plugins/OpenID/OpenIDPlugin.php

   1 <?php
   2 /**
   3  * StatusNet, the distributed open-source microblogging tool
   4  *
   5  * PHP version 5
   6  *
   7  * LICENCE: This program is free software: you can redistribute it and/or modify
   8  * it under the terms of the GNU Affero General Public License as published by
   9  * the Free Software Foundation, either version 3 of the License, or
  10  * (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU Affero General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU Affero General Public License
  18  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  19  *
  20  * @category  Plugin
  21  * @package   StatusNet
  22  * @author    Evan Prodromou <evan@status.net>
  23  * @copyright 2009 StatusNet, Inc.
  24  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  25  * @link      http://status.net/
  26  */
  27
  28 if (!defined('STATUSNET')) {
  29     exit(1);
  30 }
  31
  32 /**
  33  * Plugin for OpenID authentication and identity
  34  *
  35  * This class enables consumer support for OpenID, the distributed authentication
  36  * and identity system.
  37  *
  38  * @category Plugin
  39  * @package  StatusNet
  40  * @author   Evan Prodromou <evan@status.net>
  41  * @license  http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  42  * @link     http://status.net/
  43  * @link     http://openid.net/
  44  */
  45
  46 class OpenIDPlugin extends Plugin
  47 {
  48     /**
  49      * Initializer for the plugin.
  50      */
  51
  52     function __construct()
  53     {
  54         parent::__construct();
  55     }
  56
  57     /**
  58      * Add OpenID-related paths to the router table
  59      *
  60      * Hook for RouterInitialized event.
  61      *
  62      * @return boolean hook return
  63      */
  64
  65     function onStartInitializeRouter($m)
  66     {
  67         $m->connect('main/openid', array('action' => 'openidlogin'));
  68         $m->connect('main/openidtrust', array('action' => 'openidtrust'));
  69         $m->connect('settings/openid', array('action' => 'openidsettings'));
  70         $m->connect('index.php?action=finishopenidlogin', array('action' => 'finishopenidlogin'));
  71         $m->connect('index.php?action=finishaddopenid', array('action' => 'finishaddopenid'));
  72         $m->connect('main/openidserver', array('action' => 'openidserver'));
  73
  74         return true;
  75     }
  76
  77     function onEndPublicXRDS($action, &$xrdsOutputter)
  78     {
  79         $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
  80                                           'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
  81                                           'version' => '2.0'));
  82         $xrdsOutputter->element('Type', null, 'xri://$xrds*simple');
  83         //consumer
  84         foreach (array('finishopenidlogin', 'finishaddopenid') as $finish) {
  85             $xrdsOutputter->showXrdsService(Auth_OpenID_RP_RETURN_TO_URL_TYPE,
  86                                 common_local_url($finish));
  87         }
  88         //provider
  89         $xrdsOutputter->showXrdsService('http://specs.openid.net/auth/2.0/server',
  90                             common_local_url('openidserver'),
  91                             null,
  92                             null,
  93                             'http://specs.openid.net/auth/2.0/identifier_select');
  94         $xrdsOutputter->elementEnd('XRD');
  95     }
  96
  97     function onEndUserXRDS($action, &$xrdsOutputter)
  98     {
  99         $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
 100                                           'xml:id' => 'openid',
 101                                           'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
 102                                           'version' => '2.0'));
 103         $xrdsOutputter->element('Type', null, 'xri://$xrds*simple');
 104
 105         //consumer
 106         $xrdsOutputter->showXrdsService('http://specs.openid.net/auth/2.0/return_to',
 107                             common_local_url('finishopenidlogin'));
 108
 109         //provider
 110         $xrdsOutputter->showXrdsService('http://specs.openid.net/auth/2.0/signon',
 111                             common_local_url('openidserver'),
 112                             null,
 113                             null,
 114                             common_profile_url($action->user->nickname));
 115         $xrdsOutputter->elementEnd('XRD');
 116     }
 117
 118     function onEndLoginGroupNav(&$action)
 119     {
 120         $action_name = $action->trimmed('action');
 121
 122         $action->menuItem(common_local_url('openidlogin'),
 123                           _m('OpenID'),
 124                           _m('Login or register with OpenID'),
 125                           $action_name === 'openidlogin');
 126
 127         return true;
 128     }
 129
 130     function onEndAccountSettingsNav(&$action)
 131     {
 132         $action_name = $action->trimmed('action');
 133
 134         $action->menuItem(common_local_url('openidsettings'),
 135                           _m('OpenID'),
 136                           _m('Add or remove OpenIDs'),
 137                           $action_name === 'openidsettings');
 138
 139         return true;
 140     }
 141
 142     function onAutoload($cls)
 143     {
 144         switch ($cls)
 145         {
 146          case 'OpenidloginAction':
 147          case 'FinishopenidloginAction':
 148          case 'FinishaddopenidAction':
 149          case 'XrdsAction':
 150          case 'PublicxrdsAction':
 151          case 'OpenidsettingsAction':
 152          case 'OpenidserverAction':
 153          case 'OpenidtrustAction':
 154             require_once(INSTALLDIR.'/plugins/OpenID/' . strtolower(mb_substr($cls, 0, -6)) . '.php');
 155             return false;
 156          case 'User_openid':
 157             require_once(INSTALLDIR.'/plugins/OpenID/User_openid.php');
 158             return false;
 159          case 'User_openid_trustroot':
 160             require_once(INSTALLDIR.'/plugins/OpenID/User_openid_trustroot.php');
 161             return false;
 162          default:
 163             return true;
 164         }
 165     }
 166
 167     function onSensitiveAction($action, &$ssl)
 168     {
 169         switch ($action)
 170         {
 171          case 'finishopenidlogin':
 172          case 'finishaddopenid':
 173             $ssl = true;
 174             return false;
 175          default:
 176             return true;
 177         }
 178     }
 179
 180     function onLoginAction($action, &$login)
 181     {
 182         switch ($action)
 183         {
 184          case 'openidlogin':
 185          case 'finishopenidlogin':
 186          case 'openidserver':
 187             $login = true;
 188             return false;
 189          default:
 190             return true;
 191         }
 192     }
 193
 194     /**
 195      * We include a <meta> element linking to the publicxrds page, for OpenID
 196      * client-side authentication.
 197      *
 198      * @return void
 199      */
 200
 201     function onEndShowHeadElements($action)
 202     {
 203         if($action instanceof ShowstreamAction){
 204             $action->element('link', array('rel' => 'openid2.provider',
 205                                            'href' => common_local_url('openidserver')));
 206             $action->element('link', array('rel' => 'openid2.local_id',
 207                                            'href' => $action->profile->profileurl));
 208             $action->element('link', array('rel' => 'openid.server',
 209                                            'href' => common_local_url('openidserver')));
 210             $action->element('link', array('rel' => 'openid.delegate',
 211                                            'href' => $action->profile->profileurl));
 212         }
 213         return true;
 214     }
 215
 216     /**
 217      * Redirect to OpenID login if they have an OpenID
 218      *
 219      * @return boolean whether to continue
 220      */
 221
 222     function onRedirectToLogin($action, $user)
 223     {
 224         if (!empty($user) && User_openid::hasOpenID($user->id)) {
 225             common_redirect(common_local_url('openidlogin'), 303);
 226             return false;
 227         }
 228         return true;
 229     }
 230
 231     function onEndShowPageNotice($action)
 232     {
 233         $name = $action->trimmed('action');
 234
 235         switch ($name)
 236         {
 237          case 'register':
 238             if (common_logged_in()) {
 239                 $instr = '(Have an [OpenID](http://openid.net/)? ' .
 240                   '[Add an OpenID to your account](%%action.openidsettings%%)!';
 241             } else {
 242                 $instr = '(Have an [OpenID](http://openid.net/)? ' .
 243                   'Try our [OpenID registration]'.
 244                   '(%%action.openidlogin%%)!)';
 245             }
 246             break;
 247          case 'login':
 248             $instr = '(Have an [OpenID](http://openid.net/)? ' .
 249               'Try our [OpenID login]'.
 250               '(%%action.openidlogin%%)!)';
 251             break;
 252          default:
 253             return true;
 254         }
 255
 256         $output = common_markup_to_html($instr);
 257         $action->raw($output);
 258         return true;
 259     }
 260
 261     function onStartLoadDoc(&$title, &$output)
 262     {
 263         if ($title == 'openid')
 264         {
 265             $filename = INSTALLDIR.'/plugins/OpenID/doc-src/openid';
 266
 267             $c = file_get_contents($filename);
 268             $output = common_markup_to_html($c);
 269             return false; // success!
 270         }
 271
 272         return true;
 273     }
 274
 275     function onEndLoadDoc($title, &$output)
 276     {
 277         if ($title == 'help')
 278         {
 279             $menuitem = '* [OpenID](%%doc.openid%%) - what OpenID is and how to use it with this service';
 280
 281             $output .= common_markup_to_html($menuitem);
 282         }
 283
 284         return true;
 285     }
 286
 287     function onCheckSchema() {
 288         $schema = Schema::get();
 289         $schema->ensureTable('user_openid',
 290                              array(new ColumnDef('canonical', 'varchar',
 291                                                  '255', false, 'PRI'),
 292                                    new ColumnDef('display', 'varchar',
 293                                                  '255', false, 'UNI'),
 294                                    new ColumnDef('user_id', 'integer',
 295                                                  null, false, 'MUL'),
 296                                    new ColumnDef('created', 'datetime',
 297                                                  null, false),
 298                                    new ColumnDef('modified', 'timestamp')));
 299         $schema->ensureTable('user_openid_trustroot',
 300                              array(new ColumnDef('trustroot', 'varchar',
 301                                                  '255', false, 'PRI'),
 302                                    new ColumnDef('user_id', 'integer',
 303                                                  null, false, 'PRI'),
 304                                    new ColumnDef('created', 'datetime',
 305                                                  null, false),
 306                                    new ColumnDef('modified', 'timestamp')));
 307         return true;
 308     }
 309
 310     function onUserDeleteRelated($user, &$tables)
 311     {
 312         $tables[] = 'User_openid';
 313         $tables[] = 'User_openid_trustroot';
 314         return true;
 315     }
 316
 317     function onPluginVersion(&$versions)
 318     {
 319         $versions[] = array('name' => 'OpenID',
 320                             'version' => STATUSNET_VERSION,
 321                             'author' => 'Evan Prodromou, Craig Andrews',
 322                             'homepage' => 'http://status.net/wiki/Plugin:OpenID',
 323                             'rawdescription' =>
 324                             _m('Use <a href="http://openid.net/">OpenID</a> to login to the site.'));
 325         return true;
 326     }
 327 }