aboutsummaryrefslogtreecommitdiffstats
path: root/mod/openid.php
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2014-02-17 19:48:05 -0800
committerfriendica <info@friendica.com>2014-02-17 19:48:05 -0800
commitd6ab975b188778a0be936c3065b502e0c58b8c91 (patch)
tree8a66ae676e7637ad5335e3ec1fd47a55dca0bfcb /mod/openid.php
parent7fc292831cfc86cf818c3fb71596ef8acb01f689 (diff)
downloadvolse-hubzilla-d6ab975b188778a0be936c3065b502e0c58b8c91.tar.gz
volse-hubzilla-d6ab975b188778a0be936c3065b502e0c58b8c91.tar.bz2
volse-hubzilla-d6ab975b188778a0be936c3065b502e0c58b8c91.zip
operation snakebite continued. openid now works for local accounts using the rmagic module and after storing your openid in pconfig. This is just an interesting but trivial (in the bigger scheme of things) side effect of snakebite. The snake hasn't even waken up yet.
Diffstat (limited to 'mod/openid.php')
-rw-r--r--mod/openid.php101
1 files changed, 101 insertions, 0 deletions
diff --git a/mod/openid.php b/mod/openid.php
new file mode 100644
index 000000000..d59d671e7
--- /dev/null
+++ b/mod/openid.php
@@ -0,0 +1,101 @@
+<?php
+
+
+require_once('library/openid/openid.php');
+require_once('include/auth.php');
+
+function openid_content(&$a) {
+
+ $noid = get_config('system','no_openid');
+ if($noid)
+ goaway(z_root());
+
+ logger('mod_openid ' . print_r($_REQUEST,true), LOGGER_DATA);
+
+ if(x($_REQUEST,'openid_mode')) {
+
+ $openid = new LightOpenID(z_root());
+
+ if($openid->validate()) {
+
+ logger('openid: validate');
+
+ $authid = normalise_openid($_REQUEST['openid_identity']);
+
+ if(! strlen($authid)) {
+ logger( t('OpenID protocol error. No ID returned.') . EOL);
+ goaway(z_root());
+ }
+
+ $x = match_openid($authid);
+ if($x) {
+
+ $r = q("select * from channel where channel_id = %d limit 1",
+ intval($x)
+ );
+ if($r) {
+ $y = q("select * from account where account_id = %d limit 1",
+ intval($r[0]['channel_account_id'])
+ );
+ if($y) {
+ foreach($y as $record) {
+ if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED)) {
+ logger('mod_openid: openid success for ' . $x[0]['channel_name']);
+ $_SESSION['uid'] = $r[0]['channel_id'];
+ $_SESSION['authenticated'] = true;
+ authenticate_success($record,true,true,true,true);
+ goaway(z_root());
+ }
+ }
+ }
+ }
+ }
+
+ // Successful OpenID login - but we can't match it to an existing account.
+ // New registration?
+
+// if($a->config['register_policy'] == REGISTER_CLOSED) {
+ notice( t('Account not found and OpenID registration is not permitted on this site.') . EOL);
+ goaway(z_root());
+// }
+
+ unset($_SESSION['register']);
+ $args = '';
+ $attr = $openid->getAttributes();
+ if(is_array($attr) && count($attr)) {
+ foreach($attr as $k => $v) {
+ if($k === 'namePerson/friendly')
+ $nick = notags(trim($v));
+ if($k === 'namePerson/first')
+ $first = notags(trim($v));
+ if($k === 'namePerson')
+ $args .= '&username=' . notags(trim($v));
+ if($k === 'contact/email')
+ $args .= '&email=' . notags(trim($v));
+ if($k === 'media/image/aspect11')
+ $photosq = bin2hex(trim($v));
+ if($k === 'media/image/default')
+ $photo = bin2hex(trim($v));
+ }
+ }
+ if($nick)
+ $args .= '&nickname=' . $nick;
+ elseif($first)
+ $args .= '&nickname=' . $first;
+
+ if($photosq)
+ $args .= '&photo=' . $photosq;
+ elseif($photo)
+ $args .= '&photo=' . $photo;
+
+ $args .= '&openid_url=' . notags(trim($authid));
+
+ goaway($a->get_baseurl() . '/register' . $args);
+
+ // NOTREACHED
+ }
+ }
+ notice( t('Login failed.') . EOL);
+ goaway(z_root());
+ // NOTREACHED
+}