plugins/OpenID/openidtrust.php

   1 <?php
   2 /*
   3  * StatusNet - the distributed open-source microblogging tool
   4  * Copyright (C) 2008, 2009, StatusNet, Inc.
   5  *
   6  * This program is free software: you can redistribute it and/or modify
   7  * it under the terms of the GNU Affero General Public License as published by
   8  * the Free Software Foundation, either version 3 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU Affero General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Affero General Public License
  17  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18  */
  19
  20 if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }
  21
  22 require_once INSTALLDIR.'/plugins/OpenID/openid.php';
  23 require_once(INSTALLDIR.'/plugins/OpenID/User_openid_trustroot.php');
  24
  25 class OpenidtrustAction extends Action
  26 {
  27     var $trust_root;
  28     var $allowUrl;
  29     var $denyUrl;
  30     var $user;
  31
  32     /**
  33      * Is this a read-only action?
  34      *
  35      * @return boolean false
  36      */
  37
  38     function isReadOnly($args)
  39     {
  40         return false;
  41     }
  42
  43     /**
  44      * Title of the page
  45      *
  46      * @return string title of the page
  47      */
  48
  49     function title()
  50     {
  51         return _m('OpenID Identity Verification');
  52     }
  53
  54     function prepare($args)
  55     {
  56         parent::prepare($args);
  57         common_ensure_session();
  58         $this->user = common_current_user();
  59         if(empty($this->user)){
  60             /* Go log in, and then come back. */
  61             common_set_returnto($_SERVER['REQUEST_URI']);
  62             common_redirect(common_local_url('login'));
  63             return;
  64         }
  65         $this->trust_root = $_SESSION['openid_trust_root'];
  66         $this->allowUrl = $_SESSION['openid_allow_url'];
  67         $this->denyUrl = $_SESSION['openid_deny_url'];
  68         if(empty($this->trust_root) || empty($this->allowUrl) || empty($this->denyUrl)){
  69             $this->clientError(_m('This page should only be reached during OpenID processing, not directly.'));
  70             return;
  71         }
  72         return true;
  73     }
  74
  75     function handle($args)
  76     {
  77         parent::handle($args);
  78         if($_SERVER['REQUEST_METHOD'] == 'POST'){
  79             $this->handleSubmit();
  80         }else{
  81             $this->showPage();
  82         }
  83     }
  84
  85     function handleSubmit()
  86     {
  87         unset($_SESSION['openid_trust_root']);
  88         unset($_SESSION['openid_allow_url']);
  89         unset($_SESSION['openid_deny_url']);
  90         if($this->arg('allow'))
  91         {
  92             //save to database
  93             $user_openid_trustroot = new User_openid_trustroot();
  94             $user_openid_trustroot->user_id = $this->user->id;
  95             $user_openid_trustroot->trustroot = $this->trust_root;
  96             $user_openid_trustroot->created = DB_DataObject_Cast::dateTime();
  97             if (!$user_openid_trustroot->insert()) {
  98                 $err = PEAR::getStaticProperty('DB_DataObject','lastError');
  99                 common_debug('DB error ' . $err->code . ': ' . $err->message, __FILE__);
 100             }
 101             common_redirect($this->allowUrl, $code=302);
 102         }else{
 103             common_redirect($this->denyUrl, $code=302);
 104         }
 105     }
 106
 107     /**
 108      * Show page notice
 109      *
 110      * Display a notice for how to use the page, or the
 111      * error if it exists.
 112      *
 113      * @return void
 114      */
 115
 116     function showPageNotice()
 117     {
 118         $this->element('p',null,sprintf(_m('%s  has asked to verify your identity. Click Continue to verify your identity and login without creating a new password.'),$this->trust_root));
 119     }
 120
 121     /**
 122      * Core of the display code
 123      *
 124      * Shows the login form.
 125      *
 126      * @return void
 127      */
 128
 129     function showContent()
 130     {
 131         $this->elementStart('form', array('method' => 'post',
 132                                    'id' => 'form_openidtrust',
 133                                    'class' => 'form_settings',
 134                                    'action' => common_local_url('openidtrust')));
 135         $this->elementStart('fieldset');
 136         $this->submit('allow', _m('Continue'));
 137         $this->submit('deny', _m('Cancel'));
 138
 139         $this->elementEnd('fieldset');
 140         $this->elementEnd('form');
 141     }
 142 }