aboutsummaryrefslogtreecommitdiff
path: root/IkiWiki/Plugin
diff options
context:
space:
mode:
authorJoey Hess <joey@kitenet.net>2013-06-29 13:31:47 -0400
committerJoey Hess <joey@kitenet.net>2013-06-29 13:31:47 -0400
commitc849a9f409e8b3cd5091dd8b674670850d7bd3b9 (patch)
tree602022235a6f623ebb69b128b8b91e6a4258befa /IkiWiki/Plugin
parent6b079261a5f58ea7986952dd1fcaf3911bcfd7bc (diff)
downloadikiwiki-c849a9f409e8b3cd5091dd8b674670850d7bd3b9.tar
ikiwiki-c849a9f409e8b3cd5091dd8b674670850d7bd3b9.tar.gz
openid: Automatically upgrade openid_realm to https when accessed via https.
Diffstat (limited to 'IkiWiki/Plugin')
-rw-r--r--IkiWiki/Plugin/openid.pm15
1 files changed, 12 insertions, 3 deletions
diff --git a/IkiWiki/Plugin/openid.pm b/IkiWiki/Plugin/openid.pm
index 40a956849..e3b9982f2 100644
--- a/IkiWiki/Plugin/openid.pm
+++ b/IkiWiki/Plugin/openid.pm
@@ -156,8 +156,8 @@ sub validate ($$$;$) {
$trust_root=$cgiurl if ! defined $trust_root;
my $check_url = $claimed_identity->check_url(
- return_to => "$cgiurl?do=postsignin",
- trust_root => $trust_root,
+ return_to => auto_upgrade_https($q, "$cgiurl?do=postsignin"),
+ trust_root => auto_upgrade_https($q, $trust_root),
delayed_return => 1,
);
# Redirect the user to the OpenID server, which will
@@ -258,10 +258,19 @@ sub getobj ($$) {
ua => $ua,
args => $q,
consumer_secret => sub { return shift()+$secret },
- required_root => $cgiurl,
+ required_root => auto_upgrade_https($q, $cgiurl),
);
}
+sub auto_upgrade_https {
+ my $q=shift;
+ my $url=shift;
+ if ($q->https()) {
+ $url=~s/^http:/https:/i;
+ }
+ return $url;
+}
+
sub load_openid_module {
# Give up if module is unavailable to avoid needing to depend on it.
eval q{use Net::OpenID::Consumer};