X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=lib%2Fopenid.php;h=111cc4a0cb4f235f16c0ff6acff392613b9b2eef;hb=0ba99486039b10686a520e22ef50385625e5b9ae;hp=c2804155470b8f93f76544bee5706416fccae1bd;hpb=23c0b1f48241e198a631f333a3d6e5faedab0279;p=quix0rs-gnu-social.git diff --git a/lib/openid.php b/lib/openid.php index c280415547..111cc4a0cb 100644 --- a/lib/openid.php +++ b/lib/openid.php @@ -26,6 +26,11 @@ require_once('Auth/OpenID/Consumer.php'); require_once('Auth/OpenID/SReg.php'); require_once('Auth/OpenID/MySQLStore.php'); +# About one year cookie expiry + +define('OPENID_COOKIE_EXPIRY', round(365.25 * 24 * 60 * 60)); +define('OPENID_COOKIE_KEY', 'lastusedopenid'); + function oid_store() { static $store = NULL; if (!$store) { @@ -43,6 +48,24 @@ function oid_consumer() { return $consumer; } +function oid_clear_last() { + if (oid_get_last()) { + oid_set_last(''); + } +} + +function oid_set_last($openid_url) { + global $config; + setcookie(OPENID_COOKIE_KEY, $openid_url, + time() + OPENID_COOKIE_EXPIRY, + '/' . $config['site']['path'] . '/', + $config['site']['server']); +} + +function oid_get_last() { + return $_COOKIE[OPENID_COOKIE_KEY]; +} + function oid_link_user($id, $canonical, $display) { $oid = new User_openid(); @@ -50,7 +73,7 @@ function oid_link_user($id, $canonical, $display) { $oid->canonical = $canonical; $oid->display = $display; $oid->created = DB_DataObject_Cast::dateTime(); - + if (!$oid->insert()) { $err = PEAR::getStaticProperty('DB_DataObject','lastError'); common_debug('DB error ' . $err->code . ': ' . $err->message, __FILE__); @@ -60,81 +83,143 @@ function oid_link_user($id, $canonical, $display) { return true; } -function oid_authenticate($openid_url, $returnto) { - - $consumer = oid_consumer(); - - if (!$consumer) { - common_server_error(_t('Cannot instantiate OpenID consumer object.')); - return false; - } +function oid_get_user($openid_url) { + $user = NULL; + $oid = User_openid::staticGet('canonical', $openid_url); + if ($oid) { + $user = User::staticGet('id', $oid->user_id); + } + return $user; +} - common_ensure_session(); +function oid_check_immediate($openid_url, $backto=NULL) { + if (!$backto) { + $backto = $_SERVER['PHP_SELF']; + } + common_ensure_session(); + $_SESSION['openid_immediate_backto'] = $backto; + oid_authenticate($openid_url, + 'finishimmediate', + true); +} - $auth_request = $consumer->begin($openid_url); +function oid_authenticate($openid_url, $returnto, $immediate=false) { - // Handle failure status return values. - if (!$auth_request) { - return _t('Not a valid OpenID.'); - } else if (Auth_OpenID::isFailure($auth_request)) { - return _t('OpenID failure: ') . $auth_request->message; + $consumer = oid_consumer(); + + if (!$consumer) { + common_server_error(_t('Cannot instantiate OpenID consumer object.')); + return false; + } + + common_ensure_session(); + + $auth_request = $consumer->begin($openid_url); + + // Handle failure status return values. + if (!$auth_request) { + return _t('Not a valid OpenID.'); + } else if (Auth_OpenID::isFailure($auth_request)) { + return _t('OpenID failure: ') . $auth_request->message; + } + + $sreg_request = Auth_OpenID_SRegRequest::build(// Required + array(), + // Optional + array('nickname', + 'email', + 'fullname', + 'language', + 'timezone', + 'postcode', + 'country')); + + if ($sreg_request) { + $auth_request->addExtension($sreg_request); + } + + $trust_root = common_local_url('public'); + $process_url = common_local_url($returnto); + + if ($auth_request->shouldSendRedirect()) { + $redirect_url = $auth_request->redirectURL($trust_root, + $process_url, + $immediate); + if (!$redirect_url) { + } else if (Auth_OpenID::isFailure($redirect_url)) { + return _t('Could not redirect to server: ') . $redirect_url->message; + } else { + common_redirect($redirect_url); } - - $sreg_request = Auth_OpenID_SRegRequest::build(// Required - array(), - // Optional - array('nickname', - 'email', - 'fullname', - 'language', - 'timezone', - 'postcode', - 'country')); - - if ($sreg_request) { - $auth_request->addExtension($sreg_request); + } else { + // Generate form markup and render it. + $form_id = 'openid_message'; + $form_html = $auth_request->formMarkup($trust_root, $process_url, + $immediate, array('id' => $form_id)); + + # XXX: This is cheap, but things choke if we don't escape ampersands + # in the HTML attributes + + $form_html = preg_replace('/&/', '&', $form_html); + + // Display an error if the form markup couldn't be generated; + // otherwise, render the HTML. + if (Auth_OpenID::isFailure($form_html)) { + $this->show_form(_t('Could not create OpenID form: ') . $form_html->message); + } else { + common_show_header(_t('OpenID Auto-Submit')); + common_element('p', 'instructions', + _t('This form should automatically submit itself. '. + 'If not, click the submit button to go to your '. + 'OpenID provider.')); + common_raw($form_html); + common_element('script', NULL, + '$(document).ready(function() { ' . + ' $("#'. $form_id .'").submit(); '. + '});'); + common_show_footer(); } + } +} + +# update a user from sreg parameters - $trust_root = common_root_url(); - $process_url = common_local_url($returnto); - - if ($auth_request->shouldSendRedirect()) { - $redirect_url = $auth_request->redirectURL($trust_root, - $process_url); - if (!$redirect_url) { - } else if (Auth_OpenID::isFailure($redirect_url)) { - return _t('Could not redirect to server: ') . $redirect_url->message; - } else { - common_redirect($redirect_url); - } +function oid_update_user(&$user, &$sreg) { + + $profile = $user->getProfile(); + + $orig_profile = clone($profile); + + if ($sreg['fullname'] && strlen($sreg['fullname']) <= 255) { + $profile->fullname = $sreg['fullname']; + } + + if ($sreg['country']) { + if ($sreg['postcode']) { + # XXX: use postcode to get city and region + # XXX: also, store postcode somewhere -- it's valuable! + $profile->location = $sreg['postcode'] . ', ' . $sreg['country']; } else { - // Generate form markup and render it. - $form_id = 'openid_message'; - $form_html = $auth_request->formMarkup($trust_root, $process_url, - false, array('id' => $form_id)); - - # XXX: This is cheap, but things choke if we don't escape ampersands - # in the HTML attributes - - $form_html = preg_replace('/&/', '&', $form_html); - - // Display an error if the form markup couldn't be generated; - // otherwise, render the HTML. - if (Auth_OpenID::isFailure($form_html)) { - $this->show_form(_t('Could not create OpenID form: ') . $form_html->message); - } else { - common_show_header(_t('OpenID Auto-Submit')); - common_element('p', 'instructions', - _t('This form should automatically submit itself. '. - 'If not, click the submit button to go to your '. - 'OpenID provider.')); - common_raw($form_html); - common_element('script', NULL, - '$(document).ready(function() { ' . - ' $("#'. $form_id .'").submit(); '. - '});'); - common_show_footer(); - } + $profile->location = $sreg['country']; } } -} \ No newline at end of file + + # XXX save language if it's passed + # XXX save timezone if it's passed + + if (!$profile->update($orig_profile)) { + common_server_error(_t('Error saving the profile.')); + return; + } + + $orig_user = clone($user); + + if ($sreg['email'] && Validate::email($sreg['email'], true)) { + $user->email = $sreg['email']; + } + + if (!$user->update($orig_user)) { + common_server_error(_t('Error saving the user.')); + return; + } +}