3 * StatusNet, the distributed open-source microblogging tool
5 * OpenID bridge administration panel
9 * LICENCE: This program is free software: you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation, either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Affero General Public License for more details.
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
24 * @author Zach Copley <zach@status.net>
25 * @copyright 2010 StatusNet, Inc.
26 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
27 * @link http://status.net/
30 if (!defined('STATUSNET')) {
35 * Administer global OpenID settings
39 * @author Zach Copley <zach@status.net>
40 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
41 * @link http://status.net/
43 class OpenidadminpanelAction extends AdminPanelAction
46 * Returns the page title
48 * @return string page title
52 // TRANS: Title for OpenID bridge administration page.
53 return _m('TITLE','OpenID Settings');
57 * Instructions for using this form.
59 * @return string instructions
61 function getInstructions()
63 // TRANS: Page instructions.
64 return _m('OpenID settings');
68 * Show the OpenID admin panel form
74 $form = new OpenIDAdminPanelForm($this);
80 * Save settings from the form
84 function saveSettings()
86 static $settings = array(
87 'openid' => array('trusted_provider', 'required_team')
90 static $booleans = array(
91 'openid' => array('append_username'),
92 'site' => array('openidonly')
97 foreach ($settings as $section => $parts) {
98 foreach ($parts as $setting) {
99 $values[$section][$setting]
100 = $this->trimmed($setting);
104 foreach ($booleans as $section => $parts) {
105 foreach ($parts as $setting) {
106 $values[$section][$setting]
107 = ($this->boolean($setting)) ? 1 : 0;
111 // This throws an exception on validation errors
113 $this->validate($values);
115 // assert(all values are valid);
117 $config = new Config();
119 $config->query('BEGIN');
121 foreach ($settings as $section => $parts) {
122 foreach ($parts as $setting) {
123 Config::save($section, $setting, $values[$section][$setting]);
127 foreach ($booleans as $section => $parts) {
128 foreach ($parts as $setting) {
129 Config::save($section, $setting, $values[$section][$setting]);
133 $config->query('COMMIT');
138 function validate(&$values)
140 // Validate consumer key and secret (can't be too long)
142 if (mb_strlen($values['openid']['trusted_provider']) > 255) {
144 // TRANS: Client error displayed when OpenID provider URL is too long.
145 _m('Invalid provider URL. Maximum length is 255 characters.')
149 if (mb_strlen($values['openid']['required_team']) > 255) {
151 // TRANS: Client error displayed when Launchpad team name is too long.
152 _m('Invalid team name. Maximum length is 255 characters.')
158 class OpenIDAdminPanelForm extends AdminForm
163 * @return int ID of the form
167 return 'openidadminpanel';
173 * @return string class of the form
177 return 'form_settings';
183 * @return string URL of the action
187 return common_local_url('openidadminpanel');
191 * Data elements of the form
195 * @todo Some of the options could prevent users from logging in again.
196 * Make sure that the acting administrator has a valid OpenID matching,
197 * or more carefully warn folks.
201 $this->out->elementStart(
203 array('id' => 'settings_openid')
205 // TRANS: Fieldset legend.
206 $this->out->element('legend', null, _m('LEGEND','Trusted provider'));
207 $this->out->element('p', 'form_guide',
208 // TRANS: Form guide.
209 _m('By default, users are allowed to authenticate with any OpenID provider. ' .
210 'If you are using your own OpenID service for shared sign-in, ' .
211 'you can restrict access to only your own users here.'));
212 $this->out->elementStart('ul', 'form_data');
217 // TRANS: Field label.
219 // TRANS: Field title.
220 _m('All OpenID logins will be sent to this URL; other providers may not be used.'),
226 $this->out->checkbox(
227 // TRANS: Checkbox label.
228 'append_username', _m('Append a username to base URL'),
229 (bool) $this->value('append_username', 'openid'),
230 // TRANS: Checkbox title.
231 _m('Login form will show the base URL and prompt for a username to add at the end. Use when OpenID provider URL should be the profile page for individual users.'),
239 // TRANS: Field label.
241 // TRANS: Field title.
242 _m('Only allow logins from users in the given team (Launchpad extension).'),
247 $this->out->elementEnd('ul');
248 $this->out->elementEnd('fieldset');
250 $this->out->elementStart(
252 array('id' => 'settings_openid-options')
254 // TRANS: Fieldset legend.
255 $this->out->element('legend', null, _m('LEGEND','Options'));
257 $this->out->elementStart('ul', 'form_data');
261 $this->out->checkbox(
262 // TRANS: Checkbox label.
263 'openidonly', _m('Enable OpenID-only mode'),
264 (bool) $this->value('openidonly', 'site'),
265 // TRANS: Checkbox title.
266 _m('Require all users to login via OpenID. Warning: disables password authentication for all users!'),
271 $this->out->elementEnd('ul');
273 $this->out->elementEnd('fieldset');
281 function formActions()
283 // TRANS: Button text to save OpenID settings.
284 $this->out->submit('submit', _m('BUTTON','Save'), 'submit', null,
285 // TRANS: Button title to save OpenID settings.
286 _m('Save OpenID settings.'));