X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=plugins%2FOpenID%2Fopenid.php;h=91a34bd6e364edbe58b291519ef2dc938b6f2080;hb=b2f0595d04ae0d9304e3697e12610875ba9f9ffd;hp=4dc92469550fceee8896b6f72decaf5fb34baa5d;hpb=7005ef66617b265ddccdd9082c2368bf014a7e83;p=quix0rs-gnu-social.git

diff --git a/plugins/OpenID/openid.php b/plugins/OpenID/openid.php
index 4dc9246955..91a34bd6e3 100644
--- a/plugins/OpenID/openid.php
+++ b/plugins/OpenID/openid.php
@@ -17,9 +17,9 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }
-
-require_once(INSTALLDIR.'/plugins/OpenID/User_openid.php');
+if (!defined('STATUSNET')) {
+    exit(1);
+}
 
 require_once('Auth/OpenID.php');
 require_once('Auth/OpenID/Consumer.php');
@@ -27,7 +27,7 @@ require_once('Auth/OpenID/Server.php');
 require_once('Auth/OpenID/SReg.php');
 require_once('Auth/OpenID/MySQLStore.php');
 
-# About one year cookie expiry
+// About one year cookie expiry
 
 define('OPENID_COOKIE_EXPIRY', round(365.25 * 24 * 60 * 60));
 define('OPENID_COOKIE_KEY', 'lastusedopenid');
@@ -36,7 +36,7 @@ function oid_store()
 {
     static $store = null;
     if (!$store) {
-        # Can't be called statically
+        // Can't be called statically
         $user = new User();
         $conn = $user->getDatabaseConnection();
         $store = new Auth_OpenID_MySQLStore($conn);
@@ -85,15 +85,16 @@ function oid_get_last()
 
 function oid_link_user($id, $canonical, $display)
 {
+    global $_PEAR;
 
     $oid = new User_openid();
     $oid->user_id = $id;
     $oid->canonical = $canonical;
     $oid->display = $display;
-    $oid->created = DB_DataObject_Cast::dateTime();
+    $oid->created = common_sql_now();
 
     if (!$oid->insert()) {
-        $err = PEAR::getStaticProperty('DB_DataObject','lastError');
+        $err = &$_PEAR->getStaticProperty('DB_DataObject','lastError');
         return false;
     }
 
@@ -103,9 +104,9 @@ function oid_link_user($id, $canonical, $display)
 function oid_get_user($openid_url)
 {
     $user = null;
-    $oid = User_openid::staticGet('canonical', $openid_url);
+    $oid = User_openid::getKV('canonical', $openid_url);
     if ($oid) {
-        $user = User::staticGet('id', $oid->user_id);
+        $user = User::getKV('id', $oid->user_id);
     }
     return $user;
 }
@@ -145,12 +146,14 @@ function oid_authenticate($openid_url, $returnto, $immediate=false)
 
     // Handle failure status return values.
     if (!$auth_request) {
+        common_log(LOG_ERR, __METHOD__ . ": mystery fail contacting $openid_url");
         // TRANS: OpenID plugin message. Given when an OpenID is not valid.
         return _m('Not a valid OpenID.');
     } else if (Auth_OpenID::isFailure($auth_request)) {
+        common_log(LOG_ERR, __METHOD__ . ": OpenID fail to $openid_url: $auth_request->message");
         // TRANS: OpenID plugin server error. Given when the OpenID authentication request fails.
         // TRANS: %s is the failure message.
-        return sprintf(_m('OpenID failure: %s'), $auth_request->message);
+        return sprintf(_m('OpenID failure: %s.'), $auth_request->message);
     }
 
     $sreg_request = Auth_OpenID_SRegRequest::build(// Required
@@ -180,7 +183,19 @@ function oid_authenticate($openid_url, $returnto, $immediate=false)
     $trust_root = common_root_url(true);
     $process_url = common_local_url($returnto);
 
-    if ($auth_request->shouldSendRedirect()) {
+    // Net::OpenID::Server as used on LiveJournal appears to incorrectly
+    // reject POST requests for data submissions that OpenID 1.1 specs
+    // as GET, although 2.0 allows them:
+    // https://rt.cpan.org/Public/Bug/Display.html?id=42202
+    //
+    // Our OpenID libraries would have switched in the redirect automatically
+    // if it were detecting 1.1 compatibility mode, however the server is
+    // advertising itself as 2.0-compatible, so we got switched to the POST.
+    //
+    // Since the GET should always work anyway, we'll just take out the
+    // autosubmitter for now.
+    // 
+    //if ($auth_request->shouldSendRedirect()) {
         $redirect_url = $auth_request->redirectURL($trust_root,
                                                    $process_url,
                                                    $immediate);
@@ -188,18 +203,19 @@ function oid_authenticate($openid_url, $returnto, $immediate=false)
         } else if (Auth_OpenID::isFailure($redirect_url)) {
             // TRANS: OpenID plugin server error. Given when the OpenID authentication request cannot be redirected.
             // TRANS: %s is the failure message.
-            return sprintf(_m('Could not redirect to server: %s'), $redirect_url->message);
+            return sprintf(_m('Could not redirect to server: %s.'), $redirect_url->message);
         } else {
             common_redirect($redirect_url, 303);
         }
+    /*
     } else {
         // Generate form markup and render it.
         $form_id = 'openid_message';
         $form_html = $auth_request->formMarkup($trust_root, $process_url,
                                                $immediate, array('id' => $form_id));
 
-        # XXX: This is cheap, but things choke if we don't escape ampersands
-        # in the HTML attributes
+        // XXX: This is cheap, but things choke if we don't escape ampersands
+        // in the HTML attributes
 
         $form_html = preg_replace('/&/', '&amp;', $form_html);
 
@@ -217,9 +233,10 @@ function oid_authenticate($openid_url, $returnto, $immediate=false)
             $action->handle(array('action' => 'autosubmit'));
         }
     }
+    */
 }
 
-# Half-assed attempt at a module-private function
+// Half-assed attempt at a module-private function
 
 function _oid_print_instructions()
 {
@@ -230,11 +247,14 @@ function _oid_print_instructions()
                       'OpenID provider.'));
 }
 
-# update a user from sreg parameters
-
-function oid_update_user(&$user, &$sreg)
+/**
+ * Update a user from sreg parameters
+ * @param User $user
+ * @param array $sreg fields from OpenID sreg response
+ * @access private
+ */
+function oid_update_user($user, $sreg)
 {
-
     $profile = $user->getProfile();
 
     $orig_profile = clone($profile);
@@ -245,16 +265,16 @@ function oid_update_user(&$user, &$sreg)
 
     if (!empty($sreg['country'])) {
         if ($sreg['postcode']) {
-            # XXX: use postcode to get city and region
-            # XXX: also, store postcode somewhere -- it's valuable!
+            // XXX: use postcode to get city and region
+            // XXX: also, store postcode somewhere -- it's valuable!
             $profile->location = $sreg['postcode'] . ', ' . $sreg['country'];
         } else {
             $profile->location = $sreg['country'];
         }
     }
 
-    # XXX save language if it's passed
-    # XXX save timezone if it's passed
+    // XXX save language if it's passed
+    // XXX save timezone if it's passed
 
     if (!$profile->update($orig_profile)) {
         // TRANS: OpenID plugin server error.
@@ -300,7 +320,7 @@ function oid_assert_allowed($url)
                 }
             }
             // TRANS: OpenID plugin client exception (403).
-            throw new ClientException(_m("Unauthorized URL used for OpenID login."), 403);
+            throw new ClientException(_m('Unauthorized URL used for OpenID login.'), 403);
         }
     }
 
@@ -354,7 +374,7 @@ class AutosubmitAction extends Action
     function showContent()
     {
         $this->raw('<p style="margin: 20px 80px">');
-        // @fixme this would be better using standard CSS class, but the present theme's a bit scary.
+        // @todo FIXME: This would be better using standard CSS class, but the present theme's a bit scary.
         $this->element('img', array('src' => Theme::path('images/icons/icon_processing.gif', 'base'),
                                     // for some reason the base CSS sets <img>s as block display?!
                                     'style' => 'display: inline'));