function OpenIDConvertForm() { global $wgOut, $wgUser; $sk = $wgUser->getSkin(); $url = OpenIDGetUserUrl($wgUser); if (is_null($url)) { $url = ''; } $ok = wfMsg('ok'); $instructions = wfMsg('openidconvertinstructions'); $wgOut->addHTML("<p>{$instructions}</p>" . '<form action="' . $sk->makeSpecialUrl('OpenIDConvert') . '" method="POST">' . '<input type="text" name="openid_url" size=30 ' . ' style="background: url(http://www.openid.net/login-bg.gif) ' . ' no-repeat; background-color: #fff; background-position: 0 50%; ' . ' color: #000; padding-left: 18px;" value="' . $url . '" />' . '<input type="submit" value="' . $ok . '" />' . '</form>'); }
function OpenIDSetUserUrl($user, $url) { $other = OpenIDGetUserUrl($user); if (isset($other)) { OpenIDUpdateUserUrl($user, $url); } else { OpenIDInsertUserUrl($user, $url); } }
function OpenIDServerCheck($server, $request, $sreg, $imm = true) { global $wgUser, $wgOut; assert(isset($wgUser) && isset($wgOut)); assert(isset($server)); assert(isset($request)); assert(isset($sreg)); assert(isset($imm) && is_bool($imm)); # Is the passed identity URL a user page? $url = $request->identity; assert(isset($url) && strlen($url) > 0); $name = OpenIDUrlToUserName($url); if (!isset($name) || strlen($name) == 0) { wfDebug("OpenID: '{$url}' not a user page.\n"); return $request->answer(false, OpenIdServerUrl()); } assert(isset($name) && strlen($name) > 0); # Is there a logged in user? if ($wgUser->getId() == 0) { wfDebug("OpenID: User not logged in.\n"); if ($imm) { return $request->answer(false, OpenIdServerUrl()); } else { # Bank these for later OpenIDServerSaveValues($request, $sreg); OpenIDServerLoginForm($request); return NULL; } } assert($wgUser->getId() != 0); # Is the user page for the logged-in user? $user = User::newFromName($name); if (!isset($user) || $user->getId() != $wgUser->getId()) { wfDebug("OpenID: User from url not logged in user.\n"); return $request->answer(false, OpenIdServerUrl()); } assert(isset($user) && $user->getId() == $wgUser->getId() && $user->getId() != 0); # Is the user an OpenID user? $openid = OpenIDGetUserUrl($user); if (isset($openid) && strlen($openid) > 0) { wfDebug("OpenID: Not one of our users; logs in with OpenID.\n"); return $request->answer(false, OpenIdServerUrl()); } assert(is_array($sreg)); # Does the request require sreg fields that the user has not specified? if (array_key_exists('required', $sreg)) { $notFound = false; foreach ($sreg['required'] as $reqfield) { if (is_null(OpenIdGetUserField($user, $reqfield))) { $notFound = true; break; } } if ($notFound) { wfDebug("OpenID: Consumer demands info we don't have.\n"); return $request->answer(false, OpenIdServerUrl()); } } # Trust check $trust_root = $request->trust_root; assert(isset($trust_root) && is_string($trust_root) && strlen($trust_root) > 0); $trust = OpenIDGetUserTrust($user, $trust_root); # Is there a trust record? if (is_null($trust)) { wfDebug("OpenID: No trust record.\n"); if ($imm) { return $request->answer(false, OpenIdServerUrl()); } else { # Bank these for later OpenIDServerSaveValues($request, $sreg); OpenIDServerTrustForm($request, $sreg); return NULL; } } assert(!is_null($trust)); # Is the trust record _not_ to allow trust? # NB: exactly equal if ($trust === false) { wfDebug("OpenID: User specified not to allow trust.\n"); return $request->answer(false, OpenIdServerUrl()); } assert(isset($trust) && is_array($trust)); # Does the request require sreg fields that the user has # not allowed us to pass, or has not specified? if (array_key_exists('required', $sreg)) { $notFound = false; foreach ($sreg['required'] as $reqfield) { if (!in_array($reqfield, $trust) || is_null(OpenIdGetUserField($user, $reqfield))) { $notFound = true; break; } } if ($notFound) { wfDebug("OpenID: Consumer demands info user doesn't want shared.\n"); return $request->answer(false, OpenIdServerUrl()); } } # assert(all required sreg fields are in $trust) # XXX: run a hook here to check # SUCCESS $response_fields = array_intersect(array_unique(array_merge($sreg['required'], $sreg['optional'])), $trust); $response = $request->answer(true); assert(isset($response)); foreach ($response_fields as $field) { $value = OpenIDGetUserField($user, $field); if (!is_null($value)) { $response->addField('sreg', $field, $value); } } return $response; }