Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Updates to browserid plugin (0.40 -> 0.41)

  • Loading branch information...
commit 56c7a2fa37c47038ea48a479ab627a020c943337 1 parent 0d31125
@craigcook craigcook authored
View
796 plugins/browserid/browserid.php
@@ -4,7 +4,7 @@
Plugin URI: http://wordpress.org/extend/plugins/browserid/
Plugin Repo: https://github.com/shane-tomlinson/browserid-wordpress
Description: Mozilla Persona, the safest & easiest way to sign in
-Version: 0.37
+Version: 0.41
Author: Shane Tomlinson
Author URI: https://shanetomlinson.com
Original Author: Marcel Bokhorst
@@ -12,7 +12,7 @@
*/
/*
- Copyright (c) 2011, 2012, 2013 Marcel Bokhorst
+ Copyright (c) 2011, 2012, 2013 Shane Tomlinson, Marcel Bokhorst
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -43,44 +43,68 @@
define('c_bid_browserid_login_cookie', 'bid_browserid_login_' . COOKIEHASH);
// Define class
-if (!class_exists('M66BrowserID')) {
- class M66BrowserID {
+if (!class_exists('MozillaBrowserID')) {
+ class MozillaBrowserID {
// Class variables
var $debug = null;
// Constructor
function __construct() {
- // Get plugin options
- $options = get_option('browserid_options');
-
- // Debug mode
- $this->debug = (isset($options['browserid_debug']) && $options['browserid_debug']);
-
// Register de-activation
register_deactivation_hook(__FILE__, array(&$this, 'Deactivate'));
// Register actions & filters
add_action('init', array(&$this, 'Init'), 0);
- add_action('set_auth_cookie', array(&$this, 'Set_auth_cookie'));
- add_action('clear_auth_cookie', array(&$this, 'Clear_auth_cookie'));
- add_filter('login_message', array(&$this, 'Login_message'));
- add_action('login_form', array(&$this, 'Login_form'));
+
+ // Action link in the plugins page
+ add_filter('plugin_action_links', array(&$this, 'Plugin_action_links_filter'), 10, 2);
+
+
+ // Authentication
+ add_action('set_auth_cookie', array(&$this,
+ 'Set_auth_cookie_action'), 10, 5);
+ add_action('clear_auth_cookie', array(&$this, 'Clear_auth_cookie_action'));
+ add_filter('wp_authenticate_user', array(&$this, 'Wp_authenticate_user_filter'));
+ add_filter('login_message', array(&$this, 'Login_message_filter'));
+ add_action('login_form', array(&$this, 'Login_form_action'));
+
+
+ // Registration
+ if (self::Is_option_browserid_only_auth()) {
+ add_action('register_form', array(&$this, 'Register_form_action'));
+ add_action('user_register', array(&$this, 'Register_user_register_action'));
+ add_filter('registration_errors', array(&$this, 'Registration_errors_filter'));
+ add_filter('registration_redirect', array(&$this, 'Registration_redirect_filter'));
+ }
+
+
+ // Lost password
+ if (self::Is_option_browserid_only_auth()) {
+ add_action('lost_password', array(&$this, 'Lost_password_action'));
+ add_filter('allow_password_reset', array(&$this, 'Allow_password_reset_filter'));
+ add_filter('show_password_fields', array(&$this, 'Show_password_fields_filter'));
+ }
+
+ // Widgets and admin menu
add_action('widgets_init', create_function('', 'return register_widget("BrowserID_Widget");'));
if (is_admin()) {
- add_action('admin_menu', array(&$this, 'Admin_menu'));
- add_action('admin_init', array(&$this, 'Admin_init'));
+ add_action('admin_menu', array(&$this, 'Admin_menu_action'));
+ add_action('admin_init', array(&$this, 'Admin_init_action'));
}
+
+ // top toolbar logout button override
+ add_action('admin_bar_menu', array(&$this, 'Admin_toolbar_action'), 999);
+
add_action('http_api_curl', array(&$this, 'http_api_curl'));
- add_action('admin_bar_menu', array(&$this, 'Admin_toolbar'), 999);
// Comment integration
- if (isset($options['browserid_comments']) && $options['browserid_comments']) {
- add_filter('comment_form_default_fields', array(&$this, 'Comment_form_fields'));
- add_action('comment_form', array(&$this, 'Comment_form'));
+ if (self::Is_option_comments()) {
+ add_filter('comment_form_default_fields', array(&$this, 'Comment_form_action_default_fields_filter'));
+ add_action('comment_form', array(&$this, 'Comment_form_action'));
}
// bbPress integration
- if (isset($options['browserid_bbpress']) && $options['browserid_bbpress']) {
+ if (self::Is_option_bbpress()) {
add_action('bbp_allow_anonymous', create_function('', 'return !is_user_logged_in();'));
add_action('bbp_is_anonymous', create_function('', 'return !is_user_logged_in();'));
add_action('bbp_theme_before_topic_form_submit_button', array(&$this, 'bbPress_submit'));
@@ -109,6 +133,29 @@ function Deactivate() {
// TODO: delete options
}
+ // Add a "Settings" link to the plugin list page.
+ function Plugin_action_links_filter($links, $file) {
+ static $this_plugin;
+
+ if (!$this_plugin) {
+ $this_plugin = plugin_basename(__FILE__);
+ }
+
+ if ($file == $this_plugin) {
+ // The "page" query string value must be equal to the slug
+ // of the Settings admin page we defined earlier, which in
+ // this case equals "myplugin-settings".
+ $settings_link = '<a href="'
+ . get_bloginfo('wpurl')
+ . '/wp-admin/admin.php?page=' . __FILE__ . '">'
+ . __('Settings') . '</a>';
+ array_unshift($links, $settings_link);
+ }
+
+ return $links;
+ }
+
+
// Initialization
function Init() {
global $user_email;
@@ -118,21 +165,21 @@ function Init() {
load_plugin_textdomain(c_bid_text_domain, false, dirname(plugin_basename(__FILE__)));
// Check for assertion
- self::Check_assertion();
+ $assertion = self::Get_assertion();
+ if (!empty($assertion)) {
+ self::Check_assertion($assertion);
+ }
// Enqueue BrowserID scripts
wp_register_script('browserid', 'https://login.persona.org/include.js', array(), '', true);
// This one script takes care of all work.
wp_register_script('browserid_common', plugins_url('login.js', __FILE__), array('jquery', 'browserid'), '', true);
- $redirect = (isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : null);
- $browserid_error = (isset($_REQUEST['browserid_error']) ? $_REQUEST['browserid_error'] : null);
- $browserid_failed = __('Verification failed', c_bid_text_domain);
$data_array = array(
'siteurl' => get_site_url(null, '/'),
- 'login_redirect' => $redirect,
- 'error' => $browserid_error,
- 'failed' => $browserid_failed,
+ 'login_redirect' => self::Get_login_redirect_url(),
+ 'error' => self::Get_error_message(),
+ 'failed' => self::Get_verification_failed_message(),
'sitename' => self::Get_sitename(),
'sitelogo' => self::Get_sitelogo(),
'logout_redirect' => wp_logout_url(),
@@ -142,239 +189,275 @@ function Init() {
wp_enqueue_script('browserid_common');
}
- // Get the currently logged in user, iff they authenticated using BrowserID
- function Get_browserid_loggedin_user() {
- global $user_email;
- get_currentuserinfo();
+ // Get the redirect URL from the request
+ function Get_request_redirect_url() {
+ return (isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : null);
+ }
+
+ // Get the login redirect URL
+ function Get_login_redirect_url() {
+ // first, if a redirect is specified in the request, use that.
+ // second, if it is a new user and a new user redirect url is
+ // specified, go there.
+ // third, if if the global login redirect is specified, use that.
+ // forth, use the admin URL.
+
+ $option_redirect_url = self::Get_option_login_redir();
+ $request_redirect_url = self::Get_request_redirect_url();
+
+ if(!empty($request_redirect_url)) {
+ $redirect_to = $request_redirect_url;
+ } else if(!empty($option_redirect_url)) {
+ $redirect_to = $option_redirect_url;
+ } else {
+ $redirect_to = admin_url();
+ }
+
+ return $redirect_to;
+ }
+
+
+ // Get the error message
+ function Get_error_message() {
+ return (isset($_REQUEST['browserid_error']) ? $_REQUEST['browserid_error'] : null);
+ }
+
+ // Get the verification failed message
+ function Get_verification_failed_message() {
+ return __('Verification failed', c_bid_text_domain);
+ }
+
+ // Get the currently logged in user, iff they authenticated
+ // using BrowserID
+ function Get_browserid_loggedin_user() {
+ global $user_email;
+ get_currentuserinfo();
+
+ if ( isset( $_COOKIE[c_bid_browserid_login_cookie] ) ) {
+ return $user_email;
+ }
- if ( isset( $_COOKIE[c_bid_browserid_login_cookie] ) ) {
- return $user_email;
- }
+ return null;
+ }
+
+ // Check if an assertion is received. If one has been, verify it and
+ // log the user in. If not, continue.
+ function Check_assertion($assertion) {
+ // Verify assertion
+ $response = self::Post_assertion_to_verifier($assertion);
+
+ // Decode response. If the response is invalid, an error
+ // message will be printed.
+ $result = self::Check_verifier_response($response);
+
+ if ($result) {
+ $email = $result['email'];
+ // Succeeded
+ if (self::Is_comment())
+ self::Handle_comment($email);
+ else if (self::Is_registration())
+ self::Handle_registration($email);
+ else
+ self::Handle_login($email);
+ }
+ }
- return null;
- }
+ // Get the audience
+ function Get_audience() {
+ return $_SERVER['HTTP_HOST'];
+ }
- function Check_assertion() {
+ // Get an assertion from that request
+ function Get_assertion() {
// Workaround for Microsoft IIS bug
if (isset($_REQUEST['?browserid_assertion']))
$_REQUEST['browserid_assertion'] = $_REQUEST['?browserid_assertion'];
- // Verify received assertion
- if (isset($_REQUEST['browserid_assertion'])) {
- // Get options
- $options = get_option('browserid_options');
+ return isset($_REQUEST['browserid_assertion']) ?
+ $_REQUEST['browserid_assertion'] : null;
+ }
- // Get assertion/audience/remember me
- $assertion = $_REQUEST['browserid_assertion'];
- $audience = $_SERVER['HTTP_HOST'];
+ function Get_rememberme() {
+ return (isset($_REQUEST['rememberme']) && $_REQUEST['rememberme'] == 'true');
+ }
- $rememberme = (isset($_REQUEST['rememberme']) && $_REQUEST['rememberme'] == 'true');
+ // Post the assertion to the verifier. If the assertion does not
+ // verify, an error message will be displayed and no more processing
+ // will occur
+ function Post_assertion_to_verifier($assertion) {
+ $audience = self::Get_audience();
+
+ // Get verification server URL
+ $vserver = self::Get_option_vserver();
+
+ // No SSL verify?
+ $noverify = self::Is_option_noverify();
+
+ // Build arguments
+ $args = array(
+ 'method' => 'POST',
+ 'timeout' => 30,
+ 'redirection' => 0,
+ 'httpversion' => '1.0',
+ 'blocking' => true,
+ 'headers' => array(),
+ 'body' => array(
+ 'assertion' => $assertion,
+ 'audience' => $audience
+ ),
+ 'cookies' => array(),
+ 'sslverify' => !$noverify
+ );
- // Get verification server URL
- if (isset($options['browserid_vserver']) && $options['browserid_vserver'])
- $vserver = $options['browserid_vserver'];
- else
- $vserver = 'https://verifier.login.persona.org/verify';
-
- // No SSL verify?
- $noverify = (isset($options['browserid_noverify']) && $options['browserid_noverify']);
-
- // Build arguments
- $args = array(
- 'method' => 'POST',
- 'timeout' => 30,
- 'redirection' => 0,
- 'httpversion' => '1.0',
- 'blocking' => true,
- 'headers' => array(),
- 'body' => array(
- 'assertion' => $assertion,
- 'audience' => $audience
- ),
- 'cookies' => array(),
- 'sslverify' => !$noverify
- );
- if ($this->debug)
- update_option(c_bid_option_request, $vserver . ' ' . print_r($args, true));
-
- // Verify assertion
- $response = wp_remote_post($vserver, $args);
-
- // Check result
- if (is_wp_error($response)) {
- // Debug info
- $message = __($response->get_error_message());
- if ($this->debug) {
- update_option(c_bid_option_response, $response);
- header('Content-type: text/plain');
- echo $message . PHP_EOL;
- print_r($response);
- exit();
- }
- else
- self::Handle_error($message);
- }
- else {
- // Persist debug info
- if ($this->debug) {
- $response['vserver'] = $vserver;
- $response['audience'] = $audience;
- $response['rememberme'] = $rememberme;
- update_option(c_bid_option_response, $response);
- }
+ if (self::Is_option_debug())
+ update_option(c_bid_option_request, $vserver . ' ' . print_r($args, true));
- // Decode response
- $result = json_decode($response['body'], true);
+ // Verify assertion
+ $response = wp_remote_post($vserver, $args);
- // Check result
- if (empty($result) || empty($result['status'])) {
- // No result or status
- $message = __('Verification void', c_bid_text_domain);
- if ($this->debug) {
- header('Content-type: text/plain');
- echo $message . PHP_EOL;
- echo $response['response']['message'] . PHP_EOL;
- print_r($response);
- exit();
- }
- else
- self::Handle_error($message);
- }
- else if ($result['status'] == 'okay' &&
- $result['audience'] == $audience) {
- // Check expiry time
- $novalid = (isset($options['browserid_novalid']) && $options['browserid_novalid']);
- if ($novalid || time() < $result['expires'] / 1000)
- {
- // Succeeded
- if (self::Is_comment())
- self::Handle_comment($result);
- else
- self::Handle_login($result, $rememberme);
- }
- else {
- $message = __('Verification invalid', c_bid_text_domain);
- if ($this->debug) {
- header('Content-type: text/plain');
- echo $message . PHP_EOL;
- echo 'time=' . time() . PHP_EOL;
- print_r($result);
- exit();
- }
- else
- self::Handle_error($message);
- }
- }
- else {
- // Failed
- $message = __('Verification failed', c_bid_text_domain);
- if (isset($result['reason']))
- $message .= ': ' . __($result['reason'], c_bid_text_domain);
- if ($this->debug) {
- header('Content-type: text/plain');
- echo $message . PHP_EOL;
- echo 'audience=' . $audience . PHP_EOL;
- echo 'vserver=' . parse_url($vserver, PHP_URL_HOST) . PHP_EOL;
- echo 'time=' . time() . PHP_EOL;
- print_r($result);
- exit();
- }
- else
- self::Handle_error($message);
- }
+ // If error, print the error message and exit.
+ if (is_wp_error($response)) {
+ // Debug info
+ $message = __($response->get_error_message());
+ if (self::Is_option_debug()) {
+ update_option(c_bid_option_response, $response);
}
+
+ self::Handle_error($message, $message, $response);
+ }
+
+ // Persist debug info
+ if (self::Is_option_debug()) {
+ $response['vserver'] = self::Get_option_vserver();
+ $response['audience'] = self::Get_audience();
+ $response['rememberme'] = self::Get_rememberme();
+ update_option(c_bid_option_response, $response);
+ }
+
+
+ return $response;
+ }
+
+ // Check result. If result is either invalid or indicates a bad
+ // assertion, an error message will be printed and processing
+ // will stop. If verification succeeds, response will be returned.
+ function Check_verifier_response($response) {
+ $result = json_decode($response['body'], true);
+
+ if (empty($result) || empty($result['status'])) {
+ // No result or status
+ $message = __('Verification response invalid', c_bid_text_domain);
+
+ $debug_message = $message . PHP_EOL . $response['response']['message'];
+ }
+ else if ($result['status'] != 'okay') {
+ // Bad status
+ $message = __('Verification failed', c_bid_text_domain);
+ if (isset($result['reason']))
+ $message .= ': ' . __($result['reason'], c_bid_text_domain);
+
+ $debug_message = $message . PHP_EOL;
+ }
+ else {
+ // Succeeded
+ return $result;
}
+
+ // Verification has failed, display erorr and stop processing.
+ $debug_message .= 'audience=' . self::Get_audience() . PHP_EOL;
+ $debug_message .= 'vserver=' . parse_url(self::Get_option_vserver(), PHP_URL_HOST) . PHP_EOL;
+ $debug_message .= 'time=' . time();
+
+ self::Handle_error($message, $debug_message, $result);
}
// Determine if login or comment
function Is_comment() {
$options = get_option('browserid_options');
- if ((isset($options['browserid_comments']) && $options['browserid_comments']) ||
- (isset($options['browserid_bbpress']) && $options['browserid_bbpress']))
+ if (self::Is_option_comments() || self::Is_option_bbpress())
return (isset($_REQUEST['browserid_comment']) ? $_REQUEST['browserid_comment'] : null);
else
return null;
}
+ function Is_registration() {
+ $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : null;
+ return $action == 'register';
+ }
+
// Generic error handling
- function Handle_error($message) {
- $post_id = self::Is_comment();
- $redirect = isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : null;
- $url = ($post_id ? get_permalink($post_id) : wp_login_url($redirect));
- $url .= (strpos($url, '?') === false ? '?' : '&') . 'browserid_error=' . urlencode($message);
- if ($post_id)
- $url .= '#browserid_' . $post_id;
- wp_redirect($url);
+ function Handle_error($message, $debug_message, $result) {
+ if (self::Is_option_debug() && !empty($debug_message)) {
+ header('Content-type: text/plain');
+ echo $debug_message . PHP_EOL;
+
+ if (!empty($result)) {
+ print_r($result);
+ }
+ } else {
+ $post_id = self::Is_comment();
+ $redirect = self::Get_request_redirect_url();
+ $url = ($post_id ? get_permalink($post_id) : wp_login_url($redirect));
+ $url .= (strpos($url, '?') === false ? '?' : '&') . 'browserid_error=' . urlencode($message);
+ if ($post_id)
+ $url .= '#browserid_' . $post_id;
+ wp_redirect($url);
+ }
+
exit();
}
// Process login
- function Handle_login($result, $rememberme) {
- $options = get_option('browserid_options');
+ function Handle_login($email) {
// Login
- $user = self::Login_by_email($result['email'], $rememberme);
+ $user = self::Login_by_email($email, self::Get_rememberme());
if ($user) {
// Beam me up, Scotty!
- if (isset($result['redirect_to']))
- $redirect_to = $result['redirect_to'];
- else if (isset($options['browserid_login_redir']) && $options['browserid_login_redir'])
- $redirect_to = $options['browserid_login_redir'];
- else if (isset($_REQUEST['redirect_to']))
- $redirect_to = $_REQUEST['redirect_to'];
- else
- $redirect_to = admin_url();
+ $redirect_to = self::Get_login_redirect_url();
$redirect_to = apply_filters('login_redirect', $redirect_to, '', $user);
wp_redirect($redirect_to);
exit();
}
else {
- // User not found? If auto-registration is
- // enabled, try to create a new user with the
- // email address as the username.
- if ( !get_option('users_can_register') ) {
- $message = __('You must already have an account to log in with Persona.');
- self::Handle_error($message);
- exit();
- } else if( !isset($options['browserid_auto_create_new_users']) || !$options['browserid_auto_create_new_users']) {
- $message = __('You must already have an account to log in with Persona.');
-
- self::Handle_error($message);
- exit();
- } else {
- $user_id = wp_create_user($result['email'], 'password', $result['email']);
-
- if ($user_id) {
- if (isset($options['browserid_newuser_redir']) && $options['browserid_newuser_redir']) {
- $result['redirect_to'] = $options['browserid_newuser_redir'];
- } else {
- $result['redirect_to'] = admin_url() . 'profile.php';
- }
- self::Handle_login($result, $rememberme);
- } else {
- $message = __('New user creation failed', c_bid_text_domain);
- $message .= ' (' . $result['email'] . ')';
- if ($this->debug) {
- header('Content-type: text/plain');
- echo $message . PHP_EOL;
- print_r($result);
- }
- else
- self::Handle_error($message);
-
- exit();
- }
- }
+ $message = __('You must already have an account to log in with Persona.');
+ self::Handle_error($message);
}
}
// Login user using e-mail address
function Login_by_email($email, $rememberme) {
+ $userdata = get_user_by('email', $email);
+ return self::Login_by_userdata($userdata, $rememberme);
+ }
+
+ // Login user using id
+ function Login_by_id($user_id, $rememberme) {
+ $userdata = get_user_by('id', $user_id);
+ return self::Login_by_userdata($userdata, $rememberme);
+ }
+
+ // Login user by userdata
+ function Login_by_userdata($userdata, $rememberme) {
global $user;
$user = null;
- $userdata = get_user_by('email', $email);
if ($userdata) {
$user = new WP_User($userdata->ID);
+
+ // Check if user/blog is marked as spam. Copied out of user.php
+ if ( is_multisite() ) {
+ // Is user marked as spam?
+ if ( 1 == $user->spam)
+ return new WP_Error('invalid_username', __('<strong>ERROR</strong>: Your account has been marked as a spammer.'));
+
+ // Is a user's blog marked as spam?
+ if ( !is_super_admin( $user->ID ) && isset($user->primary_blog) ) {
+ $details = get_blog_details( $user->primary_blog );
+ if ( is_object( $details ) && $details->spam == 1 )
+ return new WP_Error('blog_suspended', __('Site Suspended.'));
+ }
+ }
+
$this->browserid_login = true;
wp_set_current_user($userdata->ID, $userdata->user_login);
wp_set_auth_cookie($userdata->ID, $rememberme);
@@ -384,9 +467,8 @@ function Login_by_email($email, $rememberme) {
}
// Process comment
- function Handle_comment($result) {
+ function Handle_comment($email) {
// Initialize
- $email = $result['email'];
$author = $_REQUEST['author'];
$url = $_REQUEST['url'];
@@ -426,45 +508,145 @@ function Handle_comment($result) {
$_POST['bbp_anonymous_website'] = $url;
}
- // Set a cookie that keeps track whether the user signed in using BrowserID
- function Set_auth_cookie($auth_cookie, $expire, $expiration, $user_id, $scheme) {
- // Persona should only manage Persona logins. If this is a BrowserID login,
- // keep track of it so that the user is not automatically logged out if
- // they log in via other means.
+ // Set a cookie that keeps track whether the user signed in
+ // using BrowserID
+ function Set_auth_cookie_action($auth_cookie, $expire, $expiration, $user_id, $scheme) {
+ // Persona should only manage Persona logins. If this is
+ // a Persona login, keep track of it so that the user is
+ // not automatically logged out if they log in via other means.
if ($this->browserid_login) {
$secure = $scheme == "secure_auth";
setcookie(c_bid_browserid_login_cookie, 1, $expire, COOKIEPATH, COOKIE_DOMAIN, $secure, true);
}
else {
- // If the user is not logged in via BrowserID, clear the cookie.
- self::Clear_auth_cookie();
+ // If the user is not logged in via BrowserID, clear the
+ // cookie.
+ self::Clear_auth_cookie_action();
}
}
- // Clear the cookie that keeps track of whether hte user signed in using BrowserID
- function Clear_auth_cookie() {
+ // Clear the cookie that keeps track of whether hte user
+ // signed in using BrowserID
+ function Clear_auth_cookie_action() {
$expire = time() - YEAR_IN_SECONDS;
setcookie(c_bid_browserid_login_cookie, ' ', $expire, COOKIEPATH, COOKIE_DOMAIN);
}
+ // Check whether normal username/password authentication is allowed
+ function Wp_authenticate_user_filter($user) {
+ if (self::Is_option_browserid_only_auth()) {
+ return new WP_error('invalid_login', 'Only BrowserID logins are allowed');
+ }
+
+ return $user;
+ }
+
// Filter login error message
- function Login_message($message) {
+ function Login_message_filter($message) {
if (isset($_REQUEST['browserid_error']))
$message .= '<div id="login_error"><strong>' . htmlentities(stripslashes($_REQUEST['browserid_error'])) . '</strong></div>';
return $message;
}
// Add login button to login page
- function Login_form() {
+ function Login_form_action() {
echo '<p>' . self::Get_loginout_html(false) . '<br /><br /></p>';
}
+ // Add Persona button to registration form and remove the email form.
+ function Register_form_action() {
+ // Only enable registration via Persona if Persona is the only
+ // authentication mechanism or else the user will not see the
+ // "check your email" screen.
+ if (self::Is_option_browserid_only_auth()) {
+ echo '<input type="hidden" name="browserid_assertion" id="browserid_assertion" />';
+
+ // XXX collapse the link stuff into Get_login_html
+ $html = '<img src="' . self::Get_image_url() . '" style="border: none; vertical-align: middle; margin-right: 5px;" />';
+ echo '<a href="#" onclick="return browserid_register();" title="Mozilla Persona" class="browserid">' . $html . '</a>';
+
+ echo '<style>#user_email,[for=user_email],#reg_passmail{display:none;}';
+ echo '#wp-submit { position: absolute; left: -9999px !important; }</style>';
+ }
+ }
+
+ // Process registration - get the email address from the assertion and
+ // process the rest of the form.
+ function Handle_registration($email) {
+ if (self::Is_option_browserid_only_auth()) {
+ // Keep track of whether the user is registering with
+ // BrowserID. Non BrowserID registrations are disabled in
+ // BrowserID only auth.
+ $this->user_registering_with_browserid = true;
+ $_POST['user_email'] = $email;
+ }
+ }
+
+
+ // Now that the user is registered, log them in
+ function Register_user_register_action($user_id) {
+ if (self::Is_option_browserid_only_auth()) {
+ return self::Login_by_id($user_id, false);
+ }
+ }
+
+ // Check if traditional registration has been disabled.
+ function Registration_errors_filter($errors) {
+ if (self::Is_option_browserid_only_auth() &&
+ !$this->user_registering_with_browserid) {
+ $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
+ $errors->add('invalid_registration',
+ sprintf(__('<strong>ERROR</strong>: '
+ . '%s uses Mozilla Persona for registration. '
+ . 'Please register using Persona.'), $blogname));
+ }
+
+ return $errors;
+ }
+
+ function Registration_redirect_filter($redirect_to) {
+ if ($redirect_to) return $redirect_to;
+
+ if (self::Is_option_browserid_only_auth()) {
+ // The user successfully signed up using Persona,
+ // send them to their profile page
+ return admin_url() . 'profile.php';
+ }
+
+ return '';
+ }
+
+ // If only BrowserID logins are allowed, a reset password form should
+ // not be shown.
+ function Lost_password_action() {
+ if (self::Is_option_browserid_only_auth()) {
+ // The blogname option is escaped with esc_html on the way into the database in sanitize_option
+ // we want to reverse this for the plain text arena of emails.
+ $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
+ login_header(__('Password reset disabled'), '<p
+ class="message">' . sprintf(__('%s uses Mozilla Persona to sign in and does not use passwords. Password reset is disabled.'), $blogname) . "</p>");
+ login_footer('user_login');
+ exit();
+ }
+ }
+
+ // Disable reset password if in BrowserID only mode
+ function Allow_password_reset_filter() {
+ return !self::Is_option_browserid_only_auth();
+ }
+
+ // Disable change password form if in BrowserID only mode
+ function Show_password_fields_filter() {
+ return !self::Is_option_browserid_only_auth();
+ }
+
+
// bbPress integration
function bbPress_submit() {
$id = bbp_get_topic_id();
if (empty($id))
$id = bbp_get_forum_id();
- self::Comment_form($id);
+ self::Comment_form_action($id);
}
// Imply anonymous commenting
@@ -473,16 +655,15 @@ function bbPress_anonymous() {
}
// Get rid of the email field in the comment form
- function Comment_form_fields($fields) {
- $options = get_option('browserid_options');
- if ((isset($options['browserid_comments']) && $options['browserid_comments'])) {
+ function Comment_form_action_default_fields_filter($fields) {
+ if (self::Is_option_comments()) {
unset($fields['email']);
}
return $fields;
}
// Add BrowserID to comment form
- function Comment_form($post_id) {
+ function Comment_form_action($post_id) {
if (!is_user_logged_in()) {
// Get link content
$options = get_option('browserid_options');
@@ -494,8 +675,8 @@ function Comment_form($post_id) {
// Render link
echo '<a href="#" id="browserid_' . $post_id . '" onclick="return browserid_comment(' . $post_id . ');" title="Mozilla Persona" class="browserid">' . $html . '</a>';
echo self::What_is();
- // If it is a Persona login, hide the submit button.
- echo '<style>#respond input[type=submit] { position: absolute; left: -9999px !important; }</style>';
+ // If it is a Persona login, hide the submit button.
+ echo '<style>#respond input[type=submit] { position: absolute; left: -9999px !important; }</style>';
// Display error message
if (isset($_REQUEST['browserid_error'])) {
@@ -549,8 +730,10 @@ function Get_loginout_html($check_login = true) {
// Hide the login form. While this does not truely prevent users from
// from logging in using the standard authentication mechanism, it
// cleans up the login form a bit.
- if (!empty($options['browserid_only_auth']))
- $html .= '<style>#user_login, [for=user_login], #user_pass, [for=user_pass], [name=log], [name=pwd] { display: none; }</style>';
+ if (self::Is_option_browserid_only_auth()) {
+ $html .= '<style>#user_login, [for=user_login], #user_pass, [for=user_pass], [name=log], [name=pwd] { display: none; }';
+ $html .= '#wp-submit { position: absolute; left: -9999px !important; }</style>';
+ }
return $html;
}
@@ -596,7 +779,7 @@ function Get_sitelogo() {
}
// Override logout on site menu
- function Admin_toolbar($wp_toolbar) {
+ function Admin_toolbar_action($wp_toolbar) {
$logged_in_user = self::Get_browserid_loggedin_user();
// If the user is signed in via Persona, replace their toolbar logout
@@ -617,7 +800,7 @@ function Admin_toolbar($wp_toolbar) {
// Register options page
- function Admin_menu() {
+ function Admin_menu_action() {
if (function_exists('add_options_page'))
add_options_page(
__('Mozilla Persona', c_bid_text_domain) . ' ' . __('Administration', c_bid_text_domain),
@@ -628,23 +811,20 @@ function Admin_menu() {
}
// Define options page
- function Admin_init() {
+ function Admin_init_action() {
register_setting('browserid_options', 'browserid_options', null);
add_settings_section('plugin_main', null, array(&$this, 'Options_main'), 'browserid');
add_settings_field('browserid_sitename', __('Site name:', c_bid_text_domain), array(&$this, 'Option_sitename'), 'browserid', 'plugin_main');
add_settings_field('browserid_sitelogo', __('Site logo:', c_bid_text_domain), array(&$this, 'Option_sitelogo'), 'browserid', 'plugin_main');
- add_settings_field('browserid_only_auth', __('Hide non-Persona login form:', c_bid_text_domain), array(&$this, 'Option_browserid_only_auth'), 'browserid', 'plugin_main');
+ add_settings_field('browserid_only_auth', __('Disable non-Persona logins:', c_bid_text_domain), array(&$this, 'Option_browserid_only_auth'), 'browserid', 'plugin_main');
add_settings_field('browserid_login_html', __('Custom login HTML:', c_bid_text_domain), array(&$this, 'Option_login_html'), 'browserid', 'plugin_main');
add_settings_field('browserid_logout_html', __('Custom logout HTML:', c_bid_text_domain), array(&$this, 'Option_logout_html'), 'browserid', 'plugin_main');
- add_settings_field('browserid_auto_create_new_users', __('Automatically create new users with the email address as the username', c_bid_text_domain), array(&$this, 'Option_auto_create_new_users'), 'browserid', 'plugin_main');
- add_settings_field('browserid_newuser_redir', __('New user redirection URL:', c_bid_text_domain), array(&$this, 'Option_newuser_redir'), 'browserid', 'plugin_main');
add_settings_field('browserid_login_redir', __('Login redirection URL:', c_bid_text_domain), array(&$this, 'Option_login_redir'), 'browserid', 'plugin_main');
add_settings_field('browserid_comments', __('Enable for comments:', c_bid_text_domain), array(&$this, 'Option_comments'), 'browserid', 'plugin_main');
add_settings_field('browserid_bbpress', __('Enable bbPress integration:', c_bid_text_domain), array(&$this, 'Option_bbpress'), 'browserid', 'plugin_main');
add_settings_field('browserid_comment_html', __('Custom comment HTML:', c_bid_text_domain), array(&$this, 'Option_comment_html'), 'browserid', 'plugin_main');
add_settings_field('browserid_vserver', __('Verification server:', c_bid_text_domain), array(&$this, 'Option_vserver'), 'browserid', 'plugin_main');
- add_settings_field('browserid_novalid', __('Do not check valid until time:', c_bid_text_domain), array(&$this, 'Option_novalid'), 'browserid', 'plugin_main');
add_settings_field('browserid_noverify', __('Do not verify SSL certificate:', c_bid_text_domain), array(&$this, 'Option_noverify'), 'browserid', 'plugin_main');
add_settings_field('browserid_debug', __('Debug mode:', c_bid_text_domain), array(&$this, 'Option_debug'), 'browserid', 'plugin_main');
}
@@ -688,23 +868,6 @@ function Option_logout_html() {
echo "<input id='browserid_logout_html' name='browserid_options[browserid_logout_html]' type='text' size='100' value='{$options['browserid_logout_html']}' />";
}
- // Should new users be created automatically with the
- // email address for the username.
- function Option_auto_create_new_users() {
- $options = get_option('browserid_options');
- $chk = (isset($options['browserid_auto_create_new_users']) && $options['browserid_auto_create_new_users'] ? " checked='checked'" : '');
- echo "<input id='browserid_auto_create_new_users' name='browserid_options[browserid_auto_create_new_users]' type='checkbox'" . $chk. "/>";
- }
-
- // New user redir URL option
- function Option_newuser_redir() {
- $options = get_option('browserid_options');
- if (empty($options['browserid_newuser_redir']))
- $options['browserid_newuser_redir'] = null;
- echo "<input id='browserid_newuser_redir' name='browserid_options[browserid_newuser_redir]' type='text' size='100' value='{$options['browserid_newuser_redir']}' />";
- echo '<br />' . __('Default User Profile', c_bid_text_domain);
- }
-
// Login redir URL option
function Option_login_redir() {
$options = get_option('browserid_options');
@@ -714,12 +877,25 @@ function Option_login_redir() {
echo '<br />' . __('Default WordPress dashboard', c_bid_text_domain);
}
+ // Get the login redir URL
+ function Get_option_login_redir() {
+ $options = get_option('browserid_options');
+ return isset($options['browserid_login_redir']) ? $options['browserid_login_redir'] : null;
+ }
+
// Enable comments integration
function Option_comments() {
$options = get_option('browserid_options');
$chk = (isset($options['browserid_comments']) && $options['browserid_comments'] ? " checked='checked'" : '');
echo "<input id='browserid_comments' name='browserid_options[browserid_comments]' type='checkbox'" . $chk. "/>";
- echo '<strong>Beta!</strong>';
+ }
+
+ // Can a user leave a comment using BrowserID
+ function Is_option_comments() {
+ $options = get_option('browserid_options');
+
+ return isset($options['browserid_comments']) &&
+ $options['browserid_comments'];
}
// Enable bbPress integration
@@ -731,6 +907,13 @@ function Option_bbpress() {
echo '<br />' . __('Enables anonymous posting implicitly', c_bid_text_domain);
}
+ function Is_option_bbpress() {
+ $options = get_option('browserid_options');
+
+ return isset($options['browserid_bbpress']) &&
+ $options['browserid_bbpress'];
+ }
+
// Comment HTML option
function Option_comment_html() {
$options = get_option('browserid_options');
@@ -748,12 +931,15 @@ function Option_vserver() {
echo '<br />' . __('Default https://verifier.login.persona.org/verify', c_bid_text_domain);
}
- // No valid until option
- function Option_novalid() {
+ function Get_option_vserver() {
$options = get_option('browserid_options');
- $chk = (isset($options['browserid_novalid']) && $options['browserid_novalid'] ? " checked='checked'" : '');
- echo "<input id='browserid_novalid' name='browserid_options[browserid_novalid]' type='checkbox'" . $chk. "/>";
- echo '<strong>' . __('Security risk!', c_bid_text_domain) . '</strong>';
+
+ if (isset($options['browserid_vserver']) && $options['browserid_vserver'])
+ $vserver = $options['browserid_vserver'];
+ else
+ $vserver = 'https://verifier.login.persona.org/verify';
+
+ return $vserver;
}
// No SSL verify option
@@ -764,6 +950,11 @@ function Option_noverify() {
echo '<strong>' . __('Security risk!', c_bid_text_domain) . '</strong>';
}
+ function Is_option_noverify() {
+ $options = get_option('browserid_options');
+ return isset($options['browserid_noverify']) && $options['browserid_noverify'];
+ }
+
// Debug option
function Option_debug() {
$options = get_option('browserid_options');
@@ -772,13 +963,26 @@ function Option_debug() {
echo '<strong>' . __('Security risk!', c_bid_text_domain) . '</strong>';
}
- // Debug option
+ // Is the debug option set
+ function Is_option_debug() {
+ $options = get_option('browserid_options');
+ return ((isset($options['browserid_debug']) && $options['browserid_debug']));
+ }
+
+ // Only allow Persona logins
function Option_browserid_only_auth() {
$options = get_option('browserid_options');
$chk = (isset($options['browserid_only_auth']) && $options['browserid_only_auth'] ? " checked='checked'" : '');
echo "<input id='browserid_only_auth' name='browserid_options[browserid_only_auth]' type='checkbox'" . $chk. "/>";
}
+ // Does the site have browserid only authentication enabled.
+ function Is_option_browserid_only_auth() {
+ $options = get_option('browserid_options');
+
+ return isset($options['browserid_only_auth']) && $options['browserid_only_auth'];
+ }
+
// Render options page
function Administration() {
?>
@@ -791,14 +995,9 @@ function Administration() {
<input type="submit" class="button-primary" value="<?php _e('Save Changes') ?>" />
</p>
</form>
- <form action="https://www.paypal.com/cgi-bin/webscr" method="post">
- <input type="hidden" name="cmd" value="_s-xclick">
- <input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHVwYJKoZIhvcNAQcEoIIHSDCCB0QCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYCNVn+0+6KlCz283aGlIVPJbPXwm4YpfVEfgQJlGT4WKuCrFGL5vaB+DiDaZVgEtF4WgL22Acb2CkoJ8nl75zUUtJO4qpZFwJGIcl27hZxT3WP+o19/VpjT4X1fLDUOtNdAjXm8lqMC9Rm/8m2tvrndVo66MSqU/TEh7wI6f0uXxjELMAkGBSsOAwIaBQAwgdQGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIlm4gwL1TxqiAgbAQhh1QBShIVUbWmZQMFDOnTiiuAxQn2lj+YIx1p8RO/9j9CL1bmy3R1w5tsin0auEqAzdIKsmiMRUNjloMrmSloTvAjkDEQmY0IodJ19CdbQBye0POtqedmeHCgEqw+0cOXalfWHrlm2G1Abz/LNUiyL2wq6PBg8p27q+5xcR6CzjRyAzsm4P2+d0YTbkZELwSNH1kPeYp2+6nTFp9e/IbDSw0zD8yWI46WfBG1D4PcKCCA4cwggODMIIC7KADAgECAgEAMA0GCSqGSIb3DQEBBQUAMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbTAeFw0wNDAyMTMxMDEzMTVaFw0zNTAyMTMxMDEzMTVaMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwUdO3fxEzEtcnI7ZKZL412XvZPugoni7i7D7prCe0AtaHTc97CYgm7NsAtJyxNLixmhLV8pyIEaiHXWAh8fPKW+R017+EmXrr9EaquPmsVvTywAAE1PMNOKqo2kl4Gxiz9zZqIajOm1fZGWcGS0f5JQ2kBqNbvbg2/Za+GJ/qwUCAwEAAaOB7jCB6zAdBgNVHQ4EFgQUlp98u8ZvF71ZP1LXChvsENZklGswgbsGA1UdIwSBszCBsIAUlp98u8ZvF71ZP1LXChvsENZklGuhgZSkgZEwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAgV86VpqAWuXvX6Oro4qJ1tYVIT5DgWpE692Ag422H7yRIr/9j/iKG4Thia/Oflx4TdL+IFJBAyPK9v6zZNZtBgPBynXb048hsP16l2vi0k5Q2JKiPDsEfBhGI+HnxLXEaUWAcVfCsQFvd2A1sxRr67ip5y2wwBelUecP3AjJ+YcxggGaMIIBlgIBATCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwCQYFKw4DAhoFAKBdMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTExMDcxNjA4NDAzMFowIwYJKoZIhvcNAQkEMRYEFAWYvtWGat4+67ovefTVzOY61K2fMA0GCSqGSIb3DQEBAQUABIGAZC5+zjCCCi1Cg7ZONfFRca5mE/wDx13NfnDJCJQ484WX16wGXnIYzVFYDV5CmS87GmQogLEUOK5jJC4htNTE4jVoNMiAlaC6sLmQcCfvb58FlnHxhvyv4Yw23ExgXgoBsf3t3EeoXmar/CavbD3trebm2llr7/uKbvvvPLqPn9g=-----END PKCS7-----">
- <input type="image" src="https://www.paypalobjects.com/en_US/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
- </form>
</div>
<?php
- if ($this->debug) {
+ if (self::Is_option_debug()) {
$options = get_option('browserid_options');
$request = get_option(c_bid_option_request);
$response = get_option(c_bid_option_response);
@@ -879,7 +1078,7 @@ function widget($args, $instance) {
if (!empty($title))
echo $before_title . $title . $after_title;
- echo "<ul><li class='only-child'>" . M66BrowserID::Get_loginout_html() . "</li></ul>";
+ echo "<ul><li class='only-child'>" . MozillaBrowserID::Get_loginout_html() . "</li></ul>";
echo $after_widget;
}
@@ -904,26 +1103,67 @@ function form($instance) {
}
// Check pre-requisites
-M66BrowserID::Check_prerequisites();
+MozillaBrowserID::Check_prerequisites();
// Start plugin
global $m66browserid;
if (empty($m66browserid)) {
- $m66browserid = new M66BrowserID();
+ $m66browserid = new MozillaBrowserID();
register_activation_hook(__FILE__, array(&$m66browserid, 'Activate'));
}
// Template tag "mozilla_persona"
if (!function_exists('mozilla_persona')) {
function mozilla_persona() {
- echo M66BrowserID::Get_loginout_html();
+ echo MozillaBrowserID::Get_loginout_html();
}
}
// Template tag "browserid_loginout"
if (!function_exists('browserid_loginout')) {
function browserid_loginout() {
- echo M66BrowserID::Get_loginout_html();
+ echo MozillaBrowserID::Get_loginout_html();
+ }
+}
+
+if (!function_exists('wp_new_user_notification')) {
+ function wp_new_user_notification($user_id, $plaintext_pass = '') {
+ $user = get_userdata( $user_id );
+
+ $user_login = stripslashes($user->user_login);
+ $user_email = stripslashes($user->user_email);
+
+ // The blogname option is escaped with esc_html on the way into the database in sanitize_option
+ // we want to reverse this for the plain text arena of emails.
+ $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
+
+ $message = sprintf(__('New user registration on your site %s:'), $blogname) . "\r\n\r\n";
+ $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
+ $message .= sprintf(__('E-mail: %s'), $user_email) . "\r\n";
+
+ @wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), $blogname), $message);
+
+ if ( empty($plaintext_pass) )
+ return;
+
+ $message = sprintf(__('Username: %s'), $user_login) . "\r\n";
+ $title = '';
+
+ // Get plugin options
+ $options = get_option('browserid_options');
+
+ // XXX Collapse this in to the Get_browserid_only_auth
+ if ((isset($options['browserid_only_auth']) &&
+ $options['browserid_only_auth'])) {
+ $message .= sprintf(__('%s uses Mozilla Persona to sign in and does not use passwords'), $blogname) . "\r\n";
+ $title .= sprintf(__('[%s] Your username'), $blogname);
+ } else {
+ $message .= sprintf(__('Password: %s'), $plaintext_pass) . "\r\n";
+ $title .= sprintf(__('[%s] Your username and password'), $blogname);
+ }
+ $message .= wp_login_url() . "\r\n";
+
+ wp_mail($user_email, $title, $message);
}
}
View
25 plugins/browserid/login.js
@@ -16,6 +16,11 @@
return authenticate("login");
};
+ window.browserid_register = function() {
+ ignoreLogout = false;
+ return authenticate("register");
+ };
+
window.browserid_comment = function() {
ignoreLogout = true;
// Save the form state to localStorage. This allows a new user to close
@@ -69,7 +74,7 @@
}
// If there was an error, log the user out.
- if (browserid_common.error) {
+ if (browserid_common.error || jQuery("#login_error").length) {
ignoreLogout = true;
navigator.id.logout();
@@ -78,10 +83,13 @@
navigator.id.watch({
loggedInUser: browserid_common.logged_in_user || null,
onlogin: function(assertion) {
- loginType = loginType || "login";
+ loginType = getLoginType(loginType);
if (loginType === "login") {
submitLoginForm(assertion);
}
+ else if (loginType === "register") {
+ submitRegistrationForm(assertion);
+ }
else if (loginType === "comment") {
submitCommentForm(assertion);
}
@@ -101,6 +109,10 @@
}
});
+ function getLoginType(loginType) {
+ return loginType || "login";
+ }
+
function authenticate(type) {
loginType = type;
@@ -131,6 +143,8 @@
if (rememberme !== null)
rememberme = rememberme.checked;
+ // Since login can happen on any page, create a form and submit it manually
+ // ignoring the normal sign in form.
var form = document.createElement("form");
form.setAttribute("style", "display: none;");
form.method = "POST";
@@ -150,6 +164,13 @@
form.submit();
}
+ function submitRegistrationForm(assertion) {
+ jQuery("#browserid_assertion").val(assertion);
+ jQuery("#browserid_assertion").val(assertion);
+
+ jQuery("#wp-submit").click();
+ }
+
function submitCommentForm(assertion) {
// If this is a new user that is verifying their email address in a new
// window, both the original window and this window will be trying to
View
17 plugins/browserid/readme.txt
@@ -3,7 +3,7 @@ Contributors: stomlinson, Marcel Bokhorst, M66B
Tags: security, admin, authentication, access, widget, login, shortcode, comment, comments, discussion, bbPress, bbPress 2.0, browserid, mozilla, persona
Requires at least: 3.1
Tested up to: 3.5.1
-Stable tag: 0.37
+Stable tag: 0.41
Implementation of Mozilla Persona (BrowserID) for WordPress
@@ -119,6 +119,21 @@ Follow these steps to install the development version:
* Click *Choose file* and select the file you downloaded before
* Click *Install*, then *Activate Plugin*
+= 0.41 =
+* Bug Fix: Fix the "missing arguments" error due to not declaring the number of expected variables to Set_auth_cookie_action.
+
+= 0.40 =
+* New Feature: Add option to disable normal username/password auth.
+* Improvement: Convert from navigator.id.get to navigator.id.watch/.request API.
+* * New Feature: If user signs out of Persona, they are signed out of the Wordpress site as well.
+* New Feature: Easier user signup when using Persona - no email verification required.
+* Improvement: Better comment integration, especially for new users.
+* Improvement: Update the login/logout widget to match styling of other Wordpress widgets.
+* Improvement: Add a "Settings" link to the BrowserID list item in the plugins list.
+* Bug Fix: Fix a bug where server clock skew from the Persona servers could prevent users from signing in.
+* Improvement: Update "Sign in" buttons to use the new Persona button style.
+* Improvement: Unify signin and comment Javascript.
+
= 0.37 =
* Bump version number for new maintainer info.
Please sign in to comment.
Something went wrong with that request. Please try again.