plugins/OpenID/openidtrust.php

   1 <?php
   2 /*
   3  * StatusNet - the distributed open-source microblogging tool
   4  * Copyright (C) 2008, 2009, StatusNet, Inc.
   5  *
   6  * This program is free software: you can redistribute it and/or modify
   7  * it under the terms of the GNU Affero General Public License as published by
   8  * the Free Software Foundation, either version 3 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU Affero General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Affero General Public License
  17  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18  */
  19
  20 if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }
  21
  22 require_once INSTALLDIR.'/plugins/OpenID/openid.php';
  23 require_once(INSTALLDIR.'/plugins/OpenID/User_openid_trustroot.php');
  24
  25 class OpenidtrustAction extends Action
  26 {
  27     var $trust_root;
  28     var $allowUrl;
  29     var $denyUrl;
  30     var $user;
  31
  32     /**
  33      * Is this a read-only action?
  34      *
  35      * @return boolean false
  36      */
  37
  38     function isReadOnly($args)
  39     {
  40         return false;
  41     }
  42
  43     /**
  44      * Title of the page
  45      *
  46      * @return string title of the page
  47      */
  48
  49     function title()
  50     {
  51         return _m('OpenID Identity Verification');
  52     }
  53
  54     function prepare($args)
  55     {
  56         parent::prepare($args);
  57         common_ensure_session();
  58         $this->user = common_current_user();
  59         if(empty($this->user)){
  60             /* Go log in, and then come back. */
  61             common_set_returnto($_SERVER['REQUEST_URI']);
  62             common_redirect(common_local_url('login'));
  63             return;
  64         }
  65         $this->trust_root = $_SESSION['openid_trust_root'];
  66         $this->allowUrl = $_SESSION['openid_allow_url'];
  67         $this->denyUrl = $_SESSION['openid_deny_url'];
  68         if(empty($this->trust_root) || empty($this->allowUrl) || empty($this->denyUrl)){
  69             $this->clientError(_m('This page should only be reached during OpenID processing, not directly.'));
  70             return;
  71         }
  72         return true;
  73     }
  74
  75     function handle($args)
  76     {
  77         parent::handle($args);
  78         if($_SERVER['REQUEST_METHOD'] == 'POST'){
  79             $this->handleSubmit();
  80         }else{
  81             $this->showPage();
  82         }
  83     }
  84
  85     function handleSubmit()
  86     {
  87         unset($_SESSION['openid_trust_root']);
  88         unset($_SESSION['openid_allow_url']);
  89         unset($_SESSION['openid_deny_url']);
  90         if($this->arg('allow'))
  91         {
  92             //save to database
  93             $user_openid_trustroot = new User_openid_trustroot();
  94             $user_openid_trustroot->user_id = $this->user->id;
  95             $user_openid_trustroot->trustroot = $this->trust_root;
  96             $user_openid_trustroot->created = DB_DataObject_Cast::dateTime();
  97             if (!$user_openid_trustroot->insert()) {
  98                 $err = PEAR::getStaticProperty('DB_DataObject','lastError');
  99             }
 100             common_redirect($this->allowUrl, $code=302);
 101         }else{
 102             common_redirect($this->denyUrl, $code=302);
 103         }
 104     }
 105
 106     /**
 107      * Show page notice
 108      *
 109      * Display a notice for how to use the page, or the
 110      * error if it exists.
 111      *
 112      * @return void
 113      */
 114
 115     function showPageNotice()
 116     {
 117         $this->element('p',null,sprintf(_m('%s  has asked to verify your identity. Click Continue to verify your identity and login without creating a new password.'),$this->trust_root));
 118     }
 119
 120     /**
 121      * Core of the display code
 122      *
 123      * Shows the login form.
 124      *
 125      * @return void
 126      */
 127
 128     function showContent()
 129     {
 130         $this->elementStart('form', array('method' => 'post',
 131                                    'id' => 'form_openidtrust',
 132                                    'class' => 'form_settings',
 133                                    'action' => common_local_url('openidtrust')));
 134         $this->elementStart('fieldset');
 135         $this->submit('allow', _m('Continue'));
 136         $this->submit('deny', _m('Cancel'));
 137
 138         $this->elementEnd('fieldset');
 139         $this->elementEnd('form');
 140     }
 141 }