iignatov / lightopenid Goto Github PK

View Code? Open in Web Editor NEW

79.0 8.0 96.0 80 KB

Lightweight PHP5 library for easy OpenID authentication.

License: MIT License

PHP 100.00%

lightopenid's People

Contributors

Stargazers

Watchers

Forkers

daddysdeals barrel saasmath nodge alixandru willskates barlock jsonvalidator markwu gnuhub vuthao mauromombelli cruz3r3 tamcap golanj dlarchikov waleedmazhar egoistonly arthom nomellamojavier binarygeotech marlon-be kacper-kubiak kailsazerland sml-kejo live627 lovenery dserdiuk kustov-an capaciouscore besthuk wrey75 mrsscherbinin rzeczkowskip wladyspb aburakovskiy strykes dreddred simpro-software danielatkinson20 orangehrm jarenal sayghteight juneym netresearch glebsky advokaatime didestr arminez 2x2-git v786 ahamidouche decpwnz it2021 dallowin doompt nitdroid1995 ichimatsu0627 andrew56843 slowak1488 includenull mishka20219 sramos30 satariall buycraftplugin sevadope fieu jimofferman sofwar robertdrakedennis beagall tiebob moosjes dothem1337 krunder pananasik claudiuhks acedude alydus livemods pootis-network scarecrow-ragdoll t-m-a-r-k-y hopvd shauntmw alexell drkittens proyme aurimasval yolomaniac

lightopenid's Issues

Error get_provider_name

Hi,

I found a mistake inside the class. (v1.3.0 (2016-02-20))
line 690 : get_provider_name($this->claimed_id) == 'yahoo'

PHP said : Fatal error: Call to undefined function get_provider_name()
'$this' is missing. I added it and it's working perfectly now.

How to get Cookies

how to get all cookies and sessionid using this library and i used for steam login.
i was try and i only get sesionid and steamcountry.

Version on Packagist is out of date

Hi, may you please update the project on Packagist (https://packagist.org/packages/iignatov/lightopenid)?

Not remembering oauth scopes

Hello,

I'm using your fork here for the openid+oauth federated login for google apps domain. I succeed in logging the user in.

The problem here is when I have a scope for oauth to handle, it requests consent on subsequent logins (or even revisiting the sso login page).
Additionally a duplicate entry is added to the user's "connected sites" with each login, verifying the permissions on the "Authorized Access to your Google Account" page (Account > Security > Connected applications and sites).

If I removed the oauth scopes, it successfully remembers the login, but clearly I'm missing the scopes. When oauth scopes are enabled, each duplicate entry has the domain and "Sign in using your Google account" with no mention of additional permissions. In my case I'm only using one scope:

$openid->oauth = array( 'https://www.googleapis.com/auth/userinfo.profile' );

With oauth+openid, I successfully login and have the following:

[openid_ns_ext1] => http://specs.openid.net/extensions/oauth/1.0
[openid_ext1_scope] => https://www.googleapis.com/auth/userinfo.profile
[openid_ext1_request_token] => xxxToken

But as mentioned, subsequent visits ask again for consent due to the oauth scopes.

Any ideas as to why this happens?

For now, I'm using the required ax fields, which returns the desired info I'm looking to get with oauth.

 $openid->required = array('namePerson/last', 'namePerson/first', 'contact/email');

Thanks for any help.

Undefined variable 'port'

in line 130
if ($port <= 0) {

A takeover request

I am no longer able to support or maintain this project - if you would like to take over the project, please drop me a line.

HI @iignatov I'd like to take you up on the offer. How would you like to transfer control? (in order of preference)

You could transfer this repo to my account
You could add me as a maintainer of this repo
You could add a link to my fork in the readme

Thanks

$openid->validate() returns false

Everything in data array appears to be valid results, yet the validate method returns false. I think this has to do with the results being urlencoded somehow. Previously, I can't remember which lightopenid class I was using; it had urls that was not encoded, and consequently the validate method returned true with the entire claimed_id as the $openid->identity.

That is, http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0 used to look like http://specs.openid.net/auth/2.0

Any ideas as to why this occurs? The reason I switched to your fork was to support the xrdsOverride method and the getOAuthRequestToken methods. I'm now seeing openid_ext1_request_token as part of data, but the validate still returns false.

Again, any help you can provide would be appreciated.

Realm and return_to do not match while using wildcard domain

Hi, i get that error everytime if i use a wildcard domain for the realm like this:

$openid = new LightOpenID('*.example.com');
if(!$openid->mode) {
    if(isset($_GET['login'])) {
        $openid->identity = 'http://steamcommunity.com/openid';
        $openid->returnUrl ='http://'.$_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
        header('Location: ' . $openid->authUrl());
    }

I saw http://nodge.ru/yii-eauth/demo2/ has the option for this... i dont want to use this framework... I hope you can lend me a hand!! LightOpenID base has the same error (and someones pulls a merge request with the fix) but i cant fix it.

deprecated function in PHP 7.4 version

Hi, I am trying to use this lib to work with Steam and have error:

ERROR: Function get_magic_quotes_gpc() is deprecated {"exception":"[object] (ErrorException(code: 0): Function get_magic_quotes_gpc() is deprecated at /var/www/app/vendor/iignatov/lightopenid/openid.php:891)
[stacktrace]
#0 /var/www/app/vendor/iignatov/lightopenid/openid.php(891): Illuminate\\Foundation\\Bootstrap\\HandleExceptions->handleError(8192, 'Function get_ma...', '/var/www/app/ve...', 891, Array)
#1 /var/www/app/vendor/socialiteproviders/steam/Provider.php(58): LightOpenID->validate()

I am using PHP 7.4.2

PHP Compatablility

INI directive 'safe_mode' is deprecated from PHP 5.3 and forbidden from PHP 5.4.

Google OpenID Closed

Is there a plan to add support for the updated Google Auth service?