aboutsummaryrefslogtreecommitdiff
path: root/IkiWiki/Plugin/openid.pm
Commit message (Collapse)AuthorAge
* useragent: Automatically choose whether to use LWPx::ParanoidAgentSimon McVittie2019-02-26
| | | | | | | | | | | | | The simple implementation of this, which I'd prefer to use, would be: if we can import LWPx::ParanoidAgent, use it; otherwise, use LWP::UserAgent. However, aggregate has historically worked with proxies, and LWPx::ParanoidAgent quite reasonably refuses to work with proxies (because it can't know whether those proxies are going to do the same filtering that LWPx::ParanoidAgent would). Signed-off-by: Simon McVittie <smcv@debian.org>
* Do not directly enable emailauth by default, only indirectly via openidSimon McVittie2015-05-27
| | | | | | | This avoids nasty surprises on upgrade if a site is using httpauth, or passwordauth with an account_creation_password, and relying on only a select group of users being able to edit the site. We can revisit this for ikiwiki 4.
* emailauth link sent and verified; user login worksJoey Hess2015-05-13
| | | | | Still some work to do since the user name is an email address and should not be leaked.
* Converted openid-selector into a more generic loginselector helper plugin.Joey Hess2015-05-13
|
* rename openid selector files to login-selectorJoey Hess2015-05-13
|
* further generalization of openid selectorJoey Hess2015-05-13
| | | | Now template variables can be set to control which login methods are shown
* generalized the openid selector to a login selectorJoey Hess2015-05-13
| | | | | | | | | This includes some CSS changes to names of elements. Also, added Email login button (doesn't work yet of course), and brought back the small openid login buttons. Demoted yahoo and verison to small buttons. This makes the big buttons be the main login types, and the small buttons be provider-specific helpers.
* When openid and passwordauth are the only enabled auth plugins, make the ↵Joey Hess2015-05-13
| | | | openid selector display "Password" instead of "Other", so users are more likely to click on it when they don't have an openid.
* openid: Stop suppressing the email field on the Preferences page.Joey Hess2014-11-06
| | | | | This is needed for notifyemail, and not all openid providers report an email address, or necessarily the one the user wants to get email.
* IkiWiki::Plugin::openid: as a precaution, do not call non-coderefsAmitai Schlair2014-10-16
| | | | | | | | We're running under "use strict" here, so if CGI->param's array-context misbehaviour passes an extra non-ref parameter, it shouldn't be executed anyway... but it's as well to be safe. [commit message added by smcv]
* Make sure we do not pass multiple CGI parameters in function callsSimon McVittie2014-10-16
| | | | | | | | | | | When CGI->param is called in list context, such as in function parameters, it expands to all the potentially multiple values of the parameter: for instance, if we parse query string a=b&a=c&d=e and call func($cgi->param('a')), that's equivalent to func('b', 'c'). Most of the functions we're calling do not expect that. I do not believe this is an exploitable security vulnerability in ikiwiki, but it was exploitable in Bugzilla.
* Bug#737121: ikiwiki: [PATCH] Implement configuration option to set the user ↵Tuomas Jormola2014-02-01
| | | | | | | | | | | | | | | | agent string for outbound HTTP requests Package: ikiwiki Version: 3.20140125 Severity: wishlist By default, LWP::UserAgent used by IkiWiki to perform outbound HTTP requests sends the string "libwww-perl/<version number>" as User-Agent header in HTTP requests. Some blogging platforms have blacklisted the user agent and won't serve any content for clients using this user agent string. With IkiWiki configuration option "useragent" it's now possible to define a custom string that is used for the value of the User-Agent header.
* Honor proxy env vars and reliably honor cookiejar.Amitai Schlair2013-07-27
|
* openid: Automatically upgrade openid_realm to https when accessed via https.Joey Hess2013-06-29
|
* openid: Display openid in Preferences page as a comment, so it can be ↵Joey Hess2012-12-04
| | | | selected in all browsers.
* updated jquery and made it its own underlayJoey Hess2011-06-15
|
* openid: also use Net::INET6Glue if availableJoey Hess2011-05-09
|
* use cgitemplate, remove misctemplateJoey Hess2011-01-05
|
* use CGI->url to get current absolute cgi url for openid login processJoey Hess2010-12-25
|
* revert cgiurl change that broke openid loginJoey Hess2010-12-25
|
* Use local paths for the CGI URLSimon McVittie2010-11-23
|
* Use local paths for redirection where possibleSimon McVittie2010-11-23
|
* openid: Fix handling of utf-8 nicknames.Joey Hess2010-07-11
|
* move nickname sanitization outJoey Hess2010-07-04
| | | | | | Probably best to store it unsanitized and sanitize as needed on use. And it already was for comments, leaving only the need to sanitize the nickname when git committing, to ensure the email address is legal.
* further sanitize nickname charactersJoey Hess2010-07-04
|
* finializing openid nickname supportJoey Hess2010-06-23
| | | | | | | Renamed usershort => nickname. Note that this means existing user login sessions will not have the nickname recorded, and so it won't be used for those.
* take username from email address as fallbackJoey Hess2010-06-23
|
* realm is an url patternJoey Hess2010-06-11
|
* openid: Add openid_realm and openid_cgiurl configuration options, useful in ↵Joey Hess2010-06-11
| | | | a few edge case setups.
* moved non-openid signin form into same page as openid selector; show/hide as ↵Joey Hess2010-05-08
| | | | buttons are pressed
* scale display form to match openid sizeJoey Hess2010-05-07
|
* Removed the openidsignup option.Joey Hess2010-05-07
|
* bugfixJoey Hess2010-05-07
| | | | Always load IkiWiki::CGI so its cgi_signin is present, so we replace it.
* bugfixJoey Hess2010-05-07
|
* remove loginlabel, not usedJoey Hess2010-05-07
|
* pretty openid loginJoey Hess2010-05-07
| | | | | | | * openid: Incorporated a fancy openid-selector signin form. (http://code.google.com/p/openid-selector/) * openid: Use "openid_identifier" as the form field, as required by OpenID Authentication v2.0 spec.
* patch hidden field setting codeJoey Hess2010-05-07
| | | | Fixes http://code.google.com/p/openid-selector/issues/detail?id=11#c3
* fix back-compat with old Net::OpenIDJoey Hess2010-03-24
| | | | Debian stable's Net::OpenID does not support getting extension fields.
* openid: Use Openid Simple Registration or OpenID Attribute Exchange to get ↵Joey Hess2010-03-13
| | | | | | | | | | | | | the user's email address and username. The info is stored in the session database, not the user database. There should be no reason to need it when a user is not logged in. Also, hide the email field in the preferences page for openid users. Note that the email and username are not yet actually used for anything. The email will be useful for gravatar, while the username might be used for a more pretty display of the openid.
* Group related plugins into sections in the setup file, and drop unused rcs ↵Joey Hess2010-02-11
| | | | plugins from the setup file.
* httpauth: When cgiauthurl is configured, httpauth can now be used alongside ↵Joey Hess2010-02-11
| | | | other authentication methods (like openid or anonok). Rather than always redirect to the cgiauthurl for authentication, there is now a button on the login form to use it.
* Improve display of openid in preferences page.Joey Hess2010-02-04
| | | | | | | | | Now that openiduser is in IkiWiki core, it's ok to have passwordauth check for it, and avoid displaying useless password fields when showing preferences for an openid. Also improved the styling of the display of the openid in the preferneces page.
* Move OpenID pretty-printing from openid plugin to coreSimon McVittie2009-07-10
| | | | | | | | On various sites I have two IkiWiki instances running from the same repository: one accessible via http and only accepting openid logins, and one accessible via authenticated https and only accepting httpauth. The https version should still pretty-print OpenIDs seen in git history, even though it does not itself accept OpenID logins.
* Update IkiWiki::openiduser to work with Net::OpenID 2.xSimon McVittie2009-07-07
| | | | | | | openiduser previously used a constructor that no longer works in 2.x. However, all we actually want is the (undocumented) DisplayOfURL function that is invoked by the display method, so try to use that. (cherry picked from commit c3dd0ff5c7c10743107f203a5b456fdcd1b171df)
* finalise version 3.00 of the plugin apiJoey Hess2008-12-23
|
* openid: in &openiduser, allow subdirectory-style providers to end with '/'Simon McVittie2008-12-21
| | | | | This improves the display of OpenIDs like 'http://id.mayfirst.org/jamie/' (taking an example from the IkiWiki commit log).
* openid: in &openiduser, let domain-style providers have arbitrarily many ↵Simon McVittie2008-12-21
| | | | | | | | subdomains This leads to better display for OpenIDs like smcv.pseudorandom.co.uk and thm.id.fedoraproject.org (to take a couple of examples from the IkiWiki commit history).
* Coding style change: Remove explcit vim folding markers.Joey Hess2008-12-17
|
* include perl error in warning about openidJoey Hess2008-09-23
| | | | | it may be some other module missing, this way you can tell by reading the log
* add plugin safe/rebuild info (part 2 of 3)Joey Hess2008-08-03
| | | | (brain.. melting..)