Commit Graph

75 Commits

Author SHA1 Message Date
Brion Vibber
ce7176d987 Switch OpenID server's redirects from 307 to 303 to avoid prompt for form data resubmission if we were sent here from a POST request, such as when verifying the site for the first time doing an OpenID login from Drupal. 2010-06-16 12:30:37 -07:00
Brion Vibber
58fe1a597c OpenID: add option to enable asking for a username to append to the trusted provider's base URL. Good for hooking up with sites like WikiHow, where usernames are appended to a base URL to get a profile URL which is used as the provider.
$config['openid']['append_username'] = true;
or check 'Append a username to base URL' in OpenID admin panel.
2010-05-28 16:52:17 -07:00
Brion Vibber
2f2fa10071 Merge branch 'master' of gitorious.org:statusnet/mainline into testing 2010-05-27 14:54:43 -07:00
Brion Vibber
9193c110f1 WikiHowProfile plugin; pulls avatar from WikiHow profile pages when registering or adding account with OpenID. (Full name, location, homepage, and bio are also on the profile page but not marked up in a way they can be easily retrieved yet.)
OpenID plugin: Added events at OpenID account creation and update time to allow additional customizations for particular sites.
2010-05-25 17:11:46 -07:00
Brion Vibber
7c828ae5f8 OpenID access control options: trusted provider URL, Launchpad team restrictions. Added an admin panel for setting these and OpenID-only mode, off by default.
To enable the admin panel:
    $config['admin']['panels'][] = 'openid';

Or to set them manually:
    $config['openid']['trusted_provider'] = 'https://login.ubuntu.net/';
    $config['openid']['required_team'] = 'my-project-cabal';
    $config['site']['openidonly'] = true;

OpenID-only mode can still be set from addPlugin() parameters as well for backwards compatibility.
Note: if it's set there, that value will override the setting from the database or config.php.

Note that team restrictions are only really meaningful if a trusted provider is set; otherwise,
any OpenID server could report back that users are members of the given team.

Restrictions are checked only at OpenID authentication time and will not kick off people currently
with a session open; existing remembered logins may also survive these changes.

Using code for Launchpad team support provided by Canonical under AGPLv3, pulled from r27 of
WordPress teams integration plugin:
    https://code.edge.launchpad.net/~canonical-isd-hackers/wordpress-teams-integration/trunk
2010-05-18 13:28:41 -07:00
Brion Vibber
67eeaa9cf4 Pull localization updates from 0.9.x branch 2010-05-03 12:27:44 -07:00
Brion Vibber
ae2986527c Pull localization updates from 0.9.x 2010-04-29 15:52:10 -07:00
Brion Vibber
dd7b95c2cf Merge branch 'master' into testing 2010-04-23 14:26:57 -07:00
Brion Vibber
4beaba9fb0 Ticket #93: pretty up the auto-submit for OpenID logins a bit.
* throwing in our spinner
* cleanup of texts
* "If this doesn't go through click the button" instead of just a mystery button
* slightly faster submission: immediate at end of page rather than waiting for jQuery to confirm document setup completion
2010-04-23 11:28:50 -07:00
Brion Vibber
756dd15515 i18n cleanup: fix bad string breakdown in license agreement checkbox on registration form.
Note that much of that form is duplicated several times for Twitter, Facebook, and OpenID registrations -- these need to be refactored to avoid having multiple out-of-sync copies of code and messages.
2010-04-09 10:12:23 -07:00
Brion Vibber
3ac3bc32fc Some localization cleanup and doc to aid in customization:
* added locale/en/LC_MESSAGES/statusnet.po to make it easier to start customizing English texts
* added notes to locale/README about customizing and how to disable languages you haven't customized
* renamed PO templates from *.po to *.pot to match general conventions and reduce confusion for people trying to find which file they're supposed to edit
2010-04-05 13:19:16 -07:00
Evan Prodromou
9c63ae6e44 add whitelist and blacklist for openid URLs 2010-03-25 16:58:05 -04:00
Evan Prodromou
7f6fdb528c remove debugging calls 2010-03-25 16:35:22 -04:00
Evan Prodromou
ad608ab9ad prevent password login actions in OpenID-only mode 2010-03-23 12:58:10 -04:00
Evan Prodromou
ff60cb4e66 start making OpenID-only mode work 2010-03-23 12:10:26 -04:00
Evan Prodromou
fcdbf421ab reformat OpenIDPlugin for PHPCS 2010-03-23 11:36:02 -04:00
Brion Vibber
4d7479dcbc OpenID fixes:
- avoid notice spew when checking sreg items that weren't provided
- fix keys spec for user_openid, clears up problems with removing openid associations
- fix keys spec for user_openid_trustroot
2010-03-12 10:07:32 -08:00
Craig Andrews
9466546705 On the OpenID settings page, allow users to remove trustroots. 2010-03-08 21:43:34 -05:00
Brion Vibber
42463e160d Merge branch 'testing' of git@gitorious.org:statusnet/mainline into 0.9.x 2010-03-08 13:37:45 -08:00
Brion Vibber
5355c3b7b5 OpenID fix:
- avoid notice on insert (missing sequenceKeys())
- avoid cache corruption on delete (user_id was missing from keys list, cache not cleared for user_id lookups)
2010-03-05 15:00:27 -08:00
Brion Vibber
7bd0b8e17e Pull latest .po files from 0.9.x to testing 2010-03-04 10:20:10 -08:00
Brion Vibber
3c4ead4996 Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	db/08to09.sql
	locale/statusnet.po
	scripts/update_po_templates.php
2010-03-01 14:59:26 -08:00
Brion Vibber
59be4b8cae Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x 2010-02-24 15:47:51 -08:00
Evan Prodromou
e94800ced9 fix broken link in OpenID documentation 2010-02-22 07:08:57 -05:00
Eric Helgeson
86f2f530ef Fixed incorrect link on registration successful page 2010-02-20 21:57:05 +00:00
Evan Prodromou
a8c2a8261e move some nickname-guessing code to lib/util.php from OpenID 2010-02-16 11:06:10 -05:00
Evan Prodromou
92deb35bc4 inject session before redirect for openid finish login 2010-01-11 08:40:41 +00:00
Evan Prodromou
0587dcc045 add version info to OpenID plugin 2010-01-07 17:41:55 -08:00
Brion Vibber
4e2acd153b ...and drop the unnecessary &reference from child class pkeyGet() overrides. 2010-01-06 14:28:40 -08:00
Siebrand Mazeland
745e35ac1f (Puctuation) consistency in clientError() calls. 2009-12-13 18:55:17 +01:00
Brion Vibber
4b5e977a7b New _m() gettext wrapper with smart detection of plugin domains. Plugin base class registers your gettext files if present at initialization.
update_pot.sh replaced with update_po_templates.php which can do core, plugins, or all (default).
Top-level Makefile added to build .mo files for plugins as well as core.

As described on list:
http://lists.status.net/pipermail/statusnet-dev/2009-December/002869.html
2009-12-08 12:17:11 -08:00
Brion Vibber
c89b10ffe4 Code style cleanup: dropped some unnecessary =& reference assignments where they're used only out of habit for PHP 4-style object semantics 2009-12-03 12:58:48 -08:00
Zach Copley
2d25f288a7 Some changes to the OpenID DataObjects to make them emit the exact same
.ini info as what used to be in statusnet.ini before OpenID was pulled
out into a plugin.
2009-11-26 02:21:23 +00:00
Zach Copley
a1f87f415a OpenID plugin should set 'user_openid.display' as unique key 2009-11-26 01:26:19 +00:00
Zach Copley
441b62e87e Have OpenID plugin DataObjects emit their own .ini info 2009-11-25 23:12:24 +00:00
Zach Copley
8acc1587b1 Revert "Allow plugin DB_DataObject classes to not have to use the .ini file by overriding keys(), table(), and sequenceKey() for them"
This reverts commit a373d07ae0.

Conflicts:

	classes/statusnet.ini
	lib/schema.php
	plugins/Authentication/AuthenticationPlugin.php
	plugins/OpenID/OpenIDPlugin.php
	plugins/UserFlag/UserFlagPlugin.php
2009-11-25 13:38:59 -08:00
Sarven Capadisli
501170f3cf Updated form markup 2009-11-20 05:48:05 +00:00
Brion Vibber
6f9b909211 Fix for PHP spewing notices from commit a373d07ae0
Please test with error_reporting set to E_ALL!

Classnames and function names aren't first-class objects in PHP and need to be referenced as strings here. :(
2009-11-16 15:36:30 -08:00
Craig Andrews
a373d07ae0 Allow plugin DB_DataObject classes to not have to use the .ini file by overriding keys(), table(), and sequenceKey() for them 2009-11-16 15:24:25 -05:00
Brion Vibber
50234be398 Fix regression in OpenID autosubmit page.
Since core JS loads were moved to the bottom, the JavaScript was being run before jQuery was loaded, so the onload event never got set. Moved it down to the scripts section.
2009-11-13 15:34:15 -08:00
Craig Andrews
cefbad0159 Also delete the OpenID provider data when a user is deleted 2009-11-12 20:12:35 -05:00
Brion Vibber
088081675f Revert "Remove more contractions"
This reverts commit 5ab709b739.

Missed this one yesterday...
2009-11-09 20:01:46 +01:00
Siebrand Mazeland
b10f362ede Merge branch '0.9.x' of git://gitorious.org/statusnet/mainline into 0.9.x 2009-11-08 23:33:58 +01:00
Siebrand Mazeland
5ab709b739 Remove more contractions
* doesn't
* won't
* isn't
* don't
2009-11-08 23:32:15 +01:00
Brion Vibber
fc5002015b Revert "* [Cc]an't -> [Cc]annot"
This reverts commit 0ab17f382b.
2009-11-08 23:28:51 +01:00
Siebrand Mazeland
0ab17f382b * [Cc]an't -> [Cc]annot
* [Cc]ould't -> [Cc]ould not
2009-11-08 23:22:38 +01:00
Brion Vibber
8d44b6a5a2 Fix bug 1962: deleteuser.php regression when OpenID plugin not enabled
The User_openid data object was explicitly listed as a related field to delete from in User::delete(); this class doesn't exist anymore by default since OpenID was broken out to a plugin.
Added UserDeleteRelated event for plugins to add related tables to delete from at user delete time.
2009-11-08 14:40:30 +01:00
Craig Andrews
982850c9c7 Added simple registration (sreg) support to the OpenID provider 2009-10-30 15:33:04 -04:00
Craig Andrews
204eb5b0c4 made openidserver a login action so it can be seen when the site is in "private" mode 2009-10-30 13:42:54 -04:00
Craig Andrews
acaf07f6e8 Added an "Verify Your Identity" page to the OpenID provider 2009-10-30 13:21:37 -04:00