| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Spotted by The Evil IP address.
|
|
|
|
|
|
errors when .php files get spidered.
|
|
|
|
|
|
'register' actions from the routing system entirely, which meant that login links & redirects from unauthenticated views on private sites (as well as various re-auth situations even on non-private sites) would break and send to the main page instead.
Changed it to leave the 'login' and 'register' actions in the system; we're already taking them over and redirecting them to the OpenID login page, so they won't be reached by accident; but now those redirects can be reached on purpose. ;)
Better long-term fix may be to allow some aliasing, so we can have common_local_url('login') actually send us straight to the OpenID login page instead of having to go through an intermediate redirect, but this'll do.
|
|
* adding the fuzzy messages back now that translatewiki.net processes them properly again.
|
|
* first export of L10n for languages other than English. Could use some testing/QA.
|
|
|
|
|
|
|
|
The Net::OpenID::Server perl module that LJ uses appears to be very picky about input, and rejects most request types unless the data comes in as GET parameters (apparently following OpenID 1.1 rules, rather than OpenID 2.0 rules which permit any request to be POSTed but requires that if so, the data must all be in the POST body).
Apparently something got updated on LJ at some point that's either added that behavior or (more likely) added the OpenID 2.0 namespace info to discovery, which tells the Janrain-based OpenID libraries that they should go ahead and do POST requests instead of redirects to GET requests... thus breaking everything. ;)
GET should be just fine for both 1.1 and 2.0 though, and also saves having to sit through that lame autosubmit page.
Switched the authentication submission from checking whether it should redirect to GET or do a form POST, to simply always doing the redirect to GET.
Tested against providers:
* LiveJournal
* Google
* LaunchPad
* identi.ca
|
|
Conflicts:
plugins/OpenID/openidserver.php
|
|
data resubmission if we were sent here from a POST request, such as when verifying the site for the first time doing an OpenID login from Drupal.
|
|
Conflicts:
plugins/OpenID/openid.php
|
|
provider's base URL. Good for hooking up with sites like WikiHow, where usernames are appended to a base URL to get a profile URL which is used as the provider.
$config['openid']['append_username'] = true;
or check 'Append a username to base URL' in OpenID admin panel.
|
|
|
|
Conflicts:
lib/language.php
plugins/OpenID/finishaddopenid.php
|
|
|
|
registering or adding account with OpenID. (Full name, location, homepage, and bio are also on the profile page but not marked up in a way they can be easily retrieved yet.)
OpenID plugin: Added events at OpenID account creation and update time to allow additional customizations for particular sites.
|
|
Conflicts:
plugins/OpenID/openidlogin.php
|
|
restrictions. Added an admin panel for setting these and OpenID-only mode, off by default.
To enable the admin panel:
$config['admin']['panels'][] = 'openid';
Or to set them manually:
$config['openid']['trusted_provider'] = 'https://login.ubuntu.net/';
$config['openid']['required_team'] = 'my-project-cabal';
$config['site']['openidonly'] = true;
OpenID-only mode can still be set from addPlugin() parameters as well for backwards compatibility.
Note: if it's set there, that value will override the setting from the database or config.php.
Note that team restrictions are only really meaningful if a trusted provider is set; otherwise,
any OpenID server could report back that users are members of the given team.
Restrictions are checked only at OpenID authentication time and will not kick off people currently
with a session open; existing remembered logins may also survive these changes.
Using code for Launchpad team support provided by Canonical under AGPLv3, pulled from r27 of
WordPress teams integration plugin:
https://code.edge.launchpad.net/~canonical-isd-hackers/wordpress-teams-integration/trunk
|
|
|
|
|
|
|
|
in Commit:d811f14bedc260adcfdd0eb8216eba06e9610144
Signed-off-by: Siebrand Mazeland <s.mazeland@xs4all.nl>
|
|
|
|
|
|
|
|
Conflicts:
index.php
|
|
|
|
* throwing in our spinner
* cleanup of texts
* "If this doesn't go through click the button" instead of just a mystery button
* slightly faster submission: immediate at end of page rather than waiting for jQuery to confirm document setup completion
|
|
|
|
registration form.
Note that much of that form is duplicated several times for Twitter, Facebook, and OpenID registrations -- these need to be refactored to avoid having multiple out-of-sync copies of code and messages.
|
|
registration form.
Note that much of that form is duplicated several times for Twitter, Facebook, and OpenID registrations -- these need to be refactored to avoid having multiple out-of-sync copies of code and messages.
|
|
destination page
|
|
* added locale/en/LC_MESSAGES/statusnet.po to make it easier to start customizing English texts
* added notes to locale/README about customizing and how to disable languages you haven't customized
* renamed PO templates from *.po to *.pot to match general conventions and reduce confusion for people trying to find which file they're supposed to edit
|
|
|
|
|
|
|
|
|
|
|
|
- avoid notice spew when checking sreg items that weren't provided
- fix keys spec for user_openid, clears up problems with removing openid associations
- fix keys spec for user_openid_trustroot
|
|
|
|
|
|
- avoid notice on insert (missing sequenceKeys())
- avoid cache corruption on delete (user_id was missing from keys list, cache not cleared for user_id lookups)
|
|
|
|
Conflicts:
db/08to09.sql
locale/statusnet.po
scripts/update_po_templates.php
|
