<?php
/**
 * All the code required for handling logins via wp-login.php.  These functions should not be considered public,
 * and may change without notice.
 */


add_action( 'login_head', 'openid_wp_login_head' );
add_action( 'login_form', 'openid_wp_login_form' );
add_action( 'register_form', 'openid_wp_register_form', 9 );
add_action( 'register_post', 'openid_register_post', 10, 3 );
add_action( 'openid_finish_auth', 'openid_finish_login', 10, 2 );
add_filter( 'registration_errors', 'openid_clean_registration_errors', -99 );
add_filter( 'registration_errors', 'openid_registration_errors' );
add_action( 'init', 'openid_login_errors' );


/**
 * Authenticate user to WordPress using OpenID.
 *
 * @param mixed $user authenticated user object, or WP_Error or null
 */
function openid_authenticate( $user ) {
	if ( array_key_exists( 'openid_identifier', $_POST ) && $_POST['openid_identifier'] ) {

		$redirect_to = array_key_exists( 'redirect_to', $_REQUEST ) ? $_REQUEST['redirect_to'] : null;
		openid_start_login( $_POST['openid_identifier'], 'login', $redirect_to );

		// if we got this far, something is wrong
		global $error;
		$error = openid_message();
		$user  = new WP_Error( 'openid_login_error', $error );

	} elseif ( array_key_exists( 'finish_openid', $_REQUEST ) ) {

		$identity_url = $_REQUEST['identity_url'];

		if ( ! wp_verify_nonce( $_REQUEST['_wpnonce'], 'openid_login_' . md5( $identity_url ) ) ) {
			$user = new WP_Error( 'openid_login_error', __( 'Error during OpenID authentication.  Please try again. (invalid nonce)', 'openid' ) );
			return $user;
		}

		if ( $identity_url ) {
			$user_id = get_user_by_openid( $identity_url );
			if ( $user_id ) {
				$user = new WP_User( $user_id );
			} else {
				$user = new WP_Error( 'openid_registration_closed', __( 'Your have entered a valid OpenID, but this site is not currently accepting new accounts.', 'openid' ) );
			}
		} elseif ( array_key_exists( 'openid_error', $_REQUEST ) ) {
			$user = new WP_Error( 'openid_login_error', htmlentities2( $_REQUEST['openid_error'] ) );
		}
	}

	return $user;
}
add_action( 'authenticate', 'openid_authenticate' );


/**
 * Action method for completing the 'login' action.  This action is used when a user is logging in from
 * wp-login.php.
 *
 * @param string $identity_url verified OpenID URL
 */
function openid_finish_login( $identity_url, $action ) {
	if ( $action != 'login' ) {
		return;
	}

	if ( $identity_url ) {
		// create new user account if appropriate
		$user_id   = get_user_by_openid( $identity_url );
		$user_data = openid_get_user_data( $identity_url );

		if ( ! $user_id ) {
			if ( get_option( 'users_can_register' ) ) {
				// registration is enabled so create a new user
				openid_create_new_user( $identity_url, $user_data );
			} else {
				// generate a error because it is not possible to create a new user
				openid_message( __( 'Unable to create a new user.', 'openid' ) );
				openid_status( 'error' );
			}
		} else {
			do_action( 'openid_consumer_update_user_custom_data', $user_id, $user_data );
		}
	}

	// return to wp-login page
	$url = get_option( 'siteurl' ) . '/wp-login.php';

	$status = openid_status();
	$error  = openid_message();

	if ( $status == 'error' && ! empty( $error ) ) {
		$url = add_query_arg( 'openid_error', openid_message(), $url );
	}

	$url = add_query_arg(
		array(
			'finish_openid' => 1,
			'identity_url'  => urlencode( $identity_url ),
			'redirect_to'   => $_SESSION['openid_finish_url'],
			'_wpnonce'      => wp_create_nonce( 'openid_login_' . md5( $identity_url ) ),
		),
		$url
	);

	wp_safe_redirect( $url );
	exit;
}


/**
 * Setup OpenID errors to be displayed to the user.
 */
function openid_login_errors() {
	$self = basename( $GLOBALS['pagenow'] );
	if ( $self != 'wp-login.php' ) {
		return;
	}

	if ( array_key_exists( 'openid_error', $_REQUEST ) ) {
		global $error;
		$error = htmlentities2( $_REQUEST['openid_error'] );
	}
}


/**
 * Add style and script to login page.
 */
function openid_wp_login_head() {
	openid_style();
}


/**
 * Add OpenID input field to wp-login.php
 *
 * @action: login_form
 **/
function openid_wp_login_form() {
	echo '<hr id="openid_split" style="clear: both; margin-bottom: 1.0em; border: 0; border-top: 1px solid #999; height: 1px;" />';

	echo '
	<p style="margin-bottom: 8px;">
		<label style="display: block; margin-bottom: 5px;">' . __( 'Or login using an OpenID', 'openid' ) . '<br />
		<input type="text" name="openid_identifier" id="openid_identifier" class="input openid_identifier" value="" size="20" tabindex="25" /></label>
	</p>

	<p style="font-size: 0.9em; margin: 8px 0 24px 0;" id="what_is_openid">
		<a href="http://openid.net/what/" target="_blank">' . __( 'Learn about OpenID', 'openid' ) . '</a>
	</p>';
}


/**
 * Add information about registration to wp-login.php?action=register
 *
 * @action: register_form
 **/
function openid_wp_register_form() {
	echo '
	<div style="width:100%;">'; //Added to fix IE problem

	if ( get_option( 'openid_required_for_registration' ) ) {
		wp_enqueue_script( 'jquery' );
		wp_enqueue_script( 'openid-register', plugin_dir_url( __FILE__ ) . 'f/register.js', array( 'jquery' ), OPENID_PLUGIN_REVISION );

		$label = __( 'Register using an OpenID:', 'openid' );
	} else {
		$label = __( 'Or register using an OpenID:', 'openid' );

		echo '<hr id="openid_split" style="clear: both; margin-bottom: 1.5em; border: 0; border-top: 1px solid #999; height: 1px;" />';

		echo '
		<script type="text/javascript">
			jQuery(function() {
				jQuery("#reg_passmail").insertBefore("#openid_split");
				jQuery("p.submit").css("margin", "1em 0").clone().insertBefore("#openid_split");
			});
		</script>';
	}

	echo '
		<p>
			<label style="display: block; margin-bottom: 5px;">' . $label . '<br />
			<input type="text" name="openid_identifier" id="openid_identifier" class="input openid_identifier" value="" size="20" tabindex="25" /></label>
		</p>

		<p style="float: left; font-size: 0.8em; margin: 0.8em 0;" id="what_is_openid">
			<a href="http://openid.net/what/" target="_blank">' . __( 'Learn about OpenID', 'openid' ) . '</a>
		</p>

	</div>';

}


/**
 * Clean out registration errors that don't apply.
 */
function openid_clean_registration_errors( $errors ) {
	if ( get_option( 'openid_required_for_registration' ) || ! empty( $_POST['openid_identifier'] ) ) {
		$new = new WP_Error();
		foreach ( $errors->get_error_codes() as $code ) {
			if ( in_array( $code, array( 'empty_username', 'empty_email' ) ) ) {
				continue;
			}

			$message = $errors->get_error_message( $code );
			$data    = $errors->get_error_data( $code );
			$new->add( $code, $message, $data );
		}

		$errors = $new;
	}

	if ( get_option( 'openid_required_for_registration' ) && empty( $_POST['openid_identifier'] ) ) {
		$errors->add( 'openid_only', __( '<strong>ERROR</strong>: ', 'openid' ) . __( 'New users must register using OpenID.', 'openid' ) );
	}

	return $errors;
}

/**
 * Handle WordPress registration errors.
 */
function openid_registration_errors( $errors ) {
	if ( ! empty( $_POST['openid_identifier'] ) ) {
		$errors->add( 'invalid_openid', __( '<strong>ERROR</strong>: ', 'openid' ) . openid_message() );
	}

	return $errors;
}


/**
 * Handle WordPress registrations.
 */
function openid_register_post( $username, $password, $errors ) {
	if ( ! empty( $_POST['openid_identifier'] ) ) {
		wp_signon();
	}
}