Browse Source

always use indielogin.com

has better handling of profile URL redirects and error reporting
main
Aaron Parecki 6 years ago
parent
commit
d445489286
No known key found for this signature in database GPG Key ID: 276C2817346D6056
2 changed files with 25 additions and 19 deletions
  1. +2
    -18
      controllers/Auth.php
  2. +23
    -1
      views/login.php

+ 2
- 18
controllers/Auth.php View File

@ -41,23 +41,14 @@ class Auth {
return $response; return $response;
} }
$authorizationEndpoint = IndieAuth\Client::discoverAuthorizationEndpoint($me);
$state = JWT::encode([ $state = JWT::encode([
'me' => $me, 'me' => $me,
'authorization_endpoint' => $authorizationEndpoint,
'return_to' => $request->get('return_to'), 'return_to' => $request->get('return_to'),
'time' => time(), 'time' => time(),
'exp' => time()+300 // verified by the JWT library 'exp' => time()+300 // verified by the JWT library
], Config::$secretKey); ], Config::$secretKey);
if($authorizationEndpoint) {
// If the user specified only an authorization endpoint, use that
$authorizationURL = IndieAuth\Client::buildAuthorizationURL($authorizationEndpoint, $me, self::_buildRedirectURI(), Config::$clientID, $state);
} else {
// Otherwise, fall back to indieauth.com
$authorizationURL = IndieAuth\Client::buildAuthorizationURL(Config::$defaultAuthorizationEndpoint, $me, self::_buildRedirectURI(), Config::$clientID, $state);
}
$authorizationURL = IndieAuth\Client::buildAuthorizationURL(Config::$defaultAuthorizationEndpoint, $me, self::_buildRedirectURI(), Config::$clientID, $state);
$response->setStatusCode(302); $response->setStatusCode(302);
$response->headers->set('Location', $authorizationURL); $response->headers->set('Location', $authorizationURL);
@ -96,14 +87,7 @@ class Auth {
return $response; return $response;
} }
// Discover the authorization endpoint from the "me" that was returned by the auth server
// This allows the auth server to return a different URL than the user originally entered,
// for example if the user enters multiusersite.example the auth server can return multiusersite.example/alice
if($state->authorization_endpoint) { // only use the discovered endpoint if one was originally found
$authorizationEndpoint = $state->authorization_endpoint;
} else {
$authorizationEndpoint = Config::$defaultAuthorizationEndpoint;
}
$authorizationEndpoint = Config::$defaultAuthorizationEndpoint;
// Verify the code with the auth server // Verify the code with the auth server
$token = IndieAuth\Client::verifyIndieAuthCode($authorizationEndpoint, $request->get('code'), $state->me, self::_buildRedirectURI(), Config::$clientID, true); $token = IndieAuth\Client::verifyIndieAuthCode($authorizationEndpoint, $request->get('code'), $state->me, self::_buildRedirectURI(), Config::$clientID, true);

+ 23
- 1
views/login.php View File

@ -48,7 +48,29 @@
</form> </form>
<div class="ui message"> <div class="ui message">
What's this? <a href="https://indieauth.com/setup">About IndieAuth</a>
What's this? <a href="https://indielogin.com/setup">About Web Sign-In</a>
</div> </div>
</div> </div>
</div> </div>
<script>
/* add http:// to URL fields on blur or when enter is pressed */
document.addEventListener('DOMContentLoaded', function() {
function addDefaultScheme(target) {
if(target.value.match(/^(?!https?:).+\..+/)) {
target.value = "http://"+target.value;
}
}
var elements = document.querySelectorAll("input[type=url]");
Array.prototype.forEach.call(elements, function(el, i){
el.addEventListener("blur", function(e){
addDefaultScheme(e.target);
});
el.addEventListener("keydown", function(e){
if(e.keyCode == 13) {
addDefaultScheme(e.target);
}
});
});
});
</script>

Loading…
Cancel
Save