serveral small fixes to the openid server
This commit is contained in:
parent
332cab0c55
commit
9bc3991c23
|
@ -209,7 +209,6 @@ function authorize_mode () {
|
||||||
$profile['idp_url']=$IDENTITY;
|
$profile['idp_url']=$IDENTITY;
|
||||||
if (isset($_SERVER['PHP_AUTH_USER']) && $profile['authorized'] === false && $_SERVER['PHP_AUTH_USER']==$USERNAME) {
|
if (isset($_SERVER['PHP_AUTH_USER']) && $profile['authorized'] === false && $_SERVER['PHP_AUTH_USER']==$USERNAME) {
|
||||||
if (OC_USER::checkPassword($USERNAME, $_SERVER['PHP_AUTH_PW'])) {// successful login!
|
if (OC_USER::checkPassword($USERNAME, $_SERVER['PHP_AUTH_PW'])) {// successful login!
|
||||||
error_log('success');
|
|
||||||
// return to the refresh url if they get in
|
// return to the refresh url if they get in
|
||||||
$_SESSION['openid_auth']=true;
|
$_SESSION['openid_auth']=true;
|
||||||
$_SESSION['openid_user']=$USERNAME;
|
$_SESSION['openid_user']=$USERNAME;
|
||||||
|
@ -339,7 +338,7 @@ function checkid ( $wait ) {
|
||||||
: error_get($return_to, 'Missing identity');
|
: error_get($return_to, 'Missing identity');
|
||||||
|
|
||||||
$assoc_handle = @strlen($_REQUEST['openid_assoc_handle'])
|
$assoc_handle = @strlen($_REQUEST['openid_assoc_handle'])
|
||||||
? $_REQUEST['openid_assoc.handle']
|
? $_REQUEST['openid_assoc_handle']
|
||||||
: null;
|
: null;
|
||||||
|
|
||||||
$trust_root = @strlen($_REQUEST['openid_trust_root'])
|
$trust_root = @strlen($_REQUEST['openid_trust_root'])
|
||||||
|
@ -1626,7 +1625,6 @@ $GLOBALS['port'] = ((isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == 'on' && $_
|
||||||
: ':' . $_SERVER['SERVER_PORT'];
|
: ':' . $_SERVER['SERVER_PORT'];
|
||||||
|
|
||||||
|
|
||||||
error_log($_SERVER['HTTP_HOST']);
|
|
||||||
/**
|
/**
|
||||||
* Determine the HTTP request protocol
|
* Determine the HTTP request protocol
|
||||||
* @name $proto
|
* @name $proto
|
||||||
|
@ -1651,15 +1649,15 @@ $profile['req_url'] = sprintf("%s://%s%s",
|
||||||
// $port,//host already includes the path
|
// $port,//host already includes the path
|
||||||
$_SERVER["REQUEST_URI"]);
|
$_SERVER["REQUEST_URI"]);
|
||||||
|
|
||||||
$fullId=urlencode('.php/'.$USERNAME);
|
$fullId='user.php/'.$USERNAME.'/';
|
||||||
$incompleteId=urlencode('.php/');
|
$incompleteId='user.php/';
|
||||||
|
|
||||||
if(!strpos($profile['req_url'],$fullId)){
|
if(!strpos($profile['req_url'],$fullId)){
|
||||||
$profile['req_url']=str_replace($incompleteId,$fullId,$profile['req_url']);
|
$profile['req_url']=str_replace($incompleteId,$fullId,$profile['req_url']);
|
||||||
}
|
}
|
||||||
|
|
||||||
error_log('inc id: '.$fullId);
|
// error_log('inc id: '.$fullId);
|
||||||
error_log('req url: '.$profile['req_url']);
|
// error_log('req url: '.$profile['req_url']);
|
||||||
|
|
||||||
// Set the default allowance for testing
|
// Set the default allowance for testing
|
||||||
if (! array_key_exists('allow_test', $profile))
|
if (! array_key_exists('allow_test', $profile))
|
||||||
|
|
|
@ -25,6 +25,9 @@ $USERNAME=substr($_SERVER["REQUEST_URI"],strpos($_SERVER["REQUEST_URI"],'.php/')
|
||||||
if(strpos($USERNAME,'?')!==false){
|
if(strpos($USERNAME,'?')!==false){
|
||||||
$USERNAME=substr($USERNAME,0,strpos($USERNAME,'?'));
|
$USERNAME=substr($USERNAME,0,strpos($USERNAME,'?'));
|
||||||
}
|
}
|
||||||
|
if(substr($USERNAME,-1,1)=='/'){//openid sometimes add slashes to the username
|
||||||
|
$USERNAME=substr($USERNAME,0,-1);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
if($USERNAME=='' and isset($_SERVER['PHP_AUTH_USER'])){
|
if($USERNAME=='' and isset($_SERVER['PHP_AUTH_USER'])){
|
||||||
|
@ -36,7 +39,8 @@ $RUNTIME_NOAPPS=false;
|
||||||
require_once '../../lib/base.php';
|
require_once '../../lib/base.php';
|
||||||
|
|
||||||
if(!OC_USER::userExists($USERNAME)){
|
if(!OC_USER::userExists($USERNAME)){
|
||||||
$USERNAME='';
|
error_log($USERNAME.' doesn\'t exist');
|
||||||
|
$USERNAME='';
|
||||||
}
|
}
|
||||||
global $WEBROOT;
|
global $WEBROOT;
|
||||||
$IDENTITY=((isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == 'on') ? 'https' : 'http').'://'.$_SERVER['HTTP_HOST'].$WEBROOT.'/apps/user_openid/user.php/'.$USERNAME;
|
$IDENTITY=((isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == 'on') ? 'https' : 'http').'://'.$_SERVER['HTTP_HOST'].$WEBROOT.'/apps/user_openid/user.php/'.$USERNAME;
|
||||||
|
|
Loading…
Reference in New Issue