[Evocms-plugins-commits] SF.net SVN: evocms-plugins: [430] openid_plugin/trunk/_openid.plugin.php

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Revision: 430
          http://svn.sourceforge.net/evocms-plugins/?rev=430&view=rev
Author:   blueyed
Date:     2007-07-04 17:12:40 -0700 (Wed, 04 Jul 2007)

Log Message:
-----------
- Added support for editing (adding/deleting) OpenIDs in the backoffice user profile
- Minor fixes

Modified Paths:
--------------
    openid_plugin/trunk/_openid.plugin.php

Modified: openid_plugin/trunk/_openid.plugin.php
===================================================================

--- openid_plugin/trunk/_openid.plugin.php	2007-07-05 00:07:58 UTC (rev 429)
+++ openid_plugin/trunk/_openid.plugin.php	2007-07-05 00:12:40 UTC (rev 430)
@@ -189,7 +189,7 @@
 		}
 		else
 		{
-			$input_note = sprintf( $this->T_('You can use your <a %s>OpenID</a> to login, if it is associated to your profile.'),
+			$input_note = sprintf( $this->T_('You can use your <a %s>OpenID</a> to login, if it is linked to your profile.'),
 						'title="'.T_('What is OpenID?').'" href="http://iwantmyopenid.org/about/openid"' );
 		}
 		// NOTE: using openid.gif fails because of the width:97% for the INPUT (and because we would need padding)..
@@ -298,12 +298,11 @@
 
 
 	/**
-	 * @todo
+	 * @return array List of htsrv callbacks.
 	 */
 	function GetHtsrvMethods()
 	{
-		return array();
-		#return array( 'server' );
+		return array('add_openid');
 	}
 
 
@@ -724,12 +723,12 @@
 
 
 	/**
-	 * Process the redirect.
+	 * Process the redirect and exit.
 	 * @param string OpenID
 	 * @param string Process URL
 	 * @param mixed Session data to store in the user's session
 	 */
-	function process_redirect( $openid, $process_url, $sess_data )
+	function process_redirect( $openid, $process_url, $sess_data = array() )
 	{
 		// Set passed user info into his session (only one set per OpenID):
 		$req_ID = generate_random_key(5);
@@ -744,30 +743,9 @@
 
 		$process_url = url_add_param( $process_url, 'openid_url='.rawurlencode($openid).'&openid_plugin_finish='.$req_ID, '&' );
 
-		$trust_root = $this->Settings->get('trust_root');
-		if( empty($trust_root) )
-		{
-			global $ReqHost;
-
-			$trust_root = $ReqHost;
-		}
-
-		if( ! preg_match('~^\w+://~', $trust_root) )
-		{ // trust_root has no protocol yet, use the same as of $process_url:
-			if( substr($process_url, 0, 8) == 'https://' )
-			{
-				$trust_root = 'https://'.$trust_root;
-			}
-			else
-			{
-				$trust_root = 'http://'.$trust_root;
-			}
-		}
-
-
 		// Redirect the user to the OpenID server for authentication.  Store
 		// the token for this authentication so we can verify the response.
-		$redirect_url = $this->auth_request->redirectURL($trust_root, $process_url);
+		$redirect_url = $this->auth_request->redirectURL($this->get_trust_root(), $process_url);
 
 		header_redirect($redirect_url);
 	}
@@ -826,32 +804,181 @@
 
 
 	/**
-	 * @todo Allow to edit the list of OpenIDs and add/remove any.
+	 * List linked OpenIDs. Provides links to unlink them or add new ones.
+	 *
+	 * @todo This is limited to the backoffice profile! Make it available in the frontend profile, too.
 	 */
 	function PluginUserSettingsEditDisplayAfter( & $params )
 	{
 		global $DB;
 
-		echo '<p>'.$this->T_('Validated OpenID URLs:').'</p>';
-
-		$rows = $DB->get_results( '
+		$openids = $DB->get_results( '
 				SELECT openID
 				  FROM '.$this->get_sql_table('user_openid').'
 				 WHERE user_ID = '.$params['User']->ID );
 
-		if( ! $rows )
+		if( $openids )
 		{
-			echo ' - ';
+			echo '<p>'.$this->T_('Validated OpenIDs:').'</p>';
+			echo '<p class="note">'.$this->T_('Check the OpenIDs that you want to unlink from your profile.').'</p>';
+
+			echo '<ul>';
+
+			$field_name = $this->get_class_id().'_unlink[]';
+			foreach( $openids as $row )
+			{
+				echo '<li>';
+
+				$field_id = Form::get_valid_id($field_name.$row->openID);
+
+				echo '<input type="checkbox" id="'.$field_id.'" name="'.$field_name.'" value="'.htmlspecialchars($row->openID).'" title="'.htmlspecialchars($this->T_('Unlink this OpenID from your profile!')).'" /> ';
+
+				echo '<label for="'.$field_id.'">'.htmlspecialchars($row->openID).'</label>';
+			}
+			echo '</ul>';
 		}
 		else
 		{
-			echo '<ul>';
-			foreach( $rows as $row )
+			echo '<p>'.$this->T_('You have no OpenIDs registered yet.').'</p>';
+		}
+
+		echo '<p><a target="_blank" href="'.$this->get_htsrv_url('add_openid', array()).'">'.$this->T_('Add a new OpenID...').'</a></p>';
+	}
+
+
+	function PluginUserSettingsUpdateAction( & $params )
+	{
+		$unlink = param($this->get_class_id().'_unlink', 'array', array());
+
+		if( ! $unlink )
+		{
+			return true;
+		}
+
+		global $DB;
+		$unlink = array_map( array(&$DB, 'quote'), $unlink );
+		$unlink = implode( ', ', $unlink );
+
+		if( $count = $DB->query( '
+				DELETE FROM '.$this->get_sql_table('user_openid').'
+				 WHERE user_ID = '.$DB->quote($params['User']->ID).'
+					 AND openID IN ('.$unlink.')' ) )
+		{
+			$this->msg( $this->T_('Successfully unlinked the OpenID(s) from your account.'), 'success' );
+		}
+	}
+
+	/**
+	 * This is the htsrv callback to add a new OpenID to the user's profile.
+	 * @todo Use some generic header include!?
+	 */
+	function htsrv_add_openid($params)
+	{
+		global $io_charset;
+		header('Content-type: text/html; charset='.$io_charset);
+
+		$action = param('action', 'string', '');
+		$form_openid_url = param('openid_url', 'string', '');
+
+		if( $action == 'add_openid' )
+		{
+			if( empty($form_openid_url) )
 			{
-				echo '<li><a href="'.$row->openID.'">'.$row->openID.'</a></li>';
+				$this->msg( $this->T_('Please provide an OpenID to verify.'), 'error' );
 			}
-			echo '</ul>';
+			elseif( $User = $this->get_User_for_openid($form_openid_url) )
+			{ // OpenID already in use:
+				global $current_User;
+				if( $User->ID == $current_User->ID )
+				{
+					$this->msg( sprintf($this->T_('The OpenID &laquo;%s&raquo; is already linked to your profile.'), $form_openid_url), 'note' );
+				}
+				else
+				{
+					$this->msg( sprintf($this->T_('The OpenID &laquo;%s&raquo; is already linked to another user.'), $form_openid_url), 'error' );
+				}
+			}
+			else
+			{
+				$this->init_consumer_lib();
+
+				$this->auth_request = $this->consumer->begin($form_openid_url);
+
+				// Handle failure status return values.
+				if( ! $this->auth_request )
+				{
+					$this->msg( T_('OpenID authentication error.'), 'error' );
+				}
+				else
+				{ // Redirect to provider to verify the OpenID:
+					$process_url = $this->get_htsrv_url('add_openid', array('openid_url'=>$form_openid_url), '&', true /* absolute */ );
+
+					$redirect_url = $this->auth_request->redirectURL($this->get_trust_root(), $process_url);
+
+					header_redirect($redirect_url);
+				}
+			}
 		}
+		elseif( ! empty($params['openid_url']) )
+		{ // We're coming from the provider:
+			$this->init_consumer_lib();
+
+			$response = $this->consumer->complete();
+
+			if( $response->status == Auth_OpenID_CANCEL )
+			{
+				// This means the authentication was cancelled.
+				$this->msg( T_('Verification cancelled.'), 'login_error');
+			}
+			elseif( $response->status == Auth_OpenID_SUCCESS )
+			{ // Success:
+				$this->set_verified_openID($params['openid_url']);
+				$this->msg( sprintf($this->T_('You have successfully verified your OpenID &laquo;%s&raquo;. It has been linked to your profile.'), $params['openid_url']), 'success');
+			}
+			else
+			{
+				$this->msg( sprintf( T_('OpenID authentication failed: %s'), $response->message ), 'error' );
+			}
+		}
+
+		global $rsc_url;
+		?>
+		<html>
+			<head>
+				<title><?php echo $this->T_('Add an OpenID to your user profile') ?></title>
+				<link rel="stylesheet" type="text/css" href="<?php echo $rsc_url ?>css/basic.css" />
+			</head>
+
+			<body style="padding:1em">
+
+			<h1><?php echo $this->T_('Add an OpenID to your user profile') ?></h1>
+			<p>
+			<?php echo $this->T_('This form allows you to add an OpenID to your profile.') ?>
+			</p>
+
+			<?php
+			global $Messages;
+			$Messages->disp();
+
+			list($form_action, $form_hiddens) = explode('?', $this->get_htsrv_url('add_openid', array(), '&'));
+			$Form = new Form($form_action, '', 'post', 'inline');
+
+			foreach( explode('&', $form_hiddens) as $hidden )
+			{
+				list($k, $v) = explode('=', $hidden);
+				$Form->hidden( $k, $v );
+			}
+
+			$Form->hidden('action', 'add_openid');
+			$Form->begin_form();
+			$Form->text_input('openid_url', $form_openid_url, null, $this->T_('OpenID'));
+			$Form->submit_input( array('value' => $this->T_('Add...')) );
+			$Form->end_form();
+			?>
+
+			</body>
+		</html>
+		<?php
 	}
 
 
@@ -1048,5 +1175,35 @@
 		$this->restore_include_path();
 	}
 
+
+	/**
+	 * Get the appropriate trust root, either from settings or {@link $ReqHost}.
+	 *
+	 * @return string
+	 */
+	function get_trust_root()
+	{
+		$trust_root = $this->Settings->get('trust_root');
+		if( empty($trust_root) )
+		{
+			global $ReqHost;
+			$trust_root = $ReqHost;
+		}
+
+		if( ! preg_match('~^\w+://~', $trust_root) )
+		{ // trust_root has no protocol yet, use the same as of $process_url:
+			if( substr($process_url, 0, 8) == 'https://' )
+			{
+				$trust_root = 'https://'.$trust_root;
+			}
+			else
+			{
+				$trust_root = 'http://'.$trust_root;
+			}
+		}
+
+		return $trust_root;
+	}
+
 }
 ?>


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


