From 7f8dbb8e457d1e5534ebb569988d84ee3adaeef7 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Wed, 11 Nov 2009 10:38:11 -0800 Subject: Fix bug 1963: Web UI throws warnings during previously open login session after user account is deleted common_logged_in() returned bogus results because it checks against null specifically, but common_current_user() was sticking 'false' into $_cur because that's what User::staticGet() returned from a failed lookup. Now we skip over a failed lookup here, so we keep null and all is well. --- lib/util.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'lib/util.php') diff --git a/lib/util.php b/lib/util.php index 81160d052..7aca4af8d 100644 --- a/lib/util.php +++ b/lib/util.php @@ -350,8 +350,11 @@ function common_current_user() common_ensure_session(); $id = isset($_SESSION['userid']) ? $_SESSION['userid'] : false; if ($id) { - $_cur = User::staticGet($id); - return $_cur; + $user = User::staticGet($id); + if ($user) { + $_cur = $user; + return $_cur; + } } } -- cgit v1.2.3-54-g00ecf From 014d6b1d19b6ae5de8d87f055397993f80579f74 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Wed, 11 Nov 2009 14:02:57 -0500 Subject: Redid how URL shorteners work. This way is much more like how Evan wants events to work (and more like how the rest of SN works). --- EVENTS.txt | 14 ++++ actions/othersettings.php | 17 ++--- lib/Shorturl_api.php | 67 ------------------ lib/common.php | 1 - lib/util.php | 25 +++---- plugins/BitlyUrl/BitlyUrlPlugin.php | 31 ++++----- plugins/LilUrl/LilUrlPlugin.php | 38 +++++----- plugins/PtitUrl/PtitUrlPlugin.php | 31 ++++----- plugins/SimpleUrl/SimpleUrlPlugin.php | 41 +++-------- plugins/TightUrl/TightUrlPlugin.php | 31 ++++----- plugins/UrlShortener/UrlShortenerPlugin.php | 103 ++++++++++++++++++++++++++++ 11 files changed, 197 insertions(+), 202 deletions(-) delete mode 100644 lib/Shorturl_api.php create mode 100644 plugins/UrlShortener/UrlShortenerPlugin.php (limited to 'lib/util.php') diff --git a/EVENTS.txt b/EVENTS.txt index f75dcebca..3acff277b 100644 --- a/EVENTS.txt +++ b/EVENTS.txt @@ -538,3 +538,17 @@ EndChangePassword: After changing a password UserDeleteRelated: Specify additional tables to delete entries from when deleting users - $user: User object - &$related: array of DB_DataObject class names to delete entries on matching user_id. + +GetUrlShorteners: Specify URL shorteners that are available for use +- &$shorteners: append your shortener to this array like so: $shorteners[shortenerName]=array('display'=>display, 'freeService'=>boolean) + +StartShortenUrl: About to shorten a URL +- $url: url to be shortened +- $shortenerName: name of the requested shortener +- &$shortenedUrl: short version of the url + +EndShortenUrl: After a URL has been shortened +- $url: url to be shortened +- $shortenerName: name of the requested shortener +- $shortenedUrl: short version of the url + diff --git a/actions/othersettings.php b/actions/othersettings.php index d32a2d651..d52a634ac 100644 --- a/actions/othersettings.php +++ b/actions/othersettings.php @@ -97,20 +97,15 @@ class OthersettingsAction extends AccountSettingsAction $this->elementStart('fieldset'); $this->hidden('token', common_session_token()); - $services=array(); - global $_shorteners; - if($_shorteners){ - foreach($_shorteners as $name=>$value) - { - $services[$name]=$name; - if(!empty($value['info']['freeService'])){ - // I18N - $services[$name].=' (free service)'; - } + Event::handle('GetUrlShorteners', array(&$shorteners)); + foreach($shorteners as $name=>$value) + { + $services[$name]=$name; + if($value['freeService']){ + $services[$name].=_(' (free service)'); } } asort($services); - $services['']='None'; $this->elementStart('ul', 'form_data'); $this->elementStart('li'); diff --git a/lib/Shorturl_api.php b/lib/Shorturl_api.php deleted file mode 100644 index de4d55012..000000000 --- a/lib/Shorturl_api.php +++ /dev/null @@ -1,67 +0,0 @@ -. - */ - -if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } - -abstract class ShortUrlApi -{ - protected $service_url; - protected $long_limit = 27; - - function __construct($service_url) - { - $this->service_url = $service_url; - } - - function shorten($url) - { - if ($this->is_long($url)) return $this->shorten_imp($url); - return $url; - } - - protected abstract function shorten_imp($url); - - protected function is_long($url) { - return strlen($url) >= common_config('site', 'shorturllength'); - } - - protected function http_post($data) - { - $request = HTTPClient::start(); - $response = $request->post($this->service_url, null, $data); - return $response->getBody(); - } - - protected function http_get($url) - { - $request = HTTPClient::start(); - $response = $request->get($this->service_url . urlencode($url)); - return $response->getBody(); - } - - protected function tidy($response) { - $response = str_replace(' ', ' ', $response); - $config = array('output-xhtml' => true); - $tidy = new tidy; - $tidy->parseString($response, $config, 'utf8'); - $tidy->cleanRepair(); - return (string)$tidy; - } -} - diff --git a/lib/common.php b/lib/common.php index 6aac46807..4958866d0 100644 --- a/lib/common.php +++ b/lib/common.php @@ -229,7 +229,6 @@ require_once INSTALLDIR.'/lib/util.php'; require_once INSTALLDIR.'/lib/action.php'; require_once INSTALLDIR.'/lib/mail.php'; require_once INSTALLDIR.'/lib/subs.php'; -require_once INSTALLDIR.'/lib/Shorturl_api.php'; require_once INSTALLDIR.'/lib/clientexception.php'; require_once INSTALLDIR.'/lib/serverexception.php'; diff --git a/lib/util.php b/lib/util.php index 7aca4af8d..68f3520db 100644 --- a/lib/util.php +++ b/lib/util.php @@ -1423,25 +1423,18 @@ function common_shorten_url($long_url) if (empty($user)) { // common current user does not find a user when called from the XMPP daemon // therefore we'll set one here fix, so that XMPP given URLs may be shortened - $svc = 'ur1.ca'; + $shortenerName = 'ur1.ca'; } else { - $svc = $user->urlshorteningservice; + $shortenerName = $user->urlshorteningservice; } - global $_shorteners; - if (!isset($_shorteners[$svc])) { - //the user selected service doesn't exist, so default to ur1.ca - $svc = 'ur1.ca'; - } - if (!isset($_shorteners[$svc])) { - // no shortener plugins installed. - return $long_url; - } - - $reflectionObj = new ReflectionClass($_shorteners[$svc]['callInfo'][0]); - $short_url_service = $reflectionObj->newInstanceArgs($_shorteners[$svc]['callInfo'][1]); - $short_url = $short_url_service->shorten($long_url); - return $short_url; + if(Event::handle('StartShortenUrl', array($long_url,$shortenerName,&$shortenedUrl))){ + //URL wasn't shortened, so return the long url + return $long_url; + }else{ + //URL was shortened, so return the result + return $shortenedUrl; + } } function common_client_ip() diff --git a/plugins/BitlyUrl/BitlyUrlPlugin.php b/plugins/BitlyUrl/BitlyUrlPlugin.php index 478ef99d2..65d0f70e6 100644 --- a/plugins/BitlyUrl/BitlyUrlPlugin.php +++ b/plugins/BitlyUrl/BitlyUrlPlugin.php @@ -31,31 +31,24 @@ if (!defined('STATUSNET')) { exit(1); } -class BitlyUrlPlugin extends Plugin +require_once INSTALLDIR.'/plugins/UrlShortener/UrlShortenerPlugin.php'; + +class BitlyUrlPlugin extends UrlShortenerPlugin { - function __construct() - { - parent::__construct(); - } + public $serviceUrl; function onInitializePlugin(){ - $this->registerUrlShortener( - 'bit.ly', - array(), - array('BitlyUrl',array('http://bit.ly/api?method=shorten&long_url=')) - ); + parent::onInitializePlugin(); + if(!isset($this->serviceUrl)){ + throw new Exception("must specify a serviceUrl"); + } } -} -class BitlyUrl extends ShortUrlApi -{ - protected function shorten_imp($url) { + protected function shorten($url) { $response = $this->http_get($url); - if(!$response){ - return $url; - }else{ - return current(json_decode($response)->results)->hashUrl; - } + if(!$response) return; + return current(json_decode($response)->results)->hashUrl; } } + diff --git a/plugins/LilUrl/LilUrlPlugin.php b/plugins/LilUrl/LilUrlPlugin.php index 852253b02..e906751e8 100644 --- a/plugins/LilUrl/LilUrlPlugin.php +++ b/plugins/LilUrl/LilUrlPlugin.php @@ -31,37 +31,31 @@ if (!defined('STATUSNET')) { exit(1); } -require_once(INSTALLDIR.'/lib/Shorturl_api.php'); +require_once INSTALLDIR.'/plugins/UrlShortener/UrlShortenerPlugin.php'; -class LilUrlPlugin extends Plugin +class LilUrlPlugin extends UrlShortenerPlugin { - function __construct() - { - parent::__construct(); - } + public $serviceUrl; function onInitializePlugin(){ - $this->registerUrlShortener( - 'ur1.ca', - array('freeService'=>true), - array('LilUrl',array('http://ur1.ca/')) - ); + parent::onInitializePlugin(); + if(!isset($this->serviceUrl)){ + throw new Exception("must specify a serviceUrl"); + } } -} -class LilUrl extends ShortUrlApi -{ - protected function shorten_imp($url) { - $data['longurl'] = $url; - $response = $this->http_post($data); - if (!$response) return $url; - $y = @simplexml_load_string($response); - if (!isset($y->body)) return $url; + protected function shorten($url) { + $data = array('longurl' => $url); + + $responseBody = $this->http_post($this->serviceUrl,$data); + + if (!$responseBody) return; + $y = @simplexml_load_string($responseBody); + if (!isset($y->body)) return; $x = $y->body->p[0]->a->attributes(); if (isset($x['href'])) { - common_log(LOG_INFO, __CLASS__ . ": shortened $url to $x[href]"); return $x['href']; } - return $url; } } + diff --git a/plugins/PtitUrl/PtitUrlPlugin.php b/plugins/PtitUrl/PtitUrlPlugin.php index f00d3e2f2..ef453e96d 100644 --- a/plugins/PtitUrl/PtitUrlPlugin.php +++ b/plugins/PtitUrl/PtitUrlPlugin.php @@ -30,33 +30,28 @@ if (!defined('STATUSNET')) { exit(1); } +require_once INSTALLDIR.'/plugins/UrlShortener/UrlShortenerPlugin.php'; -class PtitUrlPlugin extends Plugin +class PtitUrlPlugin extends UrlShortenerPlugin { - function __construct() - { - parent::__construct(); - } + public $serviceUrl; function onInitializePlugin(){ - $this->registerUrlShortener( - 'ptiturl.com', - array(), - array('PtitUrl',array('http://ptiturl.com/?creer=oui&action=Reduire&url=')) - ); + parent::onInitializePlugin(); + if(!isset($this->serviceUrl)){ + throw new Exception("must specify a serviceUrl"); + } } -} -class PtitUrl extends ShortUrlApi -{ - protected function shorten_imp($url) { - $response = $this->http_get($url); - if (!$response) return $url; + protected function shorten($url) + { + $response = $this->http_get(sprintf($this->serviceUrl,urlencode($url))); + if (!$response) return; $response = $this->tidy($response); $y = @simplexml_load_string($response); - if (!isset($y->body)) return $url; + if (!isset($y->body)) return; $xml = $y->body->center->table->tr->td->pre->a->attributes(); if (isset($xml['href'])) return $xml['href']; - return $url; } } + diff --git a/plugins/SimpleUrl/SimpleUrlPlugin.php b/plugins/SimpleUrl/SimpleUrlPlugin.php index d59d63e47..45b745b07 100644 --- a/plugins/SimpleUrl/SimpleUrlPlugin.php +++ b/plugins/SimpleUrl/SimpleUrlPlugin.php @@ -31,40 +31,21 @@ if (!defined('STATUSNET')) { exit(1); } -class SimpleUrlPlugin extends Plugin +require_once INSTALLDIR.'/plugins/UrlShortener/UrlShortenerPlugin.php'; + +class SimpleUrlPlugin extends UrlShortenerPlugin { - function __construct() - { - parent::__construct(); - } + public $serviceUrl; function onInitializePlugin(){ - $this->registerUrlShortener( - 'is.gd', - array(), - array('SimpleUrl',array('http://is.gd/api.php?longurl=')) - ); - $this->registerUrlShortener( - 'snipr.com', - array(), - array('SimpleUrl',array('http://snipr.com/site/snip?r=simple&link=')) - ); - $this->registerUrlShortener( - 'metamark.net', - array(), - array('SimpleUrl',array('http://metamark.net/api/rest/simple?long_url=')) - ); - $this->registerUrlShortener( - 'tinyurl.com', - array(), - array('SimpleUrl',array('http://tinyurl.com/api-create.php?url=')) - ); + parent::onInitializePlugin(); + if(!isset($this->serviceUrl)){ + throw new Exception("must specify a serviceUrl"); + } } -} -class SimpleUrl extends ShortUrlApi -{ - protected function shorten_imp($url) { - return $this->http_get($url); + protected function shorten($url) { + return $this->http_get(sprintf($this->serviceUrl,urlencode($url))); } } + diff --git a/plugins/TightUrl/TightUrlPlugin.php b/plugins/TightUrl/TightUrlPlugin.php index 48efb355f..56414c8c8 100644 --- a/plugins/TightUrl/TightUrlPlugin.php +++ b/plugins/TightUrl/TightUrlPlugin.php @@ -31,32 +31,27 @@ if (!defined('STATUSNET')) { exit(1); } -class TightUrlPlugin extends Plugin +require_once INSTALLDIR.'/plugins/UrlShortener/UrlShortenerPlugin.php'; + +class TightUrlPlugin extends UrlShortenerPlugin { - function __construct() - { - parent::__construct(); - } + public $serviceUrl; function onInitializePlugin(){ - $this->registerUrlShortener( - '2tu.us', - array('freeService'=>true), - array('TightUrl',array('http://2tu.us/?save=y&url=')) - ); + parent::onInitializePlugin(); + if(!isset($this->serviceUrl)){ + throw new Exception("must specify a serviceUrl"); + } } -} -class TightUrl extends ShortUrlApi -{ - protected function shorten_imp($url) { - $response = $this->http_get($url); - if (!$response) return $url; + protected function shorten($url) + { + $response = $this->http_get(sprintf($this->serviceUrl,urlencode($url))); + if (!$response) return; $response = $this->tidy($response); $y = @simplexml_load_string($response); - if (!isset($y->body)) return $url; + if (!isset($y->body)) return; $xml = $y->body->p[0]->code[0]->a->attributes(); if (isset($xml['href'])) return $xml['href']; - return $url; } } diff --git a/plugins/UrlShortener/UrlShortenerPlugin.php b/plugins/UrlShortener/UrlShortenerPlugin.php new file mode 100644 index 000000000..37206aa89 --- /dev/null +++ b/plugins/UrlShortener/UrlShortenerPlugin.php @@ -0,0 +1,103 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +/** + * Superclass for plugins that do URL shortening + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +abstract class UrlShortenerPlugin extends Plugin +{ + public $shortenerName; + public $freeService=false; + //------------Url Shortener plugin should implement some (or all) of these methods------------\\ + + /** + * Short a URL + * @param url + * @return string shortened version of the url, or null if URL shortening failed + */ + protected abstract function shorten($url); + + //------------These methods may help you implement your plugin------------\\ + protected function http_get($url) + { + $request = HTTPClient::start(); + $response = $request->get($url); + return $response->getBody(); + } + + protected function http_post($url,$data) + { + $request = HTTPClient::start(); + $response = $request->post($url, null, $data); + return $response->getBody(); + } + + protected function tidy($response) { + $response = str_replace(' ', ' ', $response); + $config = array('output-xhtml' => true); + $tidy = new tidy; + $tidy->parseString($response, $config, 'utf8'); + $tidy->cleanRepair(); + return (string)$tidy; + } + //------------Below are the methods that connect StatusNet to the implementing Url Shortener plugin------------\\ + + function onInitializePlugin(){ + if(!isset($this->shortenerName)){ + throw new Exception("must specify a shortenerName"); + } + } + + function onGetUrlShorteners(&$shorteners) + { + $shorteners[$this->shortenerName]=array('freeService'=>$this->freeService); + } + + function onStartShortenUrl($url,$shortenerName,&$shortenedUrl) + { + if($shortenerName == $this->shortenerName && strlen($url) >= common_config('site', 'shorturllength')){ + $result = $this->shorten($url); + if(isset($result) && $result != null && $result !== false){ + $shortenedUrl=$result; + common_log(LOG_INFO, __CLASS__ . ": $this->shortenerName shortened $url to $shortenedUrl"); + return false; + } + } + } +} -- cgit v1.2.3-54-g00ecf From ed690615de8f6433a1a4d9a8fc7c28385af47d8a Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Thu, 12 Nov 2009 20:12:00 -0500 Subject: Added a User_username table that links the external username with a StatusNet user_id Added EmailAuthenticationPlugin Added ReverseUsernameAuthenticationPlugin Changed the StartChangePassword and EndChangePassword events to take a user, instead of a nickname User::allowed_nickname was declared non-static, but used as if it was static, so I made the declaration static --- EVENTS.txt | 4 +- actions/passwordsettings.php | 4 +- classes/User.php | 16 +- classes/statusnet.ini | 10 ++ index.php | 1 - lib/util.php | 1 + plugins/Authentication/AuthenticationPlugin.php | 177 ++++++++++++++------- plugins/Authentication/User_username.php | 25 +++ .../EmailAuthenticationPlugin.php | 54 +++++++ plugins/EmailAuthentication/README | 7 + .../LdapAuthenticationPlugin.php | 56 +++---- plugins/LdapAuthentication/README | 5 +- plugins/ReverseUsernameAuthentication/README | 26 +++ .../ReverseUsernameAuthenticationPlugin.php | 58 +++++++ 14 files changed, 349 insertions(+), 95 deletions(-) create mode 100644 plugins/Authentication/User_username.php create mode 100644 plugins/EmailAuthentication/EmailAuthenticationPlugin.php create mode 100644 plugins/EmailAuthentication/README create mode 100644 plugins/ReverseUsernameAuthentication/README create mode 100644 plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php (limited to 'lib/util.php') diff --git a/EVENTS.txt b/EVENTS.txt index 3acff277b..c788a9215 100644 --- a/EVENTS.txt +++ b/EVENTS.txt @@ -528,12 +528,12 @@ EndCheckPassword: After checking a username/password pair - $authenticatedUser: User object if credentials match a user, else null. StartChangePassword: Before changing a password -- $nickname: user's nickname +- $user: user - $oldpassword: the user's old password - $newpassword: the desired new password EndChangePassword: After changing a password -- $nickname: user's nickname +- $user: user UserDeleteRelated: Specify additional tables to delete entries from when deleting users - $user: User object diff --git a/actions/passwordsettings.php b/actions/passwordsettings.php index 9e79501e2..11d7bf785 100644 --- a/actions/passwordsettings.php +++ b/actions/passwordsettings.php @@ -170,7 +170,7 @@ class PasswordsettingsAction extends AccountSettingsAction } $success = false; - if(! Event::handle('StartChangePassword', array($user->nickname, $oldpassword, $newpassword))){ + if(! Event::handle('StartChangePassword', array($user, $oldpassword, $newpassword))){ //no handler changed the password, so change the password internally $original = clone($user); @@ -186,7 +186,7 @@ class PasswordsettingsAction extends AccountSettingsAction $this->serverError(_('Can\'t save new password.')); return; } - Event::handle('EndChangePassword', array($nickname)); + Event::handle('EndChangePassword', array($user)); } $this->showForm(_('Password saved.'), true); diff --git a/classes/User.php b/classes/User.php index 9b90ce61b..9f1ee53f4 100644 --- a/classes/User.php +++ b/classes/User.php @@ -114,7 +114,7 @@ class User extends Memcached_DataObject return $result; } - function allowed_nickname($nickname) + static function allowed_nickname($nickname) { // XXX: should already be validated for size, content, etc. $blacklist = common_config('nickname', 'blacklist'); @@ -190,7 +190,17 @@ class User extends Memcached_DataObject $profile->query('BEGIN'); + if(!empty($email)) + { + $email = common_canonical_email($email); + } + + $nickname = common_canonical_nickname($nickname); $profile->nickname = $nickname; + if(! User::allowed_nickname($nickname)){ + common_log(LOG_WARNING, sprintf("Attempted to register a nickname that is not allowed: %s", $profile->nickname), + __FILE__); + } $profile->profileurl = common_profile_url($nickname); if (!empty($fullname)) { @@ -242,6 +252,10 @@ class User extends Memcached_DataObject } } + if(isset($email_confirmed) && $email_confirmed) { + $user->email = $email; + } + // This flag is ignored but still set to 1 $user->inboxed = 1; diff --git a/classes/statusnet.ini b/classes/statusnet.ini index 912d05cdf..19ab7bf97 100644 --- a/classes/statusnet.ini +++ b/classes/statusnet.ini @@ -566,3 +566,13 @@ modified = 384 user_id = K token = K +[user_username] +user_id = 129 +provider_name = 130 +username = 130 +created = 142 +modified = 384 + +[user_username__keys] +provider_name = K +username = K diff --git a/index.php b/index.php index b1e4f651e..577b491ed 100644 --- a/index.php +++ b/index.php @@ -68,7 +68,6 @@ function getPath($req) */ function handleError($error) { -//error_log(print_r($error,1)); if ($error->getCode() == DB_DATAOBJECT_ERROR_NODATA) { return; } diff --git a/lib/util.php b/lib/util.php index 68f3520db..4b2a25ead 100644 --- a/lib/util.php +++ b/lib/util.php @@ -1058,6 +1058,7 @@ function common_log($priority, $msg, $filename=null) } } else { common_ensure_syslog(); + error_log($msg); syslog($priority, $msg); } } diff --git a/plugins/Authentication/AuthenticationPlugin.php b/plugins/Authentication/AuthenticationPlugin.php index e3e55fea6..99b61b808 100644 --- a/plugins/Authentication/AuthenticationPlugin.php +++ b/plugins/Authentication/AuthenticationPlugin.php @@ -48,20 +48,20 @@ abstract class AuthenticationPlugin extends Plugin //should accounts be automatically created after a successful login attempt? public $autoregistration = false; - //can the user change their email address - public $email_changeable=true; - //can the user change their email address public $password_changeable=true; + //unique name for this authentication provider + public $provider_name; + //------------Auth plugin should implement some (or all) of these methods------------\\ /** * Check if a nickname/password combination is valid - * @param nickname + * @param username * @param password * @return boolean true if the credentials are valid, false if they are invalid. */ - function checkPassword($nickname, $password) + function checkPassword($username, $password) { return false; } @@ -69,88 +69,116 @@ abstract class AuthenticationPlugin extends Plugin /** * Automatically register a user when they attempt to login with valid credentials. * User::register($data) is a very useful method for this implementation - * @param nickname - * @return boolean true if the user was created, false if autoregistration is not allowed, null if this plugin is not responsible for this nickname + * @param username + * @return boolean true if the user was created, false if not */ - function autoRegister($nickname) + function autoRegister($username) { - return null; + $registration_data = array(); + $registration_data['nickname'] = $username ; + return User::register($registration_data); } /** * Change a user's password * The old password has been verified to be valid by this plugin before this call is made - * @param nickname + * @param username * @param oldpassword * @param newpassword - * @return boolean true if the password was changed, false if password changing failed for some reason, null if this plugin is not responsible for this nickname + * @return boolean true if the password was changed, false if password changing failed for some reason */ - function changePassword($nickname,$oldpassword,$newpassword) + function changePassword($username,$oldpassword,$newpassword) { - return null; - } - - /** - * Can a user change this field in his own profile? - * @param nickname - * @param field - * @return boolean true if the field can be changed, false if not allowed to change it, null if this plugin is not responsible for this nickname - */ - function canUserChangeField($nickname, $field) - { - return null; + return false; } //------------Below are the methods that connect StatusNet to the implementing Auth plugin------------\\ - function __construct() - { - parent::__construct(); + function onInitializePlugin(){ + if(!isset($this->provider_name)){ + throw new Exception("must specify a provider_name for this authentication provider"); + } } - + function onStartCheckPassword($nickname, $password, &$authenticatedUser){ - if($this->password_changeable){ - $authenticated = $this->checkPassword($nickname, $password); + //map the nickname to a username + $user_username = new User_username(); + $user_username->username=$nickname; + $user_username->provider_name=$this->provider_name; + if($user_username->find() && $user_username->fetch()){ + $username = $user_username->username; + $authenticated = $this->checkPassword($username, $password); if($authenticated){ - $authenticatedUser = User::staticGet('nickname', $nickname); - if(!$authenticatedUser && $this->autoregistration){ - if($this->autoregister($nickname)){ + $authenticatedUser = User::staticGet('id', $user_username->user_id); + return false; + } + }else{ + $user = User::staticGet('nickname', $nickname); + if($user){ + //make sure a different provider isn't handling this nickname + $user_username = new User_username(); + $user_username->username=$nickname; + if(!$user_username->find()){ + //no other provider claims this username, so it's safe for us to handle it + $authenticated = $this->checkPassword($nickname, $password); + if($authenticated){ $authenticatedUser = User::staticGet('nickname', $nickname); + $user_username = new User_username(); + $user_username->user_id = $authenticatedUser->id; + $user_username->provider_name = $this->provider_name; + $user_username->username = $nickname; + $user_username->created = DB_DataObject_Cast::dateTime(); + $user_username->insert(); + return false; } } - return false; }else{ - if($this->authoritative){ - return false; + if($this->autoregistration){ + $authenticated = $this->checkPassword($nickname, $password); + if($authenticated && $this->autoregister($nickname)){ + $authenticatedUser = User::staticGet('nickname', $nickname); + $user_username = new User_username(); + $user_username->user_id = $authenticatedUser->id; + $user_username->provider_name = $this->provider_name; + $user_username->username = $nickname; + $user_username->created = DB_DataObject_Cast::dateTime(); + $user_username->insert(); + return false; + } } } - //we're not authoritative, so let other handlers try + } + if($this->authoritative){ + return false; }else{ - if($this->authoritative){ - //since we're authoritative, no other plugin could do this - throw new Exception(_('Password changing is not allowed')); - } + //we're not authoritative, so let other handlers try + return; } } - function onStartChangePassword($nickname,$oldpassword,$newpassword) + function onStartChangePassword($user,$oldpassword,$newpassword) { if($this->password_changeable){ - $authenticated = $this->checkPassword($nickname, $oldpassword); - if($authenticated){ - $result = $this->changePassword($nickname,$oldpassword,$newpassword); - if($result){ - //stop handling of other handlers, because what was requested was done - return false; - }else{ - throw new Exception(_('Password changing failed')); - } - }else{ - if($this->authoritative){ - //since we're authoritative, no other plugin could do this - throw new Exception(_('Password changing failed')); + $user_username = new User_username(); + $user_username->user_id=$user->id; + $user_username->provider_name=$this->provider_name; + if($user_username->find() && $user_username->fetch()){ + $authenticated = $this->checkPassword($user_username->username, $oldpassword); + if($authenticated){ + $result = $this->changePassword($user_username->username,$oldpassword,$newpassword); + if($result){ + //stop handling of other handlers, because what was requested was done + return false; + }else{ + throw new Exception(_('Password changing failed')); + } }else{ - //let another handler try - return null; + if($this->authoritative){ + //since we're authoritative, no other plugin could do this + throw new Exception(_('Password changing failed')); + }else{ + //let another handler try + return null; + } } } }else{ @@ -164,9 +192,42 @@ abstract class AuthenticationPlugin extends Plugin function onStartAccountSettingsPasswordMenuItem($widget) { if($this->authoritative && !$this->password_changeable){ - //since we're authoritative, no other plugin could change passwords, so do render the menu item + //since we're authoritative, no other plugin could change passwords, so do not render the menu item + return false; + } + } + + function onAutoload($cls) + { + switch ($cls) + { + case 'User_username': + require_once(INSTALLDIR.'/plugins/Authentication/User_username.php'); return false; + default: + return true; } } + + function onCheckSchema() { + $schema = Schema::get(); + $schema->ensureTable('user_username', + array(new ColumnDef('provider_name', 'varchar', + '255', false, 'PRI'), + new ColumnDef('username', 'varchar', + '255', false, 'PRI'), + new ColumnDef('user_id', 'integer', + null, false), + new ColumnDef('created', 'datetime', + null, false), + new ColumnDef('modified', 'timestamp'))); + return true; + } + + function onUserDeleteRelated($user, &$tables) + { + $tables[] = 'User_username'; + return true; + } } diff --git a/plugins/Authentication/User_username.php b/plugins/Authentication/User_username.php new file mode 100644 index 000000000..79adeb189 --- /dev/null +++ b/plugins/Authentication/User_username.php @@ -0,0 +1,25 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @copyright 2009 Craig Andrews http://candrews.integralblue.com + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +class EmailAuthenticationPlugin extends Plugin +{ + //---interface implementation---// + + function onStartCheckPassword($nickname, $password, &$authenticatedUser) + { + if(strpos($nickname, '@')) + { + $user = User::staticGet('email',$nickname); + if($user && isset($user->email)) + { + if(common_check_user($user->nickname,$password)) + { + $authenticatedUser = $user; + return false; + } + } + } + } +} + diff --git a/plugins/EmailAuthentication/README b/plugins/EmailAuthentication/README new file mode 100644 index 000000000..320815689 --- /dev/null +++ b/plugins/EmailAuthentication/README @@ -0,0 +1,7 @@ +The Email Authentication plugin allows users to login using their email address. + +The provided email address is used to lookup the user's nickname, then that nickname and the provided password is checked. + +Installation +============ +add "addPlugin('emailAuthentication');" to the bottom of your config.php diff --git a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php index ded5cf299..865154730 100644 --- a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php +++ b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php @@ -48,20 +48,31 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin public $scope=null; public $attributes=array(); - function __construct() - { - parent::__construct(); + function onInitializePlugin(){ + parent::onInitializePlugin(); + if(!isset($this->host)){ + throw new Exception("must specify a host"); + } + if(!isset($this->basedn)){ + throw new Exception("must specify a basedn"); + } + if(!isset($this->attributes['nickname'])){ + throw new Exception("must specify a nickname attribute"); + } + if(!isset($this->attributes['username'])){ + throw new Exception("must specify a username attribute"); + } } //---interface implementation---// - function checkPassword($nickname, $password) + function checkPassword($username, $password) { $ldap = $this->ldap_get_connection(); if(!$ldap){ return false; } - $entry = $this->ldap_get_user($nickname); + $entry = $this->ldap_get_user($username); if(!$entry){ return false; }else{ @@ -76,48 +87,33 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin } } - function autoRegister($nickname) + function autoRegister($username) { - $entry = $this->ldap_get_user($nickname,$this->attributes); + $entry = $this->ldap_get_user($username,$this->attributes); if($entry){ $registration_data = array(); foreach($this->attributes as $sn_attribute=>$ldap_attribute){ - if($sn_attribute=='email'){ - $registration_data[$sn_attribute]=common_canonical_email($entry->getValue($ldap_attribute,'single')); - }else if($sn_attribute=='nickname'){ - $registration_data[$sn_attribute]=common_canonical_nickname($entry->getValue($ldap_attribute,'single')); - }else{ - $registration_data[$sn_attribute]=$entry->getValue($ldap_attribute,'single'); - } + $registration_data[$sn_attribute]=$entry->getValue($ldap_attribute,'single'); + } + if(isset($registration_data['email']) && !empty($registration_data['email'])){ + $registration_data['email_confirmed']=true; } //set the database saved password to a random string. $registration_data['password']=common_good_rand(16); - $user = User::register($registration_data); - return true; + return User::register($registration_data); }else{ //user isn't in ldap, so we cannot register him - return null; + return false; } } - function changePassword($nickname,$oldpassword,$newpassword) + function changePassword($username,$oldpassword,$newpassword) { //TODO implement this throw new Exception(_('Sorry, changing LDAP passwords is not supported at this time')); return false; } - - function canUserChangeField($nickname, $field) - { - switch($field) - { - case 'password': - case 'nickname': - case 'email': - return false; - } - } //---utility functions---// function ldap_get_config(){ @@ -159,7 +155,7 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin */ function ldap_get_user($username,$attributes=array()){ $ldap = $this->ldap_get_connection(); - $filter = Net_LDAP2_Filter::create($this->attributes['nickname'], 'equals', $username); + $filter = Net_LDAP2_Filter::create($this->attributes['username'], 'equals', $username); $options = array( 'scope' => 'sub', 'attributes' => $attributes diff --git a/plugins/LdapAuthentication/README b/plugins/LdapAuthentication/README index 03647e7c7..b10a1eb93 100644 --- a/plugins/LdapAuthentication/README +++ b/plugins/LdapAuthentication/README @@ -6,7 +6,8 @@ add "addPlugin('ldapAuthentication', array('setting'=>'value', 'setting2'=>'valu Settings ======== -authoritative (false): Set to true if LDAP's responses are authoritative (meaning if LDAP fails, do check the any other plugins or the internal password database). +provider_name*: a unique name for this authentication provider. +authoritative (false): Set to true if LDAP's responses are authoritative (meaning if LDAP fails, do check any other plugins or the internal password database). autoregistration (false): Set to true if users should be automatically created when they attempt to login. email_changeable (true): Are users allowed to change their email address? (true or false) password_changeable (true): Are users allowed to change their passwords? (true or false) @@ -23,6 +24,7 @@ filter: Default search filter. See http://pear.php.net/manual/en/package.network scope: Default search scope. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php attributes: an array with the key being the StatusNet user attribute name, and the value the LDAP attribute name + username* nickname* email fullname @@ -37,6 +39,7 @@ Example Here's an example of an LDAP plugin configuration that connects to Microsoft Active Directory. addPlugin('ldapAuthentication', array( + 'provider_name'=>'Example', 'authoritative'=>true, 'autoregistration'=>true, 'binddn'=>'username', diff --git a/plugins/ReverseUsernameAuthentication/README b/plugins/ReverseUsernameAuthentication/README new file mode 100644 index 000000000..e9160ed9b --- /dev/null +++ b/plugins/ReverseUsernameAuthentication/README @@ -0,0 +1,26 @@ +The Reverse Username Authentication plugin allows for StatusNet to handle authentication by checking if the provided password is the same as the reverse of the username. + +THIS PLUGIN IS FOR TESTING PURPOSES ONLY + +Installation +============ +add "addPlugin('reverseUsernameAuthentication', array('setting'=>'value', 'setting2'=>'value2', ...);" to the bottom of your config.php + +Settings +======== +provider_name*: a unique name for this authentication provider. +password_changeable*: must be set to false. This plugin does not support changing passwords. +authoritative (false): Set to true if this plugin's responses are authoritative (meaning if this fails, do check any other plugins or the internal password database). +autoregistration (false): Set to true if users should be automatically created when they attempt to login. + +* required +default values are in (parenthesis) + +Example +======= +addPlugin('reverseUsernameAuthentication', array( + 'provider_name'=>'Example', + 'password_changeable'=>false, + 'authoritative'=>true, + 'autoregistration'=>true +)); diff --git a/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php b/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php new file mode 100644 index 000000000..d48283b2e --- /dev/null +++ b/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php @@ -0,0 +1,58 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @copyright 2009 Craig Andrews http://candrews.integralblue.com + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/plugins/Authentication/AuthenticationPlugin.php'; + +class ReverseUsernameAuthenticationPlugin extends AuthenticationPlugin +{ + //---interface implementation---// + + function onInitializePlugin(){ + parent::onInitializePlugin(); + if(!isset($this->password_changeable) && $this->password_changeable){ + throw new Exception("password_changeable cannot be set to true. This plugin does not support changing passwords."); + } + } + + function checkPassword($username, $password) + { + return $username == strrev($password); + } + + function autoRegister($username) + { + $registration_data = array(); + $registration_data['nickname'] = $username ; + return User::register($registration_data); + } +} -- cgit v1.2.3-54-g00ecf From f60a55d9ec08019c7e1a9b60bc5d34fad61fb088 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Thu, 12 Nov 2009 20:15:10 -0500 Subject: blasted, that should not be there --- lib/util.php | 1 - 1 file changed, 1 deletion(-) (limited to 'lib/util.php') diff --git a/lib/util.php b/lib/util.php index 4b2a25ead..68f3520db 100644 --- a/lib/util.php +++ b/lib/util.php @@ -1058,7 +1058,6 @@ function common_log($priority, $msg, $filename=null) } } else { common_ensure_syslog(); - error_log($msg); syslog($priority, $msg); } } -- cgit v1.2.3-54-g00ecf