Merge branch 'master' of ../laconica-stable

2009-01-08 16:01:54 -05:00 · 2009-01-08 16:01:54 -05:00 · 2d456a15e5
commit 2d456a15e5
parent 93cb7e07f7 28d17d8d90
5 changed files with 19 additions and 336 deletions
--- a/12
+++ b/12
@ -667,7 +667,7 @@ Upgrading
 =========
 If you've been using Laconica 0.6, 0.5 or lower, or if you've been
-tracking the "darcs" version of the software, you will probably want
+tracking the "git" version of the software, you will probably want
 to upgrade and keep your existing data. There is no automated upgrade
 procedure in Laconica 0.6.4. Try these step-by-step instructions; read
 to the end first before trying them.
@ -1068,7 +1068,7 @@ The primary output for Laconica is syslog, unless you configured a
 separate logfile. This is probably the first place to look if you're
 getting weird behaviour from Laconica.
-If you're tracking the unstable version of Laconica in the darcs
+If you're tracking the unstable version of Laconica in the git
 repository (see below), and you get a compilation error ("unexpected
 T_STRING") in the browser, check to see that you don't have any
 conflicts in your code.
@ -1103,12 +1103,12 @@ Unstable version
 ================
 If you're adventurous or impatient, you may want to install the
-development version of Laconica. To get it, use the darcs version
+development version of Laconica. To get it, use the git version
-control tool (http://darcs.net/) like so:
+control tool (http://git-scm.com/) like so:
-	darcs get http://laconi.ca/darcs/ mublog
+	git clone http://laconi.ca/software/laconica.git
-To keep it up-to-date, use 'darcs pull'. Watch for conflicts!
+To keep it up-to-date, use 'git pull'. Watch for conflicts!
 Further information
 ===================
--- a/doc/openmicroblogging.txt
+++ b/doc/openmicroblogging.txt
@ -1,325 +0,0 @@
 ===============================
 OpenMicroBlogging specification
 ===============================
 :Author: Evan Prodromou (Control Yourself, Inc.)
 :Contact: evan@controlezvous.ca
 :Revision: 0.1.1
 :Date: 2008-07-07
 :Copyright: To the extent possible under law, Control Yourself, Inc 
 	    has waived all copyright, moral rights, database rights,
 	    and any other rights that might be asserted over
 	    The OpenMicroBlogging specification.
 Purpose
 =======
 To allow users of one microblogging service to publish notices to
 users of another service, given the other users' permission.
 Enabling technologies
 =====================
 Depends on OAuth 1.0, OAuth Discovery 1.0, YADIS 1.0.
 We piggy-back additional information onto these protocols to pass
 microblogging information back and forth.
 Terminology
 ===========
 microblogging service
    undefined.
 user
    undefined.
 listen
    to allow a remote service to send notices to the user's local
    service on a remote user's behalf.
 listener
    the person listening.
 listenee
    the user sending notices.
 remote service
    the listenee's microblogging service.
 local service
    the listener's microblogging service.
 profile URL
    "home" URL for the listener, typically their profile page on a
    microblogging site.
 nickname
    An alphanumeric short name for a person, 1-64 characters.
 identifier URI
    A globally unique and unchanging identifying URI for a user.
    Need not be an URL. [*]_
 notice URI
    A unique and unchanging identifier for a notice. Need not be an
    URL. [*]_
 .. [*] May be the profile URL, if it's defined not to change or be
   re-used. The profile URL of some services includes the nickname,
   and some let the user change his/her nickname. This user's profile
   URL may change from 'http://example.net/~john' to 
   'http://example.net/~johnsmith' A tag URI, like 
   'tag:example.net,2008:user:1' may be more appropriate here.
 .. [*] IWBNI the notice URI is used everywhere the notice is
   published; for example, in any RSS feeds.
 Initiation
 ==========
 The user submits their profile URL [*]_ to the remote service somehow --
 for example, with an HTML form on the remote service's Web site. 
 .. [*] For OAuth Discovery, this is the "protected resource". It may
   be more correct that the protected resource is the postNotice URL
   (see below), but the listener will be more familiar with their own
   profile URL. So there will have to be discovery of the postNotice
   URL anyways, and it might as well all be done in one step.
 Discovery
 =========
 The remote service recovers a YADIS document from the profile URL, as
 described in OAuth Discovery.
 The request token service must have a LocalID associated with it,
 containing the identifier URI for the listener.
 The following two extra services must be included in the YADIS
 document, with accompanying URIs.
 http://openmicroblogging.org/protocol/0.1/postNotice
    Post Notice URL, as defined below.
 http://openmicroblogging.org/protocol/0.1/updateProfile
    Update Profile URL, as defined below.
 If any of the URIs is unavailable, the remote service MUST stop
 processing.
 Authorization
 =============
 The remote service must go through the OAuth 1.0 dance to get
 authorization to post notices and update profiles.
 In all OAuth, the consumer key should be the root URL for the
 microblogging service, if available. The secret should be the blank
 string (''), unless the remote server and local service have negotiated
 another key. Such negotiation is out-of-scope for this document, and we
 assume an "open" network of microblogging services. But if you want to
 have that kind of network, do it with this key.
 The remote service MUST do OAuth for every new listener, regardless of
 whether they've already received authorization for posting to the
 given postNotice URL. See `Posting a Notice`_ below.
 Request token
 -------------
 The remote service uses the defined requestToken URL to get a request
 token.
 In the request token HTTP request, the remote service MUST send the
 following additional parameter(s):
 omb_version
    'http://openmicroblogging.org/protocol/0.1'
 omb_listener
    The identifier URI for the listener.
 In the results for the request token request, the local service MUST
 send the following additional parameters:
 omb_version
    'http://openmicroblogging.org/protocol/0.1'
 User authorization
 ------------------
 In requesting user authorization, the remote service must send the
 following parameters:
 omb_version
    'http://openmicroblogging.org/protocol/0.1'.
 omb_listener
    The identifier URI for the listener.
 omb_listenee
    The identifier URI for the listenee.
 omb_listenee_profile
    The profile URL of the listenee.
 omb_listenee_nickname
    The nickname of the listenee.
 omb_listenee_license
    The default license URL for the listenee's stream. Typically the
    URL of a Creative Commons license, with the Attribution license
    being heavily encouraged. CC0 quitclaim also pretty good. The
    local service MAY reject listenees if their licenses are
    incompatible with the service.
 The remote service should send as many of the following parameters as
 possible. This will help the user decide if they really want to allow
 the listening to happen, and allow the local service to store a copy
 of the listenee's profile.
 omb_listenee_fullname
    The full name of the listenee. Up to 255 chars.
 omb_listenee_homepage
    The home page of the listenee (may be distinct from the profile
    URL).
 omb_listenee_bio
    A brief biography of the listenee; less than 140 chars.
 omb_listenee_location
    Physical location of the listenee; less that 255 chars. No fixed
    structure, but "Locality, Region, Country" or "Locality, Country"
    or "Locality, Region" recommended.
 omb_listenee_avatar
    URL of a 96px by 96px image in PNG, GIF or JPEG format representing
    the listenee.
 The local service, in a successful response, must return the
 following additional parameters:
 omb_version
    'http://openmicroblogging.org/protocol/0.1'.
 omb_listener_nickname
    A nickname for the listener.
 omb_listener_profile
    The profile URL for the listener, possibly cleaned up or
    canonicalized.
 It should return as many of the following as possible:
 omb_listener_fullname
    The full name of the listener. Up to 255 chars.
 omb_listener_homepage
    The home page of the listener (may be distinct from the profile
    URL).
 omb_listener_bio
    A brief biography of the listener; less than 140 chars.
 omb_listener_location
    Physical location of the listener; less that 255 chars. No fixed
    structure, but "Locality, Region, Country" or "Locality, Country"
    or "Locality, Region" recommended.
 omb_listener_avatar
    URL of a 96px by 96px image in PNG, GIF or JPEG format representing
    the listener.
 This will allow the remote service to display information about the
 listener in the listenee's "listeners" or "subscribers" list.
 Access token
 ------------
 The access token step of the OAuth protocol requires no additional
 parameters.
 Posting a Notice
 ================
 To post a notice to the local service, the remote service sends an HTTP
 POST message to the postNotice URL discovered above. The message must
 use OAuth authorization. The message must also include the following
 parameters:
 omb_version
    'http://openmicroblogging.org/protocol/0.1'.
 omb_listenee
    The identifier URI for the listenee.
 omb_notice
    The notice URI.
 omb_notice_content
    The content of the notice. No maximum, but 140 chars is recommended.
 The message may include the following parameters:
 omb_notice_url
    The URL of the notice, if the notice is retrievable.
 omb_notice_license
    The URL of the license for the notice, if different from the
    listenee's default license.
 omb_seealso
    URL of additional content for the notice; for example, an image,
    video, or audio file.
 omb_seealso_disposition
    One of 'link' or 'inline', to recommend how the extra data should
    be shown. Default 'link'.
 omb_seealso_mediatype
    Internet Media Type of the see-also data. Advisory, probably
    shouldn't be trusted.
 omb_seealso_license
    License for the attached data. May be distinct from the notice's
    license (if they're passing along someone else's content).
 The local service should include the following parameters in its
 response:
 omb_version
    'http://openmicroblogging.org/protocol/0.1'.
 The local service makes no guarantees about the delivery of the notice
 to anyone.
 The remote service SHOULD NOT send a message with the same notice URL
 to the same postNotice URL more than once. [*]_ If the request returns
 a 403 Unauthorized message, the remote service SHOULD NOT post
 messages to the same URL again with the same listenee, until another
 listener has gone through the OAuth dance. [*]_
 .. [*] A half-assed optimization. A local service may have a lot of
   listeners listening to the same listenee. It would be pointless to
   have the remote service post the same notice 100 times to the same
   service. However, if the local service wants fine-grained control,
   it can have a different postNotice URL for each listener.
 .. [*] If there's one postNotice URL per listener, the 403 message
   means the listener has told the local service not to allow posting
   any more ("unsubscribed"). If there's one postNotice URL per local
   service, it means that the count of listeners has dropped to 0.
 Updating a profile
 ==================
 If the listenee's profile information changes, the remote service MAY
 send an HTTP POST message to to the updateProfile URL to tell the
 local service about the change.
 The message must use OAuth authorization. The message must also
 include the following parameters:
 omb_version
    'http://openmicroblogging.org/protocol/0.1'.
 omb_listenee
    The identifier URI for the listenee.
 The message may include any of the following parameters:
 omb_listenee_profile
    The profile URL of the listenee.
 omb_listenee_nickname
    The nickname of the listenee.
 omb_listenee_license
    The default license URL for the listenee's stream. A change in the
    default license only applies to future notices; notices previous
    to the update SHOULD be treated as under the old license.
 omb_listenee_fullname
    The full name of the listenee. Up to 255 chars.
 omb_listenee_homepage
    The home page of the listenee.
 omb_listenee_bio
    A brief biography of the listenee; less than 140 chars.
 omb_listenee_location
    Physical location of the listenee; less that 255 chars.
 omb_listenee_avatar
    URL of a 96px by 96px image in PNG, GIF or JPEG format representing
    the listenee.
 Missing parameters should not be construed to mean that the profile
 field has been blanked. The remote service MUST set the parameter to
 an empty string to show that the field is blank.
 References
 ==========
 * OAuth: http://oauth.net/
 * OAuth Discovery: http://oauth.net/discovery/1.0
 * XRDS Simple: http://xrds-simple.net/core/1.0/
--- a/extlib/Auth/OpenID.php
+++ b/extlib/Auth/OpenID.php
@ -20,7 +20,7 @@
 /**
 * The library version string
 */
-define('Auth_OpenID_VERSION', '2.1.1');
+define('Auth_OpenID_VERSION', '2.1.2');
 /**
 * Require the fetcher code.
--- a/extlib/Auth/OpenID/Consumer.php
+++ b/extlib/Auth/OpenID/Consumer.php
@ -711,7 +711,9 @@ class Auth_OpenID_GenericConsumer {
            return $this->_completeInvalid($message, $endpoint);
        }
-        return new Auth_OpenID_SetupNeededResponse($endpoint);
+        $user_setup_url = $message->getArg(Auth_OpenID_OPENID2_NS,
                                           'user_setup_url');
        return new Auth_OpenID_SetupNeededResponse($endpoint, $user_setup_url);
    }
    /**
--- a/extlib/Auth/OpenID/Server.php
+++ b/extlib/Auth/OpenID/Server.php
@ -765,12 +765,17 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request {
    function Auth_OpenID_CheckIDRequest($identity, $return_to,
                                        $trust_root = null, $immediate = false,
-                                        $assoc_handle = null, $server = null)
+                                        $assoc_handle = null, $server = null,
                                        $claimed_id = null)
    {
        $this->namespace = Auth_OpenID_OPENID2_NS;
        $this->assoc_handle = $assoc_handle;
        $this->identity = $identity;
-        $this->claimed_id = $identity;
+        if ($claimed_id === null) {
            $this->claimed_id = $identity;
        } else {
            $this->claimed_id = $claimed_id;
        }
        $this->return_to = $return_to;
        $this->trust_root = $trust_root;
        $this->server =& $server;
@ -1098,7 +1103,8 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request {
                                                $this->trust_root,
                                                false,
                                                $this->assoc_handle,
-                                                $this->server);
+                                                $this->server,
                                                $this->claimed_id);
                $setup_request->message = $this->message;
                $setup_url = $setup_request->encodeToURL($server_url);