--- config_defaults_inc.php Thu Nov 11 22:13:18 2010 +++ config_defaults_inc.php Fri Nov 12 00:09:52 2010 @@ -3823,3 +3823,35 @@ 'anonymous', 'content_expire', 'html_valid_tags', 'custom_headers', 'rss_key_seed', 'plugins_enabled', 'session_', 'form_security_', 'compress_html', '_page$', '_url$', ); + + /****************** + * OpenID via rpxnow.com (https://rpxnow.com/) + *******************/ + + /** + * Enable/disable open id support. + */ + $g_openid_enabled = OFF; + + /** + * The RpxNow API key for the site. Note that each site should be registered separately + * and get its own api key, otherwise, user logins will be mixed up. This is because the + * mapping between the open ids and MantisBT database id is stored in rpxnow. + */ + $g_openid_api_key = ''; + + /** + * The name of the site that is registered with rpxnow. + */ + $g_openid_site_name = ''; + + /** + * Indicates whether the rpxnow account advanced options are available. + */ + $g_openid_rpxnow_advanced_account = FALSE; + + + /** + * Used to disable the SSL verification if rpxnow ssl certificate is not valid. + */ + $g_openid_ssl_verification_disabled = FALSE; --- core.php Thu Nov 11 22:13:17 2010 +++ core.php Thu Nov 11 22:11:48 2010 @@ -118,6 +118,11 @@ function __autoload( $className ) { global $g_core_path; + # Adjust for non-standard filenames. + if ( $className == 'MantisCoreFormattingPlugin' ) { + $className = 'MantisFormattingPlugin'; + } + $t_require_path = $g_core_path . 'classes' . DIRECTORY_SEPARATOR . $className . '.class.php'; if ( file_exists( $t_require_path ) ) { --- login_page.php Thu Nov 11 22:13:19 2010 +++ login_page.php Thu Nov 11 22:11:48 2010 @@ -32,6 +32,8 @@ print_header_redirect( config_get( 'default_home_page' ) ); } + $t_core_path = config_get( 'core_path' ); + $f_error = gpc_get_bool( 'error' ); $f_cookie_error = gpc_get_bool( 'cookie_error' ); $f_return = string_sanitize_url( gpc_get_string( 'return', '' ) ); @@ -57,6 +59,8 @@ print_header_redirect( $t_uri ); exit; } + + $t_open_id_enabled = MantisOpenId::isEnabled(); # Login page shouldn't be indexed by search engines html_robots_noindex(); @@ -165,6 +169,15 @@ print_signup_link(); echo ' '; print_lost_password_link(); + + if ( $t_open_id_enabled ) { + echo '


'; + echo ''; + echo ''; + echo ''; + echo '
', MantisOpenId::getSignInLink( '' ), '', MantisOpenId::getSignInLink( lang_get( 'login_using_openid' ) ), '
', lang_get( 'get_a_new_openid' ), '
'; + } + echo ''; # @@ -241,6 +254,12 @@ } } # if 'admin_checks' +?> + + --- core/authentication_api.php Thu Nov 11 22:13:38 2010 +++ core/authentication_api.php Fri Nov 12 00:05:05 2010 @@ -171,14 +171,14 @@ * true is returned. If $p_perm_login is true, the long-term * cookie is created. * @param string $p_username a prepared username - * @param string $p_password a prepared password + * @param string $p_password a prepared password, or null to bypass password authentication (e.g. open id) * @param bool $p_perm_login whether to create a long-term cookie * @return bool indicates if authentication was successful * @access public */ function auth_attempt_login( $p_username, $p_password, $p_perm_login = false ) { $t_user_id = user_get_id_by_name( $p_username ); - + $t_login_method = config_get( 'login_method' ); if ( false === $t_user_id ) { @@ -225,8 +225,7 @@ # check for anonymous login if( !user_is_anonymous( $t_user_id ) ) { # anonymous login didn't work, so check the password - - if( !auth_does_password_match( $t_user_id, $p_password ) ) { + if ( $p_password !== null && !auth_does_password_match( $t_user_id, $p_password ) ) { user_increment_failed_login_count( $t_user_id ); return false; } --- core/user_api.php Thu Nov 11 22:13:50 2010 +++ core/user_api.php Thu Nov 11 23:01:49 2010 @@ -650,6 +650,30 @@ return $row['id']; } } +# -------------------- +# Get list of user ids with the specified email address. Only enabled users are returned. +# returns false if non found, or associative array with key = user id and value = name. +function user_get_id_name_map_by_email( $p_email ) { + $t_user_table = db_get_table( 'mantis_user_table' ); + + $query = "SELECT id, username + FROM $t_user_table + WHERE email=" . db_param() . + " AND enabled = 1"; + $result = db_query_bound( $query, array( $p_email ) ); + + if( 0 == db_num_rows( $result ) ) { + return false; + } else { + $t_user_ids = array(); + + while ( $row = db_fetch_array( $result ) ) { + $t_user_ids[(integer)$row['id']] = $row['username']; + } + + return $t_user_ids; + } +} # Get a user id from an email address function user_get_id_by_email( $p_email ) { @@ -662,7 +686,8 @@ $query = "SELECT * FROM $t_user_table - WHERE email=" . db_param(); + WHERE email=" . db_param() . + "ORDER BY access_level DESC"; $result = db_query_bound( $query, Array( $p_email ) ); if( 0 == db_num_rows( $result ) ) { --- lang/strings_english.txt Thu Nov 11 22:14:21 2010 +++ lang/strings_english.txt Thu Nov 11 22:11:48 2010 @@ -700,6 +700,8 @@ $s_login_button = 'Login'; $s_signup_link = 'Signup for a new account'; $s_lost_password_link = 'Lost your password?'; +$s_login_using_openid = 'Login using Open ID'; +$s_get_a_new_openid = 'Get a new Open ID'; # login_select_proj_page.php $s_select_project_button = 'Select Project';