Added support for OpenID identity

Added user roles management Improvement CMS_HOOK_FORM_ALTER design. Factorized code into CMS_WIDGET_COMPOSITE Use general notion of CMS_WIDGET (and CMS_FORM allows CMS_WIDGET, and not just CMS_FORM_ITEM) Fixed various CMS_WIDGET traversal, and fixed related issue for CMS forms Fixed CMS_FORM_CHECKBOX_INPUT when no value was set. Added CMS_FORM_DATA.cached_value .. to pass computed values during validation to submit actions (mainly for optimization) Added support for @include=filename in CMS_CONFIGURATION Added CMS_WIDGET_TABLE as filled version of CMS_WIDGET_AGENT_TABLE (renamed from previous CMS_WIDGET_TABLE) Many improvements to the CMS_FORM design Some improvements to CMS_MODULE ...
2013-03-08 15:48:39 +01:00
parent 231b263a82
commit 617c48adcb
52 changed files with 2635 additions and 834 deletions
--- a/draft/application/cms/src/modules/openid/openid_cms_execution.e
+++ b/draft/application/cms/src/modules/openid/openid_cms_execution.e
@@ -0,0 +1,149 @@
+note
+	description: "Summary description for {OPENID_CMS_EXECUTION}."
+	date: "$Date$"
+	revision: "$Revision$"
+
+class
+	OPENID_CMS_EXECUTION
+
+inherit
+	CMS_EXECUTION
+
+create
+	make
+
+feature -- Execution
+
+	process
+		local
+			b: STRING
+			f: CMS_FORM
+			tf: CMS_FORM_TEXT_INPUT
+			ts: CMS_FORM_SUBMIT_INPUT
+			o: OPENID_CONSUMER
+			v: OPENID_CONSUMER_VALIDATION
+			tb: HASH_TABLE [READABLE_STRING_8, STRING_8]
+			l_uid: INTEGER
+		do
+			create b.make_empty
+			set_title ("OpenID identities")
+			if attached request.string_item ("openid.mode") as l_openid_mode then
+					-- Callback
+				create o.make (request.absolute_script_url ("/openid/login"))
+				o.ask_email (True)
+				o.ask_nickname (False)
+--				o.ask_all_info (False)
+
+				create v.make_from_items (o, request.items_as_string_items)
+				v.validate
+				if v.is_valid then
+					if attached v.identity as l_identity then
+						if attached user as u then
+							if attached service.storage.custom_value (l_identity, "openid") as obj then
+								l_uid := user_id_from_custom_value (obj)
+								if l_uid > 0 and then l_uid = u.id then
+									-- Authenticated
+									b.append ("OpenID already associated to user %""+ user_link (u) +"%"")
+								else
+									-- Wrong USER !!!
+									b.append ("OpenID already associated to another user !!!")
+								end
+							else
+									-- New OpenID association
+								create tb.make (1)
+								tb.force (l_identity, "openid_identity")
+								tb.force (u.id.out, "uid")
+								service.storage.set_custom_value (l_identity, tb, "openid")
+
+								b.append ("OpenID %""+ l_identity +"%" is now associated with user %""+ user_link (u) +"%"")
+							end
+						else
+							if
+								attached service.storage.custom_value (l_identity, "openid") as obj and then
+								attached user_id_from_custom_value (obj) as obj_uid and then
+								obj_uid > 0 and then
+								attached service.storage.user_by_id (obj_uid.to_integer) as u
+							then
+									-- Authenticated
+								set_user (u)
+								b.append ("Authenticated as %""+ user_link (u) +"%"")
+								set_redirection (user_url (u))
+							else
+									-- Register new account
+								b.append ("Register new account associated with Openid %"" + l_identity + "%"?")
+								across
+									v.attributes as c
+								loop
+									b.append ("<li>" + c.key + "=" + c.item + "</li>")
+								end
+								set_session_item ("openid.identity", l_identity)
+								if attached v.email_attribute as att_email then
+									set_session_item ("openid.email", att_email)
+								end
+								if attached v.nickname_attribute as att_nickname then
+									set_session_item ("openid.nickname", att_nickname)
+								end
+								b.append ("Create new account from your OpenID ")
+								b.append (link ("Register new account", "/user/register", Void))
+								set_redirection (url ("/user/register", Void))
+							end
+						end
+					end
+				else
+					b.append ("User authentication failed!!")
+				end
+			elseif attached request.string_item ("openid") as p_openid then
+				b.append ("Check openID: " + p_openid)
+				create o.make (request.absolute_script_url ("/openid/login"))
+				o.ask_email (True)
+				o.ask_all_info (False)
+				if attached o.auth_url (p_openid) as l_url then
+					set_redirection (l_url)
+				else
+					b.append ("Failure")
+				end
+			else
+				if attached user as u then
+					if attached service.storage.custom_value_names_where ("uid", u.id.out, "openid") as lst then
+						across
+							lst as c
+						loop
+							b.append ("<li>OpenID: " + c.item + "</li>")
+						end
+					else
+						b.append ("No OpenID associated with current account")
+					end
+				end
+				create f.make (url ("/openid/login", Void), "openid-login")
+				create tf.make ("openid")
+				tf.set_size (50)
+				tf.set_text_value ("")
+				tf.set_label ("OpenID identifier")
+				f.extend (tf)
+				create ts.make_with_text ("op", "Validate")
+				f.extend (ts)
+				f.prepare (Current)
+				f.append_to_html (theme, b)
+			end
+			set_main_content (b)
+		end
+
+	user_id_from_custom_value (lst: TABLE_ITERABLE [READABLE_STRING_8, STRING_8]): INTEGER
+		local
+			l_uid: detachable READABLE_STRING_8
+		do
+			across
+				lst as c
+			until
+				l_uid /= Void
+			loop
+				if c.key.same_string ("uid") then
+					l_uid := c.item
+				end
+			end
+			if l_uid /= Void and then l_uid.is_integer then
+				Result := l_uid.to_integer
+			end
+		end
+
+end
--- a/draft/application/cms/src/modules/openid/openid_module.e
+++ b/draft/application/cms/src/modules/openid/openid_module.e
@@ -0,0 +1,141 @@
+note
+	description: "Summary description for {OPENID_MODULE}."
+	author: ""
+	date: "$Date$"
+	revision: "$Revision$"
+
+class
+	OPENID_MODULE
+
+inherit
+	CMS_MODULE
+
+	CMS_HOOK_MENU_ALTER
+
+	CMS_HOOK_FORM_ALTER
+
+	CMS_HOOK_AUTO_REGISTER
+
+create
+	make
+
+feature {NONE} -- Initialization
+
+	make
+		do
+			name := "openid"
+			version := "1.0"
+			description := "OpenID login support"
+			package := "server"
+		end
+
+feature {CMS_SERVICE} -- Registration
+
+	service: detachable CMS_SERVICE
+
+	register (a_service: CMS_SERVICE)
+		do
+			a_service.map_uri ("/openid/login", agent handle_login)
+
+			a_service.add_menu_alter_hook (Current)
+			service := a_service
+		end
+
+feature -- Hooks
+
+	menu_alter (a_menu_system: CMS_MENU_SYSTEM; a_execution: CMS_EXECUTION)
+		local
+			lnk: CMS_LOCAL_LINK
+			req: WSF_REQUEST
+		do
+			req := a_execution.request
+			if req.path_info.starts_with ("/user") then
+				if a_execution.authenticated then
+					create lnk.make ("Openid identities", "/openid/login")
+				else
+					create lnk.make ("Login with Openid", "/openid/login")
+				end
+	--			a_menu_system.management_menu.extend (lnk)
+				a_menu_system.primary_tabs.extend (lnk)
+			end
+		end
+
+	form_alter (a_form: CMS_FORM; a_form_data: detachable CMS_FORM_DATA; a_execution: CMS_EXECUTION)
+		local
+			i: CMS_FORM_DIV
+			fh: CMS_FORM_HIDDEN_INPUT
+		do
+			if a_form.id.same_string ("openid-login") then
+				create i.make_with_text_and_css_id (
+					"Login with " + a_execution.link ("OpenID", "/openid/login", Void)
+							+ " , " + a_execution.link ("Google", "/openid/login?openid=https://www.google.com/accounts/o8/id", Void)
+							+ " , " + a_execution.link ("Yahoo", "/openid/login?openid=https://me.yahoo.com/", Void)
+							,
+					"openid"
+					)
+				a_form.extend (i)
+			elseif a_form.id.same_string ("user-login") then
+				create i.make_with_text_and_css_id (
+					"Login with " + a_execution.link ("OpenID", "/openid/login", Void)
+							+ " , " + a_execution.link ("Google", "/openid/login?openid=https://www.google.com/accounts/o8/id", Void)
+							+ " , " + a_execution.link ("Yahoo", "/openid/login?openid=https://me.yahoo.com/", Void)
+							,
+					"openid"
+					)
+				if attached a_form.items_by_type ({CMS_WIDGET_TEXT}) as lst and then not lst.is_empty then
+					a_form.insert_before (i, lst.last)
+				else
+					a_form.extend (i)
+				end
+			elseif a_form.id.same_string ("user-register") then
+				if attached {READABLE_STRING_GENERAL} a_execution.session_item ("openid.identity") as l_openid_identity then
+					create fh.make_with_text ("openid-identity", l_openid_identity.to_string_32)
+					a_execution.remove_session_item ("openid.identity")
+					a_form.extend (fh)
+					a_form.extend_text ("The new account will be associated with OpenID %""+ l_openid_identity +"%"")
+					if attached {READABLE_STRING_GENERAL} a_execution.session_item ("openid.nickname") as l_openid_nickname then
+						if attached a_form.fields_by_name ("username") as f_lst then
+							across
+								f_lst as c
+							loop
+								if attached {CMS_FORM_TEXT_INPUT} c.item as txt then
+									txt.set_text_value (l_openid_nickname.to_string_32)
+								end
+							end
+						end
+						a_execution.remove_session_item ("openid.nickname")
+					end
+					if attached {READABLE_STRING_GENERAL} a_execution.session_item ("openid.email") as l_openid_email then
+						if attached a_form.fields_by_name ("email") as f_lst then
+							across
+								f_lst as c
+							loop
+								if attached {CMS_FORM_TEXT_INPUT} c.item as txt then
+									txt.set_text_value (l_openid_email.to_string_32)
+								end
+							end
+						end
+						a_execution.remove_session_item ("openid.email")
+					end
+					a_form.submit_actions.extend (agent openid_user_register_submitted)
+				end
+			end
+		end
+
+	openid_user_register_submitted (a_form_data: CMS_FORM_DATA)
+		do
+
+		end
+
+feature -- Access
+
+	handle_login (req: WSF_REQUEST; res: WSF_RESPONSE)
+		do
+			if attached service as l_service then
+				(create {OPENID_CMS_EXECUTION}.make (req, res, l_service)).execute
+			else
+				res.set_status_code ({HTTP_STATUS_CODE}.expectation_failed)
+			end
+		end
+
+end