bitPickups/friendica_2020-09-1_sharedHosting
1
0
Fork 0
Code Pull requests Activity

Merge pull request #7769 from annando/issue-3229

Browse source 
Changed OpenID registration
This commit is contained in:
Hypolite Petovan 2019-10-29 10:32:02 -04:00 committed by GitHub
commit d6ff89d7b4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 129 additions and 113 deletions
Download patch file Download diff file Expand all files Collapse all files

59
mod/openid.php
View file

@ -24,7 +24,7 @@ function openid_content(App $a) {
$openid = new LightOpenID($a->getHostName());
if ($openid->validate()) {
$authid = $openid->identity;
$authid = $openid->data['openid_identity'];
if (empty($authid)) {
Logger::log(L10n::t('OpenID protocol error. No ID returned.') . EOL);
@ -54,55 +54,22 @@ function openid_content(App $a) {
}
// Successful OpenID login - but we can't match it to an existing account.
// New registration?
unset($_SESSION['register']);
Session::set('openid_attributes', $openid->getAttributes());
Session::set('openid_identity', $authid);
// Detect the server URL
$open_id_obj = new LightOpenID($a->getHostName());
$open_id_obj->identity = $authid;
Session::set('openid_server', $open_id_obj->discover($open_id_obj->identity));
if (intval(Config::get('config', 'register_policy')) === \Friendica\Module\Register::CLOSED) {
notice(L10n::t('Account not found and OpenID registration is not permitted on this site.') . EOL);
$a->internalRedirect();
notice(L10n::t('Account not found. Please login to your existing account to add the OpenID to it.'));
} else {
notice(L10n::t('Account not found. Please register a new account or login to your existing account to add the OpenID to it.'));
}
unset($_SESSION['register']);
$args = '';
$attr = $openid->getAttributes();
if (is_array($attr) && count($attr)) {
foreach ($attr as $k => $v) {
if ($k === 'namePerson/friendly') {
$nick = Strings::escapeTags(trim($v));
}
if ($k === 'namePerson/first') {
$first = Strings::escapeTags(trim($v));
}
if ($k === 'namePerson') {
$args .= '&username=' . urlencode(Strings::escapeTags(trim($v)));
}
if ($k === 'contact/email') {
$args .= '&email=' . urlencode(Strings::escapeTags(trim($v)));
}
if ($k === 'media/image/aspect11') {
$photosq = bin2hex(trim($v));
}
if ($k === 'media/image/default') {
$photo = bin2hex(trim($v));
}
}
}
if (!empty($nick)) {
$args .= '&nickname=' . urlencode($nick);
} elseif (!empty($first)) {
$args .= '&nickname=' . urlencode($first);
}
if (!empty($photosq)) {
$args .= '&photo=' . urlencode($photosq);
} elseif (!empty($photo)) {
$args .= '&photo=' . urlencode($photo);
}
$args .= '&openid_url=' . urlencode(Strings::escapeTags(trim($authid)));
$a->internalRedirect('register?' . $args);
// NOTREACHED
$a->internalRedirect('login');
}
}
notice(L10n::t('Login failed.') . EOL);

66
mod/settings.php
View file

@ -428,7 +428,6 @@ function settings_post(App $a)
$language = (!empty($_POST['language']) ? Strings::escapeTags(trim($_POST['language'])) : '');
$defloc = (!empty($_POST['defloc']) ? Strings::escapeTags(trim($_POST['defloc'])) : '');
$openid = (!empty($_POST['openid_url']) ? Strings::escapeTags(trim($_POST['openid_url'])) : '');
$maxreq = (!empty($_POST['maxreq']) ? intval($_POST['maxreq']) : 0);
$expire = (!empty($_POST['expire']) ? intval($_POST['expire']) : 0);
$def_gid = (!empty($_POST['group-selection']) ? intval($_POST['group-selection']) : 0);
@ -440,6 +439,8 @@ function settings_post(App $a)
$expire_photos = (!empty($_POST['expire_photos'])? intval($_POST['expire_photos']) : 0);
$expire_network_only = (!empty($_POST['expire_network_only'])? intval($_POST['expire_network_only']) : 0);
$delete_openid = ((!empty($_POST['delete_openid']) && (intval($_POST['delete_openid']) == 1)) ? 1: 0);
$allow_location = ((!empty($_POST['allow_location']) && (intval($_POST['allow_location']) == 1)) ? 1: 0);
$publish = ((!empty($_POST['profile_in_directory']) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0);
$net_publish = ((!empty($_POST['profile_in_netdirectory']) && (intval($_POST['profile_in_netdirectory']) == 1)) ? 1: 0);
@ -543,21 +544,6 @@ function settings_post(App $a)
$str_group_deny = !empty($_POST['group_deny']) ? $aclFormatter->toString($_POST['group_deny']) : '';
$str_contact_deny = !empty($_POST['contact_deny']) ? $aclFormatter->toString($_POST['contact_deny']) : '';
$openidserver = $a->user['openidserver'];
//$openid = Strings::normaliseOpenID($openid);
// If openid has changed or if there's an openid but no openidserver, try and discover it.
if ($openid != $a->user['openid'] || (strlen($openid) && (!strlen($openidserver)))) {
if (Network::isUrlValid($openid)) {
Logger::log('updating openidserver');
$open_id_obj = new LightOpenID($a->getHostName());
$open_id_obj->identity = $openid;
$openidserver = $open_id_obj->discover($open_id_obj->identity);
} else {
$openidserver = '';
}
}
PConfig::set(local_user(), 'expire', 'items', $expire_items);
PConfig::set(local_user(), 'expire', 'notes', $expire_notes);
PConfig::set(local_user(), 'expire', 'starred', $expire_starred);
@ -581,41 +567,18 @@ function settings_post(App $a)
}
}
$fields = ['username' => $username, 'email' => $email, 'timezone' => $timezone,
'allow_cid' => $str_contact_allow, 'allow_gid' => $str_group_allow, 'deny_cid' => $str_contact_deny, 'deny_gid' => $str_group_deny,
'notify-flags' => $notify, 'page-flags' => $notify, 'account-type' => $account_type, 'default-location' => $defloc,
'allow_location' => $allow_location, 'maxreq' => $maxreq, 'expire' => $expire, 'def_gid' => $def_gid, 'blockwall' => $blockwall,
'hidewall' => $hide_wall, 'blocktags' => $blocktags, 'unkmail' => $unkmail, 'cntunkmail' => $cntunkmail, 'language' => $language];
$r = q("UPDATE `user` SET `username` = '%s', `email` = '%s',
`openid` = '%s', `timezone` = '%s',
`allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s',
`notify-flags` = %d, `page-flags` = %d, `account-type` = %d, `default-location` = '%s',
`allow_location` = %d, `maxreq` = %d, `expire` = %d, `openidserver` = '%s',
`def_gid` = %d, `blockwall` = %d, `hidewall` = %d, `blocktags` = %d,
`unkmail` = %d, `cntunkmail` = %d, `language` = '%s'
WHERE `uid` = %d",
DBA::escape($username),
DBA::escape($email),
DBA::escape($openid),
DBA::escape($timezone),
DBA::escape($str_contact_allow),
DBA::escape($str_group_allow),
DBA::escape($str_contact_deny),
DBA::escape($str_group_deny),
intval($notify),
intval($page_flags),
intval($account_type),
DBA::escape($defloc),
intval($allow_location),
intval($maxreq),
intval($expire),
DBA::escape($openidserver),
intval($def_gid),
intval($blockwall),
intval($hidewall),
intval($blocktags),
intval($unkmail),
intval($cntunkmail),
DBA::escape($language),
intval(local_user())
);
if (DBA::isResult($r)) {
if ($delete_openid) {
$fields['openid'] = '';
$fields['openidserver'] = '';
}
if (DBA::update('user', $fields, ['uid' => local_user()])) {
info(L10n::t('Settings updated.') . EOL);
}
@ -1080,7 +1043,7 @@ function settings_content(App $a)
if ($noid) {
$openid_field = false;
} else {
$openid_field = ['openid_url', L10n::t('OpenID:'), $openid, L10n::t("\x28Optional\x29 Allow this OpenID to login to this account."), "", "", "url"];
$openid_field = ['openid_url', L10n::t('OpenID:'), $openid, L10n::t("\x28Optional\x29 Allow this OpenID to login to this account."), "", "readonly", "url"];
}
$opt_tpl = Renderer::getMarkupTemplate("field_yesno.tpl");
@ -1190,6 +1153,7 @@ function settings_content(App $a)
'$password4'=> ['mpassword', L10n::t('Password:'), '', L10n::t('Your current password to confirm the changes')],
'$oid_enable' => (!Config::get('system', 'no_openid')),
'$openid' => $openid_field,
'$delete_openid' => ['delete_openid', L10n::t('Delete OpenID URL'), false, ''],
'$h_basic' => L10n::t('Basic Settings'),
'$username' => ['username', L10n::t('Full Name:'), $username, ''],