From a62adbd9cb180fe6bbf88cff2f787d262f737ecb Mon Sep 17 00:00:00 2001 From: cash Date: Sat, 17 Dec 2011 12:43:35 -0500 Subject: removed code from previous plugin --- CHANGES.txt | 3 - README.txt | 46 -- actions/admin.php | 34 -- actions/login.php | 4 - actions/missing.php | 54 -- actions/openid_client/login.php | 2 +- actions/openid_client/register.php | 6 +- actions/sync.php | 57 -- graphics/login-bg.gif | Bin 237 -> 0 bytes graphics/openid.jpg | Bin 1117 -> 0 bytes languages/en.php | 124 +---- manifest.xml | 24 +- models/model.php | 701 ------------------------- pages/admin.php | 27 - pages/confirm.php | 46 -- pages/reset.php | 12 - pages/sso.php | 52 -- return.php | 2 +- start.php | 4 +- views/default/forms/openid_client/register.php | 6 +- views/default/openid_client/css.php | 46 +- views/default/openid_client/forms/admin.php | 99 ---- views/default/openid_client/forms/login.php | 57 -- views/default/openid_client/forms/missing.php | 73 --- views/default/openid_client/forms/sync.php | 86 --- views/default/openid_client/login.php | 2 +- 26 files changed, 40 insertions(+), 1527 deletions(-) delete mode 100644 CHANGES.txt delete mode 100644 README.txt delete mode 100644 actions/admin.php delete mode 100644 actions/login.php delete mode 100644 actions/missing.php delete mode 100644 actions/sync.php delete mode 100644 graphics/login-bg.gif delete mode 100644 graphics/openid.jpg delete mode 100644 models/model.php delete mode 100644 pages/admin.php delete mode 100644 pages/confirm.php delete mode 100644 pages/reset.php delete mode 100644 pages/sso.php delete mode 100644 views/default/openid_client/forms/admin.php delete mode 100644 views/default/openid_client/forms/login.php delete mode 100644 views/default/openid_client/forms/missing.php delete mode 100644 views/default/openid_client/forms/sync.php diff --git a/CHANGES.txt b/CHANGES.txt deleted file mode 100644 index b5d506dd5..000000000 --- a/CHANGES.txt +++ /dev/null @@ -1,3 +0,0 @@ -1.3 - -Added a reset page. See README.txt for more infomation. \ No newline at end of file diff --git a/README.txt b/README.txt deleted file mode 100644 index f4103daf4..000000000 --- a/README.txt +++ /dev/null @@ -1,46 +0,0 @@ -/** - * Login using OpenID - * - * @package openid_client - * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2 - * @author Kevin Jardine - * @copyright Curverider 2008-2009 - * @link http://radagast.biz/ - * - */ - - Just unzip into your Elgg mod directory and activate. - - There are several configuration options that you can use to add fancier - features. These are available through the "Configure OpenID client" link - in the admin sidebar. But they are not needed for basic operation. - - *Single Sign-On Link* - - You can optionally configure a single-sign-on link of the form: - - http://url-for-your-elgg/pg/openid_client/sso?username=XXX - - where XXX is an OpenID. - - This can be useful if you are integrating Elgg into another application. - Just put that link into your application navigation, and your user will be - automatically logged-in to Elgg using OpenID. - - This feature is turned off by default. You can activate it on the admin page. - - This link may be insecure because it routes around the XSS protection system - normally used by the plugin. You have been warned. - - *Reset page* - - When logged-in as a site admin, you can visit: - - http://url-for-your-elgg/pg/openid_client/reset - - to reset all your OpenID associations and nonces. This may help if your - association data with a particular OpenID server has become corrupted. - - These are just cached values and will temporarily slow down the next people - who login to your site using OpenID, but not by a large amount. Once the - cache is refreshed, things should be back to normal. \ No newline at end of file diff --git a/actions/admin.php b/actions/admin.php deleted file mode 100644 index 568c852a5..000000000 --- a/actions/admin.php +++ /dev/null @@ -1,34 +0,0 @@ -wwwroot . "pg/openid_client/admin"); - diff --git a/actions/login.php b/actions/login.php deleted file mode 100644 index 44b8233fd..000000000 --- a/actions/login.php +++ /dev/null @@ -1,4 +0,0 @@ -email = $email; - $details->name = $name; - openid_client_send_activate_confirmation_message($details); - system_message(sprintf(elgg_echo("openid_client:activate_confirmation"),$email)); - } elseif ($code{0} == 'n') { - //activate and login - $user = get_user($details->owner); - $user->email = $email; - $user->name = $name; - $user->active = 'yes'; - $user->save(); - system_message(sprintf(elgg_echo("openid_client:created_openid_account"),$email, $name)); - login($user); - } - forward(); -} elseif ($details) { - // regenerate the form - $user = get_user($details->owner); - $openid_url = $user->alias; - $email_confirmation = openid_client_check_email_confirmation($openid_url); - $body = openid_client_generate_missing_data_form($openid_url,$email,$fullname,$email_confirmation,$code); - page_draw(elgg_echo('openid_client:information_title'),$body); -} else { - // bad code - not much to do but inform user - forward(); -} diff --git a/actions/openid_client/login.php b/actions/openid_client/login.php index 5e7ad3ace..305ea3110 100644 --- a/actions/openid_client/login.php +++ b/actions/openid_client/login.php @@ -1,6 +1,6 @@ $user), true)) } login($user); -system_message($message); +system_message(elgg_echo('openid_client:success:register')); forward(); diff --git a/actions/sync.php b/actions/sync.php deleted file mode 100644 index 3f93df9df..000000000 --- a/actions/sync.php +++ /dev/null @@ -1,57 +0,0 @@ -name = $name; - system_message(sprintf(elgg_echo("openid_client:name_updated"),$name)); - } - - if ($emailchange) { - $i_code = get_input('i_code'); - if (empty($i_code)) { - $new_email = get_input('new_email'); - // this is an email address change request from a yellow OpenID, so the - // email address change must be confirmed with an email message - if (get_user_by_email($email)) { - register_error(sprintf(elgg_echo("openid_client:email_in_use"),$email)); - } else { - $details = openid_client_create_invitation('c',$user->username,$userid,$new_email,$user->name); - openid_client_send_change_confirmation_message($details); - system_message(sprintf(elgg_echo("openid_client:change_confirmation"), $email)); - } - } elseif (!($details = openid_client_get_invitation($i_code))) { - register_error(elgg_echo("openid_client:invalid_code_error")); - } else { - // this is an email address change request from a green OpenID, so the - // email address change does not need to be confirmed - - $email = $details->email; - $ident = $details->owner; - if (get_user_by_email($email)) { - register_error(sprintf(elgg_echo("openid_client:email_in_use"),$email)); - } else { - $user->email; - system_message(sprintf(elgg_echo("openid_client:email_updated"),$email)); - } - } - } - - if ($nosync) { - $store = new OpenID_ElggStore(); - $store->addNoSyncStatus($user); - } -} - -forward(); diff --git a/graphics/login-bg.gif b/graphics/login-bg.gif deleted file mode 100644 index cde836c89..000000000 Binary files a/graphics/login-bg.gif and /dev/null differ diff --git a/graphics/openid.jpg b/graphics/openid.jpg deleted file mode 100644 index 4e7b8f856..000000000 Binary files a/graphics/openid.jpg and /dev/null differ diff --git a/languages/en.php b/languages/en.php index 3357305e8..a5a5589ad 100644 --- a/languages/en.php +++ b/languages/en.php @@ -1,119 +1,11 @@ "Log in using OpenID", - 'openid_client_login_service' => "Service", - 'openid_client_logon' => "Logon", - 'openid_client_go' => "Go", - 'openid_client_remember_login' => "Remember login", - 'openid_client:already_loggedin' => "You are already logged in.", - 'openid_client:login_success' => "You have been logged on.", - 'openid_client:login_failure' => "The username was not specified. The system could not log you in.", - 'openid_client:disallowed' => "This site does not allow the OpenID that you entered. " - ."Please try another OpenID or contact the site administrator for more information.", - 'openid_client:redirect_error' => "Could not redirect to server: %s", - 'openid_client:authentication_failure' => "OpenID authentication failed: %s is not a valid OpenID URL.", - 'openid_client:authentication_cancelled' => "OpenID authentication cancelled.", - 'openid_client:authentication_failed' => "OpenID authentication failed (status: %s, message: %s )", - 'openid_client:banned' => "You have been banned from the system!", - 'openid_client:email_in_use' => "Cannot change your email address to %s because it is already in use.", - 'openid_client:email_updated' => "Your email address has been updated to %s", - 'openid_client:information_title' => "OpenID information", - 'openid_client:activate_confirmation' => "A confirmation message has been sent to %s ." - ." Please click on the link in that message to activate your account." - ." You will then be able to login using the OpenID you have supplied.", - 'openid_client:change_confirmation' => "Your email address has changed. A confirmation message has been sent to" - ." your new address at %s . Please click on the link in that message to confirm this new email address. ", - 'openid_client:activate_confirmation_subject' => "%s account verification", - 'openid_client:activate_confirmation_body' => "Dear %s,\n\nThank you for registering with %s.\n\n" - ."To complete your registration, visit the following URL:\n\n\t%s\n\nwithin seven days.\n\nRegards,\n\nThe %s team.", - 'openid_client:change_confirmation_subject' => "%s email change", - 'openid_client:change_confirmation_body' => "Dear %s,\n\nWe have received a request to change your email address" - ." registered with %s.\n\nTo change your email address to {%s}, visit the following URL:\n\n\t%s\n\nwithin seven days." - ."\n\nRegards,\n\nThe %s team.", - 'openid_client:email_label' => "Email:", - 'openid_client:name_label' => "Name:", - 'openid_client:submit_label' => "Submit", - 'openid_client:cancel_label' => "Cancel", - 'openid_client:nosync_label' => "Do not notify me again if the data on this system is not the same" - ." as the data on my OpenID server.", - 'openid_client:sync_instructions' => "The information on your Open ID server is not the same as on this system." - ." Tick the check boxes next to the information you would like to update (if any) and press submit.", - 'openid_client:missing_title' => "Please provide missing information", - 'openid_client:sync_title' => "Synchronise your information", - 'openid_client:missing_email' => "a valid email address", - 'openid_client:missing_name' => "your full name", - 'openid_client:and' => "and", - 'openid_client:missing_info_instructions' => "In order to create an account on this site you need to supply %s." - ." Please enter this information below.", - 'openid_client:create_email_in_use' => "Cannot create an account with the email address %s because it is already in use.", - 'openid_client:missing_name_error' => "You must provide a name.", - 'openid_client:invalid_email_error' => "You must provide a valid email address.", - 'openid_client:invalid_code_error' => "Your form code appears to be invalid. Codes only last for seven days;" - ." it's possible that yours is older.", - 'openid_client:user_creation_failed' => "Unable to create OpenID account.", - 'openid_client:created_openid_account' => "Created OpenID account, transferred email %s and name %s from the OpenID server.", - 'openid_client:name_updated' => "Your name has been updated to %s.", - 'openid_client:missing_confirmation_code' => "Your confirmation code appears to be missing. Please check your link and try again.", - 'openid_client:at_least_13' => "You must indicate that you are at least 13 years old to join.", - 'openid_client:account_created' => "Your account was created! You can now log in using the OpenID (%s) you supplied.", - 'openid_client:email_changed' => "Your email address has been changed to {%s} . " - ."You can now login using your OpenID if you are not already logged in.", - 'openid_client:thankyou' => "Thank you for registering for an account with %s!" - ." Registration is completely free, but before you confirm your details," - ." please take a moment to read the following documents:", - 'openid_client:terms' => "terms and conditions", - 'openid_client:privacy' => "privacy policy", - 'openid_client:acceptance' => "Submitting the form below indicates acceptance of these terms. " - ."Please note that currently you must be at least 13 years of age to join the site.", - 'openid_client:correct_age' => "I am at least thirteen years of age.", - 'openid_client:join_button_label' => "Join", - 'openid_client:confirmation_title' => "OpenID confirmation", - 'openid_client:admin_title' => "Configure OpenID client", - 'openid_client:default_server_title' => "Default server", - 'openid_client:default_server_instructions1' => "You can simplify logging on using OpenID by specifying a default OpenID server." - ." Users who enter a simple account name (eg. \"susan\") during an OpenID login can have it expanded to a full OpenID" - ." if you provide a default server here. Put \"%s\" where you want the account name added. For example, enter" - ." \"http://openidserver.com/%s/\" if you want the OpenID to become \"http://openidserver.com/susan/\" or" - ." \"http://%s.openidserver.com/\" if you want the OpenID to become \"http://susan.openidserver.com/\"", - 'openid_client:default_server_instructions2' => "The presence of dots (\".\") is used to distinguish OpenID URLs from simple" - ." account names, so you can only use this feature for default servers that do not allow dots in their simple account names.", - 'openid_client:server_sync_title' => "Server synchronisation", - 'openid_client:server_sync_instructions' => "Check this box if you want to automatically update this client site if a" - ." user logs in and their email address or name is different from that on their OpenID server. Leave this box unchecked" - ." if you want to allow your users to have the ability to maintain a different name or email address on this system" - ." from the ones on their OpenID server.", - 'openid_client:server_sync_label' => "Automatically update from the OpenID server.", - - 'openid_client:sso_title' => "Single sign-on", - 'openid_client:sso_instructions' => "Check this box if you want to activate the single sign-on link." - ." This link simulates an Elgg OpenID login form submit and can be used to create a one-click single sign-on with Elgg." - ." Note that it is a bit insecure becomes it circumvents Elgg's XSS security" - ." and could in principle be used to log the user into Elgg without his/her knowledge.", - 'openid_client:sso_label' => "Enable single sign-on (SSO) link.", - - 'openid_client:lists_title' => "OpenID lists", - 'openid_client:lists_instruction1' => "You can set up a green, yellow or red list of OpenIDs that this client will accept.", - 'openid_client:lists_instruction2' => "The green list contains OpenIDs that will be accepted to provide identification" - ." and that can supply a trusted email address.", - 'openid_client:lists_instruction3' => "The yellow list contains OpenIDs that will be accepted for identification only." - ." If they provide an email address, a message will be sent to that address for confirmation before registration is allowed.", - 'openid_client:lists_instruction4' => "The red list contains OpenIDs that should be rejected.", - 'openid_client:lists_instruction5' => "If you do not provide a green, yellow or red list, by default all OpenIDs" - ." will be given a green status (they will be accepted for identification and email addresses that they provide will be" - ." accepted without confirmation).", - 'openid_client:lists_instruction6' => "Put one OpenID entry on each line. You can use \"*\" as a wildcard character" - ." to match a number of possible OpenIDs or OpenID servers. Each OpenID must begin with http:// or https:// and end with a" - ." slash (\"/\") - eg. http://*.myopenid.com/", - 'openid_client:green_list_title' => "Green list", - 'openid_client:yellow_list_title' => "Yellow list", - 'openid_client:red_list_title' => "Red list", - 'openid_client:ok_button_label' => "OK", - 'openid_client:admin_response' => "OpenID client configuration values saved." - - ); - - add_translation("en",$english); +$english = array( + 'openid_client:success:register' => 'Your account has been created.', + 'openid_client:error:bad_register' => 'Unable to create an account. Please contact a site administrator.', +); -?> \ No newline at end of file +add_translation('en', $english); diff --git a/manifest.xml b/manifest.xml index fd0d0a2a7..8003097e8 100644 --- a/manifest.xml +++ b/manifest.xml @@ -1,9 +1,19 @@ - - - - - - - + + OpenID Client + Core developers + 1.8 + OpenID consumer for Elgg. Enabled users log in using their credentials from sites like Google and Yahoo. + user + http://www.elgg.org/ + Cash Costello 2011 + GNU General Public License version 2 + + elgg_release + 1.8 + + + plugin + openid_api + diff --git a/models/model.php b/models/model.php deleted file mode 100644 index 38d4dabea..000000000 --- a/models/model.php +++ /dev/null @@ -1,701 +0,0 @@ - $server_url, - 'handle' => $handle - ); - $assocs = get_entities_from_metadata_multi($meta_array, 'object', 'openid_client::association'); - } else { - $assocs = get_entities_from_metadata('server_url', $server_url, 'object','openid_client::association'); - } - - if (!$assocs || (count($assocs) == 0)) { - return null; - } else { - $associations = array(); - - foreach ($assocs as $assoc_row) { - $assoc = new Auth_OpenID_Association($assoc_row->handle, - base64_decode($assoc_row->secret), - $assoc_row->issued, - $assoc_row->lifetime, - $assoc_row->assoc_type); - - if ($assoc->getExpiresIn() == 0) { - OpenID_ElggStore::removeAssociation($server_url, $assoc->handle); - } else { - $associations[] = array($assoc->issued, $assoc); - } - } - - if ($associations) { - $issued = array(); - $assocs = array(); - foreach ($associations as $key => $assoc) { - $issued[$key] = $assoc[0]; - $assocs[$key] = $assoc[1]; - } - - array_multisort($issued, SORT_DESC, $assocs, SORT_DESC, - $associations); - - // return the most recently issued one. - list($issued, $assoc) = $associations[0]; - return $assoc; - } else { - return null; - } - } - } - - function removeAssociation ($server_url, $handle) { - if (isset($handle)) { - $meta_array = array( - 'server_url' => $server_url, - 'handle' => $handle - ); - $entities = get_entities_from_metadata_multi($meta_array, 'object', 'openid_client::association'); - } else { - $entities = get_entities_from_metadata('server_url', $server_url, 'object','openid_client::association'); - } - foreach ($entities as $entity) { - $entity->delete(); - } - } - function reset () { - OpenID_ElggStore::resetAssociations (); - OpenID_ElggStore::resetNonces (); - } - - function storeAssociation ($server_url, $association) { - - // Initialise a new ElggObject - $association_obj = new ElggObject(); - - $association_obj->subtype = 'openid_client::association'; - $association_obj->owner_guid = 0; - $association_obj->container_guid = 0; - $association_obj->title = 'association'; - $association_obj->access_id = 2; - - if ($association_obj->save()) { - $association_obj->server_url = $server_url; - $association_obj->handle = $association->handle; - $association_obj->secret = base64_encode($association->secret); - $association_obj->issued = $association->issued; - $association_obj->lifetime = $association->lifetime; - $association_obj->assoc_type = $association->assoc_type; - return true; - } else { - return false; - } - } - - function useNonce ( $server_url, $timestamp, $salt) { - global $Auth_OpenID_SKEW; - - if ( abs($timestamp - time()) > $Auth_OpenID_SKEW ) { - return false; - } - - // check to see if the nonce already exists - - $meta_array = array( - 'server_url' => $server_url, - 'timestamp' => $timestamp, - 'salt' => $salt - ); - - $entities = get_entities_from_metadata_multi($meta_array, 'object', 'openid_client::nonce'); - - if ($entities) { - // bad - this nonce is already in use - return false; - } else { - // Initialise a new ElggObject - $nonce_obj = new ElggObject(); - - $nonce_obj->subtype = 'openid_client::nonce'; - $nonce_obj->owner_guid = 0; - $nonce_obj->container_guid = 0; - $nonce_obj->title = 'nonce'; - $nonce_obj->access_id = 2; - - if ($nonce_obj->save()) { - $nonce_obj->server_url = $server_url; - $nonce_obj->timestamp = $timestamp; - $nonce_obj->salt = $salt; - return true; - } else { - return false; - } - } - } - - function getNoSyncStatus($user) { - if (isset($user) && isset($user->openid_client_nosync_status)) { - return $user->openid_client_nosync_status; - } else { - return false; - } - } - - function addNoSyncStatus($user) { - $user->openid_client_nosync_status = 1; - } -} - -function openid_client_create_invitation($prefix,$username,$ident,$email,$fullname) { - - $invite = new ElggObject(); - - $invite->subtype = 'invitation'; - $invite->owner_guid = 0; - $invite->container_guid = 0; - $invite->title = 'invitation'; - $invite->access_id = 2; - if ($invite->save()) { - $invite->new_owner = $ident; - $invite->name = $fullname; - $invite->email = $email; - $invite->username = $username; - $invite->code = $prefix . substr(base_convert(md5(time() . $username), 16, 36), 0, 7); - $invite->added = time(); - return $invite; - } else { - return null; - } -} - -function openid_client_get_invitation($code) { - $invitations = get_entities_from_metadata('code', $code, 'object','invitation'); - if ($invitations) { - return $invitations[0]; - } else { - return null; - } -} - -function openid_client_remove_invitation($code) { - $invitations = get_entities_from_metadata('code', $code, 'object','invitation'); - if ($invitations) { - foreach ($invitations as $invitation) { - $invitation->delete(); - } - } -} - -function openid_client_get_invitation_by_username($username) { - $invitations = get_entities_from_metadata('username', $username, 'object','invitation'); - if ($invitations) { - return $invitations[0]; - } else { - return null; - } -} - -function openid_client_send_activate_confirmation_message($details) { - - global $CONFIG; - - // not sure where these should really come from - $site = get_entity($CONFIG->site_guid); - $from_name = $site->name; - $from_email = $site->email; - - $subject = sprintf(elgg_echo('openid_client:activate_confirmation_subject'),$CONFIG->sitename); - $url = $CONFIG->wwwroot . "pg/openid_client/confirm?code=" . $details->code; - - $message = wordwrap(sprintf(elgg_echo('openid_client:activate_confirmation_body'),$details->name,$CONFIG->sitename,$url, $CONFIG->sitename)); - openid_client_email_user($details->name, $details->email, $from_name, $from_email, $subject,$message); -} - -function openid_client_send_change_confirmation_message($details) { - global $CONFIG; - - // not sure where these should really come from - $site = get_entity($CONFIG->site_guid); - $from_name = $site->name; - $from_email = $site->email; - - $subject = sprintf(elgg_echo('openid_client:change_confirmation_subject'),$from_name); - $url = $CONFIG->wwwroot . "pg/openid_client/confirm?code=" . $details->code; - $message = wordwrap(sprintf(elgg_echo('openid_client:change_confirmation_body'), - $details->name,$CONFIG->sitename,$url, $CONFIG->sitename)); - openid_client_email_user($details->name, $details->email, $from_name, $from_email, $subject,$message); -} - -$emailLabel = elgg_echo('openid_client:email_label'); -$nameLabel = elgg_echo('openid_client:name_label'); -$submitLabel = elgg_echo('openid_client:submit_label'); -$cancelLabel = elgg_echo('openid_client:cancel_label'); - -function openid_client_generate_sync_form($new_email,$new_name, $user, $email_confirmation) { - - return elgg_view_layout('one_column',elgg_view_title(elgg_echo('openid_client:sync_title')) . elgg_view("openid_client/forms/sync", - array( - 'userid' => $user->getGUID(), - 'new_email' => $new_email, - 'new_name' => $new_name, - 'email_confirmation' => $email_confirmation - ))); -} - - -function openid_client_generate_missing_data_form($openid_url,$email,$fullname,$email_confirmation,$details) { - - return elgg_view_layout('one_column',elgg_view_title(elgg_echo('openid_client:missing_title')) . elgg_view("openid_client/forms/missing", - array( - 'openid_url' => $openid_url, - 'email' => $email, - 'fullname' => $fullname, - 'email_confirmation' => $email_confirmation, - 'openid_code' => $details->code - ))); -} - -function openid_client_check_email_confirmation($openid_url) { - global $CONFIG; - - $done = false; - $email_confirmation = false; - $greenlist = get_plugin_setting('greenlist','openid_client'); - $yellowlist = get_plugin_setting('yellowlist','openid_client'); - - if ($greenlist) { - foreach (explode("\n",$greenlist) as $entry ) { - if (fnmatch($entry,$openid_url)) { - $email_confirmation = false; - $done = true; - break; - } - } - } - if (!$done && $yellowlist) { - foreach (explode("\n",$yellowlist) as $entry ) { - if (fnmatch($entry,$openid_url)) { - $email_confirmation = true; - break; - } - } - } - return $email_confirmation; -} - -//TODO: replace this function with the openid_client_register_user - -function openid_client_create_openid_user($openid_url,$email, $fullname, $email_confirmation) { - - global $messages; - - if ($email && get_user_by_email($email)) { - register_error(sprintf(elgg_echo('openid_client:create_email_in_use'),$email)); - return null; - } else { - - $user = new ElggUser(); - $user->email = $email; - $user->name = $fullname; - $user->access_id = ACCESS_PUBLIC; - $user->subtype = 'openid'; - - $user->username = openid_client_randomString(8); - - if ($user->save()) { - $id = $user->getGUID(); - $user = get_user($id); - $user->alias = $openid_url; - $user->username = "openid_".$id; - - if ($email_confirmation) { - $user->active = 'no'; - } else { - $user->active = 'yes'; - } - - $user->save(); - - return $user; - } else { - register_error(elgg_echo('openid_client:user_creation_failed')); - forward(); - return null; - } - } -} - -/** - * Registers a user, returning false if the username already exists - * - * @param string $username The username of the new user - * @param string $password The password - * @param string $name The user's display name - * @param string $email Their email address - * @param bool $allow_multiple_emails Allow the same email address to be registered multiple times? - * @param int $friend_guid Optionally, GUID of a user this user will friend once fully registered - * @return int|false The new user's GUID; false on failure - * - * Note: there is no way to pass the subtype in or to to change it afterwards, - * so this code is copied here to create users with subtype "openid" - * - */ -function openid_client_register_user($username, $password, $name, $email, $allow_multiple_emails = false, $friend_guid = 0, $invitecode = '') { - // Load the configuration - global $CONFIG; - - $username = trim($username); - // no need to trim password. - $password = $password; - $name = trim($name); - $email = trim($email); - - // A little sanity checking - if (empty($username) - || empty($password) - || empty($name) - || empty($email)) { - return false; - } - - // See if it exists and is disabled - $access_status = access_get_show_hidden_status(); - access_show_hidden_entities(true); - - // Validate email address - if (!validate_email_address($email)) { - throw new RegistrationException(elgg_echo('registration:emailnotvalid')); - } - - // Validate password - if (!validate_password($password)) { - throw new RegistrationException(elgg_echo('registration:passwordnotvalid')); - } - - // Validate the username - if (!validate_username($username)) { - throw new RegistrationException(elgg_echo('registration:usernamenotvalid')); - } - - // Check to see if $username exists already - if ($user = get_user_by_username($username)) { - //return false; - throw new RegistrationException(elgg_echo('registration:userexists')); - } - - // If we're not allowed multiple emails then see if this address has been used before - if ((!$allow_multiple_emails) && (get_user_by_email($email))) { - throw new RegistrationException(elgg_echo('registration:dupeemail')); - } - - access_show_hidden_entities($access_status); - - // Check to see if we've registered the first admin yet. - // If not, this is the first admin user! - $have_admin = datalist_get('admin_registered'); - - // Otherwise ... - $user = new ElggUser(); - $user->username = $username; - $user->email = $email; - $user->name = $name; - $user->access_id = ACCESS_PUBLIC; - $user->salt = generate_random_cleartext_password(); // Note salt generated before password! - $user->password = generate_user_password($user, $password); - $user->owner_guid = 0; // Users aren't owned by anyone, even if they are admin created. - $user->container_guid = 0; // Users aren't contained by anyone, even if they are admin created. - $user->subtype = 'openid'; - $user->save(); - - // Turn on email notifications by default - set_user_notification_setting($user->getGUID(), 'email', true); - - return $user->getGUID(); -} - -/** - * Send a notification via email. - * - * TODO: figure out how to replace this (if possible) with notify_user - * - */ -function openid_client_email_user($to_name, $to_email, $from_name, $from_email, $subject, $message) -{ - $to = "$to_name <$to_email>"; - - $headers = "From: $from_name <$from_email>\r\n"; - - return mail($to, $subject, $message, $headers); -} - - -function openid_client_randomString($length) -{ - // Generate random 32 character string - $string = md5(time()); - - // Position limiting - $highest_startpoint = 32-$length; - - // Take a random starting point in the randomly - // generated string, not going any higher then $highest_startpoint - $randomString = substr($string,rand(0,$highest_startpoint),$length); - - return $randomString; - -} - -function openid_client_delete_entities($type, $subtype = "", $owner_guid = 0) { - // sanity check to make sure "type" is defined - if ($type) { - $entities = get_entities($type, $subtype, $owner_guid, "time_created desc", 0); - - foreach ($entities as $entity) { - $entity->delete(); - } - - return true; - } -} - -function openid_client_authenticate_user_login($username) { - - global $CONFIG; - - // match username against green, yellow and red lists - - $greenlist = get_plugin_setting('greenlist','openid_client'); - $yellowlist = get_plugin_setting('yellowlist','openid_client'); - $redlist = get_plugin_setting('redlist','openid_client'); - - $passed = true; - - if ($greenlist || $yellowlist) { - $passed = false; - $yesarray = array_merge(explode("\n",$greenlist),explode("\n",$yellowlist)); - foreach ( $yesarray as $entry ) { - if (fnmatch($entry,$username)) { - $passed = true; - break; - } - } - } - - if ($passed) { - if ($redlist) { - foreach (explode("\n",$redlist) as $entry ) { - if (fnmatch($entry,$username)) { - $passed = false; - break; - } - } - } - } - - if (!$passed) { - - register_error(elgg_echo("openid_client:disallowed")); - return false; - } - - $identity_url = $username; - - $consumer = new Auth_OpenID_Consumer(new OpenID_ElggStore()); - - $auth_request = $consumer->begin($identity_url); - - if ($auth_request) { - $trust_root = $CONFIG->wwwroot; - - $return_url = $CONFIG->wwwroot.'mod/openid_client/return.php'; - - // Add simple registration arguments. - - $sreg_request = Auth_OpenID_SRegRequest::build( - // Optional - array('fullname', 'email')); - if ($sreg_request) { - $auth_request->addExtension($sreg_request); - } - - // Store the token for this authentication so we can verify the - // response. - - // For OpenID 1, send a redirect. For OpenID 2, use a Javascript - // form to send a POST request to the server. - - if ($auth_request->shouldSendRedirect()) { - $redirect_url = $auth_request->redirectURL($trust_root, - $return_url); - - // If the redirect URL can't be built, display an error - // message. - if (Auth_OpenID::isFailure($redirect_url)) { - register_error(sprintf(elgg_echo("openid_client:redirect_error"), $redirect_url->message)); - } else { - // Send redirect. - forward($redirect_url); - } - } else { - // Generate form markup and render it. - $form_id = 'openid_message'; - $form_html = $auth_request->formMarkup($trust_root, $return_url, - false, array('id' => $form_id)); - - // Display an error if the form markup couldn't be generated; - // otherwise, render the HTML. - if (Auth_OpenID::isFailure($form_html)) { - register_error(sprintf(elgg_echo("openid_client:redirect_error"), $form_html->message)); - } else { - $page_contents = array( - "", - "OpenID transaction in progress", - "", - "", - $form_html, - ""); - - print implode("\n", $page_contents); - - exit; - } - } - - } else { - register_error(sprintf(elgg_echo('openid_client:authentication_failure'),$username)); - } - - return false; - -} - -function openid_client_get_security_bit() { - $ts = time(); - $token = generate_action_token($ts); - return "__elgg_token=$token&__elgg_ts=$ts"; -} - -function openid_client_handle_login() { - global $CONFIG; - - $passthru_url = get_input('passthru_url'); - - if ($passthru_url) { - $redirect_url = $passthru_url; - } else { - $redirect_url = $CONFIG->wwwroot . "index.php"; - } - - if (isloggedin()) { - // if we're already logged in, say so and do nothing - register_error(elgg_echo("openid_client:already_loggedin")); - forward(); - } else { - set_context('openid'); - $username = trim(get_input('username')); - $externalservice = get_input('externalservice'); - - if (!empty($externalservice)) { - switch($externalservice) { - - case "livejournal": $username = "http://" . $username . ".livejournal.com"; - break; - case "aim": $username = "http://openid.aol.com/" . $username; - break; - case "vox": $username = "http://" . $username . ".vox.com"; - break; - case "wordpress": $username = "http://" . $username . ".wordpress.com"; - break; - case "pip": $username = "http://" . $username . ".pip.verisignlabs.com"; - break; - - } - } - - if (!empty($username)) { - - // normalise username - - if (strpos($username,'.') === false) { - // appears to be a bare account name, so try for a default server - $default_server = get_plugin_setting('default_server','openid_client'); - if ($default_server) { - $username = sprintf($default_server,$username); - } - } elseif ((strpos($username,'http://') === false) && (strpos($username,'https://') === false)) { - // allow for OpenID URLs that are missing the "http://" prefix - $username = 'http://'.$username; - } - - //TO DO: Find a replacement for the code below - // Remove any malformed entries - // delete_records('users', 'alias', $username, 'email', ''); - // try logging in - $ok = openid_client_authenticate_user_login($username); - if ($ok) { - system_message(elgg_echo("openid_client:login_success")); - } - } else { - register_error(elgg_echo("openid_client:login_failure")); - } - } - - forward($redirect_url); - -} - -if (!function_exists('fnmatch')) { -function fnmatch($pattern, $string) { - for ($op = 0, $npattern = '', $n = 0, $l = strlen($pattern); $n < $l; $n++) { - switch ($c = $pattern[$n]) { - case '\\': - $npattern .= '\\' . @$pattern[++$n]; - break; - case '.': case '+': case '^': case '$': case '(': case ')': case '{': case '}': case '=': case '!': case '<': case '>': case '|': - $npattern .= '\\' . $c; - break; - case '?': case '*': - $npattern .= '.' . $c; - break; - case '[': case ']': default: - $npattern .= $c; - if ($c == '[') { - $op++; - } else if ($c == ']') { - if ($op == 0) return false; - $op--; - } - break; - } - } - - if ($op != 0) return false; - - return preg_match('/' . $npattern . '/i', $string); -} -} - -?> diff --git a/pages/admin.php b/pages/admin.php deleted file mode 100644 index 9390e5b00..000000000 --- a/pages/admin.php +++ /dev/null @@ -1,27 +0,0 @@ - get_plugin_setting('default_server','openid_client'), - 'always_sync' => get_plugin_setting('always_sync','openid_client'), - 'sso' => get_plugin_setting('sso','openid_client'), - 'greenlist' => get_plugin_setting('greenlist','openid_client'), - 'yellowlist' => get_plugin_setting('yellowlist','openid_client'), - 'redlist' => get_plugin_setting('redlist','openid_client'), - )); - - -$body = elgg_view_layout("two_column_left_sidebar", '', $content); - -page_draw($title, $body); diff --git a/pages/confirm.php b/pages/confirm.php deleted file mode 100644 index 1f2668620..000000000 --- a/pages/confirm.php +++ /dev/null @@ -1,46 +0,0 @@ -new_owner); - $user->email = $details->email; - $user->name = $details->name; - $user->active = 'yes'; - $user->save(); - system_message(sprintf(elgg_echo("openid_client:account_created"), $details->username)); - openid_client_remove_invitation($code); - } - -} elseif ($code{0} == 'c') { - // request to change an email address - if (!$details = openid_client_get_invitation($code)) { - register_error(elgg_echo("openid_client:invalid_code_error")); - } else { - // OK, everything seems to be in order, so change the email address - $user = get_user($details->new_owner); - $user->email = $details->email; - $user->save(); - system_message(sprintf(elgg_echo('openid_client:email_changed'),$details->email)); - openid_client_remove_invitation($code); - } -} - -if(isset($body) && $body) { - page_draw(elgg_echo('openid_client:confirmation_title'),$body); -} else { - forward(); -} diff --git a/pages/reset.php b/pages/reset.php deleted file mode 100644 index aa85f3386..000000000 --- a/pages/reset.php +++ /dev/null @@ -1,12 +0,0 @@ -resetAssociations(); -$store->resetNonces(); - -print "OpenID store reset"; diff --git a/pages/sso.php b/pages/sso.php deleted file mode 100644 index a0098ce72..000000000 --- a/pages/sso.php +++ /dev/null @@ -1,52 +0,0 @@ -wwwroot.'action/openid_client/login'; -// $ts = time(); -// $token = generate_action_token($ts); -// $fields = array( -// '__elgg_token'=>$token, -// '__elgg_ts'=>$ts, -// 'passthru_url'=>'', -// 'externalservice'=>'', -// 'username'=>urlencode($openid_url), -// ); -// -// //url-ify the data for the POST -// foreach($fields as $key=>$value) { -// $fields_string .= $key.'='.$value.'&'; -// } -// rtrim($fields_string,'&'); -// -// //open connection -// $ch = curl_init(); -// -// //set the url, number of POST vars, POST data -// curl_setopt($ch,CURLOPT_URL,$url); -// //curl_setopt($ch,CURLOPT_POST,count($fields)); -// curl_setopt($ch,CURLOPT_POST,true); -// curl_setopt($ch,CURLOPT_POSTFIELDS,$fields_string); -// curl_setopt($ch,CURLOPT_RETURNTRANSFER,false); -// curl_setopt($ch,CURLOPT_FAILONERROR,true); -// //curl_setopt($ch,CURLOPT_HEADER, true); -// curl_setopt($ch,CURLOPT_FOLLOWLOCATION,true); -// -// //execute post -// curl_exec($ch); -// -// //print_r (curl_getinfo($ch)); -// -// //print $result; -// -// //close connection -// curl_close($ch); - -?> \ No newline at end of file diff --git a/return.php b/return.php index 23751e54a..2ae21e21f 100644 --- a/return.php +++ b/return.php @@ -48,7 +48,7 @@ if ($users) { // register the new user $result = openid_client_registration_page_handler($data); if (!$result) { - register_error(); + register_error('openid_client:error:bad_register'); forward(); } } diff --git a/start.php b/start.php index d335d6e55..34f3e136f 100644 --- a/start.php +++ b/start.php @@ -1,7 +1,9 @@ 'username', 'value' => $vars['username'], )); -$name_label = elgg_echo(); +$name_label = elgg_echo('name'); $name_input = elgg_view('input/text', array( 'name' => 'name', 'value' => $vars['name'], )); -$email_label = elgg_echo(); +$email_label = elgg_echo('email'); $email_input = elgg_view('input/email', array( 'name' => 'email', 'value' => $vars['email'], diff --git a/views/default/openid_client/css.php b/views/default/openid_client/css.php index b61865bf0..ff81520da 100644 --- a/views/default/openid_client/css.php +++ b/views/default/openid_client/css.php @@ -1,46 +1,6 @@ - - - -.river_user_openid_friend { - background: url(_graphics/river_icons/river_icon_friends.gif) no-repeat left -1px; -} -.river_user_openid_update { - background: url(_graphics/river_icons/river_icon_profile.gif) no-repeat left -1px; -} -.river_user_openid_messageboard { - background: url(_graphics/river_icons/river_icon_comment.gif) no-repeat left -1px; -} - -#openid_login #login-box h2 { - margin:0; - padding:5px 0 10px 0; -} -#openid_login #login-box-openid form { - background-color: none; - margin:0; - padding:0; -} -input.openid_login { - background: url(mod/openid_client/graphics/login-bg.gif) no-repeat; - background-color: #fff; - background-position: 0 50%; - color: #000; - width: 160px; -} -#openid_show { - cursor:pointer; -} diff --git a/views/default/openid_client/forms/admin.php b/views/default/openid_client/forms/admin.php deleted file mode 100644 index 156a605ff..000000000 --- a/views/default/openid_client/forms/admin.php +++ /dev/null @@ -1,99 +0,0 @@ - - * @copyright Curverider Ltd 2008-2009 - * @link http://elgg.com/ - * - */ - -if ($vars['always_sync'] == 'yes') { - $sync_checked = 'checked="checked"'; -} else { - $sync_checked = ''; -} - -if ($vars['sso'] == 'yes') { - $sso_checked = 'checked="checked"'; -} else { - $sso_checked = ''; -} - -$default_server = $vars['default_server']; - -$greenlist = $vars['greenlist']; -$yellowlist = $vars['yellowlist']; -$redlist = $vars['redlist']; - -$action = $CONFIG->wwwroot.'action/openid_client/admin'; - -$default_server_title = elgg_echo('openid_client:default_server_title'); -$default_server_instructions1 = elgg_echo('openid_client:default_server_instructions1'); -$default_server_instructions2 = elgg_echo('openid_client:default_server_instructions2'); - -$server_sync_title = elgg_echo('openid_client:server_sync_title'); -$server_sync_instructions = elgg_echo('openid_client:server_sync_instructions'); -$server_sync_label = elgg_echo('openid_client:server_sync_label'); - -$sso_title = elgg_echo('openid_client:sso_title'); -$sso_instructions = elgg_echo('openid_client:sso_instructions'); -$sso_label = elgg_echo('openid_client:sso_label'); - -$lists_title = elgg_echo('openid_client:lists_title'); - -$lists_instruction1 = elgg_echo('openid_client:lists_instruction1'); -$lists_instruction2 = elgg_echo('openid_client:lists_instruction2'); -$lists_instruction3 = elgg_echo('openid_client:lists_instruction3'); -$lists_instruction4 = elgg_echo('openid_client:lists_instruction4'); -$lists_instruction5 = elgg_echo('openid_client:lists_instruction5'); -$lists_instruction6 = elgg_echo('openid_client:lists_instruction6'); - -$green_list_title = elgg_echo('openid_client:green_list_title'); -$yellow_list_title = elgg_echo('openid_client:yellow_list_title'); -$red_list_title = elgg_echo('openid_client:red_list_title'); - -$ok_button_label = elgg_echo('openid_client:ok_button_label'); - -$security_token = elgg_view('input/securitytoken'); - -$body = << -
-$security_token -

$default_server_title

-

$default_server_instructions1

-

$default_server_instructions2

-

-

$server_sync_title

-

$server_sync_instructions

-

-$server_sync_label

-

$sso_title

-

$sso_instructions

-

-$sso_label

-

$lists_title

-

$lists_instruction1

-

$lists_instruction2

-

$lists_instruction3

-

$lists_instruction4

-

$lists_instruction5

-

$lists_instruction6

-

$green_list_title

-

-

$yellow_list_title

-

-

$red_list_title

-

- -
- -END; - -print $body; - -?> \ No newline at end of file diff --git a/views/default/openid_client/forms/login.php b/views/default/openid_client/forms/login.php deleted file mode 100644 index bfc881e3c..000000000 --- a/views/default/openid_client/forms/login.php +++ /dev/null @@ -1,57 +0,0 @@ - - -
-OpenID - -
-
-
- - - - - - - - -

-

-
- -
-
-
-
-
-
-
- -
diff --git a/views/default/openid_client/forms/missing.php b/views/default/openid_client/forms/missing.php deleted file mode 100644 index 7810f3c57..000000000 --- a/views/default/openid_client/forms/missing.php +++ /dev/null @@ -1,73 +0,0 @@ - - * @copyright Curverider Ltd 2008-2009 - * @link http://elgg.com/ - * - * @uses the following values in $vars: - * - * 'openid_url' the OpenID - * 'email' the user's email (if known) - * 'fullname' the user's full name (if known) - * 'email_confirmation' whether the email address needs to be confirmed - * 'code' a magic code that associates this data with a real user - */ - -$emailLabel = elgg_echo('openid_client:email_label'); -$nameLabel = elgg_echo('openid_client:name_label'); -$submitLabel = elgg_echo('openid_client:submit_label'); -$cancelLabel = elgg_echo('openid_client:cancel_label'); - -$missing_email = elgg_echo('openid_client:missing_email'); -$missing_name = elgg_echo('openid_client:missing_name'); -$and = elgg_echo('openid_client:and'); -$email_form = "
$emailLabel
'; -$name_form = "
$nameLabel
'; -$email_hidden = ''."\n"; -$name_hidden = ''."\n"; - -if (!$vars['email'] && !$$vars['fullname']) { - $missing_fields = $missing_email.' '.$and.' '.$missing_name; - $visible_fields = $email_form.'
'.$name_form; - $hidden_fields = ''; -} elseif (!$vars['email']) { - $missing_fields = $missing_email; - $visible_fields = $email_form; - $hidden_fields = $name_hidden; -} elseif (!$vars['fullname']) { - $missing_fields = $missing_name; - $visible_fields = $name_form; - $hidden_fields = $email_hidden; -} - -$hidden_fields .= ''."\n"; - -$instructions = sprintf(elgg_echo('openid_client:missing_info_instructions'),$missing_fields); - -$action = $CONFIG->wwwroot.'action/openid_client/missing'; -$security_token = elgg_view('input/securitytoken'); - -$body .= <<< END - $instructions -
- $security_token -

- $visible_fields -

-

- $hidden_fields - - -

-
- -END; - -echo elgg_view('page_elements/contentwrapper',array('body'=>$body)); - -?> \ No newline at end of file diff --git a/views/default/openid_client/forms/sync.php b/views/default/openid_client/forms/sync.php deleted file mode 100644 index 6d921b278..000000000 --- a/views/default/openid_client/forms/sync.php +++ /dev/null @@ -1,86 +0,0 @@ - - * @copyright Curverider Ltd 2008-2009 - * @link http://elgg.com/ - * - * @uses the following values in $vars: - * - * 'userid' the user's GUID - * 'new_email' the user's new email - * 'new_name' the user's new full name - * 'email_confirmation' whether the email address needs to be confirmed - */ - -$emailLabel = elgg_echo('openid_client:email_label'); -$nameLabel = elgg_echo('openid_client:name_label'); -$submitLabel = elgg_echo('openid_client:submit_label'); -$cancelLabel = elgg_echo('openid_client:cancel_label'); -$noSyncLabel = elgg_echo('openid_client:nosync_label'); -$instructions = elgg_echo('openid_client:sync_instructions'); - -$new_email = $vars['new_email']; -$new_name = $vars['new_name']; -$email_confirmation = $vars['email_confirmation']; - -$user = get_user($vars['userid']); - -$old_email = $user->email; -$old_name = $user->name; -$openid_url = $user->alias; - -if ($new_email && $new_email != $old_email) { - $change_fields .= '
$old_email => $new_email
\n"; - if (!$email_confirmation) { - // the email address is from a green server, so we can change the email without a confirmation message - // add an invitation code however to prevent this form from being forged - // the user ident and new email address can then securely be stored in the database invitation table - // rather than the form - $details = openid_client_create_invitation('c',$openid_url,$vars['userid'],$new_email,$new_name); - $form_stuff = ''; - } else { - // the email will be confirmed anyway so it is safe to put it in the form - $form_stuff .= <<< END - -END; - } - -} -if ($new_name && $new_name != $old_name) { - $change_fields .= '
$old_name => $new_name
\n"; -} - -$action = $CONFIG->wwwroot.'action/openid_client/sync'; -$security_token = elgg_view('input/securitytoken'); - -$body .= <<< END - $instructions -
- $security_token -

- $change_fields -

-

- -

- $form_stuff - - - -

-
- -END; - -echo elgg_view('page_elements/contentwrapper',array('body'=>$body)); - -?> \ No newline at end of file diff --git a/views/default/openid_client/login.php b/views/default/openid_client/login.php index f89b790c0..2b476ec8e 100644 --- a/views/default/openid_client/login.php +++ b/views/default/openid_client/login.php @@ -1,6 +1,6 @@