GNUsocial
/
gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity

[OpenID] Added support for GS's Internal Session Handler

This commit is contained in:
Diogo Cordeiro 2019-06-10 04:11:26 +01:00
parent 54f75683c7
commit c93547b080
4 changed files with 119 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

128
locale/statusnet.pot
View File

@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2019-06-09 18:01+0100\n"
"POT-Creation-Date: 2019-06-10 16:37+0100\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@ -4849,41 +4849,39 @@ msgid "No uploaded file."
msgstr ""
#. TRANS: Client exception thrown when an uploaded file is larger than set in php.ini.
#: actions/restoreaccount.php:131 lib/mediafile.php:198
#: actions/restoreaccount.php:131
msgid "The uploaded file exceeds the upload_max_filesize directive in php.ini."
msgstr ""
#. TRANS: Client exception.
#: actions/restoreaccount.php:136 lib/mediafile.php:203
#: actions/restoreaccount.php:136
msgid ""
"The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in "
"the HTML form."
msgstr ""
#. TRANS: Client exception.
#: actions/restoreaccount.php:141 lib/mediafile.php:208
#: actions/restoreaccount.php:141 lib/mediafile.php:341
msgid "The uploaded file was only partially uploaded."
msgstr ""
#. TRANS: Client exception thrown when a temporary folder is not present to store a file upload.
#: actions/restoreaccount.php:148 lib/mediafile.php:215
#: actions/restoreaccount.php:148 lib/mediafile.php:347
msgid "Missing a temporary folder."
msgstr ""
#. TRANS: Client exception thrown when writing to disk is not possible during a file upload operation.
#: actions/restoreaccount.php:151 lib/mediafile.php:218
#: actions/restoreaccount.php:151 lib/mediafile.php:350
msgid "Failed to write file to disk."
msgstr ""
#. TRANS: Client exception thrown when a file upload operation has been stopped by an extension.
#: actions/restoreaccount.php:154 lib/mediafile.php:221
#: actions/restoreaccount.php:154 lib/mediafile.php:353
msgid "File upload stopped by extension."
msgstr ""
#. TRANS: Client exception thrown when a file upload operation has failed with an unknown reason.
#. TRANS: Exception thrown when uploading an image fails for an unknown reason.
#. TRANS: Client exception thrown when a file upload operation has failed with an unknown reason.
#: actions/restoreaccount.php:159 lib/imagefile.php:205 lib/mediafile.php:226
#: actions/restoreaccount.php:159 lib/mediafile.php:357
msgid "System error uploading file."
msgstr ""
@ -6381,14 +6379,14 @@ msgstr ""
#. TRANS: Message used to be inserted as %2$s in the text "No file may
#. TRANS: be larger than %1$d byte and the file you sent was %2$s.".
#. TRANS: %1$d is the number of bytes of an uploaded file.
#: classes/File.php:220
#: classes/File.php:243
#, php-format
msgid "%1$d byte"
msgid_plural "%1$d bytes"
msgstr[0] ""
msgstr[1] ""
#: classes/File.php:228
#: classes/File.php:253
#, php-format
msgid ""
"No file may be larger than %1$d byte and the file you sent was %2$s. Try to "
@ -6399,21 +6397,21 @@ msgid_plural ""
msgstr[0] ""
msgstr[1] ""
#: classes/File.php:244
#: classes/File.php:275
#, php-format
msgid "A file this large would exceed your user quota of %d byte."
msgid_plural "A file this large would exceed your user quota of %d bytes."
msgstr[0] ""
msgstr[1] ""
#: classes/File.php:257
#: classes/File.php:293
#, php-format
msgid "A file this large would exceed your monthly quota of %d byte."
msgid_plural "A file this large would exceed your monthly quota of %d bytes."
msgstr[0] ""
msgstr[1] ""
#: classes/File.php:326
#: classes/File.php:367
msgid "Blacklisted file extension."
msgstr ""
@ -8338,74 +8336,29 @@ msgid "Could not GET URL %s."
msgstr ""
#. TRANS: Exception thrown when trying to upload an unsupported image file format.
#: lib/imagefile.php:88
#: lib/imagefile.php:70
msgid "Unsupported image format."
msgstr ""
#: lib/imagefile.php:129
#: lib/imagefile.php:118
msgid "File without filename could not get a thumbnail source."
msgstr ""
#: lib/imagefile.php:144
#: lib/imagefile.php:133
msgid "Unsupported media format."
msgstr ""
#. TRANS: Exception thrown when too large a file is uploaded.
#. TRANS: %s is the maximum file size, for example "500b", "10kB" or "2MB".
#: lib/imagefile.php:191
#, php-format
msgid "That file is too big. The maximum file size is %s."
msgstr ""
#. TRANS: Exception thrown when uploading an image and that action could not be completed.
#: lib/imagefile.php:196
msgid "Partial upload."
msgstr ""
#: lib/imagefile.php:200
msgid "No file uploaded."
msgstr ""
#. TRANS: Exception thrown when uploading a file as image that is not an image or is a corrupt file.
#: lib/imagefile.php:213
msgid "Not an image or corrupt file."
msgstr ""
#. TRANS: Exception thrown during resize when image has been registered as present, but is no longer there.
#: lib/imagefile.php:251
#: lib/imagefile.php:256
msgid "Lost our file."
msgstr ""
#. TRANS: Exception thrown when trying to resize an unknown file type.
#. TRANS: Exception thrown when trying resize an unknown file type.
#: lib/imagefile.php:320 lib/imagefile.php:364
#: lib/imagefile.php:334 lib/imagefile.php:393
msgid "Unknown file type"
msgstr ""
#. TRANS: Number of megabytes. %d is the number.
#: lib/imagefile.php:408
#, php-format
msgid "%dMB"
msgid_plural "%dMB"
msgstr[0] ""
msgstr[1] ""
#. TRANS: Number of kilobytes. %d is the number.
#: lib/imagefile.php:412
#, php-format
msgid "%dkB"
msgid_plural "%dkB"
msgstr[0] ""
msgstr[1] ""
#. TRANS: Number of bytes. %d is the number.
#: lib/imagefile.php:415
#, php-format
msgid "%dB"
msgid_plural "%dB"
msgstr[0] ""
msgstr[1] ""
#. TRANS: Body text for confirmation code e-mail.
#. TRANS: %1$s is a user nickname, %2$s is the StatusNet sitename,
#. TRANS: %3$s is the display name of an IM plugin.
@ -8811,21 +8764,56 @@ msgid ""
msgstr ""
#. TRANS: Client exception thrown when a database error was thrown during a file upload operation.
#: lib/mediafile.php:134 lib/mediafile.php:181
#: lib/mediafile.php:189 lib/mediafile.php:245
msgid "There was a database error while saving your file. Please try again."
msgstr ""
#. TRANS: Number of megabytes. %d is the number.
#: lib/mediafile.php:260
#, php-format
msgid "%dMB"
msgid_plural "%dMB"
msgstr[0] ""
msgstr[1] ""
#. TRANS: Number of kilobytes. %d is the number.
#: lib/mediafile.php:264
#, php-format
msgid "%dkB"
msgid_plural "%dkB"
msgstr[0] ""
msgstr[1] ""
#. TRANS: Number of bytes. %d is the number.
#: lib/mediafile.php:267
#, php-format
msgid "%dB"
msgid_plural "%dB"
msgstr[0] ""
msgstr[1] ""
#: lib/mediafile.php:335
#, php-format
msgid "That file is too big. The maximum file size is %s."
msgstr ""
#. TRANS: Client exception thrown when a file upload operation fails because the file could
#. TRANS: not be moved from the temporary folder to the permanent file location.
#: lib/mediafile.php:247 lib/mediafile.php:273 lib/mediafile.php:305
#: lib/mediafile.php:330
#. UX: too specific
#. TRANS: Client exception thrown when a file upload operation fails because the file could
#. TRANS: not be moved from the temporary folder to the permanent file location.
#: lib/mediafile.php:390 lib/mediafile.php:435 lib/mediafile.php:459
msgid "File could not be moved to destination directory."
msgstr ""
#: lib/mediafile.php:564
msgid "Could not determine file's MIME type."
msgstr ""
#. TRANS: Client exception thrown trying to upload a forbidden MIME type.
#. TRANS: %1$s is the file type that was denied, %2$s is the application part of
#. TRANS: the MIME type that was denied.
#: lib/mediafile.php:391
#: lib/mediafile.php:606
#, php-format
msgid ""
"\"%1$s\" is not a supported file type on this server. Try using another %2$s "
@ -8834,7 +8822,7 @@ msgstr ""
#. TRANS: Client exception thrown trying to upload a forbidden MIME type.
#. TRANS: %s is the file type that was denied.
#: lib/mediafile.php:396
#: lib/mediafile.php:611
#, php-format
msgid "\"%s\" is not a supported file type on this server."
msgstr ""

11
plugins/OpenID/actions/openidsettings.php
View File

@ -93,7 +93,7 @@ class OpenidsettingsAction extends SettingsAction
'action' =>
common_local_url('openidsettings')]);
$this->elementStart('fieldset', ['id' => 'settings_openid_add']);
// TRANS: Fieldset legend.
$this->element('legend', null, _m('LEGEND', 'Add OpenID'));
$this->hidden('token', common_session_token());
@ -127,7 +127,7 @@ class OpenidsettingsAction extends SettingsAction
if ($cnt > 0) {
// TRANS: Header on OpenID settings page.
$this->element('h2', null, _m('HEADER', 'OpenID Actions'));
if ($cnt == 1 && !$this->scoped->hasPassword()) {
$this->element('p', 'form_guide',
// TRANS: Form guide.
@ -218,7 +218,7 @@ class OpenidsettingsAction extends SettingsAction
// TRANS: Button text to remove an OpenID trustroot.
$this->submit('settings_openid_trustroots_action-submit', _m('BUTTON', 'Remove'), 'submit', 'remove_trustroots');
$this->elementEnd('fieldset');
$prefs = User_openid_prefs::getKV('user_id', $this->scoped->getID());
$this->elementStart('fieldset');
@ -247,9 +247,8 @@ class OpenidsettingsAction extends SettingsAction
// TRANS: Form validation error if no OpenID providers can be added.
throw new ServerException(_m('Cannot add new providers.'));
} else {
common_ensure_session();
$_SESSION['openid_synch'] = $this->boolean('openid-synch');
$result = oid_authenticate($this->trimmed('openid_url'), 'finishaddopenid');
if (is_string($result)) { // error message
unset($_SESSION['openid-synch']);
@ -335,7 +334,7 @@ class OpenidsettingsAction extends SettingsAction
if (!$oid instanceof User_openid) {
throw new ClientException(_m('No such OpenID.'));
}
$result = oid_authenticate($this->trimmed('openid_url'), 'finishsynchopenid');
if (is_string($result)) { // error message
throw new ServerException($result);

46
plugins/OpenID/locale/OpenID.pot
View File

@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2019-06-10 15:40+0100\n"
"POT-Creation-Date: 2019-06-10 16:49+0100\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@ -205,40 +205,40 @@ msgid "Cannot add new providers."
msgstr ""
#. TRANS: Unexpected form validation error.
#: actions/openidsettings.php:271
#: actions/openidsettings.php:270
msgid "No known action for POST."
msgstr ""
#. TRANS: Form validation error when trying to remove a non-existing trustroot.
#: actions/openidsettings.php:293
#: actions/openidsettings.php:292
msgid "No such OpenID trustroot."
msgstr ""
#. TRANS: Success message after removing trustroots.
#: actions/openidsettings.php:298
#: actions/openidsettings.php:297
msgid "Trustroots removed."
msgstr ""
#. TRANS: Form validation error for a non-existing OpenID.
#: actions/openidsettings.php:315 actions/openidsettings.php:336
#: actions/openidsettings.php:314 actions/openidsettings.php:335
msgid "No such OpenID."
msgstr ""
#. TRANS: Form validation error if OpenID is connected to another user.
#: actions/openidsettings.php:319
#: actions/openidsettings.php:318
msgid "That OpenID does not belong to you."
msgstr ""
#. TRANS: Success message after removing an OpenID.
#: actions/openidsettings.php:323
#: actions/openidsettings.php:322
msgid "OpenID removed."
msgstr ""
#: actions/openidsettings.php:343
#: actions/openidsettings.php:342
msgid "Synchronized OpenID."
msgstr ""
#: actions/openidsettings.php:375
#: actions/openidsettings.php:374
msgid "OpenID preferences saved."
msgstr ""
@ -670,68 +670,72 @@ msgstr ""
msgid "OpenID provider"
msgstr ""
#: openid.php:136
#: openid.php:64
msgid "Unknown DB type for OpenID."
msgstr ""
#: openid.php:161
msgid "No valid URL provided for OpenID."
msgstr ""
#. TRANS: OpenID plugin server error.
#: openid.php:143
#: openid.php:168
msgid "Cannot instantiate OpenID consumer object."
msgstr ""
#. TRANS: OpenID plugin message. Given when an OpenID is not valid.
#: openid.php:154
#: openid.php:179
msgid "Not a valid OpenID."
msgstr ""
#. TRANS: OpenID plugin server error. Given when the OpenID authentication request fails.
#. TRANS: %s is the failure message.
#: openid.php:159
#: openid.php:184
#, php-format
msgid "OpenID failure: %s."
msgstr ""
#. TRANS: OpenID plugin server error. Given when the OpenID authentication request cannot be redirected.
#. TRANS: %s is the failure message.
#: openid.php:208
#: openid.php:233
#, php-format
msgid "Could not redirect to server: %s."
msgstr ""
#. TRANS: OpenID plugin user instructions.
#: openid.php:246
#: openid.php:271
msgid ""
"This form should automatically submit itself. If not, click the submit "
"button to go to your OpenID provider."
msgstr ""
#. TRANS: OpenID plugin server error.
#: openid.php:282
#: openid.php:307
msgid "Error saving the profile."
msgstr ""
#. TRANS: OpenID plugin server error.
#: openid.php:294
#: openid.php:319
msgid "Error saving the user."
msgstr ""
#. TRANS: OpenID plugin client exception (403).
#: openid.php:324
#: openid.php:349
msgid "Unauthorized URL used for OpenID login."
msgstr ""
#. TRANS: Title
#: openid.php:372
#: openid.php:397
msgid "OpenID Login Submission"
msgstr ""
#. TRANS: OpenID plugin message used while requesting authorization user's OpenID login provider.
#: openid.php:383
#: openid.php:408
msgid "Requesting authorization from your login provider..."
msgstr ""
#. TRANS: OpenID plugin message. User instruction while requesting authorization user's OpenID login provider.
#: openid.php:387
#: openid.php:412
msgid ""
"If you are not redirected to your login provider in a few seconds, try "
"pushing the button below."

37
plugins/OpenID/openid.php
View File

@ -35,11 +35,34 @@ define('OPENID_COOKIE_KEY', 'lastusedopenid');
function oid_store()
{
static $store = null;
if (!$store) {
// Can't be called statically
$user = new User();
$conn = $user->getDatabaseConnection();
$store = new Auth_OpenID_MySQLStore($conn);
if (is_null($store)) {
// To create a new Database connection is an absolute must
// because database is in transaction (auto-commit = false)
// mode during OpenID operation
// Is a must because our Internal Session Handler uses database
// and depends on auto-commit = true
$dsn = common_config('db', 'database');
$options = PEAR::getStaticProperty('DB', 'options');
if (!is_array($options)) {
$options = [];
}
$db = DB::connect($dsn, $options);
if (PEAR::isError($db)) {
throw new ServerException($db->getMessage());
}
switch (common_config('db', 'type')) {
case 'mysql':
$store = new Auth_OpenID_MySQLStore($db);
break;
case 'postgresql':
$store = new Auth_OpenID_PostgreSQLStore($db);
break;
default:
throw new ServerException(_m('Unknown DB type for OpenID.'));
}
}
return $store;
}
@ -47,6 +70,8 @@ function oid_store()
function oid_consumer()
{
$store = oid_store();
// No need to declare a Yadis Session Handler
common_ensure_session(); // This is transparent to OpenID's eyes
$consumer = new Auth_OpenID_Consumer($store);
return $consumer;
}
@ -197,7 +222,7 @@ function oid_authenticate($openid_url, $returnto, $immediate=false)
//
// Since the GET should always work anyway, we'll just take out the
// autosubmitter for now.
//
//
//if ($auth_request->shouldSendRedirect()) {
$redirect_url = $auth_request->redirectURL($trust_root,
$process_url,