/** * Check if user confirmation is required for the OpenID server * * @param string $server * @param optional object $config - the OpenID auth plugin config settings * @return boolean */ function openid_server_requires_confirm($server, $config = null) { if ($config == null) { $config = get_config('auth/openid'); } switch ($config->openid_non_whitelisted_status) { case OPENID_NONWHITELISTED_ALLOW: case OPENID_NONWHITELISTED_DENY: return openid_server_is_greylisted($server); case OPENID_NONWHITELISTED_CONFIRM: return !openid_server_is_whitelisted($server); default: error_log("/auth/openid/lib.php::openid_server_requires_confirm() - invalid setting for config->openid_non_whitelisted_status ({$config->openid_non_whitelisted_status})"); } return true; }
/** * Create a new account using simple registration data if available * * @access private * @param object &$resp An OpenID consumer response object * @return object The new user */ function _create_account(&$resp) { global $CFG, $USER; $url = $resp->identity_url; $password = hash_internal_user_password('openid'); $server = $resp->endpoint->server_url; $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($resp); $sreg = $sreg_resp->contents(); // We'll attempt to use the user's nickname to set their username if (isset($sreg['nickname']) && !empty($sreg['nickname']) && !record_exists('users', 'username', $sreg['nickname'])) { $username = $sreg['nickname']; } else { $username = openid_normalize_url_as_username($url); } create_user_record($username, $password, 'openid'); $user = get_complete_user_data('username', $username); openid_append_url($user, $url); // SREG fullname if (isset($sreg['fullname']) && !empty($sreg['fullname'])) { $name = openid_parse_full_name($sreg['fullname']); $user->firstname = $name['first']; $user->lastname = $name['last']; } // SREG email if (isset($sreg['email']) && !empty($sreg['email']) && !record_exists('user', 'email', $sreg['email'])) { $user->email = $sreg['email']; } // SREG country if (isset($sreg['country']) && !empty($sreg['country'])) { $country = $sreg['country']; $country_code = strtoupper($country); $countries = get_list_of_countries(); if (strlen($country) != 2 || !isset($countries[$country_code])) { $countries_keys = array_keys($countries); $countries_vals = array_values($countries); $country_code = array_search($country, $countries_vals); if ($country_code > 0) { $country_code = $countries_keys[$country_code]; } else { $country_code = ''; } } if (!empty($country_code)) { $user->country = $country_code; } } if (isset($sreg['city']) && !empty($sreg['city'])) { $user->city = $sreg['city']; } /* We're currently not attempting to get language and timezone values // SREG language if (isset($sreg['language']) && !empty($sreg['language'])) { } // SREG timezone if (isset($sreg['timezone']) && !empty($sreg['timezone'])) { } */ if (function_exists('on_openid_create_account')) { on_openid_create_account($resp, $user); } update_record('user', $user); $user = get_complete_user_data('id', $user->id); // Redirect the user to their profile page if not set up properly if (!empty($user) && user_not_fully_set_up($user)) { $USER = clone $user; $urltogo = $CFG->wwwroot . '/user/edit.php'; redirect($urltogo); } $glconfirm = $this->config->openid_require_greylist_confirm == 'true'; if ($glconfirm && !openid_server_is_whitelisted($server)) { $secret = random_string(15); set_field('user', 'secret', $secret, 'id', $user->id); $user->secret = $secret; set_field('user', 'confirmed', 0, 'id', $user->id); $user->confirmed = 0; openid_send_confirmation_email($user); } return $user; }