Added a configuration option to disable OpenID.

If $config['openid']['enabled'] is set to false, OpenID is removed from
the navigation and direct accesses to OpenID login pages redirect to the
login page.

If OpenID is enabled, $config['site']['openidonly'] is ignored, i.e.
OpenID is required to go OpenID-only.

diff --git a/README b/README
index e37934aaabed15fb7d8da41627cc6b6fccb8200d..023061b8056232e80e7b994836d5da889483811e 100644 (file)
--- a/README
+++ b/README
@@ -1169,6 +1169,14 @@ For configuring invites.
 
 enabled: Whether to allow users to send invites. Default true.
 
+openid
+------
+
+For configuring OpenID.
+
+enabled: Whether to allow users to register and login using OpenID. Default
+        true.
+
 tag
 ---
 

diff --git a/actions/finishopenidlogin.php b/actions/finishopenidlogin.php
index ba1e933e3e13156c3baa7eee56638e139c21b71e..a291958261eff2c9222da5a0099a2074de4bf88e 100644 (file)
--- a/actions/finishopenidlogin.php
+++ b/actions/finishopenidlogin.php
@@ -30,7 +30,9 @@ class FinishopenidloginAction extends Action
     function handle($args)
     {
         parent::handle($args);
-        if (common_is_real_login()) {
+        if (!common_config('openid', 'enabled')) {
+            common_redirect(common_local_url('login'));
+        } else if (common_is_real_login()) {
             $this->clientError(_('Already logged in.'));
         } else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             $token = $this->trimmed('token');

diff --git a/actions/login.php b/actions/login.php
index c20854f15b36f6e719e582fc278f5c934d73f0ce..6f1b4777e5ddb2f8960ab4a80c4e8e61480922de 100644 (file)
--- a/actions/login.php
+++ b/actions/login.php
@@ -251,11 +251,15 @@ class LoginAction extends Action
             return _('For security reasons, please re-enter your ' .
                      'user name and password ' .
                      'before changing your settings.');
-        } else {
+        } else if (common_config('openid', 'enabled')) {
             return _('Login with your username and password. ' .
                      'Don\'t have a username yet? ' .
                      '[Register](%%action.register%%) a new account, or ' .
                      'try [OpenID](%%action.openidlogin%%). ');
+        } else {
+            return _('Login with your username and password. ' .
+                     'Don\'t have a username yet? ' .
+                     '[Register](%%action.register%%) a new account.');
         }
     }
 

diff --git a/actions/openidlogin.php b/actions/openidlogin.php
index a8d052096ca470712c43b78e0a2988c6546a5605..744aae7136a851d2604a6525706d5568898f5e29 100644 (file)
--- a/actions/openidlogin.php
+++ b/actions/openidlogin.php
@@ -26,7 +26,9 @@ class OpenidloginAction extends Action
     function handle($args)
     {
         parent::handle($args);
-        if (common_is_real_login()) {
+        if (!common_config('openid', 'enabled')) {
+            common_redirect(common_local_url('login'));
+        } else if (common_is_real_login()) {
             $this->clientError(_('Already logged in.'));
         } else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             $openid_url = $this->trimmed('openid_url');

diff --git a/actions/openidsettings.php b/actions/openidsettings.php
index 5f59ebc014d57bfe9ff4a1279dc3a4714e98fb72..40a480dc43e9182e8222e5274bc32413778b1ece 100644 (file)
--- a/actions/openidsettings.php
+++ b/actions/openidsettings.php
@@ -82,6 +82,12 @@ class OpenidsettingsAction extends AccountSettingsAction
 
     function showContent()
     {
+        if (!common_config('openid', 'enabled')) {
+            $this->element('div', array('class' => 'error'),
+                           _('OpenID is not available.'));
+            return;
+        }
+
         $user = common_current_user();
 
         $this->elementStart('form', array('method' => 'post',

diff --git a/actions/register.php b/actions/register.php
index 046a76b80ed0ce989e076b9d4eac1f9b6ed56072..683d21af82c1b22ed102e4b2781e288da80298cf 100644 (file)
--- a/actions/register.php
+++ b/actions/register.php
@@ -329,14 +329,22 @@ class RegisterAction extends Action
         } else if ($this->error) {
             $this->element('p', 'error', $this->error);
         } else {
-            $instr =
-              common_markup_to_html(_('With this form you can create '.
-                                      ' a new account. ' .
-                                      'You can then post notices and '.
-                                      'link up to friends and colleagues. '.
-                                      '(Have an [OpenID](http://openid.net/)? ' .
-                                      'Try our [OpenID registration]'.
-                                      '(%%action.openidlogin%%)!)'));
+            if (common_config('openid', 'enabled')) {
+                $instr =
+                  common_markup_to_html(_('With this form you can create '.
+                                          ' a new account. ' .
+                                          'You can then post notices and '.
+                                          'link up to friends and colleagues. '.
+                                          '(Have an [OpenID](http://openid.net/)? ' .
+                                          'Try our [OpenID registration]'.
+                                          '(%%action.openidlogin%%)!)'));
+            } else {
+                $instr =
+                  common_markup_to_html(_('With this form you can create '.
+                                          ' a new account. ' .
+                                          'You can then post notices and '.
+                                          'link up to friends and colleagues.'));
+            }
 
             $this->elementStart('div', 'instructions');
             $this->raw($instr);

diff --git a/config.php.sample b/config.php.sample
index 8b4b777f2206218abfa02ed560e817af0b094625..1dc123aafe688a0804828e8a8b051430ee0f0518 100644 (file)
--- a/config.php.sample
+++ b/config.php.sample
@@ -99,6 +99,9 @@ $config['sphinx']['port'] = 3312;
 // $config['xmpp']['public'][] = 'someindexer@example.net';
 // $config['xmpp']['debug'] = false;
 
+// Disable OpenID
+// $config['openid']['enabled'] = false;
+
 // Turn off invites
 // $config['invite']['enabled'] = false;
 

diff --git a/lib/accountsettingsaction.php b/lib/accountsettingsaction.php
index 4ab50abcef1134a50282bbdfb64a45a4696fa972..1a21d871ed592c5ea5926ab77b937e2e9ced8411 100644 (file)
--- a/lib/accountsettingsaction.php
+++ b/lib/accountsettingsaction.php
@@ -126,6 +126,10 @@ class AccountSettingsNav extends Widget
         $this->action->elementStart('ul', array('class' => 'nav'));
 
         foreach ($menu as $menuaction => $menudesc) {
+            if ($menuaction == 'openidsettings' &&
+                !common_config('openid', 'enabled')) {
+                continue;
+            }
             $this->action->menuItem(common_local_url($menuaction),
                                    $menudesc[0],
                                    $menudesc[1],

diff --git a/lib/action.php b/lib/action.php
index 1bdc4daea7cd73eef4ef56ca781eb3d802d9947b..092a0ec9a8ea7d43bbaf0764cfedb35ba6d13da2 100644 (file)
--- a/lib/action.php
+++ b/lib/action.php
@@ -443,7 +443,8 @@ class Action extends HTMLOutputter // lawsuit
                     }
                     $this->menuItem(common_local_url('login'),
                                     _('Login'), _('Login to the site'), false, 'nav_login');
-                } else {
+                }
+                if (common_config('openid', 'enabled')) {
                     $this->menuItem(common_local_url('openidlogin'),
                                     _('OpenID'), _('Login with OpenID'), false, 'nav_openid');
                 }

diff --git a/lib/common.php b/lib/common.php
index f26155e70eddc67aa94619d2dbaea04477a53d17..3fc047af94093d90ab955252ca6ca8466ed2f5f5 100644 (file)
--- a/lib/common.php
+++ b/lib/common.php
@@ -170,6 +170,8 @@ $config =
               'host' => null, # only set if != server
               'debug' => false, # print extra debug info
               'public' => array()), # JIDs of users who want to receive the public stream
+        'openid' =>
+        array('enabled' => true),
         'invite' =>
         array('enabled' => true),
         'sphinx' =>
@@ -371,6 +373,12 @@ if ($_db_name != 'laconica' && !array_key_exists('ini_'.$_db_name, $config['db']
     $config['db']['ini_'.$_db_name] = INSTALLDIR.'/classes/laconica.ini';
 }
 
+// Ignore openidonly if OpenID is disabled
+
+if (!$config['openid']['enabled']) {
+    $config['site']['openidonly'] = false;
+}
+
 // XXX: how many of these could be auto-loaded on use?
 
 require_once 'Validate.php';

diff --git a/lib/logingroupnav.php b/lib/logingroupnav.php
index 919fd3db9c002e339b34582fb20b5b14d34f1801..2fb1828d6b079ef0b4c49e8305cc5f1ecc4f1ef3 100644 (file)
--- a/lib/logingroupnav.php
+++ b/lib/logingroupnav.php
@@ -80,8 +80,10 @@ class LoginGroupNav extends Widget
                                     _('Sign up for a new account'));
             }
         }
-        $menu['openidlogin'] = array(_('OpenID'),
-                               _('Login or register with OpenID'));
+        if (common_config('openid', 'enabled')) {
+            $menu['openidlogin'] = array(_('OpenID'),
+                                   _('Login or register with OpenID'));
+        }
 
         $action_name = $this->action->trimmed('action');
         $this->action->elementStart('ul', array('class' => 'nav'));