Use more extensive and robust logout cleaning

Reorder methods within class, no functional changes

Do not attempt another login if the first failed

The user was constantly forwarded to their oauth provider if the login
did not succeed. To fix this the check for a valid session was moved to
the fr

Do not attempt another login if the first failed

The user was constantly forwarded to their oauth provider if the login
did not succeed. To fix this the check for a valid session was moved to
the front to handle all non-get requests and requests which are not
directed at doku.php.

Also delete the cookie if the (re-)login fails.

show more ...

Refactor Login processing into method

Refactor user processing and cookies into methods

Refactor user creation

Store and reload entire $_REQUEST

Only force relogins during GET request to doku.php

Use more existing functions

Honor if registration is globally disabled in conf

Relogin if session is lost or auth_sec_timeout

If the session is lost, possibly to bad server configuration, try a
silent relogin, if an cookie is present that indicates an oauth-session.

If auth_s

Relogin if session is lost or auth_sec_timeout

If the session is lost, possibly to bad server configuration, try a
silent relogin, if an cookie is present that indicates an oauth-session.

If auth_security_timeout is triggered try to re-login based on the
existing session data.

In both cases: Mostly correctly re-set the prvious state after re-login.
Some actions do not work as expected, e.g. pagination in old revisions.

It was decided not to use refresh-tokens. The desired functionality can be achieved by an online-relogin just as
good. Hence this should be prefered to the more user-security invasive
refresh-token mechanism.

show more ...

Delete auth cookie if auth cannot be verified

If one was logged out by the auth_security_timeout, one was unable to
log in via the plain plugin, because the auth cookie was still set to
oauth.

Redirect to original page, if the login is successful

Change [..] to array(..) for PHP 5.3 compatibility

Do not save upstream groups locally.

Also replace createUser with triggerUserMod to conform to dokuwiki
standard.

Fixes issue #9

added a generic oAuth2 Adapter and implemented a Doorkeeper example

store no information in the redirect URL

Some providers need an exact matching redirect URL configured (Google)
so we can not keep any dynamic info in the URL. Instead we store it in
the user's sess

store no information in the redirect URL

Some providers need an exact matching redirect URL configured (Google)
so we can not keep any dynamic info in the URL. Instead we store it in
the user's session.

show more ...

send notification mail on new users

Allow logins to existing accounts only with associated accounts

To prevent people can log into existing account with a newly created
social account with a forged email address. We only allow logins

Allow logins to existing accounts only with associated accounts

To prevent people can log into existing account with a newly created
social account with a forged email address. We only allow logins with
previously approved service providers.

When a user logs in for the first time, eg. the email does not exists,
then the user is created and the social account is approved
automatically.

show more ...

some smaller adjustments

fix default group handling when adding new user

fixed logging out. clean up session

associate oauth logins with existing users, create new if needed

Users are uniquely identified by their email-address. A user can login
with any oauth service - when it returns the same email, its t

associate oauth logins with existing users, create new if needed

Users are uniquely identified by their email-address. A user can login
with any oauth service - when it returns the same email, its the same
user.

show more ...

stubs for mail based user ID

remember oAuth logins in session