Created
June 21, 2012 12:14
-
-
Save jsmolina/2965430 to your computer and use it in GitHub Desktop.
BrowserId bug number: 1605790
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Welcome to BrowserId. | |
This module provides a 'Login' button inside login form and a configurable block. | |
It also defines a Permission called 'log in using browserid', which needs to be enabled for anonymous role in order to show the Login buttons. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
231,260d230 | |
< * Return current site url | |
< * User could override it inside $conf['browserid_audience'] on settings.php | |
< * for best security | |
< * | |
< * @return string | |
< */ | |
< function _browserid_get_audience() { | |
< $audience = variable_get('browserid_audience', null); | |
< if(!empty($audience)) { | |
< return $audience; | |
< } | |
< | |
< $proto = 'http'; | |
< | |
< if(!empty($_SERVER['HTTPS']) || | |
< ((isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https')) { | |
< $proto = 'https'; | |
< } | |
< | |
< $audience = $proto . '://' . $_SERVER['SERVER_NAME']; | |
< | |
< $std_ports = array('80', '443'); | |
< if(!in_array($_SERVER['SERVER_PORT'], $std_ports)) { | |
< $audience .= ':' . $_SERVER['SERVER_PORT']; | |
< } | |
< | |
< return $audience; | |
< } | |
< | |
< /** | |
264d233 | |
< global $base_root; | |
266,269c235,238 | |
< !isset($_REQUEST['assertion']) || | |
< !isset($_REQUEST['token']) || | |
< $_REQUEST['token'] != browserid_get_token('browserid-login-csrf') | |
< ) { | |
--- | |
> !isset($_REQUEST['assertion']) || | |
> !isset($_REQUEST['token']) || | |
> $_REQUEST['token'] != browserid_get_token('browserid-login-csrf') | |
> ) { | |
272,273c241,242 | |
< // The audience (hostname+port) should also be in $_SERVER['HTTP_HOST'] but that is not safe. | |
< $audience = _browserid_get_audience(); | |
--- | |
> // The audience (hostname+port) should also be in $_SERVER['HTTP_HOST'] but that is not safe. | |
> $audience = $_SERVER['SERVER_NAME'] . ':' . $_SERVER['SERVER_PORT']; | |
275c244,245 | |
< 'https://browserid.org/verify', array( | |
--- | |
> 'https://browserid.org/verify', | |
> array( | |
278,279c248 | |
< 'headers' => array('Content-Type' => 'application/x-www-form-urlencoded') | |
< ) | |
--- | |
> ) | |
283,303c252,271 | |
< if ($data !== NULL && $data->status === 'okay') { | |
< $account = user_load_by_mail($data->email); | |
< if (!empty($account) && !empty($account->uid)) { | |
< $form_state = array('uid' => $account->uid); | |
< user_login_submit(array(), $form_state); | |
< return array( | |
< 'code' => BROWSERID_LOGIN, | |
< 'account' => $account, | |
< 'assertion' => $_REQUEST['assertion'], | |
< 'audience' => $audience, | |
< 'token' => $_REQUEST['token'], // no need to regenerate it, we've already checked it's safe | |
< ); | |
< } else { | |
< return array( | |
< 'code' => BROWSERID_REGISTER, | |
< 'email' => $data->email, | |
< 'assertion' => $_REQUEST['assertion'], | |
< 'audience' => $audience, | |
< 'token' => $_REQUEST['token'], // no need to regenerate it, we've already checked it's safe | |
< ); | |
< } | |
--- | |
> $account = user_load_by_mail($data->email); | |
> if (!empty($account) && !empty($account->uid)) { | |
> $form_state = array('uid' => $account->uid); | |
> user_login_submit(array(), $form_state); | |
> return array( | |
> 'code' => BROWSERID_LOGIN, | |
> 'account' => $account, | |
> 'assertion' => $_REQUEST['assertion'], | |
> 'audience' => $audience, | |
> 'token' => $_REQUEST['token'], // no need to regenerate it, we've already checked it's safe | |
> ); | |
> } | |
> else { | |
> return array( | |
> 'code' => BROWSERID_REGISTER, | |
> 'email' => $data->email, | |
> 'assertion' => $_REQUEST['assertion'], | |
> 'audience' => $audience, | |
> 'token' => $_REQUEST['token'], // no need to regenerate it, we've already checked it's safe | |
> ); | |
306,311d273 | |
< watchdog( | |
< 'browserid', | |
< 'There was an error on request to verifier: {%response}', | |
< array('%response' => print_r($response, 1)), | |
< WATCHDOG_ERROR | |
< ); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment