From 9955844da1d209778f06ad9a3583949048b8ee88 Mon Sep 17 00:00:00 2001
From: Go MAEDA <maeda@farend.jp>
Date: Tue, 14 Dec 2021 00:09:53 +0000
Subject: Drop OpenID support (#35755).

Patch by Go MAEDA.


git-svn-id: http://svn.redmine.org/redmine/trunk@21312 e93f8b46-1217-0410-a6f0-8f06a7374b81
---
 app/controllers/account_controller.rb | 59 ++---------------------------------
 1 file changed, 2 insertions(+), 57 deletions(-)

(limited to 'app/controllers')

diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb
index e1b3d4f2b..a55375539 100644
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@@ -27,14 +27,6 @@ class AccountController < ApplicationController
   skip_before_action :check_if_login_required, :check_password_change
   skip_before_action :check_twofa_activation, :only => :logout
 
-  # Overrides ApplicationController#verify_authenticity_token to disable
-  # token verification on openid callbacks
-  def verify_authenticity_token
-    unless using_open_id?
-      super
-    end
-  end
-
   # Login request and validation
   def login
     if request.post?
@@ -161,7 +153,7 @@ class AccountController < ApplicationController
           redirect_to my_account_path
         end
       else
-        unless user_params[:identity_url].present? && user_params[:password].blank? && user_params[:password_confirmation].blank?
+        unless user_params[:password].blank? && user_params[:password_confirmation].blank?
           @user.password, @user.password_confirmation = user_params[:password], user_params[:password_confirmation]
         end
 
@@ -301,11 +293,7 @@ class AccountController < ApplicationController
   end
 
   def authenticate_user
-    if Setting.openid? && using_open_id?
-      open_id_authenticate(params[:openid_url])
-    else
-      password_authentication
-    end
+    password_authentication
   end
 
   def password_authentication
@@ -339,49 +327,6 @@ class AccountController < ApplicationController
     update_sudo_timestamp! # activate Sudo Mode
   end
 
-  def open_id_authenticate(openid_url)
-    back_url = signin_url(:autologin => params[:autologin])
-    authenticate_with_open_id(
-      openid_url, :required => [:nickname, :fullname, :email],
-      :return_to => back_url, :method => :post
-    ) do |result, identity_url, registration|
-      if result.successful?
-        user = User.find_or_initialize_by_identity_url(identity_url)
-        if user.new_record?
-          # Self-registration off
-          (redirect_to(home_url); return) unless Setting.self_registration?
-          # Create on the fly
-          user.login = registration['nickname'] unless registration['nickname'].nil?
-          user.mail = registration['email'] unless registration['email'].nil?
-          user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil?
-          user.random_password
-          user.register
-          case Setting.self_registration
-          when '1'
-            register_by_email_activation(user) do
-              onthefly_creation_failed(user)
-            end
-          when '3'
-            register_automatically(user) do
-              onthefly_creation_failed(user)
-            end
-          else
-            register_manually_by_administrator(user) do
-              onthefly_creation_failed(user)
-            end
-          end
-        else
-          # Existing record
-          if user.active?
-            successful_authentication(user)
-          else
-            handle_inactive_user(user)
-          end
-        end
-      end
-    end
-  end
-
   def successful_authentication(user)
     logger.info "Successful authentication for '#{user.login}' from #{request.remote_ip} at #{Time.now.utc}"
     # Valid user
-- 
cgit v1.2.3