Index: modules/openid/openid.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/openid/openid.module,v
retrieving revision 1.74
diff -u -9 -p -r1.74 openid.module
--- modules/openid/openid.module 2 Mar 2010 08:59:54 -0000 1.74
+++ modules/openid/openid.module 9 Mar 2010 22:21:56 -0000
@@ -59,24 +59,24 @@ function openid_help($path, $arg) {
$output .= '';
return $output;
}
}
/**
* Implements hook_user_insert().
*/
function openid_user_insert(&$edit, $account, $category) {
- if (isset($_SESSION['openid']['values'])) {
+ if (!empty($edit['openid_claimed_id'])) {
// The user has registered after trying to log in via OpenID.
if (variable_get('user_email_verification', TRUE)) {
drupal_set_message(t('Once you have verified your e-mail address, you may log in via OpenID.'));
}
- user_set_authmaps($account, array('authname_openid' => $_SESSION['openid']['values']['response']['openid.claimed_id']));
+ user_set_authmaps($account, array('authname_openid' => $edit['openid_claimed_id']));
unset($_SESSION['openid']);
}
}
/**
* Implements hook_form_FORM_ID_alter().
*/
function openid_form_user_login_block_alter(&$form, &$form_state) {
_openid_user_login_form_alter($form, $form_state);
@@ -122,40 +122,68 @@ function _openid_user_login_form_alter(&
'#size' => $form['name']['#size'],
'#maxlength' => 255,
'#weight' => -1,
'#description' => l(t('What is OpenID?'), 'http://openid.net/', array('external' => TRUE)),
);
$form['openid.return_to'] = array('#type' => 'hidden', '#value' => url('openid/authenticate', array('absolute' => TRUE, 'query' => user_login_destination())));
}
/**
- * Implements hook_form_alter().
+ * Implements hook_form_FORM_ID_alter().
*
- * Adds OpenID login to the login forms.
+ * Prefills the login form with values acquired via OpenID.
*/
function openid_form_user_register_form_alter(&$form, &$form_state) {
- if (isset($_SESSION['openid']['values'])) {
- // We were unable to auto-register a new user. Prefill the registration
- // form with the values we have.
- $form['account']['name']['#default_value'] = $_SESSION['openid']['values']['name'];
- $form['account']['mail']['#default_value'] = $_SESSION['openid']['values']['mail'];
+ if (isset($_SESSION['openid']['response'])) {
+ module_load_include('inc', 'openid');
+
+ $response = $_SESSION['openid']['response'];
+
+ // Extract Simple Registration keys from the response.
+ $sreg_values = openid_extract_namespace($response, OPENID_NS_SREG, 'sreg');
+ // Extract Attribute Exchanges keys from the response.
+ $ax_values = openid_extract_namespace($response, OPENID_NS_AX, 'ax');
+
+ if (!empty($sreg_values['nickname'])) {
+ // Use the nickname returned by Simple Registration if available.
+ $form['account']['name']['#default_value'] = $sreg_values['nickname'];
+ }
+ elseif (!empty($ax_values['value.email'])) {
+ // Else, extract the name part of the email address returned by AX if available.
+ list($name, $domain) = explode('@', $ax_values['value.email'], 2);
+ $form['account']['name']['#default_value'] = $name;
+ }
+
+ if (!empty($sreg_values['email'])) {
+ // Use the email returned by Simple Registration if available.
+ $form['account']['mail']['#default_value'] = $sreg_values['email'];
+ }
+ elseif (!empty($ax_values['value.email'])) {
+ // Else, use the email returned by AX if available.
+ $form['account']['mail']['#default_value'] = $ax_values['value.email'];
+ }
// If user_email_verification is off, hide the password field and just fill
// with random password to avoid confusion.
if (!variable_get('user_email_verification', TRUE)) {
- $form['pass']['#type'] = 'hidden';
- $form['pass']['#value'] = user_password();
+ $form['account']['pass']['#type'] = 'hidden';
+ $form['account']['pass']['#value'] = user_password();
}
+
+ $form['openid_claimed_id'] = array(
+ '#type' => 'value',
+ '#default_value' => $response['openid.claimed_id'],
+ );
$form['openid_display'] = array(
'#type' => 'item',
'#title' => t('Your OpenID'),
'#description' => t('This OpenID will be attached to your account after registration.'),
- '#markup' => check_plain($_SESSION['openid']['values']['response']['openid.claimed_id']),
+ '#markup' => check_plain($response['openid.claimed_id']),
);
}
}
/**
* Login form _validate hook
*/
function openid_login_validate($form, &$form_state) {
$return_to = $form_state['values']['openid.return_to'];
@@ -523,123 +551,74 @@ function openid_association($op_endpoint
return $assoc_handle;
}
/**
* Authenticate a user or attempt registration.
*
* @param $response Response values from the OpenID Provider.
*/
function openid_authentication($response) {
- module_load_include('inc', 'openid');
-
$identity = $response['openid.claimed_id'];
$account = user_external_load($identity);
if (isset($account->uid)) {
if (!variable_get('user_email_verification', TRUE) || $account->login) {
// Check if user is blocked.
$state['values']['name'] = $account->name;
user_login_name_validate(array(), $state);
if (!form_get_errors()) {
// Load global $user and perform final login tasks.
$form_state['uid'] = $account->uid;
user_login_submit(array(), $form_state);
// Let other modules act on OpenID login
module_invoke_all('openid_response', $response, $account);
}
}
else {
- drupal_set_message(t('You must validate your email address for this account before logging in via OpenID'));
+ drupal_set_message(t('You must validate your email address for this account before logging in via OpenID.'));
}
}
elseif (variable_get('user_register', 1)) {
// Register new user.
- // Extract Simple Registration keys from the response.
- $sreg_values = openid_extract_namespace($response, OPENID_NS_SREG, 'sreg');
- // Extract Attribute Exchanges keys from the response.
- $ax_values = openid_extract_namespace($response, OPENID_NS_AX, 'ax');
-
- $form_state['build_info']['args'] = array();
- $form_state['redirect'] = NULL;
+ // Save response for use in openid_form_user_register_form_alter().
+ $_SESSION['openid']['response'] = $response;
- if (!empty($sreg_values['nickname'])) {
- // Use the nickname returned by Simple Registration if available.
- $form_state['values']['name'] = $sreg_values['nickname'];
- }
- else if (!empty($ax_values['value.email'])) {
- // Else, extract the name part of the email address returned by AX if available.
- list ($name, $domain) = explode('@', $ax_values['value.email'], 2);
- $form_state['values']['name'] = $name;
- }
- else {
- $form_state['values']['name'] = '';
- }
+ $form_state['values'] = array();
+ $form_state['values']['op'] = t('Create new account');
+ drupal_form_submit('user_register_form', $form_state);
- if (!empty($sreg_values['email'])) {
- // Use the email returned by Simple Registration if available.
- $form_state['values']['mail'] = $sreg_values['email'];
- }
- else if (!empty($ax_values['value.email'])) {
- // Else, use the email returned by AX if available.
- $form_state['values']['mail'] = $ax_values['value.email'];
+ if (!empty($form_state['user'])) {
+ module_invoke_all('openid_response', $response, $form_state['user']);
+ unset($_SESSION['openid']);
+ drupal_goto();
}
- else {
- $form_state['values']['mail'] = '';
- }
-
- $form_state['values']['pass'] = user_password();
- $form_state['values']['status'] = variable_get('user_register', 1) == 1;
- $form_state['values']['response'] = $response;
+ $messages = drupal_get_messages('error');
if (empty($form_state['values']['name']) || empty($form_state['values']['mail'])) {
+ // If the OpenID provider did not provide both a user name and an email
+ // address, ask the user to complete the registration manually instead of
+ // showing the error messages about the missing values generated by FAPI.
drupal_set_message(t('Complete the registration by filling out the form below. If you already have an account, you can log in now and add your OpenID under "My account".', array('@login' => url('user/login'))), 'warning');
- $success = FALSE;
}
else {
- $form = drupal_retrieve_form('user_register_form', $form_state);
- drupal_prepare_form('user_register_form', $form, $form_state);
- drupal_validate_form('user_register_form', $form, $form_state);
- $success = !form_get_errors();
- if (!$success) {
- drupal_set_message(t('Account registration using the information provided by your OpenID provider failed due to the reasons listed below. Complete the registration by filling out the form below. If you already have an account, you can log in now and add your OpenID under "My account".', array('@login' => url('user/login'))), 'warning');
- // Append form validation errors below the above warning.
- $messages = drupal_get_messages('error');
- foreach ($messages['error'] as $message) {
- drupal_set_message( $message, 'error');
- }
- }
- }
- if (!$success) {
- // We were unable to register a valid new user, redirect to standard
- // user/register and prefill with the values we received.
- $_SESSION['openid']['values'] = $form_state['values'];
- // We'll want to redirect back to the same place.
- $destination = drupal_get_destination();
- unset($_GET['destination']);
- drupal_goto('user/register', array('query' => $destination));
- }
- else {
- unset($form_state['values']['response']);
- $account = user_save(drupal_anonymous_user(), $form_state['values']);
- // Terminate if an error occurred during user_save().
- if (!$account) {
- drupal_set_message(t("Error saving user account."), 'error');
- drupal_goto();
+ drupal_set_message(t('Account registration using the information provided by your OpenID provider failed due to the reasons listed below. Complete the registration by filling out the form below. If you already have an account, you can log in now and add your OpenID under "My account".', array('@login' => url('user/login'))), 'warning');
+ // Append form validation errors below the above warning.
+ foreach ($messages['error'] as $message) {
+ drupal_set_message( $message, 'error');
}
- user_set_authmaps($account, array("authname_openid" => $identity));
- // Load global $user and perform final login tasks.
- $form_state['uid'] = $account->uid;
- user_login_submit(array(), $form_state);
- // Let other modules act on OpenID login
- module_invoke_all('openid_response', $response, $account);
}
- drupal_redirect_form($form_state);
+
+ // We were unable to register a valid new user. Redirect to the normal
+ // registration page and prefill with the values we received.
+ $destination = drupal_get_destination();
+ unset($_GET['destination']);
+ drupal_goto('user/register', array('query' => $destination));
}
else {
drupal_set_message(t('Only site administrators can create new user accounts.'), 'error');
}
drupal_goto();
}
function openid_association_request($public) {
module_load_include('inc', 'openid');
Index: modules/openid/openid.test
===================================================================
RCS file: /cvs/drupal/drupal/modules/openid/openid.test,v
retrieving revision 1.15
diff -u -9 -p -r1.15 openid.test
--- modules/openid/openid.test 2 Mar 2010 08:59:54 -0000 1.15
+++ modules/openid/openid.test 9 Mar 2010 22:21:56 -0000
@@ -78,33 +78,29 @@ class OpenIDFunctionalTest extends Drupa
function testLogin() {
$this->drupalLogin($this->web_user);
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
$this->addIdentity($identity);
$this->drupalLogout();
- // Fill out and submit the login form.
- $edit = array('openid_identifier' => $identity);
- $this->drupalPost(NULL, $edit, t('Log in'));
-
- // Check we are on the OpenID redirect form.
- $this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
-
- // Submit form to the OpenID Provider Endpoint.
- $this->drupalPost(NULL, array(), t('Send'));
- $this->assertLink($this->web_user->name, 0, t('User was logged in.'));
+ // Test logging in via the login block on the front page.
+ $this->submitLoginForm($identity);
- // Test logging in via the user/login page.
$this->drupalLogout();
+
+ // Test logging in via the user/login page.
+ $edit = array('openid_identifier' => $identity);
$this->drupalPost('user/login', $edit, t('Log in'));
+ $this->assertLink($this->web_user->name, 0, t('User was logged in.'));
+
// Check we are on the OpenID redirect form.
$this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
// Submit form to the OpenID Provider Endpoint.
$this->drupalPost(NULL, array(), t('Send'));
$this->assertLink($this->web_user->name, 0, t('User was logged in.'));
// Verify user was redirected away from user/login to an accessible page.
@@ -148,27 +144,19 @@ class OpenIDFunctionalTest extends Drupa
$this->drupalGet('admin/people');
$edit = array(
'operation' => 'block',
'accounts[' . $this->web_user->uid . ']' => TRUE,
);
$this->drupalPost('admin/people', $edit, t('Update'));
$this->assertRaw('The update has been performed.', t('Account was blocked.'));
$this->drupalLogout();
- // Fill out and submit the login form.
- $edit = array('openid_identifier' => $identity);
- $this->drupalPost(NULL, $edit, t('Log in'));
-
- // Check we are on the OpenID redirect form.
- $this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
-
- // Submit form to the OpenID Provider Endpoint.
- $this->drupalPost(NULL, array(), t('Send'));
+ $this->submitLoginForm($identity);
$this->assertRaw(t('The username %name has not been activated or is blocked.', array('%name' => $this->web_user->name)), t('User login was blocked.'));
}
/**
* Add OpenID identity to user's profile.
*
* @param $identity
* The User-supplied Identifier.
* @param $version
@@ -177,97 +165,112 @@ class OpenIDFunctionalTest extends Drupa
* The expected Claimed Identifier returned by the OpenID Provider.
*/
function addIdentity($identity, $version = 2, $claimed_id = NULL) {
$this->drupalGet('user/' . $this->web_user->uid . '/openid');
$edit = array('openid_identifier' => $identity);
$this->drupalPost(NULL, $edit, t('Add an OpenID'));
// OpenID 1 used a HTTP redirect, OpenID 2 uses a HTML form that is submitted automatically using JavaScript.
if ($version == 2) {
- // Manually submit form because SimpleTest is not able to execute JavaScript.
- $this->assertRaw('', t('JavaScript form submission found.'));
+ // Check we are on the OpenID redirect form.
+ $this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
+
+ // Submit form to the OpenID Provider Endpoint.
$this->drupalPost(NULL, array(), t('Send'));
}
if (!$claimed_id) {
$claimed_id = $identity;
}
$this->assertRaw(t('Successfully added %identity', array('%identity' => $claimed_id)), t('Identity %identity was added.', array('%identity' => $identity)));
}
/**
- * Test OpenID auto-registration with e-mail verification disabled.
+ * Test OpenID auto-registration with e-mail verification enabled.
*/
- function testRegisterUserWithoutEmailVerification() {
- variable_set('user_email_verification', FALSE);
+ function testRegisterUserWithEmailVerification() {
+ variable_set('user_email_verification', TRUE);
- // Load the front page to get the user login block.
- $this->drupalGet('');
+ // Tell openid_test.module to respond with these SREG fields.
+ variable_set('openid_test_response', array('openid.sreg.nickname' => 'john', 'openid.sreg.email' => 'john@example.com'));
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
+ $this->submitLoginForm($identity);
+ $this->assertRaw(t('Once you have verified your e-mail address, you may log in via OpenID.'), t('User was asked to verify e-mail address.'));
+ $this->assertRaw(t('A welcome message with further instructions has been sent to your e-mail address.'), t('A welcome message was sent to the user.'));
- // Tell openid_test.module to respond with these SREG fields.
- variable_set('openid_test_response', array('openid.sreg.nickname' => 'john', 'openid.sreg.email' => 'john@example.com'));
+ $user = user_load_by_name('john');
+ $this->assertTrue($user, t('User was registered with right username.'));
+ $this->assertEqual($user->mail, 'john@example.com', t('User was registered with right email address.'));
- // Fill out and submit the login form.
- $edit = array('openid_identifier' => $identity);
- $this->drupalPost(NULL, $edit, t('Log in'));
+ $this->submitLoginForm($identity);
+ $this->assertRaw(t('You must validate your email address for this account before logging in via OpenID.'));
- // Check we are on the OpenID redirect form.
- $this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
+ // Follow the one-time login that was sent in the welcome e-mail.
+ $this->drupalGet(user_pass_reset_url($user));
+ $this->drupalPost(NULL, array(), t('Log in'));
- // Submit form to the OpenID Provider Endpoint.
- $this->drupalPost(NULL, array(), t('Send'));
+ $this->drupalLogout();
+
+ // Verify that the account was activated.
+ $this->submitLoginForm($identity);
+ $this->assertLink('john', 0, t('User was logged in.'));
+ }
+
+ /**
+ * Test OpenID auto-registration with e-mail verification disabled.
+ */
+ function testRegisterUserWithoutEmailVerification() {
+ variable_set('user_email_verification', FALSE);
+
+ // Tell openid_test.module to respond with these SREG fields.
+ variable_set('openid_test_response', array('openid.sreg.nickname' => 'john', 'openid.sreg.email' => 'john@example.com'));
+
+ // Use a User-supplied Identity that is the URL of an XRDS document.
+ $identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
+ $this->submitLoginForm($identity);
$this->assertLink('john', 0, t('User was logged in.'));
$user = user_load_by_name('john');
$this->assertTrue($user, t('User was registered with right username.'));
$this->assertEqual($user->mail, 'john@example.com', t('User was registered with right email address.'));
+
+ $this->drupalLogout();
+
+ $this->submitLoginForm($identity);
+ $this->assertLink('john', 0, t('User was logged in.'));
}
/**
* Test OpenID auto-registration with a provider that supplies invalid SREG
* information (a username that is already taken, and no e-mail address).
*/
function testRegisterUserWithInvalidSreg() {
- // Load the front page to get the user login block.
- $this->drupalGet('');
+ // Tell openid_test.module to respond with these SREG fields.
+ variable_set('openid_test_response', array('openid.sreg.nickname' => $this->web_user->name, 'openid.sreg.email' => 'mail@invalid#'));
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
-
- // Tell openid_test.module to respond with these SREG fields.
- variable_set('openid_test_response', array('openid.sreg.nickname' => $this->web_user->name, 'openid.sreg.email' => 'mail@invalid#'));
-
- // Fill out and submit the login form.
- $edit = array('openid_identifier' => $identity);
- $this->drupalPost(NULL, $edit, t('Log in'));
-
- // Check we are on the OpenID redirect form.
- $this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
-
- // Submit form to the OpenID Provider Endpoint.
- $this->drupalPost(NULL, array(), t('Send'));
-
+ $this->submitLoginForm($identity);
$this->assertRaw(t('Account registration using the information provided by your OpenID provider failed due to the reasons listed below. Complete the registration by filling out the form below. If you already have an account, you can log in now and add your OpenID under "My account".', array('@login' => url('user/login'))), t('User was asked to complete the registration process manually.'));
$this->assertRaw(t('The name %name is already taken.', array('%name' => $this->web_user->name)), t('Form validation error for username was displayed.'));
$this->assertRaw(t('The e-mail address %mail is not valid.', array('%mail' => 'mail@invalid#')), t('Form validation error for e-mail address was displayed.'));
// Enter username and e-mail address manually.
$edit = array('name' => 'john', 'mail' => 'john@example.com');
$this->drupalPost(NULL, $edit, t('Create new account'));
$this->assertRaw(t('Once you have verified your e-mail address, you may log in via OpenID.'), t('User was asked to verify e-mail address.'));
$user = user_load_by_name('john');
$this->assertTrue($user, t('User was registered with right username.'));
- // Follow the one-time login that was sent in the confirmation e-mail.
+ // Follow the one-time login that was sent in the welcome e-mail.
$this->drupalGet(user_pass_reset_url($user));
$this->drupalPost(NULL, array(), t('Log in'));
// The user is taken to user/%uid/edit.
$this->assertFieldByName('mail', 'john@example.com', t('User was registered with right e-mail address.'));
$this->clickLink(t('OpenID identities'));
$this->assertRaw($identity, t('OpenID identity was registered.'));
}
@@ -276,85 +279,78 @@ class OpenIDFunctionalTest extends Drupa
* Test OpenID auto-registration with a provider that does not supply SREG
* information (i.e. no username or e-mail address).
*/
function testRegisterUserWithoutSreg() {
// Load the front page to get the user login block.
$this->drupalGet('');
// Use a User-supplied Identity that is the URL of an XRDS document.
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
-
- // Fill out and submit the login form.
- $edit = array('openid_identifier' => $identity);
- $this->drupalPost(NULL, $edit, t('Log in'));
-
- // Check we are on the OpenID redirect form.
- $this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
-
- // Submit form to the OpenID Provider Endpoint.
- $this->drupalPost(NULL, array(), t('Send'));
-
+ $this->submitLoginForm($identity);
$this->assertRaw(t('Complete the registration by filling out the form below. If you already have an account, you can log in now and add your OpenID under "My account".', array('@login' => url('user/login'))), t('User was asked to complete the registration process manually.'));
$this->assertNoRaw(t('You must enter a username.'), t('Form validation error for username was not displayed.'));
$this->assertNoRaw(t('You must enter an e-mail address.'), t('Form validation error for e-mail address was not displayed.'));
// Enter username and e-mail address manually.
$edit = array('name' => 'john', 'mail' => 'john@example.com');
$this->drupalPost(NULL, $edit, t('Create new account'));
$this->assertRaw(t('Once you have verified your e-mail address, you may log in via OpenID.'), t('User was asked to verify e-mail address.'));
$user = user_load_by_name('john');
$this->assertTrue($user, t('User was registered with right username.'));
- // Follow the one-time login that was sent in the confirmation e-mail.
+ // Follow the one-time login that was sent in the welcome e-mail.
$this->drupalGet(user_pass_reset_url($user));
$this->drupalPost(NULL, array(), t('Log in'));
// The user is taken to user/%uid/edit.
$this->assertFieldByName('mail', 'john@example.com', t('User was registered with right e-mail address.'));
$this->clickLink(t('OpenID identities'));
$this->assertRaw($identity, t('OpenID identity was registered.'));
}
/**
* Test OpenID auto-registration with a provider that supplies AX information,
* but no SREG.
*/
function testRegisterUserWithAXButNoSREG() {
variable_set('user_email_verification', FALSE);
- // Load the front page to get the user login block.
- $this->drupalGet('');
-
- // Use a User-supplied Identity that is the URL of an XRDS document.
- $identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
-
// Tell openid_test.module to respond with these AX fields.
variable_set('openid_test_response', array(
'openid.ns.ext123' => 'http://openid.net/srv/ax/1.0',
'openid.ext123.value.email' => 'john@example.com',
));
+ // Use a User-supplied Identity that is the URL of an XRDS document.
+ $identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
+ $this->submitLoginForm($identity);
+ $this->assertLink('john', 0, t('User was logged in.'));
+
+ $user = user_load_by_name('john');
+ $this->assertTrue($user, t('User was registered with right username.'));
+ $this->assertEqual($user->mail, 'john@example.com', t('User was registered with right email address.'));
+ }
+
+ /**
+ * Initiates the login procedure using the specified User-supplied Identity.
+ */
+ function submitLoginForm($identity) {
// Fill out and submit the login form.
$edit = array('openid_identifier' => $identity);
- $this->drupalPost(NULL, $edit, t('Log in'));
+ $this->drupalPost('', $edit, t('Log in'));
// Check we are on the OpenID redirect form.
$this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
// Submit form to the OpenID Provider Endpoint.
$this->drupalPost(NULL, array(), t('Send'));
- $this->assertLink('john', 0, t('User was logged in.'));
-
- $user = user_load_by_name('john');
- $this->assertTrue($user, t('User was registered with right username.'));
- $this->assertEqual($user->mail, 'john@example.com', t('User was registered with right email address.'));
}
}
/**
* Test internal helper functions.
*/
class OpenIDUnitTest extends DrupalWebTestCase {
public static function getInfo() {
return array(