Context Navigation

← Previous Changeset
Next Changeset →

Changeset 1206

Timestamp:

07/18/10 18:57:41 (3 years ago)

Author:

d0nut

Message:

finished openid implementation

Location:

openid

Files:

: 4 added
: 9 modified

de.xml (modified) (1 diff)
en.xml (modified) (1 diff)
eventlistener.xml (modified) (1 diff)
files/icon (added)
files/icon/openidM.png (added)
files/icon/openidS.png (added)
files/lib/data/openid/OpenID.class.php (modified) (17 diffs)
files/lib/data/openid/OpenIDSession.class.php (added)
files/lib/page/OpenIDPage.class.php (modified) (4 diffs)
files/lib/system/event/listener/UserLoginOpenIDListener.class.php (modified) (1 diff)
install.sql (modified) (1 diff)
package.xml (modified) (1 diff)
templates/openidLogin.tpl (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

openid/de.xml

r1203	r1206
6	6	<item name="wcf.acp.option.module_openid.description"><![CDATA[Erlaubt den Login mit Hilfe eines openid Accounts.]]></item>
7	7	</category>
	8	<category name="wcf.openid">
	9	<item name="wcf.openid.login.description"><![CDATA[Sie kÃ¶nnen sich mit ihrem existieren Account bestimmter Anbieter bei uns authentifizieren.<br/>
	10	Das ganze funktioniert ÃŒber die s.g. OpenID Schnittstelle - es werden keine Zugangsdaten ausgetauscht.<br/>]]></item>
	11	<item name="wcf.openid.login"><![CDATA[OpenID]]></item>
	12	</category>
8	13	</language>

openid/en.xml

r1203	r1206
6	6	<item name="wcf.acp.option.module_openid.description"><![CDATA[Allows users to login to the wcf with a openid account.]]></item>
7	7	</category>
	8	<category name="wcf.openid">
	9	<item name="wcf.openid.login.description"><![CDATA[Click your OpenID account provider to login<br/>]]></item>
	10	<item name="wcf.openid.login"><![CDATA[OpenID]]></item>
	11	</category>
8	12	</language>

openid/eventlistener.xml

r1203	r1206
6	6	<eventclassname>UserLoginForm</eventclassname>
7	7	<eventname>assignVariables</eventname>
	8	<inherit>1</inherit>
8	9	<listenerclassfile>lib/system/event/listener/UserLoginOpenIDListener.class.php</listenerclassfile>
9	10	</eventlistener>

openid/files/lib/data/openid/OpenID.class.php

r1204	r1206
1	1	<?php
2		~~require_once(WCF_DIR.'lib/data/user/avatar/AvatarEditor.class.php');~~
3	2	require_once(WCF_DIR.'lib/data/user/UserEditor.class.php');
4	3
5	4	/**
6		*
	5	* embeds the openid system into the wcf
	6	* registers include pathes and cares for all dependencies
	7	*
	8	* @author Torben Brodt
	9	* @copyright 2010 easy-coding.de
	10	* @license GNU General Public License <http://opensource.org/licenses/gpl-3.0.html>
	11	* @package de.easy-coding.wcf.openid
7	12	*/
8	13	class OpenID {
9	14
10	15	/**
11		*
12		*/
13		public function __construct() {
14		$path_extra = dirname(dirname(dirname(__FILE__)));
	16	* form instance needed for finish action
	17	*
	18	* @var UserLoginForm\|OpenIDPage
	19	*/
	20	protected $eventObj;
	21
	22	/**
	23	* sets include pathes
	24	*
	25	* @param UserLoginForm\|OpenIDPage $eventObj
	26	*/
	27	public function __construct($eventObj = null) {
	28	$this->eventObj = $eventObj;
	29
	30	$path_extra = dirname(__FILE__);
15	31	$path = ini_get('include_path');
16	32	$path = $path_extra . PATH_SEPARATOR . $path;
…	…
18	34
19	35	/**
	36	* session wrapper
	37	*/
	38	require_once "Auth/Yadis/Manager.php";
	39
	40	/**
	41	* session wrapper
	42	*/
	43	require_once "OpenIDSession.class.php";
	44
	45	/**
20	46	* Require the OpenID consumer code.
21	47	*/
…	…
26	52	* OpenID information.
27	53	*/
28		require_once "Auth/OpenID/~~Dumb~~Store.php";
	54	require_once "Auth/OpenID/FileStore.php";
29	55
30	56	/**
…	…
39	65	}
40	66
41		protected function &getStore() {
42		return new Auth_OpenID_DumbStore();
43		}
44
45		protected function &getConsumer() {
	67	/**
	68	* returns file store
	69	*/
	70	protected function getStore() {
	71	$store_path = FileUtil::getTemporaryFilename('openid_');
	72	$store_path = TMP_DIR."/_openid".WCF_N;
	73	return new Auth_OpenID_FileStore($store_path);
	74	}
	75
	76	/**
	77	* get authenticated user
	78	*/
	79	protected function getConsumer() {
	80
	81	$session = new OpenIDSession();
	82
46	83	/**
47	84	* Create a consumer object using the store object created
…	…
49	86	*/
50	87	$store = $this->getStore();
51		$consumer =& new Auth_OpenID_Consumer($store);
	88	$consumer =& new Auth_OpenID_Consumer($store, $session);
52	89	return $consumer;
53	90	}
54	91
	92	/**
	93	* gets openid handler url
	94	*
	95	* @return string
	96	*/
55	97	public static function getReturnTo() {
56		return PAGE_URL.'index.php?page=OpenID';
57		}
58
	98	return PAGE_URL.'/index.php?page=OpenID';
	99	}
	100
	101	/**
	102	* gets root url
	103	*
	104	* @return string
	105	*/
59	106	public static function getTrustRoot() {
60		return PAGE_URL.'index.php';
61		}
62
63		/**
64		* $_GET['openid_identifier']
65		* $_GET['policies']
	107	return PAGE_URL;
	108	}
	109
	110	/**
	111	* call api and try authentication
66	112	*/
67	113	public function tryAuthentication($openid, $policy_uris = array()) {
…	…
73	119	// No auth request means we can't begin OpenID.
74	120	if (!$auth_request) {
75		$this->error = ("Authentication error; not a valid OpenID.");
76		return;
	121	throw new Exception("Authentication error; not a valid OpenID.");
77	122	}
78	123
…	…
105	150	// message.
106	151	if (Auth_OpenID::isFailure($redirect_url)) {
107		$this->error = ("Could not redirect to server: " . $redirect_url->message);
108		return;
	152	throw new Exception("Could not redirect to server: " . $redirect_url->message);
109	153	} else {
110	154	// Send redirect.
111	155	header("Location: ".$redirect_url);
	156	exit;
112	157	}
113	158	} else {
…	…
119	164	// otherwise, render the HTML.
120	165	if (Auth_OpenID::isFailure($form_html)) {
121		$this->error = ("Could not redirect to server: " . $form_html->message);
122		return;
	166	throw new Exception("Could not redirect to server: " . $form_html->message);
123	167	} else {
124		print $form_html;
	168
	169	// used by openid 2, formular and redirect are printed out
	170	echo $form_html;
	171	exit;
125	172	}
126	173	}
…	…
128	175
129	176	/**
130		*
	177	* got answer, save user
131	178	*/
132	179	public function finishAuthentication() {
…	…
157	204
158	205	if ($response->endpoint->canonicalID) {
159		$~~StringUtil::encodeHTML~~d_canonicalID = StringUtil::encodeHTML($response->endpoint->canonicalID);
160		$success .= ' (XRI CanonicalID: '.$~~StringUtil::encodeHTML~~d_canonicalID.') ';
	206	$encoded_canonicalID = StringUtil::encodeHTML($response->endpoint->canonicalID);
	207	$success .= ' (XRI CanonicalID: '.$encoded_canonicalID.') ';
161	208	}
162	209
…	…
168	215
169	216	foreach ($pape_resp->auth_policies as $uri) {
170		$~~StringUtil::encodeHTML~~d_uri = StringUtil::encodeHTML($uri);
171		$success .= "<li><tt>$~~StringUtil::encodeHTML~~d_uri</tt></li>";
	217	$encoded_uri = StringUtil::encodeHTML($uri);
	218	$success .= "<li><tt>$encoded_uri</tt></li>";
172	219	}
173	220
…	…
204	251	}
205	252	}
206
207	253
208	254	/**
…	…
213	259	*/
214	260	protected function getOpenIDEnabledUser($me) {
215		$sql = "SELECT utb.userID
216		FROM wcf".WCF_N."_user_to_openid utb
217		WHERE utb.openidID = ".intval($me['id'])."
218		AND utb.identifier = '".escapeString($me['identifier'])."'";
	261	$sql = "SELECT userID
	262	FROM wcf".WCF_N."_user_to_openid
	263	WHERE openID = '".sha1($me['identifier'])."'";
219	264	$row = WCF::getDB()->getFirstRow($sql);
220	265
221	266	$user = $row ? new User($row['userID']) : null;
222		return $user->userID ? $user : null;
	267	return $user && $user->userID ? $user : null;
223	268	}
224	269
…	…
232	277	protected function addOpenIDUser($me, $user) {
233	278	$sql = "REPLACE INTO wcf".WCF_N."_user_to_openid
234		(open~~idID, identifier~~, userID)
235		VALUES (~~".intval($me['id']).", '".escapeString~~($me['identifier'])."', ".intval($user->userID).")";
	279	(openID, userID)
	280	VALUES ('".sha1($me['identifier'])."', ".intval($user->userID).")";
236	281
237	282	return WCF::getDB()->sendQuery($sql);
…	…
243	288	public function finishUser($me) {
244	289
	290	// take default username from hostname
	291	if($me['name'] === null) {
	292	$host = parse_url($me['identifier'], PHP_URL_HOST)." ID #1";
	293	$host = preg_replace("/^www\./", "", $host);
	294	$me['name'] = $host;
	295	}
	296
245	297	// openid permissions granted, does an login exist?
246	298	$user = $this->getOpenIDEnabledUser($me);
…	…
258	310	if($user) {
259	311
260		~~die('login temporary disabled');~~
261	312	// UserLoginForm should not write cookie, since interfaces only support unhashed password
262	313	$this->eventObj->useCookies = 0;
…	…
307	358	// get a valid username
308	359	$username = $this->findUsername($me['name']);
	360
	361	// take default email
	362	if($me['email'] === null) {
	363	$me['email'] = sha1($me['identifier']).'@openid';
	364	}
309	365
310	366	// create new user

openid/files/lib/page/OpenIDPage.class.php

r1204	r1206
1	1	<?php
2	2	// wcf imports
3		require_once(WCF_DIR.'lib/~~page/AbstractPage~~.class.php');
	3	require_once(WCF_DIR.'lib/form/UserLoginForm.class.php');
4	4	require_once(WCF_DIR.'lib/data/openid/OpenID.class.php');
5	5
…	…
12	12	* @package de.easy-coding.wcf.openid
13	13	*/
14		class OpenIDPage extends ~~AbstractPage~~ {
	14	class OpenIDPage extends UserLoginForm {
15	15
	16	/**
	17	*
	18	* @var string
	19	*/
16	20	protected $identifier;
17	21
…	…
23	27
24	28	$this->identifier = isset($_GET['identifier']) ? $_GET['identifier'] : null;
25		}
26
27		/**
28		* @see Page::readData()
29		*/
30		~~public function readData() {~~
31		~~parent::readData();~~
32	29
33		$openid = new OpenID();
	30	$openid = new OpenID($this);
34	31
35	32	if($this->identifier) {
…	…
39	36	}
40	37	}
41
42		/**
43		* @see Page::assignVariables()
44		*/
45		~~public function assignVariables() {~~
46		~~parent::assignVariables();~~
47
48
49		~~WCF::getTPL()->assign(array(~~
50		~~'entry' => $this->entry,~~
51		~~));~~
52		}
53	38	}
54	39	?>

openid/files/lib/system/event/listener/UserLoginOpenIDListener.class.php

r1204	r1206
32	32	return;
33	33	}
34
35		~~// TODO: remove DEBUG~~
36		~~if(!isset($_GET['openid'])) {~~
37		~~return;~~
38		}
39	34
40	35	$this->eventObj = $eventObj;

openid/install.sql

r1203	r1206
2	2	CREATE TABLE wcf1_user_to_openid (
3	3	userID INT(10) NOT NULL DEFAULT 0,
4		identifier VARCHAR(255) NOT NULL DEFAULT '',
5		openID INT(10) NOT NULL DEFAULT 0,
	4	openID char(64) NOT NULL DEFAULT '',
6	5	UNIQUE(userID),
7		UNIQUE(~~identifier,~~ openID)
	6	UNIQUE(openID)
8	7	) ENGINE=MyISAM DEFAULT CHARSET=utf8;

openid/package.xml

r1204	r1206
6	6	<packagedescription language="de"><![CDATA[Dieses Plugin verbindet openid mit dem WCF. So ist z.B. ein Direktlogin via openid mÃ¶glich.]]></packagedescription>
7	7	<packagedescription><![CDATA[This enables all users to login with their openid account.]]></packagedescription>
8		<version>1.0.0 ~~Beta~~ 1</version>
	8	<version>1.0.0 RC 1</version>
9	9	<date>DATE</date>
10	10	<plugin>com.woltlab.wcf</plugin>

openid/templates/openidLogin.tpl

r1204	r1206
	1	<script type="text/javascript">
	2	function openid(elem, msg) {
	3	var x = prompt(msg);
	4	if(x) {
	5	elem.href = elem.href.replace(/\\1/, x);
	6	return true;
	7	}
	8
	9	return false;
	10	}
	11	</script>
1	12	<div class="formElement">
2	13	<div class="formField">
3		<form method="get" action="{$openid_url}">
4		<script type="text/javascript">
5		function openid(elem, msg) {
6		var x = prompt(msg);
7		if(x) {
8		elem.href = elem.href.replace(/\\1/, x);
9		return true;
10		}
11
12		return false;
13		}
14		</script>
15
16		Sie kÃ¶nnen sich mit ihrem existieren Account bestimmter Anbieter bei uns authentifizieren.<br/>
17		Das ganze funktioniert ÃŒber die s.g. OpenID Schnittstelle - es werden keine Zugangsdaten ausgetauscht.<br/>
	14	<fieldset>
	15	<legend><img src="{icon}openidS.png{/icon}" alt="" />{lang}wcf.openid.login{/lang}</legend>
	16	{*
	17	<form method="get" action="{$openid_url}">
	18	*}
	19	{lang}wcf.openid.login.description{/lang}
18	20
19	21	<a href="{$openid_url}&identifier=https://www.google.com/accounts/o8/id">Google</a>
20	22	<a href="{$openid_url}&identifier=http://yahoo.com/">Yahoo</a>
21	23	<a href="{$openid_url}&identifier=http://openid.aol.com/\1" onclick="return openid(this)">AOL</a>
	24	<a href="{$openid_url}&identifier=http://www.flickr.com/">Flickr</a>
22	25	<a href="{$openid_url}&identifier=http://\1.myopenid.com/" onclick="return openid(this)">myOpenID</a>
23
24		<p>... oder geben Sie ihre OpenID manuell ein:<br/>
25		<input type="text" name="identifier" class="openid" value="https://www.google.com/accounts/o8/id" /></p>
26		<p>
27		<input type="submit" value="Weiter »" />
28		</p>
29		</form>
	26	<a href="{$openid_url}&identifier=http://technorati.com/people/technorati/\1" onclick="return openid(this)">Technorati</a>
	27	<a href="{$openid_url}&identifier=http://\1.wordpress.com/" onclick="return openid(this)">Wordpress</a>
	28	<a href="{$openid_url}&identifier=http://\1.blogspot.com/" onclick="return openid(this)">Blogspot</a>
	29	{*
	30	<p>... oder geben Sie ihre OpenID manuell ein:<br/>
	31	<input type="text" name="identifier" class="openid" value="https://www.google.com/accounts/o8/id" /></p>
	32	<p>
	33	<input type="submit" value="Weiter »" />
	34	</p>
	35	</form>
	36	*}
	37	</fieldset>
30	38	</div>
31	39	</div>

Context Navigation

Changeset 1206

Legend:

Download in other formats: