aboutsummaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorhttps://id.koumbit.net/anarcat <https://id.koumbit.net/anarcat@web>2013-09-06 17:45:07 -0400
committeradmin <admin@branchable.com>2013-09-06 17:45:07 -0400
commitcc684c4d984524f07f8ca7cb19c5e8dc5a5d5c14 (patch)
tree5ebe56c6e0c015e995f4331057368c1ea3e44022 /doc
parent9e8b2c4ecb82e85e7223c94d64dd4a3f61fb9717 (diff)
downloadikiwiki-cc684c4d984524f07f8ca7cb19c5e8dc5a5d5c14.tar
ikiwiki-cc684c4d984524f07f8ca7cb19c5e8dc5a5d5c14.tar.gz
notifyemail actually doesn't work here
Diffstat (limited to 'doc')
-rw-r--r--doc/bugs/notifyemail_fails_with_some_openid_providers.mdwn59
1 files changed, 59 insertions, 0 deletions
diff --git a/doc/bugs/notifyemail_fails_with_some_openid_providers.mdwn b/doc/bugs/notifyemail_fails_with_some_openid_providers.mdwn
new file mode 100644
index 000000000..59fe1e6fb
--- /dev/null
+++ b/doc/bugs/notifyemail_fails_with_some_openid_providers.mdwn
@@ -0,0 +1,59 @@
+This bug affects [[plugins/notifyemail]] but is probably caused more by [[plugins/openid]]. When using OpenID to login to a site, no email notification is sent to the user (pagespec set to `*`) when a modification is done on the wiki. I believe this is because the OpenID plugin assumes the email comes from the OpenID provider - which is not necessarily going to succeed if, for privacy reason, the OpenID provider refuses to transmit the email to ikiwiki.
+
+In the OpenID plugin, the email is actually fetched when authenticating and is stored in the session, like so:
+
+[[!format perl """
+sub auth ($$) {
+# [...]
+ my @extensions;
+ if ($vident->can("signed_extension_fields")) {
+ @extensions=grep { defined } (
+ $vident->signed_extension_fields('http://openid.net/extensions/sreg/1.1'),
+ $vident->signed_extension_fields('http://openid.net/srv/ax/1.0'),
+ );
+ }
+ my $nickname;
+ foreach my $ext (@extensions) {
+ foreach my $field (qw{value.email email}) {
+ if (exists $ext->{$field} &&
+ defined $ext->{$field} &&
+ length $ext->{$field}) {
+ $session->param(email => $ext->{$field});
+ if (! defined $nickname &&
+ $ext->{$field}=~/(.+)@.+/) {
+ $nickname = $1;
+ }
+ last;
+ }
+ }
+
+"""]]
+
+This is based on the assumption that the openid provider supports "sreg" or "ax" extensions, which is not mandatory, and even then, the provider is not forced to provide the email.
+
+Earlier in the plugin, the email field is actually hidden:
+
+[[!format perl """
+sub formbuilder_setup (@) {
+ my %params=@_;
+
+ my $form=$params{form};
+ my $session=$params{session};
+ my $cgi=$params{cgi};
+
+ if ($form->title eq "preferences" &&
+ IkiWiki::openiduser($session->param("name"))) {
+ $form->field(name => "openid_identifier", disabled => 1,
+ label => htmllink("", "", "ikiwiki/OpenID", noimageinline => 1),
+ value => "",
+ size => 1, force => 1,
+ fieldset => "login",
+ comment => $session->param("name"));
+ $form->field(name => "email", type => "hidden");
+ }
+}
+"""]]
+
+I believe this could be worked around simply by re-enabling that field and allowing the user to specify an email there by hand, making a note that the OpenID provider's email is used by default.
+
+Any other ideas?