[MediaWiki-commits] [Gerrit] mediawiki/core[master]: Implement RFC7239 compatible X-Forwarded-For parsing

2016-12-16 Thread Puiterwijk (Code Review) 
Puiterwijk has uploaded a new change for review. ( 
https://gerrit.wikimedia.org/r/327858 )

Change subject: Implement RFC7239 compatible X-Forwarded-For parsing
..

Implement RFC7239 compatible X-Forwarded-For parsing

Change-Id: I4384a1b693f4461a78a914c09ecfca3b72d3fe99
---
M includes/DefaultSettings.php
M includes/WebRequest.php
2 files changed, 11 insertions(+), 1 deletion(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core 
refs/changes/58/327858/1

diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index 09ea958..fe83204 100644
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -2796,6 +2796,14 @@
  */
 $wgUsePrivateIPs = false;
 
+/**
+ * Should the X-Forwarded-For header be parsed according to RFC7239, with the
+ * assumption that the actual client IP is the first entry in the header.
+ *
+ * This defaults to false for backwards compatibility reasons.
+ */
+$wgRfcProxyIPs = false;
+
 /** @} */ # end of HTTP proxy settings
 
 ///**
diff --git a/includes/WebRequest.php b/includes/WebRequest.php
index e7c9b83..50b21ad 100644
--- a/includes/WebRequest.php
+++ b/includes/WebRequest.php
@@ -1227,7 +1227,9 @@
$proxyLookup = 
MediaWikiServices::getInstance()->getProxyLookup();
$isConfigured = $proxyLookup->isConfiguredProxy( $ip );
$ipchain = array_map( 'trim', explode( ',', 
$forwardedFor ) );
-   $ipchain = array_reverse( $ipchain );
+   if ( !$wgRfcProxyIPs ) {
+   $ipchain = array_reverse( $ipchain );
+   }
array_unshift( $ipchain, $ip );
 
# Step through XFF list and find the last address in 
the list which is a

-- 
To view, visit https://gerrit.wikimedia.org/r/327858
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I4384a1b693f4461a78a914c09ecfca3b72d3fe99
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Puiterwijk 

___
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] mediawiki...OpenID[master]: Add option $wgOpenIDUseNicknameAsUsername to use provider ni...

2016-09-13 Thread Puiterwijk (Code Review) 
Puiterwijk has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/310451

Change subject: Add option $wgOpenIDUseNicknameAsUsername to use provider 
nickname as username
..

Add option $wgOpenIDUseNicknameAsUsername to use provider nickname as username

This will also take the nickname if that would result in reusing an existing 
account,
to facilitate installations moving to OpenID with an existing authentication 
backend.

Change-Id: I689ee4ef264041e9ee62dece82a02442fa3511c6
---
M OpenID.php
M README
M SpecialOpenIDLogin.body.php
3 files changed, 28 insertions(+), 2 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/OpenID 
refs/changes/51/310451/1

diff --git a/OpenID.php b/OpenID.php
index 7ca1ce7..50ba07f 100644
--- a/OpenID.php
+++ b/OpenID.php
@@ -285,6 +285,13 @@
 $wgOpenIDUseEmailAsNickname = false;
 
 /**
+ * when logging in with OpenID: take the nickname as provided by the provider 
and
+ * use that as the username, logging in with an existing user if one already 
existed
+ * with the same username.
+ */
+$wgOpenIDUseNicknameAsUsername = false;
+
+/**
  * when creating a new account or associating an existing account with OpenID:
  * propose and allow new account names from OpenID SREG data such as
  * fullname or nickname (if such data is available)
diff --git a/README b/README
index 7a057f8..f8abb31 100644
--- a/README
+++ b/README
@@ -238,6 +238,11 @@
   the e-mail address provided by your provider and use the user component
   as the MediaWiki username.
 
+* $wgOpenIDUseNicknameAsUsername -- designer for users with the above, take
+  the nickname field as provided by yoru provider and use it as the MediaWiki
+  username. This will also reuse existing accounts with the same name, allowing
+  migration from an existing user database to OpenID.
+
 * $wgOpenIDProposeUsernameFromSREG
   defaults to true; when first-time logging in with OpenID, propose and
   allow new account names from OpenID SREG data such as fullname or nickname
diff --git a/SpecialOpenIDLogin.body.php b/SpecialOpenIDLogin.body.php
index 9a259dc..9c33fb9 100644
--- a/SpecialOpenIDLogin.body.php
+++ b/SpecialOpenIDLogin.body.php
@@ -618,7 +618,7 @@
 * form
 */
function finish() {
-   global $wgOut, $wgUser, $wgOpenIDUseEmailAsNickname;
+   global $wgOut, $wgUser, $wgOpenIDUseEmailAsNickname, 
$wgOpenIDUseNicknameAsUsername;
 
wfSuppressWarnings();
$consumer = $this->getConsumer();
@@ -678,8 +678,22 @@
 
} else {
 
+   // if we are forcing to use nickname as 
username, use that
+   if ( $wgOpenIDUseNicknameAsUsername && 
isset($sreg['nickname']) ) {
+   $user = User::newFromName( 
$sreg['nickname'] );
+
+   if( $user instanceof User ) {
+   $this->updateUser( $user, 
$sreg, $ax ); # update from server
+   $wgUser = $user;
+   $this->displaySuccessLogin( 
$openid );
+   return;
+   } else {
+   $wgUser = $this->createUser( 
$openid, $sreg, $ax, $name );
+   $this->displaySuccessLogin( 
$openid );
+   return;
+   }
// if we are hardcoding nickname, and a valid 
e-mail address was returned, create a user with this name
-   if ( $wgOpenIDUseEmailAsNickname ) {
+   } else if ( $wgOpenIDUseEmailAsNickname ) {
 
$name = $this->getNameFromEmail( 
$openid, $sreg, $ax );
 

-- 
To view, visit https://gerrit.wikimedia.org/r/310451
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I689ee4ef264041e9ee62dece82a02442fa3511c6
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/OpenID
Gerrit-Branch: master
Gerrit-Owner: Puiterwijk 

___
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits