Nemcio/Redmine
1
0
Fork 0
mirror of https://github.com/redmine/redmine.git synced 2025-10-26 00:36:14 +02:00
Code Issues Packages Projects Releases Activity

Drop OpenID support (#35755).

Browse Source 
Patch by Go MAEDA.


git-svn-id: http://svn.redmine.org/redmine/trunk@21312 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Go MAEDA
2021-12-14 00:09:53 +00:00
parent 390841721e
commit 9955844da1
92 changed files with 33 additions and 1583 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
Gemfile
View File

@@ -34,12 +34,6 @@ group :ldap do
gem 'net-ldap', '~> 0.17.0'
end
# Optional gem for OpenID authentication
group :openid do
gem "ruby-openid", "~> 2.9.2", :require => "openid"
gem "rack-openid"
end
# Optional gem for exporting the gantt to a PNG file
group :minimagick do
gem 'mini_magick', '~> 4.11.0'

59
app/controllers/account_controller.rb
View File

@@ -27,14 +27,6 @@ class AccountController < ApplicationController
skip_before_action :check_if_login_required, :check_password_change
skip_before_action :check_twofa_activation, :only => :logout
# Overrides ApplicationController#verify_authenticity_token to disable
# token verification on openid callbacks
def verify_authenticity_token
unless using_open_id?
super
end
end
# Login request and validation
def login
if request.post?
@@ -161,7 +153,7 @@ class AccountController < ApplicationController
redirect_to my_account_path
end
else
unless user_params[:identity_url].present? && user_params[:password].blank? && user_params[:password_confirmation].blank?
unless user_params[:password].blank? && user_params[:password_confirmation].blank?
@user.password, @user.password_confirmation = user_params[:password], user_params[:password_confirmation]
end
@@ -301,11 +293,7 @@ class AccountController < ApplicationController
end
def authenticate_user
if Setting.openid? && using_open_id?
open_id_authenticate(params[:openid_url])
else
password_authentication
end
password_authentication
end
def password_authentication
@@ -339,49 +327,6 @@ class AccountController < ApplicationController
update_sudo_timestamp! # activate Sudo Mode
end
def open_id_authenticate(openid_url)
back_url = signin_url(:autologin => params[:autologin])
authenticate_with_open_id(
openid_url, :required => [:nickname, :fullname, :email],
:return_to => back_url, :method => :post
) do |result, identity_url, registration|
if result.successful?
user = User.find_or_initialize_by_identity_url(identity_url)
if user.new_record?
# Self-registration off
(redirect_to(home_url); return) unless Setting.self_registration?
# Create on the fly
user.login = registration['nickname'] unless registration['nickname'].nil?
user.mail = registration['email'] unless registration['email'].nil?
user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil?
user.random_password
user.register
case Setting.self_registration
when '1'
register_by_email_activation(user) do
onthefly_creation_failed(user)
end
when '3'
register_automatically(user) do
onthefly_creation_failed(user)
end
else
register_manually_by_administrator(user) do
onthefly_creation_failed(user)
end
end
else
# Existing record
if user.active?
successful_authentication(user)
else
handle_inactive_user(user)
end
end
end
end
end
def successful_authentication(user)
logger.info "Successful authentication for '#{user.login}' from #{request.remote_ip} at #{Time.now.utc}"
# Valid user

4
app/models/setting.rb
View File

@@ -268,10 +268,6 @@ class Setting < ActiveRecord::Base
a
end
def self.openid?
Object.const_defined?(:OpenID) && self[:openid].to_i > 0
end
# Checks if settings have changed since the values were read
# and clears the cache hash if it's the case
# Called once per request

26
app/models/user.rb
View File

@@ -111,7 +111,6 @@ class User < Principal
validates_format_of :login, :with => /\A[a-z0-9_\-@\.]*\z/i
validates_length_of :login, :maximum => LOGIN_LENGTH_LIMIT
validates_length_of :firstname, :lastname, :maximum => 30
validates_length_of :identity_url, maximum: 255
validates_inclusion_of :mail_notification, :in => MAIL_NOTIFICATION_OPTIONS.collect(&:first), :allow_blank => true
Setting::PASSWORD_CHAR_CLASSES.each do |k, v|
validates_format_of :password, :with => v, :message => :"must_contain_#{k}", :allow_blank => true, :if => Proc.new {Setting.password_required_char_classes.include?(k)}
@@ -198,28 +197,6 @@ class User < Principal
email_addresses.pluck(:address)
end
def self.find_or_initialize_by_identity_url(url)
user = where(:identity_url => url).first
unless user
user = User.new
user.identity_url = url
end
user
end
def identity_url=(url)
if url.blank?
write_attribute(:identity_url, '')
else
begin
write_attribute(:identity_url, OpenIdAuthentication.normalize_identifier(url))
rescue OpenIdAuthentication::InvalidOpenId
# Invalid url, don't save
end
end
self.read_attribute(:identity_url)
end
# Returns the user that matches provided login and password, or nil
# AuthSource errors are caught, logged and nil is returned.
def self.try_to_login(login, password, active_only=true)
@@ -800,8 +777,7 @@ class User < Principal
'notified_project_ids',
'language',
'custom_field_values',
'custom_fields',
'identity_url')
'custom_fields')
safe_attributes(
'login',
:if => lambda {|user, current_user| user.new_record?})

5
app/views/account/login.html.erb
View File

@@ -13,11 +13,6 @@
</label>
<%= password_field_tag 'password', nil, :tabindex => '2' %>
<% if Setting.openid? %>
<label for="openid_url"><%=l(:field_identity_url)%></label>
<%= text_field_tag "openid_url", nil, :tabindex => '3' %>
<% end %>
<% if Setting.autologin? %>
<label for="autologin"><%= check_box_tag 'autologin', 1, false, :tabindex => 4 %> <%= l(:label_stay_logged_in) %></label>
<% end %>

6
app/views/account/register.html.erb
View File

@@ -1,4 +1,4 @@
<h2><%=l(:label_register)%> <%=link_to l(:label_login_with_open_id_option), signin_url if Setting.openid? %></h2>
<h2><%=l(:label_register)%></h2>
<%= labelled_form_for @user, :url => register_path do |f| %>
<%= error_messages_for 'user' %>
@@ -28,10 +28,6 @@
<p><%= f.select :language, lang_options_for_select %></p>
<% end %>
<% if Setting.openid? %>
<p><%= f.text_field :identity_url %></p>
<% end %>
<% @user.custom_field_values.select {|v| (Setting.show_custom_fields_on_registration? && v.editable?) || v.required?}.each do |value| %>
<p><%= custom_field_tag_with_label :user, value %></p>
<% end %>

3
app/views/my/account.html.erb
View File

@@ -25,9 +25,6 @@
<% unless @user.force_default_language? %>
<p><%= f.select :language, lang_options_for_select %></p>
<% end %>
<% if Setting.openid? %>
<p><%= f.text_field :identity_url %></p>
<% end %>
<% if Setting.twofa? -%>
<p>
<label><%=l :setting_twofa -%></label>

3
app/views/settings/_authentication.html.erb
View File

@@ -40,9 +40,6 @@
</p>
<p><%= setting_check_box :openid, :disabled => !Object.const_defined?(:OpenID) %></p>
</div>
<fieldset class="box">
<legend><%= l(:label_session_expiration) %></legend>

3
app/views/users/_form.html.erb
View File

@@ -13,9 +13,6 @@
<% unless @user.force_default_language? %>
<p><%= f.select :language, lang_options_for_select %></p>
<% end %>
<% if Setting.openid? %>
<p><%= f.text_field :identity_url %></p>
<% end %>
<% @user.custom_field_values.each do |value| %>
<p><%= custom_field_tag_with_label :user, value %></p>

5
config/configuration.yml.example
View File

@@ -207,11 +207,6 @@ default:
# Maximum number of simultaneous AJAX uploads
#max_concurrent_ajax_uploads: 2
# Configure OpenIdAuthentication.store
#
# allowed values: :memory, :file, :memcache
#openid_authentication_store: :memory
# URL of the avatar server
#
# By default, Redmine uses Gravatar as the avatar server for displaying

5
config/initializers/30-redmine.rb
View File

@@ -17,11 +17,6 @@ if secret.present?
RedmineApp::Application.config.secret_token = secret
end
if Object.const_defined?(:OpenIdAuthentication)
openid_authentication_store = Redmine::Configuration['openid_authentication_store']
OpenIdAuthentication.store = openid_authentication_store.presence || :memory
end
Redmine::PluginLoader.load
plugin_assets_reloader = Redmine::PluginLoader.create_assets_reloader

3
config/locales/ar.yml
View File

@@ -307,7 +307,6 @@ ar:
field_parent_title: صفحة الوالدين
field_editable: يمكن اعادة تحريره
field_watcher: مراقب
field_identity_url: افتح الرابط الخاص بالهوية الشخصية
field_content: المحتويات
field_group_by: تصنيف النتائج بواسطة
field_sharing: مشاركة
@@ -367,7 +366,6 @@ ar:
setting_diff_max_lines_displayed: الحد الاقصى لعدد الخطوط
setting_file_max_size_displayed: الحد الأقصى لحجم النص المعروض على الملفات المرفقة
setting_repository_log_display_limit: الحد الاقصى لعدد التنقيحات المعروضة على ملف السجل
setting_openid: السماح بدخول اسم المستخدم المفتوح والتسجيل
setting_password_min_length: الحد الادني لطول كلمة المرور
setting_new_project_user_role_id: الدور المسند الى المستخدم غير المسؤول الذي يقوم بإنشاء المشروع
setting_default_projects_modules: تمكين الوحدات النمطية للمشاريع الجديدة بشكل افتراضي
@@ -505,7 +503,6 @@ ar:
label_information: معلومة
label_information_plural: معلومات
label_register: تسجيل
label_login_with_open_id_option: او الدخول بهوية مفتوحة
label_password_lost: فقدت كلمة السر
label_home: "الصفحة الرئيسية"
label_my_page: الصفحة الخاصة بي

3
config/locales/az.yml
View File

@@ -332,7 +332,6 @@ az:
field_host: Kompyuter
field_hours: saat
field_identifier: Unikal identifikator
field_identity_url: OpenID URL
field_is_closed: Tapşırıq bağlanıb
field_is_default: Susmaya görə tapşırıq
field_is_filter: Filtr kimi istifadə edilir
@@ -549,7 +548,6 @@ az:
label_loading: Yükləmə...
label_logged_as: Daxil olmusunuz
label_login: Daxil olmaq
label_login_with_open_id_option: və ya OpenID vasitəsilə daxil olmaq
label_logout: Çıxış
label_max_size: Maksimal ölçü
label_member_new: Yeni iştirakçı
@@ -847,7 +845,6 @@ az:
setting_mail_from: Çıxan e-poçt ünvanı
setting_mail_handler_api_enabled: Daxil olan məlumatlar üçün veb-servisi qoşmaq
setting_mail_handler_api_key: API açar
setting_openid: Giriş və qeydiyyat üçün OpenID izacə vermək
setting_per_page_options: Səhifə üçün qeydlərin sayı
setting_plain_text_mail: Yalnız sadə mətn (HTML olmadan)
setting_protocol: Protokol

3
config/locales/bg.yml
View File

@@ -367,7 +367,6 @@ bg:
field_parent_title: Родителска страница
field_editable: Editable
field_watcher: Наблюдател
field_identity_url: OpenID URL
field_content: Съдържание
field_group_by: Групиране на резултатите по
field_sharing: Sharing
@@ -463,7 +462,6 @@ bg:
setting_diff_max_lines_displayed: Максимален брой показвани diff редове
setting_file_max_size_displayed: Максимален размер на текстовите файлове, показвани inline
setting_repository_log_display_limit: Максимален брой на показванете ревизии в лог файла
setting_openid: Рарешаване на OpenID вход и регистрация
setting_password_max_age: Изискване за смяна на паролата след
setting_password_min_length: Минимална дължина на парола
setting_password_required_char_classes: Задължителни символни класове за пароли
@@ -658,7 +656,6 @@ bg:
label_information: Информация
label_information_plural: Информация
label_register: Регистрация
label_login_with_open_id_option: или вход чрез OpenID
label_password_lost: Забравена парола
label_password_required: Потвърдете вашата парола, за да продължите
label_home: Начало

3
config/locales/bs.yml
View File

@@ -292,7 +292,6 @@ bs:
field_parent_title: 'Stranica "roditelj"'
field_editable: Može se mijenjati
field_watcher: Posmatrač
field_identity_url: OpenID URL
field_content: Sadržaj
setting_app_title: Naslov aplikacije
@@ -333,7 +332,6 @@ bs:
setting_diff_max_lines_displayed: Maksimalan broj linija za prikaz razlika između dva fajla
setting_file_max_size_displayed: Maksimalna veličina fajla kod prikaza razlika unutar fajla (inline)
setting_repository_log_display_limit: Maksimalna veličina revizija prikazanih na log fajlu
setting_openid: Omogući OpenID prijavu i registraciju
permission_edit_project: Ispravke projekta
permission_select_project_modules: Odaberi module projekta
@@ -439,7 +437,6 @@ bs:
label_information: Informacija
label_information_plural: Informacije
label_register: Registracija
label_login_with_open_id_option: ili prijava sa OpenID-om
label_password_lost: Izgubljena lozinka
label_home: Početna stranica
label_my_page: Moja stranica

3
config/locales/ca.yml
View File

@@ -306,7 +306,6 @@ ca:
field_parent_title: "Pàgina pare"
field_editable: "Es pot editar"
field_watcher: "Vigilància"
field_identity_url: "URL OpenID"
field_content: "Contingut"
field_group_by: "Agrupa els resultats per"
field_sharing: "Compartir"
@@ -351,7 +350,6 @@ ca:
setting_diff_max_lines_displayed: "Número màxim de línies amb diferències mostrades"
setting_file_max_size_displayed: "Mida màxima dels fitxers de text mostrats en línia"
setting_repository_log_display_limit: "Número màxim de revisions que es mostren al registre de fitxers"
setting_openid: "Permet entrar i registrar-se amb l'OpenID"
setting_password_min_length: "Longitud mínima de la contrasenya"
setting_new_project_user_role_id: "Aquest rol es dóna a un usuari no administrador per a crear projectes"
setting_default_projects_modules: "Mòduls activats per defecte en els projectes nous"
@@ -476,7 +474,6 @@ ca:
label_information: "Informació"
label_information_plural: "Informació"
label_register: "Registrar"
label_login_with_open_id_option: "o entrar amb OpenID"
label_password_lost: "Has oblidat la contrasenya?"
label_home: "Inici"
label_my_page: "La meva pàgina"

3
config/locales/cs.yml
View File

@@ -308,7 +308,6 @@ cs:
field_parent_title: Rodičovská stránka
field_editable: Editovatelný
field_watcher: Sleduje
field_identity_url: OpenID URL
field_content: Obsah
field_group_by: Seskupovat výsledky podle
field_sharing: Sdílení
@@ -358,7 +357,6 @@ cs:
setting_diff_max_lines_displayed: Maximální počet zobrazených řádků rozdílu
setting_file_max_size_displayed: Maximální velikost textových souborů zobrazených přímo na stránce
setting_repository_log_display_limit: Maximální počet revizí zobrazených v logu souboru
setting_openid: Umožnit přihlašování a registrace s OpenID
setting_password_min_length: Minimální délka hesla
setting_new_project_user_role_id: Role přiřazená uživateli bez práv administrátora, který projekt vytvořil
setting_default_projects_modules: Výchozí zapnutné moduly pro nový projekt
@@ -487,7 +485,6 @@ cs:
label_information: Informace
label_information_plural: Informace
label_register: Registrovat
label_login_with_open_id_option: nebo se přihlašte s OpenID
label_password_lost: Zapomenuté heslo
label_home: Úvodní
label_my_page: Moje stránka

3
config/locales/da.yml
View File

@@ -802,9 +802,6 @@ da:
setting_repository_log_display_limit: Højeste antal revisioner vist i fil-log
setting_file_max_size_displayed: Maksimale størrelse på tekstfiler vist inline
field_watcher: Overvåger
setting_openid: Tillad OpenID login og registrering
field_identity_url: OpenID URL
label_login_with_open_id_option: eller login med OpenID
setting_per_page_options: Enheder per side muligheder
mail_body_reminder: "%{count} sage(er) som er tildelt dig har deadline indenfor de næste %{days} dage:"
field_content: Indhold

3
config/locales/de.yml
View File

@@ -324,7 +324,6 @@ de:
field_host: Host
field_hours: Stunden
field_identifier: Kennung
field_identity_url: OpenID-URL
field_inherit_members: Benutzer erben
field_is_closed: Ticket geschlossen
field_is_default: Standardeinstellung
@@ -631,7 +630,6 @@ de:
label_loading: Lade...
label_logged_as: Angemeldet als
label_login: Anmelden
label_login_with_open_id_option: oder mit OpenID anmelden
label_logout: Abmelden
label_only: nur
label_max_size: Maximale Größe
@@ -1036,7 +1034,6 @@ de:
setting_mail_handler_excluded_filenames: Anhänge nach Namen ausschließen
setting_new_project_user_role_id: Rolle, die einem Nicht-Administrator zugeordnet wird, der ein Projekt erstellt
setting_non_working_week_days: Arbeitsfreie Tage
setting_openid: Erlaube OpenID-Anmeldung und -Registrierung
setting_password_min_length: Mindestlänge des Passworts
setting_password_max_age: Erzwinge Passwortwechsel nach
setting_lost_password: Zurücksetzen des Passworts per E-Mail erlauben

3
config/locales/el.yml
View File

@@ -288,7 +288,6 @@ el:
field_parent_title: Γονική σελίδα
field_editable: Επεξεργάσιμο
field_watcher: Παρατηρητής
field_identity_url: OpenID URL
field_content: Περιεχόμενο
field_group_by: Ομαδικά αποτελέσματα από
@@ -329,7 +328,6 @@ el:
setting_diff_max_lines_displayed: Μεγ.αριθμός εμφάνισης γραμμών diff
setting_file_max_size_displayed: Μεγ.μέγεθος των αρχείων απλού κειμένου που εμφανίζονται σε σειρά
setting_repository_log_display_limit: Μέγιστος αριθμός αναθεωρήσεων που εμφανίζονται στο ιστορικό αρχείου
setting_openid: Επιτρέψτε συνδέσεις OpenID και εγγραφή
setting_password_min_length: Ελάχιστο μήκος κωδικού πρόσβασης
setting_new_project_user_role_id: Απόδοση ρόλου σε χρήστη μη-διαχειριστή όταν δημιουργεί ένα έργο
@@ -438,7 +436,6 @@ el:
label_information: Πληροφορία
label_information_plural: Πληροφορίες
label_register: Εγγραφή
label_login_with_open_id_option: ή συνδεθείτε με OpenID
label_password_lost: Ανάκτηση κωδικού πρόσβασης
label_home: Αρχική σελίδα
label_my_page: Η σελίδα μου

3
config/locales/en-GB.yml
View File

@@ -309,7 +309,6 @@ en-GB:
field_parent_title: Parent page
field_editable: Editable
field_watcher: Watcher
field_identity_url: OpenID URL
field_content: Content
field_group_by: Group results by
field_sharing: Sharing
@@ -360,7 +359,6 @@ en-GB:
setting_diff_max_lines_displayed: Max number of diff lines displayed
setting_file_max_size_displayed: Max size of text files displayed inline
setting_repository_log_display_limit: Maximum number of revisions displayed on file log
setting_openid: Allow OpenID login and registration
setting_password_min_length: Minimum password length
setting_new_project_user_role_id: Role given to a non-admin user who creates a project
setting_default_projects_modules: Default enabled modules for new projects
@@ -493,7 +491,6 @@ en-GB:
label_information: Information
label_information_plural: Information
label_register: Register
label_login_with_open_id_option: or login with OpenID
label_password_lost: Lost password
label_home: Home
label_my_page: My page

3
config/locales/en.yml
View File

@@ -363,7 +363,6 @@ en:
field_parent_title: Parent page
field_editable: Editable
field_watcher: Watcher
field_identity_url: OpenID URL
field_content: Content
field_group_by: Group results by
field_sharing: Sharing
@@ -460,7 +459,6 @@ en:
setting_diff_max_lines_displayed: Maximum number of diff lines displayed
setting_file_max_size_displayed: Maximum size of text files displayed inline
setting_repository_log_display_limit: Maximum number of revisions displayed on file log
setting_openid: Allow OpenID login and registration
setting_password_max_age: Require password change after
setting_password_min_length: Minimum password length
setting_password_required_char_classes : Required character classes for passwords
@@ -654,7 +652,6 @@ en:
label_information: Information
label_information_plural: Information
label_register: Register
label_login_with_open_id_option: or login with OpenID
label_password_lost: Lost password
label_password_required: Confirm your password to continue
label_home: Home

3
config/locales/es-PA.yml
View File

@@ -828,9 +828,6 @@ es-PA:
setting_repository_log_display_limit: Número máximo de revisiones mostradas en el archivo de trazas
setting_file_max_size_displayed: Tamaño máximo de los archivos de texto mostrados
field_watcher: Seguidor
setting_openid: Permitir identificación y registro por OpenID
field_identity_url: URL de OpenID
label_login_with_open_id_option: o identifíquese con OpenID
field_content: Contenido
label_descending: Descendente
label_sort: Ordenar

3
config/locales/es.yml
View File

@@ -826,9 +826,6 @@ es:
setting_repository_log_display_limit: Número máximo de revisiones mostradas en el fichero de trazas
setting_file_max_size_displayed: Tamaño máximo de los ficheros de texto mostrados
field_watcher: Seguidor
setting_openid: Permitir identificación y registro por OpenID
field_identity_url: URL de OpenID
label_login_with_open_id_option: o identifíquese con OpenID
field_content: Contenido
label_descending: Descendente
label_sort: Ordenar

3
config/locales/et.yml
View File

@@ -327,7 +327,6 @@ et:
field_parent_title: "Pärineb lehest"
field_editable: "Muudetav"
field_watcher: "Jälgija"
field_identity_url: "OpenID URL"
field_content: "Sisu"
field_group_by: "Rühmita tulemus"
field_sharing: "Teemade jagamine"
@@ -390,7 +389,6 @@ et:
setting_diff_max_lines_displayed: "Enim korraga näidatavaid erinevusi"
setting_file_max_size_displayed: "Kuvatava tekstifaili suurim maht"
setting_repository_log_display_limit: "Enim ajaloos näidatavaid sissekandeid"
setting_openid: "Luba OpenID-ga registreerimine ja sisselogimine"
setting_password_min_length: "Lühim lubatud parooli pikkus"
setting_new_project_user_role_id: "Projekti looja roll oma projektis"
setting_default_projects_modules: "Vaikimisi moodulid uutes projektides"
@@ -531,7 +529,6 @@ et:
label_information: "Teave"
label_information_plural: "Teave"
label_register: "Registreeru"
label_login_with_open_id_option: "või logi sisse OpenID-ga"
label_password_lost: "Kui parool on ununud..."
label_home: "Kodu"
label_my_page: "Minu leht"

3
config/locales/eu.yml
View File

@@ -296,7 +296,6 @@ eu:
field_parent_title: Orri gurasoa
field_editable: Editagarria
field_watcher: Behatzailea
field_identity_url: OpenID URLa
field_content: Edukia
field_group_by: Emaitzak honegatik taldekatu
field_sharing: Partekatzea
@@ -340,7 +339,6 @@ eu:
setting_diff_max_lines_displayed: Erakutsiko diren diff lerro kopuru maximoa
setting_file_max_size_displayed: Barnean erakuzten diren testu fitxategien tamaina maximoa
setting_repository_log_display_limit: Egunkari fitxategian erakutsiko diren berrikuspen kopuru maximoa.
setting_openid: Baimendu OpenID saio hasiera eta erregistatzea
setting_password_min_length: Pasahitzen luzera minimoa
setting_new_project_user_role_id: Proiektu berriak sortzerakoan kudeatzaile ez diren erabiltzaileei esleitutako rola
setting_default_projects_modules: Proiektu berrientzako defektuz gaitutako moduluak
@@ -459,7 +457,6 @@ eu:
label_information: Informazioa
label_information_plural: Informazioa
label_register: Erregistratu
label_login_with_open_id_option: edo OpenID-rekin saioa hasi
label_password_lost: Pasahitza galduta
label_home: Hasiera
label_my_page: Nire orria

3
config/locales/fa.yml
View File

@@ -342,7 +342,6 @@ fa:
field_parent_title: صفحه پدر
field_editable: ویرایش‌پذیر
field_watcher: ناظر
field_identity_url: نشانی OpenID
field_content: محتوا
field_group_by: دسته بندی با
field_sharing: اشتراک گذاری
@@ -429,7 +428,6 @@ fa:
setting_diff_max_lines_displayed: بیشترین اندازه ردیف‌های تفاوت نشان داده شده
setting_file_max_size_displayed: بیشترین اندازه پرونده‌های نمایش داده‌شده به صورت هم‌ردیف
setting_repository_log_display_limit: بیشترین تعداد بازبینی‌های نمایش داده‌شده در گزارش پرونده
setting_openid: اجازه ورود و ثبت نام با OpenID
setting_password_max_age: لزوم تغییر گذرواژه پس از
setting_password_min_length: کم‌ترین اندازه گذرواژه
setting_lost_password: اجازه بازنشانی گذرواژه با رایانامه
@@ -601,7 +599,6 @@ fa:
label_information: اطلاعات
label_information_plural: اطلاعات
label_register: ثبت نام
label_login_with_open_id_option: یا با OpenID وارد شوید
label_password_lost: بازیابی گذرواژه
label_password_required: برای ادامه، گذرواژه خود را تایید کنید
label_home: خانه

3
config/locales/fi.yml
View File

@@ -809,9 +809,6 @@ fi:
setting_repository_log_display_limit: Maximum number of revisions displayed on file log
setting_file_max_size_displayed: Max size of text files displayed inline
field_watcher: Watcher
setting_openid: Allow OpenID login and registration
field_identity_url: OpenID URL
label_login_with_open_id_option: or login with OpenID
field_content: Content
label_descending: Descending
label_sort: Sort

3
config/locales/fr.yml
View File

@@ -352,7 +352,6 @@ fr:
field_parent_title: Page parent
field_editable: Modifiable
field_watcher: Observateur
field_identity_url: URL OpenID
field_content: Contenu
field_group_by: Grouper par
field_sharing: Partage
@@ -438,7 +437,6 @@ fr:
setting_diff_max_lines_displayed: Nombre maximum de lignes de diff affichées
setting_file_max_size_displayed: Taille maximum des fichiers texte affichés en ligne
setting_repository_log_display_limit: "Nombre maximum de révisions affichées sur l'historique d'un fichier"
setting_openid: "Autoriser l'authentification et l'enregistrement OpenID"
setting_password_max_age: Expiration des mots de passe après
setting_password_min_length: Longueur minimum des mots de passe
setting_new_project_user_role_id: Rôle donné à un utilisateur non-administrateur qui crée un projet
@@ -615,7 +613,6 @@ fr:
label_information: Information
label_information_plural: Informations
label_register: S'enregistrer
label_login_with_open_id_option: S'authentifier avec OpenID
label_password_lost: Mot de passe perdu
label_password_required: Confirmez votre mot de passe pour continuer
label_home: Accueil

3
config/locales/gl.yml
View File

@@ -801,9 +801,6 @@ gl:
setting_repository_log_display_limit: "Número máximo de revisións que se mostran no ficheiro do historial."
setting_file_max_size_displayed: "Tamaño máximo dos ficheiros de texto que se mostran liña por liña."
field_watcher: "Seguidor"
setting_openid: "Permitir rexistrarse e acceder mediante OpenID."
field_identity_url: "URL de OpenID"
label_login_with_open_id_option: "ou acceda mediante OpenID."
field_content: "Contido"
label_descending: "Descendente"
label_sort: "Ordenar"

3
config/locales/he.yml
View File

@@ -308,7 +308,6 @@ he:
field_parent_title: דף אב
field_editable: ניתן לעריכה
field_watcher: צופה
field_identity_url: כתובת OpenID
field_content: תוכן
field_group_by: קבץ את התוצאות לפי
field_sharing: שיתוף
@@ -354,7 +353,6 @@ he:
setting_diff_max_lines_displayed: מספר מירבי של שורות בתצוגת שינויים
setting_file_max_size_displayed: גודל מירבי של מלל המוצג בתוך השורה
setting_repository_log_display_limit: מספר מירבי של מהדורות המוצגות ביומן קובץ
setting_openid: אפשר התחברות ורישום באמצעות OpenID
setting_password_min_length: אורך סיסמה מינימאלי
setting_new_project_user_role_id: התפקיד שמוגדר למשתמש פשוט אשר יוצר פרויקט
setting_default_projects_modules: מודולים מאופשרים בברירת מחדל עבור פרויקטים חדשים
@@ -480,7 +478,6 @@ he:
label_information: מידע
label_information_plural: מידע
label_register: הרשמה
label_login_with_open_id_option: או התחבר באמצעות OpenID
label_password_lost: אבדה הסיסמה?
label_home: דף הבית
label_my_page: הדף שלי

3
config/locales/hr.yml
View File

@@ -288,7 +288,6 @@ hr:
field_parent_title: Parent page
field_editable: Editable
field_watcher: Watcher
field_identity_url: OpenID URL
field_content: Content
field_group_by: Group results by
@@ -331,7 +330,6 @@ hr:
setting_diff_max_lines_displayed: Maksimalni broj diff linija za prikazati
setting_file_max_size_displayed: Max size of text files displayed inline
setting_repository_log_display_limit: Maximum number of revisions displayed on file log
setting_openid: Allow OpenID login and registration
setting_password_min_length: Minimum password length
setting_new_project_user_role_id: Role given to a non-admin user who creates a project
setting_default_projects_modules: Default enabled modules for new projects
@@ -450,7 +448,6 @@ hr:
label_information: Informacija
label_information_plural: Informacije
label_register: Registracija
label_login_with_open_id_option: or login with OpenID
label_password_lost: Izgubljena zaporka
label_home: Početna stranica
label_my_page: Moja stranica

3
config/locales/hu.yml
View File

@@ -807,9 +807,6 @@
setting_repository_log_display_limit: Maximum hány revíziót mutasson meg a log megjelenítésekor
setting_file_max_size_displayed: Maximum mekkora szövegfájlokat jelenítsen meg soronkénti összehasonlításnál
field_watcher: Megfigyelő
setting_openid: OpenID regisztráció és bejelentkezés engedélyezése
field_identity_url: OpenID URL
label_login_with_open_id_option: bejelentkezés OpenID használatával
field_content: Tartalom
label_descending: Csökkenő
label_sort: Rendezés

3
config/locales/id.yml
View File

@@ -289,7 +289,6 @@ id:
field_parent_title: Halaman induk
field_editable: Dapat disunting
field_watcher: Pemantau
field_identity_url: OpenID URL
field_content: Isi
field_group_by: Dikelompokkan berdasar
field_sharing: Berbagi
@@ -332,7 +331,6 @@ id:
setting_diff_max_lines_displayed: Maksimum perbedaan baris tertampil
setting_file_max_size_displayed: Maksimum berkas tertampil secara inline
setting_repository_log_display_limit: Nilai maksimum dari revisi ditampilkan di log berkas
setting_openid: Perbolehkan Login dan pendaftaran melalui OpenID
setting_password_min_length: Panjang minimum untuk kata sandi
setting_new_project_user_role_id: Peran diberikan pada pengguna non-admin yang membuat proyek
setting_default_projects_modules: Modul yang diaktifkan pada proyek baru
@@ -444,7 +442,6 @@ id:
label_information: Informasi
label_information_plural: Informasi
label_register: mendaftar
label_login_with_open_id_option: atau login menggunakan OpenID
label_password_lost: Lupa password
label_home: Halaman depan
label_my_page: Beranda

3
config/locales/it.yml
View File

@@ -788,9 +788,6 @@ it:
setting_repository_log_display_limit: Numero massimo di revisioni elencate nella cronologia file
setting_file_max_size_displayed: Dimensione massima dei contenuti testuali visualizzati
field_watcher: Osservatore
setting_openid: Accetta connessione e registrazione con OpenID
field_identity_url: URL OpenID
label_login_with_open_id_option: oppure autenticati usando OpenID
field_content: Contenuto
label_descending: Discendente
label_sort: Ordina

3
config/locales/ja.yml
View File

@@ -328,7 +328,6 @@ ja:
field_parent_title: 親ページ
field_editable: 編集可能
field_watcher: ウォッチャー
field_identity_url: OpenID URL
field_content: 内容
field_group_by: グループ条件
field_sharing: 共有
@@ -387,7 +386,6 @@ ja:
setting_diff_max_lines_displayed: 差分の表示行数の上限
setting_file_max_size_displayed: 画面表示するテキストファイルサイズの上限
setting_repository_log_display_limit: ファイルのリビジョン表示数の上限
setting_openid: OpenIDによるログインと登録
setting_password_min_length: パスワードの最低必要文字数
setting_new_project_user_role_id: システム管理者以外のユーザーが作成したプロジェクトに設定するロール
setting_default_projects_modules: 新規プロジェクトにおいてデフォルトで有効になるモジュール
@@ -518,7 +516,6 @@ ja:
label_information: 情報
label_information_plural: 情報
label_register: 登録する
label_login_with_open_id_option: またはOpenIDでログインする
label_password_lost: パスワードの再設定
label_home: ホーム
label_my_page: マイページ

3
config/locales/ko.yml
View File

@@ -331,7 +331,6 @@ ko:
field_parent_title: 상위 제목
field_editable: 편집가능
field_watcher: 일감관람자
field_identity_url: OpenID URL
field_content: 내용
field_group_by: 결과를 묶어 보여줄 기준
@@ -372,7 +371,6 @@ ko:
setting_diff_max_lines_displayed: 차이점(diff) 보기에 표시할 최대 줄수
setting_repository_log_display_limit: 저장소 보기에 표시할 개정이력의 최대 갯수
setting_file_max_size_displayed: 바로 보여줄 텍스트파일의 최대 크기
setting_openid: OpenID 로그인과 등록 허용
setting_password_min_length: 최소 암호 길이
setting_new_project_user_role_id: 프로젝트를 만든 사용자에게 주어질 역할
@@ -481,7 +479,6 @@ ko:
label_information: 정보
label_information_plural: 정보
label_register: 등록
label_login_with_open_id_option: 또는 OpenID로 로그인
label_password_lost: 비밀번호 찾기
label_home: 초기화면
label_my_page: 내 페이지

3
config/locales/lt.yml
View File

@@ -336,7 +336,6 @@ lt:
field_parent_title: Pagrindinis puslapis
field_editable: Redaguojamas
field_watcher: Stebėtojas
field_identity_url: OpenID URL
field_content: Turinys
field_group_by: Sugrupuoti pagal
field_sharing: Dalijimasis
@@ -414,7 +413,6 @@ lt:
setting_diff_max_lines_displayed: Maksimalus rodomas pakeitimų eilučių skaičius
setting_file_max_size_displayed: Maksimalus tekstinių failų dydis rodomas vienoje eilutėje
setting_repository_log_display_limit: Maksimalus revizijų skaičius rodomas failo žurnale
setting_openid: Leisti OpenID prisijungimą ir registraciją
setting_password_max_age: Reikalauti slaptažodžio pakeitimo po
setting_password_min_length: Minimalus slaptažodžio ilgis
setting_lost_password: Leisti slaptažodžio atstatymą elektroninu laišku
@@ -581,7 +579,6 @@ lt:
label_information: Informacija
label_information_plural: Informacija
label_register: Užsiregistruoti
label_login_with_open_id_option: arba prisijunkite su OpenID
label_password_lost: Prarastas slaptažodis
label_password_required: Norėdami tęsti, patvirtinkite savo slaptažodį
label_home: Pagrindinis

3
config/locales/lv.yml
View File

@@ -288,7 +288,6 @@ lv:
field_parent_title: Vecāka lapa
field_editable: Rediģējams
field_watcher: Vērotājs
field_identity_url: OpenID URL
field_content: Saturs
field_group_by: Grupēt rezultātus pēc
field_sharing: Koplietošana
@@ -332,7 +331,6 @@ lv:
setting_diff_max_lines_displayed: Maksimālais rādīto diff rindu skaits
setting_file_max_size_displayed: Maksimālais izmērs iekļautajiem teksta failiem
setting_repository_log_display_limit: Maksimālais žurnāla datnē rādīto revīziju skaits
setting_openid: Atļaut OpenID pieslēgšanos un reģistrēšanos
setting_password_min_length: Minimālais paroles garums
setting_new_project_user_role_id: Loma, kura tiek piešķirta ne-administratora lietotājam, kurš izveido projektu
setting_default_projects_modules: Noklusētie lietotie moduļi jaunam projektam
@@ -454,7 +452,6 @@ lv:
label_information: Informācija
label_information_plural: Informācija
label_register: Reģistrēties
label_login_with_open_id_option: vai pieslēgties ar OpenID
label_password_lost: Nozaudēta parole
label_home: Sākums
label_my_page: Mana lapa

3
config/locales/mk.yml
View File

@@ -303,7 +303,6 @@ mk:
field_parent_title: Parent page
field_editable: Може да се уредува
field_watcher: Watcher
field_identity_url: OpenID URL
field_content: Содржина
field_group_by: Групирај ги резултатите според
field_sharing: Споделување
@@ -347,7 +346,6 @@ mk:
setting_diff_max_lines_displayed: Max number of diff lines displayed
setting_file_max_size_displayed: Max size of text files displayed inline
setting_repository_log_display_limit: Maximum number of revisions displayed on file log
setting_openid: Дозволи OpenID најава и регистрација
setting_password_min_length: Мин. должина на лозинка
setting_new_project_user_role_id: Улога доделена на неадминистраторски корисник кој креира проект
setting_default_projects_modules: Default enabled modules for new projects
@@ -472,7 +470,6 @@ mk:
label_information: Информација
label_information_plural: Информации
label_register: Регистрирај се
label_login_with_open_id_option: или најави се со OpenID
label_password_lost: Изгубена лозинка
label_home: Почетна
label_my_page: Мојата страна

3
config/locales/mn.yml
View File

@@ -294,7 +294,6 @@ mn:
field_parent_title: Эцэг хуудас
field_editable: Засварлагдана
field_watcher: Харна
field_identity_url: OpenID URL
field_content: Агуулга
field_group_by: Үр дүнгээр бүлэглэх
field_sharing: Sharing
@@ -338,7 +337,6 @@ mn:
setting_diff_max_lines_displayed: Ялгаатай мөрүүдийн тоо (дээд тал нь)
setting_file_max_size_displayed: Max size of text files displayed inline
setting_repository_log_display_limit: Maximum number of revisions displayed on file log
setting_openid: Allow OpenID login and registration
setting_password_min_length: Minimum password length
setting_new_project_user_role_id: Role given to a non-admin user who creates a project
setting_default_projects_modules: Default enabled modules for new projects
@@ -460,7 +458,6 @@ mn:
label_information: Мэдээлэл
label_information_plural: Мэдээллүүд
label_register: Бүртгүүлэх
label_login_with_open_id_option: or login with OpenID
label_password_lost: Нууц үгээ алдсан
label_home: Нүүр
label_my_page: Миний хуудас

3
config/locales/nl.yml
View File

@@ -770,9 +770,6 @@ nl:
setting_repository_log_display_limit: Max aantal revisies zichbaar
setting_file_max_size_displayed: Max grootte van tekstbestanden inline zichtbaar
field_watcher: Volger
setting_openid: Sta OpenID login en registratie toe
field_identity_url: OpenID URL
label_login_with_open_id_option: of login met uw OpenID
field_content: Content
label_descending: Aflopend
label_sort: Sorteer

3
config/locales/no.yml
View File

@@ -775,9 +775,6 @@
setting_repository_log_display_limit: Maks antall revisjoner vist i fil-loggen
setting_file_max_size_displayed: Max size of text files displayed inline
field_watcher: Overvåker
setting_openid: Tillat OpenID innlogging og registrering
field_identity_url: OpenID URL
label_login_with_open_id_option: eller logg inn med OpenID
field_content: Innhold
label_descending: Synkende
label_sort: Sorter

3
config/locales/pl.yml
View File

@@ -804,9 +804,6 @@ pl:
setting_repository_log_display_limit: Maksymalna liczba rewizji pokazywanych w logu pliku
setting_file_max_size_displayed: Maksymalny rozmiar plików tekstowych osadzanych w stronie
field_watcher: Obserwator
setting_openid: Logowanie i rejestracja przy użyciu OpenID
field_identity_url: Identyfikator OpenID (URL)
label_login_with_open_id_option: albo użyj OpenID
field_content: Treść
label_descending: Malejąco
label_sort: Sortuj

3
config/locales/pt-BR.yml
View File

@@ -810,9 +810,6 @@ pt-BR:
field_editable: Editável
setting_repository_log_display_limit: Número máximo de revisões exibidas no arquivo de log
setting_file_max_size_displayed: Tamanho máximo dos arquivos textos exibidos em linha
setting_openid: Permitir Login e Registro via OpenID
field_identity_url: OpenID URL
label_login_with_open_id_option: ou use o OpenID
field_content: Conteúdo
label_descending: Descendente
label_sort: Ordenar

3
config/locales/pt.yml
View File

@@ -793,9 +793,6 @@ pt:
setting_repository_log_display_limit: Número máximo de revisões exibido no relatório de ficheiro
setting_file_max_size_displayed: Tamanho máximo dos ficheiros de texto exibidos inline
field_watcher: Observador
setting_openid: Permitir início de sessão e registo com OpenID
field_identity_url: URL do OpenID
label_login_with_open_id_option: ou início de sessão com OpenID
field_content: Conteúdo
label_descending: Descendente
label_sort: Ordenar

3
config/locales/ro.yml
View File

@@ -276,7 +276,6 @@ ro:
field_parent_title: Pagina superioara
field_editable: Modificabil
field_watcher: Urmărește
field_identity_url: URL OpenID
field_content: Conținut
setting_app_title: Titlu aplicație
@@ -316,7 +315,6 @@ ro:
setting_diff_max_lines_displayed: Număr maxim de linii de diferență afișate
setting_file_max_size_displayed: Număr maxim de fișiere text afișate în pagină (inline)
setting_repository_log_display_limit: Număr maxim de revizii afișate în istoricul fișierului
setting_openid: Permite înregistrare și autentificare cu OpenID
permission_edit_project: Editează proiectul
permission_select_project_modules: Alege module pentru proiect
@@ -422,7 +420,6 @@ ro:
label_information: Informație
label_information_plural: Informații
label_register: Înregistrare
label_login_with_open_id_option: sau autentificare cu OpenID
label_password_lost: Parolă uitată
label_home: Acasă
label_my_page: Pagina mea

3
config/locales/ru.yml
View File

@@ -342,7 +342,6 @@ ru:
field_host: Компьютер
field_hours: час(а,ов)
field_identifier: Уникальный идентификатор
field_identity_url: OpenID URL
field_is_closed: Задача закрыта
field_is_default: Значение по умолчанию
field_is_filter: Используется в качестве фильтра
@@ -559,7 +558,6 @@ ru:
label_loading: Загрузка...
label_logged_as: Вошли как
label_login: Войти
label_login_with_open_id_option: или войти с помощью OpenID
label_logout: Выйти
label_max_size: Максимальный размер
label_member_new: Новый участник
@@ -857,7 +855,6 @@ ru:
setting_mail_from: Исходящий email адрес
setting_mail_handler_api_enabled: Включить веб-сервис для входящих сообщений
setting_mail_handler_api_key: API ключ
setting_openid: Разрешить OpenID для входа и регистрации
setting_per_page_options: Количество записей на страницу
setting_plain_text_mail: Только простой текст (без HTML)
setting_protocol: Протокол

3
config/locales/sk.yml
View File

@@ -784,9 +784,6 @@ sk:
setting_repository_log_display_limit: Maximálny počet revízií zobrazených v log súbore
setting_file_max_size_displayed: Maximálna veľkosť textových súborov zobrazených priamo na stránke
field_watcher: Pozorovatelia
setting_openid: Povoliť prihlasovanie a registráciu pomocou OpenID
field_identity_url: OpenID URL
label_login_with_open_id_option: alebo sa prihlásiť pomocou OpenID
field_content: Obsah
label_descending: Zostupne
label_sort: Zoradenie

3
config/locales/sl.yml
View File

@@ -785,9 +785,6 @@ sl:
setting_repository_log_display_limit: Največje število prikazanih revizij v log datoteki
setting_file_max_size_displayed: Največja velikost besedilnih datotek v vključenem prikazu
field_watcher: Opazovalec
setting_openid: Dovoli OpenID prijavo in registracijo
field_identity_url: OpenID URL
label_login_with_open_id_option: ali se prijavi z OpenID
field_content: Vsebina
label_descending: Padajoče
label_sort: Razvrsti

3
config/locales/sq.yml
View File

@@ -310,7 +310,6 @@ sq:
field_parent_title: Parent page
field_editable: Editable
field_watcher: Watcher
field_identity_url: OpenID URL
field_content: Content
field_group_by: Group results by
field_sharing: Sharing
@@ -371,7 +370,6 @@ sq:
setting_diff_max_lines_displayed: Maximum number of diff lines displayed
setting_file_max_size_displayed: Maximum size of text files displayed inline
setting_repository_log_display_limit: Maximum number of revisions displayed on file log
setting_openid: Allow OpenID login and registration
setting_password_min_length: Minimum password length
setting_new_project_user_role_id: Role given to a non-admin user who creates a project
setting_default_projects_modules: Default enabled modules for new projects
@@ -512,7 +510,6 @@ sq:
label_information: Informacion
label_information_plural: Informacione
label_register: Regjistrohu
label_login_with_open_id_option: ose lidhu me OpenID
label_password_lost: Fjalekalim i humbur
label_home: Home
label_my_page: Faqja ime

3
config/locales/sr-YU.yml
View File

@@ -304,7 +304,6 @@ sr-YU:
field_parent_title: Matična stranica
field_editable: Izmenljivo
field_watcher: Posmatrač
field_identity_url: OpenID URL
field_content: Sadržaj
field_group_by: Grupisanje rezultata po
field_sharing: Deljenje
@@ -349,7 +348,6 @@ sr-YU:
setting_diff_max_lines_displayed: Maks. broj prikazanih različitih linija
setting_file_max_size_displayed: Maks. veličina tekst. datoteka prikazanih umetnuto
setting_repository_log_display_limit: Maks. broj revizija prikazanih u datoteci za evidenciju
setting_openid: Dozvoli OpenID prijavu i registraciju
setting_password_min_length: Minimalna dužina lozinke
setting_new_project_user_role_id: Kreatoru projekta (koji nije administrator) dodeljuje je uloga
setting_default_projects_modules: Podrazumevano omogućeni moduli za nove projekte
@@ -472,7 +470,6 @@ sr-YU:
label_information: Informacija
label_information_plural: Informacije
label_register: Registracija
label_login_with_open_id_option: ili prijava sa OpenID
label_password_lost: Izgubljena lozinka
label_home: Početak
label_my_page: Moja stranica

3
config/locales/sr.yml
View File

@@ -302,7 +302,6 @@ sr:
field_parent_title: Матична страница
field_editable: Изменљиво
field_watcher: Посматрач
field_identity_url: OpenID URL
field_content: Садржај
field_group_by: Груписање резултата по
field_sharing: Дељење
@@ -347,7 +346,6 @@ sr:
setting_diff_max_lines_displayed: Макс. број приказаних различитих линија
setting_file_max_size_displayed: Макс. величина текст. датотека приказаних уметнуто
setting_repository_log_display_limit: Макс. број ревизија приказаних у датотеци за евиденцију
setting_openid: Дозволи OpenID пријаву и регистрацију
setting_password_min_length: Минимална дужина лозинке
setting_new_project_user_role_id: Креатору пројекта (који није администратор) додељује је улога
setting_default_projects_modules: Подразумевано омогућени модули за нове пројекте
@@ -470,7 +468,6 @@ sr:
label_information: Информација
label_information_plural: Информације
label_register: Регистрација
label_login_with_open_id_option: или пријава са OpenID
label_password_lost: Изгубљена лозинка
label_home: Почетак
label_my_page: Моја страница

3
config/locales/sv.yml
View File

@@ -355,7 +355,6 @@ sv:
field_parent_title: Föräldersida
field_editable: Redigerbar
field_watcher: Bevakare
field_identity_url: OpenID URL
field_content: Innehåll
field_group_by: Gruppera resultat efter
field_sharing: Delning
@@ -425,7 +424,6 @@ sv:
setting_diff_max_lines_displayed: Maximalt antal synliga rader i diff
setting_file_max_size_displayed: Maxstorlek på textfiler som visas inline
setting_repository_log_display_limit: Maximalt antal revisioner i filloggen
setting_openid: Tillåt inloggning och registrering med OpenID
setting_password_min_length: Minsta tillåtna lösenordslängd
setting_new_project_user_role_id: Tilldelad roll för en icke-administratör som skapar ett projekt
setting_default_projects_modules: Aktiverade moduler för nya projekt
@@ -579,7 +577,6 @@ sv:
label_information: Information
label_information_plural: Information
label_register: Registrera
label_login_with_open_id_option: eller logga in med OpenID
label_password_lost: Glömt lösenord
label_home: Hem
label_my_page: Min sida

3
config/locales/th.yml
View File

@@ -784,9 +784,6 @@ th:
setting_repository_log_display_limit: Maximum number of revisions displayed on file log
setting_file_max_size_displayed: Max size of text files displayed inline
field_watcher: Watcher
setting_openid: Allow OpenID login and registration
field_identity_url: OpenID URL
label_login_with_open_id_option: or login with OpenID
field_content: Content
label_descending: Descending
label_sort: Sort

3
config/locales/tr.yml
View File

@@ -800,9 +800,6 @@ tr:
setting_repository_log_display_limit: Dosya kaydında gösterilecek maksimum değişim sayısı
setting_file_max_size_displayed: Dahili olarak gösterilecek metin dosyaları için maksimum satır sayısı
field_watcher: Takipçi
setting_openid: Kayıt ve giriş için OpenID'ye izin ver
field_identity_url: OpenID URL
label_login_with_open_id_option: veya OpenID kullanın
field_content: İçerik
label_descending: Azalan
label_sort: Sırala

3
config/locales/uk.yml
View File

@@ -799,9 +799,6 @@ uk:
setting_repository_log_display_limit: Максимальна кількість редакцій, відображених в журналі змін
setting_file_max_size_displayed: Максимальний розмір текстового файлу для відображення
field_watcher: Спостерігач
setting_openid: Дозволити OpenID для входу та реєстрації
field_identity_url: OpenID URL
label_login_with_open_id_option: або війти з допомогою OpenID
field_content: Вміст
label_descending: За спаданням
label_sort: Сортувати

3
config/locales/vi.yml
View File

@@ -839,9 +839,6 @@ vi:
setting_repository_log_display_limit: Số lượng tối đa các bản điều chỉnh hiển thị trong file log
setting_file_max_size_displayed: Kích thước tối đa của tệp tin văn bản
field_watcher: Người quan sát
setting_openid: Cho phép đăng nhập và đăng ký dùng OpenID
field_identity_url: OpenID URL
label_login_with_open_id_option: hoặc đăng nhập với OpenID
field_content: Nội dung
label_descending: Giảm dần
label_sort: Sắp xếp

3
config/locales/zh-TW.yml
View File

@@ -423,7 +423,6 @@
field_parent_title: 父頁面
field_editable: 可編輯
field_watcher: 監看員
field_identity_url: OpenID 網址
field_content: 內容
field_group_by: 結果分組方式
field_sharing: 共用
@@ -510,7 +509,6 @@
setting_diff_max_lines_displayed: 差異顯示行數之最大值
setting_file_max_size_displayed: 檔案內容顯示大小之最大值
setting_repository_log_display_limit: 修訂版顯示數目之最大值
setting_openid: 允許使用 OpenID 登入與註冊
setting_password_max_age: 必須在多少天後變更密碼
setting_password_min_length: 密碼最小長度
setting_lost_password: 允許使用電子郵件重新設定密碼
@@ -686,7 +684,6 @@
label_information: 資訊
label_information_plural: 資訊
label_register: 註冊
label_login_with_open_id_option: 或使用 OpenID 登入
label_password_lost: 遺失密碼
label_password_required: 確認您的密碼後繼續
label_home: 網站首頁

3
config/locales/zh.yml
View File

@@ -308,7 +308,6 @@ zh:
field_parent_title: 上级页面
field_editable: 可编辑
field_watcher: 关注者
field_identity_url: OpenID URL
field_content: 内容
field_group_by: 根据此条件分组
field_sharing: 共享
@@ -358,7 +357,6 @@ zh:
setting_diff_max_lines_displayed: 查看差别页面上显示的最大行数
setting_file_max_size_displayed: 允许直接显示的最大文本文件
setting_repository_log_display_limit: 在文件变更记录页面上显示的最大修订版本数量
setting_openid: 允许使用OpenID登录和注册
setting_password_min_length: 最短密码长度
setting_new_project_user_role_id: 非管理员用户新建项目时将被赋予的(在该项目中的)角色
setting_default_projects_modules: 新建项目默认启用的模块
@@ -487,7 +485,6 @@ zh:
label_information: 信息
label_information_plural: 信息
label_register: 注册
label_login_with_open_id_option: 或使用OpenID登录
label_password_lost: 忘记密码
label_home: 主页
label_my_page: 我的工作台

3
config/settings.yml
View File

@@ -303,9 +303,6 @@ emails_footer:
To change your notification preferences, please click here: http://hostname/my/account
gravatar_enabled:
default: 0
openid:
default: 0
security_notifications: 1
gravatar_default:
default: 'identicon'
start_of_week:

5
db/migrate/20211213122100_remove_identity_url_from_users.rb Normal file
View File

@@ -0,0 +1,5 @@
class RemoveIdentityUrlFromUsers < ActiveRecord::Migration[6.1]
def change
remove_column :users, :identity_url, :string
end
end

18
db/migrate/20211213122101_drop_open_id_authentication_tables.rb Normal file
View File

@@ -0,0 +1,18 @@
class DropOpenIdAuthenticationTables < ActiveRecord::Migration[6.1]
def change
drop_table :open_id_authentication_associations do |t|
t.integer "issued"
t.integer "lifetime"
t.string "handle"
t.string "assoc_type"
t.binary "server_url"
t.binary "secret"
end
drop_table :open_id_authentication_nonces do |t|
t.integer "timestamp", null: false
t.string "server_url"
t.string "salt", null: false
end
end
end

5
db/migrate/20211213122102_remove_open_id_setting.rb Normal file
View File

@@ -0,0 +1,5 @@
class RemoveOpenIdSetting < ActiveRecord::Migration[6.1]
def change
Setting.where(:name => 'openid').delete_all
end
end

37
lib/plugins/open_id_authentication/CHANGELOG
View File

@@ -1,37 +0,0 @@
* Dump heavy lifting off to rack-openid gem. OpenIdAuthentication is just a simple controller concern.
* Fake HTTP method from OpenID server since they only support a GET. Eliminates the need to set an extra route to match the server's reply. [Josh Peek]
* OpenID 2.0 recommends that forms should use the field name "openid_identifier" rather than "openid_url" [Josh Peek]
* Return open_id_response.display_identifier to the application instead of .endpoints.claimed_id. [nbibler]
* Add Timeout protection [Rick]
* An invalid identity url passed through authenticate_with_open_id will no longer raise an InvalidOpenId exception. Instead it will return Result[:missing] to the completion block.
* Allow a return_to option to be used instead of the requested url [Josh Peek]
* Updated plugin to use Ruby OpenID 2.x.x [Josh Peek]
* Tied plugin to ruby-openid 1.1.4 gem until we can make it compatible with 2.x [DHH]
* Use URI instead of regexps to normalize the URL and gain free, better matching #8136 [dkubb]
* Allow -'s in #normalize_url [Rick]
* remove instance of mattr_accessor, it was breaking tests since they don't load ActiveSupport. Fix Timeout test [Rick]
* Throw a InvalidOpenId exception instead of just a RuntimeError when the URL can't be normalized [DHH]
* Just use the path for the return URL, so extra query parameters don't interfere [DHH]
* Added a new default database-backed store after experiencing trouble with the filestore on NFS. The file store is still available as an option [DHH]
* Added normalize_url and applied it to all operations going through the plugin [DHH]
* Removed open_id? as the idea of using the same input box for both OpenID and username has died -- use using_open_id? instead (which checks for the presence of params[:openid_url] by default) [DHH]
* Added OpenIdAuthentication::Result to make it easier to deal with default situations where you don't care to do something particular for each error state [DHH]
* Stop relying on root_url being defined, we can just grab the current url instead [DHH]

223
lib/plugins/open_id_authentication/README
View File

@@ -1,223 +0,0 @@
OpenIdAuthentication
====================
Provides a thin wrapper around the excellent ruby-openid gem from JanRan. Be sure to install that first:
gem install ruby-openid
To understand what OpenID is about and how it works, it helps to read the documentation for lib/openid/consumer.rb
from that gem.
The specification used is http://openid.net/specs/openid-authentication-2_0.html.
Prerequisites
=============
OpenID authentication uses the session, so be sure that you haven't turned that off.
Alternatively, you can use the file-based store, which just relies on on tmp/openids being present in RAILS_ROOT. But be aware that this store only works if you have a single application server. And it's not safe to use across NFS. It's recommended that you use the database store if at all possible. To use the file-based store, you'll also have to add this line to your config/environment.rb:
OpenIdAuthentication.store = :file
This particular plugin also relies on the fact that the authentication action allows for both POST and GET operations.
If you're using RESTful authentication, you'll need to explicitly allow for this in your routes.rb.
The plugin also expects to find a root_url method that points to the home page of your site. You can accomplish this by using a root route in config/routes.rb:
map.root :controller => 'articles'
This plugin relies on Rails Edge revision 6317 or newer.
Example
=======
This example is just to meant to demonstrate how you could use OpenID authentication. You might well want to add
salted hash logins instead of plain text passwords and other requirements on top of this. Treat it as a starting point,
not a destination.
Note that the User model referenced in the simple example below has an 'identity_url' attribute. You will want to add the same or similar field to whatever
model you are using for authentication.
Also of note is the following code block used in the example below:
authenticate_with_open_id do |result, identity_url|
...
end
In the above code block, 'identity_url' will need to match user.identity_url exactly. 'identity_url' will be a string in the form of 'http://example.com' -
If you are storing just 'example.com' with your user, the lookup will fail.
There is a handy method in this plugin called 'normalize_url' that will help with validating OpenID URLs.
OpenIdAuthentication.normalize_url(user.identity_url)
The above will return a standardized version of the OpenID URL - the above called with 'example.com' will return 'http://example.com/'
It will also raise an InvalidOpenId exception if the URL is determined to not be valid.
Use the above code in your User model and validate OpenID URLs before saving them.
config/routes.rb
map.root :controller => 'articles'
map.resource :session
app/views/sessions/new.erb
<% form_tag(session_url) do %>
<p>
<label for="name">Username:</label>
<%= text_field_tag "name" %>
</p>
<p>
<label for="password">Password:</label>
<%= password_field_tag %>
</p>
<p>
...or use:
</p>
<p>
<label for="openid_identifier">OpenID:</label>
<%= text_field_tag "openid_identifier" %>
</p>
<p>
<%= submit_tag 'Sign in', :disable_with => "Signing in&hellip;" %>
</p>
<% end %>
app/controllers/sessions_controller.rb
class SessionsController < ApplicationController
def create
if using_open_id?
open_id_authentication
else
password_authentication(params[:name], params[:password])
end
end
protected
def password_authentication(name, password)
if @current_user = @account.users.authenticate(params[:name], params[:password])
successful_login
else
failed_login "Sorry, that username/password doesn't work"
end
end
def open_id_authentication
authenticate_with_open_id do |result, identity_url|
if result.successful?
if @current_user = @account.users.find_by_identity_url(identity_url)
successful_login
else
failed_login "Sorry, no user by that identity URL exists (#{identity_url})"
end
else
failed_login result.message
end
end
end
private
def successful_login
session[:user_id] = @current_user.id
redirect_to(root_url)
end
def failed_login(message)
flash[:error] = message
redirect_to(new_session_url)
end
end
If you're fine with the result messages above and don't need individual logic on a per-failure basis,
you can collapse the case into a mere boolean:
def open_id_authentication
authenticate_with_open_id do |result, identity_url|
if result.successful? && @current_user = @account.users.find_by_identity_url(identity_url)
successful_login
else
failed_login(result.message || "Sorry, no user by that identity URL exists (#{identity_url})")
end
end
end
Simple Registration OpenID Extension
====================================
Some OpenID Providers support this lightweight profile exchange protocol. See more: http://www.openidenabled.com/openid/simple-registration-extension
You can support it in your app by changing #open_id_authentication
def open_id_authentication(identity_url)
# Pass optional :required and :optional keys to specify what sreg fields you want.
# Be sure to yield registration, a third argument in the #authenticate_with_open_id block.
authenticate_with_open_id(identity_url,
:required => [ :nickname, :email ],
:optional => :fullname) do |result, identity_url, registration|
case result.status
when :missing
failed_login "Sorry, the OpenID server couldn't be found"
when :invalid
failed_login "Sorry, but this does not appear to be a valid OpenID"
when :canceled
failed_login "OpenID verification was canceled"
when :failed
failed_login "Sorry, the OpenID verification failed"
when :successful
if @current_user = @account.users.find_by_identity_url(identity_url)
assign_registration_attributes!(registration)
if current_user.save
successful_login
else
failed_login "Your OpenID profile registration failed: " +
@current_user.errors.full_messages.to_sentence
end
else
failed_login "Sorry, no user by that identity URL exists"
end
end
end
end
# registration is a hash containing the valid sreg keys given above
# use this to map them to fields of your user model
def assign_registration_attributes!(registration)
model_to_registration_mapping.each do |model_attribute, registration_attribute|
unless registration[registration_attribute].blank?
@current_user.send("#{model_attribute}=", registration[registration_attribute])
end
end
end
def model_to_registration_mapping
{ :login => 'nickname', :email => 'email', :display_name => 'fullname' }
end
Attribute Exchange OpenID Extension
===================================
Some OpenID providers also support the OpenID AX (attribute exchange) protocol for exchanging identity information between endpoints. See more: http://openid.net/specs/openid-attribute-exchange-1_0.html
Accessing AX data is very similar to the Simple Registration process, described above -- just add the URI identifier for the AX field to your :optional or :required parameters. For example:
authenticate_with_open_id(identity_url,
:required => [ :email, 'http://schema.openid.net/birthDate' ]) do |result, identity_url, registration|
This would provide the sreg data for :email, and the AX data for 'http://schema.openid.net/birthDate'
Copyright (c) 2007 David Heinemeier Hansson, released under the MIT license

22
lib/plugins/open_id_authentication/Rakefile
View File

@@ -1,22 +0,0 @@
require 'rake'
require 'rake/testtask'
require 'rake/rdoctask'
desc 'Default: run unit tests.'
task :default => :test
desc 'Test the open_id_authentication plugin.'
Rake::TestTask.new(:test) do |t|
t.libs << 'lib'
t.pattern = 'test/**/*_test.rb'
t.verbose = true
end
desc 'Generate documentation for the open_id_authentication plugin.'
Rake::RDocTask.new(:rdoc) do |rdoc|
rdoc.rdoc_dir = 'rdoc'
rdoc.title = 'OpenIdAuthentication'
rdoc.options << '--line-numbers' << '--inline-source'
rdoc.rdoc_files.include('README')
rdoc.rdoc_files.include('lib/**/*.rb')
end

11
lib/plugins/open_id_authentication/generators/open_id_authentication_tables/open_id_authentication_tables_generator.rb
View File

@@ -1,11 +0,0 @@
class OpenIdAuthenticationTablesGenerator < Rails::Generator::NamedBase
def initialize(runtime_args, runtime_options = {})
super
end
def manifest
record do |m|
m.migration_template 'migration.rb', 'db/migrate'
end
end
end

20
lib/plugins/open_id_authentication/generators/open_id_authentication_tables/templates/migration.rb
View File

@@ -1,20 +0,0 @@
class <%= class_name %> < ActiveRecord::Migration
def self.up
create_table :open_id_authentication_associations, :force => true do |t|
t.integer :issued, :lifetime
t.string :handle, :assoc_type
t.binary :server_url, :secret
end
create_table :open_id_authentication_nonces, :force => true do |t|
t.integer :timestamp, :null => false
t.string :server_url, :null => true
t.string :salt, :null => false
end
end
def self.down
drop_table :open_id_authentication_associations
drop_table :open_id_authentication_nonces
end
end

26
lib/plugins/open_id_authentication/generators/upgrade_open_id_authentication_tables/templates/migration.rb
View File

@@ -1,26 +0,0 @@
class <%= class_name %> < ActiveRecord::Migration
def self.up
drop_table :open_id_authentication_settings
drop_table :open_id_authentication_nonces
create_table :open_id_authentication_nonces, :force => true do |t|
t.integer :timestamp, :null => false
t.string :server_url, :null => true
t.string :salt, :null => false
end
end
def self.down
drop_table :open_id_authentication_nonces
create_table :open_id_authentication_nonces, :force => true do |t|
t.integer :created
t.string :nonce
end
create_table :open_id_authentication_settings, :force => true do |t|
t.string :setting
t.binary :value
end
end
end

11
lib/plugins/open_id_authentication/generators/upgrade_open_id_authentication_tables/upgrade_open_id_authentication_tables_generator.rb
View File

@@ -1,11 +0,0 @@
class UpgradeOpenIdAuthenticationTablesGenerator < Rails::Generator::NamedBase
def initialize(runtime_args, runtime_options = {})
super
end
def manifest
record do |m|
m.migration_template 'migration.rb', 'db/migrate'
end
end
end

10
lib/plugins/open_id_authentication/init.rb
View File

@@ -1,10 +0,0 @@
# frozen_string_literal: false
require File.dirname(__FILE__) + '/lib/open_id_authentication'
config.middleware.use OpenIdAuthentication
config.after_initialize do
OpenID::Util.logger = Rails.logger
ActionController::Base.send :include, OpenIdAuthentication
end

159
lib/plugins/open_id_authentication/lib/open_id_authentication.rb
View File

@@ -1,159 +0,0 @@
require 'uri'
require 'openid'
require 'rack/openid'
module OpenIdAuthentication
def self.new(app)
store = OpenIdAuthentication.store
if store.nil?
Rails.logger.warn "OpenIdAuthentication.store is nil. Using in-memory store."
end
::Rack::OpenID.new(app, OpenIdAuthentication.store)
end
def self.store
@@store
end
def self.store=(*store_option)
store, *parameters = *([ store_option ].flatten)
@@store = case store
when :memory
require 'openid/store/memory'
OpenID::Store::Memory.new
when :file
require 'openid/store/filesystem'
OpenID::Store::Filesystem.new(Rails.root.join('tmp/openids'))
when :memcache
require 'memcache'
require 'openid/store/memcache'
OpenID::Store::Memcache.new(MemCache.new(parameters))
else
store
end
end
self.store = nil
class InvalidOpenId < StandardError
end
class Result
ERROR_MESSAGES = {
:missing => "Sorry, the OpenID server couldn't be found",
:invalid => "Sorry, but this does not appear to be a valid OpenID",
:canceled => "OpenID verification was canceled",
:failed => "OpenID verification failed",
:setup_needed => "OpenID verification needs setup"
}
def self.[](code)
new(code)
end
def initialize(code)
@code = code
end
def status
@code
end
ERROR_MESSAGES.each_key { |state| define_method("#{state}?") { @code == state } }
def successful?
@code == :successful
end
def unsuccessful?
ERROR_MESSAGES.keys.include?(@code)
end
def message
ERROR_MESSAGES[@code]
end
end
# normalizes an OpenID according to http://openid.net/specs/openid-authentication-2_0.html#normalization
def self.normalize_identifier(identifier)
# clean up whitespace
identifier = identifier.to_s.strip
# if an XRI has a prefix, strip it.
identifier.gsub!(/xri:\/\//i, '')
# dodge XRIs -- TODO: validate, don't just skip.
unless ['=', '@', '+', '$', '!', '('].include?(identifier.at(0))
# does it begin with http? if not, add it.
identifier = +"http://#{identifier}" unless /^http/i.match?(identifier)
# strip any fragments
identifier.gsub!(/\#(.*)$/, '')
begin
uri = URI.parse(identifier)
uri.scheme = uri.scheme.downcase if uri.scheme # URI should do this
identifier = uri.normalize.to_s
rescue URI::InvalidURIError
raise InvalidOpenId.new("#{identifier} is not an OpenID identifier")
end
end
return identifier
end
protected
# The parameter name of "openid_identifier" is used rather than
# the Rails convention "open_id_identifier" because that's what
# the specification dictates in order to get browser auto-complete
# working across sites
def using_open_id?(identifier = nil)
identifier ||= open_id_identifier
!identifier.blank? || request.env[Rack::OpenID::RESPONSE]
end
def authenticate_with_open_id(identifier = nil, options = {}, &block)
identifier ||= open_id_identifier
if request.env[Rack::OpenID::RESPONSE]
complete_open_id_authentication(&block)
else
begin_open_id_authentication(identifier, options, &block)
end
end
private
def open_id_identifier
params[:openid_identifier] || params[:openid_url]
end
def begin_open_id_authentication(identifier, options = {})
options[:identifier] = identifier
value = Rack::OpenID.build_header(options)
response.headers[Rack::OpenID::AUTHENTICATE_HEADER] = value
head :unauthorized
end
def complete_open_id_authentication
response = request.env[Rack::OpenID::RESPONSE]
identifier = response.display_identifier
case response.status
when OpenID::Consumer::SUCCESS
yield Result[:successful], identifier,
OpenID::SReg::Response.from_success_response(response)
when :missing
yield Result[:missing], identifier, nil
when :invalid
yield Result[:invalid], identifier, nil
when OpenID::Consumer::CANCEL
yield Result[:canceled], identifier, nil
when OpenID::Consumer::FAILURE
yield Result[:failed], identifier, nil
when OpenID::Consumer::SETUP_NEEDED
yield Result[:setup_needed], response.setup_url, nil
end
end
end

11
lib/plugins/open_id_authentication/lib/open_id_authentication/association.rb
View File

@@ -1,11 +0,0 @@
# frozen_string_literal: true
module OpenIdAuthentication
class Association < ActiveRecord::Base
self.table_name = :open_id_authentication_associations
def from_record
OpenID::Association.new(handle, secret, issued, lifetime, assoc_type)
end
end
end

57
lib/plugins/open_id_authentication/lib/open_id_authentication/db_store.rb
View File

@@ -1,57 +0,0 @@
# frozen_string_literal: false
require 'openid/store/interface'
module OpenIdAuthentication
class DbStore < OpenID::Store::Interface
def self.cleanup_nonces
now = Time.now.to_i
Nonce.delete_all(["timestamp > ? OR timestamp < ?", now + OpenID::Nonce.skew, now - OpenID::Nonce.skew])
end
def self.cleanup_associations
now = Time.now.to_i
Association.delete_all(['issued + lifetime > ?',now])
end
def store_association(server_url, assoc)
remove_association(server_url, assoc.handle)
Association.create(:server_url => server_url,
:handle => assoc.handle,
:secret => assoc.secret,
:issued => assoc.issued,
:lifetime => assoc.lifetime,
:assoc_type => assoc.assoc_type)
end
def get_association(server_url, handle = nil)
assocs = if handle.blank?
Association.find_all_by_server_url(server_url)
else
Association.find_all_by_server_url_and_handle(server_url, handle)
end
assocs.reverse_each do |assoc|
a = assoc.from_record
if a.expires_in == 0
assoc.destroy
else
return a
end
end if assocs.any?
return nil
end
def remove_association(server_url, handle)
Association.delete_all(['server_url = ? AND handle = ?', server_url, handle]) > 0
end
def use_nonce(server_url, timestamp, salt)
return false if Nonce.find_by_server_url_and_timestamp_and_salt(server_url, timestamp, salt)
return false if (timestamp - Time.now.to_i).abs > OpenID::Nonce.skew
Nonce.create(:server_url => server_url, :timestamp => timestamp, :salt => salt)
return true
end
end
end

75
lib/plugins/open_id_authentication/lib/open_id_authentication/mem_cache_store.rb
View File

@@ -1,75 +0,0 @@
# frozen_string_literal: false
require 'digest/sha1'
require 'openid/store/interface'
module OpenIdAuthentication
class MemCacheStore < OpenID::Store::Interface
def initialize(*addresses)
@connection = ActiveSupport::Cache::MemCacheStore.new(addresses)
end
def store_association(server_url, assoc)
server_key = association_server_key(server_url)
assoc_key = association_key(server_url, assoc.handle)
assocs = @connection.read(server_key) || {}
assocs[assoc.issued] = assoc_key
@connection.write(server_key, assocs)
@connection.write(assoc_key, assoc, :expires_in => assoc.lifetime)
end
def get_association(server_url, handle = nil)
if handle
@connection.read(association_key(server_url, handle))
else
server_key = association_server_key(server_url)
assocs = @connection.read(server_key)
return if assocs.nil?
last_key = assocs[assocs.keys.sort.last]
@connection.read(last_key)
end
end
def remove_association(server_url, handle)
server_key = association_server_key(server_url)
assoc_key = association_key(server_url, handle)
assocs = @connection.read(server_key)
return false unless assocs && assocs.has_value?(assoc_key)
assocs = assocs.delete_if { |key, value| value == assoc_key }
@connection.write(server_key, assocs)
@connection.delete(assoc_key)
return true
end
def use_nonce(server_url, timestamp, salt)
return false if @connection.read(nonce_key(server_url, salt))
return false if (timestamp - Time.now.to_i).abs > OpenID::Nonce.skew
@connection.write(nonce_key(server_url, salt), timestamp, :expires_in => OpenID::Nonce.skew)
return true
end
private
def association_key(server_url, handle = nil)
"openid_association_#{digest(server_url)}_#{digest(handle)}"
end
def association_server_key(server_url)
"openid_association_server_#{digest(server_url)}"
end
def nonce_key(server_url, salt)
"openid_nonce_#{digest(server_url)}_#{digest(salt)}"
end
def digest(text)
Digest::SHA1.hexdigest(text)
end
end
end

7
lib/plugins/open_id_authentication/lib/open_id_authentication/nonce.rb
View File

@@ -1,7 +0,0 @@
# frozen_string_literal: true
module OpenIdAuthentication
class Nonce < ActiveRecord::Base
self.table_name = :open_id_authentication_nonces
end
end

25
lib/plugins/open_id_authentication/lib/open_id_authentication/request.rb
View File

@@ -1,25 +0,0 @@
# frozen_string_literal: false
module OpenIdAuthentication
module Request
def self.included(base)
base.alias_method_chain :request_method, :openid
end
def request_method_with_openid
if !parameters[:_method].blank? && parameters[:open_id_complete] == '1'
parameters[:_method].to_sym
else
request_method_without_openid
end
end
end
end
# In Rails 2.3, the request object has been renamed
# from AbstractRequest to Request
if defined? ActionController::Request
ActionController::Request.send :include, OpenIdAuthentication::Request
else
ActionController::AbstractRequest.send :include, OpenIdAuthentication::Request
end

22
lib/plugins/open_id_authentication/lib/open_id_authentication/timeout_fixes.rb
View File

@@ -1,22 +0,0 @@
# frozen_string_literal: true
# http://trac.openidenabled.com/trac/ticket/156
module OpenID
@@timeout_threshold = 20
def self.timeout_threshold
@@timeout_threshold
end
def self.timeout_threshold=(value)
@@timeout_threshold = value
end
class StandardFetcher
def make_http(uri)
http = @proxy.new(uri.host, uri.port)
http.read_timeout = http.open_timeout = OpenID.timeout_threshold
http
end
end
end

30
lib/plugins/open_id_authentication/lib/tasks/open_id_authentication_tasks.rake
View File

@@ -1,30 +0,0 @@
namespace :open_id_authentication do
namespace :db do
desc "Creates authentication tables for use with OpenIdAuthentication"
task :create => :environment do
generate_migration(["open_id_authentication_tables", "add_open_id_authentication_tables"])
end
desc "Upgrade authentication tables from ruby-openid 1.x.x to 2.x.x"
task :upgrade => :environment do
generate_migration(["upgrade_open_id_authentication_tables", "upgrade_open_id_authentication_tables"])
end
def generate_migration(args)
require 'rails_generator'
require 'rails_generator/scripts/generate'
if ActiveRecord::Base.connection.supports_migrations?
Rails::Generator::Scripts::Generate.new.run(args)
else
raise "Task unavailable to this database (no migration support)"
end
end
desc "Clear the authentication tables"
task :clear => :environment do
OpenIdAuthentication::DbStore.cleanup_nonces
OpenIdAuthentication::DbStore.cleanup_associations
end
end
end

151
lib/plugins/open_id_authentication/test/mem_cache_store_test.rb
View File

@@ -1,151 +0,0 @@
require File.dirname(__FILE__) + '/test_helper'
require File.dirname(__FILE__) + '/../lib/open_id_authentication/mem_cache_store'
# Mock MemCacheStore with MemoryStore for testing
class OpenIdAuthentication::MemCacheStore < OpenID::Store::Interface
def initialize(*addresses)
@connection = ActiveSupport::Cache::MemoryStore.new
end
end
class MemCacheStoreTest < Test::Unit::TestCase
ALLOWED_HANDLE = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~'
def setup
@store = OpenIdAuthentication::MemCacheStore.new
end
def test_store
server_url = "http://www.myopenid.com/openid"
assoc = gen_assoc(0)
# Make sure that a missing association returns no result
assert_retrieve(server_url)
# Check that after storage, getting returns the same result
@store.store_association(server_url, assoc)
assert_retrieve(server_url, nil, assoc)
# more than once
assert_retrieve(server_url, nil, assoc)
# Storing more than once has no ill effect
@store.store_association(server_url, assoc)
assert_retrieve(server_url, nil, assoc)
# Removing an association that does not exist returns not present
assert_remove(server_url, assoc.handle + 'x', false)
# Removing an association that does not exist returns not present
assert_remove(server_url + 'x', assoc.handle, false)
# Removing an association that is present returns present
assert_remove(server_url, assoc.handle, true)
# but not present on subsequent calls
assert_remove(server_url, assoc.handle, false)
# Put assoc back in the store
@store.store_association(server_url, assoc)
# More recent and expires after assoc
assoc2 = gen_assoc(1)
@store.store_association(server_url, assoc2)
# After storing an association with a different handle, but the
# same server_url, the handle with the later expiration is returned.
assert_retrieve(server_url, nil, assoc2)
# We can still retrieve the older association
assert_retrieve(server_url, assoc.handle, assoc)
# Plus we can retrieve the association with the later expiration
# explicitly
assert_retrieve(server_url, assoc2.handle, assoc2)
# More recent, and expires earlier than assoc2 or assoc. Make sure
# that we're picking the one with the latest issued date and not
# taking into account the expiration.
assoc3 = gen_assoc(2, 100)
@store.store_association(server_url, assoc3)
assert_retrieve(server_url, nil, assoc3)
assert_retrieve(server_url, assoc.handle, assoc)
assert_retrieve(server_url, assoc2.handle, assoc2)
assert_retrieve(server_url, assoc3.handle, assoc3)
assert_remove(server_url, assoc2.handle, true)
assert_retrieve(server_url, nil, assoc3)
assert_retrieve(server_url, assoc.handle, assoc)
assert_retrieve(server_url, assoc2.handle, nil)
assert_retrieve(server_url, assoc3.handle, assoc3)
assert_remove(server_url, assoc2.handle, false)
assert_remove(server_url, assoc3.handle, true)
assert_retrieve(server_url, nil, assoc)
assert_retrieve(server_url, assoc.handle, assoc)
assert_retrieve(server_url, assoc2.handle, nil)
assert_retrieve(server_url, assoc3.handle, nil)
assert_remove(server_url, assoc2.handle, false)
assert_remove(server_url, assoc.handle, true)
assert_remove(server_url, assoc3.handle, false)
assert_retrieve(server_url, nil, nil)
assert_retrieve(server_url, assoc.handle, nil)
assert_retrieve(server_url, assoc2.handle, nil)
assert_retrieve(server_url, assoc3.handle, nil)
assert_remove(server_url, assoc2.handle, false)
assert_remove(server_url, assoc.handle, false)
assert_remove(server_url, assoc3.handle, false)
end
def test_nonce
server_url = "http://www.myopenid.com/openid"
[server_url, ''].each do |url|
nonce1 = OpenID::Nonce::mk_nonce
assert_nonce(nonce1, true, url, "#{url}: nonce allowed by default")
assert_nonce(nonce1, false, url, "#{url}: nonce not allowed twice")
assert_nonce(nonce1, false, url, "#{url}: nonce not allowed third time")
# old nonces shouldn't pass
old_nonce = OpenID::Nonce::mk_nonce(3600)
assert_nonce(old_nonce, false, url, "Old nonce #{old_nonce.inspect} passed")
end
end
private
def gen_assoc(issued, lifetime = 600)
secret = OpenID::CryptUtil.random_string(20, nil)
handle = OpenID::CryptUtil.random_string(128, ALLOWED_HANDLE)
OpenID::Association.new(handle, secret, Time.now + issued, lifetime, 'HMAC-SHA1')
end
def assert_retrieve(url, handle = nil, expected = nil)
assoc = @store.get_association(url, handle)
if expected.nil?
assert_nil(assoc)
else
assert_equal(expected, assoc)
assert_equal(expected.handle, assoc.handle)
assert_equal(expected.secret, assoc.secret)
end
end
def assert_remove(url, handle, expected)
present = @store.remove_association(url, handle)
assert_equal(expected, present)
end
def assert_nonce(nonce, expected, server_url, msg = "")
stamp, salt = OpenID::Nonce::split_nonce(nonce)
actual = @store.use_nonce(server_url, stamp, salt)
assert_equal(expected, actual, msg)
end
end

32
lib/plugins/open_id_authentication/test/normalize_test.rb
View File

@@ -1,32 +0,0 @@
require File.dirname(__FILE__) + '/test_helper'
class NormalizeTest < Test::Unit::TestCase
include OpenIdAuthentication
NORMALIZATIONS = {
"openid.aol.com/nextangler" => "http://openid.aol.com/nextangler",
"http://openid.aol.com/nextangler" => "http://openid.aol.com/nextangler",
"https://openid.aol.com/nextangler" => "https://openid.aol.com/nextangler",
"HTTP://OPENID.AOL.COM/NEXTANGLER" => "http://openid.aol.com/NEXTANGLER",
"HTTPS://OPENID.AOL.COM/NEXTANGLER" => "https://openid.aol.com/NEXTANGLER",
"loudthinking.com" => "http://loudthinking.com/",
"http://loudthinking.com" => "http://loudthinking.com/",
"http://loudthinking.com:80" => "http://loudthinking.com/",
"https://loudthinking.com:443" => "https://loudthinking.com/",
"http://loudthinking.com:8080" => "http://loudthinking.com:8080/",
"techno-weenie.net" => "http://techno-weenie.net/",
"http://techno-weenie.net" => "http://techno-weenie.net/",
"http://techno-weenie.net " => "http://techno-weenie.net/",
"=name" => "=name"
}
def test_normalizations
NORMALIZATIONS.each do |from, to|
assert_equal to, normalize_identifier(from)
end
end
def test_broken_open_id
assert_raises(InvalidOpenId) { normalize_identifier(nil) }
end
end

46
lib/plugins/open_id_authentication/test/open_id_authentication_test.rb
View File

@@ -1,46 +0,0 @@
require File.dirname(__FILE__) + '/test_helper'
class OpenIdAuthenticationTest < Test::Unit::TestCase
def setup
@controller = Class.new do
include OpenIdAuthentication
def params() {} end
end.new
end
def test_authentication_should_fail_when_the_identity_server_is_missing
open_id_consumer = mock()
open_id_consumer.expects(:begin).raises(OpenID::OpenIDError)
@controller.expects(:open_id_consumer).returns(open_id_consumer)
@controller.expects(:logger).returns(mock(:error => true))
@controller.send(:authenticate_with_open_id, "http://someone.example.com") do |result, identity_url|
assert result.missing?
assert_equal "Sorry, the OpenID server couldn't be found", result.message
end
end
def test_authentication_should_be_invalid_when_the_identity_url_is_invalid
@controller.send(:authenticate_with_open_id, "!") do |result, identity_url|
assert result.invalid?, "Result expected to be invalid but was not"
assert_equal "Sorry, but this does not appear to be a valid OpenID", result.message
end
end
def test_authentication_should_fail_when_the_identity_server_times_out
open_id_consumer = mock()
open_id_consumer.expects(:begin).raises(Timeout::Error, "Identity Server took too long.")
@controller.expects(:open_id_consumer).returns(open_id_consumer)
@controller.expects(:logger).returns(mock(:error => true))
@controller.send(:authenticate_with_open_id, "http://someone.example.com") do |result, identity_url|
assert result.missing?
assert_equal "Sorry, the OpenID server couldn't be found", result.message
end
end
def test_authentication_should_begin_when_the_identity_server_is_present
@controller.expects(:begin_open_id_authentication)
@controller.send(:authenticate_with_open_id, "http://someone.example.com")
end
end

14
lib/plugins/open_id_authentication/test/status_test.rb
View File

@@ -1,14 +0,0 @@
require File.dirname(__FILE__) + '/test_helper'
class StatusTest < Test::Unit::TestCase
include OpenIdAuthentication
def test_state_conditional
assert Result[:missing].missing?
assert Result[:missing].unsuccessful?
assert !Result[:missing].successful?
assert Result[:successful].successful?
assert !Result[:successful].unsuccessful?
end
end

17
lib/plugins/open_id_authentication/test/test_helper.rb
View File

@@ -1,17 +0,0 @@
require 'test/unit'
require 'rubygems'
gem 'activesupport'
require 'active_support'
gem 'actionpack'
require 'action_controller'
gem 'mocha'
require 'mocha/setup'
gem 'ruby-openid'
require 'openid'
RAILS_ROOT = File.dirname(__FILE__) unless defined? RAILS_ROOT
require File.dirname(__FILE__) + "/../lib/open_id_authentication"

BIN
public/images/openid-bg.gif
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 328 B

After

Width:  |  Height:  |  Size: 0 B

3
public/stylesheets/application.css
View File

@@ -129,7 +129,6 @@ pre, code {font-family: Consolas, Menlo, "Liberation Mono", Courier, monospace;}
#login-form input[type=text], #login-form input[type=password], #login-form input[type=submit] {display: block; width: 100%;}
#login-form input[type=text], #login-form input[type=password] {margin-bottom: 15px;}
#login-form a.lost_password {float:right; font-weight:normal;}
#login-form input#openid_url {background:#fff url(../images/openid-bg.gif) no-repeat 4px 50%; padding-left:24px !important;}
#login-form h3 {text-align: center;}
div.modal { border-radius:5px; background:#fff; z-index:50; padding:4px;}
@@ -734,7 +733,7 @@ ul.properties li span {font-style:italic;}
.total-hours span.hours-int { font-size: 120%; }
.autoscroll {overflow-x: auto; padding:1px; margin-bottom: 1.2em; position: relative;}
#user_login, #user_firstname, #user_lastname, #user_mail, #my_account_form select, #user_form select, #user_identity_url { width: 90%; }
#user_login, #user_firstname, #user_lastname, #user_mail, #my_account_form select, #user_form select { width: 90%; }
#workflow_copy_form select { width: 200px; }
table.transitions td.enabled {background: #bfb;}

2
public/stylesheets/rtl.css
View File

@@ -29,8 +29,6 @@ h1, h2, h3, h4 {padding:2px 00px 1px 10px;}
#login-form table {margin-left:auto; margin-right:auto;}
div.modal p.buttons {text-align:left;}
input#openid_url {padding-left:0px; padding-right:18px;}
/***** Links *****/
#sidebar a.selected {padding:1px 2px 2px 3px; margin-left:0px; margin-right:-2px;}

219
test/functional/account_controller_openid_test.rb
View File

@@ -1,219 +0,0 @@
# frozen_string_literal: true
# Redmine - project management software
# Copyright (C) 2006-2021 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
require File.expand_path('../../test_helper', __FILE__)
class AccountControllerOpenidTest < Redmine::ControllerTest
tests AccountController
fixtures :users, :roles
def setup
User.current = nil
Setting.openid = '1'
end
def teardown
Setting.openid = '0'
end
if Object.const_defined?(:OpenID)
def test_login_with_openid_for_existing_user
existing_user = User.new(:firstname => 'Cool',
:lastname => 'User',
:mail => 'user@somedomain.com',
:identity_url => 'http://openid.example.com/good_user')
existing_user.login = 'cool_user'
assert existing_user.save!
with_settings(
:openid => '1',
:self_registration => '3'
) do
post(:login, :params => {:openid_url => existing_user.identity_url})
end
assert_redirected_to '/my/page'
end
def test_login_with_invalid_openid_provider
Setting.self_registration = '0'
post(
:login,
:params => {
:openid_url => 'http;//openid.example.com/good_user'
}
)
assert_redirected_to home_url
end
def test_login_with_openid_for_existing_non_active_user
existing_user = User.new(:firstname => 'Cool',
:lastname => 'User',
:mail => 'user@somedomain.com',
:identity_url => 'http://openid.example.com/good_user',
:status => User::STATUS_REGISTERED)
existing_user.login = 'cool_user'
assert existing_user.save!
with_settings(
:openid => '1',
:self_registration => '2'
) do
post(:login, :params => {:openid_url => existing_user.identity_url})
end
assert_redirected_to '/login'
end
def test_login_with_openid_with_new_user_created
Setting.self_registration = '3'
post(
:login,
:params => {
:openid_url => 'http://openid.example.com/good_user'
}
)
assert_redirected_to '/my/account'
user = User.find_by_login('cool_user')
assert user
assert_equal 'Cool', user.firstname
assert_equal 'User', user.lastname
end
def test_login_with_openid_with_new_user_and_self_registration_off
Setting.self_registration = '0'
post(
:login,
:params => {
:openid_url => 'http://openid.example.com/good_user'
}
)
assert_redirected_to home_url
user = User.find_by_login('cool_user')
assert_nil user
end
def test_login_with_openid_with_new_user_created_with_email_activation_should_have_a_token
Setting.self_registration = '1'
post(
:login,
:params => {
:openid_url => 'http://openid.example.com/good_user'
}
)
assert_redirected_to '/login'
user = User.find_by_login('cool_user')
assert user
token = Token.find_by_user_id_and_action(user.id, 'register')
assert token
end
def test_login_with_openid_with_new_user_created_with_manual_activation
Setting.self_registration = '2'
post(
:login,
:params => {
:openid_url => 'http://openid.example.com/good_user'
}
)
assert_redirected_to '/login'
user = User.find_by_login('cool_user')
assert user
assert_equal User::STATUS_REGISTERED, user.status
end
def test_login_with_openid_with_new_user_with_conflict_should_register
Setting.self_registration = '3'
existing_user = User.new(:firstname => 'Cool', :lastname => 'User', :mail => 'user@somedomain.com')
existing_user.login = 'cool_user'
assert existing_user.save!
post(
:login,
:params => {
:openid_url => 'http://openid.example.com/good_user'
}
)
assert_response :success
assert_select 'input[name=?][value=?]', 'user[identity_url]', 'http://openid.example.com/good_user'
end
def test_login_with_openid_with_new_user_with_missing_information_should_register
Setting.self_registration = '3'
post(
:login,
:params => {
:openid_url => 'http://openid.example.com/good_blank_user'
}
)
assert_response :success
assert_select 'input[name=?]', 'user[login]'
assert_select 'input[name=?]', 'user[password]'
assert_select 'input[name=?]', 'user[password_confirmation]'
assert_select 'input[name=?][value=?]', 'user[identity_url]', 'http://openid.example.com/good_blank_user'
end
def test_post_login_should_not_verify_token_when_using_open_id
ActionController::Base.allow_forgery_protection = true
AccountController.any_instance.stubs(:using_open_id?).returns(true)
AccountController.any_instance.stubs(:authenticate_with_open_id).returns(true)
post :login
assert_response 200
ensure
ActionController::Base.allow_forgery_protection = false
end
def test_register_after_login_failure_should_not_require_user_to_enter_a_password
Setting.self_registration = '3'
assert_difference 'User.count' do
post(
:register,
:params => {
:user => {
:login => 'good_blank_user',
:password => '',
:password_confirmation => '',
:firstname => 'Cool',
:lastname => 'User',
:mail => 'user@somedomain.com',
:identity_url => 'http://openid.example.com/good_blank_user'
}
}
)
assert_response 302
end
user = User.order('id DESC').first
assert_equal 'http://openid.example.com/good_blank_user', user.identity_url
assert user.hashed_password.blank?, "Hashed password was #{user.hashed_password}"
end
def test_setting_openid_should_return_true_when_set_to_true
assert_equal true, Setting.openid?
end
else
puts "Skipping openid tests."
def test_dummy
end
end
end

49
test/mocks/open_id_authentication_mock.rb
View File

@@ -1,49 +0,0 @@
# frozen_string_literal: true
# Mocks out OpenID
#
# http://www.northpub.com/articles/2007/04/02/testing-openid-support
module OpenIdAuthentication
EXTENSION_FIELDS = {'email' => 'user@somedomain.com',
'nickname' => 'cool_user',
'country' => 'US',
'postcode' => '12345',
'fullname' => 'Cool User',
'dob' => '1970-04-01',
'language' => 'en',
'timezone' => 'America/New_York'}
protected
def authenticate_with_open_id(identity_url = params[:openid_url], options = {})
if User.find_by_identity_url(identity_url) || identity_url.include?('good')
extension_response_fields = {}
# Don't process registration fields unless it is requested.
unless identity_url.include?('blank') || (options[:required].nil? && options[:optional].nil?)
unless options[:required].nil?
options[:required].each do |field|
extension_response_fields[field.to_s] = EXTENSION_FIELDS[field.to_s]
end
end
unless options[:optional].nil?
options[:optional].each do |field|
extension_response_fields[field.to_s] = EXTENSION_FIELDS[field.to_s]
end
end
end
yield Result[:successful], identity_url, extension_response_fields
else
logger.info "OpenID authentication failed: #{identity_url}"
yield Result[:failed], identity_url, nil
end
end
private
def add_simple_registration_fields(open_id_response, fields)
open_id_response.add_extension_arg('sreg', 'required', [fields[:required]].flatten * ',') if fields[:required]
open_id_response.add_extension_arg('sreg', 'optional', [fields[:optional]].flatten * ',') if fields[:optional]
end
end

1
test/test_helper.rb
View File

@@ -29,7 +29,6 @@ $redmine_test_ldap_server = ENV['REDMINE_TEST_LDAP_SERVER'] || '127.0.0.1'
ENV["RAILS_ENV"] = "test"
require File.expand_path(File.dirname(__FILE__) + "/../config/environment")
require 'rails/test_help'
require Rails.root.join('test', 'mocks', 'open_id_authentication_mock.rb').to_s
require File.expand_path(File.dirname(__FILE__) + '/object_helpers')
include ObjectHelpers

33
test/unit/user_test.rb
View File

@@ -1348,37 +1348,4 @@ class UserTest < ActiveSupport::TestCase
cv2a.reload
assert_equal @dlopper.id.to_s, cv2a.value
end
if Object.const_defined?(:OpenID)
def test_setting_identity_url
normalized_open_id_url = 'http://example.com/'
u = User.new(:identity_url => 'http://example.com/')
assert_equal normalized_open_id_url, u.identity_url
end
def test_setting_identity_url_without_trailing_slash
normalized_open_id_url = 'http://example.com/'
u = User.new(:identity_url => 'http://example.com')
assert_equal normalized_open_id_url, u.identity_url
end
def test_setting_identity_url_without_protocol
normalized_open_id_url = 'http://example.com/'
u = User.new(:identity_url => 'example.com')
assert_equal normalized_open_id_url, u.identity_url
end
def test_setting_blank_identity_url
u = User.new(:identity_url => 'example.com')
u.identity_url = ''
assert u.identity_url.blank?
end
def test_setting_invalid_identity_url
u = User.new(:identity_url => 'this is not an openid url')
assert u.identity_url.blank?
end
else
puts "Skipping openid tests."
end
end