* This class enables consumer support for OpenID, the distributed authentication
* and identity system.
*
+ * Depends on: WebFinger plugin for HostMeta-lookup (user@host format)
+ *
* @category Plugin
* @package StatusNet
* @author Evan Prodromou <evan@status.net>
*
* Hook for RouterInitialized event.
*
- * @param Net_URL_Mapper $m URL mapper
+ * @param URLMapper $m URL mapper
*
* @return boolean hook return
*/
- function onStartInitializeRouter($m)
+ public function onStartInitializeRouter(URLMapper $m)
{
$m->connect('main/openid', array('action' => 'openidlogin'));
$m->connect('main/openidtrust', array('action' => 'openidtrust'));
$action = trim($args['action']);
if (in_array($action, array('login', 'register'))) {
common_redirect(common_local_url('openidlogin'));
- exit(0);
} else if ($action == 'passwordsettings') {
common_redirect(common_local_url('openidsettings'));
- exit(0);
} else if ($action == 'recoverpassword') {
// TRANS: Client exception thrown when an action is not available.
throw new ClientException(_m('Unavailable action.'));
*
* @return boolean hook return
*/
- function onEndPublicXRDS($action, &$xrdsOutputter)
+ function onEndPublicXRDS(Action $action, &$xrdsOutputter)
{
$xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
$xrdsOutputter->elementEnd('XRD');
}
- /**
- * User XRDS output hook
- *
- * Puts the bits of code needed to discover OpenID endpoints.
- *
- * @param Action $action Action being executed
- * @param XMLOutputter &$xrdsOutputter Output channel
- *
- * @return boolean hook return
- */
- function onEndUserXRDS($action, &$xrdsOutputter)
- {
- $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
- 'xml:id' => 'openid',
- 'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
- 'version' => '2.0'));
- $xrdsOutputter->element('Type', null, 'xri://$xrds*simple');
-
- //consumer
- $xrdsOutputter->showXrdsService('http://specs.openid.net/auth/2.0/return_to',
- common_local_url('finishopenidlogin'));
-
- //provider
- $xrdsOutputter->showXrdsService('http://specs.openid.net/auth/2.0/signon',
- common_local_url('openidserver'),
- null,
- null,
- common_profile_url($action->user->nickname));
- $xrdsOutputter->elementEnd('XRD');
- }
-
/**
* If we're in OpenID-only mode, hide all the main menu except OpenID login.
*
{
switch ($cls)
{
- case 'OpenidloginAction':
- case 'FinishopenidloginAction':
- case 'FinishaddopenidAction':
- case 'XrdsAction':
- case 'PublicxrdsAction':
- case 'OpenidsettingsAction':
- case 'OpenidserverAction':
- case 'OpenidtrustAction':
- case 'OpenidadminpanelAction':
- require_once dirname(__FILE__) . '/' . strtolower(mb_substr($cls, 0, -6)) . '.php';
- return false;
- case 'User_openid':
- case 'User_openid_prefs':
- case 'User_openid_trustroot':
- require_once dirname(__FILE__) . '/' . $cls . '.php';
- return false;
case 'Auth_OpenID_TeamsExtension':
case 'Auth_OpenID_TeamsRequest':
case 'Auth_OpenID_TeamsResponse':
require_once dirname(__FILE__) . '/extlib/teams-extension.php';
return false;
- default:
- return true;
}
+
+ return parent::onAutoload($cls);
}
/**
}
/**
- * We include a <meta> element linking to the userxrds page, for OpenID
- * client-side authentication.
+ * We include a <meta> element linking to the webfinger resource page,
+ * for OpenID client-side authentication.
*
* @param Action $action Action being shown
*
* @return void
*/
- function onEndShowHeadElements($action)
+ function onEndShowHeadElements(Action $action)
{
if ($action instanceof ShowstreamAction) {
$action->element('link', array('rel' => 'openid2.provider',
$action->element('link', array('rel' => 'openid.delegate',
'href' => $action->profile->profileurl));
}
+
+ if ($action instanceof SitestreamAction) {
+ $action->element('meta', array('http-equiv' => 'X-XRDS-Location',
+ 'content' => common_local_url('publicxrds')));
+ }
return true;
}
{
if (common_config('site', 'openid_only') || (!empty($user) && User_openid::hasOpenID($user->id))) {
common_redirect(common_local_url('openidlogin'), 303);
- return false;
}
return true;
}
function onCheckSchema()
{
$schema = Schema::get();
- $schema->ensureTable('user_openid',
- array(new ColumnDef('canonical', 'varchar',
- '255', false, 'PRI'),
- new ColumnDef('display', 'varchar',
- '255', false, 'UNI'),
- new ColumnDef('user_id', 'integer',
- null, false, 'MUL'),
- new ColumnDef('created', 'datetime',
- null, false),
- new ColumnDef('modified', 'timestamp')));
- $schema->ensureTable('user_openid_trustroot',
- array(new ColumnDef('trustroot', 'varchar',
- '255', false, 'PRI'),
- new ColumnDef('user_id', 'integer',
- null, false, 'PRI'),
- new ColumnDef('created', 'datetime',
- null, false),
- new ColumnDef('modified', 'timestamp')));
-
+ $schema->ensureTable('user_openid', User_openid::schemaDef());
+ $schema->ensureTable('user_openid_trustroot', User_openid_trustroot::schemaDef());
$schema->ensureTable('user_openid_prefs', User_openid_prefs::schemaDef());
/* These are used by JanRain OpenID library */
array(
'fields' => array(
'server_url' => array('type' => 'blob', 'not null' => true),
- 'handle' => array('type' => 'varchar', 'length' => 255, 'not null' => true, 'default' => ''), // character set latin1,
+ 'handle' => array('type' => 'varchar', 'length' => 191, 'not null' => true, 'default' => ''), // character set latin1,
'secret' => array('type' => 'blob'),
'issued' => array('type' => 'int'),
'lifetime' => array('type' => 'int'),
'assoc_type' => array('type' => 'varchar', 'length' => 64),
),
- 'primary key' => array(array('server_url', 255), 'handle'),
+ 'primary key' => array(array('server_url', 191), 'handle'),
));
$schema->ensureTable('oid_nonces',
array(
'salt' => array('type' => 'char', 'length' => 40),
),
'unique keys' => array(
- 'oid_nonces_server_url_timestamp_salt_key' => array(array('server_url', 255), 'timestamp', 'salt'),
+ 'oid_nonces_server_url_timestamp_salt_key' => array(array('server_url', 191), 'timestamp', 'salt'),
),
));
function onPluginVersion(&$versions)
{
$versions[] = array('name' => 'OpenID',
- 'version' => STATUSNET_VERSION,
+ 'version' => GNUSOCIAL_VERSION,
'author' => 'Evan Prodromou, Craig Andrews',
'homepage' => 'http://status.net/wiki/Plugin:OpenID',
'rawdescription' =>
oid_assert_allowed($openid_url);
$returnto = common_local_url(
- 'ApiOauthAuthorize',
+ 'ApiOAuthAuthorize',
array(),
array(
'oauth_token' => $action->arg('oauth_token'),
* Webfinger identity to services that support it. See
* http://webfinger.org/login for an example.
*
- * @param XRD &$xrd Currently-displaying XRD object
- * @param User $user The user that it's for
+ * @param XML_XRD $xrd Currently-displaying resource descriptor
+ * @param Profile $target The profile that it's for
*
* @return boolean hook value (always true)
*/
- function onEndXrdActionLinks(&$xrd, $user)
+ function onEndWebFingerProfileLinks(XML_XRD $xrd, Profile $target)
{
- $profile = $user->getProfile();
-
- if (!empty($profile)) {
- $xrd->links[] = array('rel' => 'http://specs.openid.net/auth/2.0/provider',
- 'href' => $profile->profileurl);
- }
+ $xrd->links[] = new XML_XRD_Element_Link(
+ 'http://specs.openid.net/auth/2.0/provider',
+ $target->profileurl);
return true;
}