diff options
Diffstat (limited to 'plugins/OpenID/OpenIDPlugin.php')
-rw-r--r-- | plugins/OpenID/OpenIDPlugin.php | 127 |
1 files changed, 101 insertions, 26 deletions
diff --git a/plugins/OpenID/OpenIDPlugin.php b/plugins/OpenID/OpenIDPlugin.php index a033a5010..d8127aa68 100644 --- a/plugins/OpenID/OpenIDPlugin.php +++ b/plugins/OpenID/OpenIDPlugin.php @@ -46,7 +46,6 @@ if (!defined('STATUSNET')) { * @link http://status.net/ * @link http://openid.net/ */ - class OpenIDPlugin extends Plugin { // Plugin parameter: set true to disallow non-OpenID logins @@ -60,7 +59,6 @@ class OpenIDPlugin extends Plugin global $config; $config['site']['openidonly'] = (bool)$this->openidOnly; } - } /** @@ -72,7 +70,6 @@ class OpenIDPlugin extends Plugin * * @return boolean hook return */ - function onStartInitializeRouter($m) { $m->connect('main/openid', array('action' => 'openidlogin')); @@ -98,7 +95,6 @@ class OpenIDPlugin extends Plugin * * @return boolean hook return */ - function onStartConnectPath(&$path, &$defaults, &$rules, &$result) { if (common_config('site', 'openidonly')) { @@ -127,7 +123,6 @@ class OpenIDPlugin extends Plugin * * @return boolean hook return */ - function onArgsInitialize($args) { if (common_config('site', 'openidonly')) { @@ -158,7 +153,6 @@ class OpenIDPlugin extends Plugin * * @return boolean hook return */ - function onEndPublicXRDS($action, &$xrdsOutputter) { $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', @@ -189,7 +183,6 @@ class OpenIDPlugin extends Plugin * * @return boolean hook return */ - function onEndUserXRDS($action, &$xrdsOutputter) { $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', @@ -218,7 +211,6 @@ class OpenIDPlugin extends Plugin * * @return boolean hook return */ - function onStartPrimaryNav($action) { if (common_config('site', 'openidonly') && !common_logged_in()) { @@ -260,7 +252,6 @@ class OpenIDPlugin extends Plugin * * @return boolean hook return */ - function onStartLoginGroupNav(&$action) { if (common_config('site', 'openidonly')) { @@ -281,7 +272,6 @@ class OpenIDPlugin extends Plugin * * @return boolean hook return */ - function onEndLoginGroupNav(&$action) { $this->showOpenIDLoginTab($action); @@ -296,7 +286,6 @@ class OpenIDPlugin extends Plugin * * @return void */ - function showOpenIDLoginTab($action) { $action_name = $action->trimmed('action'); @@ -319,7 +308,6 @@ class OpenIDPlugin extends Plugin * * @return void */ - function onStartAccountSettingsPasswordMenuItem($menu, &$unused) { if (common_config('site', 'openidonly')) { return false; @@ -334,7 +322,6 @@ class OpenIDPlugin extends Plugin * * @return boolean hook return */ - function onEndAccountSettingsNav(&$action) { $action_name = $action->trimmed('action'); @@ -358,7 +345,6 @@ class OpenIDPlugin extends Plugin * * @return boolean hook return */ - function onAutoload($cls) { switch ($cls) @@ -400,7 +386,6 @@ class OpenIDPlugin extends Plugin * * @return boolean hook return */ - function onSensitiveAction($action, &$ssl) { switch ($action) @@ -424,7 +409,6 @@ class OpenIDPlugin extends Plugin * * @return boolean hook return */ - function onLoginAction($action, &$login) { switch ($action) @@ -447,7 +431,6 @@ class OpenIDPlugin extends Plugin * * @return void */ - function onEndShowHeadElements($action) { if ($action instanceof ShowstreamAction) { @@ -471,7 +454,6 @@ class OpenIDPlugin extends Plugin * * @return boolean whether to continue */ - function onRedirectToLogin($action, $user) { if (common_config('site', 'openid_only') || (!empty($user) && User_openid::hasOpenID($user->id))) { @@ -488,7 +470,6 @@ class OpenIDPlugin extends Plugin * * @return boolean hook value */ - function onEndShowPageNotice($action) { $name = $action->trimmed('action'); @@ -527,7 +508,6 @@ class OpenIDPlugin extends Plugin * * @return boolean hook value */ - function onStartLoadDoc(&$title, &$output) { if ($title == 'openid') { @@ -549,7 +529,6 @@ class OpenIDPlugin extends Plugin * * @return boolean hook value */ - function onEndLoadDoc($title, &$output) { if ($title == 'help') { @@ -568,7 +547,6 @@ class OpenIDPlugin extends Plugin * * @return boolean hook value */ - function onCheckSchema() { $schema = Schema::get(); @@ -601,7 +579,6 @@ class OpenIDPlugin extends Plugin * * @return boolean hook value */ - function onUserDeleteRelated($user, &$tables) { $tables[] = 'User_openid'; @@ -616,7 +593,6 @@ class OpenIDPlugin extends Plugin * * @return boolean hook value */ - function onEndAdminPanelNav($nav) { if (AdminPanelAction::canAdmin('openid')) { @@ -625,7 +601,9 @@ class OpenIDPlugin extends Plugin $nav->out->menuItem( common_local_url('openidadminpanel'), - _m('OpenID'), + // TRANS: OpenID configuration menu item. + _m('MENU','OpenID'), + // TRANS: Tooltip for OpenID configuration menu item. _m('OpenID configuration'), $action_name == 'openidadminpanel', 'nav_openid_admin_panel' @@ -642,7 +620,6 @@ class OpenIDPlugin extends Plugin * * @return boolean hook value */ - function onPluginVersion(&$versions) { $versions[] = array('name' => 'OpenID', @@ -654,4 +631,102 @@ class OpenIDPlugin extends Plugin _m('Use <a href="http://openid.net/">OpenID</a> to login to the site.')); return true; } + + function onStartOAuthLoginForm($action, &$button) + { + if (common_config('site', 'openidonly')) { + // Cancel the regular password login form, we won't need it. + $this->showOAuthLoginForm($action); + // TRANS: button label for OAuth authorization page when needing OpenID authentication first. + $button = _m('BUTTON', 'Continue'); + return false; + } else { + // Leave the regular password login form in place. + // We'll add an OpenID link at bottom...? + return true; + } + } + + /** + * @fixme merge with common code for main OpenID login form + * @param HTMLOutputter $action + */ + protected function showOAuthLoginForm($action) + { + $action->elementStart('fieldset'); + // TRANS: OpenID plugin logon form legend. + $action->element('legend', null, _m('OpenID login')); + + $action->elementStart('ul', 'form_data'); + $action->elementStart('li'); + $provider = common_config('openid', 'trusted_provider'); + $appendUsername = common_config('openid', 'append_username'); + if ($provider) { + // TRANS: Field label. + $action->element('label', array(), _m('OpenID provider')); + $action->element('span', array(), $provider); + if ($appendUsername) { + $action->element('input', array('id' => 'openid_username', + 'name' => 'openid_username', + 'style' => 'float: none')); + } + $action->element('p', 'form_guide', + // TRANS: Form guide. + ($appendUsername ? _m('Enter your username.') . ' ' : '') . + // TRANS: Form guide. + _m('You will be sent to the provider\'s site for authentication.')); + $action->hidden('openid_url', $provider); + } else { + // TRANS: OpenID plugin logon form field label. + $action->input('openid_url', _m('OpenID URL'), + '', + // TRANS: OpenID plugin logon form field instructions. + _m('Your OpenID URL')); + } + $action->elementEnd('li'); + $action->elementEnd('ul'); + + $action->elementEnd('fieldset'); + } + + /** + * Handle a POST user credential check in apioauthauthorization. + * If given an OpenID URL, we'll pass us over to the regular things + * and then redirect back here on completion. + * + * @fixme merge with common code for main OpenID login form + * @param HTMLOutputter $action + */ + function onStartOAuthLoginCheck($action, &$user) + { + $provider = common_config('openid', 'trusted_provider'); + if ($provider) { + $openid_url = $provider; + if (common_config('openid', 'append_username')) { + $openid_url .= $action->trimmed('openid_username'); + } + } else { + $openid_url = $action->trimmed('openid_url'); + } + + if ($openid_url) { + require_once dirname(__FILE__) . '/openid.php'; + oid_assert_allowed($openid_url); + + $returnto = common_local_url('ApiOauthAuthorize', array(), + array('oauth_token' => $action->arg('oauth_token'))); + common_set_returnto($returnto); + + // This will redirect if functional... + $result = oid_authenticate($openid_url, + 'finishopenidlogin'); + if (is_string($result)) { # error message + throw new ServerException($result); + } else { + exit(0); + } + } + + return true; + } } |