The recently committed user_external_login() is not quite right, for two reasons:

1. Bug: It passes an empty $state array to user_login_name_validate() and _submit(). This means, for example, that user_login_name_validate() does not actually validate the name b/c it has no name to validate. I fixed this in an earlier patch on the original issue but my change got lost somehow.

2. Design flaw: It does not allow form values to be provided. This means form values cannot be passed to hook_user('login'). Consider a site with OpenID and Persistent Login enabled. When the user provides an openid and checks Remember Me, the Remember Me checkbox value needs to be passed to hook_user('login') for the Persistent Login module. So, the OpenID module needs to remember the form values as submitted and pass them to user_external_login() once the OpenID verification is complete. But it can't, because user_external_login() does not provide that capability.

Attached patch does three things:

Here is a combined patch:

1. Fixes user_external_login() to support a $edit argument.

2. Fixes openid.module to use the $edit argument to user_external_login().

3. Fixes an unrelated one-line bug in openid.module (it loops forever on Windows every time it used). This bug means openid.module completely fails to work on Windows and hoses the server until the PHP script timeout every time it is used.

CommentFileSizeAuthor
user-external-login-openid-0620_0.patch4.84 KBbjaspan

Comments

moshe weitzman’s picture

moshe weitzman commented
Status: Needs review » Reviewed & tested by the community

i tested regular login and openID login and all is well. code looks good too. thanks barry.

gábor hojtsy’s picture

gábor hojtsy
he/him
Primary language Hungarian
Location Hungary
commented
Status: Reviewed & tested by the community » Fixed

Looked through the code and it looks logical (and already tested), so committed.

Anonymous’s picture

(not verified) commented
Status: Fixed » Closed (fixed)