function validate_identities_url($value) { if ($value == 'http://') { return true; } if (environment('authentication') == 'password') { return true; } if (!(environment('openid_version') > 1)) { return true; } global $db; wp_plugin_include(array('wp-openid')); $logic = new WordPressOpenID_Logic(null); $logic->activate_plugin(); if (!WordPressOpenID_Logic::late_bind()) { trigger_error('Sorry, there was an error in the OpenID plugin.', E_USER_ERROR); } $consumer = WordPressOpenID_Logic::getConsumer(); $auth_request = $consumer->begin($value); if (null === $auth_request) { trigger_error('Sorry, an OpenID server could not be located from: ' . htmlentities($value), E_USER_ERROR); } return true; }
function openid_continue(&$vars) { extract($vars); $valid = false; if (class_exists('MySQL') && environment('openid_version') > 1 && !isset($_SESSION['openid_degrade'])) { global $openid; wp_plugin_include(array('wp-openid')); $logic = new WordPressOpenID_Logic(null); $logic->activate_plugin(); $consumer = WordPressOpenID_Logic::getConsumer(); $openid->response = $consumer->complete($_SESSION['oid_return_to']); switch ($openid->response->status) { case Auth_OpenID_CANCEL: trigger_error('The OpenID assertion was cancelled.', E_USER_ERROR); break; case Auth_OpenID_FAILURE: // if we fail OpenID v2 here, we retry once with OpenID v1 $_SESSION['openid_degrade'] = true; $request->set_param('return_url', $request->url_for('openid_continue') . '/'); $request->set_param('protected_url', $request->base); $request->set_param('openid_url', $_SESSION['openid_url']); authenticate_with_openid(); break; case Auth_OpenID_SUCCESS: $_SESSION['openid_complete'] = true; $valid = true; break; } } if (!$valid) { include $GLOBALS['PATH']['library'] . 'openid.php'; $openid = new SimpleOpenID(); $openid->SetIdentity($_SESSION['openid_url']); $openid->SetApprovedURL($request->url_for('openid_continue') . '/'); $openid->SetTrustRoot($request->base); $server_url = $_SESSION['openid_server_url']; $openid->SetOpenIDServer($server_url); $valid = $openid->ValidateWithServer(); } if ($valid) { $_SESSION['openid_complete'] = true; } else { trigger_error("Sorry, the openid server {$server_url} did not validate your identity.", E_USER_ERROR); } complete_openid_authentication($request); if (!empty($_SESSION['requested_url'])) { redirect_to($_SESSION['requested_url']); } else { redirect_to($request->base); } }
/** * Handle user management of OpenID associations. * * @submenu_page: profile.php **/ function profile_panel() { global $error, $openid; if (!current_user_can('read')) { return; } $user = wp_get_current_user(); WordPressOpenID_Logic::late_bind(); if (!$openid->action && $_SESSION['oid_action']) { $openid->action = $_SESSION['oid_action']; unset($_SESSION['oid_action']); } if (!$openid->message && $_SESSION['oid_message']) { $openid->message = $_SESSION['oid_message']; unset($_SESSION['oid_message']); } if ('success' == $openid->action) { echo '<div class="updated"><p><strong>' . __('Success:', 'openid') . '</strong> ' . $openid->message . '</p></div>'; } elseif ('warning' == $openid->action) { echo '<div class="error"><p><strong>' . __('Warning:', 'openid') . '</strong> ' . $openid->message . '</p></div>'; } elseif ('error' == $openid->action) { echo '<div class="error"><p><strong>' . __('Error:', 'openid') . '</strong> ' . $openid->message . '</p></div>'; } if (!empty($error)) { echo '<div class="error"><p><strong>' . __('Error:', 'openid') . '</strong> ' . $error . '</p></div>'; unset($error); } ?> <div class="wrap"> <h2><?php _e('Your Identity URLs', 'openid'); ?> </h2> <p><?php printf(__('The following Identity URLs %s are tied to this user account. You can login ' . 'with equivalent permissions using any of the following identities.', 'openid'), '<a title="' . __('What is OpenID?', 'openid') . '" href="http://openid.net/">' . __('?', 'openid') . '</a>'); ?> </p> <?php $urls = $openid->store->get_identities($user->ID); if (count($urls)) { ?> <p>There are <?php echo count($urls); ?> identities associated with this WordPress user.</p> <table class="widefat"> <thead> <tr> <th scope="col" style="text-align: center"><?php _e('ID', 'openid'); ?> </th> <th scope="col"><?php _e('Identity Url', 'openid'); ?> </th> <th scope="col" style="text-align: center"><?php _e('Action', 'openid'); ?> </th> </tr> </thead> <?php foreach ($urls as $k => $v) { ?> <tr class="alternate"> <th scope="row" style="text-align: center"><?php echo $v['uurl_id']; ?> </th> <td><a href="<?php echo $v['url']; ?> "><?php echo $v['url']; ?> </a></td> <td style="text-align: center"><a class="delete" href="<?php echo wp_nonce_url(sprintf('?page=%s&action=drop_identity&id=%s', 'openid', $v['uurl_id']), 'wp-openid-drop-identity_' . $v['url']); ?> "><?php _e('Delete', 'openid'); ?> </a></td> </tr> <?php } ?> </table> <?php } else { echo ' <p class="error">' . __('There are no OpenIDs associated with this WordPress user.', 'openid') . '</p>'; } ?> <p> <form method="post"><?php _e('Add identity:', 'openid'); ?> <?php wp_nonce_field('wp-openid-add_identity'); ?> <input id="openid_url" name="openid_url" /> <input type="submit" value="<?php _e('Add', 'openid'); ?> " /> <input type="hidden" name="action" value="add_identity" > </form> </p> </div> <?php }
/** * Parse the WordPress request. If the pagename is 'openid_consumer', then the request * is an OpenID response and should be handled accordingly. * * @param WP $wp WP instance for the current request */ function parse_request($wp) { openid_init(); if ($wp->query_vars['pagename'] == 'openid_consumer') { WordPressOpenID_Logic::finish_openid($_REQUEST['action']); } }
/** * Parse the WordPress request. If the pagename is 'openid_consumer', then the request * is an OpenID response and should be handled accordingly. * * @param WP $wp WP instance for the current request */ function parse_request($wp) { if (array_key_exists('openid_check_login', $_REQUEST)) { echo is_user_logged_in() ? 'true' : 'false'; exit; } if (array_key_exists('openid_consumer', $_REQUEST) && $_REQUEST['action']) { openid_init(); WordPressOpenID_Logic::finish_openid($_REQUEST['action']); } }