Zach Copley
0b134d3e69
Re-camelcase ApiOauthAuthorizeAction so it will be accessible when
...
a site is in pivate mode
2010-10-21 18:15:11 -07:00
Zach Copley
a548861dbf
OAuth - proper callback handling and better styling for authorization
...
page when in desktop mode
2010-10-21 14:45:42 -07:00
Siebrand Mazeland
31f52ec37c
Update translator documentation and remove superfluous whitespace.
2010-10-21 02:02:37 +02:00
Brion Vibber
c24f4ddfdb
Pretty up the OpenID variant of the OAuth login form a bit; change the 'Allow' button to 'Continue' so we're not confused why we get the form again after authenticating.
2010-10-20 16:14:32 -07:00
Brion Vibber
bcc06d05e8
Initial OpenID+OAuth thingy.
2010-10-20 15:59:27 -07:00
Siebrand Mazeland
fb32108707
Localisation updates from http://translatewiki.net .
2010-10-20 19:51:49 +02:00
Siebrand Mazeland
bee51e1cec
Localisation updates from http://translatewiki.net .
2010-10-20 02:43:14 +02:00
Siebrand Mazeland
5ee4e52488
Localisation updates from http://translatewiki.net .
2010-10-20 01:24:09 +02:00
Brion Vibber
3593f3f132
Merge branch '0.9.x' into 1.0.x
2010-10-19 15:18:07 -07:00
Siebrand Mazeland
e6df1b19df
Localisation updates from http://translatewiki.net
2010-10-18 22:03:29 +02:00
Brion Vibber
7765ddae81
Merge branch '0.9.x' into 1.0.x
...
Conflicts:
README
lib/default.php
2010-10-18 12:17:11 -07:00
Siebrand Mazeland
1d6d0cbcbd
Use common case instead of WARNING in all caps.
...
Spotted by The Evil IP address.
2010-10-16 14:15:02 +02:00
Brion Vibber
5f81f6119b
Merge branch '0.9.x' into 1.0.x
2010-10-12 16:33:36 -07:00
Siebrand Mazeland
5215423ea9
Localisation updates from http://translatewiki.net .
2010-10-09 16:15:48 +02:00
Brion Vibber
aa02f6020e
Merge branch '0.9.x' into 1.0.x
2010-10-08 11:47:50 -07:00
Brion Vibber
67dc78b621
Merge branch 'fatals' into 0.9.x
2010-10-08 11:28:51 -07:00
Brion Vibber
a30ea4568f
Normalize execution guards in OpenID plugin files; avoids annoying fatal errors when .php files get spidered.
2010-10-08 11:23:53 -07:00
Brion Vibber
59119482ca
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 1.0.x
...
Conflicts:
actions/hostmeta.php
actions/imsettings.php
classes/User.php
lib/adminpanelaction.php
lib/channel.php
lib/default.php
lib/router.php
lib/util.php
2010-10-04 12:54:36 -07:00
Siebrand Mazeland
458512aafd
Localisation updates from http://translatewiki.net
2010-10-03 22:46:38 +02:00
Siebrand Mazeland
08054e85fe
Localisation updates from http://translatewiki.net .
2010-10-01 22:34:59 +02:00
Brion Vibber
93bea7ff28
Fix for OpenID-only private sites: we were removing the 'login' and 'register' actions from the routing system entirely, which meant that login links & redirects from unauthenticated views on private sites (as well as various re-auth situations even on non-private sites) would break and send to the main page instead.
...
Changed it to leave the 'login' and 'register' actions in the system; we're already taking them over and redirecting them to the OpenID login page, so they won't be reached by accident; but now those redirects can be reached on purpose. ;)
Better long-term fix may be to allow some aliasing, so we can have common_local_url('login') actually send us straight to the OpenID login page instead of having to go through an intermediate redirect, but this'll do.
2010-09-30 12:35:25 -07:00
Siebrand Mazeland
f6c1b8aa49
Localisation updates from http://translatewiki.net
...
* adding the fuzzy messages back now that translatewiki.net processes them properly again.
2010-09-28 21:06:47 +02:00
Siebrand Mazeland
ec7ab3af4d
Localisation updates from http://translatewiki.net
...
* first export of L10n for languages other than English. Could use some testing/QA.
2010-09-28 01:09:29 +02:00
Siebrand Mazeland
870be512d2
Update POT files for plugins.
2010-09-23 00:37:16 +02:00
Siebrand Mazeland
8135f7d960
Update pot files for plugins.
2010-09-19 00:24:48 +02:00
Siebrand Mazeland
db1d348135
Update/add pot files for plugins.
2010-09-15 01:16:45 +02:00
Evan Prodromou
4419e43f7f
Merge branch '0.9.x' into 1.0.x
...
Conflicts:
EVENTS.txt
plugins/TwitterBridge/daemons/twitterstatusfetcher.php
plugins/TwitterBridge/twitterbasicauthclient.php
2010-09-09 15:01:03 -04:00
Brion Vibber
961aba68fc
Quick fix for #2659 : unable to login with Livejournal OpenID
...
The Net::OpenID::Server perl module that LJ uses appears to be very picky about input, and rejects most request types unless the data comes in as GET parameters (apparently following OpenID 1.1 rules, rather than OpenID 2.0 rules which permit any request to be POSTed but requires that if so, the data must all be in the POST body).
Apparently something got updated on LJ at some point that's either added that behavior or (more likely) added the OpenID 2.0 namespace info to discovery, which tells the Janrain-based OpenID libraries that they should go ahead and do POST requests instead of redirects to GET requests... thus breaking everything. ;)
GET should be just fine for both 1.1 and 2.0 though, and also saves having to sit through that lame autosubmit page.
Switched the authentication submission from checking whether it should redirect to GET or do a form POST, to simply always doing the redirect to GET.
Tested against providers:
* LiveJournal
* Google
* LaunchPad
* identi.ca
2010-09-07 16:15:32 -07:00
Craig Andrews
6f95ccd37d
Create Account Manager plugin implementing the Account Management specification
...
Add Account Manager support to the OpenID plugin
2010-09-07 13:45:52 -04:00
Craig Andrews
3dd734b2c3
Remove CSRF protection from username/password login and from OpenID login.
2010-09-07 13:45:52 -04:00
Brion Vibber
696e4ba393
Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x
...
Conflicts:
plugins/OpenID/openidserver.php (cleaned up mismatched comment)
2010-06-26 10:17:36 -04:00
Brion Vibber
9684cbe3c6
Merge branch 'testing' into 0.9.x
...
Conflicts:
plugins/OpenID/openidserver.php
2010-06-16 12:38:35 -07:00
Brion Vibber
ce7176d987
Switch OpenID server's redirects from 307 to 303 to avoid prompt for form data resubmission if we were sent here from a POST request, such as when verifying the site for the first time doing an OpenID login from Drupal.
2010-06-16 12:30:37 -07:00
Brion Vibber
d88b208edc
Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x
...
Conflicts:
plugins/OpenID/openid.php
2010-06-07 10:19:40 -07:00
Brion Vibber
58fe1a597c
OpenID: add option to enable asking for a username to append to the trusted provider's base URL. Good for hooking up with sites like WikiHow, where usernames are appended to a base URL to get a profile URL which is used as the provider.
...
$config['openid']['append_username'] = true;
or check 'Append a username to base URL' in OpenID admin panel.
2010-05-28 16:52:17 -07:00
Craig Andrews
6317f7d92b
Assigning my copyrights to the Free Software Foundation
2010-05-27 18:27:33 -04:00
Brion Vibber
696aeea113
Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x
...
Conflicts:
lib/language.php
plugins/OpenID/finishaddopenid.php
2010-05-27 14:57:32 -07:00
Brion Vibber
2f2fa10071
Merge branch 'master' of gitorious.org:statusnet/mainline into testing
2010-05-27 14:54:43 -07:00
Brion Vibber
9193c110f1
WikiHowProfile plugin; pulls avatar from WikiHow profile pages when registering or adding account with OpenID. (Full name, location, homepage, and bio are also on the profile page but not marked up in a way they can be easily retrieved yet.)
...
OpenID plugin: Added events at OpenID account creation and update time to allow additional customizations for particular sites.
2010-05-25 17:11:46 -07:00
Brion Vibber
7005ef6661
Merge branch 'testing' into 0.9.x
...
Conflicts:
plugins/OpenID/openidlogin.php
2010-05-19 12:51:25 -07:00
Brion Vibber
7c828ae5f8
OpenID access control options: trusted provider URL, Launchpad team restrictions. Added an admin panel for setting these and OpenID-only mode, off by default.
...
To enable the admin panel:
$config['admin']['panels'][] = 'openid';
Or to set them manually:
$config['openid']['trusted_provider'] = 'https://login.ubuntu.net/ ';
$config['openid']['required_team'] = 'my-project-cabal';
$config['site']['openidonly'] = true;
OpenID-only mode can still be set from addPlugin() parameters as well for backwards compatibility.
Note: if it's set there, that value will override the setting from the database or config.php.
Note that team restrictions are only really meaningful if a trusted provider is set; otherwise,
any OpenID server could report back that users are members of the given team.
Restrictions are checked only at OpenID authentication time and will not kick off people currently
with a session open; existing remembered logins may also survive these changes.
Using code for Launchpad team support provided by Canonical under AGPLv3, pulled from r27 of
WordPress teams integration plugin:
https://code.edge.launchpad.net/~canonical-isd-hackers/wordpress-teams-integration/trunk
2010-05-18 13:28:41 -07:00
Brion Vibber
67eeaa9cf4
Pull localization updates from 0.9.x branch
2010-05-03 12:27:44 -07:00
Siebrand Mazeland
7ec5e7cd76
Update translator documentation for OpenID plugin.
2010-04-30 23:07:19 +02:00
Siebrand Mazeland
193fdd8071
Update Dutch translation for OpenID plugin.
2010-04-30 02:17:30 +02:00
Siebrand Mazeland
83dcdf3b08
Re-add OpenID/locale/nl/LC_MESSAGES/OpenID.po which was accidentally removed in Commit:d811f14bedc260adcfdd0eb8216eba06e9610144
...
Signed-off-by: Siebrand Mazeland <s.mazeland@xs4all.nl>
2010-04-30 02:01:55 +02:00
Siebrand Mazeland
d811f14bed
Remove .po source files. Using pot files.
2010-04-30 01:57:22 +02:00
Siebrand Mazeland
5ad2d0c30c
Update gettext localisation files.
2010-04-30 01:45:54 +02:00
Brion Vibber
ae2986527c
Pull localization updates from 0.9.x
2010-04-29 15:52:10 -07:00
Brion Vibber
2260d6ec7c
Merge branch 'testing' into 0.9.x
...
Conflicts:
index.php
2010-04-29 15:14:51 -07:00
Brion Vibber
dd7b95c2cf
Merge branch 'master' into testing
2010-04-23 14:26:57 -07:00
Brion Vibber
4beaba9fb0
Ticket #93 : pretty up the auto-submit for OpenID logins a bit.
...
* throwing in our spinner
* cleanup of texts
* "If this doesn't go through click the button" instead of just a mystery button
* slightly faster submission: immediate at end of page rather than waiting for jQuery to confirm document setup completion
2010-04-23 11:28:50 -07:00
Siebrand Mazeland
2bb02e8698
Adding Dutch translation for OpenID plugin.
2010-04-12 00:57:02 +02:00
Brion Vibber
756dd15515
i18n cleanup: fix bad string breakdown in license agreement checkbox on registration form.
...
Note that much of that form is duplicated several times for Twitter, Facebook, and OpenID registrations -- these need to be refactored to avoid having multiple out-of-sync copies of code and messages.
2010-04-09 10:12:23 -07:00
Brion Vibber
4b20d68c48
i18n cleanup: fix bad string breakdown in license agreement checkbox on registration form.
...
Note that much of that form is duplicated several times for Twitter, Facebook, and OpenID registrations -- these need to be refactored to avoid having multiple out-of-sync copies of code and messages.
2010-04-09 10:11:11 -07:00
Craig Andrews
fc1a463b95
Redirect using HTTP 303 so that form POST data is not re-submitted to the destination page
2010-04-08 17:20:24 -04:00
Brion Vibber
3ac3bc32fc
Some localization cleanup and doc to aid in customization:
...
* added locale/en/LC_MESSAGES/statusnet.po to make it easier to start customizing English texts
* added notes to locale/README about customizing and how to disable languages you haven't customized
* renamed PO templates from *.po to *.pot to match general conventions and reduce confusion for people trying to find which file they're supposed to edit
2010-04-05 13:19:16 -07:00
Evan Prodromou
9c63ae6e44
add whitelist and blacklist for openid URLs
2010-03-25 16:58:05 -04:00
Evan Prodromou
7f6fdb528c
remove debugging calls
2010-03-25 16:35:22 -04:00
Evan Prodromou
ad608ab9ad
prevent password login actions in OpenID-only mode
2010-03-23 12:58:10 -04:00
Evan Prodromou
ff60cb4e66
start making OpenID-only mode work
2010-03-23 12:10:26 -04:00
Evan Prodromou
fcdbf421ab
reformat OpenIDPlugin for PHPCS
2010-03-23 11:36:02 -04:00
Brion Vibber
4d7479dcbc
OpenID fixes:
...
- avoid notice spew when checking sreg items that weren't provided
- fix keys spec for user_openid, clears up problems with removing openid associations
- fix keys spec for user_openid_trustroot
2010-03-12 10:07:32 -08:00
Craig Andrews
9466546705
On the OpenID settings page, allow users to remove trustroots.
2010-03-08 21:43:34 -05:00
Brion Vibber
42463e160d
Merge branch 'testing' of git@gitorious.org:statusnet/mainline into 0.9.x
2010-03-08 13:37:45 -08:00
Brion Vibber
5355c3b7b5
OpenID fix:
...
- avoid notice on insert (missing sequenceKeys())
- avoid cache corruption on delete (user_id was missing from keys list, cache not cleared for user_id lookups)
2010-03-05 15:00:27 -08:00
Brion Vibber
7bd0b8e17e
Pull latest .po files from 0.9.x to testing
2010-03-04 10:20:10 -08:00
Brion Vibber
3c4ead4996
Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x
...
Conflicts:
db/08to09.sql
locale/statusnet.po
scripts/update_po_templates.php
2010-03-01 14:59:26 -08:00
Brion Vibber
59be4b8cae
Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x
2010-02-24 15:47:51 -08:00
Evan Prodromou
e94800ced9
fix broken link in OpenID documentation
2010-02-22 07:08:57 -05:00
Eric Helgeson
86f2f530ef
Fixed incorrect link on registration successful page
2010-02-20 21:57:05 +00:00
Evan Prodromou
a8c2a8261e
move some nickname-guessing code to lib/util.php from OpenID
2010-02-16 11:06:10 -05:00
Evan Prodromou
92deb35bc4
inject session before redirect for openid finish login
2010-01-11 08:40:41 +00:00
Evan Prodromou
0587dcc045
add version info to OpenID plugin
2010-01-07 17:41:55 -08:00
Brion Vibber
4e2acd153b
...and drop the unnecessary &reference from child class pkeyGet() overrides.
2010-01-06 14:28:40 -08:00
Siebrand Mazeland
745e35ac1f
(Puctuation) consistency in clientError() calls.
2009-12-13 18:55:17 +01:00
Brion Vibber
4b5e977a7b
New _m() gettext wrapper with smart detection of plugin domains. Plugin base class registers your gettext files if present at initialization.
...
update_pot.sh replaced with update_po_templates.php which can do core, plugins, or all (default).
Top-level Makefile added to build .mo files for plugins as well as core.
As described on list:
http://lists.status.net/pipermail/statusnet-dev/2009-December/002869.html
2009-12-08 12:17:11 -08:00
Brion Vibber
c89b10ffe4
Code style cleanup: dropped some unnecessary =& reference assignments where they're used only out of habit for PHP 4-style object semantics
2009-12-03 12:58:48 -08:00
Zach Copley
2d25f288a7
Some changes to the OpenID DataObjects to make them emit the exact same
...
.ini info as what used to be in statusnet.ini before OpenID was pulled
out into a plugin.
2009-11-26 02:21:23 +00:00
Zach Copley
a1f87f415a
OpenID plugin should set 'user_openid.display' as unique key
2009-11-26 01:26:19 +00:00
Zach Copley
441b62e87e
Have OpenID plugin DataObjects emit their own .ini info
2009-11-25 23:12:24 +00:00
Zach Copley
8acc1587b1
Revert "Allow plugin DB_DataObject classes to not have to use the .ini file by overriding keys(), table(), and sequenceKey() for them"
...
This reverts commit a373d07ae0
.
Conflicts:
classes/statusnet.ini
lib/schema.php
plugins/Authentication/AuthenticationPlugin.php
plugins/OpenID/OpenIDPlugin.php
plugins/UserFlag/UserFlagPlugin.php
2009-11-25 13:38:59 -08:00
Sarven Capadisli
501170f3cf
Updated form markup
2009-11-20 05:48:05 +00:00
Brion Vibber
6f9b909211
Fix for PHP spewing notices from commit a373d07ae0
...
Please test with error_reporting set to E_ALL!
Classnames and function names aren't first-class objects in PHP and need to be referenced as strings here. :(
2009-11-16 15:36:30 -08:00
Craig Andrews
a373d07ae0
Allow plugin DB_DataObject classes to not have to use the .ini file by overriding keys(), table(), and sequenceKey() for them
2009-11-16 15:24:25 -05:00
Brion Vibber
50234be398
Fix regression in OpenID autosubmit page.
...
Since core JS loads were moved to the bottom, the JavaScript was being run before jQuery was loaded, so the onload event never got set. Moved it down to the scripts section.
2009-11-13 15:34:15 -08:00
Craig Andrews
cefbad0159
Also delete the OpenID provider data when a user is deleted
2009-11-12 20:12:35 -05:00
Brion Vibber
088081675f
Revert "Remove more contractions"
...
This reverts commit 5ab709b739
.
Missed this one yesterday...
2009-11-09 20:01:46 +01:00
Siebrand Mazeland
b10f362ede
Merge branch '0.9.x' of git://gitorious.org/statusnet/mainline into 0.9.x
2009-11-08 23:33:58 +01:00
Siebrand Mazeland
5ab709b739
Remove more contractions
...
* doesn't
* won't
* isn't
* don't
2009-11-08 23:32:15 +01:00
Brion Vibber
fc5002015b
Revert "* [Cc]an't -> [Cc]annot"
...
This reverts commit 0ab17f382b
.
2009-11-08 23:28:51 +01:00
Siebrand Mazeland
0ab17f382b
* [Cc]an't -> [Cc]annot
...
* [Cc]ould't -> [Cc]ould not
2009-11-08 23:22:38 +01:00
Brion Vibber
8d44b6a5a2
Fix bug 1962: deleteuser.php regression when OpenID plugin not enabled
...
The User_openid data object was explicitly listed as a related field to delete from in User::delete(); this class doesn't exist anymore by default since OpenID was broken out to a plugin.
Added UserDeleteRelated event for plugins to add related tables to delete from at user delete time.
2009-11-08 14:40:30 +01:00
Craig Andrews
982850c9c7
Added simple registration (sreg) support to the OpenID provider
2009-10-30 15:33:04 -04:00
Craig Andrews
204eb5b0c4
made openidserver a login action so it can be seen when the site is in "private" mode
2009-10-30 13:42:54 -04:00
Craig Andrews
acaf07f6e8
Added an "Verify Your Identity" page to the OpenID provider
2009-10-30 13:21:37 -04:00
Craig Andrews
c49564647a
whitespace adjustments for doxygen
2009-10-29 16:27:23 -04:00
Craig Andrews
54696f7c46
Moved the public XRDS from the OpenID plugin to core
...
Added 4 new events involved in XRDS: StartUserXRDS, EndUserXRDS, StartPublicXRDS, EndPublicXRDS
Added OpenID provider functionality (no delegation support [yet])
2009-10-29 16:27:22 -04:00
Brion Vibber
fd650715fa
Warning cleanup: drop reference on router parameter to RouterInitialized event handlers.
...
We don't (and don't need to) pass a reference here, and the mix can trigger warnings.
2009-10-29 13:55:37 -04:00
Evan Prodromou
e25716d180
correctly output public XRDS <meta>
2009-10-28 14:38:19 -04:00
Craig Andrews
0b4390e7f2
Make email domain checking optional, as some statusnet installations (such as those behind restrictive corporate firewalls, or on home systems on restrictive connections) cannot connect to any mail
...
systems, and this check will always fail.
2009-10-26 10:31:12 -04:00