plugins/OpenID/OpenIDPlugin.php

   1 <?php
   2 /**
   3  * StatusNet, the distributed open-source microblogging tool
   4  *
   5  * PHP version 5
   6  *
   7  * LICENCE: This program is free software: you can redistribute it and/or modify
   8  * it under the terms of the GNU Affero General Public License as published by
   9  * the Free Software Foundation, either version 3 of the License, or
  10  * (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU Affero General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU Affero General Public License
  18  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  19  *
  20  * @category  Plugin
  21  * @package   StatusNet
  22  * @author    Evan Prodromou <evan@status.net>
  23  * @copyright 2009 StatusNet, Inc.
  24  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  25  * @link      http://status.net/
  26  */
  27
  28 if (!defined('STATUSNET')) {
  29     exit(1);
  30 }
  31
  32 /**
  33  * Plugin for OpenID authentication and identity
  34  *
  35  * This class enables consumer support for OpenID, the distributed authentication
  36  * and identity system.
  37  *
  38  * @category Plugin
  39  * @package  StatusNet
  40  * @author   Evan Prodromou <evan@status.net>
  41  * @license  http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  42  * @link     http://status.net/
  43  * @link     http://openid.net/
  44  */
  45
  46 class OpenIDPlugin extends Plugin
  47 {
  48     /**
  49      * Initializer for the plugin.
  50      */
  51
  52     function __construct()
  53     {
  54         parent::__construct();
  55     }
  56
  57     /**
  58      * Add OpenID-related paths to the router table
  59      *
  60      * Hook for RouterInitialized event.
  61      *
  62      * @return boolean hook return
  63      */
  64
  65     function onStartInitializeRouter($m)
  66     {
  67         $m->connect('main/openid', array('action' => 'openidlogin'));
  68         $m->connect('main/openidtrust', array('action' => 'openidtrust'));
  69         $m->connect('settings/openid', array('action' => 'openidsettings'));
  70         $m->connect('index.php?action=finishopenidlogin', array('action' => 'finishopenidlogin'));
  71         $m->connect('index.php?action=finishaddopenid', array('action' => 'finishaddopenid'));
  72         $m->connect('main/openidserver', array('action' => 'openidserver'));
  73
  74         return true;
  75     }
  76
  77     function onEndPublicXRDS($action, &$xrdsOutputter)
  78     {
  79         $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
  80                                           'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
  81                                           'version' => '2.0'));
  82         $xrdsOutputter->element('Type', null, 'xri://$xrds*simple');
  83         //consumer
  84         foreach (array('finishopenidlogin', 'finishaddopenid') as $finish) {
  85             $xrdsOutputter->showXrdsService(Auth_OpenID_RP_RETURN_TO_URL_TYPE,
  86                                 common_local_url($finish));
  87         }
  88         //provider
  89         $xrdsOutputter->showXrdsService('http://specs.openid.net/auth/2.0/server',
  90                             common_local_url('openidserver'),
  91                             null,
  92                             null,
  93                             'http://specs.openid.net/auth/2.0/identifier_select');
  94         $xrdsOutputter->elementEnd('XRD');
  95     }
  96
  97     function onEndUserXRDS($action, &$xrdsOutputter)
  98     {
  99         $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
 100                                           'xml:id' => 'openid',
 101                                           'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
 102                                           'version' => '2.0'));
 103         $xrdsOutputter->element('Type', null, 'xri://$xrds*simple');
 104
 105         //consumer
 106         $xrdsOutputter->showXrdsService('http://specs.openid.net/auth/2.0/return_to',
 107                             common_local_url('finishopenidlogin'));
 108
 109         //provider
 110         $xrdsOutputter->showXrdsService('http://specs.openid.net/auth/2.0/signon',
 111                             common_local_url('openidserver'),
 112                             null,
 113                             null,
 114                             common_profile_url($action->user->nickname));
 115         $xrdsOutputter->elementEnd('XRD');
 116     }
 117
 118     function onEndLoginGroupNav(&$action)
 119     {
 120         $action_name = $action->trimmed('action');
 121
 122         $action->menuItem(common_local_url('openidlogin'),
 123                           _('OpenID'),
 124                           _('Login or register with OpenID'),
 125                           $action_name === 'openidlogin');
 126
 127         return true;
 128     }
 129
 130     function onEndAccountSettingsNav(&$action)
 131     {
 132         $action_name = $action->trimmed('action');
 133
 134         $action->menuItem(common_local_url('openidsettings'),
 135                           _('OpenID'),
 136                           _('Add or remove OpenIDs'),
 137                           $action_name === 'openidsettings');
 138
 139         return true;
 140     }
 141
 142     function onAutoload($cls)
 143     {
 144         switch ($cls)
 145         {
 146          case 'OpenidloginAction':
 147          case 'FinishopenidloginAction':
 148          case 'FinishaddopenidAction':
 149          case 'XrdsAction':
 150          case 'PublicxrdsAction':
 151          case 'OpenidsettingsAction':
 152          case 'OpenidserverAction':
 153          case 'OpenidtrustAction':
 154             require_once(INSTALLDIR.'/plugins/OpenID/' . strtolower(mb_substr($cls, 0, -6)) . '.php');
 155             return false;
 156          case 'User_openid':
 157             require_once(INSTALLDIR.'/plugins/OpenID/User_openid.php');
 158             return false;
 159          default:
 160             return true;
 161         }
 162     }
 163
 164     function onSensitiveAction($action, &$ssl)
 165     {
 166         switch ($action)
 167         {
 168          case 'finishopenidlogin':
 169          case 'finishaddopenid':
 170             $ssl = true;
 171             return false;
 172          default:
 173             return true;
 174         }
 175     }
 176
 177     function onLoginAction($action, &$login)
 178     {
 179         switch ($action)
 180         {
 181          case 'openidlogin':
 182          case 'finishopenidlogin':
 183          case 'openidserver':
 184             $login = true;
 185             return false;
 186          default:
 187             return true;
 188         }
 189     }
 190
 191     /**
 192      * We include a <meta> element linking to the publicxrds page, for OpenID
 193      * client-side authentication.
 194      *
 195      * @return void
 196      */
 197
 198     function onEndShowHeadElements($action)
 199     {
 200         if($action instanceof ShowstreamAction){
 201             $action->element('link', array('rel' => 'openid2.provider',
 202                                            'href' => common_local_url('openidserver')));
 203             $action->element('link', array('rel' => 'openid2.local_id',
 204                                            'href' => $action->profile->profileurl));
 205             $action->element('link', array('rel' => 'openid.server',
 206                                            'href' => common_local_url('openidserver')));
 207             $action->element('link', array('rel' => 'openid.delegate',
 208                                            'href' => $action->profile->profileurl));
 209         }
 210         return true;
 211     }
 212
 213     /**
 214      * Redirect to OpenID login if they have an OpenID
 215      *
 216      * @return boolean whether to continue
 217      */
 218
 219     function onRedirectToLogin($action, $user)
 220     {
 221         if (!empty($user) && User_openid::hasOpenID($user->id)) {
 222             common_redirect(common_local_url('openidlogin'), 303);
 223             return false;
 224         }
 225         return true;
 226     }
 227
 228     function onEndShowPageNotice($action)
 229     {
 230         $name = $action->trimmed('action');
 231
 232         switch ($name)
 233         {
 234          case 'register':
 235             $instr = '(Have an [OpenID](http://openid.net/)? ' .
 236               'Try our [OpenID registration]'.
 237               '(%%action.openidlogin%%)!)';
 238             break;
 239          case 'login':
 240             $instr = '(Have an [OpenID](http://openid.net/)? ' .
 241               'Try our [OpenID login]'.
 242               '(%%action.openidlogin%%)!)';
 243             break;
 244          default:
 245             return true;
 246         }
 247
 248         $output = common_markup_to_html($instr);
 249         $action->raw($output);
 250         return true;
 251     }
 252
 253     function onStartLoadDoc(&$title, &$output)
 254     {
 255         if ($title == 'openid')
 256         {
 257             $filename = INSTALLDIR.'/plugins/OpenID/doc-src/openid';
 258
 259             $c = file_get_contents($filename);
 260             $output = common_markup_to_html($c);
 261             return false; // success!
 262         }
 263
 264         return true;
 265     }
 266
 267     function onEndLoadDoc($title, &$output)
 268     {
 269         if ($title == 'help')
 270         {
 271             $menuitem = '* [OpenID](%%doc.openid%%) - what OpenID is and how to use it with this service';
 272
 273             $output .= common_markup_to_html($menuitem);
 274         }
 275
 276         return true;
 277     }
 278
 279     function onCheckSchema() {
 280         $schema = Schema::get();
 281         $schema->ensureTable('user_openid',
 282                              array(new ColumnDef('canonical', 'varchar',
 283                                                  '255', false, 'PRI'),
 284                                    new ColumnDef('display', 'varchar',
 285                                                  '255', false),
 286                                    new ColumnDef('user_id', 'integer',
 287                                                  null, false, 'MUL'),
 288                                    new ColumnDef('created', 'datetime',
 289                                                  null, false),
 290                                    new ColumnDef('modified', 'timestamp')));
 291         $schema->ensureTable('user_openid_trustroot',
 292                              array(new ColumnDef('trustroot', 'varchar',
 293                                                  '255', false, 'PRI'),
 294                                    new ColumnDef('user_id', 'integer',
 295                                                  null, false, 'PRI'),
 296                                    new ColumnDef('created', 'datetime',
 297                                                  null, false),
 298                                    new ColumnDef('modified', 'timestamp')));
 299         return true;
 300     }
 301 }