/** * Action method for completing the 'login' action. This action is used when a user is logging in from * wp-login.php. * * @param string $identity_url verified OpenID URL */ function openid_finish_login($identity_url, $action) { if ($action != 'login') { return; } if ($identity_url) { // create new user account if appropriate $user_id = get_user_by_openid($identity_url); $user_data = openid_get_user_data($identity_url); if (!$user_id) { if (get_option('users_can_register')) { // registration is enabled so create a new user openid_create_new_user($identity_url, $user_data); } else { // generate a error because it is not possible to create a new user openid_message(__('Unable to create a new user.', 'openid')); openid_status('error'); } } else { do_action('openid_consumer_update_user_custom_data', $user_id, $user_data); } } // return to wp-login page $url = get_option('siteurl') . '/wp-login.php'; $status = openid_status(); $error = openid_message(); if ($status == 'error' && !empty($error)) { $url = add_query_arg('openid_error', openid_message(), $url); } $url = add_query_arg(array('finish_openid' => 1, 'identity_url' => urlencode($identity_url), 'redirect_to' => $_SESSION['openid_finish_url'], '_wpnonce' => wp_create_nonce('openid_login_' . md5($identity_url))), $url); wp_safe_redirect($url); exit; }
/** * Action method for completing the 'login' action. This action is used when a user is logging in from * wp-login.php. * * @param string $identity_url verified OpenID URL */ function openid_finish_login($identity_url, $action) { if ($action != 'login') return; // create new user account if appropriate $user_id = get_user_by_openid($identity_url); if ( $identity_url && !$user_id && get_option('users_can_register') ) { $user_data =& openid_get_user_data($identity_url); openid_create_new_user($identity_url, $user_data); } // return to wp-login page $url = get_option('siteurl') . '/wp-login.php'; if (empty($identity_url)) { $url = add_query_arg('openid_error', openid_message(), $url); } $url = add_query_arg( array( 'finish_openid' => 1, 'identity_url' => urlencode($identity_url), 'redirect_to' => $_SESSION['openid_finish_url'], '_wpnonce' => wp_create_nonce('openid_login_' . md5($identity_url)), ), $url); wp_safe_redirect($url); exit; }
/** * Login user with specified identity URL. This will find the WordPress user account connected to this * OpenID and set it as the current user. Only call this function AFTER you've verified the identity URL. * * @param string $identity userID or OpenID to set as current user * @param boolean $remember should we set the "remember me" cookie * @return void */ function openid_set_current_user($identity, $remember = true) { if (is_numeric($identity)) { $user_id = $identity; } else { $user_id = get_user_by_openid($identity); } if (!$user_id) { return; } $user = set_current_user($user_id); if (function_exists('wp_set_auth_cookie')) { wp_set_auth_cookie($user->ID, $remember); } else { wp_setcookie($user->user_login, md5($user->user_pass), true, '', '', $remember); } do_action('wp_login', $user->user_login); }
/** * Build an SReg attribute query extension if we've never seen this OpenID before. */ function openid_add_sreg_extension($extensions, $auth_request) { if (!get_user_by_openid($auth_request->endpoint->claimed_id)) { require_once 'Auth/OpenID/SReg.php'; if ($auth_request->endpoint->usesExtension(Auth_OpenID_SREG_NS_URI_1_0) || $auth_request->endpoint->usesExtension(Auth_OpenID_SREG_NS_URI_1_1)) { $extensions[] = Auth_OpenID_SRegRequest::build(array(), array('nickname', 'email', 'fullname')); } } return $extensions; }
/** * Handle OpenID profile management. */ function openid_profile_management() { global $wp_version; if (!isset($_REQUEST['action'])) { return; } switch ($_REQUEST['action']) { case 'verify': finish_openid($_REQUEST['action']); break; case 'add': check_admin_referer('openid-add_openid'); $user = wp_get_current_user(); $auth_request = openid_begin_consumer($_POST['openid_identifier']); $userid = get_user_by_openid($auth_request->endpoint->claimed_id); if ($userid) { global $error; if ($user->ID == $userid) { $error = __('You already have this OpenID!', 'openid'); } else { $error = __('This OpenID is already associated with another user.', 'openid'); } return; } $return_to = admin_url(current_user_can('edit_users') ? 'users.php' : 'profile.php'); openid_start_login($_POST['openid_identifier'], 'verify', array('page' => $_REQUEST['page']), $return_to); break; case 'delete': openid_profile_delete_openids($_REQUEST['delete']); break; } }
/** * Handle OpenID profile management. */ function openid_profile_management() { global $action; wp_reset_vars(array('action')); switch ($action) { case 'add': check_admin_referer('openid-add_openid'); $user = wp_get_current_user(); $auth_request = openid_begin_consumer($_POST['openid_identifier']); $userid = get_user_by_openid($auth_request->endpoint->claimed_id); if ($userid) { global $error; if ($user->ID == $userid) { $error = __('You already have this OpenID!', 'openid'); } else { $error = __('This OpenID is already associated with another user.', 'openid'); } return; } $finish_url = admin_url(current_user_can('edit_users') ? 'users.php' : 'profile.php'); $finish_url = add_query_arg('page', $_REQUEST['page'], $finish_url); openid_start_login($_POST['openid_identifier'], 'verify', $finish_url); break; case 'delete': openid_profile_delete_openids($_REQUEST['delete']); break; default: if (array_key_exists('message', $_REQUEST)) { $message = $_REQUEST['message']; $messages = array('', __('Unable to authenticate OpenID.', 'openid'), __('OpenID assertion successful, but this URL is already associated with another user on this blog.', 'openid'), __('Added association with OpenID.', 'openid')); if (is_numeric($message)) { $message = $messages[$message]; } else { $message = htmlentities2($message); } $message = __($message, 'openid'); if (array_key_exists('update_url', $_REQUEST) && $_REQUEST['update_url']) { $message .= '<br />' . __('<strong>Note:</strong> For security reasons, your profile URL has been updated to match your OpenID.', 'openid'); } openid_message($message); openid_status($_REQUEST['status']); } break; } }
/** * Login user with specified identity URL. This will find the WordPress user account connected to this * OpenID and set it as the current user. Only call this function AFTER you've verified the identity URL. * * @param string $identity userID or OpenID to set as current user * @param boolean $remember should we set the "remember me" cookie * @return void */ function openid_set_current_user($identity, $remember = true) { if (is_numeric($identity)) { $user_id = $identity; } else { $user_id = get_user_by_openid($identity); } if (!$user_id) return; $user = set_current_user($user_id); wp_set_auth_cookie($user->ID, $remember); do_action('wp_login', $user->user_login); }
/** * Build an SReg attribute query extension if we've never seen this OpenID before. * * @uses apply_filters() Calls 'openid_consumer_sreg_required_fields' and * 'openid_consumer_sreg_required_fields' to collect sreg fields. */ function openid_add_sreg_extension($extensions, $auth_request) { if (!get_user_by_openid($auth_request->endpoint->claimed_id)) { require_once 'Auth/OpenID/SReg.php'; if ($auth_request->endpoint->usesExtension(Auth_OpenID_SREG_NS_URI_1_0) || $auth_request->endpoint->usesExtension(Auth_OpenID_SREG_NS_URI_1_1)) { $required = apply_filters('openid_consumer_sreg_required_fields', array()); $optional = apply_filters('openid_consumer_sreg_optional_fields', array('nickname', 'email', 'fullname')); $extensions[] = Auth_OpenID_SRegRequest::build($required, $optional); } } return $extensions; }
/** * Build an SReg attribute query extension if we've never seen this OpenID before. */ function openid_add_sreg_extension($extensions, $auth_request) { if(!get_user_by_openid($auth_request->endpoint->claimed_id)) { set_include_path( dirname(__FILE__) . PATH_SEPARATOR . get_include_path() ); require_once('Auth/OpenID/SReg.php'); restore_include_path(); if ($auth_request->endpoint->usesExtension(Auth_OpenID_SREG_NS_URI_1_0) || $auth_request->endpoint->usesExtension(Auth_OpenID_SREG_NS_URI_1_1)) { $extensions[] = Auth_OpenID_SRegRequest::build(array(),array('nickname','email','fullname')); } } return $extensions; }