get('system', 'no_openid')) { DI::baseUrl()->redirect(); } DI::logger()->debug('mod_openid.', ['request' => $_REQUEST]); $session = DI::session(); if (!empty($_GET['openid_mode']) && !empty($session->get('openid'))) { $openid = new LightOpenID(DI::baseUrl()->getHostname()); $l10n = DI::l10n(); if ($openid->validate()) { $authId = $openid->data['openid_identity']; if (empty($authId)) { DI::logger()->info($l10n->t('OpenID protocol error. No ID returned')); DI::baseUrl()->redirect(); } // NOTE: we search both for normalised and non-normalised form of $authid // because the normalization step was removed from setting // mod/settings.php in 8367cad so it might have left mixed // records in the user table // $condition = ['blocked' => false, 'account_expired' => false, 'account_removed' => false, 'verified' => true, 'openid' => [$authId, Strings::normaliseOpenID($authId)]]; $dba = DI::dba(); $user = $dba->selectFirst('user', [], $condition); if ($dba->isResult($user)) { // successful OpenID login $session->remove('openid'); DI::auth()->setForUser(DI::app(), $user, true, true); // just in case there was no return url set // and we fell through DI::baseUrl()->redirect(); } // Successful OpenID login - but we can't match it to an existing account. $session->remove('register'); $session->set('openid_attributes', $openid->getAttributes()); $session->set('openid_identity', $authId); // Detect the server URL $open_id_obj = new LightOpenID(DI::baseUrl()->getHostName()); $open_id_obj->identity = $authId; $session->set('openid_server', $open_id_obj->discover($open_id_obj->identity)); if (intval(DI::config()->get('config', 'register_policy')) === \Friendica\Module\Register::CLOSED) { notice($l10n->t('Account not found. Please login to your existing account to add the OpenID to it.')); } else { notice($l10n->t('Account not found. Please register a new account or login to your existing account to add the OpenID to it.')); } DI::baseUrl()->redirect('login'); } } } }