summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--EVENTS.txt16
-rw-r--r--actions/public.php7
-rw-r--r--actions/publicxrds.php81
-rw-r--r--actions/xrds.php106
-rw-r--r--lib/router.php3
-rw-r--r--lib/xrdsoutputter.php (renamed from plugins/OpenID/publicxrds.php)76
-rw-r--r--plugins/OpenID/OpenIDPlugin.php63
-rw-r--r--plugins/OpenID/openid.php8
-rw-r--r--plugins/OpenID/openidserver.php95
9 files changed, 358 insertions, 97 deletions
diff --git a/EVENTS.txt b/EVENTS.txt
index d989557e6..a8a77390f 100644
--- a/EVENTS.txt
+++ b/EVENTS.txt
@@ -458,3 +458,19 @@ StartProfileListItemActionElements: Showing the profile list actions (prepend a
EndProfileListItemActionElements: Showing profile list actions (append a button here)
- $item: ProfileListItem widget
+
+StartUserXRDS: Start XRDS output (right after the opening XRDS tag)
+- $action: the current action
+- &$xrdsoutputter - XRDSOutputter object to write to
+
+EndUserXRDS: End XRDS output (right before the closing XRDS tag)
+- $action: the current action
+- &$xrdsoutputter - XRDSOutputter object to write to
+
+StartPublicXRDS: Start XRDS output (right after the opening XRDS tag)
+- $action: the current action
+- &$xrdsoutputter - XRDSOutputter object to write to
+
+EndPublicXRDS: End XRDS output (right before the closing XRDS tag)
+- $action: the current action
+- &$xrdsoutputter - XRDSOutputter object to write to
diff --git a/actions/public.php b/actions/public.php
index 73fad182a..4b71e5853 100644
--- a/actions/public.php
+++ b/actions/public.php
@@ -131,6 +131,13 @@ class PublicAction extends Action
return _('Public timeline');
}
}
+
+ function extraHead()
+ {
+ parent::extraHead();
+ $this->element('meta', array('http-equiv' => 'X-XRDS-Location',
+ 'content' => common_local_url('publicxrds')));
+ }
/**
* Output <head> elements for RSS and Atom feeds
diff --git a/actions/publicxrds.php b/actions/publicxrds.php
new file mode 100644
index 000000000..5fd4eead7
--- /dev/null
+++ b/actions/publicxrds.php
@@ -0,0 +1,81 @@
+<?php
+
+/**
+ * Public XRDS for OpenID
+ *
+ * PHP version 5
+ *
+ * @category Action
+ * @package StatusNet
+ * @author Evan Prodromou <evan@status.net>
+ * @author Robin Millette <millette@status.net>
+ * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
+ * @link http://status.net/
+ *
+ * StatusNet - the distributed open-source microblogging tool
+ * Copyright (C) 2008, 2009, StatusNet, Inc.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+if (!defined('STATUSNET') && !defined('LACONICA')) {
+ exit(1);
+}
+
+require_once INSTALLDIR.'/plugins/OpenID/openid.php';
+require_once INSTALLDIR.'/lib/xrdsoutputter.php';
+
+/**
+ * Public XRDS
+ *
+ * @category Action
+ * @package StatusNet
+ * @author Evan Prodromou <evan@status.net>
+ * @author Robin Millette <millette@status.net>
+ * @author Craig Andrews <candrews@integralblue.com>
+ * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
+ * @link http://status.net/
+ *
+ * @todo factor out similarities with XrdsAction
+ */
+class PublicxrdsAction extends Action
+{
+ /**
+ * Is read only?
+ *
+ * @return boolean true
+ */
+ function isReadOnly($args)
+ {
+ return true;
+ }
+
+ /**
+ * Class handler.
+ *
+ * @param array $args array of arguments
+ *
+ * @return nothing
+ */
+ function handle($args)
+ {
+ parent::handle($args);
+ $xrdsOutputter = new XRDSOutputter();
+ $xrdsOutputter->startXRDS();
+ Event::handle('StartPublicXRDS', array($this,&$xrdsOutputter));
+ Event::handle('EndPublicXRDS', array($this,&$xrdsOutputter));
+ $xrdsOutputter->endXRDS();
+ }
+}
+
diff --git a/actions/xrds.php b/actions/xrds.php
index 8ba89fec0..8f09557d1 100644
--- a/actions/xrds.php
+++ b/actions/xrds.php
@@ -36,6 +36,7 @@ if (!defined('STATUSNET') && !defined('LACONICA')) {
require_once INSTALLDIR.'/lib/omb.php';
require_once INSTALLDIR.'/extlib/libomb/service_provider.php';
require_once INSTALLDIR.'/extlib/libomb/xrds_mapper.php';
+require_once INSTALLDIR.'/lib/xrdsoutputter.php';
/**
* XRDS for OpenMicroBlogging
@@ -49,6 +50,8 @@ require_once INSTALLDIR.'/extlib/libomb/xrds_mapper.php';
*/
class XrdsAction extends Action
{
+ var $user;
+
/**
* Is read only?
*
@@ -58,60 +61,87 @@ class XrdsAction extends Action
{
return true;
}
-
- /**
- * Class handler.
- *
- * @param array $args query arguments
- *
- * @return void
- */
- function handle($args)
+
+ function prepare($args)
{
- parent::handle($args);
+ parent::prepare($args);
$nickname = $this->trimmed('nickname');
- $user = User::staticGet('nickname', $nickname);
- if (!$user) {
+ $this->user = User::staticGet('nickname', $nickname);
+ if (!$this->user) {
$this->clientError(_('No such user.'));
return;
}
- $this->showXrds($user);
+ return true;
}
/**
- * Show XRDS for a user.
+ * Class handler.
*
- * @param class $user XRDS for this user.
+ * @param array $args query arguments
*
* @return void
*/
- function showXrds($user)
+ function handle($args)
{
- $srv = new OMB_Service_Provider(profile_to_omb_profile($user->uri,
- $user->getProfile()));
- /* Use libomb’s default XRDS Writer. */
- $xrds_writer = null;
- $srv->writeXRDS(new Laconica_XRDS_Mapper(), $xrds_writer);
- }
-}
+ parent::handle($args);
+ $xrdsOutputter = new XRDSOutputter();
+ $xrdsOutputter->startXRDS();
-class Laconica_XRDS_Mapper implements OMB_XRDS_Mapper
-{
- protected $urls;
+ Event::handle('StartUserXRDS', array($this,&$xrdsOutputter));
- public function __construct()
- {
- $this->urls = array(
- OAUTH_ENDPOINT_REQUEST => 'requesttoken',
- OAUTH_ENDPOINT_AUTHORIZE => 'userauthorization',
- OAUTH_ENDPOINT_ACCESS => 'accesstoken',
- OMB_ENDPOINT_POSTNOTICE => 'postnotice',
- OMB_ENDPOINT_UPDATEPROFILE => 'updateprofile');
- }
+ //oauth
+ $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
+ 'xml:id' => 'oauth',
+ 'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
+ 'version' => '2.0'));
+ $xrdsOutputter->element('Type', null, 'xri://$xrds*simple');
+ $xrdsOutputter->showXrdsService(OAUTH_ENDPOINT_REQUEST,
+ common_local_url('requesttoken'),
+ array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY, OAUTH_HMAC_SHA1));
+ $xrdsOutputter->showXrdsService( OAUTH_ENDPOINT_AUTHORIZE,
+ common_local_url('userauthorization'),
+ array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY, OAUTH_HMAC_SHA1),
+ null,
+ $this->user->getIdentifierURI());
+ $xrdsOutputter->showXrdsService(OAUTH_ENDPOINT_ACCESS,
+ common_local_url('accesstoken'),
+ array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY, OAUTH_HMAC_SHA1),
+ null,
+ $this->user->getIdentifierURI());
+ $xrdsOutputter->showXrdsService(OAUTH_ENDPOINT_RESOURCE,
+ null,
+ array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY, OAUTH_HMAC_SHA1),
+ null,
+ $this->user->getIdentifierURI());
+ $xrdsOutputter->elementEnd('XRD');
+
+ //omb
+ $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
+ 'xml:id' => 'oauth',
+ 'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
+ 'version' => '2.0'));
+ $xrdsOutputter->element('Type', null, 'xri://$xrds*simple');
+ $xrdsOutputter->showXrdsService(OMB_ENDPOINT_POSTNOTICE,
+ common_local_url('postnotice'));
+ $xrdsOutputter->showXrdsService(OMB_ENDPOINT_UPDATEPROFILE,
+ common_local_url('updateprofile'));
+ $xrdsOutputter->elementEnd('XRD');
+
+ //misc
+ $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
+ 'xml:id' => 'oauth',
+ 'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
+ 'version' => '2.0'));
+ $xrdsOutputter->showXrdsService(OAUTH_DISCOVERY,
+ '#oauth');
+ $xrdsOutputter->showXrdsService(OMB_VERSION,
+ '#omb');
+ $xrdsOutputter->elementEnd('XRD');
- public function getURL($action)
- {
- return common_local_url($this->urls[$action]);
+ Event::handle('EndUserXRDS', array($this,&$xrdsOutputter));
+
+ $xrdsOutputter->endXRDS();
+
}
}
?>
diff --git a/lib/router.php b/lib/router.php
index 2fd255fe6..0dd130ab0 100644
--- a/lib/router.php
+++ b/lib/router.php
@@ -108,6 +108,9 @@ class Router
$m->connect('main/oembed',
array('action' => 'oembed'));
+ $m->connect('main/xrds',
+ array('action' => 'publicxrds'));
+
// these take a code
foreach (array('register', 'confirmaddress', 'recoverpassword') as $c) {
diff --git a/plugins/OpenID/publicxrds.php b/lib/xrdsoutputter.php
index 1b2b359ca..4b77ed5a3 100644
--- a/plugins/OpenID/publicxrds.php
+++ b/lib/xrdsoutputter.php
@@ -1,21 +1,12 @@
<?php
-
/**
- * Public XRDS for OpenID
- *
- * PHP version 5
+ * StatusNet, the distributed open-source microblogging tool
*
- * @category Action
- * @package StatusNet
- * @author Evan Prodromou <evan@status.net>
- * @author Robin Millette <millette@status.net>
- * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
- * @link http://status.net/
+ * Low-level generator for HTML
*
- * StatusNet - the distributed open-source microblogging tool
- * Copyright (C) 2008, 2009, StatusNet, Inc.
+ * PHP version 5
*
- * This program is free software: you can redistribute it and/or modify
+ * LICENCE: This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
@@ -27,60 +18,44 @@
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @category Output
+ * @package StatusNet
+ * @author Craig Andrews <candrews@integralblue.com>
+ * @copyright 2008 StatusNet, Inc.
+ * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
+ * @link http://status.net/
*/
if (!defined('STATUSNET') && !defined('LACONICA')) {
exit(1);
}
-require_once INSTALLDIR.'/plugins/OpenID/openid.php';
+require_once INSTALLDIR.'/lib/xmloutputter.php';
/**
- * Public XRDS for OpenID
+ * Low-level generator for XRDS XML
*
- * @category Action
+ * @category Output
* @package StatusNet
- * @author Evan Prodromou <evan@status.net>
- * @author Robin Millette <millette@status.net>
- * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
+ * @author Craig Andrews <candrews@integralblue.com>
+ * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*
- * @todo factor out similarities with XrdsAction
+ * @see Action
+ * @see XMLOutputter
*/
-class PublicxrdsAction extends Action
+class XRDSOutputter extends XMLOutputter
{
- /**
- * Is read only?
- *
- * @return boolean true
- */
- function isReadOnly($args)
+ public function startXRDS()
{
- return true;
- }
-
- /**
- * Class handler.
- *
- * @param array $args array of arguments
- *
- * @return nothing
- */
- function handle($args)
- {
- parent::handle($args);
header('Content-Type: application/xrds+xml');
$this->startXML();
$this->elementStart('XRDS', array('xmlns' => 'xri://$xrds'));
- $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
- 'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
- 'version' => '2.0'));
- $this->element('Type', null, 'xri://$xrds*simple');
- foreach (array('finishopenidlogin', 'finishaddopenid') as $finish) {
- $this->showService(Auth_OpenID_RP_RETURN_TO_URL_TYPE,
- common_local_url($finish));
- }
- $this->elementEnd('XRD');
+ }
+
+ public function endXRDS()
+ {
$this->elementEnd('XRDS');
$this->endXML();
}
@@ -96,7 +71,7 @@ class PublicxrdsAction extends Action
*
* @return void
*/
- function showService($type, $uri, $params=null, $sigs=null, $localId=null)
+ function showXrdsService($type, $uri, $params=null, $sigs=null, $localId=null)
{
$this->elementStart('Service');
if ($uri) {
@@ -119,4 +94,3 @@ class PublicxrdsAction extends Action
$this->elementEnd('Service');
}
}
-
diff --git a/plugins/OpenID/OpenIDPlugin.php b/plugins/OpenID/OpenIDPlugin.php
index 81e3ed9c4..5ebee2cbe 100644
--- a/plugins/OpenID/OpenIDPlugin.php
+++ b/plugins/OpenID/OpenIDPlugin.php
@@ -62,17 +62,59 @@ class OpenIDPlugin extends Plugin
* @return boolean hook return
*/
- function onRouterInitialized($m)
+ function onStartInitializeRouter($m)
{
$m->connect('main/openid', array('action' => 'openidlogin'));
+ $m->connect('main/openidtrust', array('action' => 'openidtrust'));
$m->connect('settings/openid', array('action' => 'openidsettings'));
- $m->connect('xrds', array('action' => 'publicxrds'));
$m->connect('index.php?action=finishopenidlogin', array('action' => 'finishopenidlogin'));
$m->connect('index.php?action=finishaddopenid', array('action' => 'finishaddopenid'));
-
+ $m->connect('main/openidserver', array('action' => 'openidserver'));
+
return true;
}
+ function onEndPublicXRDS($action, &$xrdsOutputter)
+ {
+ $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
+ 'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
+ 'version' => '2.0'));
+ $xrdsOutputter->element('Type', null, 'xri://$xrds*simple');
+ //consumer
+ foreach (array('finishopenidlogin', 'finishaddopenid') as $finish) {
+ $xrdsOutputter->showXrdsService(Auth_OpenID_RP_RETURN_TO_URL_TYPE,
+ common_local_url($finish));
+ }
+ //provider
+ $xrdsOutputter->showXrdsService('http://specs.openid.net/auth/2.0/server',
+ common_local_url('openidserver'),
+ null,
+ null,
+ 'http://specs.openid.net/auth/2.0/identifier_select');
+ $xrdsOutputter->elementEnd('XRD');
+ }
+
+ function onEndUserXRDS($action, &$xrdsOutputter)
+ {
+ $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
+ 'xml:id' => 'openid',
+ 'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
+ 'version' => '2.0'));
+ $xrdsOutputter->element('Type', null, 'xri://$xrds*simple');
+
+ //consumer
+ $xrdsOutputter->showXrdsService('http://specs.openid.net/auth/2.0/return_to',
+ common_local_url('finishopenidlogin'));
+
+ //provider
+ $xrdsOutputter->showXrdsService('http://specs.openid.net/auth/2.0/signon',
+ common_local_url('openidserver'),
+ null,
+ null,
+ common_profile_url($action->user->nickname));
+ $xrdsOutputter->elementEnd('XRD');
+ }
+
function onEndLoginGroupNav(&$action)
{
$action_name = $action->trimmed('action');
@@ -107,6 +149,7 @@ class OpenIDPlugin extends Plugin
case 'XrdsAction':
case 'PublicxrdsAction':
case 'OpenidsettingsAction':
+ case 'OpenidserverAction':
require_once(INSTALLDIR.'/plugins/OpenID/' . strtolower(mb_substr($cls, 0, -6)) . '.php');
return false;
case 'User_openid':
@@ -152,12 +195,16 @@ class OpenIDPlugin extends Plugin
function onEndShowHeadElements($action)
{
- if ($action->trimmed('action') == 'public') {
- // for client side of OpenID authentication
- $action->element('meta', array('http-equiv' => 'X-XRDS-Location',
- 'content' => common_local_url('publicxrds')));
+ if($action instanceof ShowstreamAction){
+ $action->element('link', array('rel' => 'openid2.provider',
+ 'href' => common_local_url('openidserver')));
+ $action->element('link', array('rel' => 'openid2.local_id',
+ 'href' => $action->profile->profileurl));
+ $action->element('link', array('rel' => 'openid.server',
+ 'href' => common_local_url('openidserver')));
+ $action->element('link', array('rel' => 'openid.delegate',
+ 'href' => $action->profile->profileurl));
}
-
return true;
}
diff --git a/plugins/OpenID/openid.php b/plugins/OpenID/openid.php
index b76497c28..ff7a93899 100644
--- a/plugins/OpenID/openid.php
+++ b/plugins/OpenID/openid.php
@@ -23,6 +23,7 @@ require_once(INSTALLDIR.'/plugins/OpenID/User_openid.php');
require_once('Auth/OpenID.php');
require_once('Auth/OpenID/Consumer.php');
+require_once('Auth/OpenID/Server.php');
require_once('Auth/OpenID/SReg.php');
require_once('Auth/OpenID/MySQLStore.php');
@@ -50,6 +51,13 @@ function oid_consumer()
return $consumer;
}
+function oid_server()
+{
+ $store = oid_store();
+ $server = new Auth_OpenID_Server($store, common_local_url('openidserver'));
+ return $server;
+}
+
function oid_clear_last()
{
oid_set_last('');
diff --git a/plugins/OpenID/openidserver.php b/plugins/OpenID/openidserver.php
new file mode 100644
index 000000000..a6b18608d
--- /dev/null
+++ b/plugins/OpenID/openidserver.php
@@ -0,0 +1,95 @@
+<?php
+/**
+ * StatusNet, the distributed open-source microblogging tool
+ *
+ * Settings for OpenID
+ *
+ * PHP version 5
+ *
+ * LICENCE: This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @category Settings
+ * @package StatusNet
+ * @author Craig Andrews <candrews@integralblue.com>
+ * @copyright 2008-2009 StatusNet, Inc.
+ * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
+ * @link http://status.net/
+ */
+
+if (!defined('STATUSNET') && !defined('LACONICA')) {
+ exit(1);
+}
+
+require_once INSTALLDIR.'/lib/action.php';
+require_once INSTALLDIR.'/plugins/OpenID/openid.php';
+
+/**
+ * Settings for OpenID
+ *
+ * Lets users add, edit and delete OpenIDs from their account
+ *
+ * @category Settings
+ * @package StatusNet
+ * @author Craig Andrews <candrews@integralblue.com>
+ * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
+ * @link http://status.net/
+ */
+class OpenidserverAction extends Action
+{
+
+ function handle($args)
+ {
+ parent::handle($args);
+ $oserver = oid_server();
+ $request = $oserver->decodeRequest();
+ if (in_array($request->mode, array('checkid_immediate',
+ 'checkid_setup'))) {
+ $cur = common_current_user();
+ error_log("Request identity: " . $request->identity);
+ if(!$cur){
+ /* Go log in, and then come back. */
+ common_set_returnto($_SERVER['REQUEST_URI']);
+ common_redirect(common_local_url('login'));
+ return;
+ }else if(common_profile_url($cur->nickname) == $request->identity || $request->idSelect()){
+ $response = &$request->answer(true, null, common_profile_url($cur->nickname));
+ } else if ($request->immediate) {
+ $response = &$request->answer(false);
+ } else {
+ //invalid
+ $this->clientError(sprintf(_('You are not authorized to use the identity %s'),$request->identity),$code=403);
+ }
+ } else {
+ $response = &$oserver->handleRequest($request);
+ }
+
+ if($response){
+ $webresponse = $oserver->encodeResponse($response);
+
+ if ($webresponse->code != AUTH_OPENID_HTTP_OK) {
+ header(sprintf("HTTP/1.1 %d ", $webresponse->code),
+ true, $webresponse->code);
+ }
+
+ if($webresponse->headers){
+ foreach ($webresponse->headers as $k => $v) {
+ header("$k: $v");
+ }
+ }
+ $this->raw($webresponse->body);
+ }else{
+ $this->clientError(_('Just an OpenID provider. Nothing to see here, move along...'),$code=500);
+ }
+ }
+}