diff options
-rw-r--r-- | actions/finishaddopenid.php | 112 | ||||
-rw-r--r-- | actions/openidsettings.php | 147 |
2 files changed, 202 insertions, 57 deletions
diff --git a/actions/finishaddopenid.php b/actions/finishaddopenid.php index 708e8d4bf..8f10505cf 100644 --- a/actions/finishaddopenid.php +++ b/actions/finishaddopenid.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * Complete adding an OpenID + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,14 +18,47 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('LACONICA')) { + exit(1); +} -require_once(INSTALLDIR.'/lib/openid.php'); +require_once INSTALLDIR.'/lib/openid.php'; + +/** + * Complete adding an OpenID + * + * Handle the return from an OpenID verification + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ class FinishaddopenidAction extends Action { + var $msg = null; + + /** + * Handle the redirect back from OpenID confirmation + * + * Check to see if the user's logged in, and then try + * to use the OpenID login system. + * + * @param array $args $_REQUEST arguments + * + * @return void + */ function handle($args) { @@ -30,13 +66,20 @@ class FinishaddopenidAction extends Action if (!common_logged_in()) { $this->clientError(_('Not logged in.')); } else { - $this->try_login(); + $this->tryLogin(); } } - - function try_login() - { + /** + * Try to log in using OpenID + * + * Check the OpenID for validity; potentially store it. + * + * @return void + */ + + function tryLogin() + { $consumer =& oid_consumer(); $response = $consumer->complete(common_local_url('finishaddopenid')); @@ -46,10 +89,11 @@ class FinishaddopenidAction extends Action return; } else if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message. - $this->message(sprintf(_('OpenID authentication failed: %s'), $response->message)); + $this->message(sprintf(_('OpenID authentication failed: %s'), + $response->message)); } else if ($response->status == Auth_OpenID_SUCCESS) { - $display = $response->getDisplayIdentifier(); + $display = $response->getDisplayIdentifier(); $canonical = ($response->endpoint && $response->endpoint->canonicalID) ? $response->endpoint->canonicalID : $display; @@ -60,6 +104,7 @@ class FinishaddopenidAction extends Action } $cur =& common_current_user(); + $other = oid_get_user($canonical); if ($other) { @@ -71,7 +116,7 @@ class FinishaddopenidAction extends Action return; } - # start a transaction + // start a transaction $cur->query('BEGIN'); @@ -88,7 +133,7 @@ class FinishaddopenidAction extends Action } } - # success! + // success! $cur->query('COMMIT'); @@ -98,10 +143,43 @@ class FinishaddopenidAction extends Action } } + /** + * Show a failure message + * + * Something went wrong. Save the message, and show the page. + * + * @param string $msg Error message to show + * + * @return void + */ + function message($msg) { - common_show_header(_('OpenID Login')); - $this->element('p', null, $msg); - common_show_footer(); + $this->message = $msg; + $this->showPage(); + } + + /** + * Title of the page + * + * @return string title + */ + + function title() + { + return _('OpenID Login'); + } + + /** + * Show error message + * + * @return void + */ + + function showPageNotice() + { + if ($this->message) { + $this->element('p', 'error', $this->message); + } } } diff --git a/actions/openidsettings.php b/actions/openidsettings.php index 9265b5ea6..a21a9869e 100644 --- a/actions/openidsettings.php +++ b/actions/openidsettings.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * Settings for OpenID + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,39 +18,81 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('LACONICA')) { + exit(1); +} -require_once(INSTALLDIR.'/lib/settingsaction.php'); -require_once(INSTALLDIR.'/lib/openid.php'); +require_once INSTALLDIR.'/lib/settingsaction.php'; +require_once INSTALLDIR.'/lib/openid.php'; + +/** + * Settings for OpenID + * + * Lets users add, edit and delete OpenIDs from their account + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ class OpenidsettingsAction extends SettingsAction { + /** + * Title of the page + * + * @return string Page title + */ - function get_instructions() + function title() { - return _('[OpenID](%%doc.openid%%) lets you log into many sites ' . - ' with the same user account. '. - ' Manage your associated OpenIDs from here.'); + return _('OpenID settings'); } - function show_form($msg=null, $success=false) + /** + * Instructions for use + * + * @return string Instructions for use + */ + + function getInstructions() { + return _('[OpenID](%%doc.openid%%) lets you log into many sites ' . + ' with the same user account. '. + ' Manage your associated OpenIDs from here.'); + } - $user = common_current_user(); + /** + * Show the form for OpenID management + * + * We have one form with a few different submit buttons to do different things. + * + * @return void + */ - $this->form_header(_('OpenID settings'), $msg, $success); + function showContent() + { + $user = common_current_user(); $this->elementStart('form', array('method' => 'post', - 'id' => 'openidadd', - 'action' => - common_local_url('openidsettings'))); + 'id' => 'openidadd', + 'action' => + common_local_url('openidsettings'))); $this->hidden('token', common_session_token()); $this->element('h2', null, _('Add OpenID')); $this->element('p', null, _('If you want to add an OpenID to your account, ' . - 'enter it in the box below and click "Add".')); + 'enter it in the box below and click "Add".')); $this->elementStart('p'); $this->element('label', array('for' => 'openid_url'), _('OpenID URL')); @@ -63,6 +108,7 @@ class OpenidsettingsAction extends SettingsAction $this->elementEnd('form'); $oid = new User_openid(); + $oid->user_id = $user->id; $cnt = $oid->find(); @@ -74,8 +120,10 @@ class OpenidsettingsAction extends SettingsAction if ($cnt == 1 && !$user->password) { $this->element('p', null, - _('Removing your only OpenID would make it impossible to log in! ' . - 'If you need to remove it, add another OpenID first.')); + _('Removing your only OpenID '. + 'would make it impossible to log in! ' . + 'If you need to remove it, '. + 'add another OpenID first.')); if ($oid->fetch()) { $this->elementStart('p'); @@ -88,14 +136,15 @@ class OpenidsettingsAction extends SettingsAction $this->element('p', null, _('You can remove an OpenID from your account '. - 'by clicking the button marked "Remove".')); + 'by clicking the button marked "Remove".')); $idx = 0; while ($oid->fetch()) { - $this->elementStart('form', array('method' => 'POST', - 'id' => 'openiddelete' . $idx, - 'action' => - common_local_url('openidsettings'))); + $this->elementStart('form', + array('method' => 'POST', + 'id' => 'openiddelete' . $idx, + 'action' => + common_local_url('openidsettings'))); $this->elementStart('p'); $this->hidden('token', common_session_token()); $this->element('a', array('href' => $oid->canonical), @@ -115,47 +164,65 @@ class OpenidsettingsAction extends SettingsAction } } } - - common_show_footer(); } - function handle_post() + /** + * Handle a POST request + * + * Muxes to different sub-functions based on which button was pushed + * + * @return void + */ + + function handlePost() { - # CSRF protection + // CSRF protection $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); + $this->showForm(_('There was a problem with your session token. '. + 'Try again, please.')); return; } if ($this->arg('add')) { - $result = oid_authenticate($this->trimmed('openid_url'), 'finishaddopenid'); - if (is_string($result)) { # error message - $this->show_form($result); + $result = oid_authenticate($this->trimmed('openid_url'), + 'finishaddopenid'); + if (is_string($result)) { // error message + $this->showForm($result); } } else if ($this->arg('remove')) { - $this->remove_openid(); + $this->removeOpenid(); } else { - $this->show_form(_('Something weird happened.')); + $this->showForm(_('Something weird happened.')); } } - function remove_openid() - { + /** + * Handles a request to remove an OpenID from the user's account + * + * Validates input and, if everything is OK, deletes the OpenID. + * Reloads the form with a success or error notification. + * + * @return void + */ + function removeOpenid() + { $openid_url = $this->trimmed('openid_url'); + $oid = User_openid::staticGet('canonical', $openid_url); + if (!$oid) { - $this->show_form(_('No such OpenID.')); + $this->showForm(_('No such OpenID.')); return; } $cur = common_current_user(); if (!$cur || $oid->user_id != $cur->id) { - $this->show_form(_('That OpenID does not belong to you.')); + $this->showForm(_('That OpenID does not belong to you.')); return; } $oid->delete(); - $this->show_form(_('OpenID removed.'), true); + $this->showForm(_('OpenID removed.'), true); return; } } |