diff options
Diffstat (limited to 'IkiWiki/Plugin')
| -rw-r--r-- | IkiWiki/Plugin/openid.pm | 44 | ||||
| -rw-r--r-- | IkiWiki/Plugin/websetup.pm | 22 |
2 files changed, 62 insertions, 4 deletions
diff --git a/IkiWiki/Plugin/openid.pm b/IkiWiki/Plugin/openid.pm index bb99446b4..9355cd85a 100644 --- a/IkiWiki/Plugin/openid.pm +++ b/IkiWiki/Plugin/openid.pm @@ -90,6 +90,7 @@ sub formbuilder_setup (@) { value => $session->param("name"), size => 50, force => 1, fieldset => "login"); + $form->field(name => "email", type => "hidden"); } } @@ -113,6 +114,26 @@ sub validate ($$$;$) { } } + # Ask for client to provide a name and email, if possible. + # Try sreg and ax + $claimed_identity->set_extension_args( + 'http://openid.net/extensions/sreg/1.1', + { + optional => 'email,fullname,nickname', + }, + ); + $claimed_identity->set_extension_args( + 'http://openid.net/srv/ax/1.0', + { + mode => 'fetch_request', + 'required' => 'email,fullname,nickname,firstname', + 'type.email' => "http://schema.openid.net/contact/email", + 'type.fullname' => "http://axschema.org/namePerson", + 'type.nickname' => "http://axschema.org/namePerson/friendly", + 'type.firstname' => "http://axschema.org/namePerson/first", + }, + ); + my $check_url = $claimed_identity->check_url( return_to => IkiWiki::cgiurl(do => "postsignin"), trust_root => $config{cgiurl}, @@ -139,6 +160,29 @@ sub auth ($$) { } elsif (my $vident = $csr->verified_identity) { $session->param(name => $vident->url); + + my @extensions=grep { defined } ( + $vident->signed_extension_fields('http://openid.net/extensions/sreg/1.1'), + $vident->signed_extension_fields('http://openid.net/srv/ax/1.0'), + ); + foreach my $ext (@extensions) { + foreach my $field (qw{value.email email}) { + if (exists $ext->{$field} && + defined $ext->{$field} && + length $ext->{$field}) { + $session->param(email => $ext->{$field}); + last; + } + } + foreach my $field (qw{value.nickname nickname value.fullname fullname value.firstname}) { + if (exists $ext->{$field} && + defined $ext->{$field} && + length $ext->{$field}) { + $session->param(username => $ext->{$field}); + last; + } + } + } } else { error("OpenID failure: ".$csr->err); diff --git a/IkiWiki/Plugin/websetup.pm b/IkiWiki/Plugin/websetup.pm index 5c19c9b63..d444c0a3d 100644 --- a/IkiWiki/Plugin/websetup.pm +++ b/IkiWiki/Plugin/websetup.pm @@ -27,6 +27,13 @@ sub getsetup () { safe => 0, rebuild => 0, }, + websetup_unsafe => { + type => "string", + example => [], + description => "list of additional setup field keys to treat as unsafe", + safe => 0, + rebuild => 0, + }, websetup_show_unsafe => { type => "boolean", example => 1, @@ -57,6 +64,12 @@ sub formatexample ($$) { } } +sub issafe ($) { + my $key=shift; + + return ! grep { $_ eq $key } @{$config{websetup_unsafe}}; +} + sub showfields ($$$@) { my $form=shift; my $plugin=shift; @@ -78,7 +91,8 @@ sub showfields ($$$@) { # XXX hashes not handled yet next if ref $config{$key} && ref $config{$key} eq 'HASH' || ref $info{example} eq 'HASH'; # maybe skip unsafe settings - next if ! $info{safe} && ! ($config{websetup_show_unsafe} && $config{websetup_advanced}); + next if ! ($config{websetup_show_unsafe} && $config{websetup_advanced}) && + (! $info{safe} || ! issafe($key)); # maybe skip advanced settings next if $info{advanced} && ! $config{websetup_advanced}; # these are handled specially, so don't show @@ -156,7 +170,7 @@ sub showfields ($$$@) { if (ref $value eq 'ARRAY' || ref $info{example} eq 'ARRAY') { $value=[(ref $value eq 'ARRAY' ? map { Encode::encode_utf8($_) } @{$value} : "")]; - push @$value, "", "" if $info{safe}; # blank items for expansion + push @$value, "", "" if $info{safe} && issafe($key); # blank items for expansion } else { $value=Encode::encode_utf8($value); @@ -210,7 +224,7 @@ sub showfields ($$$@) { } } - if (! $info{safe}) { + if (! $info{safe} || ! issafe($key)) { $form->field(name => $name, disabled => 1); } else { @@ -346,7 +360,7 @@ sub showform ($$) { @value=0; } - if (! $info{safe}) { + if (! $info{safe} || ! issafe($key)) { error("unsafe field $key"); # should never happen } |