* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }
+if (!defined('STATUSNET')) {
+ exit(1);
+}
require_once INSTALLDIR.'/plugins/OpenID/openid.php';
{
parent::handle($args);
if (common_is_real_login()) {
+ // TRANS: Client error message trying to log on with OpenID while already logged on.
$this->clientError(_m('Already logged in.'));
} else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
+ // TRANS: Message given when there is a problem with the user's session token.
$this->showForm(_m('There was a problem with your session token. Try again, please.'));
return;
}
if ($this->arg('create')) {
if (!$this->boolean('license')) {
+ // TRANS: Message given if user does not agree with the site's license.
$this->showForm(_m('You can\'t register if you don\'t agree to the license.'),
$this->trimmed('newname'));
return;
} else if ($this->arg('connect')) {
$this->connectUser();
} else {
- common_debug(print_r($this->args, true), __FILE__);
- $this->showForm(_m('Something weird happened.'),
+ // TRANS: Messag given on an unknown error.
+ $this->showForm(_m('An unknown error has occured.'),
$this->trimmed('newname'));
}
} else {
$this->element('div', array('class' => 'error'), $this->error);
} else {
$this->element('div', 'instructions',
+ // TRANS: Instructions given after a first successful logon using OpenID.
+ // TRANS: %s is the site name.
sprintf(_m('This is the first time you\'ve logged into %s so we must connect your OpenID to a local account. You can either create a new account, or connect with your existing account, if you have one.'), common_config('site', 'name')));
}
}
function title()
{
+ // TRANS: Title
return _m('OpenID Account Setup');
}
$this->showPage();
}
+ /**
+ * @fixme much of this duplicates core code, which is very fragile.
+ * Should probably be replaced with an extensible mini version of
+ * the core registration form.
+ */
function showContent()
{
if (!empty($this->message_text)) {
return;
}
+ // We don't recognize this OpenID, so we're going to give the user
+ // two options, each in its own mini-form.
+ //
+ // First, they can create a new account using their OpenID auth
+ // info. The profile will be pre-populated with whatever name,
+ // email, and location we can get from the OpenID provider, so
+ // all we ask for is the license confirmation.
$this->elementStart('form', array('method' => 'post',
- 'id' => 'account_connect',
+ 'id' => 'account_create',
'class' => 'form_settings',
'action' => common_local_url('finishopenidlogin')));
$this->hidden('token', common_session_token());
'value' => 'true'));
$this->elementStart('label', array('for' => 'license',
'class' => 'checkbox'));
- $this->text(_m('My text and files are available under '));
- $this->element('a', array('href' => common_config('license', 'url')),
- common_config('license', 'title'));
- $this->text(_m(' except this private data: password, email address, IM address, phone number.'));
+ // TRANS: OpenID plugin link text.
+ // TRANS: %s is a link to a licese with the license name as link text.
+ $message = _('My text and files are available under %s ' .
+ 'except this private data: password, ' .
+ 'email address, IM address, and phone number.');
+ $link = '<a href="' .
+ htmlspecialchars(common_config('license', 'url')) .
+ '">' .
+ htmlspecialchars(common_config('license', 'title')) .
+ '</a>';
+ $this->raw(sprintf(htmlspecialchars($message), $link));
$this->elementEnd('label');
$this->elementEnd('li');
$this->elementEnd('ul');
- $this->submit('create', _m('Create'));
+ // TRANS: Button label in form in which to create a new user on the site for an OpenID.
+ $this->submit('create', _m('BUTTON', 'Create'));
$this->elementEnd('fieldset');
+ $this->elementEnd('form');
+ // The second option is to attach this OpenID to an existing account
+ // on the local system, which they need to provide a password for.
+ $this->elementStart('form', array('method' => 'post',
+ 'id' => 'account_connect',
+ 'class' => 'form_settings',
+ 'action' => common_local_url('finishopenidlogin')));
+ $this->hidden('token', common_session_token());
$this->elementStart('fieldset', array('id' => 'form_openid_createaccount'));
$this->element('legend', null,
+ // TRANS: Used as form legend for form in which to connect an OpenID to an existing user on the site.
_m('Connect existing account'));
$this->element('p', null,
+ // TRANS: User instructions for form in which to connect an OpenID to an existing user on the site.
_m('If you already have an account, login with your username and password to connect it to your OpenID.'));
$this->elementStart('ul', 'form_data');
$this->elementStart('li');
+ // TRANS: Field label in form in which to connect an OpenID to an existing user on the site.
$this->input('nickname', _m('Existing nickname'));
$this->elementEnd('li');
$this->elementStart('li');
+ // TRANS: Field label in form in which to connect an OpenID to an existing user on the site.
$this->password('password', _m('Password'));
$this->elementEnd('li');
$this->elementEnd('ul');
- $this->submit('connect', _m('Connect'));
+ // TRANS: Button label in form in which to connect an OpenID to an existing user on the site.
+ $this->submit('connect', _m('BUTTON', 'Connect'));
$this->elementEnd('fieldset');
$this->elementEnd('form');
}
$response = $consumer->complete(common_local_url('finishopenidlogin'));
if ($response->status == Auth_OpenID_CANCEL) {
+ // TRANS: Status message in case the response from the OpenID provider is that the logon attempt was cancelled.
$this->message(_m('OpenID authentication cancelled.'));
return;
} else if ($response->status == Auth_OpenID_FAILURE) {
- // Authentication failed; display the error message.
+ // TRANS: OpenID authentication failed; display the error message. %s is the error message.
$this->message(sprintf(_m('OpenID authentication failed: %s'), $response->message));
} else if ($response->status == Auth_OpenID_SUCCESS) {
// This means the authentication succeeded; extract the
$canonical = ($response->endpoint->canonicalID) ?
$response->endpoint->canonicalID : $response->getDisplayIdentifier();
+ oid_assert_allowed($display);
+ oid_assert_allowed($canonical);
+
$sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response);
if ($sreg_resp) {
$sreg = $sreg_resp->contents();
}
+ // Launchpad teams extension
+ if (!oid_check_teams($response)) {
+ $this->message(_m('OpenID authentication aborted: you are not allowed to login to this site.'));
+ return;
+ }
+
$user = oid_get_user($canonical);
if ($user) {
# FIXME: save invite code before redirect, and check here
if (common_config('site', 'closed')) {
+ // TRANS: OpenID plugin message. No new user registration is allowed on the site.
$this->clientError(_m('Registration not allowed.'));
return;
}
if (common_config('site', 'inviteonly')) {
$code = $_SESSION['invitecode'];
if (empty($code)) {
+ // TRANS: OpenID plugin message. No new user registration is allowed on the site without an invitation code, and none was provided.
$this->clientError(_m('Registration not allowed.'));
return;
}
$invite = Invitation::staticGet($code);
if (empty($invite)) {
+ // TRANS: OpenID plugin message. No new user registration is allowed on the site without an invitation code, and the one provided was not valid.
$this->clientError(_m('Not a valid invitation code.'));
return;
}
}
- $nickname = $this->trimmed('newname');
-
- if (!Validate::string($nickname, array('min_length' => 1,
- 'max_length' => 64,
- 'format' => NICKNAME_FMT))) {
- $this->showForm(_m('Nickname must have only lowercase letters and numbers and no spaces.'));
+ try {
+ $nickname = Nickname::normalize($this->trimmed('newname'));
+ } catch (NicknameException $e) {
+ $this->showForm($e->getMessage());
return;
}
if (!User::allowed_nickname($nickname)) {
+ // TRANS: OpenID plugin message. The entered new user name is blacklisted.
$this->showForm(_m('Nickname not allowed.'));
return;
}
if (User::staticGet('nickname', $nickname)) {
+ // TRANS: OpenID plugin message. The entered new user name is already used.
$this->showForm(_m('Nickname already in use. Try another one.'));
return;
}
list($display, $canonical, $sreg) = $this->getSavedValues();
if (!$display || !$canonical) {
+ // TRANS: OpenID plugin server error. A stored OpenID cannot be retrieved.
$this->serverError(_m('Stored OpenID not found.'));
return;
}
$other = oid_get_user($canonical);
if ($other) {
+ // TRANS: OpenID plugin server error.
$this->serverError(_m('Creating new account for OpenID that already has a user.'));
return;
}
+ Event::handle('StartOpenIDCreateNewUser', array($canonical, &$sreg));
+
$location = '';
if (!empty($sreg['country'])) {
if ($sreg['postcode']) {
$result = oid_link_user($user->id, $canonical, $display);
+ Event::handle('EndOpenIDCreateNewUser', array($user, $canonical, $sreg));
+
oid_set_last($display);
common_set_user($user);
common_real_login(true);
$password = $this->trimmed('password');
if (!common_check_user($nickname, $password)) {
+ // TRANS: OpenID plugin message.
$this->showForm(_m('Invalid username or password.'));
return;
}
list($display, $canonical, $sreg) = $this->getSavedValues();
if (!$display || !$canonical) {
+ // TRANS: OpenID plugin server error. A stored OpenID cannot be found.
$this->serverError(_m('Stored OpenID not found.'));
return;
}
$result = oid_link_user($user->id, $canonical, $display);
if (!$result) {
+ // TRANS: OpenID plugin server error. The user or user profile could not be saved.
$this->serverError(_m('Error connecting user to OpenID.'));
return;
}
- oid_update_user($user, $sreg);
+ if (Event::handle('StartOpenIDUpdateUser', array($user, $canonical, &$sreg))) {
+ oid_update_user($user, $sreg);
+ }
+ Event::handle('EndOpenIDUpdateUser', array($user, $canonical, $sreg));
+
oid_set_last($display);
common_set_user($user);
common_real_login(true);
if ($url) {
# We don't have to return to it again
common_set_returnto(null);
+ $url = common_inject_session($url);
} else {
$url = common_local_url('all',
array('nickname' =>
function isNewNickname($str)
{
- if (!Validate::string($str, array('min_length' => 1,
- 'max_length' => 64,
- 'format' => NICKNAME_FMT))) {
+ if (!Nickname::isValid($str)) {
return false;
}
if (!User::allowed_nickname($str)) {
function urlToNickname($openid)
{
- static $bad = array('query', 'user', 'password', 'port', 'fragment');
-
- $parts = parse_url($openid);
-
- # If any of these parts exist, this won't work
-
- foreach ($bad as $badpart) {
- if (array_key_exists($badpart, $parts)) {
- return null;
- }
- }
-
- # We just have host and/or path
-
- # If it's just a host...
- if (array_key_exists('host', $parts) &&
- (!array_key_exists('path', $parts) || strcmp($parts['path'], '/') == 0))
- {
- $hostparts = explode('.', $parts['host']);
-
- # Try to catch common idiom of nickname.service.tld
-
- if ((count($hostparts) > 2) &&
- (strlen($hostparts[count($hostparts) - 2]) > 3) && # try to skip .co.uk, .com.au
- (strcmp($hostparts[0], 'www') != 0))
- {
- return $this->nicknamize($hostparts[0]);
- } else {
- # Do the whole hostname
- return $this->nicknamize($parts['host']);
- }
- } else {
- if (array_key_exists('path', $parts)) {
- # Strip starting, ending slashes
- $path = preg_replace('@/$@', '', $parts['path']);
- $path = preg_replace('@^/@', '', $path);
- if (strpos($path, '/') === false) {
- return $this->nicknamize($path);
- }
- }
- }
-
- return null;
+ return common_url_to_nickname($openid);
}
function xriToNickname($xri)
function nicknamize($str)
{
- $str = preg_replace('/\W/', '', $str);
- return strtolower($str);
+ return common_nicknamize($str);
}
}