X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/5038f36cba2c7db223708d06a65f99b08c25b733..d922b1897c81db10b5b8a48d4b92e56a92d12448:/IkiWiki/Plugin/openid.pm diff --git a/IkiWiki/Plugin/openid.pm b/IkiWiki/Plugin/openid.pm index 40a956849..384af7e98 100644 --- a/IkiWiki/Plugin/openid.pm +++ b/IkiWiki/Plugin/openid.pm @@ -119,7 +119,9 @@ sub validate ($$$;$) { my $claimed_identity = $csr->claimed_identity($openid_url); if (! $claimed_identity) { if ($errhandler) { - $errhandler->($csr->err); + if (ref($errhandler) eq 'CODE') { + $errhandler->($csr->err); + } return 0; } else { @@ -156,8 +158,8 @@ sub validate ($$$;$) { $trust_root=$cgiurl if ! defined $trust_root; my $check_url = $claimed_identity->check_url( - return_to => "$cgiurl?do=postsignin", - trust_root => $trust_root, + return_to => auto_upgrade_https($q, "$cgiurl?do=postsignin"), + trust_root => auto_upgrade_https($q, $trust_root), delayed_return => 1, ); # Redirect the user to the OpenID server, which will @@ -223,7 +225,7 @@ sub auth ($$) { } elsif (defined $q->param('openid_identifier')) { # myopenid.com affiliate support - validate($q, $session, $q->param('openid_identifier')); + validate($q, $session, scalar $q->param('openid_identifier')); } } @@ -238,10 +240,10 @@ sub getobj ($$) { my $ua; eval q{use LWPx::ParanoidAgent}; if (! $@) { - $ua=LWPx::ParanoidAgent->new; + $ua=LWPx::ParanoidAgent->new(agent => $config{useragent}); } else { - $ua=LWP::UserAgent->new; + $ua=useragent(); } # Store the secret in the session. @@ -258,10 +260,19 @@ sub getobj ($$) { ua => $ua, args => $q, consumer_secret => sub { return shift()+$secret }, - required_root => $cgiurl, + required_root => auto_upgrade_https($q, $cgiurl), ); } +sub auto_upgrade_https { + my $q=shift; + my $url=shift; + if ($q->https()) { + $url=~s/^http:/https:/i; + } + return $url; +} + sub load_openid_module { # Give up if module is unavailable to avoid needing to depend on it. eval q{use Net::OpenID::Consumer};