3 * StatusNet, the distributed open-source microblogging tool
5 * OpenID bridge administration panel
9 * LICENCE: This program is free software: you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation, either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Affero General Public License for more details.
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
24 * @author Zach Copley <zach@status.net>
25 * @copyright 2010 StatusNet, Inc.
26 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
27 * @link http://status.net/
30 if (!defined('STATUSNET')) {
35 * Administer global OpenID settings
39 * @author Zach Copley <zach@status.net>
40 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
41 * @link http://status.net/
44 class OpenidadminpanelAction extends AdminPanelAction
47 * Returns the page title
49 * @return string page title
58 * Instructions for using this form.
60 * @return string instructions
63 function getInstructions()
65 return _m('OpenID settings');
69 * Show the OpenID admin panel form
76 $form = new OpenIDAdminPanelForm($this);
82 * Save settings from the form
87 function saveSettings()
89 static $settings = array(
90 'openid' => array('trusted_provider', 'required_team')
93 static $booleans = array(
94 'openid' => array('append_username'),
95 'site' => array('openidonly')
100 foreach ($settings as $section => $parts) {
101 foreach ($parts as $setting) {
102 $values[$section][$setting]
103 = $this->trimmed($setting);
107 foreach ($booleans as $section => $parts) {
108 foreach ($parts as $setting) {
109 $values[$section][$setting]
110 = ($this->boolean($setting)) ? 1 : 0;
114 // This throws an exception on validation errors
116 $this->validate($values);
118 // assert(all values are valid);
120 $config = new Config();
122 $config->query('BEGIN');
124 foreach ($settings as $section => $parts) {
125 foreach ($parts as $setting) {
126 Config::save($section, $setting, $values[$section][$setting]);
130 foreach ($booleans as $section => $parts) {
131 foreach ($parts as $setting) {
132 Config::save($section, $setting, $values[$section][$setting]);
136 $config->query('COMMIT');
141 function validate(&$values)
143 // Validate consumer key and secret (can't be too long)
145 if (mb_strlen($values['openid']['trusted_provider']) > 255) {
147 _m("Invalid provider URL. Max length is 255 characters.")
151 if (mb_strlen($values['openid']['required_team']) > 255) {
153 _m("Invalid team name. Max length is 255 characters.")
159 class OpenIDAdminPanelForm extends AdminForm
164 * @return int ID of the form
169 return 'openidadminpanel';
175 * @return string class of the form
180 return 'form_settings';
186 * @return string URL of the action
191 return common_local_url('openidadminpanel');
195 * Data elements of the form
199 * @todo Some of the options could prevent users from logging in again.
200 * Make sure that the acting administrator has a valid OpenID matching,
201 * or more carefully warn folks.
206 $this->out->elementStart(
208 array('id' => 'settings_openid')
210 $this->out->element('legend', null, _m('Trusted provider'));
211 $this->out->element('p', 'form_guide',
212 _m('By default, users are allowed to authenticate with any OpenID provider. ' .
213 'If you are using your own OpenID service for shared sign-in, ' .
214 'you can restrict access to only your own users here.'));
215 $this->out->elementStart('ul', 'form_data');
221 _m('All OpenID logins will be sent to this URL; other providers may not be used.'),
227 $this->out->checkbox(
228 'append_username', _m('Append a username to base URL'),
229 (bool) $this->value('append_username', 'openid'),
230 _m('Login form will show the base URL and prompt for a username to add at the end. Use when OpenID provider URL should be the profile page for individual users.'),
239 _m('Only allow logins from users in the given team (Launchpad extension).'),
244 $this->out->elementEnd('ul');
245 $this->out->elementEnd('fieldset');
247 $this->out->elementStart(
249 array('id' => 'settings_openid-options')
251 $this->out->element('legend', null, _m('Options'));
253 $this->out->elementStart('ul', 'form_data');
257 $this->out->checkbox(
258 'openidonly', _m('Enable OpenID-only mode'),
259 (bool) $this->value('openidonly', 'site'),
260 _m('Require all users to login via OpenID. WARNING: disables password authentication for all users!'),
265 $this->out->elementEnd('ul');
267 $this->out->elementEnd('fieldset');
276 function formActions()
278 $this->out->submit('submit', _('Save'), 'submit', null, _m('Save OpenID settings'));