[Evocms-plugins-commits] SF.net SVN: evocms-plugins: [430] openid_plugin/trunk/_openid.plugin.php
Brought to you by:
blueyed
From: <bl...@us...> - 2007-07-05 00:12:43
|
Revision: 430 http://svn.sourceforge.net/evocms-plugins/?rev=430&view=rev Author: blueyed Date: 2007-07-04 17:12:40 -0700 (Wed, 04 Jul 2007) Log Message: ----------- - Added support for editing (adding/deleting) OpenIDs in the backoffice user profile - Minor fixes Modified Paths: -------------- openid_plugin/trunk/_openid.plugin.php Modified: openid_plugin/trunk/_openid.plugin.php =================================================================== --- openid_plugin/trunk/_openid.plugin.php 2007-07-05 00:07:58 UTC (rev 429) +++ openid_plugin/trunk/_openid.plugin.php 2007-07-05 00:12:40 UTC (rev 430) @@ -189,7 +189,7 @@ } else { - $input_note = sprintf( $this->T_('You can use your <a %s>OpenID</a> to login, if it is associated to your profile.'), + $input_note = sprintf( $this->T_('You can use your <a %s>OpenID</a> to login, if it is linked to your profile.'), 'title="'.T_('What is OpenID?').'" href="http://iwantmyopenid.org/about/openid"' ); } // NOTE: using openid.gif fails because of the width:97% for the INPUT (and because we would need padding).. @@ -298,12 +298,11 @@ /** - * @todo + * @return array List of htsrv callbacks. */ function GetHtsrvMethods() { - return array(); - #return array( 'server' ); + return array('add_openid'); } @@ -724,12 +723,12 @@ /** - * Process the redirect. + * Process the redirect and exit. * @param string OpenID * @param string Process URL * @param mixed Session data to store in the user's session */ - function process_redirect( $openid, $process_url, $sess_data ) + function process_redirect( $openid, $process_url, $sess_data = array() ) { // Set passed user info into his session (only one set per OpenID): $req_ID = generate_random_key(5); @@ -744,30 +743,9 @@ $process_url = url_add_param( $process_url, 'openid_url='.rawurlencode($openid).'&openid_plugin_finish='.$req_ID, '&' ); - $trust_root = $this->Settings->get('trust_root'); - if( empty($trust_root) ) - { - global $ReqHost; - - $trust_root = $ReqHost; - } - - if( ! preg_match('~^\w+://~', $trust_root) ) - { // trust_root has no protocol yet, use the same as of $process_url: - if( substr($process_url, 0, 8) == 'https://' ) - { - $trust_root = 'https://'.$trust_root; - } - else - { - $trust_root = 'http://'.$trust_root; - } - } - - // Redirect the user to the OpenID server for authentication. Store // the token for this authentication so we can verify the response. - $redirect_url = $this->auth_request->redirectURL($trust_root, $process_url); + $redirect_url = $this->auth_request->redirectURL($this->get_trust_root(), $process_url); header_redirect($redirect_url); } @@ -826,32 +804,181 @@ /** - * @todo Allow to edit the list of OpenIDs and add/remove any. + * List linked OpenIDs. Provides links to unlink them or add new ones. + * + * @todo This is limited to the backoffice profile! Make it available in the frontend profile, too. */ function PluginUserSettingsEditDisplayAfter( & $params ) { global $DB; - echo '<p>'.$this->T_('Validated OpenID URLs:').'</p>'; - - $rows = $DB->get_results( ' + $openids = $DB->get_results( ' SELECT openID FROM '.$this->get_sql_table('user_openid').' WHERE user_ID = '.$params['User']->ID ); - if( ! $rows ) + if( $openids ) { - echo ' - '; + echo '<p>'.$this->T_('Validated OpenIDs:').'</p>'; + echo '<p class="note">'.$this->T_('Check the OpenIDs that you want to unlink from your profile.').'</p>'; + + echo '<ul>'; + + $field_name = $this->get_class_id().'_unlink[]'; + foreach( $openids as $row ) + { + echo '<li>'; + + $field_id = Form::get_valid_id($field_name.$row->openID); + + echo '<input type="checkbox" id="'.$field_id.'" name="'.$field_name.'" value="'.htmlspecialchars($row->openID).'" title="'.htmlspecialchars($this->T_('Unlink this OpenID from your profile!')).'" /> '; + + echo '<label for="'.$field_id.'">'.htmlspecialchars($row->openID).'</label>'; + } + echo '</ul>'; } else { - echo '<ul>'; - foreach( $rows as $row ) + echo '<p>'.$this->T_('You have no OpenIDs registered yet.').'</p>'; + } + + echo '<p><a target="_blank" href="'.$this->get_htsrv_url('add_openid', array()).'">'.$this->T_('Add a new OpenID...').'</a></p>'; + } + + + function PluginUserSettingsUpdateAction( & $params ) + { + $unlink = param($this->get_class_id().'_unlink', 'array', array()); + + if( ! $unlink ) + { + return true; + } + + global $DB; + $unlink = array_map( array(&$DB, 'quote'), $unlink ); + $unlink = implode( ', ', $unlink ); + + if( $count = $DB->query( ' + DELETE FROM '.$this->get_sql_table('user_openid').' + WHERE user_ID = '.$DB->quote($params['User']->ID).' + AND openID IN ('.$unlink.')' ) ) + { + $this->msg( $this->T_('Successfully unlinked the OpenID(s) from your account.'), 'success' ); + } + } + + /** + * This is the htsrv callback to add a new OpenID to the user's profile. + * @todo Use some generic header include!? + */ + function htsrv_add_openid($params) + { + global $io_charset; + header('Content-type: text/html; charset='.$io_charset); + + $action = param('action', 'string', ''); + $form_openid_url = param('openid_url', 'string', ''); + + if( $action == 'add_openid' ) + { + if( empty($form_openid_url) ) { - echo '<li><a href="'.$row->openID.'">'.$row->openID.'</a></li>'; + $this->msg( $this->T_('Please provide an OpenID to verify.'), 'error' ); } - echo '</ul>'; + elseif( $User = $this->get_User_for_openid($form_openid_url) ) + { // OpenID already in use: + global $current_User; + if( $User->ID == $current_User->ID ) + { + $this->msg( sprintf($this->T_('The OpenID «%s» is already linked to your profile.'), $form_openid_url), 'note' ); + } + else + { + $this->msg( sprintf($this->T_('The OpenID «%s» is already linked to another user.'), $form_openid_url), 'error' ); + } + } + else + { + $this->init_consumer_lib(); + + $this->auth_request = $this->consumer->begin($form_openid_url); + + // Handle failure status return values. + if( ! $this->auth_request ) + { + $this->msg( T_('OpenID authentication error.'), 'error' ); + } + else + { // Redirect to provider to verify the OpenID: + $process_url = $this->get_htsrv_url('add_openid', array('openid_url'=>$form_openid_url), '&', true /* absolute */ ); + + $redirect_url = $this->auth_request->redirectURL($this->get_trust_root(), $process_url); + + header_redirect($redirect_url); + } + } } + elseif( ! empty($params['openid_url']) ) + { // We're coming from the provider: + $this->init_consumer_lib(); + + $response = $this->consumer->complete(); + + if( $response->status == Auth_OpenID_CANCEL ) + { + // This means the authentication was cancelled. + $this->msg( T_('Verification cancelled.'), 'login_error'); + } + elseif( $response->status == Auth_OpenID_SUCCESS ) + { // Success: + $this->set_verified_openID($params['openid_url']); + $this->msg( sprintf($this->T_('You have successfully verified your OpenID «%s». It has been linked to your profile.'), $params['openid_url']), 'success'); + } + else + { + $this->msg( sprintf( T_('OpenID authentication failed: %s'), $response->message ), 'error' ); + } + } + + global $rsc_url; + ?> + <html> + <head> + <title><?php echo $this->T_('Add an OpenID to your user profile') ?></title> + <link rel="stylesheet" type="text/css" href="<?php echo $rsc_url ?>css/basic.css" /> + </head> + + <body style="padding:1em"> + + <h1><?php echo $this->T_('Add an OpenID to your user profile') ?></h1> + <p> + <?php echo $this->T_('This form allows you to add an OpenID to your profile.') ?> + </p> + + <?php + global $Messages; + $Messages->disp(); + + list($form_action, $form_hiddens) = explode('?', $this->get_htsrv_url('add_openid', array(), '&')); + $Form = new Form($form_action, '', 'post', 'inline'); + + foreach( explode('&', $form_hiddens) as $hidden ) + { + list($k, $v) = explode('=', $hidden); + $Form->hidden( $k, $v ); + } + + $Form->hidden('action', 'add_openid'); + $Form->begin_form(); + $Form->text_input('openid_url', $form_openid_url, null, $this->T_('OpenID')); + $Form->submit_input( array('value' => $this->T_('Add...')) ); + $Form->end_form(); + ?> + + </body> + </html> + <?php } @@ -1048,5 +1175,35 @@ $this->restore_include_path(); } + + /** + * Get the appropriate trust root, either from settings or {@link $ReqHost}. + * + * @return string + */ + function get_trust_root() + { + $trust_root = $this->Settings->get('trust_root'); + if( empty($trust_root) ) + { + global $ReqHost; + $trust_root = $ReqHost; + } + + if( ! preg_match('~^\w+://~', $trust_root) ) + { // trust_root has no protocol yet, use the same as of $process_url: + if( substr($process_url, 0, 8) == 'https://' ) + { + $trust_root = 'https://'.$trust_root; + } + else + { + $trust_root = 'http://'.$trust_root; + } + } + + return $trust_root; + } + } ?> This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |