/[drupal]/contributions/modules/openid/openid.module

Diff of /contributions/modules/openid/openid.module

Parent Directory | Revision Log | View Revision Graph Revision Graph | View Patch Patch

-revision 1.2.2.6,
Sun Oct 14 20:29:27 2007 UTC
+revision 1.2.2.7,
Wed Jan 30 20:43:20 2008 UTC
 Line 1
  <?php
- // $Id: openid.module,v 1.2.2.5 2007/10/14 20:19:21 walkah Exp $
+ // $Id: openid.module,v 1.2.2.6 2007/10/14 20:29:27 walkah Exp $
  /**
   * @file
 Line 69 
 function openid_help($section) {
   * Implementation of hook_user().
   */
  function openid_user($op, &$edit, &$account, $category = NULL) {
-   if ($op == 'insert' && isset($_SESSION['openid'])) {
+   if ($op == 'insert' && isset($_SESSION['openid']['values'])) {
      // The user has registered after trying to login via OpenID.
      if (variable_get('user_email_verification', TRUE)) {
        drupal_set_message(t('Once you have verified your email address, you may log in via OpenID.'));
 Line 86 
 function openid_form_alter($form_id, &$f
      drupal_add_css(drupal_get_path('module', 'openid') .'/openid.css', 'module');
      drupal_add_js(drupal_get_path('module', 'openid') .'/openid.js');
-     if (!empty($form['#post']['openid_url'])) {
+     if (!empty($form['#post']['openid_identifier'])) {
        $form['name']['#required'] = FALSE;
        $form['pass']['#required'] = FALSE;
        unset($form['#submit']);
 Line 96 
 function openid_form_alter($form_id, &$f
      $form['openid_link'] = array('#value' => l(t('Log in using OpenID'), '#', array('class' => 'openid-link')));
      $form['user_link'] = array('#value' => l(t('Cancel OpenID login'), '#', array('class' => 'user-link')));
-     $form['openid_url'] = array(
+     $form['openid_identifier'] = array(
        '#type' => 'textfield',
        '#title' => t('Log in using OpenID'),
        '#size' => ($form_id == 'user_login') ? 58 : 13,
        '#maxlength' => 255,
        '#weight' => -1,
        '#description' => l(t('What is OpenID?'), 'http://openid.net/'),
-       '#prefix' => '<div id="edit-openid-url-wrapper">',
+       '#prefix' => '<div id="edit-openid-identifier-wrapper">',
        '#suffix' => '</div>'
        );
      $form['openid.return_to'] = array('#type' => 'hidden', '#value' => url('openid/authenticate', drupal_get_destination(), NULL, TRUE));
 Line 115 
 function openid_form_alter($form_id, &$f
    elseif($form_id == 'user_register' && isset($_SESSION['openid'])) {
      // We were unable to auto-register a new user. Prefill the registration
      // form with the values we have.
-     $form['name']['#default_value'] = $_SESSION['openid']['name'];
+     $form['name']['#default_value'] = $_SESSION['openid']['values']['name'];
-     $form['mail']['#default_value'] = $_SESSION['openid']['mail'];
+     $form['mail']['#default_value'] = $_SESSION['openid']['values']['mail'];
      // If user_email_verification is off, hide the password field and just fill
      // with random password to avoid confusion.
      if (!variable_get('user_email_verification', TRUE)) {
        $form['pass']['#type'] = 'hidden';
        $form['pass']['#value'] = user_password();
      }
-     $form['auth_openid'] = array('#type' => 'hidden', '#value' => $_SESSION['openid']['auth_openid']);
+     $form['auth_openid'] = array('#type' => 'hidden', '#value' => $_SESSION['openid']['values']['auth_openid']);
    }
    return $form;
  }
 Line 136 
 function openid_login_validate($form_id,
    if (empty($return_to)) {
      $return_to = url('', NULL, NULL, TRUE);
    }
-   return openid_begin($form_values['openid_url'], $return_to);
+   return openid_begin($form_values['openid_identifier'], $return_to);
  }
  function openid_authentication_page() {
-   $result = openid_complete($_REQUEST);
+   $result = openid_complete();
    switch ($result['status']) {
      case 'success':
        return openid_authentication($result);
 Line 158 
 function openid_user_identities($account
    drupal_add_css(drupal_get_path('module', 'openid') .'/openid.css', 'module');
    // Check to see if we got a response
-   $result = openid_complete($_REQUEST);
+   $result = openid_complete();
    if ($result['status'] == 'success') {
-     db_query("INSERT INTO {authmap} (uid, authname, module) VALUES (%d, '%s','openid')", $account->uid, $result['openid.identity']);
+     $identity = $result['openid.claimed_id'];
-     drupal_set_message(t('Successfully added %identity', array('%identity' => $result['openid.identity'])));
+     db_query("INSERT INTO {authmap} (uid, authname, module) VALUES (%d, '%s','openid')", $account->uid, $identity);
+     drupal_set_message(t('Successfully added %identity', array('%identity' => $identity)));
    }
    $header = array(t('OpenID'), t('Operations'));
-Line 178 
 function openid_user_identities($account
+Line 179 
 function openid_user_identities($account
  }
  function openid_user_add() {
-   $form['openid_url'] = array(
+   $form['openid_identifier'] = array(
      '#type' => 'textfield',
      '#title' => t('Add an OpenID')
      );
-Line 188 
 function openid_user_add() {
+Line 189 
 function openid_user_add() {
  function openid_user_add_validate($form_id, $form_values) {
    // Check for existing entries.
-   $claimed_id = _openid_normalize($form_values['openid_url']);
+   $claimed_id = _openid_normalize($form_values['openid_identifier']);
    if (db_result(db_query("SELECT authname FROM {authmap} WHERE authname='%s'", $claimed_id))) {
-     form_set_error('openid_url', t('That OpenID is already in use on this site.'));
+     form_set_error('openid_identifier', t('That OpenID is already in use on this site.'));
    }
    else {
      $return_to = url('user/'. arg(1)  .'/openid', NULL, NULL, TRUE);
-     openid_begin($form_values['openid_url'], $return_to);
+     openid_begin($form_values['openid_identifier'], $return_to);
    }
  }
-Line 223 
 function openid_begin($claimed_id, $retu
+Line 224 
 function openid_begin($claimed_id, $retu
    $services = openid_discovery($claimed_id);
    if (count($services) == 0) {
-     form_set_error('openid_url', t('Sorry, that is not a valid OpenID. Please ensure you have spelled your ID correctly.'));
+     form_set_error('openid_identifier', t('Sorry, that is not a valid OpenID. Please ensure you have spelled your ID correctly.'));
      return;
    }
    $op_endpoint = $services[0]['uri'];
-   // Store the discovered endpoint in the session (so we don't have to rediscover).
+   // Store discovered information in the users' session so we don't have to rediscover.
-   $_SESSION['openid_op_endpoint'] = $op_endpoint;
+   $_SESSION['openid']['service'] = $services[0];
-   // Store the claimed_id in the session (for handling delegation).
+   // Store the claimed id
-   $_SESSION['openid_claimed_id'] = $claimed_id;
+   $_SESSION['openid']['claimed_id'] = $claimed_id;
    // If bcmath is present, then create an association
    $assoc_handle = '';
    if (function_exists('bcadd')) {
-Line 254 
 function openid_begin($claimed_id, $retu
+Line 255 
 function openid_begin($claimed_id, $retu
    }
    if (isset($services[0]['types']) && is_array($services[0]['types']) && in_array(OPENID_NS_2_0 .'/server', $services[0]['types'])) {
-     $identity = 'http://openid.net/identifier_select/2.0';
+     $identity = 'http://specs.openid.net/auth/2.0/identifier_select';
    }
    $authn_request = openid_authentication_request($claimed_id, $identity, $return_to, $assoc_handle, $services[0]['version']);
-Line 275 
 function openid_begin($claimed_id, $retu
+Line 276 
 function openid_begin($claimed_id, $retu
   * @return $response Response values for further processing with
   *   $response['status'] set to one of 'success', 'failed' or 'cancel'.
   */
- function openid_complete($response) {
+ function openid_complete($response = array()) {
    include_once drupal_get_path('module', 'openid') .'/openid.inc';
+   if (count($response) == 0) {
+     $response = _openid_response();
+   }
    // Default to failed response
    $response['status'] = 'failed';
-   if (isset($_SESSION['openid_op_endpoint']) && isset($_SESSION['openid_claimed_id'])) {
+   if (isset($_SESSION['openid']['service']['uri']) && isset($_SESSION['openid']['claimed_id'])) {
-     _openid_fix_post($response);
+     $service = $_SESSION['openid']['service'];
-     $op_endpoint = $_SESSION['openid_op_endpoint'];
+     $claimed_id = $_SESSION['openid']['claimed_id'];
-     $claimed_id = $_SESSION['openid_claimed_id'];
+     unset($_SESSION['openid']['service']);
-     unset($_SESSION['openid_op_endpoint']);
+     unset($_SESSION['openid']['claimed_id']);
-     unset($_SESSION['openid_claimed_id']);
      if (isset($response['openid.mode'])) {
        if ($response['openid.mode'] == 'cancel') {
          $response['status'] = 'cancel';
        }
        else {
-         if (openid_verify_assertion($op_endpoint, $response)) {
+         if (openid_verify_assertion($service['uri'], $response)) {
-           $response['openid.identity'] = $claimed_id;
+           // If the returned claimed_id is different from the session claimed_id,
+           // then we need to do discovery and make sure the op_endpoint matches.
+           if ($service['version'] == 2 && $response['openid.claimed_id'] != $claimed_id) {
+             $disco = openid_discovery($response['openid.claimed_id']);
+             if ($disco[0]['uri'] != $service['uri']) {
+               return $response;
+             }
+           }
+           else {
+             $response['openid.claimed_id'] = $claimed_id;
+           }
            $response['status'] = 'success';
          }
        }
-Line 429 
 function openid_association($op_endpoint
+Line 443 
 function openid_association($op_endpoint
  function openid_authentication($response) {
    include_once drupal_get_path('module', 'openid') .'/openid.inc';
-   $identity = $response['openid.identity'];
+   $identity = $response['openid.claimed_id'];
    $account = user_external_load($identity);
    if (isset($account->uid)) {
-Line 458 
 function openid_authentication($response
+Line 472 
 function openid_authentication($response
        // We were unable to register a valid new user, redirect to standard
        // user/register and prefill with the values we received.
        drupal_set_message(t('OpenID registration failed for the reasons listed. You may register now, or if you already have an account you can <a href="@login">log in</a> now and add your OpenID under "My Account"', array('@login' => url('user/login'))), 'error');
-        $_SESSION['openid'] = $edit;
+        $_SESSION['openid']['values'] = $edit;
        // We'll want to redirect back to the same place.
        $destination = drupal_get_destination();
        unset($_REQUEST['destination']);
-Line 500 
 function openid_authentication_request($
+Line 514 
 function openid_authentication_request($
    global $base_url;
    include_once drupal_get_path('module', 'openid') .'/openid.inc';
-   $realm = '';
-   if ($return_to != '') {
-     $realm = $base_url;
-   }
    $ns = ($version == 2) ? OPENID_NS_2_0 : OPENID_NS_1_0;
    $request =  array(
      'openid.ns' => $ns,
-Line 516 
 function openid_authentication_request($
+Line 525 
 function openid_authentication_request($
      );
    if ($version == 2) {
-     $request['openid.realm'] = $realm;
+     $request['openid.realm'] = url('', NULL, NULL, TRUE);
    }
    else {
      $request['openid.trust_root'] = $realm;

 Legend:



Removed from v.1.2.2.6
 


changed lines


 
Added in v.1.2.2.7
 Legend:



Removed from v.1.2.2.6
 


changed lines


 
Added in v.1.2.2.7
-Removed from v.1.2.2.6
+Added in v.1.2.2.7

	ViewVC Help
Powered by ViewVC 1.1.2