Merge branch 'master' of gitorious.org:statusnet/mainline into testing

[quix0rs-gnu-social.git] / plugins / OpenID / openid.php

diff --git a/plugins/OpenID/openid.php b/plugins/OpenID/openid.php
index 1524389177eb5ee0e6eb158655539927ec30b343..5ee9343d2818715c9e4f802510d8f98f695be52c 100644 (file)
--- a/plugins/OpenID/openid.php
+++ b/plugins/OpenID/openid.php
@@ -164,6 +164,15 @@ function oid_authenticate($openid_url, $returnto, $immediate=false)
         $auth_request->addExtension($sreg_request);
     }
 
+    $requiredTeam = common_config('openid', 'required_team');
+    if ($requiredTeam) {
+        // LaunchPad OpenID extension
+        $team_request = new Auth_OpenID_TeamsRequest(array($requiredTeam));
+        if ($team_request) {
+            $auth_request->addExtension($team_request);
+        }
+    }
+
     $trust_root = common_root_url(true);
     $process_url = common_local_url($returnto);
 
@@ -286,6 +295,33 @@ function oid_assert_allowed($url)
     return;
 }
 
+/**
+ * Check the teams available in the given OpenID response
+ * Using Launchpad's OpenID teams extension
+ *
+ * @return boolean whether this user is acceptable
+ */
+function oid_check_teams($response)
+{
+    $requiredTeam = common_config('openid', 'required_team');
+    if ($requiredTeam) {
+        $team_resp = new Auth_OpenID_TeamsResponse($response);
+        if ($team_resp) {
+            $teams = $team_resp->getTeams();
+        } else {
+            $teams = array();
+        }
+
+        $match = in_array($requiredTeam, $teams);
+        $is = $match ? 'is' : 'is not';
+        common_log(LOG_DEBUG, "Remote user $is in required team $requiredTeam: [" . implode(', ', $teams) . "]");
+
+        return $match;
+    }
+
+    return true;
+}
+
 class AutosubmitAction extends Action
 {
     var $form_html = null;
@@ -299,11 +335,21 @@ class AutosubmitAction extends Action
 
     function title()
     {
-        return _m('OpenID Auto-Submit');
+        return _m('OpenID Login Submission');
     }
 
     function showContent()
     {
+        $this->raw('<p style="margin: 20px 80px">');
+        // @fixme this would be better using standard CSS class, but the present theme's a bit scary.
+        $this->element('img', array('src' => Theme::path('images/icons/icon_processing.gif', 'base'),
+                                    // for some reason the base CSS sets <img>s as block display?!
+                                    'style' => 'display: inline'));
+        $this->text(_m('Requesting authorization from your login provider...'));
+        $this->raw('</p>');
+        $this->raw('<p style="margin-top: 60px; font-style: italic">');
+        $this->text(_m('If you are not redirected to your login provider in a few seconds, try pushing the button below.'));
+        $this->raw('</p>');
         $this->raw($this->form_html);
     }
 
@@ -311,8 +357,6 @@ class AutosubmitAction extends Action
     {
         parent::showScripts();
         $this->element('script', null,
-                       '$(document).ready(function() { ' .
-                       '    $(\'#'. $this->form_id .'\').submit(); '.
-                       '});');
+                       'document.getElementById(\'' . $this->form_id . '\').submit();');
     }
 }