aboutsummaryrefslogtreecommitdiff
path: root/IkiWiki/Plugin
diff options
context:
space:
mode:
authorjoey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071>2006-11-20 01:52:18 +0000
committerjoey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071>2006-11-20 01:52:18 +0000
commit54cf5a62cab254e923c8d73ae8bd043a1f33c3b1 (patch)
treebc30fa8f0ec7070eadb5dace8e9743272f742ba2 /IkiWiki/Plugin
parentad01bcd8b49deed11f602c43d1da8235280d5d6b (diff)
downloadikiwiki-54cf5a62cab254e923c8d73ae8bd043a1f33c3b1.tar
ikiwiki-54cf5a62cab254e923c8d73ae8bd043a1f33c3b1.tar.gz
* Make auth methods pluggable.
* Move httpauth support to a plugin. * Add an openid plugin to support logging in using OpenID.
Diffstat (limited to 'IkiWiki/Plugin')
-rw-r--r--IkiWiki/Plugin/httpauth.pm22
-rw-r--r--IkiWiki/Plugin/openid.pm101
-rw-r--r--IkiWiki/Plugin/skeleton.pm8
3 files changed, 131 insertions, 0 deletions
diff --git a/IkiWiki/Plugin/httpauth.pm b/IkiWiki/Plugin/httpauth.pm
new file mode 100644
index 000000000..336eb793a
--- /dev/null
+++ b/IkiWiki/Plugin/httpauth.pm
@@ -0,0 +1,22 @@
+#!/usr/bin/perl
+# HTTP basic auth plugin.
+package IkiWiki::Plugin::httpauth;
+
+use warnings;
+use strict;
+use IkiWiki;
+
+sub import { #{{{
+ hook(type => "auth", id => "skeleton", call => \&auth);
+} # }}}
+
+sub auth ($$) { #{{{
+ my $cgi=shift;
+ my $session=shift;
+
+ if (defined $cgi->remote_user()) {
+ $session->param("name", $cgi->remote_user());
+ }
+} #}}}
+
+1
diff --git a/IkiWiki/Plugin/openid.pm b/IkiWiki/Plugin/openid.pm
new file mode 100644
index 000000000..55b1c4b17
--- /dev/null
+++ b/IkiWiki/Plugin/openid.pm
@@ -0,0 +1,101 @@
+#!/usr/bin/perl
+# OpenID support.
+package IkiWiki::Plugin::openid;
+
+use warnings;
+use strict;
+use IkiWiki;
+
+sub import { #{{{
+ hook(type => "checkconfig", id => "smiley", call => \&checkconfig);
+ hook(type => "auth", id => "skeleton", call => \&auth);
+} # }}}
+
+sub checkconfig () { #{{{
+ # Currently part of the OpenID code is in CGI.pm, and is enabled by
+ # this setting.
+ # TODO: modularise it all out into this plugin..
+ $config{openid}=1;
+} #}}}
+
+sub auth ($$) { #{{{
+ my $q=shift;
+ my $session=shift;
+
+ if (defined $q->param('openid.mode')) {
+ my $csr=getobj($q, $session);
+
+ if (my $setup_url = $csr->user_setup_url) {
+ IkiWiki::redirect($q, $setup_url);
+ }
+ elsif ($csr->user_cancel) {
+ IkiWiki::redirect($q, $config{url});
+ }
+ elsif (my $vident = $csr->verified_identity) {
+ $session->param(name => $vident->url);
+ }
+ }
+} #}}}
+
+sub validate ($$$$) { #{{{
+ my $q=shift;
+ my $session=shift;
+ my $form=shift;
+ my $openid_url=shift;
+
+ my $csr=getobj($q, $session);
+
+ my $claimed_identity = $csr->claimed_identity($openid_url);
+ if (! $claimed_identity) {
+ # Put the error in the form and fail validation.
+ $form->field(name => "openid_url", comment => $csr->err);
+ return 0;
+ }
+ my $check_url = $claimed_identity->check_url(
+ return_to => IkiWiki::cgiurl(
+ do => $form->field("do"),
+ page => $form->field("page"),
+ title => $form->field("title"),
+ from => $form->field("from"),
+ subpage => $form->field("subpage")
+ ),
+ trust_root => $config{cgiurl},
+ delayed_return => 1,
+ );
+ # Redirect the user to the OpenID server, which will
+ # eventually bounce them back to auth() above.
+ IkiWiki::redirect($q, $check_url);
+ exit 0;
+} #}}}
+
+sub getobj ($$) { #{{{
+ my $q=shift;
+ my $session=shift;
+
+ eval q{use Net::OpenID::Consumer};
+ error($@) if $@;
+
+ my $ua;
+ eval q{use LWPx::ParanoidAgent};
+ if (! $@) {
+ $ua=LWPx::ParanoidAgent->new;
+ }
+ else {
+ $ua=LWP::UserAgent->new;
+ }
+
+ # Store the secret in the session.
+ my $secret=$session->param("openid_secret");
+ if (! defined $secret) {
+ $secret=$session->param(openid_secret => time);
+ }
+
+ return Net::OpenID::Consumer->new(
+ ua => $ua,
+ args => $q,
+ consumer_secret => $secret,
+ required_root => $config{cgiurl},
+ );
+} #}}}
+
+1
diff --git a/IkiWiki/Plugin/skeleton.pm b/IkiWiki/Plugin/skeleton.pm
index acac16c1a..f3244ae14 100644
--- a/IkiWiki/Plugin/skeleton.pm
+++ b/IkiWiki/Plugin/skeleton.pm
@@ -20,6 +20,7 @@ sub import { #{{{
hook(type => "delete", id => "skeleton", call => \&delete);
hook(type => "change", id => "skeleton", call => \&change);
hook(type => "cgi", id => "skeleton", call => \&cgi);
+ hook(type => "auth", id => "skeleton", call => \&auth);
hook(type => "savestate", id => "savestate", call => \&savestate);
} # }}}
@@ -95,6 +96,13 @@ sub cgi ($) { #{{{
debug("skeleton plugin running in cgi");
} #}}}
+sub auth ($$) { #{{{
+ my $cgi=shift;
+ my $session=shift;
+
+ debug("skeleton plugin running in auth");
+} #}}}
+
sub savestate () { #{{{
debug("skeleton plugin running in savestate");
} #}}}