]> git.mxchange.org Git - quix0rs-gnu-social.git/blob - plugins/OpenID/openidserver.php
projects / quix0rs-gnu-social.git / blob
? search:


0e16881c5fa62706b4b62c875b8d118024ac92f5
[quix0rs-gnu-social.git] / plugins / OpenID / openidserver.php
1 <?php
2 /**
3  * StatusNet, the distributed open-source microblogging tool
4  *
5  * Settings for OpenID
6  *
7  * PHP version 5
8  *
9  * LICENCE: This program is free software: you can redistribute it and/or modify
10  * it under the terms of the GNU Affero General Public License as published by
11  * the Free Software Foundation, either version 3 of the License, or
12  * (at your option) any later version.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17  * GNU Affero General Public License for more details.
18  *
19  * You should have received a copy of the GNU Affero General Public License
20  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
21  *
22  * @category  Settings
23  * @package   StatusNet
24  * @author   Craig Andrews <candrews@integralblue.com>
25  * @copyright 2008-2009 StatusNet, Inc.
26  * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
27  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
28  * @link      http://status.net/
29  */
30
31 if (!defined('STATUSNET') && !defined('LACONICA')) {
32     exit(1);
33 }
34
35 require_once INSTALLDIR.'/lib/action.php';
36 require_once INSTALLDIR.'/plugins/OpenID/openid.php';
37 require_once(INSTALLDIR.'/plugins/OpenID/User_openid_trustroot.php');
38
39 /**
40  * Settings for OpenID
41  *
42  * Lets users add, edit and delete OpenIDs from their account
43  *
44  * @category Settings
45  * @package  StatusNet
46  * @author   Craig Andrews <candrews@integralblue.com>
47  * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
48  * @license  http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
49  * @link     http://status.net/
50  */
51 class OpenidserverAction extends Action
52 {
53     var $oserver;
54
55     function prepare($args)
56     {
57         parent::prepare($args);
58         $this->oserver = oid_server();
59         return true;
60     }
61
62     function handle($args)
63     {
64         parent::handle($args);
65         $request = $this->oserver->decodeRequest();
66         if (in_array($request->mode, array('checkid_immediate',
67             'checkid_setup'))) {
68             $user = common_current_user();
69             if(!$user){
70                 if($request->immediate){
71                     //cannot prompt the user to login in immediate mode, so answer false
72                     $response = $this->generateDenyResponse($request);
73                 }else{
74                     /* Go log in, and then come back. */
75                     common_set_returnto($_SERVER['REQUEST_URI']);
76                     common_redirect(common_local_url('login'), 303);
77                     return;
78                 }
79             }else if(common_profile_url($user->nickname) == $request->identity || $request->idSelect()){
80                 $user_openid_trustroot = User_openid_trustroot::pkeyGet(
81                                                 array('user_id'=>$user->id, 'trustroot'=>$request->trust_root));
82                 if(empty($user_openid_trustroot)){
83                     if($request->immediate){
84                         //cannot prompt the user to trust this trust root in immediate mode, so answer false
85                         $response = $this->generateDenyResponse($request);
86                     }else{
87                         common_ensure_session();
88                         $_SESSION['openid_trust_root'] = $request->trust_root;
89                         $allowResponse = $this->generateAllowResponse($request, $user);
90                         $this->oserver->encodeResponse($allowResponse); //sign the response
91                         $denyResponse = $this->generateDenyResponse($request);
92                         $this->oserver->encodeResponse($denyResponse); //sign the response
93                         $_SESSION['openid_allow_url'] = $allowResponse->encodeToUrl();
94                         $_SESSION['openid_deny_url'] = $denyResponse->encodeToUrl();
95                         //ask the user to trust this trust root
96                         common_redirect(common_local_url('openidtrust'), 303);
97                         return;
98                     }
99                 }else{
100                     //user has previously authorized this trust root
101                     $response = $this->generateAllowResponse($request, $user);
102                     //$response = $request->answer(true, null, common_profile_url($user->nickname));
103                 }
104             } else if ($request->immediate) {
105                 $response = $this->generateDenyResponse($request);
106             } else {
107                 //invalid
108                 // TRANS: OpenID plugin client error given trying to add an unauthorised OpenID to a user (403).
109                 $this->clientError(sprintf(_m('You are not authorized to use the identity %s.'),$request->identity),$code=403);
110             }
111         } else {
112             $response = $this->oserver->handleRequest($request);
113         }
114
115         if($response){
116             $response = $this->oserver->encodeResponse($response);
117             if ($response->code != AUTH_OPENID_HTTP_OK) {
118                 header(sprintf("HTTP/1.1 %d ", $response->code),
119                        true, $response->code);
120             }
121
122             if($response->headers){
123                 foreach ($response->headers as $k => $v) {
124                     header("$k: $v");
125                 }
126             }
127             $this->raw($response->body);
128         }else{
129             // TRANS: OpenID plugin client error given when not getting a response for a given OpenID provider (500).
130             $this->clientError(_m('Just an OpenID provider. Nothing to see here, move along...'),$code=500);
131         }
132     }
133
134     function generateAllowResponse($request, $user){
135         $response = $request->answer(true, null, common_profile_url($user->nickname));
136         
137         $profile = $user->getProfile();
138         $sreg_data = array(
139             'fullname' => $profile->fullname,
140             'nickname' => $user->nickname,
141             'email' => $user->email,
142             'language' => $user->language,
143             'timezone' => $user->timezone);
144         $sreg_request = Auth_OpenID_SRegRequest::fromOpenIDRequest($request);
145         $sreg_response = Auth_OpenID_SRegResponse::extractResponse(
146                               $sreg_request, $sreg_data);
147         $sreg_response->toMessage($response->fields);
148         return $response;
149     }
150
151     function generateDenyResponse($request){
152         $response = $request->answer(false);
153         return $response;
154     }
155 }
This is my personal clone from the wonderful software GNUSocial. I may fix or break things here, so use it on your own risk. :-)