From 23de4515618b385f8280cc8785c9695c25c6e3db Mon Sep 17 00:00:00 2001
From: Victor Wagner <vitus@wagner.pp.ru>
Date: Mon, 24 Mar 2008 10:21:03 +0000
Subject: [PATCH] OpenID consumer implemented

---
 forum/forum | 92 ++++++++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 88 insertions(+), 4 deletions(-)

diff --git a/forum/forum b/forum/forum
index cad48ef..d4a04c0 100755
--- a/forum/forum
+++ b/forum/forum
@@ -19,6 +19,8 @@ use HTML::TreeBuilder;
 use Storable qw(freeze thaw);
 use Date::Parse;
 use Email::Valid;
+use LWP::UserAgent;
+use Net::OpenID::Consumer;
 #
 # ÐÐ°Ð±Ð¾Ñ Ð¿Ð¾Ð´Ð´ÐµÑÐ¶Ð¸Ð²Ð°ÐµÐ¼ÑÑ Ð´ÐµÐ¹ÑÑÐ²Ð¸Ð¹. Ð¥ÑÑ Ð²Ð¸Ð´Ð° 
 # "Ð¸Ð¼Ñ Ð¿Ð¾Ð»Ñ Ð² Ð·Ð°Ð¿ÑÐ¾ÑÐµ" =>  "ÑÑÐ½ÐºÑÐ¸Ñ Ð¾Ð±ÑÐ°Ð±Ð¾ÑÑÐ¸Ðº"
@@ -66,7 +68,7 @@ if ($cgi->request_method ne "POST") {
 # ÐÐ°Ð¿ÑÐ¾Ñ Ðº ÑÐºÑÐ¸Ð¿ÑÑ Ð¼ÐµÑÐ¾Ð´Ð¾Ð¼ GET. ÐÐ°Ð´Ð¾ Ð¿Ð¾ÐºÐ°Ð·Ð°ÑÑ ÑÐ¾ÑÐ¼Ñ, ÐµÑÐ»Ð¸ ÑÐ¾Ð»ÑÐºÐ¾ ÑÑÐ¾ Ð½Ðµ
 # ÑÐµÐ´Ð¸ÑÐµÐºÑ Ð¾Ñ OpenId-ÑÐµÑÐ²ÐµÑÐ° 
 	if ($cgi->param('openidvfy')) { 
-		openid_verify($cgi);
+		openid_verify($cgi,$forum);
 	} elsif ($cgi->param("logout")) {
 		logout('logout',$cgi,$forum);
 	} else {
@@ -522,8 +524,8 @@ sub newsession {
 sub authenticate {
 	my ($cgi,$forum) = @_; 	
 	if ($cgi->param("openidsite")) {
-		my $openid_url = sprintf($cgi->param("openidsite",$cgi->param("user")));
-		openidstart($cgi,$openid_url);
+		my $openid_url = sprintf($cgi->param("openidsite"),$cgi->param("user"));
+		openidstart($cgi,$forum,$openid_url);
 	}	
 	my %userbase;
 	dbmopen %userbase,datafile($forum,"passwd"),0644;
@@ -579,7 +581,8 @@ sub forum_redirect {
 	my ($cgi,$forum,$url) = @_;
 	if (!defined $url) {
 		$url = $cgi->param("returnto");
-		$url = $cgi->url(-base=>1).$cgi->path_info() if (!$url);
+		$url =
+		$cgi->url(-base=>1).($cgi->path_info()||$forum->{forumtop}) if !$url ;
 	}
 	print $cgi->redirect(-url=>$url,
 		($forum->{cookies}?(-cookie=>$forum->{cookies}):()));
@@ -862,4 +865,85 @@ sub get_uid {
 	close $f;
 	return sprintf ("%08s",$id);
 }
+#
+# ----------------- OpenID registration -----------------------------
+# 
+sub create_openid_consumer {
+	my ($cgi,$forum) = @_;
+	return Net::OpenID::Consumer ->new(
+		ua => LWP::UserAgent->new(),
+		args => $cgi,
+		consumer_secret=>"X9RWPo0rBE7yLja6VB3d",
+		required_root => $cgi->url(-base=>1));
+}		
 
+# openidstart - Ð²ÑÐ·ÑÐ²Ð°ÐµÑÑÑ ÐºÐ¾Ð³Ð´Ð° Ð¾Ð±Ð½Ð°ÑÑÐ¶ÐµÐ½Ð¾ ÑÑÐ¾ ÑÐµÐºÑÑÐµÐµ Ð¸Ð¼Ñ
+# Ð¿Ð¾Ð»ÑÐ·Ð¾Ð²Ð°ÑÐµÐ»Ñ, Ð¿ÑÑÐ°ÑÑÐµÐ³Ð¾ÑÑ Ð°ÑÑÐµÐ½ÑÐ¸ÑÐ¸ÑÐ¸ÑÐ¾Ð²Ð°ÑÑÑÑ, ÑÐ¾Ð´ÐµÑÐ¶Ð¸Ñ http://
+#  
+#
+
+sub openidstart {
+	my ($cgi,$forum,$openidurl) = @_;
+	#
+	# Fix duplicated http:// which can be produced by our sprintf based
+	# login system
+	#
+	$openidurl=~s!^http://http://!http://!;
+	my $csr = create_openid_consumer($cgi,$forum);
+	my $claimed_identity=$csr->claimed_identity($openidurl);
+	if (!defined $claimed_identity) {
+		show_error($forum,"Ð£ÐºÐ°Ð·Ð°Ð½Ð½Ð°Ñ URL $openidurl Ð½Ðµ ÑÐ²Ð»ÑÐµÑÑÑ OpenId"); 		
+		exit;
+	}
+	$cgi->param("openidvfy",1);
+	$cgi->delete("user");
+	$cgi->delete("openidsite");
+	$cgi->delete("password");
+	my $check_url = $claimed_identity->check_url(
+		return_to=> $cgi->url(-full=>1,-path_info=>1,-query=>1),
+		trust_root=> $cgi->url(-base=>1));
+	print $cgi->redirect(-location=>$check_url);
+	exit;
+}	
+#
+# ÐÑÐ·ÑÐ²Ð°ÐµÑÑÑ Ð¿ÑÐ¸ ÑÐµÐ´Ð¸ÑÐµÐºÑÐµ Ð¾Ñ openid producer-Ð°. ÐÑÐ¾Ð²ÐµÑÑÐµÑ, ÑÑÐ¾
+# ÑÐ´Ð°Ð»ÐµÐ½Ð½ÑÐ¹ ÑÐµÑÐ²ÐµÑ Ð¿Ð¾Ð´ÑÐ²ÐµÑÐ´Ð¸Ð» openid Ð¸ Ð²ÑÐ·ÑÐ²Ð°ÐµÑ Ð¾Ð¿ÐµÑÐ°ÑÐ¸Ñ Ð´Ð»Ñ ÐºÐ¾ÑÐ¾ÑÐ¾Ð¹
+# (Ð»Ð¸Ð±Ð¾ Ð²Ð¾Ð·Ð²ÑÐ°Ñ Ð½Ð° Ð¸ÑÑÐ¾Ð´Ð½ÑÑ ÑÑÑÐ°Ð½Ð¸ÑÑ Ð¿ÑÐ¸ Ð¾Ð¿ÐµÑÐ°ÑÐ¸Ð¸ login, Ð»Ð¸Ð±Ð¾ Ð¿Ð¾ÑÑÐ¸Ð½Ð³
+# ÑÐµÐ¿Ð»Ð¸ÐºÐ¸) 
+#
+sub openid_verify {
+	my ($cgi,$forum) = @_;
+	my $csr  = create_openid_consumer($cgi,$forum);
+	if (my $setup_url = $csr->user_setup_url) {
+		print $cgi->redirect(-location=>$setup_url);
+		exit;
+	} elsif ($csr->user_cancel) {
+		show_error($forum,"ÐÐ°Ñ openid-ÑÐµÑÐ²ÐµÑ Ð¾ÑÐºÐ°Ð·Ð°Ð»ÑÑ Ð¿Ð¾Ð´ÑÐ²ÐµÑÐ¶Ð°ÑÑ Ð²Ð°ÑÑ
+		Ð¸Ð´ÐµÐ½ÑÐ¸ÑÐ½Ð¾ÑÑÑ");
+		exit;
+	} elsif	(my $vident = $csr->verified_identity) {
+		#Ð£ÑÐ¿ÐµÑÐ½Ð°Ñ Ð°ÑÑÐµÐ½ÑÐ¸ÑÐ¸ÐºÐ°ÑÐ¸Ñ.		
+		#Ð¡Ð¾Ð·Ð´Ð°ÐµÐ¼ ÑÐµÑÑÐ¸Ñ
+		my $user = $vident->url; 
+		my %userbase;
+		dbmopen %userbase,datafile($forum,"passwd"),0664;
+		if (!$userbase{$user}) {
+			$userbase{$user} = $forum->{authenticated}={};
+		} else {
+			$forum->{authenticated} = thaw ($userbase{$user});
+		}
+		dbmclose %userbase;
+		$forum->{"authenticated"}{"user"} = $user;
+		newsession(undef,$forum,$user);
+		# ÐÑÐ»Ð¸ ÑÐºÐ°Ð·Ð°Ð½ Ð¿Ð°ÑÐ°Ð¼ÐµÑÑ reply, Ð²ÑÐ·ÑÐ²Ð°ÐµÐ¼ Ð¾Ð±ÑÐ°Ð±Ð¾ÑÐºÑ ÑÐµÐ¿Ð»Ð¸ÐºÐ¸
+		if ($cgi->param("reply")) {	
+			reply("reply",$cgi,$forum);
+			exit;
+		}	
+		#ÐÐ½Ð°ÑÐµ, Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ°ÐµÐ¼ÑÑ Ð½Ð° Ð¸ÑÑÐ¾Ð´Ð½ÑÑ ÑÑÑÐ°Ð½Ð¸ÑÑ
+		forum_redirect($cgi,$forum,undef);
+	}	else {
+		show_error($forum,"ÐÑÐ¸Ð±ÐºÐ° OpenId Ð°ÑÑÐµÐ½ÑÐ¸ÑÐ¸ÐºÐ°ÑÐ¸Ð¸");
+		exit;
+	}	
+}
-- 
2.39.2