Initial OpenID+OAuth thingy.

This commit is contained in:
Brion Vibber 2010-10-20 15:59:27 -07:00
parent 9d401e2b15
commit bcc06d05e8
2 changed files with 110 additions and 16 deletions

View File

@ -157,9 +157,13 @@ class ApiOauthAuthorizeAction extends Action
// XXX Force credentials check? // XXX Force credentials check?
// XXX OpenID // @fixme this should probably use a unified login form handler
$user = null;
if (Event::handle('StartOAuthLoginCheck', array($this, &$user))) {
$user = common_check_user($this->nickname, $this->password);
}
Event::handle('EndOAuthLoginCheck', array($this, &$user));
$user = common_check_user($this->nickname, $this->password);
if (empty($user)) { if (empty($user)) {
// TRANS: Form validation error given when an invalid username and/or password was passed to the OAuth API. // TRANS: Form validation error given when an invalid username and/or password was passed to the OAuth API.
$this->showForm(_("Invalid nickname / password!")); $this->showForm(_("Invalid nickname / password!"));
@ -344,21 +348,24 @@ class ApiOauthAuthorizeAction extends Action
$this->elementEnd('ul'); $this->elementEnd('ul');
if (!common_logged_in()) { if (!common_logged_in()) {
$this->elementStart('fieldset'); if (Event::handle('StartOAuthLoginForm', array($this))) {
// TRANS: Fieldset legend. $this->elementStart('fieldset');
$this->element('legend', null, _m('LEGEND','Account')); // TRANS: Fieldset legend.
$this->elementStart('ul', 'form_data'); $this->element('legend', null, _m('LEGEND','Account'));
$this->elementStart('li'); $this->elementStart('ul', 'form_data');
// TRANS: Field label on OAuth API authorisation form. $this->elementStart('li');
$this->input('nickname', _('Nickname')); // TRANS: Field label on OAuth API authorisation form.
$this->elementEnd('li'); $this->input('nickname', _('Nickname'));
$this->elementStart('li'); $this->elementEnd('li');
// TRANS: Field label on OAuth API authorisation form. $this->elementStart('li');
$this->password('password', _('Password')); // TRANS: Field label on OAuth API authorisation form.
$this->elementEnd('li'); $this->password('password', _('Password'));
$this->elementEnd('ul'); $this->elementEnd('li');
$this->elementEnd('ul');
$this->elementEnd('fieldset'); $this->elementEnd('fieldset');
}
Event::handle('EndOAuthLoginForm', array($this));
} }
$this->element('input', array('id' => 'cancel_submit', $this->element('input', array('id' => 'cancel_submit',

View File

@ -654,4 +654,91 @@ class OpenIDPlugin extends Plugin
_m('Use <a href="http://openid.net/">OpenID</a> to login to the site.')); _m('Use <a href="http://openid.net/">OpenID</a> to login to the site.'));
return true; return true;
} }
function onStartOAuthLoginForm($action)
{
if (common_config('site', 'openidonly')) {
// Cancel the regular password login form, we won't need it.
$this->showOAuthLoginForm($action);
return false;
} else {
// Leave the regular password login form in place.
// We'll add an OpenID link at bottom...?
return true;
}
}
/**
* @fixme merge with common code for main OpenID login form
* @param HTMLOutputter $action
*/
protected function showOAuthLoginForm($action)
{
$action->elementStart('ul', 'form_data');
$action->elementStart('li');
$provider = common_config('openid', 'trusted_provider');
$appendUsername = common_config('openid', 'append_username');
if ($provider) {
$action->element('label', array(), _m('OpenID provider'));
$action->element('span', array(), $provider);
if ($appendUsername) {
$action->element('input', array('id' => 'openid_username',
'name' => 'openid_username',
'style' => 'float: none'));
}
$action->element('p', 'form_guide',
($appendUsername ? _m('Enter your username.') . ' ' : '') .
_m('You will be sent to the provider\'s site for authentication.'));
$action->hidden('openid_url', $provider);
} else {
// TRANS: OpenID plugin logon form field label.
$action->input('openid_url', _m('OpenID URL'),
'',
// TRANS: OpenID plugin logon form field instructions.
_m('Your OpenID URL'));
}
$action->elementEnd('li');
$action->elementEnd('ul');
}
/**
* Handle a POST user credential check in apioauthauthorization.
* If given an OpenID URL, we'll pass us over to the regular things
* and then redirect back here on completion.
*
* @fixme merge with common code for main OpenID login form
* @param HTMLOutputter $action
*/
function onStartOAuthLoginCheck($action, &$user)
{
$provider = common_config('openid', 'trusted_provider');
if ($provider) {
$openid_url = $provider;
if (common_config('openid', 'append_username')) {
$openid_url .= $action->trimmed('openid_username');
}
} else {
$openid_url = $action->trimmed('openid_url');
}
if ($openid_url) {
require_once dirname(__FILE__) . '/openid.php';
oid_assert_allowed($openid_url);
$returnto = common_local_url('ApiOauthAuthorize', array(),
array('oauth_token' => $action->arg('oauth_token')));
common_set_returnto($returnto);
// This will redirect if functional...
$result = oid_authenticate($openid_url,
'finishopenidlogin');
if (is_string($result)) { # error message
throw new ServerException($result);
} else {
exit(0);
}
}
return true;
}
} }