Skip to content
Browse files

first commit

  • Loading branch information...
0 parents commit 3db668435c0a313a4aed725a5d7ed08bd8df9293 @thinkphp thinkphp committed Mar 19, 2012
0 Demos/browserID-yui-compressed.js
No changes.
87 Demos/browserID.js
@@ -0,0 +1,87 @@
+var BrowserID = new Class({
+
+ /**
+ * Implements: Events and Options
+ */
+ Implements: [Options, Events],
+
+ /**
+ * options
+ */
+ options: {
+
+ //the encoded assertion
+ assertion: null,
+ //user's email
+ email: null,
+ //proxy server to verify user's identity
+ service: 'login.php'
+ },
+
+ /**
+ * Constructor of class
+ * @param assertion String - a string containing a signed claim that proves the user is who they say they are.
+ * @param options Object - the options for this class.
+ * @return None
+ * @access public
+ */
+ initialize: function(assertion,options) {
+
+ //set options
+ this.setOptions(options)
+
+ //holds the assertion
+ this.options.assertion = assertion
+
+ //got an assertion, now send it up to the server for verifying by using an AJAX Request POST
+ //in this example we have a server running at 'login.php' which receives and verifies assertions
+ this._verify_assertion()
+ },
+
+ /**
+ * Make a Request AJAX POST to verify the user's identity
+ * @param None
+ * @return None
+ * @access private
+ */
+ _verify_assertion: function() {
+
+ //make a AJAX POST Request
+ var request = new Request.JSON({
+
+ //provided the service to verify
+ url: 'login.php',
+
+ //POST the param 'assertion'
+ data: {assertion: this.options.assertion},
+
+ onRequest: function() {
+
+ //for debug
+ if(window.console) console.log('Requesting...')
+
+ //fire event onrequest
+ this.fireEvent('request')
+
+ }.bind(this),
+
+ onComplete: function(response) {
+
+ //for debug
+ if(window.console) console.log('Completed...')
+
+ //You must verify the assertion is authentic and extract the
+ //user's email address from it.
+ if(response.status && response.status == 'okay') {
+
+ this.options.email = response.email
+ }
+
+ //fire event oncomplete
+ this.fireEvent('complete',[response])
+
+ }.bind(this)
+
+ }).send()
+ }
+})
72 Demos/index.html
@@ -0,0 +1,72 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+<head>
+ <meta http-equiv="Content-Type" content="text/html;charset=UTF-8" />
+ <title>Plugin BrowserID MooTools</title>
+ <style type="text/css">
+ h1,h2,h3,body { font-family:'gill sans','dejavu sans',verdana,sans-serif; }
+ h1 { font-family:menlo,'dejavu sans mono',monospace; }
+ h1 {
+ font-weight:bold;
+ font-size:43px;
+ letter-spacing: -1px;
+ color:#000;
+ margin-bottom:0;
+ position:relative;
+ }
+ button{border:none;background:transparent;margin:0 2em;}
+ </style>
+ <script src="http://www.google.com/jsapi?key=ABQIAAAA1XbMiDxx_BTCY2_FkPh06RRaGTYH6UMl8mADNa0YKuWNNa8VNxQEerTAUcfkyrr6OwBovxn7TDAH5Q"></script>
+ <script type="text/javascript">google.load("mootools", "1.4");</script>
+ <script src="https://browserid.org/include.js"></script>
+ <script src="browserID.js"></script>
+ <script type="text/javascript">
+
+ window.addEvent('domready', function(){
+ $('login').addEvent('click',function(){
+ navigator.id.getVerifiedEmail(function(assertion){
+ if(assertion) {
+ //got an assertion, now send it up to the server for verification
+ verify(assertion);
+ } else {
+ alert("I still don't know you");
+ }
+ });
+ });
+ });
+
+ function verify(assertion) {
+
+ var browserid = new BrowserID(assertion, {
+ onComplete: function(response){
+ //if the server successfully verifies the assertion we
+ //updating the UI by calling 'loggedIn()'
+ if(response.status == 'okay') {
+ loggedIn(response.email)
+ //otherwise we handle the login failure
+ } else {
+ failure(response)
+ }
+ }
+ })
+ }
+
+ function loggedIn(email) {
+ //do stuff with email
+ var p = new Element('p').set('text','Logged In as: ' + email)
+ $('login').parentNode.replaceChild(p,$('login'))
+ }
+
+ function failure(f) {
+ //do stuff with failure
+ alert('Failure reason: ' + f.reason)
+ }
+
+ </script>
+</head>
+<body>
+<h1>Plugin BrowserID MooTools</h1>
+<button id="login"><img src="https://browserid.org/i/sign_in_green.png" alt="sign in with browser ID"></button>
+</body>
+</html>
+
181 Demos/login.class.php
@@ -0,0 +1,181 @@
+<?php
+ /**
+ * Simple implementation of Mozilla BrowserID
+ */
+
+ class BrowserID {
+
+ /**
+ * The browserID's assertion verification service endpoint
+ */
+ const endpoint = 'https://browserid.org/verify';
+
+ /**
+ *
+ */
+ private $assertion;
+
+ /**
+ * The hostname and optional port of your site
+ */
+ private $audience;
+
+ /**
+ * The email address of the user
+ */
+ private $email;
+
+ /**
+ * Expiration timestamp of the assertion
+ */
+ private $expires;
+
+ /**
+ * The entity who issued the assertion
+ */
+ private $issuer;
+
+ /**
+ * The entity who issued the assertion
+ */
+ private $reason;
+
+ /**
+ * The constructor of class
+ * @public access
+ */
+ public function __construct($audience, $assertion) {
+
+ //init
+ $this->audience = $audience;
+ $this->assertion = $assertion;
+ }
+
+
+ /**
+ * Get email address of the user
+ * @param None
+ * @return String return email address
+ * @public access
+ */
+ public function getEmail() {
+
+ return $this->email;
+ }
+
+ /**
+ * Get expiration timestamp
+ * @param None
+ * @return integer expiration timestamp
+ * @public access
+ */
+ public function getExpires() {
+
+ return $this->expires;
+ }
+
+ /**
+ * Get the entity who issued the assertion
+ * @param None
+ * @return String the entity who issued the assertion
+ * @public access
+ */
+ public function getIssuer() {
+
+ return $this->issuer;
+ }
+
+
+ /**
+ * Get the reason if any!
+ * @param None
+ * @return String the reason why the assertion is failed
+ * @public access
+ */
+ public function getReason() {
+
+ return $this->reason;
+ }
+
+ /**
+ * Makes an HTTP POST Request to verification endpoint
+ * @param String Endpoint Server
+ * @param Array the data to be sent to the endpoint
+ * @return Object returns an object verification response
+ * @private access
+ */
+ private function _requestPOST($url, $data) {
+
+ $ch = curl_init();
+
+ curl_setopt($ch, CURLOPT_URL,$url);
+ curl_setopt($ch, CURLOPT_POST, true);
+ curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
+ curl_setopt($ch, CURLOPT_HEADER, false);
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+ curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
+ curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
+
+ $response = curl_exec($ch);
+
+ $infos = curl_getinfo($ch);
+
+ curl_close($ch);
+
+ if(false === $response) {
+ throw new Exception(sprintf("Faild to connect to the %s verifier", $url));
+ }
+
+ $json_decoded = json_decode($response);
+
+ if(!$json_decoded) {
+ throw new Exception(sprintf("JSON Response from %s is not valid", $url));
+ }
+
+ //for debug
+ //echo"<pre>"
+ //print_r($infos);
+ //echo"</pre>"
+
+ return $json_decoded;
+ }
+
+ /**
+ * With this method you must verify the assertion is authentic and extract the email address from it.
+ * @public access
+ * @return Object - returns an object as response from service with the following attributes:
+ * 1)status Okay
+ * 2)email mergesortv@gmail.com
+ * 3)audience https://mysite.com
+ * 4)expires 1308859352261
+ * 5)issuer "browserid.org"
+ */
+ public function verify_assertion() {
+
+ $params = json_encode(array('assertion'=>$this->assertion,
+ 'audience'=>$this->audience));
+
+ $output = $this->_requestPOST(self::endpoint, $params);
+
+ //for debug
+ //print_r($output);
+
+ if(isset($output->status) && $output->status == 'okay') {
+
+ $this->email = $output->email;
+ $this->expires = $output->expires;
+ $this->issuer = $output->issuer;
+
+ return true;
+
+ } else {
+
+ $this->reason = $output->reason;
+
+ return false;
+ }
+ }
+ }
+
+?>
16 Demos/login.php
@@ -0,0 +1,16 @@
+<?php
+
+ require_once('login.class.php');
+
+ $browserID = new BrowserID($_SERVER['HTTP_HOST'], $_POST['assertion']);
+
+ if($browserID->verify_assertion()) {
+
+ echo json_encode(array('status'=>'okay', 'email'=>$browserID->getEmail()));
+
+ } else {
+
+ echo json_encode(array('status'=>'failure','reason'=>$browserID->getReason()));
+ }
+
+?>
41 Docs/BrowserID.md
@@ -0,0 +1,41 @@
+Class: BrowserID {#BrowserID}
+==============================
+
+This is a MooTools client library for the BrowserID Protocol. BrowserID is a new way for users to log into web sites using their email address.
+It aims to provide a secure way of proving your identity to servers across the internet, without having to create separate usernames and passwords each time.
+Instead of a new username, it uses your email address as you identity which allows it to be descentralized since anyone can send you an
+email verification message.
+
+### Syntax:
+
+ var browserID = new BrowserID(assertion, options);
+
+### Arguments:
+
+- assertion `String` - the encoded assertion.
+
+- options `object` - The options for the BrowserID instance.
+
+### Events
+
+### onRequest
+
+* `function` Function to execute when you make a request.
+
+### Signature
+
+ onRequest();
+
+### onComplete
+
+* `function` Function to execute when the request is completed.
+
+### Signature
+
+ onComplete(response);
+
+### Arguments
+
+- `object` The verifier will check that the assertion was meant for your website and is valid
+ returns => {status: 'okay','email': 'user@mozilla.com'}.
+
73 README.md
@@ -0,0 +1,73 @@
+BrowserID
+=========
+
+This is a MooTools client library for the BrowserID Protocol. BrowserID is a new way for users to log into web sites using their email address.
+It aims to provide a secure way of proving your identity to servers across the internet, without having to create separate usernames and passwords each time.
+Instead of a new username, it uses your email address as you identity which allows it to be descentralized since anyone can send you an
+email verification message.
+
+![Screenshot](https://developer.mozilla.org/@api/deki/files/6051/=browserid-enter-email.png)
+
+How to Use
+----------
+
+Include the BrowserID include.js library in your site by adding the following script tag to your pages:
+
+ <script src="https://browserid.org/include.js" type="text/javascript"></script>
+
+And
+ <script type="text/javascript" src="mootools.js"></script>
+ <script type="text/javascript" src="browserID.js.js"></script>
+
+Then
+
+ #HTML
+ <button id="login"><img src="https://browserid.org/i/sign_in_green.png" alt="sign in with browser ID"></button>
+
+
+ #JS
+ window.addEvent('domready', function(){
+
+ $('login').addEvent('click',function(){
+ navigator.id.getVerifiedEmail(function(assertion){
+ if(assertion) {
+ //got an assertion, now send it up to the server for verification
+ verify(assertion)
+ } else {
+ alert("I still don't know you")
+ }
+ })
+ })
+ })
+
+
+ function verify(assertion) {
+
+ var browserid = new BrowserID(assertion, {
+
+ onComplete: function(response){
+
+ //if the server successfully verifies the assertion we
+ //updating the UI by calling 'loggedIn()'
+ if(response.status == 'okay') {
+
+ loggedIn(response.email)
+
+ //otherwise we handle the login failure by calling 'failure()'
+ } else {
+ failure(response)
+ }
+ }
+ })
+ }
+
+ function loggedIn(email) {
+ //do stuff with email
+ var p = new Element('p').set('text','Logged In as: ' + email)
+ $('login').parentNode.replaceChild(p,$('login'))
+ }
+
+ function failure(f) {
+ //do stuff with failure
+ alert('Failure reason: ' + f.reason)
+ }
18 Source/browserID-yui-compressed.js
@@ -0,0 +1,18 @@
+/*
+---
+description: This is a MooTools client library for the BrowserID Protocol
+
+authors:
+- Adrian Statescu (http://thinkphp.ro)
+
+license:
+- MIT-style license
+
+requires:
+ core/1.4.5: '*'
+
+provides: BrowserID
+...
+*/
+
+var BrowserID=new Class({Implements:[Options,Events],options:{assertion:null,email:null,service:"login.php"},initialize:function(assertion,options){this.setOptions(options);this.options.assertion=assertion;this._verify_assertion();},_verify_assertion:function(){var request=new Request.JSON({url:"login.php",data:{assertion:this.options.assertion},onRequest:function(){if(window.console){console.log("Requesting...");}this.fireEvent("request");}.bind(this),onComplete:function(response){if(window.console){console.log("Completed...");}if(response.status&&response.status=="okay"){this.options.email=response.email;}this.fireEvent("complete",[response]);}.bind(this)}).send();}});
104 Source/browserID.js
@@ -0,0 +1,104 @@
+/*
+---
+description: This is a MooTools client library for the BrowserID Protocol.
+
+authors:
+- Adrian Statescu (http://thinkphp.ro)
+
+license:
+- MIT-style license
+
+requires:
+ core/1.4.5: '*'
+
+provides: BrowserID
+...
+*/
+
+var BrowserID = new Class({
+
+ /**
+ * Implements: Events and Options
+ */
+ Implements: [Options, Events],
+
+ /**
+ * options
+ */
+ options: {
+
+ //the encoded assertion
+ assertion: null,
+ //user's email
+ email: null,
+ //proxy server to verify user's identity
+ service: 'login.php'
+ },
+
+ /**
+ * Constructor of class
+ * @param assertion String - a string containing a signed claim that proves the user is who they say they are.
+ * @param options Object - the options for this class.
+ * @return None
+ * @access public
+ */
+ initialize: function(assertion,options) {
+
+ //set options
+ this.setOptions(options)
+
+ //holds the assertion
+ this.options.assertion = assertion
+
+ //got an assertion, now send it up to the server for verifying by using an AJAX Request POST
+ //in this example we have a server running at 'login.php' which receives and verifies assertions
+ this._verify_assertion()
+ },
+
+ /**
+ * Make a Request AJAX POST to verify the user's identity
+ * @param None
+ * @return None
+ * @access private
+ */
+ _verify_assertion: function() {
+
+ //make a AJAX POST Request
+ var request = new Request.JSON({
+
+ //provided the service to verify
+ url: 'login.php',
+
+ //POST the param 'assertion'
+ data: {assertion: this.options.assertion},
+
+ onRequest: function() {
+
+ //for debug
+ if(window.console) console.log('Requesting...')
+
+ //fire event onrequest
+ this.fireEvent('request')
+
+ }.bind(this),
+
+ onComplete: function(response) {
+
+ //for debug
+ if(window.console) console.log('Completed...')
+
+ //You must verify the assertion is authentic and extract the
+ //user's email address from it.
+ if(response.status && response.status == 'okay') {
+
+ this.options.email = response.email
+ }
+
+ //fire event oncomplete
+ this.fireEvent('complete',[response])
+
+ }.bind(this)
+
+ }).send()
+ }
+})
7 package.yml
@@ -0,0 +1,7 @@
+name: browserID
+author: thinkphp
+current: v1.0
+category: utility
+tags: [browserID,mozilla,authentication,security,identity]
+docs:
+demo:

0 comments on commit 3db6684

Please sign in to comment.
Something went wrong with that request. Please try again.