%message)', array('%message' => $message)); - drupal_set_header('HTTP/1.1 200 OK'); - drupal_set_header("Content-Type: text/plain"); - drupal_set_header('Content-Length: '. strlen($message)); - drupal_set_header('Connection: close'); + drupal_add_http_header('Status', '200 OK'); + drupal_add_http_header('Content-Type', 'text/plain; charset=utf-8'); + drupal_add_http_header('Content-Length', strlen($message)); + drupal_add_http_header('Connection', 'close'); print $message; } @@ -77,7 +82,7 @@ function openid_provider_association_error() { 'error' => '', // optional 'error_code' => 'unsupported-type', 'session_type' => '', // optional - 'assoc_type' => '' // optional + 'assoc_type' => '', // optional ); } @@ -92,7 +97,7 @@ function openid_provider_authentication_response($request) { // If the user is not yet logged in, redirect to the login page before continuing. if (!$user->uid) { $_SESSION['openid_provider']['request'] = $request; - drupal_goto('user/login', 'destination=openid/provider/continue'); + drupal_goto('user/login', array('query' => array('destination' => 'openid/provider/continue'))); } // Determine the realm (openid.trust_root in 1.x) @@ -106,26 +111,10 @@ function openid_provider_authentication_response($request) { $identity = $request['openid.identity']; if ($identity != openid_provider_url(openid_provider_user_path($user->uid))) { $response = openid_provider_authentication_error($request['openid.mode']); - _openid_provider_debug('authentication error response using 1.0 redirect to %url (response dump:
%response)', array('%url' => $request['openid.return_to'], '%response' => var_export($response, TRUE))); - return openid_redirect_http($request['openid.return_to'], $response); + openid_redirect($request['openid.return_to'], $response); } } - /* - * according to section 9.1, an empty assoc_handle should make the - * 'transaction take place in "Stateless mode"' - * https://openid.net/specs/openid-authentication-2_0.html#requesting_authentication - * - * we do not support this yet: https://drupal.org/node/506530 - this is a - * workaround to fix https://drupal.org/node/1158356 - * - * the spec, however, clearly states that responses MUST have that value set, - * so we generate a new one if the client didn't provide any - */ - $assoc_handle = $request['openid.assoc_handle']; - if (!$assoc_handle) { - $assoc_handle = _openid_provider_nonce(); - } $response = array( 'openid.ns' => OPENID_NS_2_0, 'openid.mode' => 'id_res', @@ -134,10 +123,11 @@ function openid_provider_authentication_response($request) { 'openid.claimed_id' => $identity, 'openid.return_to' => $request['openid.return_to'], 'openid.response_nonce' => _openid_provider_nonce(), - 'openid.assoc_handle' => $assoc_handle, 'openid.sreg.nickname' => $user->name, - 'openid.sreg.email' => $user->mail + 'openid.sreg.email' => $user->mail, ); + if (isset($request['openid.assoc_handle'])) + $response['openid.assoc_handle'] = $request['openid.assoc_handle']; // Is the RP requesting Immediate or Indirect mode? if ($request['openid.mode'] == 'checkid_immediate') { @@ -155,18 +145,15 @@ function openid_provider_authentication_response($request) { // calling hook_openid so we can do response parsing and send any pertinent data back to the user $response = array_merge($response, module_invoke_all('openid_provider', 'response', $response, $request)); - $rp = _openid_provider_rp_load($user->uid, $realm); - if ($rp->auto_release) { + if (@$rp->auto_release) { $response = _openid_provider_sign($response); _openid_provider_rp_save($user->uid, $realm, TRUE); - _openid_provider_debug('automatic response authentication success using 1.0 redirect to %url (response dump:
%response)', array('%url' => $request['openid.return_to'], '%response' => var_export($response, TRUE))); return openid_redirect_http($response['openid.return_to'], $response); } else { // Unset global post variable, otherwise FAPI will assume it has been // submitted against openid_provider_form. - unset($_POST); return drupal_get_form('openid_provider_form', $response, $realm); } } @@ -178,12 +165,12 @@ function openid_provider_authentication_error($mode) { if ($mode == 'checkid_immediate') { return array( 'openid.mode' => 'id_res', - 'openid.user_setup_url' => url('user/login', array('absolute' => TRUE)) + 'openid.user_setup_url' => url('user/login', array('absolute' => TRUE)), ); } else { // checkid_setup return array( - 'openid.mode' => 'cancel' + 'openid.mode' => 'cancel', ); } } @@ -200,16 +187,20 @@ function openid_provider_unsolicited_assertion($response, $url) { $response = _openid_provider_sign($response); $query = array(); foreach ($response as $key => $value) { - $query[] = $key .'='. urlencode($value); + $query[] = $key . '=' . urlencode($value); } + + // _openid_response() expects data in $_SERVER['QUERY_STRING'] $url .= (strpos('?', $url) ? '&' : '?') . implode('&', $query); - $result = drupal_http_request($url, array(), 'GET'); + $result = drupal_http_request($url, array()); + if ($result->code == 404) { return FALSE; } return TRUE; } + function openid_provider_dh_assoc($request, $secret, $algo = 'sha1') { if (empty($request['openid.dh_consumer_public'])) { return FALSE; @@ -241,7 +232,7 @@ function openid_provider_dh_assoc($request, $secret, $algo = 'sha1') { return array( 'dh_server_public' => $spub64, 'enc_mac_key' => $enc_mac_key - ); + ); } /** @@ -268,12 +259,14 @@ function _openid_provider_dh_xorsecret($shared, $secret, $algo = 'sha1') { // Request is: Exact copies of all fields from the authentication response function openid_provider_verification_response($request) { $is_valid = TRUE; + $assoc = NULL; - // Use the request openid.assoc_handle to look up - // how this message should be signed, based on - // a previously-created association. - $assoc = db_fetch_object(db_query("SELECT * FROM {openid_provider_association} WHERE assoc_handle = '%s'", - $request['openid.assoc_handle'])); + // Use the request openid.assoc_handle to look up how this message + // should be signed, based on a previously-created association. + if (isset($request['openid.assoc_handle'])) { + $assoc_handle = $request['openid.assoc_handle']; + $assoc = db_query("SELECT * FROM {openid_provider_association} WHERE assoc_handle = :assoc_handle", array(':assoc_handle' => $assoc_handle))->fetchObject(); + } $signed_keys = explode(',', $request['openid.signed']); $signature = _openid_provider_signature($assoc, $request, $signed_keys); @@ -288,12 +281,11 @@ function openid_provider_verification_response($request) { else { $response = array( 'is_valid' => 'false', - 'invalidate_handle' => $request['openid.assoc_handle'] // optional, An association handle sent in the request + 'invalidate_handle' => $assoc_handle // optional, An association handle sent in the request, ); } $message = _openid_create_message($response); - _openid_provider_debug('verification response (response:
%message)', array('%message' => $message)); header("Content-Type: text/plain"); print $message; } @@ -304,23 +296,26 @@ function openid_provider_cancel_authentication_response($mode = 'checkid_immedia $response = array( 'openid.ns' => OPENID_NS_2_0, 'openid.mode' => 'id_res', - 'openid.user_setup_url' => url('user/login', array('absolute' => TRUE)) + 'openid.user_setup_url' => url('user/login', array('absolute' => TRUE)), ); } else { - $response = array('openid.module' => OPENID_NS_2_0, 'openid.mode' => 'cancel'); + $response = array( + 'openid.module' => OPENID_NS_2_0, + 'openid.mode' => 'cancel', + ); } return $response; } function _openid_provider_rp_load($uid, $realm = NULL) { if ($realm) { - return db_fetch_object(db_query("SELECT * FROM {openid_provider_relying_party} WHERE uid=%d AND realm='%s'", $uid, $realm)); + return db_query("SELECT * FROM {openid_provider_relying_party} WHERE uid = :uid AND realm = :realm", array(':uid' => $uid, ':realm' => $realm))->fetchObject(); } else { $rps = array(); - $result = db_query("SELECT * FROM {openid_provider_relying_party} WHERE uid=%d ORDER BY last_time DESC", $uid); - while ($rp = db_fetch_object($result)) { + $result = db_query("SELECT * FROM {openid_provider_relying_party} WHERE uid = :uid ORDER BY last_time DESC", array(':uid' => $uid)); + foreach ($result as $rp) { $rps[] = $rp; } return $rps; @@ -328,12 +323,26 @@ function _openid_provider_rp_load($uid, $realm = NULL) { } function _openid_provider_rp_save($uid, $realm, $auto_release = FALSE) { - $rpid = db_result(db_query("SELECT rpid FROM {openid_provider_relying_party} WHERE uid=%d AND realm='%s'", $uid, $realm)); + $rpid = db_query("SELECT rpid FROM {openid_provider_relying_party} WHERE uid = :uid AND realm = :realm", array(':uid' => $uid, ':realm' => $realm))->fetchField(); if ($rpid) { - db_query("UPDATE {openid_provider_relying_party} SET auto_release=%d, last_time=%d WHERE rpid=%d", $auto_release, time(), $rpid); + db_update('openid_provider_relying_party') + ->fields(array( + 'auto_release' => (int) $auto_release, + 'last_time' => REQUEST_TIME, + )) + ->condition('rpid', $rpid) + ->execute(); } else { - db_query("INSERT INTO {openid_provider_relying_party} (uid, realm, first_time, last_time, auto_release) VALUES (%d, '%s', %d, %d, %d)", $uid, $realm, time(), time(), $auto_release); + db_insert('openid_provider_relying_party') + ->fields(array( + 'uid' => $uid, + 'realm' => $realm, + 'first_time' => REQUEST_TIME, + 'last_time' => REQUEST_TIME, + 'auto_release' => (int) $auto_release, + )) + ->execute(); } } @@ -360,16 +369,20 @@ function _openid_provider_sign($response) { } } - $signed_keys = array('op_endpoint', 'return_to', 'response_nonce', 'assoc_handle', 'identity', 'claimed_id'); + $signed_keys = array('op_endpoint', 'return_to', 'response_nonce', 'identity', 'claimed_id'); + $assoc = NULL; + if (isset($response['openid.assoc_handle'])) { + $assoc_handle = $response['openid.assoc_handle']; + $signed_keys[] = 'assoc_handle'; + + // Use the request openid.assoc_handle to look up how this message + // should be signed, based on a previously-created association. + $assoc = db_query("SELECT * FROM {openid_provider_association} WHERE assoc_handle = :assoc_handle", array(':assoc_handle' => $assoc_handle))->fetchObject(); + } + $signed_keys = array_merge($signed_keys, module_invoke_all('openid_provider', 'signed', $response)); $response['openid.signed'] = implode(',', $signed_keys); - // Use the request openid.assoc_handle to look up - // how this message should be signed, based on - // a previously-created association. - $assoc = db_fetch_object(db_query("SELECT * FROM {openid_provider_association} WHERE assoc_handle = '%s'", - $response['openid.assoc_handle'])); - // Generate signature for this message $response['openid.sig'] = _openid_provider_signature($assoc, $response, $signed_keys); return $response; @@ -382,18 +395,25 @@ function _openid_provider_sign($response) { * @param array $message_array * @param array $keys_to_sign * @return string + * + * modified by mk to allow for null association */ function _openid_provider_signature($association, $message_array, $keys_to_sign) { $signature = ''; $sign_data = array(); foreach ($keys_to_sign as $key) { - if (isset($message_array['openid.'. $key])) { - $sign_data[$key] = $message_array['openid.'. $key]; + if (isset($message_array['openid.' . $key])) { + $sign_data[$key] = $message_array['openid.' . $key]; } } $message = _openid_create_message($sign_data); - $secret = base64_decode($association->mac_key); - $signature = hash_hmac($association->assoc_type == 'HMAC-SHA256' ? 'sha256' : 'sha1', $message, $secret, TRUE); + if ($association){ + $secret = base64_decode($association->mac_key); + $signature = hash_hmac($association->assoc_type == 'HMAC-SHA256' ? 'sha256' : 'sha1', $message, $secret, TRUE); + } + else { + $signature = hash('sha1',$message,TRUE); + } return base64_encode($signature); } @@ -414,14 +434,3 @@ function _openid_provider_powmod($base, $exp, $mod) { return bcpowmod($base, $exp, $mod); } } - -/** - * wrapper around the watchdog function - * - * this will log to the watchdog only if debugging is enabled - */ -function _openid_provider_debug($message, $variables = array(), $severity = WATCHDOG_DEBUG, $link = NULL) { - if (variable_get('openid_provider_debugging', false)) { - watchdog('openid_provider', $message, $variables, $severity, $link); - } -} diff --git a/openid_provider.info b/openid_provider.info old mode 100644 new mode 100755 index 2575bf3..57e9972 --- a/openid_provider.info +++ b/openid_provider.info @@ -1,6 +1,11 @@ name = "Openid Provider" description = "OpenID Provider (or server) support allows you to login to other OpenID enabled sites using your local account." -core = 6.x +core = 7.x php = 5.2 +package = OpenID dependencies[] = xrds_simple -package = OpenID \ No newline at end of file + +files[] = openid_provider.inc +files[] = openid_provider.install +files[] = openid_provider.module +files[] = openid_provider.pages.inc diff --git a/openid_provider.install b/openid_provider.install old mode 100644 new mode 100755 index 7f50cc9..6002e63 --- a/openid_provider.install +++ b/openid_provider.install @@ -1,102 +1,84 @@ t('Tracks relying parties a give user has authenticated.'), + 'description' => 'Tracks relying parties a give user has authenticated.', 'fields' => array( 'rpid' => array( 'type' => 'serial', 'unsigned' => TRUE, - 'not null' => TRUE + 'not null' => TRUE, ), 'uid' => array( 'type' => 'int', 'unsigned' => TRUE, 'not null' => TRUE, - 'description' => t('The {users}.uid that has authenticated this relying party.'), + 'description' => 'The {users}.uid that has authenticated this relying party.', ), 'realm' => array( 'type' => 'varchar', 'length' => 255, 'not null' => TRUE, 'default' => '', - 'description' => t('The OpenID realm of the authenticated relying party.'), + 'description' => 'The OpenID realm of the authenticated relying party.', ), 'first_time' => array( 'type' => 'int', 'not null' => TRUE, 'default' => 0, - 'description' => t('Timestamp of the first time this relying party was accessed.') + 'description' => 'Timestamp of the first time this relying party was accessed.', ), 'last_time' => array( 'type' => 'int', 'not null' => TRUE, 'default' => 0, - 'description' => t('Timestamp of the most recent access'), + 'description' => 'Timestamp of the most recent access', ), 'auto_release' => array( 'type' => 'int', 'not null' => TRUE, 'default' => 0, - 'description' => t('Whether or not to automatically release this relying party.') + 'description' => 'Whether or not to automatically release this relying party.', ), ), 'indexes' => array('uid' => array('uid')), - 'primary key' => array('rpid') + 'primary key' => array('rpid'), ); $schema['openid_provider_association'] = array( - 'description' => t('Stores current associaitons with relying parties.'), + 'description' => 'Stores current associaitons with relying parties.', 'fields' => array( 'assoc_handle' => array( 'type' => 'varchar', 'length' => 255, 'not null' => TRUE, - 'default' => '' + 'default' => '', ), 'assoc_type' => array( 'type' => 'varchar', 'length' => 32, 'not null' => TRUE, - 'default' => '' + 'default' => '', ), 'session_type' => array( 'type' => 'varchar', 'length' => 32, 'not null' => TRUE, - 'default' => '' + 'default' => '', ), 'mac_key' => array( 'type' => 'varchar', 'length' => 255, 'not null' => TRUE, - 'default' => '' + 'default' => '', ), 'created' => array( 'type' => 'int', @@ -107,9 +89,9 @@ function openid_provider_schema() { 'type' => 'int', 'not null' => TRUE, 'default' => 0, - ) + ), ), - 'primary key' => array('assoc_handle') + 'primary key' => array('assoc_handle'), ); return $schema; diff --git a/openid_provider.module b/openid_provider.module old mode 100644 new mode 100755 index 8fe42ec..67c693b --- a/openid_provider.module +++ b/openid_provider.module @@ -6,10 +6,10 @@ */ /** - * Implementation of hook_menu(). + * Implements hook_menu(). */ function openid_provider_menu() { - $items['admin/settings/openid-provider'] = array( + $items['admin/config/services/openid-provider'] = array( 'title' => 'OpenID Provider', 'description' => 'Configure settings for the OpenID Provider.', 'page callback' => 'drupal_get_form', @@ -22,21 +22,21 @@ function openid_provider_menu() { 'page callback' => 'openid_provider_endpoint', 'access callback' => TRUE, 'type' => MENU_CALLBACK, - 'file' => 'openid_provider.pages.inc' + 'file' => 'openid_provider.pages.inc', ); $items['openid/provider/send'] = array( 'title' => 'OpenID login', 'page callback' => 'openid_provider_send', 'access callback' => TRUE, 'type' => MENU_CALLBACK, - 'file' => 'openid_provider.pages.inc' + 'file' => 'openid_provider.pages.inc', ); $items['openid/provider/continue'] = array( 'title' => 'OpenID login', 'page callback' => 'openid_provider_continue', 'access callback' => TRUE, 'type' => MENU_CALLBACK, - 'file' => 'openid_provider.pages.inc' + 'file' => 'openid_provider.pages.inc', ); $items[openid_provider_user_path('%user')] = array( 'title' => 'OpenID Page', @@ -45,7 +45,7 @@ function openid_provider_menu() { 'description' => 'Menu callback with full access so no forbiddens are given from server requests', 'access callback' => TRUE, 'type' => MENU_CALLBACK, - 'file' => 'openid_provider.pages.inc' + 'file' => 'openid_provider.pages.inc', ); $items['user/%user/openid-sites'] = array( 'title' => 'OpenID sites', @@ -54,39 +54,48 @@ function openid_provider_menu() { 'access callback' => 'openid_provider_sites_access', 'access arguments' => array(1), 'type' => MENU_LOCAL_TASK, - 'file' => 'openid_provider.pages.inc' + 'file' => 'openid_provider.pages.inc', ); return $items; } /** - * Implementation of hook_perm(). + * Implements hook_permission(). */ -function openid_provider_perm() { - return array('manage own openid sites', 'administer openid provider'); +function openid_provider_permission() { + return array( + 'manage own openid sites' => array( + 'title' => t('manage own openid sites'), + 'description' => t('TODO Add a description for \'manage own openid sites\''), + ), + 'administer openid provider' => array( + 'title' => t('administer openid provider'), + 'description' => t('TODO Add a description for \'administer openid provider\''), + ), + ); } /** - * Implementation of hook_theme(). + * Implements hook_theme(). */ function openid_provider_theme($existing, $type, $theme, $path) { return array( 'openid_provider_sites' => array( - 'arguments' => array('form' => NULL), + 'render element' => 'form' ), ); } + /** - * Implementation of hook_init(). + * Implements hook_init(). * * Add appropriate HTML headers for XRDS and Link discovery. */ function openid_provider_init() { // Not all OpenID clients may be smart enough to do XRDS. - drupal_add_link(array('rel' => 'openid2.provider', 'href' => openid_provider_url('openid/provider'))); - drupal_add_link(array('rel' => 'openid.server', 'href' => openid_provider_url('openid/provider'))); - + drupal_add_html_head_link(array('rel' => 'openid2.provider', 'href' => openid_provider_url('openid/provider'))); + drupal_add_html_head_link(array('rel' => 'openid.server', 'href' => openid_provider_url('openid/provider'))); } /** @@ -98,50 +107,169 @@ function openid_provider_sites_access($account) { } /** - * Implementation of hook_user(). + * Update the URL aliases for an individual user account. + * + * @param $account + * A user account object. + * @param $op + * Operation being performed on the account ('insert', 'update' or + * 'bulkupdate'). + */ +function openid_provider_user_update_alias(stdClass $account, $op) { + if (module_exists('pathauto')) { + module_load_include('inc', 'pathauto'); + return pathauto_create_alias('openid_provider', $op, openid_provider_user_path($account->uid), array('user' => $account)); + } +} + +/** + * Update the URL aliases for multiple user accounts. + * + * @param $uids + * An array of user account IDs. + * @param $op + * Operation being performed on the accounts ('insert', 'update' or + * 'bulkupdate'). + */ +function openid_provider_user_update_alias_multiple(array $uids, $op) { + $accounts = user_load_multiple($uids); + foreach ($accounts as $account) openid_provider_user_update_alias($account, $op); +} + +/** + * Implements hook_user_insert(). + */ +function openid_provider_user_insert(&$edit, $account, $category) { + openid_provider_user_update_alias($account, 'insert'); +} + +/** + * Implements hook_user_update(). */ -function openid_provider_user($op, &$edit, &$account, $category = NULL) { +function openid_provider_user_update(&$edit, $account, $category) { + openid_provider_user_update_alias($account, 'update'); +} + + +/** + * Implements hook_user_delete(). + */ +function openid_provider_user_delete($account) { + if (module_exists('pathauto')) { + pathauto_path_delete_all(openid_provider_user_path($account->uid)); + } +} + +/** + * Implements hook_user_operations(). + */ +function openid_provider_user_operations() { + $operations['openid_provider_update_alias'] = array( + 'label' => t('Update OpenId alias'), + 'callback' => 'openid_provider_user_update_alias_multiple', + 'callback arguments' => array('bulkupdate') + ); + return $operations; +} + +/** + * Implements hook_user_view(). + */ +function openid_provider_user_view($account, $view_mode) { global $user; + if ($user->uid == $account->uid) { + $account->content['openid'] = array( + '#title' => t('OpenID'), + '#weight' => 10, + ); + $account->content['openid']['identity'] = array( + '#type' => 'user_profile_item', + '#title' => t('Identity'), + '#markup' => t('You may login to other OpenID enabled sites using %url', array('%url' => openid_provider_url(openid_provider_user_path($account->uid)))), + '#class' => 'openid', + ); + } +} +/** + * Implements hook_pathauto() for OpenID Provider aliases(). + */ +function openid_provider_pathauto($op) { switch ($op) { - case 'insert': - case 'update': - if (module_exists('pathauto')) { - module_load_include('inc', 'pathauto'); - // Use the username to automatically create an alias - $pathauto_user = (object) array_merge((array) $account, $edit); - if ($account->name) { - $placeholders = pathauto_get_placeholders('user', $pathauto_user); - $src = openid_provider_user_path($account->uid); - $alias = pathauto_create_alias('openid_provider', $op, $placeholders, $src, $account->uid); - } - } - break; - case 'delete': - // If the user is deleted, remove the path aliases - if (module_exists('pathauto')) { - $account = (object) $account; - path_set_alias(openid_provider_user_path($account->uid)); - } - break; - case 'view': - if ($user->uid == $account->uid) { - $account->content['openid'] = array( - '#title' => t('OpenID'), - '#weight' => 10, - ); - $account->content['openid']['identity'] = array( - '#type' => 'user_profile_item', - '#title' => t('Identity'), - '#value' => t('You may login to other OpenID enabled sites using %url', array('%url' => openid_provider_url(openid_provider_user_path($account->uid)))), - '#class' => 'openid', - ); - } + case 'settings': + $settings->module = 'openid_provider'; + $settings->token_type = 'user'; + $settings->groupheader = t('OpenID Provider settings'); + $settings->patterndescr = t('Pattern for OpenID provider identity paths'); + $settings->patterndefault = t('users/[user:name]/openid'); + $settings->batch_update_callback = 'openid_provider_bulk_update_batch_process'; + //$settings->batch_file = drupal_get_path('module', 'openid_provider') . '/openid_provider.module'; + return $settings; + default: break; } } /** + * Batch processing callback; Generate aliases for users. + */ +function openid_provider_bulk_update_batch_process(&$context) { + if (!isset($context['sandbox']['current'])) { + $context['sandbox']['count'] = 0; + $context['sandbox']['current'] = 0; + } + + $query = db_select('users', 'u'); + $query->leftJoin('url_alias', 'ua', "CONCAT('user/',u.uid,'/identity') = ua.source"); + $query->addField('u', 'uid'); + $query->isNull('ua.source'); + $query->condition('u.uid', $context['sandbox']['current'], '>'); + $query->orderBy('u.uid'); + $query->addTag('openid_provider_bulk_update'); + $query->addMetaData('entity', 'user'); + + // Get the total amount of items to process. + if (!isset($context['sandbox']['total'])) { + $context['sandbox']['total'] = $query->countQuery()->execute()->fetchField(); + + // If there are no nodes to update, then stop immediately. + if (!$context['sandbox']['total']) { + $context['finished'] = 1; + return; + } + } + + $query->range(0, 25); + $uids = $query->execute()->fetchCol(); + + openid_provider_user_update_alias_multiple($uids, 'bulkupdate'); + $context['sandbox']['count'] += count($uids); + $context['sandbox']['current'] = max($uids); + $context['message'] = t('Updated OpenId alias for user @uid.', array('@uid' => end($uids))); + + if ($context['sandbox']['count'] != $context['sandbox']['total']) { + $context['finished'] = $context['sandbox']['count'] / $context['sandbox']['total']; + } +} + +/** + * Bulk generate aliases for all Open ID identity paths without aliases. + */ +//mk this function is no longer called. some other way is used for bulk updates, which is not documented +//function openid_provider_pathauto_bulkupdate() { +// $query = "SELECT uid, name, source, alias FROM {users} LEFT JOIN {url_alias} ON CONCAT('user/', CAST(uid AS CHAR) ,'/identity') = source WHERE uid > 0 AND source IS NULL"; +// $result = db_query_range($query,0,50); +// +// $count = 0; +// foreach($result as $user) if (_mk_openid_provider_insupd('bulkupdate',$user)) $count++; +// +// drupal_set_message(format_plural($count, +// 'Bulk generation of OpenID Provider paths completed, one alias generated.', +// 'Bulk generation of OpenID Provider paths completed, @count aliases generated.')); +//} + + +/** * Return the absolute url to the path, without any language modifications. */ function openid_provider_url($path) { @@ -169,7 +297,7 @@ function openid_provider_user_path($uid) { /** * Settings form. */ -function openid_provider_admin_settings() { +function openid_provider_admin_settings($form, &$form_state) { $form = array(); $form['openid_provider_assoc_expires_in'] = array( '#type' => 'textfield', @@ -179,28 +307,20 @@ function openid_provider_admin_settings() { '#maxlength' => 10, '#description' => t('This timeout is necessary to ensure proper security of your identities. If an attacker sniffing the network gets a hold of the SHA1 hash and is somehow able to bruteforce it, he can perform a man in the middle attack and access the target site. Since brute force attacks take a long time, this timeout ensures this attack is impracticable. !readmore', array('!readmore' => l(t('More information about this issue.'), 'http://openid.net/pipermail/security/2007-February/000237.html'))), ); - $form['openid_provider_debugging'] = array( - '#type' => 'checkbox', - '#title' => t('Enable debugging'), - '#description' => t('This will enable debugging of this module to the watchdog.'), - '#default_value' => variable_get('openid_provider_debugging', false), - ); return system_settings_form($form); } /** * Return a XRDS for this server to discover it based on the root url - * - * Implementation of hook_xrds(). */ function openid_provider_xrds($account = NULL) { module_load_include('inc', 'openid'); if ($account) { - $types = array(OPENID_NS_2_0 .'/signon'); + $types = array(OPENID_NS_2_0 . '/signon'); } else { - $types = array(OPENID_NS_2_0 .'/server'); + $types = array(OPENID_NS_2_0 . '/server'); } $data = array( @@ -213,10 +333,11 @@ function openid_provider_xrds($account = NULL) { $xrds['openid_provider'] = array( 'services' => array( - array('priority' => 10, - 'data' => $data - ) - ) + array( + 'priority' => 10, + 'data' => $data, + ), + ), ); return $xrds; @@ -225,9 +346,8 @@ function openid_provider_xrds($account = NULL) { /** * Main OpenID Provider form */ -function openid_provider_form(&$form_state, $response = array(), $realm = NULL) { +function openid_provider_form($form, &$form_state, $response = array(), $realm = NULL) { global $user; - // Use form_state to store the $response and $realm values if (count($response)) { $form_state['storage']['response'] = $response; @@ -235,7 +355,7 @@ function openid_provider_form(&$form_state, $response = array(), $realm = NULL) else { $response = $form_state['storage']['response']; } - + if ($realm) { $form_state['storage']['realm'] = $realm; } @@ -243,16 +363,14 @@ function openid_provider_form(&$form_state, $response = array(), $realm = NULL) $realm = $form_state['storage']['realm']; } - $form = array(); - // Force FAPI to cache this form so that $form_state['storage'] is available // in submit handler. - $form['#cache'] = TRUE; + $form_state['cache'] = TRUE; $form['#action'] = url('openid/provider/send'); $form['intro'] = array( '#type' => 'markup', - '#value' => '
'. t('You are being logged into %site, would you like to continue?', array('%site' => $realm)) .'
' + '#markup' => '' . t('You are being logged into %site, would you like to continue?', array('%site' => $realm)) . '
', ); $form['submit_once'] = array( '#type' => 'submit', @@ -261,12 +379,12 @@ function openid_provider_form(&$form_state, $response = array(), $realm = NULL) $form['submit_always'] = array( '#type' => 'submit', '#value' => t('Yes; always'), - '#submit' => array('openid_provider_form_submit_always') + '#submit' => array('openid_provider_form_submit_always'), ); $form['cancel'] = array( '#type' => 'submit', '#value' => t('Cancel'), - '#submit' => array('openid_provider_form_submit_cancel') + '#submit' => array('openid_provider_form_submit_cancel'), ); return $form; @@ -301,58 +419,19 @@ function openid_provider_form_submit_cancel(&$form, $form_state) { module_load_include('inc', 'openid'); $return_to = $form_state['storage']['response']['openid.return_to']; - $response = openid_provider_cancel_authentication_response($form_state['openid.mode']); + $response = openid_provider_cancel_authentication_response(@$form_state['openid.mode']); openid_redirect($return_to, $response); } /** - * Implementation of hook_pathauto() for OpenID Provider aliases. - */ -function openid_provider_pathauto($op) { - switch ($op) { - case 'settings': - $settings = array(); - $settings['module'] = 'openid_provider'; - $settings['token_type'] = 'user'; - $settings['groupheader'] = t('OpenID Provider settings'); - $settings['patterndescr'] = t('Pattern for OpenID provider identity paths'); - $settings['patterndefault'] = t('users/[user-raw]/identity'); - $patterns = token_get_list('user'); - foreach ($patterns as $type => $pattern_set) { - if ($type != 'global') { - foreach ($pattern_set as $pattern => $description) { - $settings['placeholders']['['. $pattern .']'] = $description; - } - } - } - - $settings['bulkname'] = t('Bulk generate aliases for identity paths that are not aliased'); - $settings['bulkdescr'] = t('Generate aliases for all existing identity paths which do not already have aliases.'); - return (object) $settings; - default: - break; - } -} - -/** - * Bulk generate aliases for all Open ID identity paths without aliases. + * Register new hook suggestion for popup windows. */ -function openid_provider_pathauto_bulkupdate() { - // Somewhat convoluted expression, for compatibility with both MySQL and PostgreSQL - $query = "SELECT u.uid, u.name, a.src, a.dst FROM {users} u LEFT JOIN {url_alias} a ON REPLACE('%s', '%%user', CAST(u.uid AS CHAR(10))) = a.src WHERE u.uid > 0 AND a.src IS NULL"; - $result = db_query_range($query, openid_provider_user_path('%user'), 0, variable_get('pathauto_max_bulk_update', 50)); - - $count = 0; - $placeholders = array(); - while ($user = db_fetch_object($result)) { - $placeholders = pathauto_get_placeholders('user', $user); - $src = openid_provider_user_path($user->uid); - if ($alias = pathauto_create_alias('openid_provider', 'bulkupdate', $placeholders, $src, $user->uid)) { - $count++; +function openid_provider_preprocess_page(&$vars) { + if (isset($_SESSION['openid_provider']['request'])) { + $request = $_SESSION['openid_provider']['request']; + if ($request['openid.ui.mode'] == 'popup') { + $vars['classes_array'][] = 'popup'; + $vars['theme_hook_suggestions'][] = 'page__openidpopup'; } } - - drupal_set_message(format_plural($count, - 'Bulk generation of OpenID Provider paths completed, one alias generated.', - 'Bulk generation of OpenID Provider paths completed, @count aliases generated.')); } diff --git a/openid_provider.pages.inc b/openid_provider.pages.inc old mode 100644 new mode 100755 index f7087a5..2a99a8e --- a/openid_provider.pages.inc +++ b/openid_provider.pages.inc @@ -19,7 +19,6 @@ function openid_provider_endpoint($request = array()) { } if (isset($request['openid.mode'])) { - _openid_provider_debug('endpoint called in mode %mode (request dump:%request)', array('%mode' => $request['openid.mode'], '%request' => var_export($request, TRUE)));
switch ($request['openid.mode']) {
case 'associate':
openid_provider_association_response($request);
@@ -76,48 +75,48 @@ function openid_provider_send() {
* @param object $account User account object for the user.
*/
function openid_provider_sites($account) {
- drupal_set_title(check_plain($account->name));
+ drupal_set_title($account->name);
return drupal_get_form('openid_provider_sites_form', $account);
}
/**
* Form builder function for openid_provider_sites
*/
-function openid_provider_sites_form($form_state, $user = NULL) {
+function openid_provider_sites_form($form, $form_state, $user = NULL) {
if (!$user) {
global $user;
}
module_load_include('inc', 'openid_provider');
- $result = pager_query("SELECT * FROM {openid_provider_relying_party} WHERE uid=%d ORDER BY last_time DESC", 50, 0, NULL, $user->uid);
+ $result = db_query("SELECT * FROM {openid_provider_relying_party} WHERE uid=:uid ORDER BY last_time DESC", array(':uid' => $user->uid));
$form['description'] = array(
- '#type' => 'item',
- '#description' => t('Those are the sites you have used your OpenID on. Access control determines if you will be asked for approval when login into those sites using your OpenID. You can also completely deny access to those sites if you think they are malicious.'),
+ '#type' => 'item',
+ '#markup' => t('Those are the sites you have used your OpenID on. Access control determines determines if you will be asked for approval when login into those sites using your OpenID. You can also completely deny access to those sites if you think they are malicious.'),
);
$form['submit'] = array(
- '#type' => 'submit',
- '#value' => t('Update'),
+ '#type' => 'submit',
+ '#value' => t('Update'),
);
$form['auto_release']['#tree'] = TRUE;
- while ($rp = db_fetch_object($result)) {
- $rps[$rp->rpid] = '';
- $form['site'][$rp->rpid] = array(
- '#value' => l($rp->realm, $rp->realm),
- );
- $form['last_access'][$rp->rpid] = array(
- '#value' => $rp->last_time,
- );
- $form['auto_release'][$rp->rpid] = array(
- '#type' => 'checkbox',
- '#default_value' => $rp->auto_release,
- );
+ foreach ($result as $rp) {
+ $rps[$rp->rpid] = '';
+ $form['site'][$rp->rpid] = array(
+ '#markup' => l($rp->realm, $rp->realm),
+ );
+ $form['last_access'][$rp->rpid] = array(
+ '#markup' => $rp->last_time,
+ );
+ $form['auto_release'][$rp->rpid] = array(
+ '#type' => 'checkbox',
+ '#default_value' => $rp->auto_release,
+ );
}
- $form['pager'] = array('#value' => theme('pager', NULL, 50, 0));
+ $form['pager'] = array('#value' => theme('pager', array('tags' => NULL, 'element' => 0)));
$form['#theme'] = 'openid_provider_sites';
return $form;
@@ -128,7 +127,14 @@ function openid_provider_sites_form($form_state, $user = NULL) {
*/
function openid_provider_sites_form_submit($form, &$form_state) {
foreach ($form_state['values']['auto_release'] as $key => $value) {
- db_query("UPDATE {openid_provider_relying_party} SET auto_release=%d WHERE rpid=%d", $value, $key);
+ // TODO Please review the conversion of this statement to the D7 database API syntax.
+ /* db_query("UPDATE {openid_provider_relying_party} SET auto_release=%d WHERE rpid=%d", $value, $key) */
+ db_update('openid_provider_relying_party')
+ ->fields(array(
+ 'auto_release' => $value,
+ ))
+ ->condition('rpid', $key)
+ ->execute();
}
drupal_set_message(t('Settings saved.'));
}
@@ -138,11 +144,14 @@ function openid_provider_sites_form_submit($form, &$form_state) {
*
* @ingroup themeable
*/
-function theme_openid_provider_sites($form) {
+function theme_openid_provider_sites($variables) {
+ $form = $variables['form'];
// If there are rows in this form, then $form['title'] contains a list of
// the title form elements.
$header = array(t('Auto release'), t('Site'), t('Last access'));
- foreach (element_children($form['site']) as $key) {
+ $rows=array();
+ $output='';
+ if (@$form['site']) foreach (element_children($form['site']) as $key) {
$row = array();
$row[] = drupal_render($form['auto_release'][$key]);
$row[] = drupal_render($form['site'][$key]);
@@ -151,12 +160,12 @@ function theme_openid_provider_sites($form) {
}
unset($form['last_access']);
- $output .= theme('table', $header, $rows);
+ $output .= theme('table', array('header' => $header, 'rows' => $rows));
if ($form['pager']['#value']) {
$output .= drupal_render($form['pager']);
}
- $output .= drupal_render($form);
+ $output .= drupal_render_children($form);
return $output;
}