/** * Authenticate user to WordPress using OpenID. * * @param mixed $user authenticated user object, or WP_Error or null */ function openid_authenticate($user) { if (array_key_exists('openid_identifier', $_POST) && $_POST['openid_identifier']) { $redirect_to = array_key_exists('redirect_to', $_REQUEST) ? $_REQUEST['redirect_to'] : null; openid_start_login($_POST['openid_identifier'], 'login', $redirect_to); // if we got this far, something is wrong global $error; $error = openid_message(); $user = new WP_Error('openid_login_error', $error); } else { if (array_key_exists('finish_openid', $_REQUEST)) { $identity_url = $_REQUEST['identity_url']; if (!wp_verify_nonce($_REQUEST['_wpnonce'], 'openid_login_' . md5($identity_url))) { $user = new WP_Error('openid_login_error', __('Error during OpenID authentication. Please try again. (invalid nonce)', 'openid')); } if ($identity_url) { $user_id = get_user_by_openid($identity_url); if ($user_id) { $user = new WP_User($user_id); } else { $user = new WP_Error('openid_registration_closed', __('Your have entered a valid OpenID, but this site is not currently accepting new accounts.', 'openid')); } } else { if (array_key_exists('openid_error', $_REQUEST)) { $user = new WP_Error('openid_login_error', htmlentities2($_REQUEST['openid_error'])); } } } } return $user; }
/** * Intercept comment submission and check if it includes a valid OpenID. If it does, save the entire POST * array and begin the OpenID authentication process. * * regarding comment_type: http://trac.nxtclass.org/ticket/2659 * * @param array $comment comment data * @return array comment data */ function openid_process_comment($comment) { if (array_key_exists('openid_skip', $_REQUEST) && $_REQUEST['openid_skip']) { return $comment; } if ($comment['comment_type'] != '') { return $comment; } if (array_key_exists('openid_identifier', $_POST)) { $openid_url = $_POST['openid_identifier']; } elseif ($_REQUEST['login_with_openid']) { $openid_url = $_POST['url']; } @session_start(); unset($_SESSION['openid_posted_comment']); if (!empty($openid_url)) { // Comment form's OpenID url is filled in. $_SESSION['openid_comment_post'] = $_POST; $_SESSION['openid_comment_post']['comment_author_openid'] = $openid_url; $_SESSION['openid_comment_post']['openid_skip'] = 1; openid_start_login($openid_url, 'comment'); // Failure to redirect at all, the URL is malformed or unreachable. // Display an error message only if an explicit OpenID field was used. Otherwise, // just ignore the error... it just means the user entered a normal URL. if (array_key_exists('openid_identifier', $_POST)) { openid_repost_comment_anonymously($_SESSION['openid_comment_post']); } } // duplicate name and email check from nxt-comments-post.php if ($comment['comment_type'] == '') { openid_require_name_email(); } return $comment; }
/** * If we're doing openid authentication ($_POST['openid_identifier'] is set), start the consumer & redirect * Otherwise, return and let WordPress handle the login and/or draw the form. * * @param string $credentials username and password provided in login form */ function openid_wp_authenticate(&$credentials) { if (array_key_exists('openid_consumer', $_REQUEST)) { finish_openid('login'); } else { if (!empty($_POST['openid_identifier'])) { openid_start_login($_POST['openid_identifier'], 'login', array('redirect_to' => $_REQUEST['redirect_to']), site_url('/wp-login.php', 'login_post')); } } }
/** * Intercept comment submission and check if it includes a valid OpenID. If it does, save the entire POST * array and begin the OpenID authentication process. * * regarding comment_type: http://trac.wordpress.org/ticket/2659 * * @param array $comment comment data * @return array comment data */ function openid_process_comment($comment) { @session_start(); if ($_REQUEST['openid_skip']) { return $comment; } $openid_url = array_key_exists('openid_identifier', $_POST) ? $_POST['openid_identifier'] : $_POST['url']; if (!empty($openid_url)) { // Comment form's OpenID url is filled in. $_SESSION['openid_comment_post'] = $_POST; $_SESSION['openid_comment_post']['comment_author_openid'] = $openid_url; $_SESSION['openid_comment_post']['openid_skip'] = 1; openid_start_login($openid_url, 'comment'); // Failure to redirect at all, the URL is malformed or unreachable. // Display an error message only if an explicit OpenID field was used. Otherwise, // just ignore the error... it just means the user entered a normal URL. if (array_key_exists('openid_identifier', $_POST)) { openid_repost_comment_anonymously($_SESSION['openid_comment_post']); } } return $comment; }
/** * Handle OpenID profile management. */ function openid_profile_management() { global $wp_version; if (!isset($_REQUEST['action'])) { return; } switch ($_REQUEST['action']) { case 'verify': finish_openid($_REQUEST['action']); break; case 'add': check_admin_referer('openid-add_openid'); $user = wp_get_current_user(); $auth_request = openid_begin_consumer($_POST['openid_identifier']); $userid = get_user_by_openid($auth_request->endpoint->claimed_id); if ($userid) { global $error; if ($user->ID == $userid) { $error = __('You already have this OpenID!', 'openid'); } else { $error = __('This OpenID is already associated with another user.', 'openid'); } return; } $return_to = admin_url(current_user_can('edit_users') ? 'users.php' : 'profile.php'); openid_start_login($_POST['openid_identifier'], 'verify', array('page' => $_REQUEST['page']), $return_to); break; case 'delete': openid_profile_delete_openids($_REQUEST['delete']); break; } }
/** * Handle OpenID profile management. */ function openid_profile_management() { global $action; wp_reset_vars(array('action')); switch ($action) { case 'add': check_admin_referer('openid-add_openid'); $user = wp_get_current_user(); $auth_request = openid_begin_consumer($_POST['openid_identifier']); $userid = get_user_by_openid($auth_request->endpoint->claimed_id); if ($userid) { global $error; if ($user->ID == $userid) { $error = __('You already have this OpenID!', 'openid'); } else { $error = __('This OpenID is already associated with another user.', 'openid'); } return; } $finish_url = admin_url(current_user_can('edit_users') ? 'users.php' : 'profile.php'); $finish_url = add_query_arg('page', $_REQUEST['page'], $finish_url); openid_start_login($_POST['openid_identifier'], 'verify', $finish_url); break; case 'delete': openid_profile_delete_openids($_REQUEST['delete']); break; default: if (array_key_exists('message', $_REQUEST)) { $message = $_REQUEST['message']; $messages = array('', __('Unable to authenticate OpenID.', 'openid'), __('OpenID assertion successful, but this URL is already associated with another user on this blog.', 'openid'), __('Added association with OpenID.', 'openid')); if (is_numeric($message)) { $message = $messages[$message]; } else { $message = htmlentities2($message); } $message = __($message, 'openid'); if (array_key_exists('update_url', $_REQUEST) && $_REQUEST['update_url']) { $message .= '<br />' . __('<strong>Note:</strong> For security reasons, your profile URL has been updated to match your OpenID.', 'openid'); } openid_message($message); openid_status($_REQUEST['status']); } break; } }