summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--README12
-rw-r--r--doc/openmicroblogging.txt325
-rw-r--r--extlib/Auth/OpenID.php2
-rw-r--r--extlib/Auth/OpenID/Consumer.php4
-rw-r--r--extlib/Auth/OpenID/Server.php12
5 files changed, 19 insertions, 336 deletions
diff --git a/README b/README
index a3ea5fa58..1ef31a8c1 100644
--- a/README
+++ b/README
@@ -667,7 +667,7 @@ Upgrading
=========
If you've been using Laconica 0.6, 0.5 or lower, or if you've been
-tracking the "darcs" version of the software, you will probably want
+tracking the "git" version of the software, you will probably want
to upgrade and keep your existing data. There is no automated upgrade
procedure in Laconica 0.6.4. Try these step-by-step instructions; read
to the end first before trying them.
@@ -1068,7 +1068,7 @@ The primary output for Laconica is syslog, unless you configured a
separate logfile. This is probably the first place to look if you're
getting weird behaviour from Laconica.
-If you're tracking the unstable version of Laconica in the darcs
+If you're tracking the unstable version of Laconica in the git
repository (see below), and you get a compilation error ("unexpected
T_STRING") in the browser, check to see that you don't have any
conflicts in your code.
@@ -1103,12 +1103,12 @@ Unstable version
================
If you're adventurous or impatient, you may want to install the
-development version of Laconica. To get it, use the darcs version
-control tool (http://darcs.net/) like so:
+development version of Laconica. To get it, use the git version
+control tool (http://git-scm.com/) like so:
- darcs get http://laconi.ca/darcs/ mublog
+ git clone http://laconi.ca/software/laconica.git
-To keep it up-to-date, use 'darcs pull'. Watch for conflicts!
+To keep it up-to-date, use 'git pull'. Watch for conflicts!
Further information
===================
diff --git a/doc/openmicroblogging.txt b/doc/openmicroblogging.txt
deleted file mode 100644
index a0df04035..000000000
--- a/doc/openmicroblogging.txt
+++ /dev/null
@@ -1,325 +0,0 @@
-===============================
-OpenMicroBlogging specification
-===============================
-
-:Author: Evan Prodromou (Control Yourself, Inc.)
-:Contact: evan@controlezvous.ca
-:Revision: 0.1.1
-:Date: 2008-07-07
-:Copyright: To the extent possible under law, Control Yourself, Inc
- has waived all copyright, moral rights, database rights,
- and any other rights that might be asserted over
- The OpenMicroBlogging specification.
-
-Purpose
-=======
-
-To allow users of one microblogging service to publish notices to
-users of another service, given the other users' permission.
-
-Enabling technologies
-=====================
-
-Depends on OAuth 1.0, OAuth Discovery 1.0, YADIS 1.0.
-
-We piggy-back additional information onto these protocols to pass
-microblogging information back and forth.
-
-Terminology
-===========
-
-microblogging service
- undefined.
-user
- undefined.
-listen
- to allow a remote service to send notices to the user's local
- service on a remote user's behalf.
-listener
- the person listening.
-listenee
- the user sending notices.
-remote service
- the listenee's microblogging service.
-local service
- the listener's microblogging service.
-profile URL
- "home" URL for the listener, typically their profile page on a
- microblogging site.
-nickname
- An alphanumeric short name for a person, 1-64 characters.
-identifier URI
- A globally unique and unchanging identifying URI for a user.
- Need not be an URL. [*]_
-notice URI
- A unique and unchanging identifier for a notice. Need not be an
- URL. [*]_
-
-.. [*] May be the profile URL, if it's defined not to change or be
- re-used. The profile URL of some services includes the nickname,
- and some let the user change his/her nickname. This user's profile
- URL may change from 'http://example.net/~john' to
- 'http://example.net/~johnsmith' A tag URI, like
- 'tag:example.net,2008:user:1' may be more appropriate here.
-.. [*] IWBNI the notice URI is used everywhere the notice is
- published; for example, in any RSS feeds.
-
-Initiation
-==========
-
-The user submits their profile URL [*]_ to the remote service somehow --
-for example, with an HTML form on the remote service's Web site.
-
-.. [*] For OAuth Discovery, this is the "protected resource". It may
- be more correct that the protected resource is the postNotice URL
- (see below), but the listener will be more familiar with their own
- profile URL. So there will have to be discovery of the postNotice
- URL anyways, and it might as well all be done in one step.
-
-Discovery
-=========
-
-The remote service recovers a YADIS document from the profile URL, as
-described in OAuth Discovery.
-
-The request token service must have a LocalID associated with it,
-containing the identifier URI for the listener.
-
-The following two extra services must be included in the YADIS
-document, with accompanying URIs.
-
-http://openmicroblogging.org/protocol/0.1/postNotice
- Post Notice URL, as defined below.
-
-http://openmicroblogging.org/protocol/0.1/updateProfile
- Update Profile URL, as defined below.
-
-If any of the URIs is unavailable, the remote service MUST stop
-processing.
-
-Authorization
-=============
-
-The remote service must go through the OAuth 1.0 dance to get
-authorization to post notices and update profiles.
-
-In all OAuth, the consumer key should be the root URL for the
-microblogging service, if available. The secret should be the blank
-string (''), unless the remote server and local service have negotiated
-another key. Such negotiation is out-of-scope for this document, and we
-assume an "open" network of microblogging services. But if you want to
-have that kind of network, do it with this key.
-
-The remote service MUST do OAuth for every new listener, regardless of
-whether they've already received authorization for posting to the
-given postNotice URL. See `Posting a Notice`_ below.
-
-Request token
--------------
-
-The remote service uses the defined requestToken URL to get a request
-token.
-
-In the request token HTTP request, the remote service MUST send the
-following additional parameter(s):
-
-omb_version
- 'http://openmicroblogging.org/protocol/0.1'
-omb_listener
- The identifier URI for the listener.
-
-In the results for the request token request, the local service MUST
-send the following additional parameters:
-
-omb_version
- 'http://openmicroblogging.org/protocol/0.1'
-
-User authorization
-------------------
-
-In requesting user authorization, the remote service must send the
-following parameters:
-
-omb_version
- 'http://openmicroblogging.org/protocol/0.1'.
-omb_listener
- The identifier URI for the listener.
-omb_listenee
- The identifier URI for the listenee.
-omb_listenee_profile
- The profile URL of the listenee.
-omb_listenee_nickname
- The nickname of the listenee.
-omb_listenee_license
- The default license URL for the listenee's stream. Typically the
- URL of a Creative Commons license, with the Attribution license
- being heavily encouraged. CC0 quitclaim also pretty good. The
- local service MAY reject listenees if their licenses are
- incompatible with the service.
-
-The remote service should send as many of the following parameters as
-possible. This will help the user decide if they really want to allow
-the listening to happen, and allow the local service to store a copy
-of the listenee's profile.
-
-omb_listenee_fullname
- The full name of the listenee. Up to 255 chars.
-omb_listenee_homepage
- The home page of the listenee (may be distinct from the profile
- URL).
-omb_listenee_bio
- A brief biography of the listenee; less than 140 chars.
-omb_listenee_location
- Physical location of the listenee; less that 255 chars. No fixed
- structure, but "Locality, Region, Country" or "Locality, Country"
- or "Locality, Region" recommended.
-omb_listenee_avatar
- URL of a 96px by 96px image in PNG, GIF or JPEG format representing
- the listenee.
-
-The local service, in a successful response, must return the
-following additional parameters:
-
-omb_version
- 'http://openmicroblogging.org/protocol/0.1'.
-omb_listener_nickname
- A nickname for the listener.
-omb_listener_profile
- The profile URL for the listener, possibly cleaned up or
- canonicalized.
-
-It should return as many of the following as possible:
-
-omb_listener_fullname
- The full name of the listener. Up to 255 chars.
-omb_listener_homepage
- The home page of the listener (may be distinct from the profile
- URL).
-omb_listener_bio
- A brief biography of the listener; less than 140 chars.
-omb_listener_location
- Physical location of the listener; less that 255 chars. No fixed
- structure, but "Locality, Region, Country" or "Locality, Country"
- or "Locality, Region" recommended.
-omb_listener_avatar
- URL of a 96px by 96px image in PNG, GIF or JPEG format representing
- the listener.
-
-This will allow the remote service to display information about the
-listener in the listenee's "listeners" or "subscribers" list.
-
-Access token
-------------
-
-The access token step of the OAuth protocol requires no additional
-parameters.
-
-Posting a Notice
-================
-
-To post a notice to the local service, the remote service sends an HTTP
-POST message to the postNotice URL discovered above. The message must
-use OAuth authorization. The message must also include the following
-parameters:
-
-omb_version
- 'http://openmicroblogging.org/protocol/0.1'.
-omb_listenee
- The identifier URI for the listenee.
-omb_notice
- The notice URI.
-omb_notice_content
- The content of the notice. No maximum, but 140 chars is recommended.
-
-The message may include the following parameters:
-
-omb_notice_url
- The URL of the notice, if the notice is retrievable.
-omb_notice_license
- The URL of the license for the notice, if different from the
- listenee's default license.
-omb_seealso
- URL of additional content for the notice; for example, an image,
- video, or audio file.
-omb_seealso_disposition
- One of 'link' or 'inline', to recommend how the extra data should
- be shown. Default 'link'.
-omb_seealso_mediatype
- Internet Media Type of the see-also data. Advisory, probably
- shouldn't be trusted.
-omb_seealso_license
- License for the attached data. May be distinct from the notice's
- license (if they're passing along someone else's content).
-
-The local service should include the following parameters in its
-response:
-
-omb_version
- 'http://openmicroblogging.org/protocol/0.1'.
-
-The local service makes no guarantees about the delivery of the notice
-to anyone.
-
-The remote service SHOULD NOT send a message with the same notice URL
-to the same postNotice URL more than once. [*]_ If the request returns
-a 403 Unauthorized message, the remote service SHOULD NOT post
-messages to the same URL again with the same listenee, until another
-listener has gone through the OAuth dance. [*]_
-
-.. [*] A half-assed optimization. A local service may have a lot of
- listeners listening to the same listenee. It would be pointless to
- have the remote service post the same notice 100 times to the same
- service. However, if the local service wants fine-grained control,
- it can have a different postNotice URL for each listener.
-.. [*] If there's one postNotice URL per listener, the 403 message
- means the listener has told the local service not to allow posting
- any more ("unsubscribed"). If there's one postNotice URL per local
- service, it means that the count of listeners has dropped to 0.
-
-Updating a profile
-==================
-
-If the listenee's profile information changes, the remote service MAY
-send an HTTP POST message to to the updateProfile URL to tell the
-local service about the change.
-
-The message must use OAuth authorization. The message must also
-include the following parameters:
-
-omb_version
- 'http://openmicroblogging.org/protocol/0.1'.
-omb_listenee
- The identifier URI for the listenee.
-
-The message may include any of the following parameters:
-
-omb_listenee_profile
- The profile URL of the listenee.
-omb_listenee_nickname
- The nickname of the listenee.
-omb_listenee_license
- The default license URL for the listenee's stream. A change in the
- default license only applies to future notices; notices previous
- to the update SHOULD be treated as under the old license.
-omb_listenee_fullname
- The full name of the listenee. Up to 255 chars.
-omb_listenee_homepage
- The home page of the listenee.
-omb_listenee_bio
- A brief biography of the listenee; less than 140 chars.
-omb_listenee_location
- Physical location of the listenee; less that 255 chars.
-omb_listenee_avatar
- URL of a 96px by 96px image in PNG, GIF or JPEG format representing
- the listenee.
-
-Missing parameters should not be construed to mean that the profile
-field has been blanked. The remote service MUST set the parameter to
-an empty string to show that the field is blank.
-
-References
-==========
-
-* OAuth: http://oauth.net/
-* OAuth Discovery: http://oauth.net/discovery/1.0
-* XRDS Simple: http://xrds-simple.net/core/1.0/ \ No newline at end of file
diff --git a/extlib/Auth/OpenID.php b/extlib/Auth/OpenID.php
index 6a6e54f8b..6556b5b01 100644
--- a/extlib/Auth/OpenID.php
+++ b/extlib/Auth/OpenID.php
@@ -20,7 +20,7 @@
/**
* The library version string
*/
-define('Auth_OpenID_VERSION', '2.1.1');
+define('Auth_OpenID_VERSION', '2.1.2');
/**
* Require the fetcher code.
diff --git a/extlib/Auth/OpenID/Consumer.php b/extlib/Auth/OpenID/Consumer.php
index 6631cbaa9..a72684c6b 100644
--- a/extlib/Auth/OpenID/Consumer.php
+++ b/extlib/Auth/OpenID/Consumer.php
@@ -711,7 +711,9 @@ class Auth_OpenID_GenericConsumer {
return $this->_completeInvalid($message, $endpoint);
}
- return new Auth_OpenID_SetupNeededResponse($endpoint);
+ $user_setup_url = $message->getArg(Auth_OpenID_OPENID2_NS,
+ 'user_setup_url');
+ return new Auth_OpenID_SetupNeededResponse($endpoint, $user_setup_url);
}
/**
diff --git a/extlib/Auth/OpenID/Server.php b/extlib/Auth/OpenID/Server.php
index e746bcc57..f1db4d872 100644
--- a/extlib/Auth/OpenID/Server.php
+++ b/extlib/Auth/OpenID/Server.php
@@ -765,12 +765,17 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request {
function Auth_OpenID_CheckIDRequest($identity, $return_to,
$trust_root = null, $immediate = false,
- $assoc_handle = null, $server = null)
+ $assoc_handle = null, $server = null,
+ $claimed_id = null)
{
$this->namespace = Auth_OpenID_OPENID2_NS;
$this->assoc_handle = $assoc_handle;
$this->identity = $identity;
- $this->claimed_id = $identity;
+ if ($claimed_id === null) {
+ $this->claimed_id = $identity;
+ } else {
+ $this->claimed_id = $claimed_id;
+ }
$this->return_to = $return_to;
$this->trust_root = $trust_root;
$this->server =& $server;
@@ -1098,7 +1103,8 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request {
$this->trust_root,
false,
$this->assoc_handle,
- $this->server);
+ $this->server,
+ $this->claimed_id);
$setup_request->message = $this->message;
$setup_url = $setup_request->encodeToURL($server_url);