openidsettings.php 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396
  1. <?php
  2. // This file is part of GNU social - https://www.gnu.org/software/social
  3. //
  4. // GNU social is free software: you can redistribute it and/or modify
  5. // it under the terms of the GNU Affero General Public License as published by
  6. // the Free Software Foundation, either version 3 of the License, or
  7. // (at your option) any later version.
  8. //
  9. // GNU social is distributed in the hope that it will be useful,
  10. // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  12. // GNU Affero General Public License for more details.
  13. //
  14. // You should have received a copy of the GNU Affero General Public License
  15. // along with GNU social. If not, see <http://www.gnu.org/licenses/>.
  16. /**
  17. * Settings for OpenID
  18. *
  19. * @category Settings
  20. * @package GNUsocial
  21. * @author Evan Prodromou <evan@status.net>
  22. * @copyright 2008-2009 StatusNet, Inc.
  23. * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
  24. */
  25. defined('GNUSOCIAL') || die();
  26. require_once INSTALLDIR.'/plugins/OpenID/openid.php';
  27. /**
  28. * Settings for OpenID
  29. *
  30. * Lets users add, edit and delete OpenIDs from their account
  31. *
  32. * @copyright 2008-2009 StatusNet, Inc.
  33. * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
  34. */
  35. class OpenidsettingsAction extends SettingsAction
  36. {
  37. /**
  38. * Title of the page
  39. *
  40. * @return string Page title
  41. */
  42. public function title()
  43. {
  44. // TRANS: Title of OpenID settings page for a user.
  45. return _m('TITLE', 'OpenID settings');
  46. }
  47. /**
  48. * Instructions for use
  49. *
  50. * @return string Instructions for use
  51. */
  52. public function getInstructions()
  53. {
  54. // TRANS: Form instructions for OpenID settings.
  55. // TRANS: This message contains Markdown links in the form [description](link).
  56. return _m('[OpenID](%%doc.openid%%) lets you log into many sites ' .
  57. 'with the same user account. '.
  58. 'Manage your associated OpenIDs from here.');
  59. }
  60. public function showScripts()
  61. {
  62. parent::showScripts();
  63. $this->autofocus('openid_url');
  64. }
  65. /**
  66. * Show the form for OpenID management
  67. *
  68. * We have one form with a few different submit buttons to do different things.
  69. *
  70. * @return void
  71. */
  72. public function showContent()
  73. {
  74. if (!common_config('openid', 'trusted_provider')) {
  75. $this->elementStart('form', ['method' => 'post',
  76. 'id' => 'form_settings_openid_add',
  77. 'class' => 'form_settings',
  78. 'action' =>
  79. common_local_url('openidsettings')]);
  80. $this->elementStart('fieldset', ['id' => 'settings_openid_add']);
  81. // TRANS: Fieldset legend.
  82. $this->element('legend', null, _m('LEGEND', 'Add OpenID'));
  83. $this->hidden('token', common_session_token());
  84. $this->elementStart('ul', 'form_data');
  85. $this->elementStart('li');
  86. // TRANS: Field label.
  87. $this->input(
  88. 'openid_url',
  89. _m('OpenID URL'),
  90. null,
  91. // TRANS: Form guide.
  92. _m('An OpenID URL which identifies you.'),
  93. null,
  94. true,
  95. ['placeholder' => 'https://example.com/you']
  96. );
  97. $this->elementEnd('li');
  98. $this->elementStart('li');
  99. // TRANS: Field label.
  100. $this->checkbox(
  101. 'openid-synch',
  102. _m('Synchronize Account'),
  103. false,
  104. // TRANS: Form guide.
  105. _m('Synchronize GNU social profile with this OpenID identity.')
  106. );
  107. $this->elementEnd('li');
  108. $this->elementEnd('ul');
  109. // TRANS: Button text for adding an OpenID URL.
  110. $this->submit('settings_openid_add_action-submit', _m('BUTTON', 'Add'), 'submit', 'add');
  111. $this->elementEnd('fieldset');
  112. $this->elementEnd('form');
  113. }
  114. $oid = new User_openid();
  115. $oid->user_id = $this->scoped->getID();
  116. $cnt = $oid->find();
  117. if ($cnt > 0) {
  118. // TRANS: Header on OpenID settings page.
  119. $this->element('h2', null, _m('HEADER', 'OpenID Actions'));
  120. if ($cnt == 1 && !$this->scoped->hasPassword()) {
  121. $this->element(
  122. 'p',
  123. 'form_guide',
  124. // TRANS: Form guide.
  125. _m('You can\'t remove your main OpenID account ' .
  126. 'without either adding a password to your ' .
  127. 'GNU social account or another OpenID account. ' .
  128. 'You can synchronize your profile with your ' .
  129. 'OpenID by clicking the button labeled "Synchronize".')
  130. );
  131. if ($oid->fetch()) {
  132. $this->elementStart('form', ['method' => 'POST',
  133. 'id' => 'form_settings_openid_actions' . $idx,
  134. 'class' => 'form_settings',
  135. 'action' => common_local_url('openidsettings')]);
  136. $this->elementStart('fieldset');
  137. $this->hidden('token', common_session_token());
  138. $this->element('a', ['href' => $oid->canonical], $oid->display);
  139. $this->hidden("openid_url", $oid->canonical);
  140. // TRANS: Button text to synchronize OpenID with the GS profile.
  141. $this->submit("synch", _m('BUTTON', 'Synchronize'), 'submit synch');
  142. $this->elementEnd('fieldset');
  143. $this->elementEnd('form');
  144. }
  145. } else {
  146. $this->element(
  147. 'p',
  148. 'form_guide',
  149. // TRANS: Form guide.
  150. _m('You can remove an OpenID from your account ' .
  151. 'by clicking the button labeled "Remove". ' .
  152. 'You can synchronize your profile with an OpenID ' .
  153. 'by clicking the button labeled "Synchronize".')
  154. );
  155. $idx = 0;
  156. while ($oid->fetch()) {
  157. $this->elementStart('form', ['method' => 'POST',
  158. 'id' => 'form_settings_openid_actions' . $idx,
  159. 'class' => 'form_settings',
  160. 'action' => common_local_url('openidsettings')]);
  161. $this->elementStart('fieldset');
  162. $this->hidden('token', common_session_token());
  163. $this->element('a', ['href' => $oid->canonical], $oid->display);
  164. $this->hidden("openid_url{$idx}", $oid->canonical, 'openid_url');
  165. $this->elementStart('span', ['class' => 'element_actions']);
  166. // TRANS: Button text to sync an OpenID with the GS profile.
  167. $this->submit("synch{$idx}", _m('BUTTON', 'Synchronize'), 'submit', 'synch');
  168. // TRANS: Button text to remove an OpenID.
  169. $this->submit("remove{$idx}", _m('BUTTON', 'Remove'), 'submit', 'remove');
  170. $this->elementEnd('span');
  171. $this->elementEnd('fieldset');
  172. $this->elementEnd('form');
  173. $idx++;
  174. }
  175. }
  176. }
  177. $this->elementStart('form', ['method' => 'post',
  178. 'id' => 'form_settings_openid_trustroots',
  179. 'class' => 'form_settings',
  180. 'action' =>
  181. common_local_url('openidsettings')]);
  182. $this->elementStart('fieldset', ['id' => 'settings_openid_trustroots']);
  183. // TRANS: Fieldset legend.
  184. $this->element('legend', null, _m('OpenID Trusted Sites'));
  185. $this->hidden('token', common_session_token());
  186. $this->element(
  187. 'p',
  188. 'form_guide',
  189. // TRANS: Form guide.
  190. _m('The following sites are allowed to access your ' .
  191. 'identity and log you in. You can remove a site from ' .
  192. 'this list to deny it access to your OpenID.')
  193. );
  194. $this->elementStart('ul', 'form_data');
  195. $user_openid_trustroot = new User_openid_trustroot();
  196. $user_openid_trustroot->user_id = $this->scoped->getID();
  197. if ($user_openid_trustroot->find()) {
  198. while ($user_openid_trustroot->fetch()) {
  199. $this->elementStart('li');
  200. $this->element(
  201. 'input',
  202. [
  203. 'name' => 'openid_trustroot[]',
  204. 'type' => 'checkbox',
  205. 'class' => 'checkbox',
  206. 'value' => $user_openid_trustroot->trustroot,
  207. 'id' => 'openid_trustroot_' . crc32($user_openid_trustroot->trustroot),
  208. ]
  209. );
  210. $this->element(
  211. 'label',
  212. [
  213. 'class'=>'checkbox',
  214. 'for' => 'openid_trustroot_' . crc32($user_openid_trustroot->trustroot),
  215. ],
  216. $user_openid_trustroot->trustroot
  217. );
  218. $this->elementEnd('li');
  219. }
  220. }
  221. $this->elementEnd('ul');
  222. // TRANS: Button text to remove an OpenID trustroot.
  223. $this->submit('settings_openid_trustroots_action-submit', _m('BUTTON', 'Remove'), 'submit', 'remove_trustroots');
  224. $this->elementEnd('fieldset');
  225. $prefs = User_openid_prefs::getKV('user_id', $this->scoped->getID());
  226. $this->elementStart('fieldset');
  227. $this->element('legend', null, _m('LEGEND', 'Preferences'));
  228. $this->elementStart('ul', 'form_data');
  229. $this->checkbox('hide_profile_link', "Hide OpenID links from my profile", !empty($prefs) && $prefs->hide_profile_link);
  230. // TRANS: Button text to save OpenID prefs
  231. $this->submit('settings_openid_prefs_save', _m('BUTTON', 'Save'), 'submit', 'save_prefs');
  232. $this->elementEnd('ul');
  233. $this->elementEnd('fieldset');
  234. $this->elementEnd('form');
  235. }
  236. /**
  237. * Handle a POST request
  238. *
  239. * Muxes to different sub-functions based on which button was pushed
  240. *
  241. * @return void
  242. */
  243. protected function doPost()
  244. {
  245. if ($this->arg('add')) {
  246. if (common_config('openid', 'trusted_provider')) {
  247. // TRANS: Form validation error if no OpenID providers can be added.
  248. throw new ServerException(_m('Cannot add new providers.'));
  249. } else {
  250. $_SESSION['openid_synch'] = $this->boolean('openid-synch');
  251. $result = oid_authenticate($this->trimmed('openid_url'), 'finishaddopenid');
  252. if (is_string($result)) { // error message
  253. unset($_SESSION['openid-synch']);
  254. throw new ServerException($result);
  255. }
  256. return _('Added new provider.');
  257. }
  258. } elseif ($this->arg('remove')) {
  259. return $this->removeOpenid();
  260. } elseif ($this->arg('synch')) {
  261. return $this->synchOpenid();
  262. } elseif ($this->arg('remove_trustroots')) {
  263. return $this->removeTrustroots();
  264. } elseif ($this->arg('save_prefs')) {
  265. return $this->savePrefs();
  266. }
  267. // TRANS: Unexpected form validation error.
  268. throw new ServerException(_m('No known action for POST.'));
  269. }
  270. /**
  271. * Handles a request to remove OpenID trustroots from the user's account
  272. *
  273. * Validates input and, if everything is OK, deletes the trustroots.
  274. * Reloads the form with a success or error notification.
  275. *
  276. * @return void
  277. */
  278. public function removeTrustroots()
  279. {
  280. $trustroots = $this->arg('openid_trustroot', []);
  281. foreach ($trustroots as $trustroot) {
  282. $user_openid_trustroot = User_openid_trustroot::pkeyGet(
  283. ['user_id'=>$this->scoped->getID(), 'trustroot'=>$trustroot]
  284. );
  285. if ($user_openid_trustroot) {
  286. $user_openid_trustroot->delete();
  287. } else {
  288. // TRANS: Form validation error when trying to remove a non-existing trustroot.
  289. throw new ClientException(_m('No such OpenID trustroot.'));
  290. }
  291. }
  292. // TRANS: Success message after removing trustroots.
  293. return _m('Trustroots removed.');
  294. }
  295. /**
  296. * Handles a request to remove an OpenID from the user's account
  297. *
  298. * Validates input and, if everything is OK, deletes the OpenID.
  299. * Reloads the form with a success or error notification.
  300. *
  301. * @return void
  302. */
  303. public function removeOpenid()
  304. {
  305. $oid = User_openid::getKV('canonical', $this->trimmed('openid_url'));
  306. if (!$oid instanceof User_openid) {
  307. // TRANS: Form validation error for a non-existing OpenID.
  308. throw new ClientException(_m('No such OpenID.'));
  309. }
  310. if ($this->scoped->getID() != $oid->user_id) {
  311. // TRANS: Form validation error if OpenID is connected to another user.
  312. throw new ClientException(_m('That OpenID does not belong to you.'));
  313. }
  314. $oid->delete();
  315. // TRANS: Success message after removing an OpenID.
  316. return _m('OpenID removed.');
  317. }
  318. /**
  319. * Handles a request to synch an OpenID to the user's profile
  320. *
  321. * @return void
  322. */
  323. public function synchOpenid()
  324. {
  325. $oid = User_openid::getKV('canonical', $this->trimmed('openid_url'));
  326. if (!$oid instanceof User_openid) {
  327. throw new ClientException(_m('No such OpenID.'));
  328. }
  329. $result = oid_authenticate($this->trimmed('openid_url'), 'finishsynchopenid');
  330. if (is_string($result)) { // error message
  331. throw new ServerException($result);
  332. }
  333. return _m('Synchronized OpenID.');
  334. }
  335. /**
  336. * Handles a request to save preferences
  337. *
  338. * Validates input and, if everything is OK, deletes the OpenID.
  339. * Reloads the form with a success or error notification.
  340. *
  341. * @return void
  342. */
  343. public function savePrefs()
  344. {
  345. $orig = null;
  346. $prefs = User_openid_prefs::getKV('user_id', $this->scoped->getID());
  347. if (!$prefs instanceof User_openid_prefs) {
  348. $prefs = new User_openid_prefs();
  349. $prefs->user_id = $this->scoped->getID();
  350. $prefs->created = common_sql_now();
  351. } else {
  352. $orig = clone($prefs);
  353. }
  354. $prefs->hide_profile_link = $this->boolean('hide_profile_link');
  355. if ($orig instanceof User_openid_prefs) {
  356. $prefs->update($orig);
  357. } else {
  358. $prefs->insert();
  359. }
  360. return _m('OpenID preferences saved.');
  361. }
  362. }