]> git.mxchange.org Git - quix0rs-gnu-social.git/commitdiff
Initial OpenID+OAuth thingy.
authorBrion Vibber <brion@pobox.com>
Wed, 20 Oct 2010 22:59:27 +0000 (15:59 -0700)
committerBrion Vibber <brion@pobox.com>
Wed, 20 Oct 2010 22:59:27 +0000 (15:59 -0700)
actions/apioauthauthorize.php
plugins/OpenID/OpenIDPlugin.php

index 0e61cdf2c94468380a929de7ad2ca5ec2f700ef7..b603dce4a1fabdf542c18e433dc1efb85939f605 100644 (file)
@@ -157,9 +157,13 @@ class ApiOauthAuthorizeAction extends Action
 
             // XXX Force credentials check?
 
-            // XXX OpenID
+            // @fixme this should probably use a unified login form handler
+            $user = null;
+            if (Event::handle('StartOAuthLoginCheck', array($this, &$user))) {
+                $user = common_check_user($this->nickname, $this->password);
+            }
+            Event::handle('EndOAuthLoginCheck', array($this, &$user));
 
-            $user = common_check_user($this->nickname, $this->password);
             if (empty($user)) {
                 // TRANS: Form validation error given when an invalid username and/or password was passed to the OAuth API.
                 $this->showForm(_("Invalid nickname / password!"));
@@ -344,21 +348,24 @@ class ApiOauthAuthorizeAction extends Action
         $this->elementEnd('ul');
 
         if (!common_logged_in()) {
-            $this->elementStart('fieldset');
-            // TRANS: Fieldset legend.
-            $this->element('legend', null, _m('LEGEND','Account'));
-            $this->elementStart('ul', 'form_data');
-            $this->elementStart('li');
-            // TRANS: Field label on OAuth API authorisation form.
-            $this->input('nickname', _('Nickname'));
-            $this->elementEnd('li');
-            $this->elementStart('li');
-            // TRANS: Field label on OAuth API authorisation form.
-            $this->password('password', _('Password'));
-            $this->elementEnd('li');
-            $this->elementEnd('ul');
-
-            $this->elementEnd('fieldset');
+            if (Event::handle('StartOAuthLoginForm', array($this))) {
+                $this->elementStart('fieldset');
+                // TRANS: Fieldset legend.
+                $this->element('legend', null, _m('LEGEND','Account'));
+                $this->elementStart('ul', 'form_data');
+                $this->elementStart('li');
+                // TRANS: Field label on OAuth API authorisation form.
+                $this->input('nickname', _('Nickname'));
+                $this->elementEnd('li');
+                $this->elementStart('li');
+                // TRANS: Field label on OAuth API authorisation form.
+                $this->password('password', _('Password'));
+                $this->elementEnd('li');
+                $this->elementEnd('ul');
+
+                $this->elementEnd('fieldset');
+            }
+            Event::handle('EndOAuthLoginForm', array($this));
         }
 
         $this->element('input', array('id' => 'cancel_submit',
index a033a50109087cd887487987cac5ba51bbdbf99a..0fa50139d7218dacb53f2ec0a462e429aa1ab17c 100644 (file)
@@ -654,4 +654,91 @@ class OpenIDPlugin extends Plugin
                             _m('Use <a href="http://openid.net/">OpenID</a> to login to the site.'));
         return true;
     }
+
+    function onStartOAuthLoginForm($action)
+    {
+        if (common_config('site', 'openidonly')) {
+            // Cancel the regular password login form, we won't need it.
+            $this->showOAuthLoginForm($action);
+            return false;
+        } else {
+            // Leave the regular password login form in place.
+            // We'll add an OpenID link at bottom...?
+            return true;
+        }
+    }
+
+    /**
+     * @fixme merge with common code for main OpenID login form
+     * @param HTMLOutputter $action
+     */
+    protected function showOAuthLoginForm($action)
+    {
+        $action->elementStart('ul', 'form_data');
+        $action->elementStart('li');
+        $provider = common_config('openid', 'trusted_provider');
+        $appendUsername = common_config('openid', 'append_username');
+        if ($provider) {
+            $action->element('label', array(), _m('OpenID provider'));
+            $action->element('span', array(), $provider);
+            if ($appendUsername) {
+                $action->element('input', array('id' => 'openid_username',
+                                              'name' => 'openid_username',
+                                              'style' => 'float: none'));
+            }
+            $action->element('p', 'form_guide',
+                           ($appendUsername ? _m('Enter your username.') . ' ' : '') .
+                           _m('You will be sent to the provider\'s site for authentication.'));
+            $action->hidden('openid_url', $provider);
+        } else {
+            // TRANS: OpenID plugin logon form field label.
+            $action->input('openid_url', _m('OpenID URL'),
+                         '',
+                        // TRANS: OpenID plugin logon form field instructions.
+                         _m('Your OpenID URL'));
+        }
+        $action->elementEnd('li');
+        $action->elementEnd('ul');
+    }
+
+    /**
+     * Handle a POST user credential check in apioauthauthorization.
+     * If given an OpenID URL, we'll pass us over to the regular things
+     * and then redirect back here on completion.
+     *
+     * @fixme merge with common code for main OpenID login form
+     * @param HTMLOutputter $action
+     */
+    function onStartOAuthLoginCheck($action, &$user)
+    {
+        $provider = common_config('openid', 'trusted_provider');
+        if ($provider) {
+            $openid_url = $provider;
+            if (common_config('openid', 'append_username')) {
+                $openid_url .= $action->trimmed('openid_username');
+            }
+        } else {
+            $openid_url = $action->trimmed('openid_url');
+        }
+
+        if ($openid_url) {
+            require_once dirname(__FILE__) . '/openid.php';
+            oid_assert_allowed($openid_url);
+
+            $returnto = common_local_url('ApiOauthAuthorize', array(),
+                    array('oauth_token' => $action->arg('oauth_token')));
+            common_set_returnto($returnto);
+
+            // This will redirect if functional...
+            $result = oid_authenticate($openid_url,
+                                       'finishopenidlogin');
+            if (is_string($result)) { # error message
+                throw new ServerException($result);
+            } else {
+                exit(0);
+            }
+        }
+
+        return true;
+    }
 }