From fb3064b6c3c1e2c4846dbe4f775707ef2a6ca676 Mon Sep 17 00:00:00 2001
From: josch <josch@7eef14d0-6ed0-489d-bf55-20463b2d70db>
Date: Thu, 3 Apr 2008 16:20:52 +0000
Subject: [PATCH] restructured openid login

git-svn-id: http://yolanda.mister-muffin.de/svn@268 7eef14d0-6ed0-489d-bf55-20463b2d70db
---
 trunk/login.pl | 96 +++++++++++++++++++++++++++-----------------------
 1 file changed, 52 insertions(+), 44 deletions(-)

diff --git a/trunk/login.pl b/trunk/login.pl
index a6206c2..b28f141 100644
--- a/trunk/login.pl
+++ b/trunk/login.pl
@@ -26,7 +26,7 @@ elsif($userinfo->{'username'})
     print output_page();
 }
 #if password is empty and username begins with http:// or ret is specified, then it's an openid login
-elsif($query->param('pass') eq '' and ($query->param('user')=~m/^http:\/\// or $query->param('ret')))
+elsif($query->param('pass') eq '' and $query->param('user')=~m/^http:\/\//)
 {
     #create our openid consumer object
     $con = Net::OpenID::Consumer->new(
@@ -47,54 +47,12 @@ elsif($query->param('pass') eq '' and ($query->param('user')=~m/^http:\/\// or $
             print "claim failed: ", $con->err;
         }
         $check_url = $claimed->check_url(
-                return_to  => "$domain/login.pl?action=login&ret=true", #on success return to this address
+                return_to  => "$domain/login.pl?action=openid", #on success return to this address
                 trust_root => $domain); #this is the string the user will be asked to trust
                 
         #redirect to openid server to check claim
         print $query->redirect($check_url);
     }
-    #we return from an identity check
-    elsif($query->param('ret'))
-    {
-        if($setup_url = $con->user_setup_url)
-        {
-            #redirect to setup url - user will give confirmation there
-            print $query->redirect($setup_url);
-        }
-        elsif ($con->user_cancel)
-        {
-            #cancelled - redirect to login form
-            print $session->header();
-            print "cancelled";
-        }
-        elsif ($vident = $con->verified_identity)
-        {
-            #we are verified!!
-            my $verified_url = $vident->url;
-            
-            #check if this openid user already is in database
-            my $sth = $dbh->prepare(qq{select 1 from users where username = ? limit 1 });
-            $sth->execute($verified_url);
-            if($sth->fetchrow_array())
-            {
-                #store session id in database
-                $dbh->do(qq{update users set sid = ? where username = ? }, undef, $session->id, $verified_url) or die $dbh->errstr;
-            }
-            else
-            {
-                #add openid user to dabase
-                $dbh->do(qq{insert into users (username, sid) values ( ?, ? ) }, undef, $verified_url, $session->id) or die $dbh->errstr;
-            }
-            
-            print $query->redirect("index.pl?information=information_logged_in");
-        }
-        else
-        {
-            #an error occured
-            print $session->header();
-            print "error validating identity: ", $con->err;
-        }
-    }
     else
     {
         #if not, print login form
@@ -103,6 +61,56 @@ elsif($query->param('pass') eq '' and ($query->param('user')=~m/^http:\/\// or $
         print output_page();
     }
 }
+#we return from an identity check
+elsif($query->param('action') eq 'openid')
+{
+    #create our openid consumer object
+    $con = Net::OpenID::Consumer->new(
+    ua => LWPx::ParanoidAgent->new, # FIXME - use LWPx::ParanoidAgent
+    cache => undef, # or File::Cache->new,
+    args => $query,
+    consumer_secret => $session->id, #is this save? don't know...
+    required_root => $domain );
+    
+    if($setup_url = $con->user_setup_url)
+    {
+        #redirect to setup url - user will give confirmation there
+        print $query->redirect($setup_url);
+    }
+    elsif ($con->user_cancel)
+    {
+        #cancelled - redirect to login form
+        print $session->header();
+        print "cancelled";
+    }
+    elsif ($vident = $con->verified_identity)
+    {
+        #we are verified!!
+        my $verified_url = $vident->url;
+        
+        #check if this openid user already is in database
+        my $sth = $dbh->prepare(qq{select 1 from users where username = ? limit 1 });
+        $sth->execute($verified_url);
+        if($sth->fetchrow_array())
+        {
+            #store session id in database
+            $dbh->do(qq{update users set sid = ? where username = ? }, undef, $session->id, $verified_url) or die $dbh->errstr;
+        }
+        else
+        {
+            #add openid user to dabase
+            $dbh->do(qq{insert into users (username, sid) values ( ?, ? ) }, undef, $verified_url, $session->id) or die $dbh->errstr;
+        }
+        
+        print $query->redirect("index.pl?information=information_logged_in");
+    }
+    else
+    {
+        #an error occured
+        print $session->header();
+        print "error validating identity: ", $con->err;
+    }
+}
 #else it's a normal login
 elsif($query->param('pass') ne '' and $query->param('user')!~m/^http:\/\// and $query->param('user') ne '')
 {