFunc, $data, $secret)
|
||||
{
|
||||
if(!isset(self::$signature_algorithms[$macFunc]))
|
||||
throw new OpenIdCrytoException(sprintf("Invalid mac function %s",$macFunc));
|
||||
$macFunc = self::$signature_algorithms[$macFunc];
|
||||
|
||||
if (function_exists('hash_hmac')) {
|
||||
return hash_hmac($macFunc, $data, $secret, 1);
|
||||
} else {
|
||||
|
|
|
@ -13,14 +13,21 @@ use openid\responses\OpenIdPositiveAssertionResponse;
|
|||
|
||||
class OpenIdSignatureBuilder {
|
||||
|
||||
/**
|
||||
* @param ResponseContext $context
|
||||
* @param $macAlg
|
||||
* @param $secret
|
||||
* @param OpenIdPositiveAssertionResponse $response
|
||||
*/
|
||||
public static function build(ResponseContext $context,$macAlg,$secret,OpenIdPositiveAssertionResponse &$response){
|
||||
//do signing ...
|
||||
$signed = '';
|
||||
$data = '';
|
||||
$params = $context->getSignParams();
|
||||
|
||||
foreach($params as $key => $val){
|
||||
foreach($params as $key){
|
||||
if (strpos($key, 'openid.') === 0) {
|
||||
$val = $response[$key];
|
||||
$key = substr($key, strlen('openid.'));
|
||||
if (!empty($signed)) {
|
||||
$signed .= ',';
|
||||
|
|
|
@ -1,15 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by JetBrains PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/14/13
|
||||
* Time: 4:16 PM
|
||||
* To change this template use File | Settings | File Templates.
|
||||
*/
|
||||
|
||||
namespace openid\repositories;
|
||||
|
||||
|
||||
interface IServerConfigurationRepository {
|
||||
public function getOPEndpointURL();
|
||||
}
|
|
@ -1,18 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by JetBrains PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/14/13
|
||||
* Time: 4:12 PM
|
||||
* To change this template use File | Settings | File Templates.
|
||||
*/
|
||||
|
||||
namespace openid\repositories;
|
||||
|
||||
|
||||
interface IServerExtensionsRepository {
|
||||
/**
|
||||
* @return array of IOpenIdExtension
|
||||
*/
|
||||
public function getAllActiveExtensions();
|
||||
}
|
|
@ -44,10 +44,10 @@ class OpenIdAuthenticationRequest extends OpenIdRequest{
|
|||
|
||||
|
||||
public function getTrustedRoot() {
|
||||
if (isset($this[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm,"_")])) {
|
||||
$root = $this[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm,"_")];
|
||||
if (isset($this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm,"_")])) {
|
||||
$root = $this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm,"_")];
|
||||
} else if (isset($this[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo,"_")])) {
|
||||
$root = $this[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo,"_")];
|
||||
$root = $this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo,"_")];
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
|
|
|
@ -18,6 +18,10 @@ abstract class OpenIdRequest {
|
|||
$this->message = $message;
|
||||
}
|
||||
|
||||
public function getMessage(){
|
||||
return $this->message;
|
||||
}
|
||||
|
||||
public function getMode(){
|
||||
return $this->message->getMode();
|
||||
}
|
||||
|
|
|
@ -10,6 +10,8 @@
|
|||
namespace openid\responses\contexts;
|
||||
|
||||
|
||||
use openid\OpenIdProtocol;
|
||||
|
||||
class ResponseContext
|
||||
{
|
||||
|
||||
|
@ -20,7 +22,7 @@ class ResponseContext
|
|||
$this->sign_params = array();
|
||||
}
|
||||
|
||||
public function addSignParam(string $param)
|
||||
public function addSignParam($param)
|
||||
{
|
||||
array_push($this->sign_params, $param);
|
||||
}
|
||||
|
|
|
@ -21,7 +21,7 @@ interface IAssociationService {
|
|||
* @param IAssociation $association
|
||||
* @return bool
|
||||
*/
|
||||
public function addAssociation($handle,$secret,$type,$lifetime,$issued);
|
||||
public function addAssociation($handle,$secret,$mac_function,$lifetime,$issued,$type);
|
||||
|
||||
/**
|
||||
* @param $handle
|
||||
|
|
|
@ -37,6 +37,7 @@ interface IAuthService {
|
|||
* @return AuthorizationResponse_*
|
||||
*/
|
||||
public function getUserAuthorizationResponse();
|
||||
public function setUserAuthorizationResponse($auth_response);
|
||||
|
||||
public function logout();
|
||||
}
|
|
@ -12,4 +12,6 @@ namespace openid\services;
|
|||
|
||||
interface IServerConfigurationService {
|
||||
public function getOPEndpointURL();
|
||||
public function getPrivateAssociationLifetime();
|
||||
public function getSessionAssociationLifetime();
|
||||
}
|
|
@ -0,0 +1,43 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by JetBrains PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/18/13
|
||||
* Time: 5:08 PM
|
||||
* To change this template use File | Settings | File Templates.
|
||||
*/
|
||||
|
||||
namespace openid\services;
|
||||
|
||||
|
||||
class Registry {
|
||||
|
||||
private static $instance = null;
|
||||
|
||||
public static function getInstance() {
|
||||
if(self::$instance === null) {
|
||||
self::$instance = new Registry();
|
||||
}
|
||||
|
||||
return self::$instance;
|
||||
}
|
||||
|
||||
private function __construct() {}
|
||||
private function __clone() {}
|
||||
|
||||
public function set($key, $value) {
|
||||
if (isset($this->registry[$key])) {
|
||||
throw new Exception("There is already an entry for key " . $key);
|
||||
}
|
||||
|
||||
$this->registry[$key] = $value;
|
||||
}
|
||||
|
||||
public function get($key) {
|
||||
if (!isset($this->registry[$key])) {
|
||||
throw new Exception("There is no entry for key " . $key);
|
||||
}
|
||||
|
||||
return $this->registry[$key];
|
||||
}
|
||||
}
|
|
@ -0,0 +1,21 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by JetBrains PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/18/13
|
||||
* Time: 11:11 AM
|
||||
* To change this template use File | Settings | File Templates.
|
||||
*/
|
||||
use auth\AuthHelper;
|
||||
|
||||
class Member extends Eloquent {
|
||||
|
||||
protected $table = 'Member';
|
||||
protected $connection='mysql_external';
|
||||
|
||||
public function checkPassword($password){
|
||||
$digest = AuthHelper::encrypt_password($password,$this->Salt,$this->PasswordEncryption);
|
||||
$res = AuthHelper::compare($this->Password , $digest);
|
||||
return $res;
|
||||
}
|
||||
}
|
|
@ -10,9 +10,12 @@ use openid\model\IAssociation;
|
|||
|
||||
class OpenIdAssociation extends Eloquent implements IAssociation{
|
||||
|
||||
protected $table = 'openid_associations';
|
||||
public $timestamps = false;
|
||||
|
||||
public function getMacFunction()
|
||||
{
|
||||
// TODO: Implement getMacFunction() method.
|
||||
return $this->mac_function;
|
||||
}
|
||||
|
||||
public function setMacFunction($mac_function)
|
||||
|
@ -22,7 +25,7 @@ class OpenIdAssociation extends Eloquent implements IAssociation{
|
|||
|
||||
public function getSecret()
|
||||
{
|
||||
// TODO: Implement getSecret() method.
|
||||
return $this->secret;
|
||||
}
|
||||
|
||||
public function setSecret($secret)
|
||||
|
@ -32,7 +35,7 @@ class OpenIdAssociation extends Eloquent implements IAssociation{
|
|||
|
||||
public function getLifetime()
|
||||
{
|
||||
// TODO: Implement getLifetime() method.
|
||||
return $this->lifetime;
|
||||
}
|
||||
|
||||
public function setLifetime($lifetime)
|
||||
|
@ -42,7 +45,7 @@ class OpenIdAssociation extends Eloquent implements IAssociation{
|
|||
|
||||
public function getIssued()
|
||||
{
|
||||
// TODO: Implement getIssued() method.
|
||||
return $this->issued;
|
||||
}
|
||||
|
||||
public function setIssued($issued)
|
||||
|
@ -52,7 +55,7 @@ class OpenIdAssociation extends Eloquent implements IAssociation{
|
|||
|
||||
public function getType()
|
||||
{
|
||||
// TODO: Implement getType() method.
|
||||
return $this->type;
|
||||
}
|
||||
|
||||
public function setType($type)
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
|
||||
<?php
|
||||
/**
|
||||
* Created by JetBrains PhpStorm.
|
||||
|
@ -10,6 +11,8 @@ use openid\model\ITrustedSite;
|
|||
|
||||
class OpenIdTrustedSite extends Eloquent implements ITrustedSite{
|
||||
|
||||
protected $table = 'openid_trusted_sites';
|
||||
|
||||
public function setRealm($realm)
|
||||
{
|
||||
// TODO: Implement setRealm() method.
|
||||
|
|
|
@ -9,4 +9,5 @@
|
|||
|
||||
class ServerExtension extends Eloquent {
|
||||
|
||||
protected $table = 'server_extensions';
|
||||
}
|
|
@ -1,20 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by JetBrains PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/14/13
|
||||
* Time: 4:56 PM
|
||||
* To change this template use File | Settings | File Templates.
|
||||
*/
|
||||
namespace repositories;
|
||||
|
||||
use Illuminate\Support\ServiceProvider;
|
||||
|
||||
class RepositoriesServiceProvider extends ServiceProvider {
|
||||
|
||||
public function register()
|
||||
{
|
||||
$this->app->bind("openid\\repositories\\IServerConfigurationRepository","repositories\ServerConfigurationRepositoryEloquent");
|
||||
$this->app->bind("openid\\repositories\\IServerExtensionsRepository","repositories\ServerExtensionsRepositoryEloquent");
|
||||
}
|
||||
}
|
|
@ -1,19 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by JetBrains PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/14/13
|
||||
* Time: 5:04 PM
|
||||
* To change this template use File | Settings | File Templates.
|
||||
*/
|
||||
|
||||
namespace repositories;
|
||||
use openid\repositories\IServerConfigurationRepository;
|
||||
|
||||
class ServerConfigurationRepositoryEloquent implements IServerConfigurationRepository {
|
||||
|
||||
public function getOPEndpointURL()
|
||||
{
|
||||
return "https://dev.openstack.id.com";
|
||||
}
|
||||
}
|
|
@ -1,42 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by JetBrains PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/14/13
|
||||
* Time: 5:05 PM
|
||||
* To change this template use File | Settings | File Templates.
|
||||
*/
|
||||
|
||||
namespace repositories;
|
||||
|
||||
use openid\repositories\all;
|
||||
use openid\repositories\IServerExtensionsRepository;
|
||||
|
||||
class ServerExtensionsRepositoryEloquent implements IServerExtensionsRepository{
|
||||
|
||||
/**
|
||||
* @return all active server extensions
|
||||
*/
|
||||
public function getAllActiveExtensions()
|
||||
{
|
||||
$extensions = array();
|
||||
|
||||
$ext1 = new \ServerExtension();
|
||||
$ext1->name='AX';
|
||||
$ext1->description='OpenID service extension for exchanging identity information between endpoints';
|
||||
$ext1->namespace='http://openid.net/srv/ax/1.0';
|
||||
$ext1->active = true;
|
||||
$ext1->extension_class='';
|
||||
array_push($extensions,$ext1) ;
|
||||
|
||||
$ext2 = new \ServerExtension();
|
||||
$ext2->name='PAPE';
|
||||
$ext2->description='OpenID service extension for exchanging identity information between endpoints';
|
||||
$ext2->namespace='http://specs.openid.net/extensions/pape/1.0';
|
||||
$ext2->active = true;
|
||||
$ext2->extension_class='';
|
||||
array_push($extensions,$ext2) ;
|
||||
|
||||
return $extensions;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,52 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by JetBrains PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/18/13
|
||||
* Time: 12:28 PM
|
||||
* To change this template use File | Settings | File Templates.
|
||||
*/
|
||||
|
||||
namespace services;
|
||||
use openid\model\IAssociation;
|
||||
use openid\services\IAssociationService;
|
||||
use \OpenIdAssociation;
|
||||
|
||||
class AssociationService implements IAssociationService{
|
||||
|
||||
/**
|
||||
* @param $handle
|
||||
* @return IAssociation
|
||||
*/
|
||||
public function getAssociation($handle)
|
||||
{
|
||||
//todo: need to add expiration logic
|
||||
return OpenIdAssociation::where('identifier','=',$handle)->first();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param IAssociation $association
|
||||
* @return bool
|
||||
*/
|
||||
public function addAssociation($handle, $secret,$mac_function, $lifetime, $issued,$type)
|
||||
{
|
||||
$assoc = new OpenIdAssociation();
|
||||
$assoc->identifier = $handle;
|
||||
$assoc->secret = $secret;
|
||||
$assoc->type = $type;
|
||||
$assoc->mac_function = $mac_function;
|
||||
$assoc->lifetime = $lifetime;
|
||||
$assoc->issued = $issued;
|
||||
$assoc->Save();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param $handle
|
||||
* @return bool
|
||||
*/
|
||||
public function deleteAssociation($handle)
|
||||
{
|
||||
$assoc = OpenIdAssociation::where('identifier','=',$handle)->first();
|
||||
$assoc->delete();
|
||||
}
|
||||
}
|
|
@ -0,0 +1,30 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by JetBrains PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/18/13
|
||||
* Time: 12:30 PM
|
||||
* To change this template use File | Settings | File Templates.
|
||||
*/
|
||||
|
||||
namespace services;
|
||||
use openid\services\IServerConfigurationService;
|
||||
|
||||
class ServerConfigurationService implements IServerConfigurationService{
|
||||
|
||||
public function getOPEndpointURL()
|
||||
{
|
||||
$url = action("OpenIdProviderController@op_endpoint");
|
||||
return $url;
|
||||
}
|
||||
|
||||
public function getPrivateAssociationLifetime()
|
||||
{
|
||||
return 120;
|
||||
}
|
||||
|
||||
public function getSessionAssociationLifetime()
|
||||
{
|
||||
return 360;
|
||||
}
|
||||
}
|
|
@ -15,6 +15,14 @@ class ServerExtensionsService implements IServerExtensionsService{
|
|||
|
||||
public function getAllActiveExtensions()
|
||||
{
|
||||
return array();
|
||||
$extensions = \ServerExtension::where('active', '=', true)->get();
|
||||
$res = array();
|
||||
foreach($extensions as $extension){
|
||||
$class = $extension->extension_class;
|
||||
if(empty($class) /*|| !class_exists($class)*/) continue;
|
||||
$implementation = new $class($extension->name,$extension->namespace,$extension->description);
|
||||
array_push($res,$implementation);
|
||||
}
|
||||
return $res;
|
||||
}
|
||||
}
|
|
@ -17,6 +17,8 @@ class ServicesProvider extends ServiceProvider {
|
|||
$this->app->singleton('openid\\services\\IMementoOpenIdRequestService','services\\MementoRequestService');
|
||||
$this->app->singleton('openid\\handlers\\IOpenIdAuthenticationStrategy','services\\AuthenticationStrategy');
|
||||
$this->app->singleton('openid\\services\\IServerExtensionsService','services\\ServerExtensionsService');
|
||||
|
||||
$this->app->singleton('openid\\services\\IAssociationService','services\\AssociationService');
|
||||
$this->app->singleton('openid\\services\\ITrustedSitesService','services\\TrustedSitesService');
|
||||
$this->app->singleton('openid\\services\\IServerConfigurationService','services\\ServerConfigurationService');
|
||||
}
|
||||
}
|
|
@ -0,0 +1,36 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by JetBrains PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/18/13
|
||||
* Time: 12:29 PM
|
||||
* To change this template use File | Settings | File Templates.
|
||||
*/
|
||||
|
||||
namespace services;
|
||||
use openid\model\IOpenIdUser;
|
||||
use openid\model\ITrustedSite;
|
||||
use openid\services\ITrustedSitesService;
|
||||
|
||||
class TrustedSitesService implements ITrustedSitesService {
|
||||
|
||||
public function addTrustedSite(IOpenIdUser $user, $realm, $policy, $data = array())
|
||||
{
|
||||
// TODO: Implement addTrustedSite() method.
|
||||
}
|
||||
|
||||
public function delTrustedSite($realm)
|
||||
{
|
||||
// TODO: Implement delTrustedSite() method.
|
||||
}
|
||||
|
||||
/**
|
||||
* @param IOpenIdUser $user
|
||||
* @param $return_to
|
||||
* @return ITrustedSite
|
||||
*/
|
||||
public function getTrustedSite(IOpenIdUser $user, $return_to)
|
||||
{
|
||||
// TODO: Implement getTrustedSite() method.
|
||||
}
|
||||
}
|
|
@ -10,8 +10,6 @@
|
|||
class DiscoveryControllerTest extends TestCase {
|
||||
|
||||
public function testIdpDiscovery(){
|
||||
App::bind("openid\\repositories\\IServerConfigurationRepository","ServerConfigurationRepositoryMock");
|
||||
App::bind("openid\\repositories\\IServerExtensionsRepository","ServerExtensionsRepositoryMock");
|
||||
$response = $this->call('GET', '/discovery');
|
||||
//"application/xrds+xml"
|
||||
$this->assertTrue($response->getStatusCode()===200 );
|
||||
|
|
|
@ -12,8 +12,6 @@ use openid\OpenIdProtocol;
|
|||
class OpenIdProtocolTest extends TestCase {
|
||||
|
||||
public function testProtocolIdpDiscovery(){
|
||||
App::bind("openid\\repositories\\IServerConfigurationRepository","ServerConfigurationRepositoryMock");
|
||||
App::bind("openid\\repositories\\IServerExtensionsRepository","ServerExtensionsRepositoryMock");
|
||||
$protocol = App::make("openid\OpenIdProtocol");
|
||||
$xrds = $protocol->getXRDSDiscovery();
|
||||
$this->assertTrue(!empty($xrds) && str_contains($xrds,"http://specs.openid.net/auth/2.0/server") && str_contains($xrds,"http://openid.net/srv/ax/1.0") && str_contains($xrds,"http://specs.openid.net/extensions/pape/1.0"));
|
||||
|
|
|
@ -0,0 +1,24 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by JetBrains PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/18/13
|
||||
* Time: 11:10 AM
|
||||
* To change this template use File | Settings | File Templates.
|
||||
*/
|
||||
use auth\AuthHelper;
|
||||
|
||||
class UserTest extends TestCase {
|
||||
|
||||
public function testMember(){
|
||||
$member = Member::findOrFail(1);
|
||||
$this->assertTrue($member->FirstName=='Todd');
|
||||
}
|
||||
|
||||
public function testOpenIdUserAssociation(){
|
||||
$username='sebastian@tipit.net';
|
||||
$password ='Koguryo@1981';
|
||||
$member = Member::where('Email', '=', $username)->firstOrFail();
|
||||
$this->assertTrue($member->checkPassword($password));
|
||||
}
|
||||
}
|
|
@ -1,18 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by JetBrains PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/14/13
|
||||
* Time: 5:10 PM
|
||||
* To change this template use File | Settings | File Templates.
|
||||
*/
|
||||
|
||||
use openid\repositories\IServerConfigurationRepository;
|
||||
|
||||
class ServerConfigurationRepositoryMock implements IServerConfigurationRepository{
|
||||
|
||||
public function getOPEndpointURL()
|
||||
{
|
||||
return "https://dev.openstack.id.com";
|
||||
}
|
||||
}
|
|
@ -1,38 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by JetBrains PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/14/13
|
||||
* Time: 5:10 PM
|
||||
* To change this template use File | Settings | File Templates.
|
||||
*/
|
||||
use openid\repositories\IServerExtensionsRepository;
|
||||
|
||||
class ServerExtensionsRepositoryMock implements IServerExtensionsRepository{
|
||||
|
||||
/**
|
||||
* @return all active server extensions
|
||||
*/
|
||||
public function GetAllExtensions()
|
||||
{
|
||||
$extensions = array();
|
||||
|
||||
$ext1 = new ServerExtension();
|
||||
$ext1->name='AX';
|
||||
$ext1->description='OpenID service extension for exchanging identity information between endpoints';
|
||||
$ext1->namespace='http://openid.net/srv/ax/1.0';
|
||||
$ext1->active = true;
|
||||
$ext1->extension_class='';
|
||||
array_push($extensions,$ext1) ;
|
||||
|
||||
$ext2 = new ServerExtension();
|
||||
$ext2->name='PAPE';
|
||||
$ext2->description='OpenID service extension for exchanging identity information between endpoints';
|
||||
$ext2->namespace='http://specs.openid.net/extensions/pape/1.0';
|
||||
$ext2->active = true;
|
||||
$ext2->extension_class='';
|
||||
array_push($extensions,$ext2) ;
|
||||
|
||||
return $extensions;
|
||||
}
|
||||
}
|
|
@ -5,6 +5,17 @@
|
|||
<label>
|
||||
This Site {{ $realm }} is requesting permissions
|
||||
</label>
|
||||
|
||||
<div>
|
||||
{{ Form::label("allow_forever","Allow Forever")}}
|
||||
{{ Form::radio('trust[]', 'AllowForever','true',array('id'=>'allow_forever')) }}
|
||||
{{ Form::label("allow_once","Allow Once")}}
|
||||
{{ Form::radio('trust[]', 'AllowOnce','',array('id'=>'allow_once')) }}
|
||||
{{ Form::label("deny_once","Deny Once")}}
|
||||
{{ Form::radio('trust[]', 'DenyOnce','',array('id'=>'deny_once')) }}
|
||||
{{ Form::label("deny_forever","Deny Forever")}}
|
||||
{{ Form::radio('trust[]', 'DenyForever','',array('id'=>'deny_forever')) }}
|
||||
</div>
|
||||
{{ Form::submit('Ok') }}
|
||||
{{ Form::submit('Cancel') }}
|
||||
{{ Form::close() }}
|
||||
|
|
|
@ -28,7 +28,7 @@ $app->redirectIfTrailingSlash();
|
|||
|
||||
$env = $app->detectEnvironment(array(
|
||||
|
||||
'local' => array('your-machine-name'),
|
||||
'dev' => array('dev.openstackid.com'),
|
||||
|
||||
));
|
||||
|
||||
|
|
|
@ -17,8 +17,6 @@
|
|||
"app/database/seeds",
|
||||
"app/tests/TestCase.php",
|
||||
"app/libs",
|
||||
"app/repositories",
|
||||
"app/tests/mocks",
|
||||
"app/services",
|
||||
"app/strategies"
|
||||
]
|
||||
|
|
Loading…
Reference in New Issue