[BUGFIX] Fix return URL in OpenID wizard
[Packages/TYPO3.CMS.git] / typo3 / sysext / openid / Classes / Wizard.php
1 <?php
2 namespace TYPO3\CMS\Openid;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use TYPO3\CMS\Backend\Utility\BackendUtility;
18 use TYPO3\CMS\Core\Messaging\FlashMessage;
19 use TYPO3\CMS\Core\Messaging\FlashMessageService;
20 use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
21 use TYPO3\CMS\Core\Utility\GeneralUtility;
22 use TYPO3\CMS\Fluid\View\StandaloneView;
23 use TYPO3\CMS\Lang\LanguageService;
24
25 /**
26 * OpenID selection wizard for the backend
27 *
28 * @author Christian Weiske <cweiske@cweiske.de>
29 */
30 class Wizard extends OpenidService {
31
32 /**
33 * OpenID of the user after authentication
34 *
35 * @var string
36 */
37 protected $claimedId;
38
39 /**
40 * Name of the form element this wizard should write the OpenID into
41 *
42 * @var string
43 */
44 protected $parentFormItemName;
45
46 /**
47 * Name of the function that needs to be called after setting the value
48 *
49 * @var string
50 */
51 protected $parentFormFieldChangeFunc;
52
53 /**
54 * Run the wizard and output HTML.
55 *
56 * @return void
57 */
58 public function main() {
59 $p = GeneralUtility::_GP('P');
60 if (isset($p['itemName'])) {
61 $this->parentFormItemName = $p['itemName'];
62 }
63 if (isset($p['fieldChangeFunc']['TBE_EDITOR_fieldChanged'])) {
64 $this->parentFormFieldChangeFunc = $p['fieldChangeFunc']['TBE_EDITOR_fieldChanged'];
65 }
66
67 if (GeneralUtility::_GP('tx_openid_mode') === 'finish' && $this->openIDResponse === NULL) {
68 $this->includePHPOpenIDLibrary();
69 $openIdConsumer = $this->getOpenIDConsumer();
70 $this->openIDResponse = $openIdConsumer->complete($this->getReturnUrl());
71 $this->handleResponse();
72 } elseif (GeneralUtility::_POST('openid_url') != '') {
73 $openIDIdentifier = GeneralUtility::_POST('openid_url');
74 $this->sendOpenIDRequest($openIDIdentifier);
75
76 // When sendOpenIDRequest() returns, there was an error
77 $flashMessageService = GeneralUtility::makeInstance(
78 FlashMessageService::class
79 );
80 $flashMessage = GeneralUtility::makeInstance(
81 FlashMessage::class,
82 sprintf(
83 $this->getLanguageService()->sL('LLL:EXT:openid/Resources/Private/Language/Wizard.xlf:error.setup'),
84 htmlspecialchars($openIDIdentifier)
85 ),
86 $this->getLanguageService()->sL('LLL:EXT:openid/Resources/Private/Language/Wizard.xlf:title.error'),
87 FlashMessage::ERROR
88 );
89 $flashMessageService->getMessageQueueByIdentifier()->enqueue($flashMessage);
90 }
91 $this->renderHtml();
92 }
93
94 /**
95 * Return URL that shall be called by the OpenID server
96 *
97 * @return string Full URL with protocol and hostname
98 */
99 protected function getReturnUrl() {
100 $parameters = [
101 'tx_openid_mode' => 'finish',
102 'P[itemName]' => $this->parentFormItemName,
103 'P[fieldChangeFunc][TBE_EDITOR_fieldChanged]' => $this->parentFormFieldChangeFunc
104 ];
105 return BackendUtility::getModuleUrl('wizard_openid', $parameters, FALSE, TRUE);
106 }
107
108 /**
109 * Check OpenID response and set flash messages depending on its state
110 *
111 * @return void
112 */
113 protected function handleResponse() {
114 /** @var $flashMessageService FlashMessageService */
115 $flashMessageService = GeneralUtility::makeInstance(FlashMessageService::class);
116 $defaultFlashMessageQueue = $flashMessageService->getMessageQueueByIdentifier();
117
118 $lang = $this->getLanguageService();
119 if (!$this->openIDResponse instanceof \Auth_OpenID_ConsumerResponse) {
120 $flashMessage = GeneralUtility::makeInstance(
121 FlashMessage::class,
122 $lang->sL('LLL:EXT:openid/Resources/Private/Language/Wizard.xlf:error.no-response'),
123 $lang->sL('LLL:EXT:openid/Resources/Private/Language/Wizard.xlf:title.error'),
124 FlashMessage::ERROR
125 );
126 } elseif ($this->openIDResponse->status == Auth_OpenID_SUCCESS) {
127 // all fine
128 $this->claimedId = $this->getSignedParameter('openid_claimed_id');
129 $flashMessage = GeneralUtility::makeInstance(
130 FlashMessage::class,
131 sprintf(
132 $lang->sL('LLL:EXT:openid/Resources/Private/Language/Wizard.xlf:youropenid'),
133 htmlspecialchars($this->claimedId)
134 ),
135 $lang->sL('LLL:EXT:openid/Resources/Private/Language/Wizard.xlf:title.success'),
136 FlashMessage::OK
137 );
138 } elseif ($this->openIDResponse->status == Auth_OpenID_CANCEL) {
139 $flashMessage = GeneralUtility::makeInstance(
140 FlashMessage::class,
141 $lang->sL('LLL:EXT:openid/Resources/Private/Language/Wizard.xlf:error.cancelled'),
142 $lang->sL('LLL:EXT:openid/Resources/Private/Language/Wizard.xlf:title.error'),
143 FlashMessage::ERROR
144 );
145 } else {
146 // another failure. show error message and form again
147 $flashMessage = GeneralUtility::makeInstance(
148 FlashMessage::class,
149 sprintf(
150 $lang->sL('LLL:EXT:openid/Resources/Private/Language/Wizard.xlf:error.general'),
151 htmlspecialchars($this->openIDResponse->status),
152 ''
153 ),
154 $lang->sL('LLL:EXT:openid/Resources/Private/Language/Wizard.xlf:title.error'),
155 FlashMessage::ERROR
156 );
157 }
158
159 $defaultFlashMessageQueue->enqueue($flashMessage);
160 }
161
162 /**
163 * Render HTML with message and OpenID form and output it
164 *
165 * @return void
166 */
167 protected function renderHtml() {
168 // use FLUID standalone view for wizard content
169 $view = GeneralUtility::makeInstance(StandaloneView::class);
170 $view->setTemplatePathAndFilename(
171 ExtensionManagementUtility::extPath('openid') .
172 'Resources/Private/Templates/Wizard/Content.html'
173 );
174
175 /** @var $flashMessageService FlashMessageService */
176 $flashMessageService = GeneralUtility::makeInstance(FlashMessageService::class);
177 $defaultFlashMessageQueue = $flashMessageService->getMessageQueueByIdentifier();
178
179 $messages = array();
180 foreach ($defaultFlashMessageQueue->getAllMessagesAndFlush() as $message) {
181 $messages[] = $message->render();
182 }
183 $view->assign('messages', $messages);
184 $view->assign('formAction', BackendUtility::getModuleUrl('wizard_openid', [], FALSE, TRUE));
185 $view->assign('claimedId', $this->claimedId);
186 $view->assign('parentFormItemName', $this->parentFormItemName);
187 $view->assign('parentFormItemNameNoHr', strtr($this->parentFormItemName, array('_hr' => '')));
188 $view->assign('parentFormFieldChangeFunc', $this->parentFormFieldChangeFunc);
189 $view->assign('showForm', TRUE);
190 if (isset($_REQUEST['openid_url'])) {
191 $view->assign('openid_url', $_REQUEST['openid_url']);
192 }
193
194 header('HTTP/1.0 200 OK');
195 echo $view->render();
196 }
197
198 /**
199 * @return LanguageService
200 */
201 protected function getLanguageService() {
202 return $GLOBALS['LANG'];
203 }
204
205 }