finishaddopenid.php 6.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196
  1. <?php
  2. // This file is part of GNU social - https://www.gnu.org/software/social
  3. //
  4. // GNU social is free software: you can redistribute it and/or modify
  5. // it under the terms of the GNU Affero General Public License as published by
  6. // the Free Software Foundation, either version 3 of the License, or
  7. // (at your option) any later version.
  8. //
  9. // GNU social is distributed in the hope that it will be useful,
  10. // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  12. // GNU Affero General Public License for more details.
  13. //
  14. // You should have received a copy of the GNU Affero General Public License
  15. // along with GNU social. If not, see <http://www.gnu.org/licenses/>.
  16. /**
  17. * Complete adding an OpenID
  18. *
  19. * @category Settings
  20. * @package GNUsocial
  21. * @author Evan Prodromou <evan@status.net>
  22. * @copyright 2008-2009 StatusNet, Inc.
  23. * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
  24. */
  25. defined('GNUSOCIAL') || die();
  26. require_once INSTALLDIR.'/plugins/OpenID/openid.php';
  27. /**
  28. * Complete adding an OpenID
  29. *
  30. * Handle the return from an OpenID verification
  31. *
  32. * @category Settings
  33. * @package GNUsocial
  34. * @author Evan Prodromou <evan@status.net>
  35. * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
  36. */
  37. class FinishaddopenidAction extends Action
  38. {
  39. public $msg = null;
  40. /**
  41. * Handle the redirect back from OpenID confirmation
  42. *
  43. * Check to see if the user's logged in, and then try
  44. * to use the OpenID login system.
  45. *
  46. * @param array $args $_REQUEST arguments
  47. *
  48. * @return void
  49. */
  50. public function handle()
  51. {
  52. parent::handle();
  53. if (!common_logged_in()) {
  54. // TRANS: Error message displayed when trying to perform an action that requires a logged in user.
  55. $this->clientError(_m('Not logged in.'));
  56. } else {
  57. $this->tryLogin();
  58. }
  59. }
  60. /**
  61. * Try to log in using OpenID
  62. *
  63. * Check the OpenID for validity; potentially store it.
  64. *
  65. * @return void
  66. */
  67. public function tryLogin()
  68. {
  69. $consumer = oid_consumer();
  70. $response = $consumer->complete(common_local_url('finishaddopenid'));
  71. if ($response->status == Auth_OpenID_CANCEL) {
  72. // TRANS: Status message in case the response from the OpenID provider is that the logon attempt was cancelled.
  73. $this->message(_m('OpenID authentication cancelled.'));
  74. return;
  75. } elseif ($response->status == Auth_OpenID_FAILURE) {
  76. // TRANS: OpenID authentication failed; display the error message.
  77. // TRANS: %s is the error message.
  78. $this->message(sprintf(
  79. _m('OpenID authentication failed: %s.'),
  80. $response->message
  81. ));
  82. } elseif ($response->status == Auth_OpenID_SUCCESS) {
  83. $display = $response->getDisplayIdentifier();
  84. $canonical = ($response->endpoint && $response->endpoint->canonicalID) ?
  85. $response->endpoint->canonicalID : $display;
  86. $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response);
  87. if ($sreg_resp) {
  88. $sreg = $sreg_resp->contents();
  89. }
  90. // Launchpad teams extension
  91. if (!oid_check_teams($response)) {
  92. // TRANS: OpenID authentication error.
  93. $this->message(_m('OpenID authentication aborted: You are not allowed to login to this site.'));
  94. return;
  95. }
  96. $cur = common_current_user();
  97. $other = oid_get_user($canonical);
  98. if ($other) {
  99. if ($other->id == $cur->id) {
  100. // TRANS: Message in case a user tries to add an OpenID that is already connected to them.
  101. $this->message(_m('You already have this OpenID!'));
  102. } else {
  103. // TRANS: Message in case a user tries to add an OpenID that is already used by another user.
  104. $this->message(_m('Someone else already has this OpenID.'));
  105. }
  106. return;
  107. }
  108. // start a transaction
  109. $cur->query('START TRANSACTION');
  110. $result = oid_link_user($cur->id, $canonical, $display);
  111. if (!$result) {
  112. // TRANS: Message in case the OpenID object cannot be connected to the user.
  113. $this->message(_m('Error connecting user.'));
  114. return;
  115. }
  116. if (isset($_SESSION['openid_synch']) && $_SESSION['openid_synch']) {
  117. if (Event::handle('StartOpenIDUpdateUser', [$cur, $canonical, &$sreg])) {
  118. if (!oid_update_user($cur, $sreg)) {
  119. // TRANS: Message in case the user or the user profile cannot be saved in StatusNet.
  120. $this->message(_m('Error updating profile.'));
  121. return;
  122. }
  123. }
  124. Event::handle('EndOpenIDUpdateUser', [$cur, $canonical, $sreg]);
  125. }
  126. unset($_SESSION['openid_synch']);
  127. // success!
  128. $cur->query('COMMIT');
  129. oid_set_last($display);
  130. common_redirect(common_local_url('openidsettings'), 303);
  131. }
  132. }
  133. /**
  134. * Show a failure message
  135. *
  136. * Something went wrong. Save the message, and show the page.
  137. *
  138. * @param string $msg Error message to show
  139. *
  140. * @return void
  141. */
  142. public function message($msg)
  143. {
  144. $this->message = $msg;
  145. $this->showPage();
  146. }
  147. /**
  148. * Title of the page
  149. *
  150. * @return string title
  151. */
  152. public function title()
  153. {
  154. // TRANS: Title after getting the status of the OpenID authorisation request.
  155. return _m('OpenID Login');
  156. }
  157. /**
  158. * Show error message
  159. *
  160. * @return void
  161. */
  162. public function showPageNotice()
  163. {
  164. if ($this->message) {
  165. $this->element('p', 'error', $this->message);
  166. }
  167. }
  168. }