aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2014-02-17 20:10:43 -0800
committerfriendica <info@friendica.com>2014-02-17 20:10:43 -0800
commitea709361f6a27f3234afbaeb6d3d1759eeca2ee5 (patch)
tree5b36f6d0626c50300ead71c1045a5d6df74806bb
parentd6ab975b188778a0be936c3065b502e0c58b8c91 (diff)
downloadvolse-hubzilla-ea709361f6a27f3234afbaeb6d3d1759eeca2ee5.tar.gz
volse-hubzilla-ea709361f6a27f3234afbaeb6d3d1759eeca2ee5.tar.bz2
volse-hubzilla-ea709361f6a27f3234afbaeb6d3d1759eeca2ee5.zip
snakebite, cont. magic-auth via openid is now possible, with the caveat that one needs a hand-crafted xchan at the moment to make use of it and if you wish to do so, there will be no assistance or help provided. The risk of system instability and mangled DBs now and going forward is significant if you try this.
-rw-r--r--include/identity.php2
-rw-r--r--mod/openid.php22
2 files changed, 21 insertions, 3 deletions
diff --git a/include/identity.php b/include/identity.php
index d0fffaede..05a228abf 100644
--- a/include/identity.php
+++ b/include/identity.php
@@ -1137,7 +1137,7 @@ function get_default_profile_photo($size = 175) {
*/
function is_foreigner($s) {
- return((strpbrk($s,':@')) ? true : false);
+ return((strpbrk($s,'.:@')) ? true : false);
}
diff --git a/mod/openid.php b/mod/openid.php
index d59d671e7..42efeac70 100644
--- a/mod/openid.php
+++ b/mod/openid.php
@@ -59,8 +59,26 @@ function openid_content(&$a) {
goaway(z_root());
// }
- unset($_SESSION['register']);
- $args = '';
+ $r = q("select * from xchan where xchan_hash = '%s' limit 1",
+ dbesc($authid)
+ );
+
+ if($r) {
+ $_SESSION['authenticated'] = 1;
+ $_SESSION['visitor_id'] = $r[0]['xchan_hash'];
+ $_SESSION['my_address'] = $r[0]['xchan_addr'];
+ $arr = array('xchan' => $r[0], 'session' => $_SESSION);
+ call_hooks('magic_auth_openid_success',$arr);
+ $a->set_observer($r[0]);
+ require_once('include/security.php');
+ $a->set_groups(init_groups_visitor($_SESSION['visitor_id']));
+ info(sprintf( t('Welcome %s. Remote authentication successful.'),$r[0]['xchan_name']));
+ logger('mod_openid: remote auth success from ' . $r[0]['xchan_addr']);
+ if($_SESSION['return_url'])
+ goaway($_SESSION['return_url']);
+ goaway(z_root());
+ }
+
$attr = $openid->getAttributes();
if(is_array($attr) && count($attr)) {
foreach($attr as $k => $v) {