plugins/OpenID/OpenIDPlugin.php

   1 <?php
   2 /**
   3  * StatusNet, the distributed open-source microblogging tool
   4  *
   5  * PHP version 5
   6  *
   7  * LICENCE: This program is free software: you can redistribute it and/or modify
   8  * it under the terms of the GNU Affero General Public License as published by
   9  * the Free Software Foundation, either version 3 of the License, or
  10  * (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU Affero General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU Affero General Public License
  18  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  19  *
  20  * @category  Plugin
  21  * @package   StatusNet
  22  * @author    Evan Prodromou <evan@status.net>
  23  * @copyright 2009 StatusNet, Inc.
  24  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  25  * @link      http://status.net/
  26  */
  27
  28 if (!defined('STATUSNET')) {
  29     exit(1);
  30 }
  31
  32 /**
  33  * Plugin for OpenID authentication and identity
  34  *
  35  * This class enables consumer support for OpenID, the distributed authentication
  36  * and identity system.
  37  *
  38  * @category Plugin
  39  * @package  StatusNet
  40  * @author   Evan Prodromou <evan@status.net>
  41  * @license  http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  42  * @link     http://status.net/
  43  * @link     http://openid.net/
  44  */
  45
  46 class OpenIDPlugin extends Plugin
  47 {
  48     /**
  49      * Initializer for the plugin.
  50      */
  51
  52     function __construct()
  53     {
  54         parent::__construct();
  55     }
  56
  57     /**
  58      * Add OpenID-related paths to the router table
  59      *
  60      * Hook for RouterInitialized event.
  61      *
  62      * @return boolean hook return
  63      */
  64
  65     function onStartInitializeRouter($m)
  66     {
  67         $m->connect('main/openid', array('action' => 'openidlogin'));
  68         $m->connect('main/openidtrust', array('action' => 'openidtrust'));
  69         $m->connect('settings/openid', array('action' => 'openidsettings'));
  70         $m->connect('index.php?action=finishopenidlogin', array('action' => 'finishopenidlogin'));
  71         $m->connect('index.php?action=finishaddopenid', array('action' => 'finishaddopenid'));
  72         $m->connect('main/openidserver', array('action' => 'openidserver'));
  73
  74         return true;
  75     }
  76
  77     function onEndPublicXRDS($action, &$xrdsOutputter)
  78     {
  79         $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
  80                                           'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
  81                                           'version' => '2.0'));
  82         $xrdsOutputter->element('Type', null, 'xri://$xrds*simple');
  83         //consumer
  84         foreach (array('finishopenidlogin', 'finishaddopenid') as $finish) {
  85             $xrdsOutputter->showXrdsService(Auth_OpenID_RP_RETURN_TO_URL_TYPE,
  86                                 common_local_url($finish));
  87         }
  88         //provider
  89         $xrdsOutputter->showXrdsService('http://specs.openid.net/auth/2.0/server',
  90                             common_local_url('openidserver'),
  91                             null,
  92                             null,
  93                             'http://specs.openid.net/auth/2.0/identifier_select');
  94         $xrdsOutputter->elementEnd('XRD');
  95     }
  96
  97     function onEndUserXRDS($action, &$xrdsOutputter)
  98     {
  99         $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
 100                                           'xml:id' => 'openid',
 101                                           'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
 102                                           'version' => '2.0'));
 103         $xrdsOutputter->element('Type', null, 'xri://$xrds*simple');
 104
 105         //consumer
 106         $xrdsOutputter->showXrdsService('http://specs.openid.net/auth/2.0/return_to',
 107                             common_local_url('finishopenidlogin'));
 108
 109         //provider
 110         $xrdsOutputter->showXrdsService('http://specs.openid.net/auth/2.0/signon',
 111                             common_local_url('openidserver'),
 112                             null,
 113                             null,
 114                             common_profile_url($action->user->nickname));
 115         $xrdsOutputter->elementEnd('XRD');
 116     }
 117
 118     function onEndLoginGroupNav(&$action)
 119     {
 120         $action_name = $action->trimmed('action');
 121
 122         $action->menuItem(common_local_url('openidlogin'),
 123                           _m('OpenID'),
 124                           _m('Login or register with OpenID'),
 125                           $action_name === 'openidlogin');
 126
 127         return true;
 128     }
 129
 130     function onEndAccountSettingsNav(&$action)
 131     {
 132         $action_name = $action->trimmed('action');
 133
 134         $action->menuItem(common_local_url('openidsettings'),
 135                           _m('OpenID'),
 136                           _m('Add or remove OpenIDs'),
 137                           $action_name === 'openidsettings');
 138
 139         return true;
 140     }
 141
 142     function onAutoload($cls)
 143     {
 144         switch ($cls)
 145         {
 146          case 'OpenidloginAction':
 147          case 'FinishopenidloginAction':
 148          case 'FinishaddopenidAction':
 149          case 'XrdsAction':
 150          case 'PublicxrdsAction':
 151          case 'OpenidsettingsAction':
 152          case 'OpenidserverAction':
 153          case 'OpenidtrustAction':
 154             require_once(INSTALLDIR.'/plugins/OpenID/' . strtolower(mb_substr($cls, 0, -6)) . '.php');
 155             return false;
 156          case 'User_openid':
 157             require_once(INSTALLDIR.'/plugins/OpenID/User_openid.php');
 158             return false;
 159          case 'User_openid_trustroot':
 160             require_once(INSTALLDIR.'/plugins/OpenID/User_openid_trustroot.php');
 161             return false;
 162          default:
 163             return true;
 164         }
 165     }
 166
 167     function onSensitiveAction($action, &$ssl)
 168     {
 169         switch ($action)
 170         {
 171          case 'finishopenidlogin':
 172          case 'finishaddopenid':
 173             $ssl = true;
 174             return false;
 175          default:
 176             return true;
 177         }
 178     }
 179
 180     function onLoginAction($action, &$login)
 181     {
 182         switch ($action)
 183         {
 184          case 'openidlogin':
 185          case 'finishopenidlogin':
 186          case 'openidserver':
 187             $login = true;
 188             return false;
 189          default:
 190             return true;
 191         }
 192     }
 193
 194     /**
 195      * We include a <meta> element linking to the publicxrds page, for OpenID
 196      * client-side authentication.
 197      *
 198      * @return void
 199      */
 200
 201     function onEndShowHeadElements($action)
 202     {
 203         if($action instanceof ShowstreamAction){
 204             $action->element('link', array('rel' => 'openid2.provider',
 205                                            'href' => common_local_url('openidserver')));
 206             $action->element('link', array('rel' => 'openid2.local_id',
 207                                            'href' => $action->profile->profileurl));
 208             $action->element('link', array('rel' => 'openid.server',
 209                                            'href' => common_local_url('openidserver')));
 210             $action->element('link', array('rel' => 'openid.delegate',
 211                                            'href' => $action->profile->profileurl));
 212         }
 213         return true;
 214     }
 215
 216     /**
 217      * Redirect to OpenID login if they have an OpenID
 218      *
 219      * @return boolean whether to continue
 220      */
 221
 222     function onRedirectToLogin($action, $user)
 223     {
 224         if (!empty($user) && User_openid::hasOpenID($user->id)) {
 225             common_redirect(common_local_url('openidlogin'), 303);
 226             return false;
 227         }
 228         return true;
 229     }
 230
 231     function onEndShowPageNotice($action)
 232     {
 233         $name = $action->trimmed('action');
 234
 235         switch ($name)
 236         {
 237          case 'register':
 238             $instr = '(Have an [OpenID](http://openid.net/)? ' .
 239               'Try our [OpenID registration]'.
 240               '(%%action.openidlogin%%)!)';
 241             break;
 242          case 'login':
 243             $instr = '(Have an [OpenID](http://openid.net/)? ' .
 244               'Try our [OpenID login]'.
 245               '(%%action.openidlogin%%)!)';
 246             break;
 247          default:
 248             return true;
 249         }
 250
 251         $output = common_markup_to_html($instr);
 252         $action->raw($output);
 253         return true;
 254     }
 255
 256     function onStartLoadDoc(&$title, &$output)
 257     {
 258         if ($title == 'openid')
 259         {
 260             $filename = INSTALLDIR.'/plugins/OpenID/doc-src/openid';
 261
 262             $c = file_get_contents($filename);
 263             $output = common_markup_to_html($c);
 264             return false; // success!
 265         }
 266
 267         return true;
 268     }
 269
 270     function onEndLoadDoc($title, &$output)
 271     {
 272         if ($title == 'help')
 273         {
 274             $menuitem = '* [OpenID](%%doc.openid%%) - what OpenID is and how to use it with this service';
 275
 276             $output .= common_markup_to_html($menuitem);
 277         }
 278
 279         return true;
 280     }
 281
 282     function onCheckSchema() {
 283         $schema = Schema::get();
 284         $schema->ensureTable('user_openid',
 285                              array(new ColumnDef('canonical', 'varchar',
 286                                                  '255', false, 'PRI'),
 287                                    new ColumnDef('display', 'varchar',
 288                                                  '255', false, 'UNI'),
 289                                    new ColumnDef('user_id', 'integer',
 290                                                  null, false, 'MUL'),
 291                                    new ColumnDef('created', 'datetime',
 292                                                  null, false),
 293                                    new ColumnDef('modified', 'timestamp')));
 294         $schema->ensureTable('user_openid_trustroot',
 295                              array(new ColumnDef('trustroot', 'varchar',
 296                                                  '255', false, 'PRI'),
 297                                    new ColumnDef('user_id', 'integer',
 298                                                  null, false, 'PRI'),
 299                                    new ColumnDef('created', 'datetime',
 300                                                  null, false),
 301                                    new ColumnDef('modified', 'timestamp')));
 302         return true;
 303     }
 304
 305     function onUserDeleteRelated($user, &$tables)
 306     {
 307         $tables[] = 'User_openid';
 308         $tables[] = 'User_openid_trustroot';
 309         return true;
 310     }
 311
 312     function onPluginVersion(&$versions)
 313     {
 314         $versions[] = array('name' => 'OpenID',
 315                             'version' => STATUSNET_VERSION,
 316                             'author' => 'Evan Prodromou, Craig Andrews',
 317                             'homepage' => 'http://status.net/wiki/Plugin:OpenID',
 318                             'rawdescription' =>
 319                             _m('Use <a href="http://openid.net/">OpenID</a> to login to the site.'));
 320         return true;
 321     }
 322 }