]> git.mxchange.org Git - friendica.git/commitdiff
Changed OpenID registration
authorMichael <heluecht@pirati.ca>
Thu, 24 Oct 2019 20:23:26 +0000 (20:23 +0000)
committerMichael <heluecht@pirati.ca>
Thu, 24 Oct 2019 20:23:26 +0000 (20:23 +0000)
mod/openid.php
mod/settings.php
src/Model/User.php
src/Module/Login.php
view/templates/field_openid.tpl
view/templates/login.tpl
view/theme/frio/templates/field_openid.tpl
view/theme/frio/templates/login.tpl
view/theme/frio/templates/settings/settings.tpl

index 2bb7f495431d348c1295a1737c9bb68243762528..1f63a12de1beebf43a7165a9c9db88a510d0dcfa 100644 (file)
@@ -24,7 +24,7 @@ function openid_content(App $a) {
                $openid = new LightOpenID($a->getHostName());
 
                if ($openid->validate()) {
-                       $authid = $openid->identity;
+                       $authid = $openid->data['openid_identity'];
 
                        if (empty($authid)) {
                                Logger::log(L10n::t('OpenID protocol error. No ID returned.') . EOL);
@@ -54,55 +54,22 @@ function openid_content(App $a) {
                        }
 
                        // Successful OpenID login - but we can't match it to an existing account.
-                       // New registration?
-
-                       if (intval(Config::get('config', 'register_policy')) === \Friendica\Module\Register::CLOSED) {
-                               notice(L10n::t('Account not found and OpenID registration is not permitted on this site.') . EOL);
-                               $a->internalRedirect();
-                       }
-
                        unset($_SESSION['register']);
-                       $args = '';
-                       $attr = $openid->getAttributes();
-                       if (is_array($attr) && count($attr)) {
-                               foreach ($attr as $k => $v) {
-                                       if ($k === 'namePerson/friendly') {
-                                               $nick = Strings::escapeTags(trim($v));
-                                       }
-                                       if ($k === 'namePerson/first') {
-                                               $first = Strings::escapeTags(trim($v));
-                                       }
-                                       if ($k === 'namePerson') {
-                                               $args .= '&username=' . urlencode(Strings::escapeTags(trim($v)));
-                                       }
-                                       if ($k === 'contact/email') {
-                                               $args .= '&email=' . urlencode(Strings::escapeTags(trim($v)));
-                                       }
-                                       if ($k === 'media/image/aspect11') {
-                                               $photosq = bin2hex(trim($v));
-                                       }
-                                       if ($k === 'media/image/default') {
-                                               $photo = bin2hex(trim($v));
-                                       }
-                               }
-                       }
-                       if (!empty($nick)) {
-                               $args .= '&nickname=' . urlencode($nick);
-                       } elseif (!empty($first)) {
-                               $args .= '&nickname=' . urlencode($first);
-                       }
-
-                       if (!empty($photosq)) {
-                               $args .= '&photo=' . urlencode($photosq);
-                       } elseif (!empty($photo)) {
-                               $args .= '&photo=' . urlencode($photo);
-                       }
+                       Session::set('openid_attributes', $openid->getAttributes());
+                       Session::set('openid_identity', $authid);
 
-                       $args .= '&openid_url=' . urlencode(Strings::escapeTags(trim($authid)));
+                       // Detect the server URL
+                       $open_id_obj = new LightOpenID($a->getHostName());
+                       $open_id_obj->identity = $authid;
+                       Session::set('openid_server', $open_id_obj->discover($open_id_obj->identity));
 
-                       $a->internalRedirect('register?' . $args);
+                       if (intval(Config::get('config', 'register_policy')) === \Friendica\Module\Register::CLOSED) {
+                               notice(L10n::t('Account not found. Please login to your existing account to add the OpenID to it.') . EOL);
+                       } else {
+                               notice(L10n::t('Account not found. Please register a new account or login to your existing account to add the OpenID to it.') . EOL);
+                       }
 
-                       // NOTREACHED
+                       $a->internalRedirect('login');
                }
        }
        notice(L10n::t('Login failed.') . EOL);
index b5011881cb9b5871308dba82c7d5f4211c955589..74dc8936dda148164bf8980938da24033c66d554 100644 (file)
@@ -426,7 +426,6 @@ function settings_post(App $a)
        $language         = (!empty($_POST['language'])   ? Strings::escapeTags(trim($_POST['language']))     : '');
 
        $defloc           = (!empty($_POST['defloc'])     ? Strings::escapeTags(trim($_POST['defloc']))       : '');
-       $openid           = (!empty($_POST['openid_url']) ? Strings::escapeTags(trim($_POST['openid_url']))   : '');
        $maxreq           = (!empty($_POST['maxreq'])     ? intval($_POST['maxreq'])             : 0);
        $expire           = (!empty($_POST['expire'])     ? intval($_POST['expire'])             : 0);
        $def_gid          = (!empty($_POST['group-selection']) ? intval($_POST['group-selection']) : 0);
@@ -438,6 +437,8 @@ function settings_post(App $a)
        $expire_photos    = (!empty($_POST['expire_photos'])? intval($_POST['expire_photos'])    : 0);
        $expire_network_only    = (!empty($_POST['expire_network_only'])? intval($_POST['expire_network_only'])  : 0);
 
+       $delete_openid    = ((!empty($_POST['delete_openid']) && (intval($_POST['delete_openid']) == 1)) ? 1: 0);
+
        $allow_location   = ((!empty($_POST['allow_location']) && (intval($_POST['allow_location']) == 1)) ? 1: 0);
        $publish          = ((!empty($_POST['profile_in_directory']) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0);
        $net_publish      = ((!empty($_POST['profile_in_netdirectory']) && (intval($_POST['profile_in_netdirectory']) == 1)) ? 1: 0);
@@ -538,21 +539,6 @@ function settings_post(App $a)
        $str_group_deny    = !empty($_POST['group_deny'])    ? perms2str($_POST['group_deny'])    : '';
        $str_contact_deny  = !empty($_POST['contact_deny'])  ? perms2str($_POST['contact_deny'])  : '';
 
-       $openidserver = $a->user['openidserver'];
-       //$openid = Strings::normaliseOpenID($openid);
-
-       // If openid has changed or if there's an openid but no openidserver, try and discover it.
-       if ($openid != $a->user['openid'] || (strlen($openid) && (!strlen($openidserver)))) {
-               if (Network::isUrlValid($openid)) {
-                       Logger::log('updating openidserver');
-                       $open_id_obj = new LightOpenID($a->getHostName());
-                       $open_id_obj->identity = $openid;
-                       $openidserver = $open_id_obj->discover($open_id_obj->identity);
-               } else {
-                       $openidserver = '';
-               }
-       }
-
        PConfig::set(local_user(), 'expire', 'items', $expire_items);
        PConfig::set(local_user(), 'expire', 'notes', $expire_notes);
        PConfig::set(local_user(), 'expire', 'starred', $expire_starred);
@@ -576,41 +562,17 @@ function settings_post(App $a)
                }
        }
 
+       $fields = ['username' => $username, 'email' => $email, 'timezone' => $timezone,
+               'allow_cid' => $str_contact_allow, 'allow_gid' => $str_group_allow, 'deny_cid' => $str_contact_deny, 'deny_gid' => $str_group_deny,
+               'notify-flags' => $notify, 'page-flags' => $notify, 'account-type' => $account_type, 'default-location' => $defloc,
+               'allow_location' => $allow_location, 'maxreq' => $maxreq, 'expire' => $expire, 'def_gid' => $def_gid, 'blockwall' => $blockwall,
+               'hidewall' => $hide_wall, 'blocktags' => $blocktags, 'unkmail' => $unkmail, 'cntunkmail' => $cntunkmail, 'language' => $language];
 
-       $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s',
-                               `openid` = '%s', `timezone` = '%s',
-                               `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s',
-                               `notify-flags` = %d, `page-flags` = %d, `account-type` = %d, `default-location` = '%s',
-                               `allow_location` = %d, `maxreq` = %d, `expire` = %d, `openidserver` = '%s',
-                               `def_gid` = %d, `blockwall` = %d, `hidewall` = %d, `blocktags` = %d,
-                               `unkmail` = %d, `cntunkmail` = %d, `language` = '%s'
-                       WHERE `uid` = %d",
-                       DBA::escape($username),
-                       DBA::escape($email),
-                       DBA::escape($openid),
-                       DBA::escape($timezone),
-                       DBA::escape($str_contact_allow),
-                       DBA::escape($str_group_allow),
-                       DBA::escape($str_contact_deny),
-                       DBA::escape($str_group_deny),
-                       intval($notify),
-                       intval($page_flags),
-                       intval($account_type),
-                       DBA::escape($defloc),
-                       intval($allow_location),
-                       intval($maxreq),
-                       intval($expire),
-                       DBA::escape($openidserver),
-                       intval($def_gid),
-                       intval($blockwall),
-                       intval($hidewall),
-                       intval($blocktags),
-                       intval($unkmail),
-                       intval($cntunkmail),
-                       DBA::escape($language),
-                       intval(local_user())
-       );
-       if (DBA::isResult($r)) {
+       if ($delete_openid) {
+               $fields['openid'] = '';
+               $fields['openidserver'] = '';
+       }
+       if (DBA::update('user', $fields, ['uid' => local_user()])) {
                info(L10n::t('Settings updated.') . EOL);
        }
 
@@ -1075,7 +1037,7 @@ function settings_content(App $a)
        if ($noid) {
                $openid_field = false;
        } else {
-               $openid_field = ['openid_url', L10n::t('OpenID:'), $openid, L10n::t("\x28Optional\x29 Allow this OpenID to login to this account."), "", "", "url"];
+               $openid_field = ['openid_url', L10n::t('OpenID:'), $openid, L10n::t("\x28Optional\x29 Allow this OpenID to login to this account."), "", "readonly", "url"];
        }
 
        $opt_tpl = Renderer::getMarkupTemplate("field_yesno.tpl");
@@ -1185,6 +1147,7 @@ function settings_content(App $a)
                '$password4'=> ['mpassword', L10n::t('Password:'), '', L10n::t('Your current password to confirm the changes')],
                '$oid_enable' => (!Config::get('system', 'no_openid')),
                '$openid'       => $openid_field,
+               '$delete_openid' => ['delete_openid', L10n::t('Delete OpenID URL'), false, ''],
 
                '$h_basic'      => L10n::t('Basic Settings'),
                '$username' => ['username',  L10n::t('Full Name:'), $username, ''],
index 499c55330bd5516c7be0dbe816b868a53e9fb4d0..b4da6d25685c8d608923e55d59f3f832615e3fac 100644 (file)
@@ -622,6 +622,7 @@ class User
                        }
                }
 
+               /// @todo Check if this part is really needed. We should have fetched all this data in advance
                if (empty($username) || empty($email) || empty($nickname)) {
                        if ($openid_url) {
                                if (!Network::isUrlValid($openid_url)) {
index b67f48fb95daca5be645f7f3104ef6a12c0b277e..895da7bdbf7fff2055563e450bb1f8b41fe40066 100644 (file)
@@ -43,6 +43,9 @@ class Login extends BaseModule
 
        public static function post()
        {
+               $openid_identity = Session::get('openid_identity');
+               $openid_server = Session::get('openid_server');
+
                $return_path = Session::get('return_path');
                session_unset();
                Session::set('return_path', $return_path);
@@ -62,7 +65,9 @@ class Login extends BaseModule
                        self::passwordAuthentication(
                                trim($_POST['username']),
                                trim($_POST['password']),
-                               !empty($_POST['remember'])
+                               !empty($_POST['remember']),
+                               $openid_identity,
+                               $openid_server
                        );
                }
        }
@@ -91,9 +96,10 @@ class Login extends BaseModule
                try {
                        $openid = new LightOpenID($a->getHostName());
                        $openid->identity = $openid_url;
-                       $_SESSION['openid'] = $openid_url;
-                       $_SESSION['remember'] = $remember;
+                       Session::set('openid', $openid_url);
+                       Session::set('remember', $remember);
                        $openid->returnUrl = $a->getBaseURL(true) . '/openid';
+                       $openid->optional = ['namePerson/friendly', 'contact/email', 'namePerson', 'namePerson/first', 'media/image/aspect11', 'media/image/default'];
                        System::externalRedirect($openid->authUrl());
                } catch (Exception $e) {
                        notice(L10n::t('We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.') . '<br /><br >' . L10n::t('The error message was:') . ' ' . $e->getMessage());
@@ -103,12 +109,14 @@ class Login extends BaseModule
        /**
         * Attempts to authenticate using login/password
         *
-        * @param string $username User name
-        * @param string $password Clear password
-        * @param bool   $remember Whether to set the session remember flag
+        * @param string $username        User name
+        * @param string $password        Clear password
+        * @param bool   $remember        Whether to set the session remember flag
+        * @param string $openid_identity OpenID identity
+        * @param string $openid_server   OpenID URL
         * @throws \Friendica\Network\HTTPException\InternalServerErrorException
         */
-       private static function passwordAuthentication($username, $password, $remember)
+       private static function passwordAuthentication($username, $password, $remember, $openid_identity, $openid_server)
        {
                $record = null;
 
@@ -156,6 +164,10 @@ class Login extends BaseModule
                Session::set('remember', $remember);
                Session::set('last_login_date', DateTimeFormat::utcNow());
 
+               if (!empty($openid_identity) || !empty($openid_server)) {
+                       DBA::update('user', ['openid' => $openid_identity, 'openidserver' => $openid_server], ['uid' => $record['uid']]);
+               }
+
                Session::setAuthenticatedForUser($a, $record, true, true);
 
                $return_path = Session::get('return_path', '');
@@ -286,16 +298,23 @@ class Login extends BaseModule
        {
                $a = self::getApp();
                $o = '';
+
+               $noid = Config::get('system', 'no_openid');
+
+               if ($noid) {
+                       Session::remove('openid_identity');
+                       Session::remove('openid_attributes');
+               }
+
                $reg = false;
                if ($register && intval($a->getConfig()->get('config', 'register_policy')) !== Register::CLOSED) {
                        $reg = [
                                'title' => L10n::t('Create a New Account'),
-                               'desc' => L10n::t('Register')
+                               'desc' => L10n::t('Register'),
+                               'url' => self::getRegisterURL()
                        ];
                }
 
-               $noid = Config::get('system', 'no_openid');
-
                if (is_null($return_path)) {
                        $return_path = $a->query_string;
                }
@@ -314,6 +333,18 @@ class Login extends BaseModule
                        $_SESSION['return_path'] = $return_path;
                }
 
+               if (!empty(Session::get('openid_identity'))) {
+                       $openid_title = L10n::t('Your OpenID: ');
+                       $openid_readonly = true;
+                       $identity = Session::get('openid_identity');
+                       $username_desc = L10n::t('Please enter your username and password to add the OpenID to your existing account.');
+               } else {
+                       $openid_title = L10n::t('Or login using OpenID: ');
+                       $openid_readonly = false;
+                       $identity = '';
+                       $username_desc = '';
+               }
+
                $o .= Renderer::replaceMacros(
                        $tpl,
                        [
@@ -321,12 +352,12 @@ class Login extends BaseModule
                                '$logout'       => L10n::t('Logout'),
                                '$login'        => L10n::t('Login'),
 
-                               '$lname'        => ['username', L10n::t('Nickname or Email: '), '', ''],
+                               '$lname'        => ['username', L10n::t('Nickname or Email: '), '', $username_desc],
                                '$lpassword'    => ['password', L10n::t('Password: '), '', ''],
                                '$lremember'    => ['remember', L10n::t('Remember me'), 0,  ''],
 
                                '$openid'       => !$noid,
-                               '$lopenid'      => ['openid_url', L10n::t('Or login using OpenID: '), '', ''],
+                               '$lopenid'      => ['openid_url', $openid_title, $identity, '', $openid_readonly],
 
                                '$hiddens'      => $hiddens,
 
@@ -347,4 +378,56 @@ class Login extends BaseModule
 
                return $o;
        }
+
+       /**
+        * Get the URL to the register page and add OpenID parameters to it
+        */
+       private static function getRegisterURL()
+       {
+               if (empty(Session::get('openid_identity'))) {
+                       return 'register';
+               }
+
+               $args = '';
+               $attr = Session::get('openid_attributes') ?? [];
+
+               if (is_array($attr) && count($attr)) {
+                       foreach ($attr as $k => $v) {
+                               if ($k === 'namePerson/friendly') {
+                                       $nick = Strings::escapeTags(trim($v));
+                               }
+                               if ($k === 'namePerson/first') {
+                                       $first = Strings::escapeTags(trim($v));
+                               }
+                               if ($k === 'namePerson') {
+                                       $args .= '&username=' . urlencode(Strings::escapeTags(trim($v)));
+                               }
+                               if ($k === 'contact/email') {
+                                       $args .= '&email=' . urlencode(Strings::escapeTags(trim($v)));
+                               }
+                               if ($k === 'media/image/aspect11') {
+                                       $photosq = bin2hex(trim($v));
+                               }
+                               if ($k === 'media/image/default') {
+                                       $photo = bin2hex(trim($v));
+                               }
+                       }
+               }
+
+               if (!empty($nick)) {
+                       $args .= '&nickname=' . urlencode($nick);
+               } elseif (!empty($first)) {
+                       $args .= '&nickname=' . urlencode($first);
+               }
+
+               if (!empty($photosq)) {
+                       $args .= '&photo=' . urlencode($photosq);
+               } elseif (!empty($photo)) {
+                       $args .= '&photo=' . urlencode($photo);
+               }
+
+               $args .= '&openid_url=' . urlencode(Strings::escapeTags(trim(Session::get('openid_identity'))));
+
+               return 'register?' . $args;
+       }
 }
index 5faa8c7e96bbc5000ae22007bcafa867684f9880..3c7d02bb8e02a36e69d0f638f6a749e6481811a3 100644 (file)
@@ -1,7 +1,7 @@
        
        <div class='field input openid' id='wrapper_{{$field.0}}'>
                <label for='id_{{$field.0}}'>{{$field.1}}</label>
-               <input name='{{$field.0}}' id='id_{{$field.0}}' type="text" value="{{$field.2 nofilter}}" aria-describedby='{{$field.0}}_tip'>
+               <input name='{{$field.0}}' id='id_{{$field.0}}' type="text" value="{{$field.2 nofilter}}" {{if $field.4}} readonly="readonly" {{/if}} aria-describedby='{{$field.0}}_tip'>
                {{if $field.3}}
                <span class="field_help" role="tooltip" id="{{$field.0}}_tip">{{$field.3 nofilter}}</span>
                {{/if}}
index 19db6afc7c6240174e0f757cec748049c5a8fa50..733c218164a764397721219f7973c64a61d15742 100644 (file)
@@ -36,7 +36,7 @@
 {{if $register}}
 <div id="login-extra-links">
        <h3 id="login-head" class="sr-only">{{$register.title}}</h3>
-       <a href="register" title="{{$register.title}}" id="register-link">{{$register.desc}}</a>
+       <a href="{{$register.url}}" title="{{$register.title}}" id="register-link">{{$register.desc}}</a>
 </div>
 {{/if}}
 
index b05270de31a8d76a7f1a0c4c4f797a4033c86140..bae9cb4fc417ac1b0b6a2625119a376f6aebc9e3 100644 (file)
@@ -1,7 +1,7 @@
 
 <div id="id_{{$field.0}}_wrapper" class="form-group field input openid">
        <label for="id_{{$field.0}}" id="label_{{$field.0}}">{{$field.1}}</label>
-       <input class="form-control" name="{{$field.0}}" id="id_{{$field.0}}" type="text" value="{{$field.2 nofilter}}" aria-describedby="{{$field.0}}_tip">
+       <input class="form-control" name="{{$field.0}}" id="id_{{$field.0}}" type="text" value="{{$field.2 nofilter}}" {{if $field.4}} readonly="readonly" {{/if}} aria-describedby="{{$field.0}}_tip">
        {{if $field.3}}
        <span class="help-block" id="{{$field.0}}_tip" role="tooltip">{{$field.3 nofilter}}</span>
        {{/if}}
index ebbdeee41066a98a5a1acabdbfcc0a737197663f..09df08bd0ad982a009e382660d4cc4a94b69d4b1 100644 (file)
@@ -40,7 +40,7 @@
 {{if $register}}
 <div id="login-extra-links">
        <h3 id="login-head" class="sr-only">{{$register.title}}</h3>
-       <a href="register" title="{{$register.title}}" id="register-link" class="btn btn-default">{{$register.desc}}</a>
+       <a href="{{$register.url}}" title="{{$register.title}}" id="register-link" class="btn btn-default">{{$register.desc}}</a>
 </div>
 {{/if}}
 
index 81db6a0af85d6079e99afdf2c54f4ee47c4ff28d..700c2c06c4c24d4d6ffe458059ee8d31c197fa92 100644 (file)
@@ -26,6 +26,7 @@
 
                                                {{if $oid_enable}}
                                                {{include file="field_input.tpl" field=$openid}}
+                                               {{include file="field_checkbox.tpl" field=$delete_openid}}
                                                {{/if}}
 
                                                <div class="form-group pull-right settings-submit-wrapper" >