function handleSubmit()
{
unset($_SESSION['openid_trust_root']);
unset($_SESSION['openid_allow_url']);
unset($_SESSION['openid_deny_url']);
if ($this->arg('allow')) {
//save to database
$user_openid_trustroot = new User_openid_trustroot();
$user_openid_trustroot->user_id = $this->user->id;
$user_openid_trustroot->trustroot = $this->trust_root;
$user_openid_trustroot->created = DB_DataObject_Cast::dateTime();
if (!$user_openid_trustroot->insert()) {
$err = PEAR::getStaticProperty('DB_DataObject', 'lastError');
}
common_redirect($this->allowUrl, $code = 302);
} else {
common_redirect($this->denyUrl, $code = 302);
}
}
/**
* Handles a request to remove OpenID trustroots from the user's account
*
* Validates input and, if everything is OK, deletes the trustroots.
* Reloads the form with a success or error notification.
*
* @return void
*/
function removeTrustroots()
{
$user = common_current_user();
$trustroots = $this->arg('openid_trustroot');
if ($trustroots) {
foreach ($trustroots as $trustroot) {
$user_openid_trustroot = User_openid_trustroot::pkeyGet(array('user_id' => $user->id, 'trustroot' => $trustroot));
if ($user_openid_trustroot) {
$user_openid_trustroot->delete();
} else {
// TRANS: Form validation error when trying to remove a non-existing trustroot.
$this->showForm(_m('No such OpenID trustroot.'));
return;
}
}
// TRANS: Success message after removing trustroots.
$this->showForm(_m('Trustroots removed.'), true);
} else {
$this->showForm();
}
return;
}
/**
* Handles a request to remove OpenID trustroots from the user's account
*
* Validates input and, if everything is OK, deletes the trustroots.
* Reloads the form with a success or error notification.
*
* @return void
*/
function removeTrustroots()
{
$user = common_current_user();
$trustroots = $this->arg('openid_trustroot');
if ($trustroots) {
foreach ($trustroots as $trustroot) {
$user_openid_trustroot = User_openid_trustroot::pkeyGet(array('user_id' => $user->id, 'trustroot' => $trustroot));
if ($user_openid_trustroot) {
$user_openid_trustroot->delete();
} else {
$this->showForm(_m('No such OpenID trustroot.'));
return;
}
}
$this->showForm(_m('Trustroots removed'), true);
} else {
$this->showForm();
}
return;
}
function handle($args)
{
parent::handle($args);
$request = $this->oserver->decodeRequest();
if (in_array($request->mode, array('checkid_immediate', 'checkid_setup'))) {
$user = common_current_user();
if (!$user) {
if ($request->immediate) {
//cannot prompt the user to login in immediate mode, so answer false
$response = $this->generateDenyResponse($request);
} else {
// Go log in, and then come back.
//
// Note: 303 redirect rather than 307 to avoid
// prompting user for form resubmission if we
// were POSTed here.
common_set_returnto($_SERVER['REQUEST_URI']);
common_redirect(common_local_url('login'), 303);
return;
}
} else {
if (common_profile_url($user->nickname) == $request->identity || $request->idSelect()) {
$user_openid_trustroot = User_openid_trustroot::pkeyGet(array('user_id' => $user->id, 'trustroot' => $request->trust_root));
if (empty($user_openid_trustroot)) {
if ($request->immediate) {
//cannot prompt the user to trust this trust root in immediate mode, so answer false
$response = $this->generateDenyResponse($request);
} else {
common_ensure_session();
$_SESSION['openid_trust_root'] = $request->trust_root;
$allowResponse = $this->generateAllowResponse($request, $user);
$this->oserver->encodeResponse($allowResponse);
//sign the response
$denyResponse = $this->generateDenyResponse($request);
$this->oserver->encodeResponse($denyResponse);
//sign the response
$_SESSION['openid_allow_url'] = $allowResponse->encodeToUrl();
$_SESSION['openid_deny_url'] = $denyResponse->encodeToUrl();
// Ask the user to trust this trust root...
//
// Note: 303 redirect rather than 307 to avoid
// prompting user for form resubmission if we
// were POSTed here.
common_redirect(common_local_url('openidtrust'), 303);
return;
}
} else {
//user has previously authorized this trust root
$response = $this->generateAllowResponse($request, $user);
//$response = $request->answer(true, null, common_profile_url($user->nickname));
}
} else {
if ($request->immediate) {
$response = $this->generateDenyResponse($request);
} else {
//invalid
// TRANS: OpenID plugin client error given trying to add an unauthorised OpenID to a user (403).
// TRANS: %s is a request identity.
$this->clientError(sprintf(_m('You are not authorized to use the identity %s.'), $request->identity), $code = 403);
}
}
}
} else {
$response = $this->oserver->handleRequest($request);
}
if ($response) {
$response = $this->oserver->encodeResponse($response);
if ($response->code != AUTH_OPENID_HTTP_OK) {
header(sprintf("HTTP/1.1 %d ", $response->code), true, $response->code);
}
if ($response->headers) {
foreach ($response->headers as $k => $v) {
header("{$k}: {$v}");
}
}
$this->raw($response->body);
} else {
// TRANS: OpenID plugin client error given when not getting a response for a given OpenID provider (500).
$this->clientError(_m('Just an OpenID provider. Nothing to see here, move along...'), $code = 500);
}
}
/**
* Data definitions
*
* Assure that our data objects are available in the DB
*
* @return boolean hook value
*/
function onCheckSchema()
{
$schema = Schema::get();
$schema->ensureTable('user_openid', User_openid::schemaDef());
$schema->ensureTable('user_openid_trustroot', User_openid_trustroot::schemaDef());
$schema->ensureTable('user_openid_prefs', User_openid_prefs::schemaDef());
/* These are used by JanRain OpenID library */
$schema->ensureTable('oid_associations', array('fields' => array('server_url' => array('type' => 'blob', 'not null' => true), 'handle' => array('type' => 'varchar', 'length' => 191, 'not null' => true, 'default' => ''), 'secret' => array('type' => 'blob'), 'issued' => array('type' => 'int'), 'lifetime' => array('type' => 'int'), 'assoc_type' => array('type' => 'varchar', 'length' => 64)), 'primary key' => array(array('server_url', 191), 'handle')));
$schema->ensureTable('oid_nonces', array('fields' => array('server_url' => array('type' => 'varchar', 'length' => 2047), 'timestamp' => array('type' => 'int'), 'salt' => array('type' => 'char', 'length' => 40)), 'unique keys' => array('oid_nonces_server_url_timestamp_salt_key' => array(array('server_url', 191), 'timestamp', 'salt'))));
return true;
}
/**
* Handles a request to remove OpenID trustroots from the user's account
*
* Validates input and, if everything is OK, deletes the trustroots.
* Reloads the form with a success or error notification.
*
* @return void
*/
function removeTrustroots()
{
$trustroots = $this->arg('openid_trustroot', array());
foreach ($trustroots as $trustroot) {
$user_openid_trustroot = User_openid_trustroot::pkeyGet(array('user_id' => $this->scoped->getID(), 'trustroot' => $trustroot));
if ($user_openid_trustroot) {
$user_openid_trustroot->delete();
} else {
// TRANS: Form validation error when trying to remove a non-existing trustroot.
throw new ClientException(_m('No such OpenID trustroot.'));
}
}
// TRANS: Success message after removing trustroots.
return _m('Trustroots removed.');
}
