From c93547b080226231a641df10bb5a8675c36dee53 Mon Sep 17 00:00:00 2001 From: Diogo Cordeiro Date: Mon, 10 Jun 2019 04:11:26 +0100 Subject: [PATCH] [OpenID] Added support for GS's Internal Session Handler --- locale/statusnet.pot | 128 ++++++++++------------ plugins/OpenID/actions/openidsettings.php | 11 +- plugins/OpenID/locale/OpenID.pot | 46 ++++---- plugins/OpenID/openid.php | 37 ++++++- 4 files changed, 119 insertions(+), 103 deletions(-) diff --git a/locale/statusnet.pot b/locale/statusnet.pot index 7c340c9394..c95949f2f1 100644 --- a/locale/statusnet.pot +++ b/locale/statusnet.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2019-06-09 18:01+0100\n" +"POT-Creation-Date: 2019-06-10 16:37+0100\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -4849,41 +4849,39 @@ msgid "No uploaded file." msgstr "" #. TRANS: Client exception thrown when an uploaded file is larger than set in php.ini. -#: actions/restoreaccount.php:131 lib/mediafile.php:198 +#: actions/restoreaccount.php:131 msgid "The uploaded file exceeds the upload_max_filesize directive in php.ini." msgstr "" #. TRANS: Client exception. -#: actions/restoreaccount.php:136 lib/mediafile.php:203 +#: actions/restoreaccount.php:136 msgid "" "The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in " "the HTML form." msgstr "" #. TRANS: Client exception. -#: actions/restoreaccount.php:141 lib/mediafile.php:208 +#: actions/restoreaccount.php:141 lib/mediafile.php:341 msgid "The uploaded file was only partially uploaded." msgstr "" #. TRANS: Client exception thrown when a temporary folder is not present to store a file upload. -#: actions/restoreaccount.php:148 lib/mediafile.php:215 +#: actions/restoreaccount.php:148 lib/mediafile.php:347 msgid "Missing a temporary folder." msgstr "" #. TRANS: Client exception thrown when writing to disk is not possible during a file upload operation. -#: actions/restoreaccount.php:151 lib/mediafile.php:218 +#: actions/restoreaccount.php:151 lib/mediafile.php:350 msgid "Failed to write file to disk." msgstr "" #. TRANS: Client exception thrown when a file upload operation has been stopped by an extension. -#: actions/restoreaccount.php:154 lib/mediafile.php:221 +#: actions/restoreaccount.php:154 lib/mediafile.php:353 msgid "File upload stopped by extension." msgstr "" #. TRANS: Client exception thrown when a file upload operation has failed with an unknown reason. -#. TRANS: Exception thrown when uploading an image fails for an unknown reason. -#. TRANS: Client exception thrown when a file upload operation has failed with an unknown reason. -#: actions/restoreaccount.php:159 lib/imagefile.php:205 lib/mediafile.php:226 +#: actions/restoreaccount.php:159 lib/mediafile.php:357 msgid "System error uploading file." msgstr "" @@ -6381,14 +6379,14 @@ msgstr "" #. TRANS: Message used to be inserted as %2$s in the text "No file may #. TRANS: be larger than %1$d byte and the file you sent was %2$s.". #. TRANS: %1$d is the number of bytes of an uploaded file. -#: classes/File.php:220 +#: classes/File.php:243 #, php-format msgid "%1$d byte" msgid_plural "%1$d bytes" msgstr[0] "" msgstr[1] "" -#: classes/File.php:228 +#: classes/File.php:253 #, php-format msgid "" "No file may be larger than %1$d byte and the file you sent was %2$s. Try to " @@ -6399,21 +6397,21 @@ msgid_plural "" msgstr[0] "" msgstr[1] "" -#: classes/File.php:244 +#: classes/File.php:275 #, php-format msgid "A file this large would exceed your user quota of %d byte." msgid_plural "A file this large would exceed your user quota of %d bytes." msgstr[0] "" msgstr[1] "" -#: classes/File.php:257 +#: classes/File.php:293 #, php-format msgid "A file this large would exceed your monthly quota of %d byte." msgid_plural "A file this large would exceed your monthly quota of %d bytes." msgstr[0] "" msgstr[1] "" -#: classes/File.php:326 +#: classes/File.php:367 msgid "Blacklisted file extension." msgstr "" @@ -8338,74 +8336,29 @@ msgid "Could not GET URL %s." msgstr "" #. TRANS: Exception thrown when trying to upload an unsupported image file format. -#: lib/imagefile.php:88 +#: lib/imagefile.php:70 msgid "Unsupported image format." msgstr "" -#: lib/imagefile.php:129 +#: lib/imagefile.php:118 msgid "File without filename could not get a thumbnail source." msgstr "" -#: lib/imagefile.php:144 +#: lib/imagefile.php:133 msgid "Unsupported media format." msgstr "" -#. TRANS: Exception thrown when too large a file is uploaded. -#. TRANS: %s is the maximum file size, for example "500b", "10kB" or "2MB". -#: lib/imagefile.php:191 -#, php-format -msgid "That file is too big. The maximum file size is %s." -msgstr "" - -#. TRANS: Exception thrown when uploading an image and that action could not be completed. -#: lib/imagefile.php:196 -msgid "Partial upload." -msgstr "" - -#: lib/imagefile.php:200 -msgid "No file uploaded." -msgstr "" - -#. TRANS: Exception thrown when uploading a file as image that is not an image or is a corrupt file. -#: lib/imagefile.php:213 -msgid "Not an image or corrupt file." -msgstr "" - #. TRANS: Exception thrown during resize when image has been registered as present, but is no longer there. -#: lib/imagefile.php:251 +#: lib/imagefile.php:256 msgid "Lost our file." msgstr "" #. TRANS: Exception thrown when trying to resize an unknown file type. #. TRANS: Exception thrown when trying resize an unknown file type. -#: lib/imagefile.php:320 lib/imagefile.php:364 +#: lib/imagefile.php:334 lib/imagefile.php:393 msgid "Unknown file type" msgstr "" -#. TRANS: Number of megabytes. %d is the number. -#: lib/imagefile.php:408 -#, php-format -msgid "%dMB" -msgid_plural "%dMB" -msgstr[0] "" -msgstr[1] "" - -#. TRANS: Number of kilobytes. %d is the number. -#: lib/imagefile.php:412 -#, php-format -msgid "%dkB" -msgid_plural "%dkB" -msgstr[0] "" -msgstr[1] "" - -#. TRANS: Number of bytes. %d is the number. -#: lib/imagefile.php:415 -#, php-format -msgid "%dB" -msgid_plural "%dB" -msgstr[0] "" -msgstr[1] "" - #. TRANS: Body text for confirmation code e-mail. #. TRANS: %1$s is a user nickname, %2$s is the StatusNet sitename, #. TRANS: %3$s is the display name of an IM plugin. @@ -8811,21 +8764,56 @@ msgid "" msgstr "" #. TRANS: Client exception thrown when a database error was thrown during a file upload operation. -#: lib/mediafile.php:134 lib/mediafile.php:181 +#: lib/mediafile.php:189 lib/mediafile.php:245 msgid "There was a database error while saving your file. Please try again." msgstr "" +#. TRANS: Number of megabytes. %d is the number. +#: lib/mediafile.php:260 +#, php-format +msgid "%dMB" +msgid_plural "%dMB" +msgstr[0] "" +msgstr[1] "" + +#. TRANS: Number of kilobytes. %d is the number. +#: lib/mediafile.php:264 +#, php-format +msgid "%dkB" +msgid_plural "%dkB" +msgstr[0] "" +msgstr[1] "" + +#. TRANS: Number of bytes. %d is the number. +#: lib/mediafile.php:267 +#, php-format +msgid "%dB" +msgid_plural "%dB" +msgstr[0] "" +msgstr[1] "" + +#: lib/mediafile.php:335 +#, php-format +msgid "That file is too big. The maximum file size is %s." +msgstr "" + #. TRANS: Client exception thrown when a file upload operation fails because the file could #. TRANS: not be moved from the temporary folder to the permanent file location. -#: lib/mediafile.php:247 lib/mediafile.php:273 lib/mediafile.php:305 -#: lib/mediafile.php:330 +#. UX: too specific +#. TRANS: Client exception thrown when a file upload operation fails because the file could +#. TRANS: not be moved from the temporary folder to the permanent file location. +#: lib/mediafile.php:390 lib/mediafile.php:435 lib/mediafile.php:459 msgid "File could not be moved to destination directory." msgstr "" +#: lib/mediafile.php:564 +msgid "Could not determine file's MIME type." +msgstr "" + #. TRANS: Client exception thrown trying to upload a forbidden MIME type. #. TRANS: %1$s is the file type that was denied, %2$s is the application part of #. TRANS: the MIME type that was denied. -#: lib/mediafile.php:391 +#: lib/mediafile.php:606 #, php-format msgid "" "\"%1$s\" is not a supported file type on this server. Try using another %2$s " @@ -8834,7 +8822,7 @@ msgstr "" #. TRANS: Client exception thrown trying to upload a forbidden MIME type. #. TRANS: %s is the file type that was denied. -#: lib/mediafile.php:396 +#: lib/mediafile.php:611 #, php-format msgid "\"%s\" is not a supported file type on this server." msgstr "" diff --git a/plugins/OpenID/actions/openidsettings.php b/plugins/OpenID/actions/openidsettings.php index ccfda63799..c3573f9b25 100644 --- a/plugins/OpenID/actions/openidsettings.php +++ b/plugins/OpenID/actions/openidsettings.php @@ -93,7 +93,7 @@ class OpenidsettingsAction extends SettingsAction 'action' => common_local_url('openidsettings')]); $this->elementStart('fieldset', ['id' => 'settings_openid_add']); - + // TRANS: Fieldset legend. $this->element('legend', null, _m('LEGEND', 'Add OpenID')); $this->hidden('token', common_session_token()); @@ -127,7 +127,7 @@ class OpenidsettingsAction extends SettingsAction if ($cnt > 0) { // TRANS: Header on OpenID settings page. $this->element('h2', null, _m('HEADER', 'OpenID Actions')); - + if ($cnt == 1 && !$this->scoped->hasPassword()) { $this->element('p', 'form_guide', // TRANS: Form guide. @@ -218,7 +218,7 @@ class OpenidsettingsAction extends SettingsAction // TRANS: Button text to remove an OpenID trustroot. $this->submit('settings_openid_trustroots_action-submit', _m('BUTTON', 'Remove'), 'submit', 'remove_trustroots'); $this->elementEnd('fieldset'); - + $prefs = User_openid_prefs::getKV('user_id', $this->scoped->getID()); $this->elementStart('fieldset'); @@ -247,9 +247,8 @@ class OpenidsettingsAction extends SettingsAction // TRANS: Form validation error if no OpenID providers can be added. throw new ServerException(_m('Cannot add new providers.')); } else { - common_ensure_session(); $_SESSION['openid_synch'] = $this->boolean('openid-synch'); - + $result = oid_authenticate($this->trimmed('openid_url'), 'finishaddopenid'); if (is_string($result)) { // error message unset($_SESSION['openid-synch']); @@ -335,7 +334,7 @@ class OpenidsettingsAction extends SettingsAction if (!$oid instanceof User_openid) { throw new ClientException(_m('No such OpenID.')); } - + $result = oid_authenticate($this->trimmed('openid_url'), 'finishsynchopenid'); if (is_string($result)) { // error message throw new ServerException($result); diff --git a/plugins/OpenID/locale/OpenID.pot b/plugins/OpenID/locale/OpenID.pot index c7a3751225..8fea95e2b3 100644 --- a/plugins/OpenID/locale/OpenID.pot +++ b/plugins/OpenID/locale/OpenID.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2019-06-10 15:40+0100\n" +"POT-Creation-Date: 2019-06-10 16:49+0100\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -205,40 +205,40 @@ msgid "Cannot add new providers." msgstr "" #. TRANS: Unexpected form validation error. -#: actions/openidsettings.php:271 +#: actions/openidsettings.php:270 msgid "No known action for POST." msgstr "" #. TRANS: Form validation error when trying to remove a non-existing trustroot. -#: actions/openidsettings.php:293 +#: actions/openidsettings.php:292 msgid "No such OpenID trustroot." msgstr "" #. TRANS: Success message after removing trustroots. -#: actions/openidsettings.php:298 +#: actions/openidsettings.php:297 msgid "Trustroots removed." msgstr "" #. TRANS: Form validation error for a non-existing OpenID. -#: actions/openidsettings.php:315 actions/openidsettings.php:336 +#: actions/openidsettings.php:314 actions/openidsettings.php:335 msgid "No such OpenID." msgstr "" #. TRANS: Form validation error if OpenID is connected to another user. -#: actions/openidsettings.php:319 +#: actions/openidsettings.php:318 msgid "That OpenID does not belong to you." msgstr "" #. TRANS: Success message after removing an OpenID. -#: actions/openidsettings.php:323 +#: actions/openidsettings.php:322 msgid "OpenID removed." msgstr "" -#: actions/openidsettings.php:343 +#: actions/openidsettings.php:342 msgid "Synchronized OpenID." msgstr "" -#: actions/openidsettings.php:375 +#: actions/openidsettings.php:374 msgid "OpenID preferences saved." msgstr "" @@ -670,68 +670,72 @@ msgstr "" msgid "OpenID provider" msgstr "" -#: openid.php:136 +#: openid.php:64 +msgid "Unknown DB type for OpenID." +msgstr "" + +#: openid.php:161 msgid "No valid URL provided for OpenID." msgstr "" #. TRANS: OpenID plugin server error. -#: openid.php:143 +#: openid.php:168 msgid "Cannot instantiate OpenID consumer object." msgstr "" #. TRANS: OpenID plugin message. Given when an OpenID is not valid. -#: openid.php:154 +#: openid.php:179 msgid "Not a valid OpenID." msgstr "" #. TRANS: OpenID plugin server error. Given when the OpenID authentication request fails. #. TRANS: %s is the failure message. -#: openid.php:159 +#: openid.php:184 #, php-format msgid "OpenID failure: %s." msgstr "" #. TRANS: OpenID plugin server error. Given when the OpenID authentication request cannot be redirected. #. TRANS: %s is the failure message. -#: openid.php:208 +#: openid.php:233 #, php-format msgid "Could not redirect to server: %s." msgstr "" #. TRANS: OpenID plugin user instructions. -#: openid.php:246 +#: openid.php:271 msgid "" "This form should automatically submit itself. If not, click the submit " "button to go to your OpenID provider." msgstr "" #. TRANS: OpenID plugin server error. -#: openid.php:282 +#: openid.php:307 msgid "Error saving the profile." msgstr "" #. TRANS: OpenID plugin server error. -#: openid.php:294 +#: openid.php:319 msgid "Error saving the user." msgstr "" #. TRANS: OpenID plugin client exception (403). -#: openid.php:324 +#: openid.php:349 msgid "Unauthorized URL used for OpenID login." msgstr "" #. TRANS: Title -#: openid.php:372 +#: openid.php:397 msgid "OpenID Login Submission" msgstr "" #. TRANS: OpenID plugin message used while requesting authorization user's OpenID login provider. -#: openid.php:383 +#: openid.php:408 msgid "Requesting authorization from your login provider..." msgstr "" #. TRANS: OpenID plugin message. User instruction while requesting authorization user's OpenID login provider. -#: openid.php:387 +#: openid.php:412 msgid "" "If you are not redirected to your login provider in a few seconds, try " "pushing the button below." diff --git a/plugins/OpenID/openid.php b/plugins/OpenID/openid.php index 25811d88b2..174357f231 100644 --- a/plugins/OpenID/openid.php +++ b/plugins/OpenID/openid.php @@ -35,11 +35,34 @@ define('OPENID_COOKIE_KEY', 'lastusedopenid'); function oid_store() { static $store = null; - if (!$store) { - // Can't be called statically - $user = new User(); - $conn = $user->getDatabaseConnection(); - $store = new Auth_OpenID_MySQLStore($conn); + if (is_null($store)) { + // To create a new Database connection is an absolute must + // because database is in transaction (auto-commit = false) + // mode during OpenID operation + // Is a must because our Internal Session Handler uses database + // and depends on auto-commit = true + $dsn = common_config('db', 'database'); + $options = PEAR::getStaticProperty('DB', 'options'); + + if (!is_array($options)) { + $options = []; + } + $db = DB::connect($dsn, $options); + + if (PEAR::isError($db)) { + throw new ServerException($db->getMessage()); + } + + switch (common_config('db', 'type')) { + case 'mysql': + $store = new Auth_OpenID_MySQLStore($db); + break; + case 'postgresql': + $store = new Auth_OpenID_PostgreSQLStore($db); + break; + default: + throw new ServerException(_m('Unknown DB type for OpenID.')); + } } return $store; } @@ -47,6 +70,8 @@ function oid_store() function oid_consumer() { $store = oid_store(); + // No need to declare a Yadis Session Handler + common_ensure_session(); // This is transparent to OpenID's eyes $consumer = new Auth_OpenID_Consumer($store); return $consumer; } @@ -197,7 +222,7 @@ function oid_authenticate($openid_url, $returnto, $immediate=false) // // Since the GET should always work anyway, we'll just take out the // autosubmitter for now. - // + // //if ($auth_request->shouldSendRedirect()) { $redirect_url = $auth_request->redirectURL($trust_root, $process_url, -- 2.39.5