summaryrefslogtreecommitdiff
path: root/actions/openidlogin.php
diff options
context:
space:
mode:
Diffstat (limited to 'actions/openidlogin.php')
-rw-r--r--actions/openidlogin.php89
1 files changed, 4 insertions, 85 deletions
diff --git a/actions/openidlogin.php b/actions/openidlogin.php
index 9b0b1793c..fa04d4576 100644
--- a/actions/openidlogin.php
+++ b/actions/openidlogin.php
@@ -28,7 +28,10 @@ class OpenidloginAction extends Action {
if (common_logged_in()) {
common_user_error(_t('Already logged in.'));
} else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
- $this->start_openid_login();
+ $result = oid_authenticate($this->trimmed('openid_url'), 'finishopenidlogin');
+ if (is_string($result)) { # error message
+ $this->show_form($result);
+ }
} else {
$this->show_form();
}
@@ -50,88 +53,4 @@ class OpenidloginAction extends Action {
common_element_end('form');
common_show_footer();
}
-
- function start_openid_login() {
- # XXX: form token in $_SESSION to prevent XSS
- # XXX: login throttle
- $openid_url = $this->trimmed('openid_url');
-
- $consumer = oid_consumer();
-
- if (!$consumer) {
- common_server_error(_t('Cannot instantiate OpenID consumer object.'));
- return;
- }
-
- common_ensure_session();
-
- $auth_request = $consumer->begin($openid_url);
-
- // Handle failure status return values.
- if (!$auth_request) {
- $this->show_form(_t('Not a valid OpenID.'));
- return;
- } else if (Auth_OpenID::isFailure($auth_request)) {
- $this->show_form(_t('OpenID failure: ') . $auth_request->message);
- return;
- }
-
- $sreg_request = Auth_OpenID_SRegRequest::build(// Required
- array(),
- // Optional
- array('nickname',
- 'email',
- 'fullname',
- 'language',
- 'timezone',
- 'postcode',
- 'country'));
-
- if ($sreg_request) {
- $auth_request->addExtension($sreg_request);
- }
-
- $trust_root = common_root_url();
- $process_url = common_local_url('finishopenidlogin');
-
- if ($auth_request->shouldSendRedirect()) {
- $redirect_url = $auth_request->redirectURL($trust_root,
- $process_url);
- if (!$redirect_url) {
- } else if (Auth_OpenID::isFailure($redirect_url)) {
- $this->show_form(_t('Could not redirect to server: ') . $redirect_url->message);
- return;
- } else {
- common_redirect($redirect_url);
- }
- } else {
- // Generate form markup and render it.
- $form_id = 'openid_message';
- $form_html = $auth_request->formMarkup($trust_root, $process_url,
- false, array('id' => $form_id));
-
- # XXX: This is cheap, but things choke if we don't escape ampersands
- # in the HTML attributes
-
- $form_html = preg_replace('/&/', '&', $form_html);
-
- // Display an error if the form markup couldn't be generated;
- // otherwise, render the HTML.
- if (Auth_OpenID::isFailure($form_html)) {
- $this->show_form(_t('Could not create OpenID form: ') . $form_html->message);
- } else {
- common_show_header(_t('OpenID Auto-Submit'));
- common_element('p', 'instructions',
- _t('This form should automatically submit itself. '.
- 'If not, click the submit button to go to your '.
- 'OpenID provider.'));
- common_raw($form_html);
- common_element('script', NULL,
- '$(document).ready(function() { ' .
- ' $("#'. $form_id .'").submit(); '.
- '});');
- common_show_footer();
- }
- }
- }
}