Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

113 line
2.8 KiB

  1. <?php
  2. require_once('library/openid.php');
  3. function openid_content(App $a) {
  4. $noid = get_config('system','no_openid');
  5. if($noid)
  6. goaway(z_root());
  7. logger('mod_openid ' . print_r($_REQUEST,true), LOGGER_DATA);
  8. if((x($_GET,'openid_mode')) && (x($_SESSION,'openid'))) {
  9. $openid = new LightOpenID;
  10. if($openid->validate()) {
  11. $authid = $_REQUEST['openid_identity'];
  12. if(! strlen($authid)) {
  13. logger( t('OpenID protocol error. No ID returned.') . EOL);
  14. goaway(z_root());
  15. }
  16. // NOTE: we search both for normalised and non-normalised form of $authid
  17. // because the normalization step was removed from setting
  18. // mod/settings.php in 8367cad so it might have left mixed
  19. // records in the user table
  20. //
  21. $r = q("SELECT *, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey` FROM `user`
  22. WHERE ( `openid` = '%s' OR `openid` = '%s' )
  23. AND `blocked` = 0 AND `account_expired` = 0
  24. AND `account_removed` = 0 AND `verified` = 1
  25. LIMIT 1",
  26. dbesc($authid), dbesc(normalise_openid($authid))
  27. );
  28. if (dbm::is_result($r)) {
  29. // successful OpenID login
  30. unset($_SESSION['openid']);
  31. require_once('include/security.php');
  32. authenticate_success($r[0],true,true);
  33. // just in case there was no return url set
  34. // and we fell through
  35. goaway(z_root());
  36. }
  37. // Successful OpenID login - but we can't match it to an existing account.
  38. // New registration?
  39. if ($a->config['register_policy'] == REGISTER_CLOSED) {
  40. notice( t('Account not found and OpenID registration is not permitted on this site.') . EOL);
  41. goaway(z_root());
  42. }
  43. unset($_SESSION['register']);
  44. $args = '';
  45. $attr = $openid->getAttributes();
  46. if (is_array($attr) && count($attr)) {
  47. foreach ($attr as $k => $v) {
  48. if ($k === 'namePerson/friendly') {
  49. $nick = notags(trim($v));
  50. }
  51. if($k === 'namePerson/first') {
  52. $first = notags(trim($v));
  53. }
  54. if($k === 'namePerson') {
  55. $args .= '&username=' . urlencode(notags(trim($v)));
  56. }
  57. if ($k === 'contact/email') {
  58. $args .= '&email=' . urlencode(notags(trim($v)));
  59. }
  60. if ($k === 'media/image/aspect11') {
  61. $photosq = bin2hex(trim($v));
  62. }
  63. if ($k === 'media/image/default') {
  64. $photo = bin2hex(trim($v));
  65. }
  66. }
  67. }
  68. if ($nick) {
  69. $args .= '&nickname=' . urlencode($nick);
  70. }
  71. elseif ($first) {
  72. $args .= '&nickname=' . urlencode($first);
  73. }
  74. if ($photosq) {
  75. $args .= '&photo=' . urlencode($photosq);
  76. }
  77. elseif ($photo) {
  78. $args .= '&photo=' . urlencode($photo);
  79. }
  80. $args .= '&openid_url=' . urlencode(notags(trim($authid)));
  81. goaway(App::get_baseurl() . '/register?' . $args);
  82. // NOTREACHED
  83. }
  84. }
  85. notice( t('Login failed.') . EOL);
  86. goaway(z_root());
  87. // NOTREACHED
  88. }