plugins/OpenID/OpenIDPlugin.php

   1 <?php
   2 /**
   3  * StatusNet, the distributed open-source microblogging tool
   4  *
   5  * PHP version 5
   6  *
   7  * LICENCE: This program is free software: you can redistribute it and/or modify
   8  * it under the terms of the GNU Affero General Public License as published by
   9  * the Free Software Foundation, either version 3 of the License, or
  10  * (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU Affero General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU Affero General Public License
  18  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  19  *
  20  * @category  Plugin
  21  * @package   StatusNet
  22  * @author    Evan Prodromou <evan@status.net>
  23  * @copyright 2009 StatusNet, Inc.
  24  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  25  * @link      http://status.net/
  26  */
  27
  28 if (!defined('STATUSNET')) {
  29     exit(1);
  30 }
  31
  32 /**
  33  * Plugin for OpenID authentication and identity
  34  *
  35  * This class enables consumer support for OpenID, the distributed authentication
  36  * and identity system.
  37  *
  38  * @category Plugin
  39  * @package  StatusNet
  40  * @author   Evan Prodromou <evan@status.net>
  41  * @license  http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  42  * @link     http://status.net/
  43  * @link     http://openid.net/
  44  */
  45
  46 class OpenIDPlugin extends Plugin
  47 {
  48     /**
  49      * Initializer for the plugin.
  50      */
  51
  52     function __construct()
  53     {
  54         parent::__construct();
  55     }
  56
  57     /**
  58      * Add OpenID-related paths to the router table
  59      *
  60      * Hook for RouterInitialized event.
  61      *
  62      * @return boolean hook return
  63      */
  64
  65     function onStartInitializeRouter($m)
  66     {
  67         $m->connect('main/openid', array('action' => 'openidlogin'));
  68         $m->connect('main/openidtrust', array('action' => 'openidtrust'));
  69         $m->connect('settings/openid', array('action' => 'openidsettings'));
  70         $m->connect('index.php?action=finishopenidlogin', array('action' => 'finishopenidlogin'));
  71         $m->connect('index.php?action=finishaddopenid', array('action' => 'finishaddopenid'));
  72         $m->connect('main/openidserver', array('action' => 'openidserver'));
  73
  74         return true;
  75     }
  76
  77     function onEndPublicXRDS($action, &$xrdsOutputter)
  78     {
  79         $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
  80                                           'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
  81                                           'version' => '2.0'));
  82         $xrdsOutputter->element('Type', null, 'xri://$xrds*simple');
  83         //consumer
  84         foreach (array('finishopenidlogin', 'finishaddopenid') as $finish) {
  85             $xrdsOutputter->showXrdsService(Auth_OpenID_RP_RETURN_TO_URL_TYPE,
  86                                 common_local_url($finish));
  87         }
  88         //provider
  89         $xrdsOutputter->showXrdsService('http://specs.openid.net/auth/2.0/server',
  90                             common_local_url('openidserver'),
  91                             null,
  92                             null,
  93                             'http://specs.openid.net/auth/2.0/identifier_select');
  94         $xrdsOutputter->elementEnd('XRD');
  95     }
  96
  97     function onEndUserXRDS($action, &$xrdsOutputter)
  98     {
  99         $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
 100                                           'xml:id' => 'openid',
 101                                           'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
 102                                           'version' => '2.0'));
 103         $xrdsOutputter->element('Type', null, 'xri://$xrds*simple');
 104
 105         //consumer
 106         $xrdsOutputter->showXrdsService('http://specs.openid.net/auth/2.0/return_to',
 107                             common_local_url('finishopenidlogin'));
 108
 109         //provider
 110         $xrdsOutputter->showXrdsService('http://specs.openid.net/auth/2.0/signon',
 111                             common_local_url('openidserver'),
 112                             null,
 113                             null,
 114                             common_profile_url($action->user->nickname));
 115         $xrdsOutputter->elementEnd('XRD');
 116     }
 117
 118     function onEndLoginGroupNav(&$action)
 119     {
 120         $action_name = $action->trimmed('action');
 121
 122         $action->menuItem(common_local_url('openidlogin'),
 123                           _('OpenID'),
 124                           _('Login or register with OpenID'),
 125                           $action_name === 'openidlogin');
 126
 127         return true;
 128     }
 129
 130     function onEndAccountSettingsNav(&$action)
 131     {
 132         $action_name = $action->trimmed('action');
 133
 134         $action->menuItem(common_local_url('openidsettings'),
 135                           _('OpenID'),
 136                           _('Add or remove OpenIDs'),
 137                           $action_name === 'openidsettings');
 138
 139         return true;
 140     }
 141
 142     function onAutoload($cls)
 143     {
 144         switch ($cls)
 145         {
 146          case 'OpenidloginAction':
 147          case 'FinishopenidloginAction':
 148          case 'FinishaddopenidAction':
 149          case 'XrdsAction':
 150          case 'PublicxrdsAction':
 151          case 'OpenidsettingsAction':
 152          case 'OpenidserverAction':
 153             require_once(INSTALLDIR.'/plugins/OpenID/' . strtolower(mb_substr($cls, 0, -6)) . '.php');
 154             return false;
 155          case 'User_openid':
 156             require_once(INSTALLDIR.'/plugins/OpenID/User_openid.php');
 157             return false;
 158          default:
 159             return true;
 160         }
 161     }
 162
 163     function onSensitiveAction($action, &$ssl)
 164     {
 165         switch ($action)
 166         {
 167          case 'finishopenidlogin':
 168          case 'finishaddopenid':
 169             $ssl = true;
 170             return false;
 171          default:
 172             return true;
 173         }
 174     }
 175
 176     function onLoginAction($action, &$login)
 177     {
 178         switch ($action)
 179         {
 180          case 'openidlogin':
 181          case 'finishopenidlogin':
 182             $login = true;
 183             return false;
 184          default:
 185             return true;
 186         }
 187     }
 188
 189     /**
 190      * We include a <meta> element linking to the publicxrds page, for OpenID
 191      * client-side authentication.
 192      *
 193      * @return void
 194      */
 195
 196     function onEndShowHeadElements($action)
 197     {
 198         if($action instanceof ShowstreamAction){
 199             $action->element('link', array('rel' => 'openid2.provider',
 200                                            'href' => common_local_url('openidserver')));
 201             $action->element('link', array('rel' => 'openid2.local_id',
 202                                            'href' => $action->profile->profileurl));
 203             $action->element('link', array('rel' => 'openid.server',
 204                                            'href' => common_local_url('openidserver')));
 205             $action->element('link', array('rel' => 'openid.delegate',
 206                                            'href' => $action->profile->profileurl));
 207         }
 208         return true;
 209     }
 210
 211     /**
 212      * Redirect to OpenID login if they have an OpenID
 213      *
 214      * @return boolean whether to continue
 215      */
 216
 217     function onRedirectToLogin($action, $user)
 218     {
 219         if (!empty($user) && User_openid::hasOpenID($user->id)) {
 220             common_redirect(common_local_url('openidlogin'), 303);
 221             return false;
 222         }
 223         return true;
 224     }
 225
 226     function onEndShowPageNotice($action)
 227     {
 228         $name = $action->trimmed('action');
 229
 230         switch ($name)
 231         {
 232          case 'register':
 233             $instr = '(Have an [OpenID](http://openid.net/)? ' .
 234               'Try our [OpenID registration]'.
 235               '(%%action.openidlogin%%)!)';
 236             break;
 237          case 'login':
 238             $instr = '(Have an [OpenID](http://openid.net/)? ' .
 239               'Try our [OpenID login]'.
 240               '(%%action.openidlogin%%)!)';
 241             break;
 242          default:
 243             return true;
 244         }
 245
 246         $output = common_markup_to_html($instr);
 247         $action->raw($output);
 248         return true;
 249     }
 250
 251     function onStartLoadDoc(&$title, &$output)
 252     {
 253         if ($title == 'openid')
 254         {
 255             $filename = INSTALLDIR.'/plugins/OpenID/doc-src/openid';
 256
 257             $c = file_get_contents($filename);
 258             $output = common_markup_to_html($c);
 259             return false; // success!
 260         }
 261
 262         return true;
 263     }
 264
 265     function onEndLoadDoc($title, &$output)
 266     {
 267         if ($title == 'help')
 268         {
 269             $menuitem = '* [OpenID](%%doc.openid%%) - what OpenID is and how to use it with this service';
 270
 271             $output .= common_markup_to_html($menuitem);
 272         }
 273
 274         return true;
 275     }
 276
 277     function onCheckSchema() {
 278         $schema = Schema::get();
 279         $schema->ensureTable('user_openid',
 280                              array(new ColumnDef('canonical', 'varchar',
 281                                                  '255', false, 'PRI'),
 282                                    new ColumnDef('display', 'varchar',
 283                                                  '255', false),
 284                                    new ColumnDef('user_id', 'integer',
 285                                                  null, false, 'MUL'),
 286                                    new ColumnDef('created', 'datetime',
 287                                                  null, false),
 288                                    new ColumnDef('modified', 'timestamp')));
 289         return true;
 290     }
 291 }