2008-06-18 14:26:38 +09:00
< ? php
/*
2009-08-26 07:14:12 +09:00
* StatusNet - the distributed open - source microblogging tool
2009-08-26 07:12:20 +09:00
* Copyright ( C ) 2008 , 2009 , StatusNet , Inc .
2008-06-18 14:26:38 +09:00
*
* This program is free software : you can redistribute it and / or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation , either version 3 of the License , or
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU Affero General Public License for more details .
*
* You should have received a copy of the GNU Affero General Public License
* along with this program . If not , see < http :// www . gnu . org / licenses />.
*/
2010-10-09 03:23:53 +09:00
if ( ! defined ( 'STATUSNET' )) {
exit ( 1 );
}
2008-06-18 14:26:38 +09:00
2009-08-04 20:45:16 +09:00
require_once INSTALLDIR . '/plugins/OpenID/openid.php' ;
2008-06-18 14:26:38 +09:00
2008-12-24 04:49:23 +09:00
class FinishopenidloginAction extends Action
{
2009-01-23 08:30:57 +09:00
var $error = null ;
var $username = null ;
var $message = null ;
2008-06-18 14:26:38 +09:00
2008-12-24 04:33:23 +09:00
function handle ( $args )
{
2008-12-24 04:19:07 +09:00
parent :: handle ( $args );
2009-08-22 05:38:39 +09:00
if ( common_is_real_login ()) {
2010-05-01 06:07:19 +09:00
// TRANS: Client error message trying to log on with OpenID while already logged on.
2009-12-09 05:17:11 +09:00
$this -> clientError ( _m ( 'Already logged in.' ));
2008-12-24 04:19:07 +09:00
} else if ( $_SERVER [ 'REQUEST_METHOD' ] == 'POST' ) {
$token = $this -> trimmed ( 'token' );
if ( ! $token || $token != common_session_token ()) {
2010-05-01 06:07:19 +09:00
// TRANS: Message given when there is a problem with the user's session token.
2009-12-09 05:17:11 +09:00
$this -> showForm ( _m ( 'There was a problem with your session token. Try again, please.' ));
2008-12-24 04:19:07 +09:00
return ;
}
if ( $this -> arg ( 'create' )) {
if ( ! $this -> boolean ( 'license' )) {
2010-05-01 06:07:19 +09:00
// TRANS: Message given if user does not agree with the site's license.
2011-04-28 03:37:44 +09:00
$this -> showForm ( _m ( 'You cannot register if you do not agree to the license.' ),
2009-01-23 08:30:57 +09:00
$this -> trimmed ( 'newname' ));
2008-12-24 04:19:07 +09:00
return ;
}
2009-01-23 08:30:57 +09:00
$this -> createNewUser ();
2008-12-24 04:19:07 +09:00
} else if ( $this -> arg ( 'connect' )) {
2009-01-23 08:30:57 +09:00
$this -> connectUser ();
2008-12-24 04:19:07 +09:00
} else {
2010-05-01 06:07:19 +09:00
// TRANS: Messag given on an unknown error.
$this -> showForm ( _m ( 'An unknown error has occured.' ),
2009-01-23 08:30:57 +09:00
$this -> trimmed ( 'newname' ));
2008-12-24 04:19:07 +09:00
}
} else {
2009-01-23 08:30:57 +09:00
$this -> tryLogin ();
2008-12-24 04:19:07 +09:00
}
}
2009-01-23 08:30:57 +09:00
function showPageNotice ()
2008-12-24 04:33:23 +09:00
{
2009-01-23 08:30:57 +09:00
if ( $this -> error ) {
$this -> element ( 'div' , array ( 'class' => 'error' ), $this -> error );
2008-12-24 04:19:07 +09:00
} else {
2009-01-16 07:57:15 +09:00
$this -> element ( 'div' , 'instructions' ,
2010-05-01 06:07:19 +09:00
// TRANS: Instructions given after a first successful logon using OpenID.
// TRANS: %s is the site name.
2011-04-28 03:37:44 +09:00
sprintf ( _m ( 'This is the first time you have logged into %s so we must connect your OpenID to a local account. You can either create a new account, or connect with your existing account, if you have one.' ), common_config ( 'site' , 'name' )));
2008-12-24 04:19:07 +09:00
}
}
2009-01-23 08:30:57 +09:00
function title ()
2008-12-24 04:33:23 +09:00
{
2010-05-01 06:07:19 +09:00
// TRANS: Title
2011-04-28 03:37:44 +09:00
return _m ( 'TITLE' , 'OpenID Account Setup' );
2009-01-23 08:30:57 +09:00
}
function showForm ( $error = null , $username = null )
{
$this -> error = $error ;
$this -> username = $username ;
$this -> showPage ();
}
2010-04-10 02:11:11 +09:00
/**
* @ fixme much of this duplicates core code , which is very fragile .
* Should probably be replaced with an extensible mini version of
* the core registration form .
*/
2009-01-23 08:30:57 +09:00
function showContent ()
{
2009-02-18 13:22:56 +09:00
if ( ! empty ( $this -> message_text )) {
2009-07-18 11:55:59 +09:00
$this -> element ( 'div' , array ( 'class' => 'error' ), $this -> message_text );
2009-01-23 08:30:57 +09:00
return ;
}
2008-12-24 04:19:07 +09:00
2010-12-02 05:21:00 +09:00
// We don't recognize this OpenID, so we're going to give the user
// two options, each in its own mini-form.
//
// First, they can create a new account using their OpenID auth
// info. The profile will be pre-populated with whatever name,
// email, and location we can get from the OpenID provider, so
// all we ask for is the license confirmation.
2009-01-16 07:57:15 +09:00
$this -> elementStart ( 'form' , array ( 'method' => 'post' ,
2010-12-02 05:21:00 +09:00
'id' => 'account_create' ,
2009-11-20 14:48:05 +09:00
'class' => 'form_settings' ,
2009-01-23 08:30:57 +09:00
'action' => common_local_url ( 'finishopenidlogin' )));
2009-01-16 07:57:15 +09:00
$this -> hidden ( 'token' , common_session_token ());
2009-11-20 14:48:05 +09:00
$this -> elementStart ( 'fieldset' , array ( 'id' => 'form_openid_createaccount' ));
$this -> element ( 'legend' , null ,
2011-04-28 03:37:44 +09:00
// TRANS: Fieldset legend.
2009-12-09 05:17:11 +09:00
_m ( 'Create new account' ));
2009-01-16 07:57:15 +09:00
$this -> element ( 'p' , null ,
2011-04-28 03:37:44 +09:00
// TRANS: Form guide.
2009-12-09 05:17:11 +09:00
_m ( 'Create a new user with this nickname.' ));
2009-11-20 14:48:05 +09:00
$this -> elementStart ( 'ul' , 'form_data' );
2011-01-21 08:40:59 +09:00
// Hook point for captcha etc
Event :: handle ( 'StartRegistrationFormData' , array ( $this ));
2009-11-20 14:48:05 +09:00
$this -> elementStart ( 'li' );
2011-04-28 03:37:44 +09:00
// TRANS: Field label.
2009-12-09 05:17:11 +09:00
$this -> input ( 'newname' , _m ( 'New nickname' ),
2009-01-23 08:30:57 +09:00
( $this -> username ) ? $this -> username : '' ,
2011-04-28 03:37:44 +09:00
// TRANS: Field title.
2011-03-31 05:30:23 +09:00
_m ( '1-64 lowercase letters or numbers, no punctuation or spaces.' ));
2009-11-20 14:48:05 +09:00
$this -> elementEnd ( 'li' );
2011-01-21 09:56:48 +09:00
$this -> elementStart ( 'li' );
2011-04-28 03:37:44 +09:00
// TRANS: Field label.
2011-03-31 05:30:23 +09:00
$this -> input ( 'email' , _m ( 'Email' ), $this -> getEmail (),
2011-04-28 03:37:44 +09:00
// TRANS: Field title.
2011-03-31 05:30:23 +09:00
_m ( 'Used only for updates, announcements, ' .
'and password recovery.' ));
2011-01-21 09:56:48 +09:00
$this -> elementEnd ( 'li' );
2011-01-21 08:40:59 +09:00
// Hook point for captcha etc
Event :: handle ( 'EndRegistrationFormData' , array ( $this ));
2009-11-20 14:48:05 +09:00
$this -> elementStart ( 'li' );
2009-01-16 07:57:15 +09:00
$this -> element ( 'input' , array ( 'type' => 'checkbox' ,
2008-12-24 04:19:07 +09:00
'id' => 'license' ,
2009-11-20 14:48:05 +09:00
'class' => 'checkbox' ,
2008-12-24 04:19:07 +09:00
'name' => 'license' ,
'value' => 'true' ));
2009-11-20 14:48:05 +09:00
$this -> elementStart ( 'label' , array ( 'for' => 'license' ,
'class' => 'checkbox' ));
2010-05-01 06:07:19 +09:00
// TRANS: OpenID plugin link text.
2011-04-28 03:37:44 +09:00
// TRANS: %s is a link to a license with the license name as link text.
2011-03-31 05:30:23 +09:00
$message = _m ( 'My text and files are available under %s ' .
2010-04-10 02:11:11 +09:00
'except this private data: password, ' .
'email address, IM address, and phone number.' );
$link = '<a href="' .
htmlspecialchars ( common_config ( 'license' , 'url' )) .
'">' .
htmlspecialchars ( common_config ( 'license' , 'title' )) .
'</a>' ;
$this -> raw ( sprintf ( htmlspecialchars ( $message ), $link ));
2009-11-20 14:48:05 +09:00
$this -> elementEnd ( 'label' );
$this -> elementEnd ( 'li' );
$this -> elementEnd ( 'ul' );
2010-05-01 06:07:19 +09:00
// TRANS: Button label in form in which to create a new user on the site for an OpenID.
$this -> submit ( 'create' , _m ( 'BUTTON' , 'Create' ));
2009-11-20 14:48:05 +09:00
$this -> elementEnd ( 'fieldset' );
2010-12-02 05:21:00 +09:00
$this -> elementEnd ( 'form' );
2009-11-20 14:48:05 +09:00
2010-12-02 05:21:00 +09:00
// The second option is to attach this OpenID to an existing account
// on the local system, which they need to provide a password for.
$this -> elementStart ( 'form' , array ( 'method' => 'post' ,
'id' => 'account_connect' ,
'class' => 'form_settings' ,
'action' => common_local_url ( 'finishopenidlogin' )));
$this -> hidden ( 'token' , common_session_token ());
2009-11-20 14:48:05 +09:00
$this -> elementStart ( 'fieldset' , array ( 'id' => 'form_openid_createaccount' ));
$this -> element ( 'legend' , null ,
2010-05-01 06:07:19 +09:00
// TRANS: Used as form legend for form in which to connect an OpenID to an existing user on the site.
2009-12-09 05:17:11 +09:00
_m ( 'Connect existing account' ));
2009-01-16 07:57:15 +09:00
$this -> element ( 'p' , null ,
2010-05-01 06:07:19 +09:00
// TRANS: User instructions for form in which to connect an OpenID to an existing user on the site.
2009-12-09 05:17:11 +09:00
_m ( 'If you already have an account, login with your username and password to connect it to your OpenID.' ));
2009-11-20 14:48:05 +09:00
$this -> elementStart ( 'ul' , 'form_data' );
$this -> elementStart ( 'li' );
2010-05-01 06:07:19 +09:00
// TRANS: Field label in form in which to connect an OpenID to an existing user on the site.
2009-12-09 05:17:11 +09:00
$this -> input ( 'nickname' , _m ( 'Existing nickname' ));
2009-11-20 14:48:05 +09:00
$this -> elementEnd ( 'li' );
$this -> elementStart ( 'li' );
2010-05-01 06:07:19 +09:00
// TRANS: Field label in form in which to connect an OpenID to an existing user on the site.
2009-12-09 05:17:11 +09:00
$this -> password ( 'password' , _m ( 'Password' ));
2009-11-20 14:48:05 +09:00
$this -> elementEnd ( 'li' );
$this -> elementEnd ( 'ul' );
2011-04-28 03:37:44 +09:00
// TRANS: Button text in form in which to connect an OpenID to an existing user on the site.
2010-05-01 06:07:19 +09:00
$this -> submit ( 'connect' , _m ( 'BUTTON' , 'Connect' ));
2009-11-20 14:48:05 +09:00
$this -> elementEnd ( 'fieldset' );
2009-01-16 07:57:15 +09:00
$this -> elementEnd ( 'form' );
2008-12-24 04:19:07 +09:00
}
2011-01-21 09:56:48 +09:00
/**
* Get specified e - mail from the form , or the OpenID sreg info , or the
* invite code .
*
* @ return string
*/
function getEmail ()
{
$email = $this -> trimmed ( 'email' );
if ( ! empty ( $email )) {
return $email ;
}
// Pull from openid thingy
list ( $display , $canonical , $sreg ) = $this -> getSavedValues ();
if ( ! empty ( $sreg [ 'email' ])) {
return $sreg [ 'email' ];
}
// Terrible hack for invites...
if ( common_config ( 'site' , 'inviteonly' )) {
$code = $_SESSION [ 'invitecode' ];
if ( $code ) {
2013-08-18 20:04:58 +09:00
$invite = Invitation :: getKV ( $code );
2011-01-21 09:56:48 +09:00
if ( $invite && $invite -> address_type == 'email' ) {
return $invite -> address ;
}
}
}
return '' ;
}
2009-01-23 08:30:57 +09:00
function tryLogin ()
2008-12-24 04:33:23 +09:00
{
2008-12-24 04:19:07 +09:00
$consumer = oid_consumer ();
$response = $consumer -> complete ( common_local_url ( 'finishopenidlogin' ));
if ( $response -> status == Auth_OpenID_CANCEL ) {
2010-05-01 06:07:19 +09:00
// TRANS: Status message in case the response from the OpenID provider is that the logon attempt was cancelled.
2009-12-09 05:17:11 +09:00
$this -> message ( _m ( 'OpenID authentication cancelled.' ));
2008-12-24 04:19:07 +09:00
return ;
} else if ( $response -> status == Auth_OpenID_FAILURE ) {
2010-05-01 06:07:19 +09:00
// TRANS: OpenID authentication failed; display the error message. %s is the error message.
2011-04-28 03:37:44 +09:00
$this -> message ( sprintf ( _m ( 'OpenID authentication failed: %s.' ), $response -> message ));
2008-12-24 04:19:07 +09:00
} else if ( $response -> status == Auth_OpenID_SUCCESS ) {
// This means the authentication succeeded; extract the
// identity URL and Simple Registration data (if it was
// returned).
$display = $response -> getDisplayIdentifier ();
$canonical = ( $response -> endpoint -> canonicalID ) ?
$response -> endpoint -> canonicalID : $response -> getDisplayIdentifier ();
2010-03-26 05:58:05 +09:00
oid_assert_allowed ( $display );
oid_assert_allowed ( $canonical );
2008-12-24 04:19:07 +09:00
$sreg_resp = Auth_OpenID_SRegResponse :: fromSuccessResponse ( $response );
if ( $sreg_resp ) {
$sreg = $sreg_resp -> contents ();
}
2010-05-19 02:39:56 +09:00
// Launchpad teams extension
if ( ! oid_check_teams ( $response )) {
2011-04-28 03:37:44 +09:00
// TRANS: Message displayed when OpenID authentication is aborted.
$this -> message ( _m ( 'OpenID authentication aborted: You are not allowed to login to this site.' ));
2010-05-19 02:39:56 +09:00
return ;
}
2008-12-24 04:19:07 +09:00
$user = oid_get_user ( $canonical );
if ( $user ) {
oid_set_last ( $display );
2011-03-23 00:54:23 +09:00
// XXX: commented out at @edd's request until better
// control over how data flows from OpenID provider.
// oid_update_user($user, $sreg);
2008-12-24 04:19:07 +09:00
common_set_user ( $user );
common_real_login ( true );
if ( isset ( $_SESSION [ 'openid_rememberme' ]) && $_SESSION [ 'openid_rememberme' ]) {
common_rememberme ( $user );
}
2008-12-10 03:03:30 +09:00
unset ( $_SESSION [ 'openid_rememberme' ]);
2009-01-23 08:30:57 +09:00
$this -> goHome ( $user -> nickname );
2008-12-24 04:19:07 +09:00
} else {
2009-01-23 08:30:57 +09:00
$this -> saveValues ( $display , $canonical , $sreg );
$this -> showForm ( null , $this -> bestNewNickname ( $display , $sreg ));
2008-12-24 04:19:07 +09:00
}
}
}
2008-12-24 04:33:23 +09:00
function message ( $msg )
{
2009-01-23 08:30:57 +09:00
$this -> message_text = $msg ;
$this -> showPage ();
2008-12-24 04:19:07 +09:00
}
2009-01-23 08:30:57 +09:00
function saveValues ( $display , $canonical , $sreg )
2008-12-24 04:33:23 +09:00
{
2008-12-24 04:19:07 +09:00
common_ensure_session ();
$_SESSION [ 'openid_display' ] = $display ;
$_SESSION [ 'openid_canonical' ] = $canonical ;
$_SESSION [ 'openid_sreg' ] = $sreg ;
}
2009-01-23 08:30:57 +09:00
function getSavedValues ()
2008-12-24 04:33:23 +09:00
{
2008-12-24 04:19:07 +09:00
return array ( $_SESSION [ 'openid_display' ],
$_SESSION [ 'openid_canonical' ],
$_SESSION [ 'openid_sreg' ]);
}
2009-01-23 08:30:57 +09:00
function createNewUser ()
2008-12-24 04:33:23 +09:00
{
2011-03-23 00:54:23 +09:00
// FIXME: save invite code before redirect, and check here
2008-12-04 03:50:22 +09:00
2011-01-06 05:26:20 +09:00
if ( ! Event :: handle ( 'StartRegistrationTry' , array ( $this ))) {
return ;
}
2009-04-18 04:52:26 +09:00
if ( common_config ( 'site' , 'closed' )) {
2010-05-01 06:07:19 +09:00
// TRANS: OpenID plugin message. No new user registration is allowed on the site.
2009-12-09 05:17:11 +09:00
$this -> clientError ( _m ( 'Registration not allowed.' ));
2008-12-04 03:50:22 +09:00
return ;
}
2009-04-18 04:52:26 +09:00
$invite = null ;
if ( common_config ( 'site' , 'inviteonly' )) {
$code = $_SESSION [ 'invitecode' ];
if ( empty ( $code )) {
2010-05-01 06:07:19 +09:00
// TRANS: OpenID plugin message. No new user registration is allowed on the site without an invitation code, and none was provided.
2009-12-09 05:17:11 +09:00
$this -> clientError ( _m ( 'Registration not allowed.' ));
2009-04-18 04:52:26 +09:00
return ;
}
2013-08-18 20:04:58 +09:00
$invite = Invitation :: getKV ( $code );
2009-04-18 04:52:26 +09:00
if ( empty ( $invite )) {
2010-05-01 06:07:19 +09:00
// TRANS: OpenID plugin message. No new user registration is allowed on the site without an invitation code, and the one provided was not valid.
2009-12-09 05:17:11 +09:00
$this -> clientError ( _m ( 'Not a valid invitation code.' ));
2009-04-18 04:52:26 +09:00
return ;
}
}
2010-11-30 07:15:25 +09:00
try {
2010-12-02 04:21:00 +09:00
$nickname = Nickname :: normalize ( $this -> trimmed ( 'newname' ));
2010-11-30 07:15:25 +09:00
} catch ( NicknameException $e ) {
$this -> showForm ( $e -> getMessage ());
2008-12-24 04:19:07 +09:00
return ;
}
2008-06-23 03:04:37 +09:00
2008-12-24 04:19:07 +09:00
if ( ! User :: allowed_nickname ( $nickname )) {
2010-05-01 06:07:19 +09:00
// TRANS: OpenID plugin message. The entered new user name is blacklisted.
2009-12-09 05:17:11 +09:00
$this -> showForm ( _m ( 'Nickname not allowed.' ));
2008-12-24 04:19:07 +09:00
return ;
}
2008-07-02 22:15:07 +09:00
2013-08-18 20:04:58 +09:00
if ( User :: getKV ( 'nickname' , $nickname )) {
2010-05-01 06:07:19 +09:00
// TRANS: OpenID plugin message. The entered new user name is already used.
2009-12-09 05:17:11 +09:00
$this -> showForm ( _m ( 'Nickname already in use. Try another one.' ));
2008-12-24 04:19:07 +09:00
return ;
}
2008-07-02 22:15:07 +09:00
2009-01-23 08:30:57 +09:00
list ( $display , $canonical , $sreg ) = $this -> getSavedValues ();
2008-07-02 22:15:07 +09:00
2008-12-24 04:19:07 +09:00
if ( ! $display || ! $canonical ) {
2010-05-01 06:07:19 +09:00
// TRANS: OpenID plugin server error. A stored OpenID cannot be retrieved.
2009-12-09 05:17:11 +09:00
$this -> serverError ( _m ( 'Stored OpenID not found.' ));
2008-12-24 04:19:07 +09:00
return ;
}
2008-07-02 22:15:07 +09:00
2011-03-23 00:54:23 +09:00
// Possible race condition... let's be paranoid
2008-07-02 22:15:07 +09:00
2008-12-24 04:19:07 +09:00
$other = oid_get_user ( $canonical );
2008-07-02 22:15:07 +09:00
2008-12-24 04:19:07 +09:00
if ( $other ) {
2010-05-01 06:07:19 +09:00
// TRANS: OpenID plugin server error.
2009-12-09 05:17:11 +09:00
$this -> serverError ( _m ( 'Creating new account for OpenID that already has a user.' ));
2008-12-24 04:19:07 +09:00
return ;
}
2008-07-02 22:15:07 +09:00
2010-05-21 04:21:29 +09:00
Event :: handle ( 'StartOpenIDCreateNewUser' , array ( $canonical , & $sreg ));
2009-02-18 13:22:56 +09:00
$location = '' ;
if ( ! empty ( $sreg [ 'country' ])) {
2008-12-24 04:19:07 +09:00
if ( $sreg [ 'postcode' ]) {
2011-03-23 00:54:23 +09:00
// XXX: use postcode to get city and region
// XXX: also, store postcode somewhere -- it's valuable!
2008-12-24 04:19:07 +09:00
$location = $sreg [ 'postcode' ] . ', ' . $sreg [ 'country' ];
} else {
$location = $sreg [ 'country' ];
}
}
2008-12-10 10:46:19 +09:00
2009-02-18 13:22:56 +09:00
if ( ! empty ( $sreg [ 'fullname' ]) && mb_strlen ( $sreg [ 'fullname' ]) <= 255 ) {
2008-12-24 04:19:07 +09:00
$fullname = $sreg [ 'fullname' ];
2009-02-18 13:22:56 +09:00
} else {
$fullname = '' ;
2008-12-24 04:19:07 +09:00
}
2008-12-10 10:46:19 +09:00
2011-01-21 09:56:48 +09:00
$email = $this -> getEmail ();
2008-07-02 22:15:07 +09:00
2011-03-23 00:54:23 +09:00
// XXX: add language
// XXX: add timezone
2008-12-10 10:46:19 +09:00
2009-04-18 04:52:26 +09:00
$args = array ( 'nickname' => $nickname ,
'email' => $email ,
'fullname' => $fullname ,
'location' => $location );
if ( ! empty ( $invite )) {
$args [ 'code' ] = $invite -> code ;
}
$user = User :: register ( $args );
2008-06-18 14:26:38 +09:00
2008-12-24 04:19:07 +09:00
$result = oid_link_user ( $user -> id , $canonical , $display );
2008-12-10 10:46:19 +09:00
2010-05-21 04:21:29 +09:00
Event :: handle ( 'EndOpenIDCreateNewUser' , array ( $user , $canonical , $sreg ));
2008-12-24 04:19:07 +09:00
oid_set_last ( $display );
common_set_user ( $user );
common_real_login ( true );
2008-12-10 03:03:30 +09:00
if ( isset ( $_SESSION [ 'openid_rememberme' ]) && $_SESSION [ 'openid_rememberme' ]) {
2008-12-24 04:19:07 +09:00
common_rememberme ( $user );
}
2008-12-10 03:03:30 +09:00
unset ( $_SESSION [ 'openid_rememberme' ]);
2011-01-06 05:26:20 +09:00
Event :: handle ( 'EndRegistrationTry' , array ( $this ));
2009-04-02 04:30:59 +09:00
common_redirect ( common_local_url ( 'showstream' , array ( 'nickname' => $user -> nickname )),
303 );
2008-12-24 04:19:07 +09:00
}
2008-07-02 22:15:07 +09:00
2009-01-23 08:30:57 +09:00
function connectUser ()
2008-12-24 04:33:23 +09:00
{
2008-12-24 04:19:07 +09:00
$nickname = $this -> trimmed ( 'nickname' );
$password = $this -> trimmed ( 'password' );
2008-06-18 14:26:38 +09:00
2008-12-24 04:19:07 +09:00
if ( ! common_check_user ( $nickname , $password )) {
2010-05-01 06:07:19 +09:00
// TRANS: OpenID plugin message.
2009-12-09 05:17:11 +09:00
$this -> showForm ( _m ( 'Invalid username or password.' ));
2008-12-24 04:19:07 +09:00
return ;
}
2008-06-18 14:26:38 +09:00
2011-03-23 00:54:23 +09:00
// They're legit!
2008-07-02 22:15:07 +09:00
2013-08-18 20:04:58 +09:00
$user = User :: getKV ( 'nickname' , $nickname );
2008-06-18 14:26:38 +09:00
2009-01-23 08:30:57 +09:00
list ( $display , $canonical , $sreg ) = $this -> getSavedValues ();
2008-06-18 14:26:38 +09:00
2008-12-24 04:19:07 +09:00
if ( ! $display || ! $canonical ) {
2010-05-01 06:07:19 +09:00
// TRANS: OpenID plugin server error. A stored OpenID cannot be found.
2009-12-09 05:17:11 +09:00
$this -> serverError ( _m ( 'Stored OpenID not found.' ));
2008-12-24 04:19:07 +09:00
return ;
}
2008-07-02 22:15:07 +09:00
2008-12-24 04:19:07 +09:00
$result = oid_link_user ( $user -> id , $canonical , $display );
2008-07-02 22:15:07 +09:00
2008-12-24 04:19:07 +09:00
if ( ! $result ) {
2010-05-01 06:07:19 +09:00
// TRANS: OpenID plugin server error. The user or user profile could not be saved.
2009-12-09 05:17:11 +09:00
$this -> serverError ( _m ( 'Error connecting user to OpenID.' ));
2008-12-24 04:19:07 +09:00
return ;
}
2008-07-02 22:15:07 +09:00
2010-05-21 04:21:29 +09:00
if ( Event :: handle ( 'StartOpenIDUpdateUser' , array ( $user , $canonical , & $sreg ))) {
oid_update_user ( $user , $sreg );
}
Event :: handle ( 'EndOpenIDUpdateUser' , array ( $user , $canonical , $sreg ));
2008-12-24 04:19:07 +09:00
oid_set_last ( $display );
common_set_user ( $user );
common_real_login ( true );
2008-12-10 03:03:30 +09:00
if ( isset ( $_SESSION [ 'openid_rememberme' ]) && $_SESSION [ 'openid_rememberme' ]) {
2008-12-24 04:19:07 +09:00
common_rememberme ( $user );
}
unset ( $_SESSION [ 'openid_rememberme' ]);
2009-01-23 08:30:57 +09:00
$this -> goHome ( $user -> nickname );
2008-12-24 04:19:07 +09:00
}
2009-01-23 08:30:57 +09:00
function goHome ( $nickname )
2008-12-24 04:33:23 +09:00
{
2008-12-24 04:19:07 +09:00
$url = common_get_returnto ();
if ( $url ) {
2011-03-23 00:54:23 +09:00
// We don't have to return to it again
2008-12-24 04:21:29 +09:00
common_set_returnto ( null );
2010-01-11 17:40:41 +09:00
$url = common_inject_session ( $url );
2008-12-24 04:19:07 +09:00
} else {
$url = common_local_url ( 'all' ,
array ( 'nickname' =>
$nickname ));
}
2009-04-02 04:30:59 +09:00
common_redirect ( $url , 303 );
2008-12-24 04:19:07 +09:00
}
2009-01-23 08:30:57 +09:00
function bestNewNickname ( $display , $sreg )
2008-12-24 04:33:23 +09:00
{
2011-03-23 00:54:23 +09:00
// Try the passed-in nickname
2008-12-24 04:19:07 +09:00
2009-02-18 13:22:56 +09:00
if ( ! empty ( $sreg [ 'nickname' ])) {
2008-12-24 04:19:07 +09:00
$nickname = $this -> nicknamize ( $sreg [ 'nickname' ]);
2009-01-23 08:30:57 +09:00
if ( $this -> isNewNickname ( $nickname )) {
2008-12-24 04:19:07 +09:00
return $nickname ;
}
}
2011-03-23 00:54:23 +09:00
// Try the full name
2008-12-24 04:19:07 +09:00
2009-02-18 13:22:56 +09:00
if ( ! empty ( $sreg [ 'fullname' ])) {
2008-12-24 04:19:07 +09:00
$fullname = $this -> nicknamize ( $sreg [ 'fullname' ]);
2009-01-23 08:30:57 +09:00
if ( $this -> isNewNickname ( $fullname )) {
2008-12-24 04:19:07 +09:00
return $fullname ;
}
}
2011-03-23 00:54:23 +09:00
// Try the URL
2008-12-24 04:19:07 +09:00
2009-01-23 08:30:57 +09:00
$from_url = $this -> openidToNickname ( $display );
2008-12-24 04:19:07 +09:00
2009-01-23 08:30:57 +09:00
if ( $from_url && $this -> isNewNickname ( $from_url )) {
2008-12-24 04:19:07 +09:00
return $from_url ;
}
2011-03-23 00:54:23 +09:00
// XXX: others?
2008-12-24 04:19:07 +09:00
2008-12-24 04:21:29 +09:00
return null ;
2008-12-24 04:19:07 +09:00
}
2009-01-23 08:30:57 +09:00
function isNewNickname ( $str )
2008-12-24 04:33:23 +09:00
{
2010-11-30 07:15:25 +09:00
if ( ! Nickname :: isValid ( $str )) {
2008-12-24 04:19:07 +09:00
return false ;
}
2009-01-23 08:30:57 +09:00
if ( ! User :: allowed_nickname ( $str )) {
2008-12-24 04:19:07 +09:00
return false ;
}
2013-08-18 20:04:58 +09:00
if ( User :: getKV ( 'nickname' , $str )) {
2008-12-24 04:19:07 +09:00
return false ;
}
return true ;
}
2009-01-23 08:30:57 +09:00
function openidToNickname ( $openid )
2008-12-24 04:33:23 +09:00
{
2008-06-18 14:26:38 +09:00
if ( Auth_Yadis_identifierScheme ( $openid ) == 'XRI' ) {
2009-01-23 08:30:57 +09:00
return $this -> xriToNickname ( $openid );
2008-12-24 04:19:07 +09:00
} else {
2009-01-23 08:30:57 +09:00
return $this -> urlToNickname ( $openid );
2008-12-24 04:19:07 +09:00
}
}
2008-06-18 14:26:38 +09:00
2011-03-23 00:54:23 +09:00
// We try to use an OpenID URL as a legal StatusNet user name in this order
// 1. Plain hostname, like http://evanp.myopenid.com/
// 2. One element in path, like http://profile.typekey.com/EvanProdromou/
// or http://getopenid.com/evanprodromou
2009-01-23 08:30:57 +09:00
function urlToNickname ( $openid )
2008-12-24 04:33:23 +09:00
{
2010-02-17 01:06:10 +09:00
return common_url_to_nickname ( $openid );
2008-12-24 04:19:07 +09:00
}
2009-01-23 08:30:57 +09:00
function xriToNickname ( $xri )
2008-12-24 04:33:23 +09:00
{
2009-01-23 08:30:57 +09:00
$base = $this -> xriBase ( $xri );
2008-12-24 04:19:07 +09:00
if ( ! $base ) {
2008-12-24 04:21:29 +09:00
return null ;
2008-12-24 04:19:07 +09:00
} else {
2011-03-23 00:54:23 +09:00
// =evan.prodromou
// or @gratis*evan.prodromou
2008-12-24 04:19:07 +09:00
$parts = explode ( '*' , substr ( $base , 1 ));
return $this -> nicknamize ( array_pop ( $parts ));
}
}
2009-01-23 08:30:57 +09:00
function xriBase ( $xri )
2008-12-24 04:33:23 +09:00
{
2008-12-24 04:19:07 +09:00
if ( substr ( $xri , 0 , 6 ) == 'xri://' ) {
return substr ( $xri , 6 );
} else {
return $xri ;
}
}
2011-03-23 00:54:23 +09:00
// Given a string, try to make it work as a nickname
2008-12-24 04:33:23 +09:00
function nicknamize ( $str )
{
2010-02-17 01:06:10 +09:00
return common_nicknamize ( $str );
2008-12-24 04:19:07 +09:00
}
2008-06-18 14:26:38 +09:00
}