function validate_identities_url($value)
{
if ($value == 'http://') {
return true;
}
if (environment('authentication') == 'password') {
return true;
}
if (!(environment('openid_version') > 1)) {
return true;
}
global $db;
wp_plugin_include(array('wp-openid'));
$logic = new WordPressOpenID_Logic(null);
$logic->activate_plugin();
if (!WordPressOpenID_Logic::late_bind()) {
trigger_error('Sorry, there was an error in the OpenID plugin.', E_USER_ERROR);
}
$consumer = WordPressOpenID_Logic::getConsumer();
$auth_request = $consumer->begin($value);
if (null === $auth_request) {
trigger_error('Sorry, an OpenID server could not be located from: ' . htmlentities($value), E_USER_ERROR);
}
return true;
}
function openid_continue(&$vars)
{
extract($vars);
$valid = false;
if (class_exists('MySQL') && environment('openid_version') > 1 && !isset($_SESSION['openid_degrade'])) {
global $openid;
wp_plugin_include(array('wp-openid'));
$logic = new WordPressOpenID_Logic(null);
$logic->activate_plugin();
$consumer = WordPressOpenID_Logic::getConsumer();
$openid->response = $consumer->complete($_SESSION['oid_return_to']);
switch ($openid->response->status) {
case Auth_OpenID_CANCEL:
trigger_error('The OpenID assertion was cancelled.', E_USER_ERROR);
break;
case Auth_OpenID_FAILURE:
// if we fail OpenID v2 here, we retry once with OpenID v1
$_SESSION['openid_degrade'] = true;
$request->set_param('return_url', $request->url_for('openid_continue') . '/');
$request->set_param('protected_url', $request->base);
$request->set_param('openid_url', $_SESSION['openid_url']);
authenticate_with_openid();
break;
case Auth_OpenID_SUCCESS:
$_SESSION['openid_complete'] = true;
$valid = true;
break;
}
}
if (!$valid) {
include $GLOBALS['PATH']['library'] . 'openid.php';
$openid = new SimpleOpenID();
$openid->SetIdentity($_SESSION['openid_url']);
$openid->SetApprovedURL($request->url_for('openid_continue') . '/');
$openid->SetTrustRoot($request->base);
$server_url = $_SESSION['openid_server_url'];
$openid->SetOpenIDServer($server_url);
$valid = $openid->ValidateWithServer();
}
if ($valid) {
$_SESSION['openid_complete'] = true;
} else {
trigger_error("Sorry, the openid server {$server_url} did not validate your identity.", E_USER_ERROR);
}
complete_openid_authentication($request);
if (!empty($_SESSION['requested_url'])) {
redirect_to($_SESSION['requested_url']);
} else {
redirect_to($request->base);
}
}
/**
* If the comment contains a valid OpenID, skip the check for requiring a name and email address. Even if
* this data is provided in the form, we may get it through other methods, so we don't want to bail out
* prematurely. After OpenID authentication has completed (and $_SESSION['oid_skip'] is set), we don't
* interfere so that this data can be required if desired.
*
* @param boolean $value existing value of flag, whether to require name and email
* @return boolean new value of flag, whether to require name and email
* @see get_user_data
*/
function bypass_option_require_name_email($value)
{
global $openid_auth_request, $openid;
if ($_REQUEST['oid_skip']) {
return $value;
}
if (array_key_exists('openid_url', $_POST)) {
if (!empty($_POST['openid_url'])) {
return false;
}
} else {
if (!empty($_POST['url'])) {
if (WordPressOpenID_Logic::late_bind()) {
// check if url is valid OpenID by forming an auth request
set_error_handler(array('WordPressOpenID_Logic', 'customer_error_handler'));
$consumer = WordPressOpenID_Logic::getConsumer();
$openid_auth_request = $consumer->begin($_POST['url']);
restore_error_handler();
if (null !== $openid_auth_request) {
return false;
}
}
}
}
return $value;
}
function begin_consumer($url)
{
global $openid_auth_request;
if ($openid_auth_request == NULL) {
set_error_handler(array('WordPressOpenID_Logic', 'customer_error_handler'));
if (WordPressOpenID_Logic::isValidEmail($url)) {
$_SESSION['openid_login_email'] = $url;
set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path());
require_once 'Auth/Yadis/Email.php';
$mapped_url = Auth_Yadis_Email_getID($url, trailingslashit(get_option('home')));
if ($mapped_url) {
$url = $mapped_url;
}
}
$consumer = WordPressOpenID_Logic::getConsumer();
$openid_auth_request = $consumer->begin($url);
restore_error_handler();
}
return $openid_auth_request;
}
