smarcet
parent
63aae9b805
commit
3bde20c8bd
|
|
@ -2,41 +2,54 @@
|
|||
<project version="4">
|
||||
<component name="ChangeListManager">
|
||||
<list default="true" id="cdc3929b-040d-4e45-bbd9-fa8f8bc87073" name="Default" comment="[smarcet] - Refs #4576, #4578 : XRDS discovery and Authentication Workflow main classes">
|
||||
<change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/app/libs/openid/services/INonceService.php" />
|
||||
<change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/app/services/NonceService.php" />
|
||||
<change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/app/libs/openid/requests/OpenIdCheckAuthenticationRequest.php" />
|
||||
<change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/app/libs/openid/responses/OpenIdCheckAuthenticationResponse.php" />
|
||||
<change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/app/libs/openid/exceptions/ReplayAttackException.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/storage/.gitkeep" afterPath="$PROJECT_DIR$/app/storage/.gitkeep" />
|
||||
<change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/app/libs/openid/exceptions/InvalidNonce.php" />
|
||||
<change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/app/libs/openid/requests/OpenIdAssociationSessionRequest.php" />
|
||||
<change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/app/libs/openid/responses/OpenIdAssociationSessionResponse.php" />
|
||||
<change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/app/libs/openid/requests/OpenIdDHAssociationSessionRequest.php" />
|
||||
<change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/app/libs/openid/responses/OpenIdDiffieHellmanAssociationSessionResponse.php" />
|
||||
<change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/app/database/seeds/OpenIdExtensionsSeeder.php" />
|
||||
<change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/app/libs/openid/exceptions/OpenIdInvalidRealmException.php" />
|
||||
<change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/app/libs/openid/model/OpenIdNonce.php" />
|
||||
<change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/app/libs/openid/responses/OpenIdUnencryptedAssociationSessionResponse.php" />
|
||||
<change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/app/services/Facades/ServerConfigurationService.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/database/migrations/2013_10_14_155702_create_extension_table.php" afterPath="$PROJECT_DIR$/app/database/migrations/2013_10_14_155702_create_extension_table.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/database/migrations/2013_10_17_210518_create_users_table.php" afterPath="$PROJECT_DIR$/app/database/migrations/2013_10_17_210518_create_users_table.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/database/migrations/2013_10_17_210730_create_associations_table.php" afterPath="$PROJECT_DIR$/app/database/migrations/2013_10_17_210730_create_associations_table.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/database/migrations/2013_10_17_211051_create_trusted_sites_table.php" afterPath="$PROJECT_DIR$/app/database/migrations/2013_10_17_211051_create_trusted_sites_table.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/services/AssociationService.php" afterPath="$PROJECT_DIR$/app/services/AssociationService.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/controllers/DiscoveryController.php" afterPath="$PROJECT_DIR$/app/controllers/DiscoveryController.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/controllers/HomeController.php" afterPath="$PROJECT_DIR$/app/controllers/HomeController.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/auth/AuthService.php" afterPath="$PROJECT_DIR$/app/libs/auth/AuthService.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/auth/AuthenticationServiceProvider.php" afterPath="$PROJECT_DIR$/app/libs/auth/AuthenticationServiceProvider.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/auth/CustomAuthProvider.php" afterPath="$PROJECT_DIR$/app/libs/auth/CustomAuthProvider.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/database/seeds/DatabaseSeeder.php" afterPath="$PROJECT_DIR$/app/database/seeds/DatabaseSeeder.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/model/IAssociation.php" afterPath="$PROJECT_DIR$/app/libs/openid/model/IAssociation.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/services/IAssociationService.php" afterPath="$PROJECT_DIR$/app/libs/openid/services/IAssociationService.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/extensions/implementations/OpenIdAXExtension.php" afterPath="$PROJECT_DIR$/app/libs/openid/extensions/implementations/OpenIdAXExtension.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/services/IAuthService.php" afterPath="$PROJECT_DIR$/app/libs/openid/services/IAuthService.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/services/INonceService.php" afterPath="$PROJECT_DIR$/app/libs/openid/services/INonceService.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/services/IServerConfigurationService.php" afterPath="$PROJECT_DIR$/app/libs/openid/services/IServerConfigurationService.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/services/NonceService.php" afterPath="$PROJECT_DIR$/app/services/NonceService.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/models/OpenIdAssociation.php" afterPath="$PROJECT_DIR$/app/models/OpenIdAssociation.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/requests/OpenIdAuthenticationRequest.php" afterPath="$PROJECT_DIR$/app/libs/openid/requests/OpenIdAuthenticationRequest.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/handlers/OpenIdAuthenticationRequestHandler.php" afterPath="$PROJECT_DIR$/app/libs/openid/handlers/OpenIdAuthenticationRequestHandler.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/requests/OpenIdCheckAuthenticationRequest.php" afterPath="$PROJECT_DIR$/app/libs/openid/requests/OpenIdCheckAuthenticationRequest.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/handlers/OpenIdCheckAuthenticationRequestHandler.php" afterPath="$PROJECT_DIR$/app/libs/openid/handlers/OpenIdCheckAuthenticationRequestHandler.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/responses/OpenIdDirectResponse.php" afterPath="$PROJECT_DIR$/app/libs/openid/responses/OpenIdDirectResponse.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/strategies/OpenIdDirectResponseStrategy.php" afterPath="$PROJECT_DIR$/app/strategies/OpenIdDirectResponseStrategy.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/helpers/OpenIdCryptoHelper.php" afterPath="$PROJECT_DIR$/app/libs/openid/helpers/OpenIdCryptoHelper.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/OpenIdMessage.php" afterPath="$PROJECT_DIR$/app/libs/openid/OpenIdMessage.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/handlers/OpenIdMessageHandler.php" afterPath="$PROJECT_DIR$/app/libs/openid/handlers/OpenIdMessageHandler.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/responses/OpenIdPositiveAssertionResponse.php" afterPath="$PROJECT_DIR$/app/libs/openid/responses/OpenIdPositiveAssertionResponse.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/OpenIdProtocol.php" afterPath="$PROJECT_DIR$/app/libs/openid/OpenIdProtocol.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/requests/OpenIdRequest.php" afterPath="$PROJECT_DIR$/app/libs/openid/requests/OpenIdRequest.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/strategies/OpenIdResponseStrategyFactoryMethod.php" afterPath="$PROJECT_DIR$/app/libs/openid/strategies/OpenIdResponseStrategyFactoryMethod.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/handlers/OpenIdSessionAssociationRequestHandler.php" afterPath="$PROJECT_DIR$/app/libs/openid/handlers/OpenIdSessionAssociationRequestHandler.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/helpers/OpenIdSignatureBuilder.php" afterPath="$PROJECT_DIR$/app/libs/openid/helpers/OpenIdSignatureBuilder.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/models/OpenIdTrustedSite.php" afterPath="$PROJECT_DIR$/app/models/OpenIdTrustedSite.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/auth/OpenIdUser.php" afterPath="$PROJECT_DIR$/app/libs/auth/OpenIdUser.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/responses/contexts/ResponseContext.php" afterPath="$PROJECT_DIR$/app/libs/openid/responses/contexts/ResponseContext.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/libs/openid/helpers/OpenIdUriHelper.php" afterPath="$PROJECT_DIR$/app/libs/openid/helpers/OpenIdUriHelper.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/services/ServerConfigurationService.php" afterPath="$PROJECT_DIR$/app/services/ServerConfigurationService.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/services/ServicesProvider.php" afterPath="$PROJECT_DIR$/app/services/ServicesProvider.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/controllers/UserController.php" afterPath="$PROJECT_DIR$/app/controllers/UserController.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/config/app.php" afterPath="$PROJECT_DIR$/app/config/app.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/views/extensions/ax.blade.php" afterPath="$PROJECT_DIR$/app/views/extensions/ax.blade.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/config/dev/database.php" afterPath="$PROJECT_DIR$/app/config/dev/database.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/filters.php" afterPath="$PROJECT_DIR$/app/filters.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/views/consent.blade.php" afterPath="$PROJECT_DIR$/app/views/consent.blade.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/start/global.php" afterPath="$PROJECT_DIR$/app/start/global.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/views/layout.blade.php" afterPath="$PROJECT_DIR$/app/views/layout.blade.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/views/profile.blade.php" afterPath="$PROJECT_DIR$/app/views/profile.blade.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/routes.php" afterPath="$PROJECT_DIR$/app/routes.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/app/views/login.blade.php" afterPath="$PROJECT_DIR$/app/views/login.blade.php" />
|
||||
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/.idea/workspace.xml" afterPath="$PROJECT_DIR$/.idea/workspace.xml" />
|
||||
</list>
|
||||
<ignored path="openidIdp.iws" />
|
||||
|
|
@ -58,6 +71,11 @@
|
|||
<component name="DaemonCodeAnalyzer">
|
||||
<disable_hints />
|
||||
</component>
|
||||
<component name="DatabaseView">
|
||||
<flatten value="false" />
|
||||
<groupTables value="false" />
|
||||
<sortChildren value="false" />
|
||||
</component>
|
||||
<component name="ExecutionTargetManager" SELECTED_TARGET="default_target" />
|
||||
<component name="FavoritesManager">
|
||||
<favorites_list name="openidIdp">
|
||||
|
|
@ -66,10 +84,10 @@
|
|||
</component>
|
||||
<component name="FileEditorManager">
|
||||
<leaf>
|
||||
<file leaf-file-name="OpenIdCheckAuthenticationRequestHandler.php" pinned="false" current="false" current-in-tab="false">
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/handlers/OpenIdCheckAuthenticationRequestHandler.php">
|
||||
<file leaf-file-name="OpenIdSessionAssociationRequestHandler.php" pinned="false" current="true" current-in-tab="true">
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/handlers/OpenIdSessionAssociationRequestHandler.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="94" column="48" selection-start="4038" selection-end="4038" vertical-scroll-proportion="-3.2916667" vertical-offset="1241" max-vertical-offset="1695">
|
||||
<state line="58" column="12" selection-start="2261" selection-end="2261" vertical-scroll-proportion="2.698962" vertical-offset="0" max-vertical-offset="1320">
|
||||
<folding>
|
||||
<element signature="e#195#220#0" expanded="true" />
|
||||
</folding>
|
||||
|
|
@ -77,86 +95,28 @@
|
|||
</provider>
|
||||
</entry>
|
||||
</file>
|
||||
<file leaf-file-name="OpenIdResponseStrategyFactoryMethod.php" pinned="false" current="false" current-in-tab="false">
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/strategies/OpenIdResponseStrategyFactoryMethod.php">
|
||||
<file leaf-file-name="BigInteger.php" pinned="false" current="false" current-in-tab="false">
|
||||
<entry file="file://$PROJECT_DIR$/vendor/zendframework/zend-math/Zend/Math/BigInteger/BigInteger.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="31" column="0" selection-start="902" selection-end="902" vertical-scroll-proportion="-3.5" vertical-offset="246" max-vertical-offset="540">
|
||||
<state line="0" column="0" selection-start="0" selection-end="0" vertical-scroll-proportion="63.041668" vertical-offset="1513" max-vertical-offset="1815">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
</file>
|
||||
<file leaf-file-name="OpenIdCheckAuthenticationResponse.php" pinned="false" current="false" current-in-tab="false">
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/responses/OpenIdCheckAuthenticationResponse.php">
|
||||
<file leaf-file-name="DiffieHellman.php" pinned="false" current="false" current-in-tab="false">
|
||||
<entry file="file://$PROJECT_DIR$/vendor/zendframework/zend-crypt/Zend/Crypt/PublicKey/DiffieHellman.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="32" column="0" selection-start="1340" selection-end="1340" vertical-scroll-proportion="-4.3333335" vertical-offset="301" max-vertical-offset="540">
|
||||
<folding>
|
||||
<element signature="e#120#146#0" expanded="true" />
|
||||
</folding>
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
</file>
|
||||
<file leaf-file-name="OpenIdProviderController.php" pinned="false" current="false" current-in-tab="false">
|
||||
<entry file="file://$PROJECT_DIR$/app/controllers/OpenIdProviderController.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="36" column="0" selection-start="1358" selection-end="1358" vertical-scroll-proportion="-3.7083333" vertical-offset="301" max-vertical-offset="540">
|
||||
<state line="274" column="20" selection-start="9118" selection-end="9118" vertical-scroll-proportion="-4.0" vertical-offset="3909" max-vertical-offset="6570">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
</file>
|
||||
<file leaf-file-name="OpenIdProtocol.php" pinned="false" current="false" current-in-tab="false">
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/OpenIdProtocol.php">
|
||||
<file leaf-file-name="OpenIdDHAssociationSessionRequest.php" pinned="false" current="false" current-in-tab="false">
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/requests/OpenIdDHAssociationSessionRequest.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="33" column="47" selection-start="1104" selection-end="1104" vertical-scroll-proportion="-3.22" vertical-offset="154" max-vertical-offset="2085">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
</file>
|
||||
<file leaf-file-name="OpenIdDirectResponseStrategy.php" pinned="false" current="false" current-in-tab="false">
|
||||
<entry file="file://$PROJECT_DIR$/app/strategies/OpenIdDirectResponseStrategy.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="16" column="0" selection-start="367" selection-end="367" vertical-scroll-proportion="-4.25" vertical-offset="33" max-vertical-offset="285">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
</file>
|
||||
<file leaf-file-name="Controller.php" pinned="false" current="false" current-in-tab="false">
|
||||
<entry file="file://$PROJECT_DIR$/vendor/laravel/framework/src/Illuminate/Routing/Controllers/Controller.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="120" column="0" selection-start="2992" selection-end="2992" vertical-scroll-proportion="-3.125" vertical-offset="1665" max-vertical-offset="4590">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
</file>
|
||||
<file leaf-file-name="Handler.php" pinned="false" current="false" current-in-tab="false">
|
||||
<entry file="file://$PROJECT_DIR$/vendor/laravel/framework/src/Illuminate/Exception/Handler.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="179" column="0" selection-start="4276" selection-end="4276" vertical-scroll-proportion="-3.5" vertical-offset="2526" max-vertical-offset="5700">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
</file>
|
||||
<file leaf-file-name="OpenIdDirectResponse.php" pinned="false" current="true" current-in-tab="true">
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/responses/OpenIdDirectResponse.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="64" column="0" selection-start="2152" selection-end="2152" vertical-scroll-proportion="0.33333334" vertical-offset="786" max-vertical-offset="1065">
|
||||
<folding>
|
||||
<element signature="e#195#233#0" expanded="true" />
|
||||
</folding>
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
</file>
|
||||
<file leaf-file-name="OpenIdSignatureBuilder.php" pinned="false" current="false" current-in-tab="false">
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/helpers/OpenIdSignatureBuilder.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="35" column="0" selection-start="1090" selection-end="1090" vertical-scroll-proportion="-3.2916667" vertical-offset="326" max-vertical-offset="1005">
|
||||
<state line="31" column="0" selection-start="997" selection-end="997" vertical-scroll-proportion="-10.0" vertical-offset="135" max-vertical-offset="900">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
|
|
@ -180,25 +140,26 @@
|
|||
<component name="IdeDocumentHistory">
|
||||
<option name="changedFiles">
|
||||
<list>
|
||||
<option value="$PROJECT_DIR$/app/config/app.php" />
|
||||
<option value="$PROJECT_DIR$/app/services/ServicesProvider.php" />
|
||||
<option value="$PROJECT_DIR$/vendor/laravel/framework/src/Illuminate/Redis/RedisServiceProvider.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/handlers/OpenIdAuthenticationRequestHandler.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/handlers/OpenIdSessionAssociationRequestHandler.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/handlers/OpenIdMessageHandler.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/handlers/OpenIdCheckAuthenticationRequestHandler.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/requests/OpenIdCheckAuthenticationRequest.php" />
|
||||
<option value="$PROJECT_DIR$/app/services/NonceService.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/requests/OpenIdRequest.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/responses/OpenIdDirectResponse.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/auth/AuthService.php" />
|
||||
<option value="$PROJECT_DIR$/app/controllers/UserController.php" />
|
||||
<option value="$PROJECT_DIR$/app/views/login.blade.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/helpers/OpenIdSignatureBuilder.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/requests/OpenIdAssociationSessionRequest.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/requests/OpenIdAuthenticationRequest.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/requests/OpenIdCheckAuthenticationRequest.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/OpenIdMessage.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/requests/OpenIdRequest.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/OpenIdProtocol.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/strategies/OpenIdResponseStrategyFactoryMethod.php" />
|
||||
<option value="$PROJECT_DIR$/app/strategies/OpenIdDirectResponseStrategy.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/responses/OpenIdCheckAuthenticationResponse.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/responses/OpenIdAssociationSessionResponse.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/responses/OpenIdUnencryptedAssociationSessionResponse.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/responses/OpenIdDiffieHellmanAssociationSessionResponse.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/requests/OpenIdDHAssociationSessionRequest.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/helpers/OpenIdCryptoHelper.php" />
|
||||
<option value="$PROJECT_DIR$/app/libs/openid/handlers/OpenIdSessionAssociationRequestHandler.php" />
|
||||
</list>
|
||||
</option>
|
||||
</component>
|
||||
<component name="PhpDebugGeneral" hide_empty_superglobals="false" />
|
||||
<component name="PhpServers">
|
||||
<option name="servers">
|
||||
<server host="dev.openstackid.com" name="dev.openstackid.com" />
|
||||
|
|
@ -271,7 +232,7 @@
|
|||
</expanded-state>
|
||||
<selected-state>
|
||||
<State>
|
||||
<id>CoffeeScript</id>
|
||||
<id>PHP</id>
|
||||
</State>
|
||||
</selected-state>
|
||||
</profile-state>
|
||||
|
|
@ -332,7 +293,115 @@
|
|||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="app" />
|
||||
<option name="myItemId" value="vendor" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
</PATH>
|
||||
<PATH>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="openidIdp" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.ProjectViewProjectNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="openidIdp" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="vendor" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="zendframework" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
</PATH>
|
||||
<PATH>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="openidIdp" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.ProjectViewProjectNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="openidIdp" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="vendor" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="zendframework" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="zend-math" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="Zend" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="Math" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
</PATH>
|
||||
<PATH>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="openidIdp" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.ProjectViewProjectNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="openidIdp" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="vendor" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="zendframework" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="zend-math" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="Zend" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="Math" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="BigInteger" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
</PATH>
|
||||
<PATH>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="openidIdp" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.ProjectViewProjectNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="openidIdp" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="vendor" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="zendframework" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="zend-crypt" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="Zend" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
</PATH>
|
||||
|
|
@ -349,10 +418,6 @@
|
|||
<option name="myItemId" value="app" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="services" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
</PATH>
|
||||
<PATH>
|
||||
<PATH_ELEMENT>
|
||||
|
|
@ -398,7 +463,7 @@
|
|||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="requests" />
|
||||
<option name="myItemId" value="responses" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
</PATH>
|
||||
|
|
@ -419,6 +484,14 @@
|
|||
<option name="myItemId" value="libs" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="openid" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="handlers" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
</PATH>
|
||||
<PATH>
|
||||
<PATH_ELEMENT>
|
||||
|
|
@ -434,7 +507,7 @@
|
|||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
<PATH_ELEMENT>
|
||||
<option name="myItemId" value="controllers" />
|
||||
<option name="myItemId" value="libs" />
|
||||
<option name="myItemType" value="com.intellij.ide.projectView.impl.nodes.PsiDirectoryNode" />
|
||||
</PATH_ELEMENT>
|
||||
</PATH>
|
||||
|
|
@ -443,17 +516,33 @@
|
|||
</panes>
|
||||
</component>
|
||||
<component name="PropertiesComponent">
|
||||
<property name="GoToFile.includeJavaFiles" value="false" />
|
||||
<property name="FileHistory.git4idea.history.GitHistoryProvider_flatWidth0" value="73" />
|
||||
<property name="FileHistory.git4idea.history.GitHistoryProvider_flatWidth1" value="92" />
|
||||
<property name="options.splitter.main.proportions" value="0.3" />
|
||||
<property name="WebServerToolWindowFactoryState" value="false" />
|
||||
<property name="options.lastSelected" value="Configurable.PHP.Debug" />
|
||||
<property name="recentsLimit" value="5" />
|
||||
<property name="restartRequiresConfirmation" value="true" />
|
||||
<property name="last_opened_file_path" value="$PROJECT_DIR$" />
|
||||
<property name="FullScreen" value="false" />
|
||||
<property name="FileHistory.git4idea.history.GitHistoryProvider_flatOrder1" value="1" />
|
||||
<property name="FileHistory.git4idea.history.GitHistoryProvider_treeWidth0" value="72" />
|
||||
<property name="FileHistory.git4idea.history.GitHistoryProvider_flatOrder0" value="0" />
|
||||
<property name="last_opened_file_path" value="$PROJECT_DIR$/../../ZendFramework-1.12.3" />
|
||||
<property name="FileHistory.git4idea.history.GitHistoryProvider_flatWidth2" value="100" />
|
||||
<property name="FileHistory.git4idea.history.GitHistoryProvider_treeWidth3" value="955" />
|
||||
<property name="FileHistory.git4idea.history.GitHistoryProvider_flatWidth3" value="954" />
|
||||
<property name="FileHistory.git4idea.history.GitHistoryProvider_treeWidth2" value="100" />
|
||||
<property name="GoToClass.includeJavaFiles" value="false" />
|
||||
<property name="options.searchVisible" value="true" />
|
||||
<property name="FileHistory.git4idea.history.GitHistoryProvider_treeWidth1" value="92" />
|
||||
<property name="WebServerToolWindowFactoryState" value="false" />
|
||||
<property name="FileHistory.git4idea.history.GitHistoryProvider_flatOrder2" value="2" />
|
||||
<property name="FileHistory.git4idea.history.GitHistoryProvider_flatOrder3" value="3" />
|
||||
<property name="FullScreen" value="false" />
|
||||
<property name="options.splitter.details.proportions" value="0.2" />
|
||||
<property name="GoToFile.includeJavaFiles" value="false" />
|
||||
<property name="FileHistory.git4idea.history.GitHistoryProvider_treeOrder0" value="0" />
|
||||
<property name="FileHistory.git4idea.history.GitHistoryProvider_treeOrder3" value="3" />
|
||||
<property name="FileHistory.git4idea.history.GitHistoryProvider_treeOrder1" value="1" />
|
||||
<property name="FileHistory.git4idea.history.GitHistoryProvider_treeOrder2" value="2" />
|
||||
<property name="options.lastSelected" value="Configurable.PHP.FrameworkIntegration" />
|
||||
<property name="restartRequiresConfirmation" value="true" />
|
||||
<property name="options.searchVisible" value="true" />
|
||||
</component>
|
||||
<component name="RecentsManager">
|
||||
<key name="CopyFile.RECENT_KEYS">
|
||||
|
|
@ -568,23 +657,23 @@
|
|||
</component>
|
||||
<component name="ToolWindowManager">
|
||||
<frame x="65" y="38" width="1301" height="728" extended-state="0" />
|
||||
<editor active="false" />
|
||||
<editor active="true" />
|
||||
<layout>
|
||||
<window_info id="Changes" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.33" sideWeight="0.5" order="7" side_tool="false" content_ui="tabs" />
|
||||
<window_info id="Terminal" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.33" sideWeight="0.5" order="8" side_tool="false" content_ui="tabs" />
|
||||
<window_info id="TODO" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.33" sideWeight="0.5" order="6" side_tool="false" content_ui="tabs" />
|
||||
<window_info id="Database" active="false" anchor="right" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.33" sideWeight="0.5" order="3" side_tool="false" content_ui="tabs" />
|
||||
<window_info id="Find" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.25086504" sideWeight="0.5" order="1" side_tool="false" content_ui="tabs" />
|
||||
<window_info id="Database" active="false" anchor="right" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.3298639" sideWeight="0.5" order="3" side_tool="false" content_ui="tabs" />
|
||||
<window_info id="Structure" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.25" sideWeight="0.5" order="1" side_tool="false" content_ui="tabs" />
|
||||
<window_info id="Project" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="true" weight="0.33466774" sideWeight="0.65916955" order="0" side_tool="false" content_ui="combo" />
|
||||
<window_info id="Project" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="true" weight="0.34747797" sideWeight="0.65916955" order="0" side_tool="false" content_ui="combo" />
|
||||
<window_info id="Debug" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="true" weight="0.34083045" sideWeight="0.6180945" order="3" side_tool="false" content_ui="tabs" />
|
||||
<window_info id="Favorites" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.33" sideWeight="0.5" order="2" side_tool="true" content_ui="tabs" />
|
||||
<window_info id="Event Log" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.3544093" sideWeight="0.38190553" order="7" side_tool="true" content_ui="tabs" />
|
||||
<window_info id="Run" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.3292683" sideWeight="0.5" order="2" side_tool="false" content_ui="tabs" />
|
||||
<window_info id="Version Control" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.33" sideWeight="0.5" order="7" side_tool="false" content_ui="tabs" />
|
||||
<window_info id="Version Control" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.32871974" sideWeight="0.5" order="7" side_tool="false" content_ui="tabs" />
|
||||
<window_info id="Cvs" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.25" sideWeight="0.5" order="4" side_tool="false" content_ui="tabs" />
|
||||
<window_info id="Message" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.33" sideWeight="0.5" order="0" side_tool="false" content_ui="tabs" />
|
||||
<window_info id="Ant Build" active="false" anchor="right" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.25" sideWeight="0.5" order="1" side_tool="false" content_ui="tabs" />
|
||||
<window_info id="Find" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="true" weight="0.32871974" sideWeight="0.5" order="1" side_tool="false" content_ui="tabs" />
|
||||
<window_info id="Messages" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.32871974" sideWeight="0.5" order="7" side_tool="false" content_ui="tabs" />
|
||||
<window_info id="Commander" active="false" anchor="right" auto_hide="false" internal_type="SLIDING" type="SLIDING" visible="false" weight="0.4" sideWeight="0.5" order="0" side_tool="false" content_ui="tabs" />
|
||||
<window_info id="Hierarchy" active="false" anchor="right" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.25" sideWeight="0.5" order="2" side_tool="false" content_ui="combo" />
|
||||
|
|
@ -603,6 +692,43 @@
|
|||
</component>
|
||||
<component name="XDebuggerManager">
|
||||
<breakpoint-manager>
|
||||
<breakpoints>
|
||||
<line-breakpoint enabled="true" type="php">
|
||||
<url>file://$PROJECT_DIR$/app/services/NonceService.php</url>
|
||||
<line>27</line>
|
||||
<option name="timeStamp" value="311" />
|
||||
</line-breakpoint>
|
||||
<line-breakpoint enabled="true" type="php">
|
||||
<url>file://$PROJECT_DIR$/app/services/NonceService.php</url>
|
||||
<line>81</line>
|
||||
<option name="timeStamp" value="312" />
|
||||
</line-breakpoint>
|
||||
<line-breakpoint enabled="true" type="php">
|
||||
<url>file://$PROJECT_DIR$/app/controllers/UserController.php</url>
|
||||
<line>74</line>
|
||||
<option name="timeStamp" value="313" />
|
||||
</line-breakpoint>
|
||||
<line-breakpoint enabled="true" type="php">
|
||||
<url>file://$PROJECT_DIR$/app/libs/openid/helpers/OpenIdSignatureBuilder.php</url>
|
||||
<line>31</line>
|
||||
<option name="timeStamp" value="314" />
|
||||
</line-breakpoint>
|
||||
<line-breakpoint enabled="true" type="php">
|
||||
<url>file://$PROJECT_DIR$/app/libs/openid/handlers/OpenIdSessionAssociationRequestHandler.php</url>
|
||||
<line>43</line>
|
||||
<option name="timeStamp" value="316" />
|
||||
</line-breakpoint>
|
||||
<line-breakpoint enabled="true" type="php">
|
||||
<url>file://$PROJECT_DIR$/app/libs/openid/handlers/OpenIdSessionAssociationRequestHandler.php</url>
|
||||
<line>84</line>
|
||||
<option name="timeStamp" value="317" />
|
||||
</line-breakpoint>
|
||||
<line-breakpoint enabled="true" type="php">
|
||||
<url>file://$PROJECT_DIR$/app/libs/openid/requests/OpenIdDHAssociationSessionRequest.php</url>
|
||||
<line>28</line>
|
||||
<option name="timeStamp" value="318" />
|
||||
</line-breakpoint>
|
||||
</breakpoints>
|
||||
<breakpoints-dialog>
|
||||
<breakpoints-dialog>
|
||||
<selected-grouping-rules>
|
||||
|
|
@ -610,124 +736,122 @@
|
|||
</selected-grouping-rules>
|
||||
</breakpoints-dialog>
|
||||
</breakpoints-dialog>
|
||||
<option name="time" value="288" />
|
||||
<option name="time" value="319" />
|
||||
</breakpoint-manager>
|
||||
</component>
|
||||
<component name="editorHistoryManager">
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/helpers/OpenIdCryptoHelper.php">
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/requests/OpenIdAuthenticationRequest.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="60" column="0" selection-start="1686" selection-end="1686" vertical-scroll-proportion="-12.875" vertical-offset="471" max-vertical-offset="2085">
|
||||
<state line="46" column="71" selection-start="1317" selection-end="1380" vertical-scroll-proportion="-11.5" vertical-offset="279" max-vertical-offset="1200">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/responses/OpenIdResponse.php">
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/requests/OpenIdCheckAuthenticationRequest.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="12" column="43" selection-start="265" selection-end="265" vertical-scroll-proportion="-3.75" vertical-offset="0" max-vertical-offset="690">
|
||||
<state line="71" column="8" selection-start="2762" selection-end="2834" vertical-scroll-proportion="-8.583333" vertical-offset="739" max-vertical-offset="1080">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/OpenIdMessage.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="13" column="6" selection-start="240" selection-end="240" vertical-scroll-proportion="1.625" vertical-offset="144" max-vertical-offset="915">
|
||||
<state line="68" column="131" selection-start="2035" selection-end="2035" vertical-scroll-proportion="2.5409837" vertical-offset="0" max-vertical-offset="1050">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/strategies/OpenIdIndirectResponseStrategy.php">
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/requests/OpenIdRequest.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="18" column="0" selection-start="433" selection-end="433" vertical-scroll-proportion="-3.7083333" vertical-offset="61" max-vertical-offset="300">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/vendor/laravel/framework/src/Illuminate/Foundation/AliasLoader.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="65" column="0" selection-start="1247" selection-end="1247" vertical-scroll-proportion="-3.5" vertical-offset="891" max-vertical-offset="2460">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/vendor/composer/ClassLoader.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="186" column="0" selection-start="5045" selection-end="5045" vertical-scroll-proportion="-3.2916667" vertical-offset="2591" max-vertical-offset="3660">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/helpers/OpenIdSignatureBuilder.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="35" column="0" selection-start="1090" selection-end="1090" vertical-scroll-proportion="-3.2916667" vertical-offset="326" max-vertical-offset="1005">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/controllers/OpenIdProviderController.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="36" column="0" selection-start="1358" selection-end="1358" vertical-scroll-proportion="-3.7083333" vertical-offset="301" max-vertical-offset="540">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/handlers/OpenIdCheckAuthenticationRequestHandler.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="94" column="48" selection-start="4038" selection-end="4038" vertical-scroll-proportion="-3.2916667" vertical-offset="1241" max-vertical-offset="1695">
|
||||
<folding>
|
||||
<element signature="e#195#220#0" expanded="true" />
|
||||
</folding>
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/vendor/laravel/framework/src/Illuminate/Routing/Controllers/Controller.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="120" column="0" selection-start="2992" selection-end="2992" vertical-scroll-proportion="-3.125" vertical-offset="1665" max-vertical-offset="4590">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/vendor/laravel/framework/src/Illuminate/Exception/Handler.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="179" column="0" selection-start="4276" selection-end="4276" vertical-scroll-proportion="-3.5" vertical-offset="2526" max-vertical-offset="5700">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/strategies/OpenIdResponseStrategyFactoryMethod.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="31" column="0" selection-start="902" selection-end="902" vertical-scroll-proportion="-3.5" vertical-offset="246" max-vertical-offset="540">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/OpenIdProtocol.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="33" column="47" selection-start="1104" selection-end="1104" vertical-scroll-proportion="-3.22" vertical-offset="154" max-vertical-offset="2085">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/responses/OpenIdCheckAuthenticationResponse.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="32" column="0" selection-start="1340" selection-end="1340" vertical-scroll-proportion="-4.3333335" vertical-offset="301" max-vertical-offset="540">
|
||||
<folding>
|
||||
<element signature="e#120#146#0" expanded="true" />
|
||||
</folding>
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/strategies/OpenIdDirectResponseStrategy.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="16" column="0" selection-start="367" selection-end="367" vertical-scroll-proportion="-4.25" vertical-offset="33" max-vertical-offset="285">
|
||||
<state line="36" column="47" selection-start="722" selection-end="722" vertical-scroll-proportion="0.6833773" vertical-offset="191" max-vertical-offset="570">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/responses/OpenIdDirectResponse.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="64" column="0" selection-start="2152" selection-end="2152" vertical-scroll-proportion="0.33333334" vertical-offset="786" max-vertical-offset="1065">
|
||||
<state line="33" column="55" selection-start="1073" selection-end="1121" vertical-scroll-proportion="0.68865436" vertical-offset="129" max-vertical-offset="1050">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/OpenIdProtocol.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="103" column="79" selection-start="4984" selection-end="5008" vertical-scroll-proportion="0.6830601" vertical-offset="1115" max-vertical-offset="2325">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/responses/OpenIdUnencryptedAssociationSessionResponse.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="14" column="5" selection-start="218" selection-end="389" vertical-scroll-proportion="-5.625" vertical-offset="0" max-vertical-offset="240">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/responses/OpenIdAssociationSessionResponse.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="37" column="5" selection-start="1282" selection-end="1697" vertical-scroll-proportion="-9.208333" vertical-offset="259" max-vertical-offset="600">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/responses/OpenIdDiffieHellmanAssociationSessionResponse.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="12" column="28" selection-start="207" selection-end="207" vertical-scroll-proportion="-4.375" vertical-offset="0" max-vertical-offset="300">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/handlers/OpenIdMessageHandler.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="26" column="0" selection-start="522" selection-end="522" vertical-scroll-proportion="0.5133588" vertical-offset="31" max-vertical-offset="555">
|
||||
<folding>
|
||||
<element signature="e#195#233#0" expanded="true" />
|
||||
<element signature="e#195#220#0" expanded="true" />
|
||||
</folding>
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/handlers/OpenIdAuthenticationRequestHandler.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="115" column="0" selection-start="5197" selection-end="5197" vertical-scroll-proportion="0.18518518" vertical-offset="1215" max-vertical-offset="4935">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/helpers/OpenIdCryptoHelper.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="19" column="56" selection-start="484" selection-end="484" vertical-scroll-proportion="-0.997996" vertical-offset="663" max-vertical-offset="2175">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/requests/OpenIdDHAssociationSessionRequest.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="31" column="0" selection-start="997" selection-end="997" vertical-scroll-proportion="-10.0" vertical-offset="135" max-vertical-offset="900">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/vendor/zendframework/zend-crypt/Zend/Crypt/PublicKey/DiffieHellman.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="274" column="20" selection-start="9118" selection-end="9118" vertical-scroll-proportion="-4.0" vertical-offset="3909" max-vertical-offset="6570">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/vendor/zendframework/zend-math/Zend/Math/BigInteger/BigInteger.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="0" column="0" selection-start="0" selection-end="0" vertical-scroll-proportion="63.041668" vertical-offset="1513" max-vertical-offset="1815">
|
||||
<folding />
|
||||
</state>
|
||||
</provider>
|
||||
</entry>
|
||||
<entry file="file://$PROJECT_DIR$/app/libs/openid/handlers/OpenIdSessionAssociationRequestHandler.php">
|
||||
<provider selected="true" editor-type-id="text-editor">
|
||||
<state line="58" column="12" selection-start="2261" selection-end="2261" vertical-scroll-proportion="2.698962" vertical-offset="0" max-vertical-offset="1320">
|
||||
<folding>
|
||||
<element signature="e#195#220#0" expanded="true" />
|
||||
</folding>
|
||||
</state>
|
||||
</provider>
|
||||
|
|
|
|||
|
|
@ -112,11 +112,11 @@ return array(
|
|||
'Illuminate\Validation\ValidationServiceProvider',
|
||||
'Illuminate\View\ViewServiceProvider',
|
||||
'Illuminate\Workbench\WorkbenchServiceProvider',
|
||||
'Illuminate\Redis\RedisServiceProvider',
|
||||
'openid\OpenIdServiceProvider',
|
||||
'auth\AuthenticationServiceProvider',
|
||||
'services\ServicesProvider',
|
||||
'strategies\OpenIdResponseStrategyProvider',
|
||||
'Illuminate\Redis\RedisServiceProvider',
|
||||
),
|
||||
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -64,15 +64,24 @@ class UserController extends BaseController{
|
|||
$data = Input::all();
|
||||
// Build the validation constraint set.
|
||||
$rules = array(
|
||||
'username' => 'required',
|
||||
'username' => 'required|email',
|
||||
'password' => 'required'
|
||||
);
|
||||
// Create a new validator instance.
|
||||
$validator = Validator::make($data, $rules);
|
||||
|
||||
if ($validator->passes()) {
|
||||
|
||||
$username = Input::get("username");
|
||||
$password = Input::get("password");
|
||||
if($this->auth_service->Login($username,$password)){
|
||||
$remember = Input::get("remember");
|
||||
|
||||
if(is_null($remember))
|
||||
$remember=false;
|
||||
else
|
||||
$remember=true;
|
||||
|
||||
if($this->auth_service->Login($username,$password,$remember)){
|
||||
$msg = $this->memento_service->getCurrentRequest();
|
||||
if (!is_null($msg) && $msg->IsValid()){
|
||||
//go to authentication flow again
|
||||
|
|
|
|||
|
|
@ -16,9 +16,10 @@ class CreateExtensionTable extends Migration {
|
|||
$table->bigIncrements('id');
|
||||
$table->string('name',100);
|
||||
$table->string('namespace',255);
|
||||
$table->boolean('active');
|
||||
$table->boolean('active')->default(false);
|
||||
$table->string('extension_class',255);
|
||||
$table->string('description',255);
|
||||
$table->string('description',255)->nullable();
|
||||
$table->string('view_name',255);
|
||||
$table->timestamps();
|
||||
});
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,10 +16,13 @@ class CreateUsersTable extends Migration {
|
|||
$table->bigIncrements('id');
|
||||
$table->string('identifier',255);
|
||||
$table->string('external_id',100);
|
||||
$table->boolean('active');
|
||||
$table->boolean('lock');
|
||||
$table->boolean('active')->default(true);
|
||||
$table->boolean('lock')->default(false);
|
||||
$table->boolean('public_profile_show_photo')->default(false);
|
||||
$table->boolean('public_profile_show_fullname')->default(false);
|
||||
$table->boolean('public_profile_show_email')->default(false);
|
||||
$table->dateTime('last_login_date');
|
||||
$table->integer('login_failed_attempt');
|
||||
$table->integer('login_failed_attempt')->default(0);
|
||||
$table->timestamps();
|
||||
});
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,12 +8,13 @@ class CreateAssociationsTable extends Migration {
|
|||
{
|
||||
Schema::create('openid_associations', function($table)
|
||||
{
|
||||
$table->bigIncrements('id');
|
||||
$table->bigIncrements('id')->unsigned();
|
||||
$table->string('identifier',255);
|
||||
$table->string('mac_function',100);
|
||||
$table->string('mac_function',255);
|
||||
$table->string('secret',1024);
|
||||
$table->string('realm',1024)->nullable();
|
||||
$table->smallInteger('type');
|
||||
$table->integer('lifetime');
|
||||
$table->integer('lifetime')->unsigned();
|
||||
$table->dateTime('issued');
|
||||
});
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,10 +8,10 @@ class CreateTrustedSitesTable extends Migration {
|
|||
{
|
||||
Schema::create('openid_trusted_sites', function($table)
|
||||
{
|
||||
$table->bigIncrements('id');
|
||||
$table->string('realm',255);
|
||||
$table->string('data',1024);
|
||||
$table->string('policy',100);
|
||||
$table->bigIncrements('id')->unsigned();
|
||||
$table->string('realm',1024);
|
||||
$table->string('data',5000)->nullable();
|
||||
$table->string('policy',255);
|
||||
$table->bigInteger("user_id")->unsigned();
|
||||
});
|
||||
}
|
||||
|
|
|
|||
|
|
@ -11,7 +11,9 @@ class DatabaseSeeder extends Seeder {
|
|||
{
|
||||
Eloquent::unguard();
|
||||
|
||||
// $this->call('UserTableSeeder');
|
||||
$this->call('OpenIdExtensionsSeeder');
|
||||
|
||||
$this->command->info('ServerExtension table seeded!');
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,28 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/25/13
|
||||
* Time: 1:34 PM
|
||||
*/
|
||||
|
||||
class OpenIdExtensionsSeeder extends Seeder {
|
||||
|
||||
public function run()
|
||||
{
|
||||
DB::table('server_extensions')->delete();
|
||||
|
||||
ServerExtension::create(
|
||||
array(
|
||||
'name' => 'AX',
|
||||
'namespace' => 'http://openid.net/srv/ax/1.0',
|
||||
'active' => true,
|
||||
'extension_class' => 'openid\extensions\implementations\OpenIdAXExtension',
|
||||
'description' => 'OpenID service extension for exchanging identity information between endpoints',
|
||||
'extension_class' => 'openid\extensions\implementations\OpenIdAXExtension',
|
||||
'view_name' =>'extensions.ax',
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -34,11 +34,12 @@ class AuthService implements IAuthService {
|
|||
/**
|
||||
* @param $username
|
||||
* @param $password
|
||||
* @param $remember_me
|
||||
* @return mixed
|
||||
*/
|
||||
public function Login($username, $password)
|
||||
public function Login($username, $password,$remember_me)
|
||||
{
|
||||
return Auth::attempt(array('username' => $username, 'password' => $password), false);
|
||||
return Auth::attempt(array('username' => $username, 'password' => $password), $remember_me);
|
||||
}
|
||||
|
||||
public function logout(){
|
||||
|
|
|
|||
|
|
@ -13,9 +13,13 @@ use openid\services\Registry;
|
|||
|
||||
class AuthenticationServiceProvider extends ServiceProvider {
|
||||
|
||||
public function register()
|
||||
{
|
||||
public function boot(){
|
||||
$this->app->singleton('openid\\services\\IAuthService','auth\\AuthService');
|
||||
Registry::getInstance()->set("openid\\services\\IAuthService",$this->app->make("openid\\services\\IAuthService"));
|
||||
}
|
||||
|
||||
public function register()
|
||||
{
|
||||
|
||||
}
|
||||
}
|
||||
|
|
@ -33,6 +33,7 @@ class CustomAuthProvider implements UserProviderInterface{
|
|||
*/
|
||||
public function retrieveById($identifier)
|
||||
{
|
||||
//here we do the manuel join between 2 DB, (openid and SS db)
|
||||
$user = OpenIdUser::where('external_id', '=', $identifier)->first();
|
||||
$member = Member::where('Email', '=', $identifier)->first();
|
||||
if(!is_null($member) && !is_null($user)){
|
||||
|
|
@ -62,27 +63,30 @@ class CustomAuthProvider implements UserProviderInterface{
|
|||
return null;
|
||||
|
||||
$user_service = Registry::getInstance()->get("openid\\services\\IUserService");
|
||||
//get SS member
|
||||
$member = Member::where('Email', '=', $identifier)->first();
|
||||
if(!is_null($member)){
|
||||
$res = $member->checkPassword($password);
|
||||
//member must exists
|
||||
$valid_password = $member->checkPassword($password);
|
||||
//if user does not exists, then create it
|
||||
if(is_null($user)){
|
||||
//create user
|
||||
$user = new OpenIdUser();
|
||||
$user->external_id = $member->Email;
|
||||
$user->last_login_date = gmdate("Y-m-d H:i:s", time());
|
||||
$user->login_failed_attempt = 0;
|
||||
$user->active = true;
|
||||
$user->lock = false;
|
||||
$user->Save();
|
||||
}
|
||||
|
||||
$user->setMember($member);
|
||||
$user_name = $member->FirstName.".".$member->Surname;
|
||||
//do association between user and member
|
||||
$user_service->associateUser($user->id,strtolower($user_name));
|
||||
|
||||
$server_configuration = Registry::getInstance()->get("openid\\services\\IServerConfigurationService");
|
||||
if(!$res){
|
||||
if($user->login_failed_attempt<$server_configuration->getMaxFailedLoginAttempts())
|
||||
|
||||
if(!$valid_password){
|
||||
//apply lock policy
|
||||
if($user->login_failed_attempt < $server_configuration->getMaxFailedLoginAttempts())
|
||||
$user_service->updateFailedLoginAttempts($user->id);
|
||||
else{
|
||||
$user_service->lockUser($user->id);
|
||||
|
|
@ -90,10 +94,11 @@ class CustomAuthProvider implements UserProviderInterface{
|
|||
$user = null;
|
||||
}
|
||||
else{
|
||||
//update user fields
|
||||
$user->last_login_date = gmdate("Y-m-d H:i:s", time());
|
||||
$user->login_failed_attempt = 0;
|
||||
$user->active = true;
|
||||
$user->lock = false;
|
||||
$user->active = true;
|
||||
$user->lock = false;
|
||||
$user->Save();
|
||||
}
|
||||
}
|
||||
|
|
@ -111,12 +116,16 @@ class CustomAuthProvider implements UserProviderInterface{
|
|||
{
|
||||
if(!isset($credentials['username']) || !isset($credentials['password']))
|
||||
throw new AuthenticationException("invalid crendentials");
|
||||
|
||||
$identifier = $credentials['username'];
|
||||
$password = $credentials['password'];
|
||||
$user = OpenIdUser::where('external_id', '=', $identifier)->first();
|
||||
|
||||
if(is_null($user) || $user->lock || !$user->active)
|
||||
return false;
|
||||
|
||||
$member = Member::where('Email', '=', $identifier)->first();
|
||||
return is_null($member)?false:$member->checkPassword($password);
|
||||
|
||||
return !is_null($member)?$member->checkPassword($password):false;
|
||||
}
|
||||
}
|
||||
|
|
@ -59,4 +59,13 @@ class OpenIdMessage implements \ArrayAccess {
|
|||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param OpenIDProtocol_* $param
|
||||
* @return string
|
||||
*/
|
||||
public function getParam($param){
|
||||
return isset($this->container[OpenIdProtocol::param($param,"_")])?$this->container[OpenIdProtocol::param($param,"_")]:null;
|
||||
}
|
||||
}
|
||||
|
|
@ -37,8 +37,12 @@ class OpenIdProtocol implements IOpenIdProtocol {
|
|||
const ErrorMode = "error";
|
||||
const AssociateMode = "associate";
|
||||
|
||||
const SignatureAlgorithmHMAC_SHA1 = "HMAC-SHA1";
|
||||
const SignatureAlgorithmHMAC_SHA256 = "HMAC-SHA256";
|
||||
const SignatureAlgorithmHMAC_SHA1 = "HMAC-SHA1";
|
||||
const SignatureAlgorithmHMAC_SHA256 = "HMAC-SHA256";
|
||||
|
||||
const AssociationSessionTypeNoEncryption = "no-encryption";
|
||||
const AssociationSessionTypeDHSHA1 = "DH-SHA1";
|
||||
const AssociationSessionTypeDHSHA256 = "DH-SHA256";
|
||||
|
||||
const OpenIDProtocol_Mode = "mode";
|
||||
const OpenIDProtocol_NS = "ns";
|
||||
|
|
@ -56,7 +60,12 @@ class OpenIdProtocol implements IOpenIdProtocol {
|
|||
const OpenIDProtocol_Contact = "contact";
|
||||
const OpenIDProtocol_Reference = "reference";
|
||||
const OpenIDProtocol_IsValid = "is_valid";
|
||||
|
||||
const OpenIDProtocol_AssocType = "assoc_type";
|
||||
const OpenIDProtocol_SessionType = "session_type";
|
||||
const OpenIdProtocol_DHModulus = "dh_modulus";
|
||||
const OpenIdProtocol_DHGen = "dh_gen";
|
||||
const OpenIdProtocol_DHConsumerPublic = "dh_consumer_public";
|
||||
const OpenIdProtocol_ExpiresIn = "expires_in";
|
||||
|
||||
|
||||
private static $OpenIDProtocol_ValidModes = array(
|
||||
|
|
@ -87,6 +96,12 @@ class OpenIdProtocol implements IOpenIdProtocol {
|
|||
self::OpenIDProtocol_Contact => self::OpenIDProtocol_Contact,
|
||||
self::OpenIDProtocol_Reference => self::OpenIDProtocol_Reference,
|
||||
self::OpenIDProtocol_IsValid => self::OpenIDProtocol_IsValid,
|
||||
self::OpenIDProtocol_AssocType => self::OpenIDProtocol_AssocType,
|
||||
self::OpenIDProtocol_SessionType => self::OpenIDProtocol_SessionType,
|
||||
self::OpenIdProtocol_DHModulus => self::OpenIdProtocol_DHModulus,
|
||||
self::OpenIdProtocol_DHGen => self::OpenIdProtocol_DHGen,
|
||||
self::OpenIdProtocol_DHConsumerPublic => self::OpenIdProtocol_DHConsumerPublic,
|
||||
self::OpenIdProtocol_ExpiresIn => self::OpenIdProtocol_ExpiresIn,
|
||||
);
|
||||
|
||||
/**
|
||||
|
|
@ -106,6 +121,7 @@ class OpenIdProtocol implements IOpenIdProtocol {
|
|||
|
||||
public function __construct(){
|
||||
//create chain of responsibility
|
||||
//todo use registry here
|
||||
$auth_service = \App::make("openid\\services\\IAuthService");
|
||||
$memento_request_service = \App::make("openid\\services\\IMementoOpenIdRequestService");
|
||||
$auth_strategy = \App::make("openid\\handlers\\IOpenIdAuthenticationStrategy");
|
||||
|
|
@ -115,7 +131,7 @@ class OpenIdProtocol implements IOpenIdProtocol {
|
|||
$server_config_service = \App::make("openid\\services\\IServerConfigurationService");
|
||||
$nonce_service = \App::make("openid\\services\\INonceService");
|
||||
$check_auth = new OpenIdCheckAuthenticationRequestHandler($association_service,$nonce_service,null);
|
||||
$session_assoc = new OpenIdSessionAssociationRequestHandler($check_auth);
|
||||
$session_assoc = new OpenIdSessionAssociationRequestHandler($association_service,$check_auth);
|
||||
$this->request_handlers = new OpenIdAuthenticationRequestHandler($auth_service,$memento_request_service,$auth_strategy,$server_extension_service,$association_service,$trusted_sites_service,$server_config_service,$nonce_service,$session_assoc);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,19 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/25/13
|
||||
* Time: 11:57 AM
|
||||
*/
|
||||
|
||||
namespace openid\exceptions;
|
||||
use \Exception;
|
||||
|
||||
class InvalidNonce extends Exception{
|
||||
|
||||
public function __construct($message = "") {
|
||||
$message = "InvalidNonce : ".$message;
|
||||
parent::__construct($message, 0 , null);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,19 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/25/13
|
||||
* Time: 1:23 PM
|
||||
*/
|
||||
|
||||
namespace openid\exceptions;
|
||||
use \Exception;
|
||||
|
||||
class OpenIdInvalidRealmException extends Exception{
|
||||
|
||||
public function __construct($message = "") {
|
||||
$message = "OpenIdInvalidRealmException : ".$message;
|
||||
parent::__construct($message, 0 , null);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -89,6 +89,7 @@ class OpenIdAuthenticationRequestHandler extends OpenIdMessageHandler
|
|||
|
||||
//initial signature params
|
||||
$context->addSignParam(OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_OpEndpoint));
|
||||
$context->addSignParam(OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm));
|
||||
$context->addSignParam(OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo));
|
||||
$context->addSignParam(OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Nonce));
|
||||
$context->addSignParam(OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_AssocHandle));
|
||||
|
|
@ -97,8 +98,10 @@ class OpenIdAuthenticationRequestHandler extends OpenIdMessageHandler
|
|||
|
||||
$op_endpoint = $this->server_configuration_service->getOPEndpointURL();
|
||||
$identity = $this->server_configuration_service->getUserIdentityEndpointURL($currentUser->getIdentifier());
|
||||
$current_nonce = $this->nonce_service->generateNonce();
|
||||
$response = new OpenIdPositiveAssertionResponse($op_endpoint, $identity, $identity, $this->current_request->getReturnTo(),$current_nonce);
|
||||
$nonce = $this->nonce_service->generateNonce();
|
||||
$realm = $this->current_request->getRealm();
|
||||
$response = new OpenIdPositiveAssertionResponse($op_endpoint, $identity, $identity, $this->current_request->getReturnTo(),$nonce->getRawFormat(),$realm);
|
||||
|
||||
|
||||
foreach ($this->extensions as $ext) {
|
||||
$ext->prepareResponse($this->current_request, $response, $context);
|
||||
|
|
@ -114,7 +117,8 @@ class OpenIdAuthenticationRequestHandler extends OpenIdMessageHandler
|
|||
$new_handle = uniqid();
|
||||
$lifetime = $this->server_configuration_service->getPrivateAssociationLifetime();
|
||||
$issued = gmdate("Y-m-d H:i:s", time());
|
||||
$this->association_service->addAssociation($new_handle, $new_secret,OpenIdProtocol::SignatureAlgorithmHMAC_SHA256,$lifetime, $issued,IAssociation::TypePrivate);
|
||||
//create private association ...
|
||||
$this->association_service->addAssociation($new_handle, $new_secret,OpenIdProtocol::SignatureAlgorithmHMAC_SHA256,$lifetime, $issued,IAssociation::TypePrivate, $realm);
|
||||
$response->setAssocHandle($new_handle);
|
||||
if (!empty($assoc_handle)) {
|
||||
$response->setInvalidateHandle($assoc_handle);
|
||||
|
|
@ -123,13 +127,16 @@ class OpenIdAuthenticationRequestHandler extends OpenIdMessageHandler
|
|||
} else {
|
||||
$response->setAssocHandle($assoc_handle);
|
||||
}
|
||||
|
||||
//create signature ...
|
||||
OpenIdSignatureBuilder::build($context, $association->getMacFunction(), $association->getSecret(), $response);
|
||||
/*
|
||||
* To prevent replay attacks, the OP MUST NOT issue more than one verification response for each
|
||||
* authentication response it had previously issued. An authentication response and its matching
|
||||
* verification request may be identified by their "openid.response_nonce" values.
|
||||
* so associate $nonce with signature and realm
|
||||
*/
|
||||
$this->nonce_service->associateNonce($current_nonce, $response->getSig());
|
||||
$this->nonce_service->associateNonce($nonce, $response->getSig(),$realm);
|
||||
return $response;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -10,6 +10,8 @@
|
|||
namespace openid\handlers;
|
||||
|
||||
|
||||
use openid\exceptions\InvalidNonce;
|
||||
use openid\model\OpenIdNonce;
|
||||
use openid\OpenIdMessage;
|
||||
use openid\requests\OpenIdCheckAuthenticationRequest;
|
||||
use openid\exceptions\InvalidOpenIdMessageException;
|
||||
|
|
@ -18,9 +20,7 @@ use openid\services\IAssociationService;
|
|||
use openid\services\INonceService;
|
||||
use openid\model\IAssociation;
|
||||
use openid\exceptions\ReplayAttackException;
|
||||
use openid\responses\contexts\ResponseContext;
|
||||
use openid\helpers\OpenIdSignatureBuilder;
|
||||
use openid\responses\OpenIdPositiveAssertionResponse;
|
||||
use openid\responses\OpenIdCheckAuthenticationResponse;
|
||||
|
||||
class OpenIdCheckAuthenticationRequestHandler extends OpenIdMessageHandler{
|
||||
|
|
@ -48,7 +48,10 @@ class OpenIdCheckAuthenticationRequestHandler extends OpenIdMessageHandler{
|
|||
|
||||
if(!$this->current_request->IsValid())
|
||||
throw new InvalidOpenIdMessageException("OpenIdCheckAuthenticationRequest is Invalid!");
|
||||
$claimed_nonce = new OpenIdNonce($this->current_request->getNonce());
|
||||
|
||||
if(!$this->nonce_service->lockNonce($claimed_nonce))
|
||||
throw new ReplayAttackException(sprintf("nonce %s already used on a formed request!",$claimed_nonce->getRawFormat()));
|
||||
/**
|
||||
* For verifying signatures an OP MUST only use private associations and MUST NOT
|
||||
* use associations that have shared keys. If the verification request contains a handle
|
||||
|
|
@ -66,10 +69,9 @@ class OpenIdCheckAuthenticationRequestHandler extends OpenIdMessageHandler{
|
|||
if(is_null($stored_assoc) || $stored_assoc->getType()!=IAssociation::TypePrivate)
|
||||
throw new InvalidOpenIdMessageException("OpenIdCheckAuthenticationRequest is Invalid!");
|
||||
|
||||
$claimed_nonce = $this->current_request->getNonce();
|
||||
|
||||
$claimed_realm = $this->current_request->getRealm();
|
||||
$claimed_sig = $this->current_request->getSig();
|
||||
$claimed_op_endpoint = $this->current_request->getOPEndpoint();
|
||||
$claimed_identity = $this->current_request->getClaimedId();
|
||||
$claimed_invalidate_handle = $this->current_request->getInvalidateHandle();
|
||||
|
||||
if(!is_null($claimed_invalidate_handle) && !empty($claimed_invalidate_handle)){
|
||||
|
|
@ -79,10 +81,7 @@ class OpenIdCheckAuthenticationRequestHandler extends OpenIdMessageHandler{
|
|||
}
|
||||
}
|
||||
|
||||
$this->nonce_service->markNonceAsInvalid($claimed_nonce,$claimed_sig);
|
||||
|
||||
|
||||
|
||||
$this->nonce_service->markNonceAsInvalid($claimed_nonce,$claimed_sig,$claimed_realm);
|
||||
|
||||
$res = OpenIdSignatureBuilder::verify($this->current_request, $stored_assoc->getMacFunction(), $stored_assoc->getSecret(),$claimed_sig);
|
||||
//delete association
|
||||
|
|
@ -98,6 +97,10 @@ class OpenIdCheckAuthenticationRequestHandler extends OpenIdMessageHandler{
|
|||
$response = new OpenIdDirectGenericErrorResponse($rEx->getMessage());
|
||||
return $response;
|
||||
}
|
||||
catch(InvalidNonce $rInvNonce){
|
||||
$response = new OpenIdDirectGenericErrorResponse($rInvNonce->getMessage());
|
||||
return $response;
|
||||
}
|
||||
catch (InvalidOpenIdMessageException $ex) {
|
||||
$response = new OpenIdDirectGenericErrorResponse($ex->getMessage());
|
||||
return $response;
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@ namespace openid\handlers;
|
|||
|
||||
|
||||
use openid\OpenIdMessage;
|
||||
use Whoops\Example\Exception;
|
||||
use \Exception;
|
||||
|
||||
abstract class OpenIdMessageHandler {
|
||||
|
||||
|
|
|
|||
|
|
@ -11,16 +11,79 @@ namespace openid\handlers;
|
|||
|
||||
|
||||
use openid\OpenIdMessage;
|
||||
|
||||
use openid\requests\OpenIdAssociationSessionRequest;
|
||||
use openid\services\IAssociationService;
|
||||
use openid\responses\OpenIdDirectGenericErrorResponse;
|
||||
use openid\requests\OpenIdDHAssociationSessionRequest;
|
||||
use Zend\Crypt\PublicKey\DiffieHellman;
|
||||
use Zend\Crypt\Exception\InvalidArgumentException;
|
||||
use \Zend\Crypt\Exception\RuntimeException;
|
||||
use openid\helpers\OpenIdCryptoHelper;
|
||||
use openid\OpenIdProtocol;
|
||||
/**
|
||||
* Class OpenIdSessionAssociationRequestHandler
|
||||
* Implements http://openid.net/specs/openid-authentication-2_0.html#associations
|
||||
* @package openid\handlers
|
||||
*/
|
||||
class OpenIdSessionAssociationRequestHandler extends OpenIdMessageHandler{
|
||||
|
||||
protected function InternalHandle(OpenIdMessage $message){
|
||||
private $association_service;
|
||||
private $nonce_service;
|
||||
private $current_request;
|
||||
|
||||
public function __construct(IAssociationService $association_service,$successor){
|
||||
parent::__construct($successor);
|
||||
$this->association_service = $association_service;
|
||||
}
|
||||
|
||||
protected function InternalHandle(OpenIdMessage $message){
|
||||
$this->current_request = null;
|
||||
try{
|
||||
|
||||
//we only implement DH
|
||||
$this->current_request = new OpenIdDHAssociationSessionRequest($message);
|
||||
|
||||
if(!$this->current_request->IsValid())
|
||||
throw new InvalidOpenIdMessageException("Association Session Request is Invalid!");
|
||||
$assoc_type = $this->current_request->getAssocType();
|
||||
$session_type = $this->current_request->getSessionType();
|
||||
//todo: convert $public_prime , $public_generator and $rp_public_key to string
|
||||
$public_prime = $this->current_request->getDHModulus();//p
|
||||
$public_generator = $this->current_request->getDHGen();//g
|
||||
$rp_public_key = $this->current_request->getDHConsumerPublic();
|
||||
|
||||
$dh = new DiffieHellman($public_prime, $public_generator);
|
||||
$dh->generateKeys();
|
||||
$pk = $dh->getPublicKey();
|
||||
$shared_secret = $dh->computeSecretKey($rp_public_key);
|
||||
|
||||
$new_secret = OpenIdCryptoHelper::generateSecret($assoc_type);
|
||||
$shared_secret = OpenIdCryptoHelper::digest($session_type,$shared_secret);
|
||||
$dh_server_public = base64_encode(OpenIdCryptoHelper::btwoc($pk));
|
||||
$enc_mac_key = base64_encode($new_secret ^ $shared_secret);
|
||||
$assoc_handle = uniqid();
|
||||
$expires_in = 120;
|
||||
//save $assoc_handle,$expires_in,$assoc_type(mac func), and $new_secret on storage as session one or public one
|
||||
|
||||
}
|
||||
catch(InvalidArgumentException $exDH1){
|
||||
$response = new OpenIdDirectGenericErrorResponse($exDH1->getMessage());
|
||||
return $response;
|
||||
}
|
||||
catch(RuntimeException $exDH2){
|
||||
$response = new OpenIdDirectGenericErrorResponse($exDH2->getMessage());
|
||||
return $response;
|
||||
}
|
||||
catch (InvalidOpenIdMessageException $ex) {
|
||||
$response = new OpenIdDirectGenericErrorResponse($ex->getMessage());
|
||||
return $response;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
protected function CanHandle(OpenIdMessage $message)
|
||||
{
|
||||
$res = false;
|
||||
$res = OpenIdDHAssociationSessionRequest::IsOpenIdAssociationSessionRequest($message);
|
||||
return $res;
|
||||
}
|
||||
}
|
||||
|
|
@ -17,7 +17,9 @@ class OpenIdCryptoHelper
|
|||
|
||||
private static $signature_algorithms= array(
|
||||
OpenIdProtocol::SignatureAlgorithmHMAC_SHA1 => "sha1",
|
||||
OpenIdProtocol::AssociationSessionTypeDHSHA1 => "sha1",
|
||||
OpenIdProtocol::SignatureAlgorithmHMAC_SHA256 => "sha256",
|
||||
OpenIdProtocol::AssociationSessionTypeDHSHA256 => "sha256",
|
||||
);
|
||||
|
||||
public static function generateSecret($func)
|
||||
|
|
@ -103,6 +105,10 @@ class OpenIdCryptoHelper
|
|||
*/
|
||||
static public function digest($func, $data)
|
||||
{
|
||||
if(!isset(self::$signature_algorithms[$func]))
|
||||
throw new OpenIdCrytoException(sprintf("Invalid mac function %s",$func));
|
||||
$func = self::$signature_algorithms[$func];
|
||||
|
||||
if (function_exists('openssl_digest')) {
|
||||
return openssl_digest($data, $func, true);
|
||||
} else if (function_exists('hash')) {
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ class OpenIdSignatureBuilder {
|
|||
$data = '';
|
||||
foreach($claimed_signed as $key){
|
||||
$key_php = str_ireplace('.','_',$key);
|
||||
$val = $request->getParam('openid_'.$key_php);
|
||||
$val = $request->getParam($key_php);
|
||||
$data .= $key . ':' . $val . "\n";
|
||||
}
|
||||
$computed_sig = base64_encode(OpenIdCryptoHelper::computeHMAC($macAlg, $data, $secret));
|
||||
|
|
|
|||
|
|
@ -535,7 +535,7 @@ class OpenIdUriHelper
|
|||
* @param string $trust_root The trust root to check
|
||||
* @return bool $sanity Whether the trust root looks OK
|
||||
*/
|
||||
private static function isSane($trust_root)
|
||||
private static function _isSane($trust_root)
|
||||
{
|
||||
$parts = self::_parse($trust_root);
|
||||
if ($parts === false) {
|
||||
|
|
@ -608,7 +608,7 @@ class OpenIdUriHelper
|
|||
public static function checkRealm($trust_root, $url)
|
||||
{
|
||||
if (!filter_var($url, FILTER_VALIDATE_URL)) return false;
|
||||
if (!self::isSane($trust_root)) return false;
|
||||
if (!self::_isSane($trust_root)) return false;
|
||||
|
||||
$trust_root_parsed = self::_parse($trust_root);
|
||||
$url_parsed = self::_parse($url);
|
||||
|
|
@ -674,4 +674,8 @@ class OpenIdUriHelper
|
|||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
public static function isValidUrl($url){
|
||||
return filter_var($url, FILTER_VALIDATE_URL);
|
||||
}
|
||||
}
|
||||
|
|
@ -30,6 +30,9 @@ interface IAssociation {
|
|||
public function getType();
|
||||
public function setType($type);
|
||||
|
||||
public function getRealm();
|
||||
public function setRealm($realm);
|
||||
|
||||
public function IsExpired();
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,84 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/25/13
|
||||
* Time: 11:55 AM
|
||||
*/
|
||||
|
||||
namespace openid\model;
|
||||
use openid\exceptions\InvalidNonce;
|
||||
use openid\services\Registry;
|
||||
|
||||
class OpenIdNonce {
|
||||
|
||||
private $timestamp;
|
||||
private $unique_id;
|
||||
private $raw_format;
|
||||
const NonceRegexFormat ='/(\d{4})-(\d\d)-(\d\d)T(\d\d):(\d\d):(\d\d)Z(.*)/';
|
||||
const NonceTimeFormat ='%Y-%m-%dT%H:%M:%SZ';
|
||||
|
||||
/**
|
||||
* @param $nonce_str
|
||||
*/
|
||||
public function __construct($nonce_str){
|
||||
// Extract a timestamp from the given nonce string
|
||||
$result = preg_match(self::NonceRegexFormat, $nonce_str, $matches);
|
||||
if ($result != 1 || count($matches) != 8) {
|
||||
throw new InvalidNonce("Invalid format ".$nonce_str);
|
||||
}
|
||||
|
||||
list($unused,
|
||||
$tm_year,
|
||||
$tm_mon,
|
||||
$tm_mday,
|
||||
$tm_hour,
|
||||
$tm_min,
|
||||
$tm_sec,
|
||||
$unique_id) = $matches;
|
||||
|
||||
$timestamp = @gmmktime($tm_hour, $tm_min, $tm_sec, $tm_mon, $tm_mday, $tm_year);
|
||||
|
||||
if ($timestamp === false || $timestamp < 0) {
|
||||
throw new InvalidNonce("Invalid timestamp ".$nonce_str);
|
||||
}
|
||||
|
||||
$this->timestamp = $timestamp;
|
||||
$this->unique_id = $unique_id;
|
||||
$this->raw_format = $nonce_str;
|
||||
}
|
||||
|
||||
public function getRawFormat(){
|
||||
return $this->raw_format;
|
||||
}
|
||||
|
||||
public function getTimestamp(){
|
||||
return $this->timestamp;
|
||||
}
|
||||
|
||||
public function getUniqueId(){
|
||||
return $this->$unique_id;
|
||||
}
|
||||
|
||||
/**
|
||||
* The time-stamp MAY be used to reject responses that are too far away from the current time,
|
||||
* limiting the amount of time that nonces must be stored to prevent attacks.
|
||||
* The acceptable range is out of the scope of this specification.
|
||||
* A larger range requires storing more nonces for a longer time.
|
||||
* A shorter range increases the chance that clock-skew and transaction time will cause
|
||||
* a spurious rejection.
|
||||
*/
|
||||
public function isValid(){
|
||||
$server_configuration_service = Registry::getInstance()->get("openid\\services\\IServerConfigurationService");
|
||||
$allowed_skew = $server_configuration_service->getNonceLifetime();
|
||||
$now = time();
|
||||
// Time after which we should not use the nonce
|
||||
$past = $now - $allowed_skew;
|
||||
// Time that is too far in the future for us to allow
|
||||
$future = $now + $allowed_skew;
|
||||
|
||||
// the stamp is not too far in the future and is not too far
|
||||
// in the past
|
||||
return (($past <= $this->timestamp) && ($this->timestamp <= $future));
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,41 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/25/13
|
||||
* Time: 5:54 PM
|
||||
*/
|
||||
|
||||
namespace openid\requests;
|
||||
|
||||
use openid\OpenIdProtocol;
|
||||
use openid\OpenIdMessage;
|
||||
|
||||
class OpenIdAssociationSessionRequest extends OpenIdRequest{
|
||||
|
||||
|
||||
|
||||
public function __construct(OpenIdMessage $message){
|
||||
parent::__construct($message);
|
||||
}
|
||||
|
||||
|
||||
public function IsValid()
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
public function getAssocType(){
|
||||
return $this->getParam(OpenIdProtocol::OpenIDProtocol_AssocType);
|
||||
}
|
||||
|
||||
public function getSessionType(){
|
||||
return $this->getParam(OpenIdProtocol::OpenIDProtocol_SessionType);
|
||||
}
|
||||
|
||||
public static function IsOpenIdAssociationSessionRequest(OpenIdMessage $message){
|
||||
$mode = $message->getMode();
|
||||
if($mode==OpenIdProtocol::AssociateMode) return true;
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
@ -27,40 +27,29 @@ class OpenIdAuthenticationRequest extends OpenIdRequest {
|
|||
}
|
||||
|
||||
public function getClaimedId(){
|
||||
return isset($this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ClaimedId,"_")])?$this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ClaimedId,"_")]:null;
|
||||
return $this->getParam(OpenIdProtocol::OpenIDProtocol_ClaimedId);
|
||||
}
|
||||
|
||||
public function getIdentity(){
|
||||
return isset($this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Identity,"_")])?$this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Identity,"_")]:null;
|
||||
return $this->getParam(OpenIdProtocol::OpenIDProtocol_Identity);
|
||||
}
|
||||
|
||||
public function getAssocHandle(){
|
||||
return isset($this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_AssocHandle,"_")])?$this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_AssocHandle,"_")]:null;
|
||||
return $this->getParam(OpenIdProtocol::OpenIDProtocol_AssocHandle);
|
||||
}
|
||||
|
||||
public function getReturnTo(){
|
||||
$return_to = isset($this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo,"_")])?$this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo,"_")]:null;
|
||||
$return_to = $this->getParam(OpenIdProtocol::OpenIDProtocol_ReturnTo);
|
||||
return (OpenIdUriHelper::checkReturnTo($return_to))?$return_to:"";
|
||||
}
|
||||
|
||||
public function getRealm(){
|
||||
return isset($this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm,"_")])?$this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm,"_")]:null;
|
||||
$realm = $this->getParam(OpenIdProtocol::OpenIDProtocol_Realm);
|
||||
return $realm;
|
||||
}
|
||||
|
||||
|
||||
public function getTrustedRoot() {
|
||||
if (isset($this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm,"_")])) {
|
||||
$root = $this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm,"_")];
|
||||
} else if (isset($this[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo,"_")])) {
|
||||
$root = $this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo,"_")];
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
if (OpenIdUriHelper::normalizeUrl($root) && !empty($root)) {
|
||||
return $root;
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param $claimed_id
|
||||
|
|
@ -70,7 +59,7 @@ class OpenIdAuthenticationRequest extends OpenIdRequest {
|
|||
private function isValidIdentifier($claimed_id,$identity){
|
||||
if($claimed_id==$identity && $identity==OpenIdProtocol::IdentifierSelectType && $claimed_id==OpenIdProtocol::IdentifierSelectType)
|
||||
return true;
|
||||
if($claimed_id==$identity){
|
||||
if($claimed_id==$identity && OpenIdUriHelper::isValidUrl($identity)){
|
||||
//todo: check valid user?
|
||||
return true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -11,6 +11,8 @@ namespace openid\requests;
|
|||
|
||||
use openid\OpenIdProtocol;
|
||||
use openid\OpenIdMessage;
|
||||
use openid\helpers\OpenIdUriHelper;
|
||||
use openid\services\Registry;
|
||||
|
||||
class OpenIdCheckAuthenticationRequest extends OpenIdAuthenticationRequest {
|
||||
|
||||
|
|
@ -26,32 +28,47 @@ class OpenIdCheckAuthenticationRequest extends OpenIdAuthenticationRequest {
|
|||
|
||||
public function IsValid()
|
||||
{
|
||||
$mode = $this->getMode();
|
||||
$claimed_assoc = $this->getAssocHandle();
|
||||
if($mode== OpenIdProtocol::CheckAuthenticationMode
|
||||
&& !is_null($claimed_assoc) && !empty($claimed_assoc)){
|
||||
$mode = $this->getMode();
|
||||
$claimed_assoc = $this->getAssocHandle();
|
||||
$claimed_nonce = $this->getNonce();
|
||||
$claimed_sig = $this->getSig();
|
||||
$claimed_op_endpoint = $this->getOPEndpoint();
|
||||
$claimed_identity = $this->getClaimedId();
|
||||
$claimed_realm = $this->getRealm();
|
||||
$claimed_returnTo = $this->getReturnTo();
|
||||
$server_configuration_service = Registry::getInstance()->get("openid\\services\\IServerConfigurationService");
|
||||
if(
|
||||
!is_null($mode) && !empty($mode) && $mode== OpenIdProtocol::CheckAuthenticationMode
|
||||
&& !is_null($claimed_returnTo) && !empty($claimed_returnTo) && OpenIdUriHelper::checkReturnTo($claimed_returnTo)
|
||||
&& !is_null($claimed_realm) && !empty($claimed_realm) && OpenIdUriHelper::checkRealm($claimed_realm,$claimed_returnTo)
|
||||
&& !is_null($claimed_assoc) && !empty($claimed_assoc)
|
||||
&& !is_null($claimed_sig) && !empty($claimed_sig)
|
||||
&& !is_null($claimed_nonce) && !empty($claimed_nonce)
|
||||
&& !is_null($claimed_op_endpoint) && !empty($claimed_op_endpoint) && $server_configuration_service->getOPEndpointURL() == $claimed_op_endpoint
|
||||
&& !is_null($claimed_identity) && !empty($claimed_identity) && OpenIdUriHelper::isValidUrl($claimed_identity)
|
||||
){
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
public function getSig(){
|
||||
return $this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Sig,"_")];
|
||||
return $this->getParam(OpenIdProtocol::OpenIDProtocol_Sig);
|
||||
}
|
||||
|
||||
public function getSigned(){
|
||||
return $this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Signed,"_")];
|
||||
return $this->getParam(OpenIdProtocol::OpenIDProtocol_Signed);
|
||||
}
|
||||
|
||||
public function getNonce(){
|
||||
return $this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Nonce,"_")];
|
||||
return $this->getParam(OpenIdProtocol::OpenIDProtocol_Nonce);
|
||||
}
|
||||
|
||||
public function getOPEndpoint(){
|
||||
return $this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_OpEndpoint,"_")];
|
||||
return $this->getParam(OpenIdProtocol::OpenIDProtocol_OpEndpoint);
|
||||
}
|
||||
|
||||
public function getInvalidateHandle(){
|
||||
return $this->message[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_InvalidateHandle,"_")];
|
||||
return $this->getParam(OpenIdProtocol::OpenIDProtocol_InvalidateHandle);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,61 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/25/13
|
||||
* Time: 6:11 PM
|
||||
*/
|
||||
|
||||
namespace openid\requests;
|
||||
|
||||
use openid\OpenIdProtocol;
|
||||
use openid\OpenIdMessage;
|
||||
|
||||
class OpenIdDHAssociationSessionRequest extends OpenIdAssociationSessionRequest {
|
||||
|
||||
|
||||
// Default Diffie-Hellman key generator (1024 bit)
|
||||
const DH_P = 'dcf93a0b883972ec0e19989ac5a2ce310e1d37717e8d9571bb7623731866e61ef75a2e27898b057f9891c2e27a639c3f29b60814581cd3b2ca3986d2683705577d45c2e7e52dc81c7a171876e5cea74b1448bfdfaf18828efd2519f14e45e3826634af1949e5b535cc829a483b8a76223e5d490a257f05bdff16f2fb22c583ab';
|
||||
|
||||
// Default Diffie-Hellman prime number (should be 2 or 5)
|
||||
const DH_G = '02';
|
||||
|
||||
public function __construct(OpenIdMessage $message){
|
||||
parent::__construct($message);
|
||||
}
|
||||
|
||||
public function IsValid()
|
||||
{
|
||||
$dh_modulus = $this->getDHModulus();
|
||||
$dh_gen = $this->getDHGen();
|
||||
$dh_consumer_public = $this->getDHConsumerPublic();
|
||||
if(!empty($dh_modulus) && !empty($dh_gen) && !empty($dh_consumer_public))
|
||||
return true;
|
||||
return true;
|
||||
}
|
||||
|
||||
public function getDHModulus(){
|
||||
$p = $this->getParam(OpenIdProtocol::OpenIdProtocol_DHModulus);
|
||||
return empty($p)?pack('H*', OpenIdDHAssociationSessionRequest::DH_P): base64_decode($p);
|
||||
}
|
||||
|
||||
public function getDHGen(){
|
||||
$g = $this->getParam(OpenIdProtocol::OpenIdProtocol_DHGen);
|
||||
return empty($g)?pack('H*', OpenIdDHAssociationSessionRequest::DH_G): base64_decode($g);
|
||||
}
|
||||
|
||||
public function getDHConsumerPublic(){
|
||||
$pk = $this->getParam(OpenIdProtocol::OpenIdProtocol_DHConsumerPublic);
|
||||
return empty($pk)?"": base64_decode($pk);
|
||||
}
|
||||
|
||||
public static function IsOpenIdDHAssociationSessionRequest(OpenIdMessage $message){
|
||||
if(OpenIdAssociationSessionRequest::IsOpenIdAssociationSessionRequest($message)){
|
||||
$session_type = $message->getParam(OpenIdProtocol::OpenIDProtocol_AssocType);
|
||||
if($session_type==OpenIdProtocol::AssociationSessionTypeDHSHA1 || $session_type==OpenIdProtocol::AssociationSessionTypeDHSHA256)
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -28,7 +28,12 @@ abstract class OpenIdRequest {
|
|||
|
||||
abstract public function IsValid();
|
||||
|
||||
public function getParam($param){
|
||||
return $this->message[$param];
|
||||
}
|
||||
|
||||
/**
|
||||
* @param OpenIDProtocol_* $param
|
||||
* @return string
|
||||
*/
|
||||
public function getParam($param){
|
||||
return $this->message->getParam($param);
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,40 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/25/13
|
||||
* Time: 6:31 PM
|
||||
*/
|
||||
|
||||
namespace openid\responses;
|
||||
|
||||
|
||||
use openid\OpenIdProtocol;
|
||||
|
||||
abstract class OpenIdAssociationSessionResponse extends OpenIdDirectResponse {
|
||||
|
||||
/** Common Response Parameters
|
||||
* @param $assoc_handle
|
||||
* The association handle is used as a key to refer to this association in subsequent messages.
|
||||
* A string 255 characters or less in length. It MUST consist only of ASCII characters in the
|
||||
* range 33-126 inclusive (printable non-whitespace characters).
|
||||
* @param $session_type
|
||||
* The value of the "openid.session_type" parameter from the request. If the OP is unwilling
|
||||
* or unable to support this association type, it MUST return an unsuccessful response.
|
||||
* @param $assoc_type
|
||||
* The value of the "openid.assoc_type" parameter from the request. If the OP is unwilling or
|
||||
* unable to support this association type, it MUST return an unsuccessful response.
|
||||
* @param $expires_in
|
||||
* The lifetime, in seconds, of this association. The Relying Party MUST NOT use
|
||||
* the association after this time has passed.
|
||||
* An integer, represented in base 10 ASCII.
|
||||
*/
|
||||
public function __construct($assoc_handle,$session_type, $assoc_type,$expires_in){
|
||||
parent::__construct();
|
||||
$this[OpenIdProtocol::OpenIDProtocol_AssocHandle] = $assoc_handle;
|
||||
$this[OpenIdProtocol::OpenIDProtocol_SessionType] = $session_type;
|
||||
$this[OpenIdProtocol::OpenIDProtocol_AssocType] = $assoc_type;
|
||||
$this[OpenIdProtocol::OpenIdProtocol_ExpiresIn] = $expires_in;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,20 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/25/13
|
||||
* Time: 7:01 PM
|
||||
*/
|
||||
|
||||
namespace openid\responses;
|
||||
|
||||
/**
|
||||
* Class OpenIdDiffieHellmanAssociationSessionResponse
|
||||
* @package openid\responses
|
||||
*/
|
||||
class OpenIdDiffieHellmanAssociationSessionResponse extends OpenIdAssociationSessionResponse{
|
||||
|
||||
public function __construct($assoc_handle,$session_type, $assoc_type,$expires_in){
|
||||
parent::__construct($assoc_handle,$session_type, $assoc_type,$expires_in);
|
||||
}
|
||||
}
|
||||
|
|
@ -14,7 +14,7 @@ use openid\OpenIdProtocol;
|
|||
|
||||
class OpenIdPositiveAssertionResponse extends OpenIdIndirectResponse {
|
||||
|
||||
public function __construct($op_endpoint,$claimed_id,$identity,$return_to,$nonce){
|
||||
public function __construct($op_endpoint,$claimed_id,$identity,$return_to,$nonce,$realm){
|
||||
parent::__construct();
|
||||
$this->setMode(OpenIdProtocol::IdMode);
|
||||
$this[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_OpEndpoint)] = $op_endpoint;
|
||||
|
|
@ -22,6 +22,7 @@ class OpenIdPositiveAssertionResponse extends OpenIdIndirectResponse {
|
|||
$this[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Identity)] = $identity;
|
||||
$this[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo)] = $return_to;
|
||||
$this[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Nonce)] = $nonce;
|
||||
$this[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm)] = $realm;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,16 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/25/13
|
||||
* Time: 6:59 PM
|
||||
*/
|
||||
|
||||
namespace openid\responses;
|
||||
|
||||
|
||||
class OpenIdUnencryptedAssociationSessionResponse extends OpenIdAssociationSessionResponse {
|
||||
public function __construct($assoc_handle,$session_type, $assoc_type,$expires_in){
|
||||
parent::__construct($assoc_handle,$session_type, $assoc_type,$expires_in);
|
||||
}
|
||||
}
|
||||
|
|
@ -13,15 +13,24 @@ use openid\model\IAssociation;
|
|||
interface IAssociationService {
|
||||
/**
|
||||
* @param $handle
|
||||
* @return IAssociation
|
||||
* @param null $realm
|
||||
* @return null|IAssociation
|
||||
* @throws \openid\exceptions\ReplayAttackException
|
||||
* @throws \openid\exceptions\OpenIdInvalidRealmException
|
||||
*/
|
||||
public function getAssociation($handle);
|
||||
public function getAssociation($handle, $realm=null);
|
||||
|
||||
/**
|
||||
* @param IAssociation $association
|
||||
* @return bool
|
||||
* @param $handle
|
||||
* @param $secret
|
||||
* @param $mac_function
|
||||
* @param $lifetime
|
||||
* @param $issued
|
||||
* @param $type
|
||||
* @param $realm
|
||||
* @return mixed
|
||||
*/
|
||||
public function addAssociation($handle,$secret,$mac_function,$lifetime,$issued,$type);
|
||||
public function addAssociation($handle,$secret,$mac_function,$lifetime,$issued,$type, $realm);
|
||||
|
||||
/**
|
||||
* @param $handle
|
||||
|
|
|
|||
|
|
@ -24,9 +24,10 @@ interface IAuthService {
|
|||
/**
|
||||
* @param $username
|
||||
* @param $password
|
||||
* @param $remember_me
|
||||
* @return mixed
|
||||
*/
|
||||
public function Login($username,$password);
|
||||
public function Login($username,$password,$remember_me);
|
||||
|
||||
const AuthorizationResponse_None = "None";
|
||||
const AuthorizationResponse_AllowOnce = "AllowOnce";
|
||||
|
|
|
|||
|
|
@ -8,12 +8,19 @@
|
|||
|
||||
namespace openid\services;
|
||||
use \openid\exceptions\ReplayAttackException;
|
||||
use openid\model\OpenIdNonce;
|
||||
|
||||
interface INonceService {
|
||||
|
||||
/**
|
||||
* @return OpenIdNonce
|
||||
*/
|
||||
public function generateNonce();
|
||||
|
||||
public function associateNonce($nonce,$signature);
|
||||
public function lockNonce(OpenIdNonce $nonce);
|
||||
public function unlockNonce(OpenIdNonce $nonce);
|
||||
|
||||
public function associateNonce(OpenIdNonce $nonce,$signature, $realm);
|
||||
|
||||
/**
|
||||
* To prevent replay attacks, the OP MUST NOT issue more than one verification response
|
||||
|
|
@ -24,5 +31,5 @@ interface INonceService {
|
|||
* @throws ReplayAttackException
|
||||
* @return mixed
|
||||
*/
|
||||
public function markNonceAsInvalid($nonce,$signature);
|
||||
public function markNonceAsInvalid(OpenIdNonce $nonce, $signature, $realm);
|
||||
}
|
||||
|
|
@ -16,4 +16,5 @@ interface IServerConfigurationService {
|
|||
public function getPrivateAssociationLifetime();
|
||||
public function getSessionAssociationLifetime();
|
||||
public function getMaxFailedLoginAttempts();
|
||||
public function getNonceLifetime();
|
||||
}
|
||||
|
|
@ -67,4 +67,14 @@ class OpenIdAssociation extends Eloquent implements IAssociation{
|
|||
{
|
||||
// TODO: Implement IsExpired() method.
|
||||
}
|
||||
|
||||
public function getRealm()
|
||||
{
|
||||
return $this->realm;
|
||||
}
|
||||
|
||||
public function setRealm($realm)
|
||||
{
|
||||
// TODO: Implement setRealm() method.
|
||||
}
|
||||
}
|
||||
|
|
@ -8,22 +8,45 @@
|
|||
*/
|
||||
|
||||
namespace services;
|
||||
use openid\exceptions\ReplayAttackException;
|
||||
use openid\model\IAssociation;
|
||||
use openid\services\IAssociationService;
|
||||
use \OpenIdAssociation;
|
||||
use \DateTime;
|
||||
use \DateInterval;
|
||||
use openid\exceptions\OpenIdInvalidRealmException;
|
||||
|
||||
class AssociationService implements IAssociationService{
|
||||
|
||||
private $redis;
|
||||
|
||||
public function __construct(){
|
||||
$this->redis = \RedisLV4::connection();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param $handle
|
||||
* @return IAssociation
|
||||
* @param null $realm
|
||||
* @return null|IAssociation
|
||||
* @throws \openid\exceptions\ReplayAttackException
|
||||
* @throws \openid\exceptions\OpenIdInvalidRealmException
|
||||
*/
|
||||
public function getAssociation($handle)
|
||||
public function getAssociation($handle, $realm=null)
|
||||
{
|
||||
$assoc = OpenIdAssociation::where('identifier','=',$handle)->first();
|
||||
if(!is_null($assoc)){
|
||||
$issued_date = new DateTime($assoc->issued);
|
||||
if($assoc->type == IAssociation::TypePrivate && !is_null($realm) && !empty($realm)){
|
||||
if($assoc->realm!=$realm){
|
||||
throw new OpenIdInvalidRealmException(sprintf("Private Association %s was not emit for requested realm %s",$handle,$realm));
|
||||
}
|
||||
$cur_time = time();
|
||||
$lock_lifetime = 180;
|
||||
$success = $this->redis->setnx('lock.'.$handle,$cur_time+$lock_lifetime+1);
|
||||
if(!$success){
|
||||
throw new ReplayAttackException(sprintf("Private Association %s already used",$handle));
|
||||
}
|
||||
}
|
||||
$life_time = $assoc->lifetime;
|
||||
$issued_date->add(new DateInterval('PT'.$life_time.'S'));
|
||||
$now = new DateTime(gmdate("Y-m-d H:i:s", time()));
|
||||
|
|
@ -39,15 +62,17 @@ class AssociationService implements IAssociationService{
|
|||
* @param IAssociation $association
|
||||
* @return bool
|
||||
*/
|
||||
public function addAssociation($handle, $secret,$mac_function, $lifetime, $issued,$type)
|
||||
public function addAssociation($handle, $secret,$mac_function, $lifetime, $issued,$type,$realm=null)
|
||||
{
|
||||
$assoc = new OpenIdAssociation();
|
||||
$assoc->identifier = $handle;
|
||||
$assoc->secret = $secret;
|
||||
$assoc->type = $type;
|
||||
$assoc->identifier = $handle;
|
||||
$assoc->secret = $secret;
|
||||
$assoc->type = $type;
|
||||
$assoc->mac_function = $mac_function;
|
||||
$assoc->lifetime = $lifetime;
|
||||
$assoc->issued = $issued;
|
||||
$assoc->lifetime = $lifetime;
|
||||
$assoc->issued = $issued;
|
||||
if(!is_null($realm))
|
||||
$assoc->realm = $realm;
|
||||
$assoc->Save();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,14 @@
|
|||
<?php
|
||||
/**
|
||||
* Created by PhpStorm.
|
||||
* User: smarcet
|
||||
* Date: 10/25/13
|
||||
* Time: 4:00 PM
|
||||
*/
|
||||
|
||||
namespace services\Facades;
|
||||
use Illuminate\Support\Facades\Facade;
|
||||
|
||||
class ServerConfigurationService extends Facade {
|
||||
protected static function getFacadeAccessor() { return 'serverconfigurationservice'; }
|
||||
}
|
||||
|
|
@ -7,7 +7,8 @@
|
|||
*/
|
||||
|
||||
namespace services;
|
||||
//use Illuminate\Redis\Database as Redis;
|
||||
|
||||
use openid\model\OpenIdNonce;
|
||||
use openid\services\INonceService;
|
||||
use openid\exceptions\ReplayAttackException;
|
||||
|
||||
|
|
@ -19,33 +20,67 @@ class NonceService implements INonceService {
|
|||
$this->redis = \RedisLV4::connection();
|
||||
}
|
||||
|
||||
public function generateNonce()
|
||||
{
|
||||
$nonce = gmdate('Y-m-d\TH:i:s\Z') . uniqid();
|
||||
//sets the $nonce to live 60 secs
|
||||
$this->redis->setex($nonce,3600 ,'');
|
||||
return $nonce;
|
||||
/**
|
||||
* @param OpenIdNonce $nonce
|
||||
* @return bool
|
||||
*/
|
||||
public function lockNonce(OpenIdNonce $nonce){
|
||||
$raw_nonce = $nonce->getRawFormat();
|
||||
$cur_time = time();
|
||||
$lock_lifetime = \ServerConfigurationService::getNonceLifetime();;
|
||||
return $this->redis->setnx('lock.'.$raw_nonce,$cur_time+$lock_lifetime+1);
|
||||
}
|
||||
|
||||
public function unlockNonce(OpenIdNonce $nonce){
|
||||
$raw_nonce = $nonce->getRawFormat();
|
||||
$this->redis->del('lock.'.$raw_nonce);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param $nonce
|
||||
* @param $signature
|
||||
* @throws \openid\exceptions\ReplayAttackException
|
||||
* @return OpenIdNonce
|
||||
*/
|
||||
public function markNonceAsInvalid($nonce, $signature)
|
||||
public function generateNonce()
|
||||
{
|
||||
$old_signature = $this->redis->get($nonce);
|
||||
if(!$old_signature){
|
||||
throw new ReplayAttackException(sprintf("nonce %s was already used!.",$nonce));
|
||||
}
|
||||
if($old_signature!=$signature){
|
||||
throw new ReplayAttackException(sprintf("nonce %s was associated with sig %s, but sig %s was provided.",$nonce,$old_signature,$signature));
|
||||
}
|
||||
$this->redis->del($nonce);
|
||||
$raw_nonce = gmdate('Y-m-d\TH:i:s\Z') . uniqid();
|
||||
return new OpenIdNonce($raw_nonce);
|
||||
}
|
||||
|
||||
public function associateNonce($nonce, $signature)
|
||||
/**
|
||||
* @param OpenIdNonce $nonce
|
||||
* @param string $signature
|
||||
* @param string $realm
|
||||
* @return mixed|void
|
||||
* @throws \openid\exceptions\ReplayAttackException
|
||||
*/
|
||||
public function markNonceAsInvalid(OpenIdNonce $nonce, $signature, $realm)
|
||||
{
|
||||
$this->redis->setex($nonce,3600,$signature);
|
||||
$raw_nonce = $nonce->getRawFormat();
|
||||
$key = $raw_nonce.$signature;
|
||||
|
||||
try{
|
||||
if($this->redis->exists($key)==0)
|
||||
throw new ReplayAttackException(sprintf("nonce %s was already used!.",$nonce));
|
||||
$old_realm = $this->redis->get($key);
|
||||
if($realm!=$old_realm){
|
||||
throw new ReplayAttackException(sprintf("nonce %s was not emit for realm !.",$realm));
|
||||
}
|
||||
$this->redis->del($key);
|
||||
}
|
||||
catch(ReplayAttackException $ex){
|
||||
$this->redis->del($key);
|
||||
throw $ex;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param OpenIdNonce $nonce
|
||||
* @param string $signature
|
||||
* @param string $realm
|
||||
*/
|
||||
public function associateNonce(OpenIdNonce $nonce, $signature,$realm)
|
||||
{
|
||||
$raw_nonce = $nonce->getRawFormat();
|
||||
$lifetime = \ServerConfigurationService::getNonceLifetime();
|
||||
$this->redis->setex($raw_nonce.$signature,$lifetime,$realm);
|
||||
}
|
||||
}
|
||||
|
|
@ -36,4 +36,8 @@ class ServerConfigurationService implements IServerConfigurationService{
|
|||
public function getMaxFailedLoginAttempts(){
|
||||
return 3;
|
||||
}
|
||||
|
||||
public function getNonceLifetime(){
|
||||
return 360;
|
||||
}
|
||||
}
|
||||
|
|
@ -14,13 +14,10 @@ use Illuminate\Redis\Database;
|
|||
|
||||
class ServicesProvider extends ServiceProvider {
|
||||
|
||||
public function register()
|
||||
{
|
||||
|
||||
$this->app['redis'] = $this->app->share(function($app)
|
||||
{
|
||||
return new Database($app['config']['database.redis']);
|
||||
});
|
||||
public function boot(){
|
||||
|
||||
//register on boot bc we rely on Illuminate\Redis\ServiceProvider\RedisServiceProvider
|
||||
|
||||
$this->app->singleton('openid\\services\\IMementoOpenIdRequestService','services\\MementoRequestService');
|
||||
$this->app->singleton('openid\\handlers\\IOpenIdAuthenticationStrategy','services\\AuthenticationStrategy');
|
||||
|
|
@ -41,8 +38,19 @@ class ServicesProvider extends ServiceProvider {
|
|||
Registry::getInstance()->set("openid\\services\\INonceService",\App::make("openid\\services\\INonceService"));
|
||||
}
|
||||
|
||||
public function provides()
|
||||
public function register()
|
||||
{
|
||||
return array('redis');
|
||||
$this->app['serverconfigurationservice'] = $this->app->share(function($app)
|
||||
{
|
||||
return new ServerConfigurationService();
|
||||
});
|
||||
|
||||
// Shortcut so developers don't need to add an Alias in app/config/app.php
|
||||
$this->app->booting(function()
|
||||
{
|
||||
$loader = \Illuminate\Foundation\AliasLoader::getInstance();
|
||||
$loader->alias('ServerConfigurationService', 'services\\Facades\\ServerConfigurationService');
|
||||
});
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -60,7 +60,7 @@ App::error(function(Exception $exception, $code)
|
|||
App::error(function(openid\exceptions\InvalidOpenIdMessageException $exception, $code)
|
||||
{
|
||||
Log::error($exception);
|
||||
return View::make('error')->with('error', $exception->getMessage());
|
||||
return View::make('404');
|
||||
});
|
||||
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
@extends('layout')
|
||||
@section('content')
|
||||
<div class="container">
|
||||
{{ Form::open(array('url' => '/accounts/user/consent', 'method' => 'post', "autocomplete" => "off")) }}
|
||||
{{ Form::open(array('url' => '/accounts/user/consent','id'=>'authorization_form', 'method' => 'post', "autocomplete" => "off")) }}
|
||||
<label>
|
||||
This Site {{ $realm }} is requesting permissions
|
||||
</label>
|
||||
|
|
@ -16,11 +16,23 @@
|
|||
{{ Form::label("deny_forever","Deny Forever")}}
|
||||
{{ Form::radio('trust[]', 'DenyForever','',array('id'=>'deny_forever')) }}
|
||||
</div>
|
||||
{{ Form::submit('Ok') }}
|
||||
{{ Form::submit('Cancel') }}
|
||||
{{ Form::submit('Ok',array("id"=>"send_authorization",'class'=>'btn')) }}
|
||||
{{ Form::button('Cancel',array('id'=>'cancel_authorization','class'=>'btn cancel_authorization')) }}
|
||||
{{ Form::close() }}
|
||||
@foreach ($views as $view)
|
||||
{{ $view}}
|
||||
@endforeach
|
||||
</div>
|
||||
@section('scripts')
|
||||
<script type="application/javascript">
|
||||
$(document).ready(function() {
|
||||
$("body").on('click',"#cancel_authorization",function(event){
|
||||
$form = $('#authorization_form');
|
||||
$("#deny_once").prop("checked", true)
|
||||
$form.submit();
|
||||
event.preventDefault();
|
||||
return false;
|
||||
});
|
||||
});
|
||||
</script>
|
||||
@stop
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
@if(count($attributes)>0)
|
||||
<ul>
|
||||
@foreach ($attributes as $attr)
|
||||
<li>{{$attr}}</li>
|
||||
<li>{{$attr}} <i class="icon-info-sign"></i></li>
|
||||
@endforeach
|
||||
</ul>
|
||||
@endif
|
||||
|
|
@ -4,12 +4,16 @@
|
|||
<title>OpenstackId Idp</title>
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
{{ HTML::style('css/bootstrap.css') }}
|
||||
{{ HTML::script('js/jquery-2.0.3.min.js')}}
|
||||
|
||||
</head>
|
||||
<body>
|
||||
<div
|
||||
@yield('content')
|
||||
|
||||
<div class="container">
|
||||
<div class="row" id="main-content">
|
||||
@yield('content')
|
||||
</div>
|
||||
<footer class="row"></footer>
|
||||
</div>
|
||||
{{ HTML::script('js/jquery-2.0.3.min.js')}}
|
||||
{{ HTML::script('js/bootstrap.min.js')}}
|
||||
@yield('scripts')
|
||||
</body>
|
||||
|
|
|
|||
|
|
@ -1,30 +1,41 @@
|
|||
@extends('layout')
|
||||
@section('content')
|
||||
<h1>Login</h1>
|
||||
<div class="container">
|
||||
{{ Form::open(array('url' => '/accounts/user/login', 'method' => 'post', "autocomplete" => "off")) }}
|
||||
<ul class="errors">
|
||||
@foreach($errors->all() as $message)
|
||||
<li>{{ $message }}</li>
|
||||
@endforeach
|
||||
</ul>
|
||||
<!-- username field -->
|
||||
<div>
|
||||
{{ Form::label('username', 'user') }}
|
||||
{{ Form::text('username') }}
|
||||
</div>
|
||||
<div>
|
||||
{{ Form::label('password', 'password') }}
|
||||
{{ Form::password('password') }}
|
||||
</div>
|
||||
<div>
|
||||
{{ Form::label('remember', 'remember me') }}
|
||||
{{ Form::checkbox('remember', '1', false) }}
|
||||
</div>
|
||||
{{ Form::submit('Login') }}
|
||||
@if(Session::has('flash_notice'))
|
||||
<div id="flash_notice">{{ Session::get('flash_notice') }}</div>
|
||||
@endif
|
||||
{{ Form::close() }}
|
||||
|
||||
<div class="span4" id="sidebar">
|
||||
<h4>Welcome to OpenstackId!!!</h4>
|
||||
<div class="well">
|
||||
{{ Form::open(array('url' => '/accounts/user/login', 'method' => 'post', "autocomplete" => "off")) }}
|
||||
<fieldset>
|
||||
<legend>Login</legend>
|
||||
{{ Form::text('username',null, array('placeholder' => 'Username','class'=>'input-block-level')) }}
|
||||
{{ Form::password('password', array('placeholder' => 'Password','class'=>'input-block-level')) }}
|
||||
<label class="checkbox">
|
||||
{{ Form::checkbox('remember', '1', false) }}Remember me
|
||||
</label>
|
||||
<div class="pull-right">
|
||||
{{ Form::submit('Login',array('id'=>'login','class'=>'btn btn-primary')) }}
|
||||
</div>
|
||||
</fieldset>
|
||||
{{ Form::close() }}
|
||||
</div>
|
||||
|
||||
@if(Session::has('flash_notice'))
|
||||
<div class="alert alert-error">
|
||||
<button type="button" class="close" data-dismiss="alert">×</button>
|
||||
{{ Session::get('flash_notice') }}
|
||||
</div>
|
||||
@else
|
||||
@foreach($errors->all() as $message)
|
||||
<div class="alert alert-error">
|
||||
<button type="button" class="close" data-dismiss="alert">×</button>
|
||||
{{ $message }}
|
||||
</div>
|
||||
@endforeach
|
||||
@endif
|
||||
|
||||
</div>
|
||||
<div class="span8">
|
||||
|
||||
</div>
|
||||
|
||||
@stop
|
||||
Loading…
Reference in New Issue