plugins/OpenID/openidtrust.php

   1 <?php
   2 /*
   3  * StatusNet - the distributed open-source microblogging tool
   4  * Copyright (C) 2008, 2009, StatusNet, Inc.
   5  *
   6  * This program is free software: you can redistribute it and/or modify
   7  * it under the terms of the GNU Affero General Public License as published by
   8  * the Free Software Foundation, either version 3 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU Affero General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Affero General Public License
  17  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18  */
  19
  20 if (!defined('STATUSNET')) {
  21     exit(1);
  22 }
  23
  24 require_once INSTALLDIR.'/plugins/OpenID/openid.php';
  25
  26 class OpenidtrustAction extends Action
  27 {
  28     var $trust_root;
  29     var $allowUrl;
  30     var $denyUrl;
  31     var $user;
  32
  33     /**
  34      * Is this a read-only action?
  35      *
  36      * @return boolean false
  37      */
  38
  39     function isReadOnly($args)
  40     {
  41         return false;
  42     }
  43
  44     /**
  45      * Title of the page
  46      *
  47      * @return string title of the page
  48      */
  49
  50     function title()
  51     {
  52         return _m('OpenID Identity Verification');
  53     }
  54
  55     function prepare($args)
  56     {
  57         parent::prepare($args);
  58         common_ensure_session();
  59         $this->user = common_current_user();
  60         if(empty($this->user)){
  61             /* Go log in, and then come back. */
  62             common_set_returnto($_SERVER['REQUEST_URI']);
  63             common_redirect(common_local_url('login'));
  64             return;
  65         }
  66         $this->trust_root = $_SESSION['openid_trust_root'];
  67         $this->allowUrl = $_SESSION['openid_allow_url'];
  68         $this->denyUrl = $_SESSION['openid_deny_url'];
  69         if(empty($this->trust_root) || empty($this->allowUrl) || empty($this->denyUrl)){
  70             $this->clientError(_m('This page should only be reached during OpenID processing, not directly.'));
  71             return;
  72         }
  73         return true;
  74     }
  75
  76     function handle($args)
  77     {
  78         parent::handle($args);
  79         if($_SERVER['REQUEST_METHOD'] == 'POST'){
  80             $this->handleSubmit();
  81         }else{
  82             $this->showPage();
  83         }
  84     }
  85
  86     function handleSubmit()
  87     {
  88         unset($_SESSION['openid_trust_root']);
  89         unset($_SESSION['openid_allow_url']);
  90         unset($_SESSION['openid_deny_url']);
  91         if($this->arg('allow'))
  92         {
  93             //save to database
  94             $user_openid_trustroot = new User_openid_trustroot();
  95             $user_openid_trustroot->user_id = $this->user->id;
  96             $user_openid_trustroot->trustroot = $this->trust_root;
  97             $user_openid_trustroot->created = DB_DataObject_Cast::dateTime();
  98             if (!$user_openid_trustroot->insert()) {
  99                 $err = PEAR::getStaticProperty('DB_DataObject','lastError');
 100             }
 101             common_redirect($this->allowUrl, $code=302);
 102         }else{
 103             common_redirect($this->denyUrl, $code=302);
 104         }
 105     }
 106
 107     /**
 108      * Show page notice
 109      *
 110      * Display a notice for how to use the page, or the
 111      * error if it exists.
 112      *
 113      * @return void
 114      */
 115
 116     function showPageNotice()
 117     {
 118         $this->element('p',null,sprintf(_m('%s  has asked to verify your identity. Click Continue to verify your identity and login without creating a new password.'),$this->trust_root));
 119     }
 120
 121     /**
 122      * Core of the display code
 123      *
 124      * Shows the login form.
 125      *
 126      * @return void
 127      */
 128
 129     function showContent()
 130     {
 131         $this->elementStart('form', array('method' => 'post',
 132                                    'id' => 'form_openidtrust',
 133                                    'class' => 'form_settings',
 134                                    'action' => common_local_url('openidtrust')));
 135         $this->elementStart('fieldset');
 136         $this->submit('allow', _m('Continue'));
 137         $this->submit('deny', _m('Cancel'));
 138
 139         $this->elementEnd('fieldset');
 140         $this->elementEnd('form');
 141     }
 142 }