function validate_identities_url($value) { if ($value == 'http://') { return true; } if (environment('authentication') == 'password') { return true; } if (!(environment('openid_version') > 1)) { return true; } global $db; wp_plugin_include(array('wp-openid')); $logic = new WordPressOpenID_Logic(null); $logic->activate_plugin(); if (!WordPressOpenID_Logic::late_bind()) { trigger_error('Sorry, there was an error in the OpenID plugin.', E_USER_ERROR); } $consumer = WordPressOpenID_Logic::getConsumer(); $auth_request = $consumer->begin($value); if (null === $auth_request) { trigger_error('Sorry, an OpenID server could not be located from: ' . htmlentities($value), E_USER_ERROR); } return true; }
function openid_continue(&$vars) { extract($vars); $valid = false; if (class_exists('MySQL') && environment('openid_version') > 1 && !isset($_SESSION['openid_degrade'])) { global $openid; wp_plugin_include(array('wp-openid')); $logic = new WordPressOpenID_Logic(null); $logic->activate_plugin(); $consumer = WordPressOpenID_Logic::getConsumer(); $openid->response = $consumer->complete($_SESSION['oid_return_to']); switch ($openid->response->status) { case Auth_OpenID_CANCEL: trigger_error('The OpenID assertion was cancelled.', E_USER_ERROR); break; case Auth_OpenID_FAILURE: // if we fail OpenID v2 here, we retry once with OpenID v1 $_SESSION['openid_degrade'] = true; $request->set_param('return_url', $request->url_for('openid_continue') . '/'); $request->set_param('protected_url', $request->base); $request->set_param('openid_url', $_SESSION['openid_url']); authenticate_with_openid(); break; case Auth_OpenID_SUCCESS: $_SESSION['openid_complete'] = true; $valid = true; break; } } if (!$valid) { include $GLOBALS['PATH']['library'] . 'openid.php'; $openid = new SimpleOpenID(); $openid->SetIdentity($_SESSION['openid_url']); $openid->SetApprovedURL($request->url_for('openid_continue') . '/'); $openid->SetTrustRoot($request->base); $server_url = $_SESSION['openid_server_url']; $openid->SetOpenIDServer($server_url); $valid = $openid->ValidateWithServer(); } if ($valid) { $_SESSION['openid_complete'] = true; } else { trigger_error("Sorry, the openid server {$server_url} did not validate your identity.", E_USER_ERROR); } complete_openid_authentication($request); if (!empty($_SESSION['requested_url'])) { redirect_to($_SESSION['requested_url']); } else { redirect_to($request->base); } }
/** * If the comment contains a valid OpenID, skip the check for requiring a name and email address. Even if * this data is provided in the form, we may get it through other methods, so we don't want to bail out * prematurely. After OpenID authentication has completed (and $_SESSION['oid_skip'] is set), we don't * interfere so that this data can be required if desired. * * @param boolean $value existing value of flag, whether to require name and email * @return boolean new value of flag, whether to require name and email * @see get_user_data */ function bypass_option_require_name_email($value) { global $openid_auth_request, $openid; if ($_REQUEST['oid_skip']) { return $value; } if (array_key_exists('openid_url', $_POST)) { if (!empty($_POST['openid_url'])) { return false; } } else { if (!empty($_POST['url'])) { if (WordPressOpenID_Logic::late_bind()) { // check if url is valid OpenID by forming an auth request set_error_handler(array('WordPressOpenID_Logic', 'customer_error_handler')); $consumer = WordPressOpenID_Logic::getConsumer(); $openid_auth_request = $consumer->begin($_POST['url']); restore_error_handler(); if (null !== $openid_auth_request) { return false; } } } } return $value; }
function begin_consumer($url) { global $openid_auth_request; if ($openid_auth_request == NULL) { set_error_handler(array('WordPressOpenID_Logic', 'customer_error_handler')); if (WordPressOpenID_Logic::isValidEmail($url)) { $_SESSION['openid_login_email'] = $url; set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path()); require_once 'Auth/Yadis/Email.php'; $mapped_url = Auth_Yadis_Email_getID($url, trailingslashit(get_option('home'))); if ($mapped_url) { $url = $mapped_url; } } $consumer = WordPressOpenID_Logic::getConsumer(); $openid_auth_request = $consumer->begin($url); restore_error_handler(); } return $openid_auth_request; }