You are here

function openid_authentication in Drupal 6

Same name and namespace in other branches
  1. 7 modules/openid/openid.module \openid_authentication()

Authenticate a user or attempt registration.

Parameters

$response Response values from the OpenID Provider.:

1 call to openid_authentication()
openid_authentication_page in modules/openid/openid.pages.inc
Menu callback; Process an OpenID authentication.

File

modules/openid/openid.module, line 435
Implement OpenID Relying Party support for Drupal

Code

function openid_authentication($response) {
  module_load_include('inc', 'openid');
  $identity = $response['openid.claimed_id'];
  $account = user_external_load($identity);
  if (isset($account->uid)) {
    if (!variable_get('user_email_verification', TRUE) || $account->login) {
      user_external_login($account, $_SESSION['openid']['user_login_values']);
    }
    else {
      drupal_set_message(t('You must validate your email address for this account before logging in via OpenID'));
    }
  }
  elseif (variable_get('user_register', 1)) {

    // Register new user
    $form_state['redirect'] = NULL;

    // Only signed SREG keys are included as required by OpenID Simple
    // Registration Extension 1.0, section 4.
    $signed_keys = explode(',', $response['openid.signed']);
    $form_state['values']['name'] = in_array('sreg.nickname', $signed_keys) ? $response['openid.sreg.nickname'] : '';
    $form_state['values']['mail'] = in_array('sreg.email', $signed_keys) ? $response['openid.sreg.email'] : '';
    $form_state['values']['pass'] = user_password();
    $form_state['values']['status'] = variable_get('user_register', 1) == 1;
    $form_state['values']['response'] = $response;
    $form_state['values']['auth_openid'] = $identity;
    if (empty($form_state['values']['name']) && empty($form_state['values']['mail'])) {
      drupal_set_message(t('Please complete the registration by filling out the form below. If you already have an account, you can <a href="@login">log in</a> now and add your OpenID under "My account".', array(
        '@login' => url('user/login'),
      )), 'warning');
      $success = FALSE;
    }
    else {
      $form = drupal_retrieve_form('user_register', $form_state);
      drupal_prepare_form('user_register', $form, $form_state);
      drupal_validate_form('user_register', $form, $form_state);
      $success = !form_get_errors();
      if (!$success) {
        drupal_set_message(t('Account registration using the information provided by your OpenID provider failed due to the reasons listed below. Please complete the registration by filling out the form below. If you already have an account, you can <a href="@login">log in</a> now and add your OpenID under "My account".', array(
          '@login' => url('user/login'),
        )), 'warning');

        // Append form validation errors below the above warning.
        $messages = drupal_get_messages('error');
        foreach ($messages['error'] as $message) {
          drupal_set_message($message, 'error');
        }
      }
    }
    if (!$success) {

      // We were unable to register a valid new user, redirect to standard
      // user/register and prefill with the values we received.
      $_SESSION['openid']['values'] = $form_state['values'];

      // We'll want to redirect back to the same place.
      $destination = drupal_get_destination();
      unset($_REQUEST['destination']);
      drupal_goto('user/register', $destination);
    }
    else {
      unset($form_state['values']['response']);
      $account = user_save('', $form_state['values']);

      // Terminate if an error occured during user_save().
      if (!$account) {
        drupal_set_message(t("Error saving user account."), 'error');
        drupal_goto();
      }
      user_external_login($account);
    }
    drupal_redirect_form($form, $form_state['redirect']);
  }
  else {
    drupal_set_message(t('Only site administrators can create new user accounts.'), 'error');
  }
  drupal_goto();
}