]> git.mxchange.org Git - friendica.git/blob - mod/openid.php
projects / friendica.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Fix OpenID login
[friendica.git] / mod / openid.php
1 <?php
2
3
4 require_once('library/openid.php');
5
6
7 function openid_content(&$a) {
8
9         $noid = get_config('system','no_openid');
10         if($noid)
11                 goaway(z_root());
12
13         logger('mod_openid ' . print_r($_REQUEST,true), LOGGER_DATA);
14
15         if((x($_GET,'openid_mode')) && (x($_SESSION,'openid'))) {
16
17                 $openid = new LightOpenID;
18
19                 if($openid->validate()) {
20
21                         #$authid = normalise_openid($_REQUEST['openid_identity']);
22                         $authid = $_REQUEST['openid_identity'];
23
24                         if(! strlen($authid)) {
25                                 logger( t('OpenID protocol error. No ID returned.') . EOL);
26                                 goaway(z_root());
27                         }
28
29                         // NOTE: we search both for normalised and non-normalised form of $authid
30                         //       because the normalization step was removed from setting
31                         //       mod/settings.php in 8367cad so it might have left mixed
32                         //       records in the user table
33                         //
34                         $r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey` 
35                                 FROM `user` WHERE ( openid = '%s' OR openid = '%s' ) AND blocked = 0
36                                 AND `account_expired` = 0 AND `account_removed` = 0 AND `verified` = 1 LIMIT 1",
37                                 dbesc($authid), dbesc(normalise_openid($authid))
38                         );
39
40                         if($r && count($r)) {
41
42                                 // successful OpenID login
43
44                                 unset($_SESSION['openid']);
45
46                                 require_once('include/security.php');
47                                 authenticate_success($r[0],true,true);
48
49                                 // just in case there was no return url set 
50                                 // and we fell through
51
52                                 goaway(z_root());
53                         }
54
55                         // Successful OpenID login - but we can't match it to an existing account.
56                         // New registration?
57
58                         if($a->config['register_policy'] == REGISTER_CLOSED) {
59                                 notice( t('Account not found and OpenID registration is not permitted on this site.') . EOL);
60                                 goaway(z_root());
61                         }
62
63                         unset($_SESSION['register']);
64                         $args = '';
65                         $attr = $openid->getAttributes();
66                         if(is_array($attr) && count($attr)) {
67                                 foreach($attr as $k => $v) {
68                                         if($k === 'namePerson/friendly')
69                                                 $nick = notags(trim($v));
70                                         if($k === 'namePerson/first')
71                                                 $first = notags(trim($v));
72                                         if($k === 'namePerson')
73                                                 $args .= '&username=' . notags(trim($v));
74                                         if($k === 'contact/email')
75                                                 $args .= '&email=' . notags(trim($v));
76                                         if($k === 'media/image/aspect11')
77                                                 $photosq = bin2hex(trim($v));
78                                         if($k === 'media/image/default')
79                                                 $photo = bin2hex(trim($v));
80                                 }
81                         }
82                         if($nick)
83                                 $args .= '&nickname=' . $nick;
84                         elseif($first)
85                                 $args .= '&nickname=' . $first;
86
87                         if($photosq)
88                                 $args .= '&photo=' . $photosq;
89                         elseif($photo)
90                                 $args .= '&photo=' . $photo;
91
92                         $args .= '&openid_url=' . notags(trim($authid));
93
94                         goaway($a->get_baseurl() . '/register' . $args);
95
96                         // NOTREACHED
97                 }
98         }
99         notice( t('Login failed.') . EOL);
100         goaway(z_root());
101         // NOTREACHED
102 }
Unnamed repository; edit this file 'description' to name the repository.