/**
* If we're doing openid authentication ($_POST['openid_identifier'] is set), start the consumer & redirect
* Otherwise, return and let WordPress handle the login and/or draw the form.
*
* @param string $credentials username and password provided in login form
*/
function openid_wp_authenticate(&$credentials)
{
if (array_key_exists('openid_consumer', $_REQUEST)) {
finish_openid('login');
} else {
if (!empty($_POST['openid_identifier'])) {
openid_start_login($_POST['openid_identifier'], 'login', array('redirect_to' => $_REQUEST['redirect_to']), site_url('/wp-login.php', 'login_post'));
}
}
}
/**
* Parse the WordPress request. If the pagename is 'openid_consumer', then the request
* is an OpenID response and should be handled accordingly.
*
* @param WP $wp WP instance for the current request
*/
function openid_parse_comment_request($wp)
{
if (array_key_exists('openid_consumer', $_REQUEST) && $_REQUEST['action']) {
finish_openid($_REQUEST['action']);
}
}
/**
* Handle OpenID profile management.
*/
function openid_profile_management()
{
global $wp_version;
if (!isset($_REQUEST['action'])) {
return;
}
switch ($_REQUEST['action']) {
case 'verify':
finish_openid($_REQUEST['action']);
break;
case 'add':
check_admin_referer('openid-add_openid');
$user = wp_get_current_user();
$auth_request = openid_begin_consumer($_POST['openid_identifier']);
$userid = get_user_by_openid($auth_request->endpoint->claimed_id);
if ($userid) {
global $error;
if ($user->ID == $userid) {
$error = __('You already have this OpenID!', 'openid');
} else {
$error = __('This OpenID is already associated with another user.', 'openid');
}
return;
}
$return_to = admin_url(current_user_can('edit_users') ? 'users.php' : 'profile.php');
openid_start_login($_POST['openid_identifier'], 'verify', array('page' => $_REQUEST['page']), $return_to);
break;
case 'delete':
openid_profile_delete_openids($_REQUEST['delete']);
break;
}
}
/**
* Parse the WordPress request. If the query var 'openid' is present, then
* handle the request accordingly.
*
* @param WP $wp WP instance for the current request
*/
function openid_parse_request($wp) {
if (array_key_exists('openid', $wp->query_vars)) {
openid_clean_request();
switch ($wp->query_vars['openid']) {
case 'consumer':
@session_start();
$action = $_SESSION['openid_action'];
// no action, which probably means OP-initiated login. Set
// action to 'login', and redirect to home page when finished
if (empty($action)) {
$action = 'login';
if (empty($_SESSION['openid_finish_url'])) {
//$_SESSION['openid_finish_url'] = get_option('home');
}
}
finish_openid($action);
break;
case 'server':
openid_server_request($_REQUEST['action']);
break;
case 'ajax':
if ( check_admin_referer('openid_ajax') ) {
header('Content-Type: application/json');
echo '{ valid:' . ( is_url_openid( $_REQUEST['url'] ) ? 'true' : 'false' ) . ', nonce:"' . wp_create_nonce('openid_ajax') . '" }';
exit;
}
}
}
}
