finishaddopenid.php 6.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202
  1. <?php
  2. /**
  3. * StatusNet, the distributed open-source microblogging tool
  4. *
  5. * Complete adding an OpenID
  6. *
  7. * PHP version 5
  8. *
  9. * LICENCE: This program is free software: you can redistribute it and/or modify
  10. * it under the terms of the GNU Affero General Public License as published by
  11. * the Free Software Foundation, either version 3 of the License, or
  12. * (at your option) any later version.
  13. *
  14. * This program is distributed in the hope that it will be useful,
  15. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17. * GNU Affero General Public License for more details.
  18. *
  19. * You should have received a copy of the GNU Affero General Public License
  20. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  21. *
  22. * @category Settings
  23. * @package StatusNet
  24. * @author Evan Prodromou <evan@status.net>
  25. * @copyright 2008-2009 StatusNet, Inc.
  26. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  27. * @link http://status.net/
  28. */
  29. if (!defined('STATUSNET')) {
  30. exit(1);
  31. }
  32. require_once INSTALLDIR.'/plugins/OpenID/openid.php';
  33. /**
  34. * Complete adding an OpenID
  35. *
  36. * Handle the return from an OpenID verification
  37. *
  38. * @category Settings
  39. * @package StatusNet
  40. * @author Evan Prodromou <evan@status.net>
  41. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  42. * @link http://status.net/
  43. */
  44. class FinishaddopenidAction extends Action
  45. {
  46. public $msg = null;
  47. /**
  48. * Handle the redirect back from OpenID confirmation
  49. *
  50. * Check to see if the user's logged in, and then try
  51. * to use the OpenID login system.
  52. *
  53. * @param array $args $_REQUEST arguments
  54. *
  55. * @return void
  56. */
  57. public function handle()
  58. {
  59. parent::handle();
  60. if (!common_logged_in()) {
  61. // TRANS: Error message displayed when trying to perform an action that requires a logged in user.
  62. $this->clientError(_m('Not logged in.'));
  63. } else {
  64. $this->tryLogin();
  65. }
  66. }
  67. /**
  68. * Try to log in using OpenID
  69. *
  70. * Check the OpenID for validity; potentially store it.
  71. *
  72. * @return void
  73. */
  74. public function tryLogin()
  75. {
  76. $consumer = oid_consumer();
  77. $response = $consumer->complete(common_local_url('finishaddopenid'));
  78. if ($response->status == Auth_OpenID_CANCEL) {
  79. // TRANS: Status message in case the response from the OpenID provider is that the logon attempt was cancelled.
  80. $this->message(_m('OpenID authentication cancelled.'));
  81. return;
  82. } elseif ($response->status == Auth_OpenID_FAILURE) {
  83. // TRANS: OpenID authentication failed; display the error message.
  84. // TRANS: %s is the error message.
  85. $this->message(sprintf(
  86. _m('OpenID authentication failed: %s.'),
  87. $response->message
  88. ));
  89. } elseif ($response->status == Auth_OpenID_SUCCESS) {
  90. $display = $response->getDisplayIdentifier();
  91. $canonical = ($response->endpoint && $response->endpoint->canonicalID) ?
  92. $response->endpoint->canonicalID : $display;
  93. $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response);
  94. if ($sreg_resp) {
  95. $sreg = $sreg_resp->contents();
  96. }
  97. // Launchpad teams extension
  98. if (!oid_check_teams($response)) {
  99. // TRANS: OpenID authentication error.
  100. $this->message(_m('OpenID authentication aborted: You are not allowed to login to this site.'));
  101. return;
  102. }
  103. $cur = common_current_user();
  104. $other = oid_get_user($canonical);
  105. if ($other) {
  106. if ($other->id == $cur->id) {
  107. // TRANS: Message in case a user tries to add an OpenID that is already connected to them.
  108. $this->message(_m('You already have this OpenID!'));
  109. } else {
  110. // TRANS: Message in case a user tries to add an OpenID that is already used by another user.
  111. $this->message(_m('Someone else already has this OpenID.'));
  112. }
  113. return;
  114. }
  115. // start a transaction
  116. $cur->query('BEGIN');
  117. $result = oid_link_user($cur->id, $canonical, $display);
  118. if (!$result) {
  119. // TRANS: Message in case the OpenID object cannot be connected to the user.
  120. $this->message(_m('Error connecting user.'));
  121. return;
  122. }
  123. if (isset($_SESSION['openid_synch']) && $_SESSION['openid_synch']) {
  124. if (Event::handle('StartOpenIDUpdateUser', [$cur, $canonical, &$sreg])) {
  125. if (!oid_update_user($cur, $sreg)) {
  126. // TRANS: Message in case the user or the user profile cannot be saved in StatusNet.
  127. $this->message(_m('Error updating profile.'));
  128. return;
  129. }
  130. }
  131. Event::handle('EndOpenIDUpdateUser', [$cur, $canonical, $sreg]);
  132. }
  133. unset($_SESSION['openid_synch']);
  134. // success!
  135. $cur->query('COMMIT');
  136. oid_set_last($display);
  137. common_redirect(common_local_url('openidsettings'), 303);
  138. }
  139. }
  140. /**
  141. * Show a failure message
  142. *
  143. * Something went wrong. Save the message, and show the page.
  144. *
  145. * @param string $msg Error message to show
  146. *
  147. * @return void
  148. */
  149. public function message($msg)
  150. {
  151. $this->message = $msg;
  152. $this->showPage();
  153. }
  154. /**
  155. * Title of the page
  156. *
  157. * @return string title
  158. */
  159. public function title()
  160. {
  161. // TRANS: Title after getting the status of the OpenID authorisation request.
  162. return _m('OpenID Login');
  163. }
  164. /**
  165. * Show error message
  166. *
  167. * @return void
  168. */
  169. public function showPageNotice()
  170. {
  171. if ($this->message) {
  172. $this->element('p', 'error', $this->message);
  173. }
  174. }
  175. }