summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--IkiWiki/Plugin/openid.pm44
-rw-r--r--debian/changelog2
2 files changed, 46 insertions, 0 deletions
diff --git a/IkiWiki/Plugin/openid.pm b/IkiWiki/Plugin/openid.pm
index bb99446b4..9355cd85a 100644
--- a/IkiWiki/Plugin/openid.pm
+++ b/IkiWiki/Plugin/openid.pm
@@ -90,6 +90,7 @@ sub formbuilder_setup (@) {
value => $session->param("name"),
size => 50, force => 1,
fieldset => "login");
+ $form->field(name => "email", type => "hidden");
}
}
@@ -113,6 +114,26 @@ sub validate ($$$;$) {
}
}
+ # Ask for client to provide a name and email, if possible.
+ # Try sreg and ax
+ $claimed_identity->set_extension_args(
+ 'http://openid.net/extensions/sreg/1.1',
+ {
+ optional => 'email,fullname,nickname',
+ },
+ );
+ $claimed_identity->set_extension_args(
+ 'http://openid.net/srv/ax/1.0',
+ {
+ mode => 'fetch_request',
+ 'required' => 'email,fullname,nickname,firstname',
+ 'type.email' => "http://schema.openid.net/contact/email",
+ 'type.fullname' => "http://axschema.org/namePerson",
+ 'type.nickname' => "http://axschema.org/namePerson/friendly",
+ 'type.firstname' => "http://axschema.org/namePerson/first",
+ },
+ );
+
my $check_url = $claimed_identity->check_url(
return_to => IkiWiki::cgiurl(do => "postsignin"),
trust_root => $config{cgiurl},
@@ -139,6 +160,29 @@ sub auth ($$) {
}
elsif (my $vident = $csr->verified_identity) {
$session->param(name => $vident->url);
+
+ my @extensions=grep { defined } (
+ $vident->signed_extension_fields('http://openid.net/extensions/sreg/1.1'),
+ $vident->signed_extension_fields('http://openid.net/srv/ax/1.0'),
+ );
+ foreach my $ext (@extensions) {
+ foreach my $field (qw{value.email email}) {
+ if (exists $ext->{$field} &&
+ defined $ext->{$field} &&
+ length $ext->{$field}) {
+ $session->param(email => $ext->{$field});
+ last;
+ }
+ }
+ foreach my $field (qw{value.nickname nickname value.fullname fullname value.firstname}) {
+ if (exists $ext->{$field} &&
+ defined $ext->{$field} &&
+ length $ext->{$field}) {
+ $session->param(username => $ext->{$field});
+ last;
+ }
+ }
+ }
}
else {
error("OpenID failure: ".$csr->err);
diff --git a/debian/changelog b/debian/changelog
index 9e779bb18..854d83130 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,8 @@ ikiwiki (3.20100313) UNRELEASED; urgency=low
* websetup: Add websetup_unsafe to allow marking other settings
as unsafe.
+ * openid: Use Openid Simple Registration or OpenID Attribute Exchange
+ to get the user's email address and username.
-- Joey Hess <joeyh@debian.org> Sat, 13 Mar 2010 14:48:10 -0500