3 * StatusNet, the distributed open-source microblogging tool
5 * OpenID bridge administration panel
9 * LICENCE: This program is free software: you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation, either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Affero General Public License for more details.
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
24 * @author Zach Copley <zach@status.net>
25 * @copyright 2010 StatusNet, Inc.
26 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
27 * @link http://status.net/
30 if (!defined('STATUSNET')) {
35 * Administer global OpenID settings
39 * @author Zach Copley <zach@status.net>
40 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
41 * @link http://status.net/
44 class OpenidadminpanelAction extends AdminPanelAction
47 * Returns the page title
49 * @return string page title
58 * Instructions for using this form.
60 * @return string instructions
63 function getInstructions()
65 return _m('OpenID settings');
69 * Show the OpenID admin panel form
76 $form = new OpenIDAdminPanelForm($this);
82 * Save settings from the form
87 function saveSettings()
89 static $settings = array(
90 'openid' => array('trusted_provider', 'required_team')
93 static $booleans = array(
94 'site' => array('openidonly')
99 foreach ($settings as $section => $parts) {
100 foreach ($parts as $setting) {
101 $values[$section][$setting]
102 = $this->trimmed($setting);
106 foreach ($booleans as $section => $parts) {
107 foreach ($parts as $setting) {
108 $values[$section][$setting]
109 = ($this->boolean($setting)) ? 1 : 0;
113 // This throws an exception on validation errors
115 $this->validate($values);
117 // assert(all values are valid);
119 $config = new Config();
121 $config->query('BEGIN');
123 foreach ($settings as $section => $parts) {
124 foreach ($parts as $setting) {
125 Config::save($section, $setting, $values[$section][$setting]);
129 foreach ($booleans as $section => $parts) {
130 foreach ($parts as $setting) {
131 Config::save($section, $setting, $values[$section][$setting]);
135 $config->query('COMMIT');
140 function validate(&$values)
142 // Validate consumer key and secret (can't be too long)
144 if (mb_strlen($values['openid']['trusted_provider']) > 255) {
146 _m("Invalid provider URL. Max length is 255 characters.")
150 if (mb_strlen($values['openid']['required_team']) > 255) {
152 _m("Invalid team name. Max length is 255 characters.")
158 class OpenIDAdminPanelForm extends AdminForm
163 * @return int ID of the form
168 return 'openidadminpanel';
174 * @return string class of the form
179 return 'form_settings';
185 * @return string URL of the action
190 return common_local_url('openidadminpanel');
194 * Data elements of the form
198 * @todo Some of the options could prevent users from logging in again.
199 * Make sure that the acting administrator has a valid OpenID matching,
200 * or more carefully warn folks.
205 $this->out->elementStart(
207 array('id' => 'settings_openid')
209 $this->out->element('legend', null, _m('Trusted provider'));
210 $this->out->element('p', 'form_guide',
211 _m('By default, users are allowed to authenticate with any OpenID provider. ' .
212 'If you are using your own OpenID service for shared sign-in, ' .
213 'you can restrict access to only your own users here.'));
214 $this->out->elementStart('ul', 'form_data');
220 _m('All OpenID logins will be sent to this URL; other providers may not be used.'),
229 _m('Only allow logins from users in the given team (Launchpad extension).'),
234 $this->out->elementEnd('ul');
235 $this->out->elementEnd('fieldset');
237 $this->out->elementStart(
239 array('id' => 'settings_openid-options')
241 $this->out->element('legend', null, _m('Options'));
243 $this->out->elementStart('ul', 'form_data');
247 $this->out->checkbox(
248 'openidonly', _m('Enable OpenID-only mode'),
249 (bool) $this->value('openidonly', 'site'),
250 _m('Require all users to login via OpenID. WARNING: disables password authentication for all users!'),
255 $this->out->elementEnd('ul');
257 $this->out->elementEnd('fieldset');
266 function formActions()
268 $this->out->submit('submit', _('Save'), 'submit', null, _m('Save OpenID settings'));