phpMyAdmin OpenID signon example

[ 'user' => 'root', 'password' => '', ], ]; // phpcs:disable PSR1.Files.SideEffects,Squiz.Functions.GlobalFunction /** * Simple function to show HTML page with given content. * * @param string $contents Content to include in page */ function Show_page($contents): void { header('Content-Type: text/html; charset=utf-8'); echo '' . "\n"; echo ' phpMyAdmin OpenID signon example '; if (isset($_SESSION['PMA_single_signon_error_message'])) { echo '

' . $_SESSION['PMA_single_signon_message'] . '

'; unset($_SESSION['PMA_single_signon_message']); } echo $contents; echo ''; } /** * Display error and exit * * @param Exception $e Exception object */ function Die_error($e): void { $contents = "

\n"; $contents .= '

' . htmlspecialchars($e->getMessage()) . "

\n"; $contents .= "

"; Show_page($contents); exit; } // phpcs:enable /* Need to have cookie visible from parent directory */ session_set_cookie_params(0, '/', '', $secure_cookie, true); /* Create signon session */ $session_name = 'SignonSession'; session_name($session_name); @session_start(); // Determine realm and return_to $base = 'http'; if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') { $base .= 's'; } $base .= '://' . $_SERVER['SERVER_NAME'] . ':' . $_SERVER['SERVER_PORT']; $realm = $base . '/'; $returnTo = $base . dirname($_SERVER['PHP_SELF']); if ($returnTo[strlen($returnTo) - 1] !== '/') { $returnTo .= '/'; } $returnTo .= 'openid.php'; /* Display form */ if ((! count($_GET) && ! count($_POST)) || isset($_GET['phpMyAdmin'])) { /* Show simple form */ $content = ''; Show_page($content); exit; } /* Grab identifier */ $identifier = null; if (isset($_POST['identifier']) && is_string($_POST['identifier'])) { $identifier = $_POST['identifier']; } elseif (isset($_SESSION['identifier']) && is_string($_SESSION['identifier'])) { $identifier = $_SESSION['identifier']; } /* Create OpenID object */ try { $o = new OpenID_RelyingParty($returnTo, $realm, $identifier); } catch (Throwable $e) { Die_error($e); } /* Redirect to OpenID provider */ if (isset($_POST['start'])) { try { $authRequest = $o->prepare(); } catch (Throwable $e) { Die_error($e); } $url = $authRequest->getAuthorizeURL(); header('Location: ' . $url); exit; } /* Grab query string */ if (! count($_POST)) { [, $queryString] = explode('?', $_SERVER['REQUEST_URI']); } else { // Fetch the raw query body $queryString = file_get_contents('php://input'); } /* Check reply */ try { $message = new OpenID_Message($queryString, OpenID_Message::FORMAT_HTTP); } catch (Throwable $e) { Die_error($e); } $id = $message->get('openid.claimed_id'); if (empty($id) || ! isset($AUTH_MAP[$id])) { Show_page('

User not allowed!

'); exit; } $_SESSION['PMA_single_signon_user'] = $AUTH_MAP[$id]['user']; $_SESSION['PMA_single_signon_password'] = $AUTH_MAP[$id]['password']; $_SESSION['PMA_single_signon_HMAC_secret'] = hash('sha1', uniqid(strval(random_int(0, mt_getrandmax())), true)); session_write_close(); /* Redirect to phpMyAdmin (should use absolute URL here!) */ header('Location: ../index.php');