X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/912521ef0711204965aa2319d41c7741bd3f4f4c..dcb52530910306891622bbaff9e039b52e83b0fc:/IkiWiki/Plugin/openid.pm?ds=sidebyside diff --git a/IkiWiki/Plugin/openid.pm b/IkiWiki/Plugin/openid.pm index f43c4db7f..5424c57e2 100644 --- a/IkiWiki/Plugin/openid.pm +++ b/IkiWiki/Plugin/openid.pm @@ -4,38 +4,64 @@ package IkiWiki::Plugin::openid; use warnings; use strict; -use IkiWiki; +use IkiWiki 3.00; -sub import { #{{{ +sub import { hook(type => "getopt", id => "openid", call => \&getopt); + hook(type => "getsetup", id => "openid", call => \&getsetup); hook(type => "auth", id => "openid", call => \&auth); hook(type => "formbuilder_setup", id => "openid", call => \&formbuilder_setup, last => 1); -} # }}} +} -sub getopt () { #{{{ +sub getopt () { eval q{use Getopt::Long}; error($@) if $@; Getopt::Long::Configure('pass_through'); GetOptions("openidsignup=s" => \$config{openidsignup}); -} #}}} +} + +sub getsetup () { + return + plugin => { + safe => 1, + rebuild => 0, + }, + openidsignup => { + type => "string", + example => "http://myopenid.com/", + description => "an url where users can signup for an OpenID", + safe => 1, + rebuild => 0, + }, +} -sub formbuilder_setup (@) { #{{{ +sub formbuilder_setup (@) { my %params=@_; my $form=$params{form}; my $session=$params{session}; my $cgi=$params{cgi}; - + if ($form->title eq "signin") { + # Give up if module is unavailable to avoid + # needing to depend on it. + eval q{use Net::OpenID::Consumer}; + if ($@) { + debug("unable to load Net::OpenID::Consumer, not enabling OpenID login ($@)"); + return; + } + + # This avoids it displaying a redundant label for the + # OpenID fieldset. + $form->fieldsets("OpenID"); + $form->field( name => "openid_url", - label => "OpenID", + label => gettext("Log in with")." ".htmllink("", "", "ikiwiki/OpenID", noimageinline => 1), + fieldset => "OpenID", size => 30, - comment => '('. - htmllink("", "", "OpenID", 1, 0, gettext("What's this?")) - .($config{openidsignup} ? " | ".gettext("Get an OpenID")."" : "") - .')' + comment => ($config{openidsignup} ? " | ".gettext("Get an OpenID")."" : "") ); # Handle submission of an OpenID as validation. @@ -58,13 +84,15 @@ sub formbuilder_setup (@) { #{{{ } elsif ($form->title eq "preferences") { if (! defined $form->field(name => "name")) { - $form->field(name => "OpenID", disabled => 1, value => - $session->param("name"), size => 30, force => 1); + $form->field(name => "OpenID", disabled => 1, + value => $session->param("name"), + size => 50, force => 1, + fieldset => "login"); } } } -sub validate ($$$;$) { #{{{ +sub validate ($$$;$) { my $q=shift; my $session=shift; my $openid_url=shift; @@ -93,9 +121,9 @@ sub validate ($$$;$) { #{{{ # eventually bounce them back to auth() IkiWiki::redirect($q, $check_url); exit 0; -} #}}} +} -sub auth ($$) { #{{{ +sub auth ($$) { my $q=shift; my $session=shift; @@ -119,9 +147,9 @@ sub auth ($$) { #{{{ # myopenid.com affiliate support validate($q, $session, $q->param('openid_identifier')); } -} #}}} +} -sub getobj ($$) { #{{{ +sub getobj ($$) { my $q=shift; my $session=shift; @@ -140,15 +168,45 @@ sub getobj ($$) { #{{{ # Store the secret in the session. my $secret=$session->param("openid_secret"); if (! defined $secret) { - $secret=$session->param(openid_secret => time); + $secret=rand; + $session->param(openid_secret => $secret); } return Net::OpenID::Consumer->new( ua => $ua, args => $q, - consumer_secret => $secret, + consumer_secret => sub { return shift()+$secret }, required_root => $config{cgiurl}, ); -} #}}} +} + +package IkiWiki; + +# This is not used by this plugin, but this seems the best place to put it. +# Used elsewhere to pretty-display the name of an openid user. +sub openiduser ($) { + my $user=shift; + + if ($user =~ m!^https?://! && + eval q{use Net::OpenID::VerifiedIdentity; 1} && !$@) { + my $oid=Net::OpenID::VerifiedIdentity->new(identity => $user); + my $display=$oid->display; + # Convert "user.somehost.com" to "user [somehost.com]" + # (also "user.somehost.co.uk") + if ($display !~ /\[/) { + $display=~s/^([-a-zA-Z0-9]+?)\.([-.a-zA-Z0-9]+\.[a-z]+)$/$1 [$2]/; + } + # Convert "http://somehost.com/user" to "user [somehost.com]". + # (also "https://somehost.com/user/") + if ($display !~ /\[/) { + $display=~s/^https?:\/\/(.+)\/([^\/]+)\/?$/$2 [$1]/; + } + $display=~s!^https?://!!; # make sure this is removed + eval q{use CGI 'escapeHTML'}; + error($@) if $@; + return escapeHTML($display); + } + return; +} 1