1<?php 2 3/** 4 * OpenID server configuration script. 5 * 6 * This script generates a config.php file needed by the server 7 * example. 8 * 9 * @package OpenID.Examples 10 * @author JanRain, Inc. <openid@janrain.com> 11 * @copyright 2005-2008 Janrain, Inc. 12 * @license http://www.apache.org/licenses/LICENSE-2.0 Apache 13 */ 14 15$path_extra = dirname(dirname(dirname(__FILE__))); 16$path = ini_get('include_path'); 17$path = $path_extra . PATH_SEPARATOR . $path; 18ini_set('include_path', $path); 19require_once "Auth/OpenID.php"; 20 21/** 22 * Data. 23 */ 24 25$store_types = [ 26 "Filesystem" => "Auth_OpenID_FileStore", 27 "MySQL" => "Auth_OpenID_MySQLStore", 28 "PostgreSQL" => "Auth_OpenID_PostgreSQLStore", 29 "SQLite" => "Auth_OpenID_SQLiteStore", 30]; 31 32/** 33 * Main. 34 */ 35 36$messages = []; 37 38session_start(); 39init_session(); 40 41if (!check_session() || 42 isset($_GET['add_openid'])) { 43 render_form(); 44} else { 45 print generate_config(isset($_GET['download'])); 46} 47 48/** 49 * Functions. 50 */ 51 52function check_url($url) { 53 return (Auth_OpenID::normalizeUrl($url) !== null); 54} 55 56function build_url() { 57 $port = (($_SERVER['SERVER_PORT'] == 80) ? null : $_SERVER['SERVER_PORT']); 58 59 $parts = explode("/", $_SERVER['SERVER_PROTOCOL']); 60 $scheme = strtolower($parts[0]); 61 62 if ($port) { 63 return sprintf("%s://%s:%s%s/server.php", $scheme, $_SERVER['SERVER_NAME'], 64 $port, dirname($_SERVER['PHP_SELF'])); 65 } else { 66 return sprintf("%s://%s%s/server.php", $scheme, $_SERVER['SERVER_NAME'], 67 dirname($_SERVER['PHP_SELF'])); 68 } 69} 70 71function check_open_basedir($path) { 72 if (ini_get('open_basedir')) { 73 $parts = explode(PATH_SEPARATOR, ini_get('open_basedir')); 74 75 $found = false; 76 77 foreach ($parts as $p) { 78 if (strpos($path, $p) === 0) { 79 $found = true; 80 break; 81 } 82 } 83 84 return $found; 85 } else { 86 return true; 87 } 88} 89 90function check_session() { 91 92 global $messages; 93 94 if ($_GET && isset($_GET['clear'])) { 95 session_destroy(); 96 $_SESSION = []; 97 init_session(); 98 return false; 99 } 100 101 $bad_path = false; 102 103 if (isset($_GET['generate'])) { 104 if (!$_SESSION['server_url']) { 105 $messages[] = "Please enter a server URL."; 106 } 107 108 if (!isset($_SESSION['store_type'])) { 109 $messages[] = "No store type chosen."; 110 } else { 111 switch ($_SESSION['store_type']) { 112 case "Filesystem": 113 if (!@$_SESSION['store_data']['fs_path']) { 114 $messages[] = "Please specify a filesystem store path."; 115 } else { 116 if (!check_open_basedir($_SESSION['store_data']['fs_path'])) { 117 $messages[] = "The filesystem store path violates PHP's <code>open_basedir</code> setting."; 118 $bad_path = true; 119 } 120 } 121 break; 122 123 case "SQLite": 124 if (!@$_SESSION['store_data']['sqlite_path']) { 125 $messages[] = "Please specify a SQLite database path."; 126 } else { 127 if (!check_open_basedir($_SESSION['store_data']['sqlite_path'])) { 128 $messages[] = "The SQLite store path violates PHP's <code>open_basedir</code> setting."; 129 $bad_path = true; 130 } 131 } 132 break; 133 134 default: 135 if (!($_SESSION['store_data']['host'] && 136 $_SESSION['store_data']['database'] && 137 $_SESSION['store_data']['username'] && 138 $_SESSION['store_data']['password'])) { 139 $messages[] = "Please specify database connection details."; 140 } 141 } 142 } 143 } 144 145 if ($_SESSION['store_type'] && 146 $_SESSION['server_url'] && 147 (parse_url($_SESSION['server_url']) !== false) && 148 ((($_SESSION['store_type'] == 'Filesystem') && 149 $_SESSION['store_data']['fs_path']) || 150 (($_SESSION['store_type'] == 'SQLite') && 151 $_SESSION['store_data']['sqlite_path']) || 152 ($_SESSION['store_data']['host'] && 153 $_SESSION['store_data']['username'] && 154 $_SESSION['store_data']['database'] && 155 $_SESSION['store_data']['password'])) && 156 !$bad_path) { 157 158 return true; 159 } 160 161 return false; 162} 163 164function render_form() { 165 166 global $store_types, $fields, $messages; 167 168 $basedir_msg = ""; 169 170 if (ini_get('open_basedir')) { 171 $basedir_msg = "</br><span class=\"notice\">Note: Due to the ". 172 "<code>open_basedir</code> php.ini setting, be sure to ". 173 "choose a path in one of the following directories:<ul><li>". 174 implode("<li>", 175 explode(PATH_SEPARATOR, ini_get('open_basedir'))). 176 "</ul></span>"; 177 } 178 179 $sqlite_found = false; 180 if (extension_loaded('sqlite') || 181 (function_exists('dl') && @dl('sqlite.' . PHP_SHLIB_SUFFIX))) { 182 $sqlite_found = true; 183 } 184 185 $mysql_found = false; 186 if (extension_loaded('mysql') || 187 (function_exists('dl') && @dl('mysql.' . PHP_SHLIB_SUFFIX))) { 188 $mysql_found = true; 189 } 190 191 $pgsql_found = false; 192 if (extension_loaded('pgsql') || 193 (function_exists('dl') && @dl('pgsql.' . PHP_SHLIB_SUFFIX))) { 194 $pgsql_found = true; 195 } 196 197?> 198<html> 199 <head> 200 <style type="text/css"> 201span.label { 202 float: left; 203 width: 2in; 204} 205 206span.notice { 207 color: red; 208 font-size: 80%; 209} 210 211div p { 212 border-top: 1px solid #ccc; 213 font-style: italic; 214 padding-top: 0.5em; 215} 216 217div { 218 padding: 3px; 219} 220 221div.store_fields { 222 margin-left: 2in; 223 padding: default; 224} 225 226div.store_fields label.field { 227 float: left; 228 width: 1.75in; 229} 230 231div.store_fields > div { 232 border: 1px solid gray; 233 margin-bottom: 0.5em; 234 background: #eee; 235} 236 237div.store_fields > div > div { 238 margin-left: 0.4in; 239} 240 241div.errors { 242 background: #faa; 243 border: 1px solid red; 244} 245 246</style> 247</head> 248<body> 249 250<h2>OpenID Example Server Configuration</h2> 251 252<?php 253if ($messages) { 254 print "<div class=\"errors\">"; 255 foreach ($messages as $m) { 256 print "<div>$m</div>"; 257 } 258 print "</div>"; 259 260} 261?> 262 263<p> 264Your browser has been redirected to this page so you can configure the 265server example. This form will auto-generate an OpenID example server 266configuration for use with the OpenID server example. 267</p> 268 269<form> 270<div> 271 272 <p> 273 The server URL is the URL that points to the "server.php" file. It 274 looks like your server URL should be <code><?php print build_url(); ?></code>. 275 </p> 276 277 <span class="label"><label for="i_server_url">Server URL:</label></span> 278 <span> 279 <input type="text" id="i_server_url" size="35" name="server_url" 280 value="<?php print $_SESSION['server_url'] ?>"> 281 </span> 282</div> 283 284<div> 285 286 <p> 287 If this package isn't installed in the PHP include path, the package's 288 directory should be added. For example, if the package is in 289 <code>/home/me/PHP-OpenID/</code>, you should enter that directory here. 290 </p> 291 292 <span class="label"> 293 <label for="i_include_path">Include path (optional):</label> 294 </span> 295 <span> 296 <input type="text" id="i_include_path" size="35" name="include_path" 297 value="<?php print $_SESSION['include_path'] ?>"> 298 </span> 299</div> 300 301<div> 302 303 <p> 304 The server needs to store OpenID information in a "store". The 305 following store types are available on your PHP installation: 306 </p> 307 308 <span class="label">Store method:</span> 309 <div class="store_fields"> 310 311 <div> 312 <input type="radio" name="store_type" value="Filesystem" 313 id="i_filesystem"<?php if ($_SESSION['store_type'] == 'Filesystem') { print " CHECKED"; } ?>> 314 <label for="i_filesystem">Filesystem</label> 315 <div> 316 <label for="i_fs_path" class="field">Filesystem path:</label> 317 <input type="text" name="fs_path" id="i_fs_path" 318 value="<?php print @$_SESSION['store_data']['fs_path']; ?>"> 319 <?php print $basedir_msg; ?> 320 </div> 321 </div> 322 323<?php if ($sqlite_found) { ?> 324 <div> 325 <input type="radio" name="store_type" value="SQLite" 326 id="i_sqlite"<?php if ($_SESSION['store_type'] == 'SQLite') { print " CHECKED"; } ?>> 327 <label for="i_sqlite">SQLite</label> 328 <div> 329 <label for="i_sqlite_path" class="field">SQLite database path:</label> 330 <input type="text" value="<?php print @$_SESSION['store_data']['sqlite_path']; ?>" 331 name="sqlite_path" id="i_sqlite_path"> 332 <?php print $basedir_msg; ?> 333 </div> 334 </div> 335<?php } ?> 336 337 338<?php if ($mysql_found || $pgsql_found) { ?> 339 <div> 340 341<?php if ($mysql_found) { ?> 342 <input type="radio" name="store_type" value="MySQL" 343 id="i_mysql"<?php if ($_SESSION['store_type'] == 'MySQL') { print " CHECKED"; } ?>> 344 <label for="i_mysql">MySQL</label> 345<?php } ?> 346 347<?php if ($pgsql_found) { ?> 348 <input type="radio" name="store_type" value="PostgreSQL" 349 id="i_pgsql"<?php if ($_SESSION['store_type'] == 'PostgreSQL') { print " CHECKED"; } ?>> 350 <label for="i_pgsql">PostgreSQL</label> 351<?php } ?> 352 353 <div> 354 <label for="i_m_host" class="field">Host:</label> 355 <input type="text" value="<?php print @$_SESSION['store_data']['host']; ?>" name="host" id="i_m_host"> 356 </div> 357 <div> 358 <label for="i_m_database" class="field">Database:</label> 359 <input value="<?php print @$_SESSION['store_data']['database']; ?>" type="text" name="database" id="i_m_database"> 360 </div> 361 <div> 362 <label for="i_m_username" class="field">Username:</label> 363 <input type="text" name="username" id="i_m_username" value="<?php print @$_SESSION['store_data']['username']; ?>"> 364 </div> 365 <div> 366 <label for="i_m_password" class="field">Password:</label> 367 <input type="password" name="password" id="i_m_password" value="<?php print @$_SESSION['store_data']['password']; ?>"> 368 </div> 369 </div> 370<?php } ?> 371</div> 372</div> 373 374<input type="submit" name="generate" value="Generate Configuration"> 375</form> 376</body> 377</html> 378<?php 379} 380 381function init_session() { 382 383 global $messages; 384 385 // Set a guess value for the server url. 386 if (!array_key_exists('server_url', $_SESSION)) { 387 $_SESSION['server_url'] = build_url(); 388 } 389 390 foreach (['server_url', 'include_path', 'store_type'] as $key) { 391 if (!isset($_SESSION[$key])) { 392 $_SESSION[$key] = ""; 393 } 394 } 395 396 if (!isset($_SESSION['store_data'])) { 397 $_SESSION['store_data'] = []; 398 } 399 400 foreach (['server_url', 'include_path', 'store_type'] as $field) { 401 if (array_key_exists($field, $_GET)) { 402 $_SESSION[$field] = $_GET[$field]; 403 } 404 } 405 406 foreach (['username', 'password', 'database', 'host', 'fs_path', 'sqlite_path'] as $field) { 407 if (array_key_exists($field, $_GET)) { 408 $_SESSION['store_data'][$field] = $_GET[$field]; 409 } 410 } 411} 412 413function generate_config($download = false) { 414 415 if ($download) { 416 // Emit headers to force browser download. 417 header("Content-type: text/plain"); 418 header("Content-disposition: attachment; filename=config.php"); 419 print "<?php\n"; 420 } else { 421?> 422<html> 423<body> 424 425<h2>OpenID Example Server Configuration</h2> 426 427<p> 428Put the following text into <strong><?php print dirname(__FILE__); print DIRECTORY_SEPARATOR; ?>config.php</strong>. 429</p> 430 431<p> 432<a href="setup.php?clear=1">Back to form</a> (resets settings) 433</p> 434 435<p> 436<a href="setup.php?download=1">Download this configuration</a> 437</p> 438 439<pre style="border: 1px solid gray; background: #eee; padding: 5px;"> 440<?php 441print "<?php\n"; 442} 443?> 444<?php if ($_SESSION['include_path']) { ?> 445/** 446 * Set any extra include paths needed to use the library 447 */ 448set_include_path(get_include_path() . PATH_SEPARATOR . "<?php 449print $_SESSION['include_path']; 450?>"); 451 452<?php } ?> 453/** 454 * The URL for the server. 455 * 456 * This is the location of server.php. For example: 457 * 458 * $server_url = 'http://example.com/~user/server.php'; 459 * 460 * This must be a full URL. 461 */ 462$server_url = "<?php 463print $_SESSION['server_url']; 464?>"; 465 466/** 467 * Initialize an OpenID store 468 * 469 * @return object $store an instance of OpenID store (see the 470 * documentation for how to create one) 471 */ 472function getOpenIDStore() 473{ 474 <?php 475 476 switch ($_SESSION['store_type']) { 477 case "Filesystem": 478 479 print "require_once \"Auth/OpenID/FileStore.php\";\n "; 480 print "return new Auth_OpenID_FileStore(\"".$_SESSION['store_data']['fs_path']."\");\n"; 481 break; 482 483 case "SQLite": 484 485 print "require_once \"Auth/OpenID/SQLiteStore.php\";\n "; 486 print "\$s = new Auth_OpenID_SQLiteStore(\"".$_SESSION['store_data']['sqlite_path']."\");\n "; 487 print "\$s->createTables();\n "; 488 print "return \$s;\n"; 489 break; 490 491 case "MySQL": 492 493 ?>require_once 'Auth/OpenID/MySQLStore.php'; 494 require_once 'DB.php'; 495 496 $dsn = array( 497 'phptype' => 'mysql', 498 'username' => '<?php print $_SESSION['store_data']['username']; ?>', 499 'password' => '<?php print $_SESSION['store_data']['password']; ?>', 500 'hostspec' => '<?php print $_SESSION['store_data']['host']; ?>' 501 ); 502 503 $db = DB::connect($dsn); 504 505 if (PEAR::isError($db)) { 506 return null; 507 } 508 509 $db->query("USE <?php print $_SESSION['store_data']['database']; ?>"); 510 511 $s = new Auth_OpenID_MySQLStore($db); 512 513 $s->createTables(); 514 515 return $s; 516<?php 517 break; 518 519 case "PostgreSQL": 520 521 ?>require_once 'Auth/OpenID/PostgreSQLStore.php'; 522 require_once 'DB.php'; 523 524 $dsn = array( 525 'phptype' => 'pgsql', 526 'username' => '<?php print $_SESSION['store_data']['username']; ?>', 527 'password' => '<?php print $_SESSION['store_data']['password']; ?>', 528 'hostspec' => '<?php print $_SESSION['store_data']['host']; ?>', 529 'database' => '<?php print $_SESSION['store_data']['database']; ?>' 530 ); 531 532 $db = DB::connect($dsn); 533 534 if (PEAR::isError($db)) { 535 return null; 536 } 537 538 $s = new Auth_OpenID_PostgreSQLStore($db); 539 540 $s->createTables(); 541 542 return $s; 543<?php 544 break; 545 } 546 547 ?> 548} 549 550<?php 551 print "?>"; 552 if (!$download) { 553?> 554</pre> 555</body> 556</html> 557<?php 558 } 559 } // end function generate_config () 560?> 561