lib/openid.php

   1 <?php
   2 /*
   3  * Laconica - a distributed open-source microblogging tool
   4  * Copyright (C) 2008, Controlez-Vous, Inc.
   5  *
   6  * This program is free software: you can redistribute it and/or modify
   7  * it under the terms of the GNU Affero General Public License as published by
   8  * the Free Software Foundation, either version 3 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU Affero General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Affero General Public License
  17  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18  */
  19
  20 if (!defined('LACONICA')) { exit(1); }
  21
  22 require_once(INSTALLDIR.'/classes/User_openid.php');
  23
  24 require_once('Auth/OpenID.php');
  25 require_once('Auth/OpenID/Consumer.php');
  26 require_once('Auth/OpenID/SReg.php');
  27 require_once('Auth/OpenID/MySQLStore.php');
  28
  29 function oid_store() {
  30     static $store = NULL;
  31         if (!$store) {
  32                 # Can't be called statically
  33                 $user = new User();
  34                 $conn = $user->getDatabaseConnection();
  35                 $store = new Auth_OpenID_MySQLStore($conn);
  36         }
  37         return $store;
  38 }
  39
  40 function oid_consumer() {
  41         $store = oid_store();
  42         $consumer = new Auth_OpenID_Consumer($store);
  43         return $consumer;
  44 }
  45
  46 function oid_link_user($id, $canonical, $display) {
  47
  48         $oid = new User_openid();
  49         $oid->user_id = $id;
  50         $oid->canonical = $canonical;
  51         $oid->display = $display;
  52         $oid->created = DB_DataObject_Cast::dateTime();
  53
  54         if (!$oid->insert()) {
  55                 $err = PEAR::getStaticProperty('DB_DataObject','lastError');
  56                 common_debug('DB error ' . $err->code . ': ' . $err->message, __FILE__);
  57                 return false;
  58         }
  59
  60         return true;
  61 }
  62
  63 function oid_authenticate($openid_url, $returnto) {
  64
  65         $consumer = oid_consumer();
  66
  67         if (!$consumer) {
  68                 common_server_error(_t('Cannot instantiate OpenID consumer object.'));
  69                 return false;
  70         }
  71
  72         common_ensure_session();
  73
  74         $auth_request = $consumer->begin($openid_url);
  75
  76         // Handle failure status return values.
  77         if (!$auth_request) {
  78                 return _t('Not a valid OpenID.');
  79         } else if (Auth_OpenID::isFailure($auth_request)) {
  80                 return _t('OpenID failure: ') . $auth_request->message;
  81         }
  82
  83         $sreg_request = Auth_OpenID_SRegRequest::build(// Required
  84                                                                                                    array(),
  85                                                                                                    // Optional
  86                                                                                                    array('nickname',
  87                                                                                                                  'email',
  88                                                                                                                  'fullname',
  89                                                                                                                  'language',
  90                                                                                                                  'timezone',
  91                                                                                                                  'postcode',
  92                                                                                                                  'country'));
  93
  94         if ($sreg_request) {
  95                 $auth_request->addExtension($sreg_request);
  96         }
  97
  98         $trust_root = common_local_url('public');
  99         $process_url = common_local_url($returnto);
 100
 101         if ($auth_request->shouldSendRedirect()) {
 102                 $redirect_url = $auth_request->redirectURL($trust_root,
 103                                                                                                    $process_url);
 104                 if (!$redirect_url) {
 105                 } else if (Auth_OpenID::isFailure($redirect_url)) {
 106                         return _t('Could not redirect to server: ') . $redirect_url->message;
 107                 } else {
 108                         common_redirect($redirect_url);
 109                 }
 110         } else {
 111                 // Generate form markup and render it.
 112                 $form_id = 'openid_message';
 113                 $form_html = $auth_request->formMarkup($trust_root, $process_url,
 114                                                                                            false, array('id' => $form_id));
 115
 116                 # XXX: This is cheap, but things choke if we don't escape ampersands
 117                 # in the HTML attributes
 118
 119                 $form_html = preg_replace('/&/', '&amp;', $form_html);
 120
 121                 // Display an error if the form markup couldn't be generated;
 122                 // otherwise, render the HTML.
 123                 if (Auth_OpenID::isFailure($form_html)) {
 124                         $this->show_form(_t('Could not create OpenID form: ') . $form_html->message);
 125                 } else {
 126                         common_show_header(_t('OpenID Auto-Submit'));
 127                         common_element('p', 'instructions',
 128                                                    _t('This form should automatically submit itself. '.
 129                                                           'If not, click the submit button to go to your '.
 130                                                           'OpenID provider.'));
 131                         common_raw($form_html);
 132                         common_element('script', NULL,
 133                                                    '$(document).ready(function() { ' .
 134                                                    '    $("#'. $form_id .'").submit(); '.
 135                                                    '});');
 136                         common_show_footer();
 137                 }
 138         }
 139 }