4 files changed, 63 insertions, 10 deletions

diff --git a/modules/gallery/controllers/admin_identity.php b/modules/gallery/controllers/admin_identity.php
index dd1cfb4b..9d756a5c 100644
--- a/modules/gallery/controllers/admin_identity.php
+++ b/modules/gallery/controllers/admin_identity.php
@@ -21,7 +21,7 @@ class Admin_Identity_Controller extends Admin_Controller {
   public function index() {
     $view = new Admin_View("admin.html");
     $view->content = new View("admin_identity.html");
-    $view->content->available = Identity::active();
+    $view->content->available = Identity::providers();
     $view->content->active = module::get_var("gallery", "identity_provider", "user");
     print $view;
   }
@@ -39,18 +39,36 @@ class Admin_Identity_Controller extends Admin_Controller {
     access::verify_csrf();
 
     $active_provider = module::get_var("gallery", "identity_provider", "user");
-    $providers = Identity::active();
+    $providers = Identity::providers();
 
     $new_provider = $this->input->post("provider");
 
     if ($new_provider != $active_provider) {
-      module::event("identity_change", $new_provider);
+
+      module::event("pre_identity_change", $active_provider, $new_provider);
+
+      Identity::deactivate();
+
+      // Switch authentication
+      module::set_var("gallery", "identity_provider", $new_provider);
+      Identity::reset();
+
+      Identity::activate();
 
       // @todo this type of collation is questionable from an i18n perspective
       message::success(t("Changed to %description",
                          array("description" => $providers->$new_provider)));
+
+      try {
+        Session::instance()->destroy();
+      } catch (Exception $e) {
+        // We don't care if there was a problem destroying the session.
+      }
+      url::redirect(item::root()->abs_url());
     }
 
+    message::info(t("The selected provider \"%description\" is already active.",
+                    array("description" => $providers->$new_provider)));
     url::redirect("admin/identity");
   }
 }
diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php
index 84b84f7d..95be4813 100644
--- a/modules/gallery/helpers/gallery_event.php
+++ b/modules/gallery/helpers/gallery_event.php
@@ -191,7 +191,7 @@ class gallery_event_Core {
                         ->id("sidebar")
                         ->label(t("Manage Sidebar"))
                         ->url(url::site("admin/sidebar"))));
-    if (count(Identity::active()) > 1) {
+    if (count(Identity::providers()) > 1) {
       $menu
         ->append(Menu::factory("submenu")
                  ->id("identity_menu")
diff --git a/modules/gallery/libraries/Identity.php b/modules/gallery/libraries/Identity.php
index e77fd2d2..3fcb6756 100644
--- a/modules/gallery/libraries/Identity.php
+++ b/modules/gallery/libraries/Identity.php
@@ -39,13 +39,24 @@ class Identity_Core {
    * @param   string  configuration
    * @return  Identity_Core
    */
-  static function & instance($config="default") {
-   if (!isset(Identity::$instance)) {
+  static function & instance() {
+   if (!isset(self::$instance)) {
       // Create a new instance
-      Identity::$instance = new Identity($config);
+      self::$instance = new Identity();
     }
 
-    return Identity::$instance;
+    return self::$instance;
+  }
+
+  /**
+   * Returns a singleton instance of Identity.
+   * There can only be one Identity driver configured at a given point
+   *
+   * @param   string  configuration
+   * @return  Identity_Core
+   */
+  static function reset() {
+    self::$instance = new Identity();
   }
 
   /**
@@ -83,11 +94,11 @@ class Identity_Core {
   }
 
   /**
-   * Return a list of installed and activated Identity Drivers.
+   * Return a list of installed Identity Drivers.
    *
    * @return boolean true if the driver supports updates; false if read only
    */
-  static function active() {
+  static function providers() {
     if (empty(self::$active)) {
       $drivers = new ArrayObject(array(), ArrayObject::ARRAY_AS_PROPS);
       foreach (module::active() as $module) {
@@ -103,6 +114,20 @@ class Identity_Core {
   }
 
   /**
+   * @see Identity_Driver::activate.
+   */
+  static function activate() {
+    self::instance()->driver->activate();
+  }
+
+  /**
+   * @see Identity_Driver::deactivate.
+   */
+  static function deactivate() {
+    self::instance()->driver->deactivate();
+  }
+
+  /**
    * Determine if if the current driver supports updates.
    *
    * @return boolean true if the driver supports updates; false if read only
diff --git a/modules/gallery/libraries/drivers/Identity.php b/modules/gallery/libraries/drivers/Identity.php
index 6ab001cb..2fc4d349 100644
--- a/modules/gallery/libraries/drivers/Identity.php
+++ b/modules/gallery/libraries/drivers/Identity.php
@@ -19,6 +19,16 @@
  */
 interface Identity_Driver {
   /**
+   * Initialize the provider so it is ready to use
+   */
+  public function activate();
+
+  /**
+   * Cleanup up this provider so it is unavailable for use and won't conflict with the current driver
+   */
+  public function deactivate();
+
+  /**
    * Return the guest user.
    *
    * @return User_Definition the user object