1<?php 2 3/** 4 * OpenID server configuration script. 5 * 6 * This script generates a config.php file needed by the server 7 * example. 8 * 9 * @package OpenID.Examples 10 * @author JanRain, Inc. <openid@janrain.com> 11 * @copyright 2005-2008 Janrain, Inc. 12 * @license http://www.apache.org/licenses/LICENSE-2.0 Apache 13 */ 14 15$path_extra = dirname(dirname(dirname(__FILE__))); 16$path = ini_get('include_path'); 17$path = $path_extra . PATH_SEPARATOR . $path; 18ini_set('include_path', $path); 19require_once "Auth/OpenID.php"; 20 21/** 22 * Data. 23 */ 24 25$store_types = array("Filesystem" => "Auth_OpenID_FileStore", 26 "MySQL" => "Auth_OpenID_MySQLStore", 27 "PostgreSQL" => "Auth_OpenID_PostgreSQLStore", 28 "SQLite" => "Auth_OpenID_SQLiteStore"); 29 30/** 31 * Main. 32 */ 33 34$messages = array(); 35 36session_start(); 37init_session(); 38 39if (!check_session() || 40 isset($_GET['add_openid'])) { 41 render_form(); 42} else { 43 print generate_config(isset($_GET['download'])); 44} 45 46/** 47 * Functions. 48 */ 49 50function check_url($url) { 51 return (Auth_OpenID::normalizeUrl($url) !== null); 52} 53 54function build_url() { 55 $port = (($_SERVER['SERVER_PORT'] == 80) ? null : $_SERVER['SERVER_PORT']); 56 57 $parts = explode("/", $_SERVER['SERVER_PROTOCOL']); 58 $scheme = strtolower($parts[0]); 59 60 if ($port) { 61 return sprintf("%s://%s:%s%s/server.php", $scheme, $_SERVER['SERVER_NAME'], 62 $port, dirname($_SERVER['PHP_SELF'])); 63 } else { 64 return sprintf("%s://%s%s/server.php", $scheme, $_SERVER['SERVER_NAME'], 65 dirname($_SERVER['PHP_SELF'])); 66 } 67} 68 69function check_open_basedir($path) { 70 if (ini_get('open_basedir')) { 71 $parts = explode(PATH_SEPARATOR, ini_get('open_basedir')); 72 73 $found = false; 74 75 foreach ($parts as $p) { 76 if (strpos($path, $p) === 0) { 77 $found = true; 78 break; 79 } 80 } 81 82 return $found; 83 } else { 84 return true; 85 } 86} 87 88function check_session() { 89 90 global $messages; 91 92 if ($_GET && isset($_GET['clear'])) { 93 session_destroy(); 94 $_SESSION = array(); 95 init_session(); 96 return false; 97 } 98 99 $bad_path = false; 100 101 if (isset($_GET['generate'])) { 102 if (!$_SESSION['server_url']) { 103 $messages[] = "Please enter a server URL."; 104 } 105 106 if (!isset($_SESSION['store_type'])) { 107 $messages[] = "No store type chosen."; 108 } else { 109 switch ($_SESSION['store_type']) { 110 case "Filesystem": 111 if (!@$_SESSION['store_data']['fs_path']) { 112 $messages[] = "Please specify a filesystem store path."; 113 } else { 114 if (!check_open_basedir($_SESSION['store_data']['fs_path'])) { 115 $messages[] = "The filesystem store path violates PHP's <code>open_basedir</code> setting."; 116 $bad_path = true; 117 } 118 } 119 break; 120 121 case "SQLite": 122 if (!@$_SESSION['store_data']['sqlite_path']) { 123 $messages[] = "Please specify a SQLite database path."; 124 } else { 125 if (!check_open_basedir($_SESSION['store_data']['sqlite_path'])) { 126 $messages[] = "The SQLite store path violates PHP's <code>open_basedir</code> setting."; 127 $bad_path = true; 128 } 129 } 130 break; 131 132 default: 133 if (!($_SESSION['store_data']['host'] && 134 $_SESSION['store_data']['database'] && 135 $_SESSION['store_data']['username'] && 136 $_SESSION['store_data']['password'])) { 137 $messages[] = "Please specify database connection details."; 138 } 139 } 140 } 141 } 142 143 if ($_SESSION['store_type'] && 144 $_SESSION['server_url'] && 145 (parse_url($_SESSION['server_url']) !== false) && 146 ((($_SESSION['store_type'] == 'Filesystem') && 147 $_SESSION['store_data']['fs_path']) || 148 (($_SESSION['store_type'] == 'SQLite') && 149 $_SESSION['store_data']['sqlite_path']) || 150 ($_SESSION['store_data']['host'] && 151 $_SESSION['store_data']['username'] && 152 $_SESSION['store_data']['database'] && 153 $_SESSION['store_data']['password'])) && 154 !$bad_path) { 155 156 return true; 157 } 158 159 return false; 160} 161 162function render_form() { 163 164 global $store_types, $fields, $messages; 165 166 $basedir_msg = ""; 167 168 if (ini_get('open_basedir')) { 169 $basedir_msg = "</br><span class=\"notice\">Note: Due to the ". 170 "<code>open_basedir</code> php.ini setting, be sure to ". 171 "choose a path in one of the following directories:<ul><li>". 172 implode("<li>", 173 explode(PATH_SEPARATOR, ini_get('open_basedir'))). 174 "</ul></span>"; 175 } 176 177 $sqlite_found = false; 178 if (extension_loaded('sqlite') || 179 (function_exists('dl') && @dl('sqlite.' . PHP_SHLIB_SUFFIX))) { 180 $sqlite_found = true; 181 } 182 183 $mysql_found = false; 184 if (extension_loaded('mysql') || 185 (function_exists('dl') && @dl('mysql.' . PHP_SHLIB_SUFFIX))) { 186 $mysql_found = true; 187 } 188 189 $pgsql_found = false; 190 if (extension_loaded('pgsql') || 191 (function_exists('dl') && @dl('pgsql.' . PHP_SHLIB_SUFFIX))) { 192 $pgsql_found = true; 193 } 194 195?> 196<html> 197 <head> 198 <style type="text/css"> 199span.label { 200 float: left; 201 width: 2in; 202} 203 204span.notice { 205 color: red; 206 font-size: 80%; 207} 208 209div p { 210 border-top: 1px solid #ccc; 211 font-style: italic; 212 padding-top: 0.5em; 213} 214 215div { 216 padding: 3px; 217} 218 219div.store_fields { 220 margin-left: 2in; 221 padding: default; 222} 223 224div.store_fields label.field { 225 float: left; 226 width: 1.75in; 227} 228 229div.store_fields > div { 230 border: 1px solid gray; 231 margin-bottom: 0.5em; 232 background: #eee; 233} 234 235div.store_fields > div > div { 236 margin-left: 0.4in; 237} 238 239div.errors { 240 background: #faa; 241 border: 1px solid red; 242} 243 244</style> 245</head> 246<body> 247 248<h2>OpenID Example Server Configuration</h2> 249 250<?php 251if ($messages) { 252 print "<div class=\"errors\">"; 253 foreach ($messages as $m) { 254 print "<div>$m</div>"; 255 } 256 print "</div>"; 257 258} 259?> 260 261<p> 262Your browser has been redirected to this page so you can configure the 263server example. This form will auto-generate an OpenID example server 264configuration for use with the OpenID server example. 265</p> 266 267<form> 268<div> 269 270 <p> 271 The server URL is the URL that points to the "server.php" file. It 272 looks like your server URL should be <code><?php print build_url(); ?></code>. 273 </p> 274 275 <span class="label"><label for="i_server_url">Server URL:</label></span> 276 <span> 277 <input type="text" id="i_server_url" size="35" name="server_url" 278 value="<?php print $_SESSION['server_url'] ?>"> 279 </span> 280</div> 281 282<div> 283 284 <p> 285 If this package isn't installed in the PHP include path, the package's 286 directory should be added. For example, if the package is in 287 <code>/home/me/PHP-OpenID/</code>, you should enter that directory here. 288 </p> 289 290 <span class="label"> 291 <label for="i_include_path">Include path (optional):</label> 292 </span> 293 <span> 294 <input type="text" id="i_include_path" size="35" name="include_path" 295 value="<?php print $_SESSION['include_path'] ?>"> 296 </span> 297</div> 298 299<div> 300 301 <p> 302 The server needs to store OpenID information in a "store". The 303 following store types are available on your PHP installation: 304 </p> 305 306 <span class="label">Store method:</span> 307 <div class="store_fields"> 308 309 <div> 310 <input type="radio" name="store_type" value="Filesystem" 311 id="i_filesystem"<?php if ($_SESSION['store_type'] == 'Filesystem') { print " CHECKED"; } ?>> 312 <label for="i_filesystem">Filesystem</label> 313 <div> 314 <label for="i_fs_path" class="field">Filesystem path:</label> 315 <input type="text" name="fs_path" id="i_fs_path" 316 value="<?php print @$_SESSION['store_data']['fs_path']; ?>"> 317 <?php print $basedir_msg; ?> 318 </div> 319 </div> 320 321<?php if ($sqlite_found) { ?> 322 <div> 323 <input type="radio" name="store_type" value="SQLite" 324 id="i_sqlite"<?php if ($_SESSION['store_type'] == 'SQLite') { print " CHECKED"; } ?>> 325 <label for="i_sqlite">SQLite</label> 326 <div> 327 <label for="i_sqlite_path" class="field">SQLite database path:</label> 328 <input type="text" value="<?php print @$_SESSION['store_data']['sqlite_path']; ?>" 329 name="sqlite_path" id="i_sqlite_path"> 330 <?php print $basedir_msg; ?> 331 </div> 332 </div> 333<?php } ?> 334 335 336<?php if ($mysql_found || $pgsql_found) { ?> 337 <div> 338 339<?php if ($mysql_found) { ?> 340 <input type="radio" name="store_type" value="MySQL" 341 id="i_mysql"<?php if ($_SESSION['store_type'] == 'MySQL') { print " CHECKED"; } ?>> 342 <label for="i_mysql">MySQL</label> 343<?php } ?> 344 345<?php if ($pgsql_found) { ?> 346 <input type="radio" name="store_type" value="PostgreSQL" 347 id="i_pgsql"<?php if ($_SESSION['store_type'] == 'PostgreSQL') { print " CHECKED"; } ?>> 348 <label for="i_pgsql">PostgreSQL</label> 349<?php } ?> 350 351 <div> 352 <label for="i_m_host" class="field">Host:</label> 353 <input type="text" value="<?php print @$_SESSION['store_data']['host']; ?>" name="host" id="i_m_host"> 354 </div> 355 <div> 356 <label for="i_m_database" class="field">Database:</label> 357 <input value="<?php print @$_SESSION['store_data']['database']; ?>" type="text" name="database" id="i_m_database"> 358 </div> 359 <div> 360 <label for="i_m_username" class="field">Username:</label> 361 <input type="text" name="username" id="i_m_username" value="<?php print @$_SESSION['store_data']['username']; ?>"> 362 </div> 363 <div> 364 <label for="i_m_password" class="field">Password:</label> 365 <input type="password" name="password" id="i_m_password" value="<?php print @$_SESSION['store_data']['password']; ?>"> 366 </div> 367 </div> 368<?php } ?> 369</div> 370</div> 371 372<input type="submit" name="generate" value="Generate Configuration"> 373</form> 374</body> 375</html> 376<?php 377} 378 379function init_session() { 380 381 global $messages; 382 383 // Set a guess value for the server url. 384 if (!array_key_exists('server_url', $_SESSION)) { 385 $_SESSION['server_url'] = build_url(); 386 } 387 388 foreach (array('server_url', 'include_path', 'store_type') as $key) { 389 if (!isset($_SESSION[$key])) { 390 $_SESSION[$key] = ""; 391 } 392 } 393 394 if (!isset($_SESSION['store_data'])) { 395 $_SESSION['store_data'] = array(); 396 } 397 398 foreach (array('server_url', 'include_path', 'store_type') as $field) { 399 if (array_key_exists($field, $_GET)) { 400 $_SESSION[$field] = $_GET[$field]; 401 } 402 } 403 404 foreach (array('username', 'password', 'database', 'host', 'fs_path', 'sqlite_path') as $field) { 405 if (array_key_exists($field, $_GET)) { 406 $_SESSION['store_data'][$field] = $_GET[$field]; 407 } 408 } 409} 410 411function generate_config($download = false) { 412 413 if ($download) { 414 // Emit headers to force browser download. 415 header("Content-type: text/plain"); 416 header("Content-disposition: attachment; filename=config.php"); 417 print "<?php\n"; 418 } else { 419?> 420<html> 421<body> 422 423<h2>OpenID Example Server Configuration</h2> 424 425<p> 426Put the following text into <strong><?php print dirname(__FILE__); print DIRECTORY_SEPARATOR; ?>config.php</strong>. 427</p> 428 429<p> 430<a href="setup.php?clear=1">Back to form</a> (resets settings) 431</p> 432 433<p> 434<a href="setup.php?download=1">Download this configuration</a> 435</p> 436 437<pre style="border: 1px solid gray; background: #eee; padding: 5px;"> 438<?php 439print "<?php\n"; 440} 441?> 442<?php if ($_SESSION['include_path']) { ?> 443/** 444 * Set any extra include paths needed to use the library 445 */ 446set_include_path(get_include_path() . PATH_SEPARATOR . "<?php 447print $_SESSION['include_path']; 448?>"); 449 450<?php } ?> 451/** 452 * The URL for the server. 453 * 454 * This is the location of server.php. For example: 455 * 456 * $server_url = 'http://example.com/~user/server.php'; 457 * 458 * This must be a full URL. 459 */ 460$server_url = "<?php 461print $_SESSION['server_url']; 462?>"; 463 464/** 465 * Initialize an OpenID store 466 * 467 * @return object $store an instance of OpenID store (see the 468 * documentation for how to create one) 469 */ 470function getOpenIDStore() 471{ 472 <?php 473 474 switch ($_SESSION['store_type']) { 475 case "Filesystem": 476 477 print "require_once \"Auth/OpenID/FileStore.php\";\n "; 478 print "return new Auth_OpenID_FileStore(\"".$_SESSION['store_data']['fs_path']."\");\n"; 479 break; 480 481 case "SQLite": 482 483 print "require_once \"Auth/OpenID/SQLiteStore.php\";\n "; 484 print "\$s = new Auth_OpenID_SQLiteStore(\"".$_SESSION['store_data']['sqlite_path']."\");\n "; 485 print "\$s->createTables();\n "; 486 print "return \$s;\n"; 487 break; 488 489 case "MySQL": 490 491 ?>require_once 'Auth/OpenID/MySQLStore.php'; 492 require_once 'DB.php'; 493 494 $dsn = array( 495 'phptype' => 'mysql', 496 'username' => '<?php print $_SESSION['store_data']['username']; ?>', 497 'password' => '<?php print $_SESSION['store_data']['password']; ?>', 498 'hostspec' => '<?php print $_SESSION['store_data']['host']; ?>' 499 ); 500 501 $db = DB::connect($dsn); 502 503 if (PEAR::isError($db)) { 504 return null; 505 } 506 507 $db->query("USE <?php print $_SESSION['store_data']['database']; ?>"); 508 509 $s = new Auth_OpenID_MySQLStore($db); 510 511 $s->createTables(); 512 513 return $s; 514<?php 515 break; 516 517 case "PostgreSQL": 518 519 ?>require_once 'Auth/OpenID/PostgreSQLStore.php'; 520 require_once 'DB.php'; 521 522 $dsn = array( 523 'phptype' => 'pgsql', 524 'username' => '<?php print $_SESSION['store_data']['username']; ?>', 525 'password' => '<?php print $_SESSION['store_data']['password']; ?>', 526 'hostspec' => '<?php print $_SESSION['store_data']['host']; ?>', 527 'database' => '<?php print $_SESSION['store_data']['database']; ?>' 528 ); 529 530 $db = DB::connect($dsn); 531 532 if (PEAR::isError($db)) { 533 return null; 534 } 535 536 $s = new Auth_OpenID_PostgreSQLStore($db); 537 538 $s->createTables(); 539 540 return $s; 541<?php 542 break; 543 } 544 545 ?> 546} 547 548<?php 549 print "?>"; 550 if (!$download) { 551?> 552</pre> 553</body> 554</html> 555<?php 556 } 557 } // end function generate_config () 558?> 559