public function __construct(HttpUrl $claimedId, HttpClient $httpClient)
 {
     $this->claimedId = $claimedId->makeComparable();
     if (!$claimedId->isValid()) {
         throw new OpenIdException('invalid claimed id');
     }
     $this->httpClient = $httpClient;
     $response = $httpClient->send(HttpRequest::create()->setHeaderVar('Accept', self::HEADER_ACCEPT)->setMethod(HttpMethod::get())->setUrl($claimedId));
     if ($response->getStatus()->getId() != 200) {
         throw new OpenIdException('can\'t fetch document');
     }
     $contentType = $response->getHeader('content-type');
     if (mb_stripos($contentType, self::HEADER_CONT_TYPE) !== false) {
         $this->parseXRDS($response->getBody());
     } elseif ($response->hasHeader(self::HEADER_XRDS_LOCATION)) {
         $this->loadXRDS($response->getHeader(self::HEADER_XRDS_LOCATION));
     } else {
         $this->parseHTML($response->getBody());
     }
     if (!$this->server || !$this->server->isValid()) {
         throw new OpenIdException('bad server');
     } else {
         $this->server->makeComparable();
     }
     if (!$this->realId) {
         $this->realId = $claimedId;
     } elseif (!$this->realId->isValid()) {
         throw new OpenIdException('bad delegate');
     } else {
         $this->realId->makeComparable();
     }
 }
 /**
  * check_authentication mode request
  **/
 private function checkAuthentication(array $parameters, $manager = null)
 {
     $credentials = new OpenIdCredentials(HttpUrl::create()->parse($parameters['openid.identity']), $this->httpClient);
     $request = HttpRequest::create()->setMethod(HttpMethod::post())->setUrl($credentials->getServer());
     if (isset($parameters['openid.invalidate_handle']) && $manager) {
         $request->setPostVar('openid.invalidate_handle', $parameters['openid.invalidate_handle']);
     }
     foreach (explode(',', $parameters['openid.signed']) as $key) {
         $key = 'openid.' . $key;
         $request->setPostVar($key, $parameters[$key]);
     }
     $request->setPostVar('openid.mode', 'check_authentication')->setPostVar('openid.assoc_handle', $parameters['openid.assoc_handle'])->setPostVar('openid.sig', $parameters['openid.sig'])->setPostVar('openid.signed', $parameters['openid.signed']);
     $response = $this->httpClient->send($request);
     if ($response->getStatus()->getId() != HttpStatus::CODE_200) {
         throw new OpenIdException('bad response code from server');
     }
     $result = $this->parseKeyValueFormat($response->getBody());
     if (!isset($result['is_valid']) || $result['is_valid'] !== 'true' && $result['is_valid'] !== 'false') {
         throw new OpenIdException('strange response given');
     }
     if ($result['is_valid'] === 'true') {
         if (isset($result['invalidate_handle']) && $manager) {
             $manager->purgeByHandle($result['invalidate_handle']);
         }
         return true;
     } elseif ($result['is_valid'] === 'false') {
         return false;
     }
     Assert::isUnreachable();
 }
Example #3
0
 /**
  * Set Google authentication credentials.
  * Must be done before trying to do any Google Data operations that
  * require authentication.
  * For example, viewing private data, or posting or deleting entries.
  *
  * @param string $email
  * @param string $password
  * @param string $service
  * @param \ZendGData\HttpClient $client
  * @param string $source
  * @param string $loginToken The token identifier as provided by the server.
  * @param string $loginCaptcha The user's response to the CAPTCHA challenge.
  * @param string $accountType An optional string to identify whether the
  * account to be authenticated is a google or a hosted account. Defaults to
  * 'HOSTED_OR_GOOGLE'. See: http://code.google.com/apis/accounts/docs/AuthForInstalledApps.html#Request
  * @throws \ZendGData\App\AuthException
  * @throws \ZendGData\App\HttpException
  * @throws \ZendGData\App\CaptchaRequiredException
  * @return \ZendGData\HttpClient
  */
 public static function getHttpClient($email, $password, $service = 'xapi', HttpClient $client = null, $source = self::DEFAULT_SOURCE, $loginToken = null, $loginCaptcha = null, $loginUri = self::CLIENTLOGIN_URI, $accountType = 'HOSTED_OR_GOOGLE')
 {
     if (!($email && $password)) {
         throw new App\AuthException('Please set your Google credentials before trying to ' . 'authenticate');
     }
     if ($client == null) {
         $client = new HttpClient();
     }
     // Build the HTTP client for authentication
     $client->setUri($loginUri);
     $client->setMethod('POST');
     $useragent = App::getUserAgentString($source);
     $client->setOptions(array('maxredirects' => 0, 'strictredirects' => true, 'useragent' => $useragent));
     $client->setEncType('multipart/form-data');
     $postParams = array('accountType' => $accountType, 'Email' => (string) $email, 'Passwd' => (string) $password, 'service' => (string) $service, 'source' => (string) $source);
     if ($loginToken || $loginCaptcha) {
         if ($loginToken && $loginCaptcha) {
             $postParams += array('logintoken' => (string) $loginToken, 'logincaptcha' => (string) $loginCaptcha);
         } else {
             throw new App\AuthException('Please provide both a token ID and a user\'s response ' . 'to the CAPTCHA challenge.');
         }
     }
     $client->setParameterPost($postParams);
     // Send the authentication request
     // For some reason Google's server causes an SSL error. We use the
     // output buffer to supress an error from being shown. Ugly - but works!
     ob_start();
     try {
         $response = $client->send();
     } catch (\Zend\Http\Client\Exception\ExceptionInterface $e) {
         throw new App\HttpException($e->getMessage(), $e);
     }
     ob_end_clean();
     // Parse Google's response
     $goog_resp = array();
     foreach (explode("\n", $response->getBody()) as $l) {
         $l = rtrim($l);
         if ($l) {
             list($key, $val) = explode('=', rtrim($l), 2);
             $goog_resp[$key] = $val;
         }
     }
     if ($response->getStatusCode() == 200) {
         $client->setClientLoginToken($goog_resp['Auth']);
         $useragent = App::getUserAgentString($source);
         $client->setOptions(array('strictredirects' => true, 'useragent' => $useragent));
         return $client;
     } elseif ($response->getStatusCode() == 403) {
         // Check if the server asked for a CAPTCHA
         if (array_key_exists('Error', $goog_resp) && $goog_resp['Error'] == 'CaptchaRequired') {
             throw new App\CaptchaRequiredException($goog_resp['CaptchaToken'], $goog_resp['CaptchaUrl']);
         } else {
             throw new App\AuthException('Authentication with Google failed. Reason: ' . (isset($goog_resp['Error']) ? $goog_resp['Error'] : 'Unspecified.'));
         }
     }
 }
Example #4
0
 /**
  * Check if the HTTP method is accepted and send a HTTP request to it.
  * Retrieve error from the request and throw a new error
  *
  * @param  string $method HTTP action to trigger
  * @param  array $arguments Array containing all the parameters pass to the magic method
  *
  * @throws \Crew\Unsplash\Exception if the HTTP request failed
  *
  * @see Crew\Unsplash\HttpClient::send()
  *
  * @return \GuzzleHttp\Psr7\Response
  */
 public static function __callStatic($method, $arguments)
 {
     //  Validate if the $method is part of the accepted http method array
     if (in_array($method, self::$acceptedHttpMethod)) {
         $httpClient = new HttpClient();
         $response = $httpClient->send($method, $arguments);
         //  Validate if the request failed
         if (!self::isGoodRequest($response)) {
             throw new Exception(self::getErrorMessage($response), $response->getStatusCode());
         }
         return $response;
     }
 }
Example #5
0
 /**
  * Perform the request
  * 
  * @param string $url URL of request
  * @param string $requestMethod (GET|POST|PUT|DELETE)
  * @param string $data Data in string format
  * @param array $headers
  * @return string 
  * @throws HttpClient_Exception
  * @throws HttpClient_HttpStatusException
  * @throws HttpClient_UnknownHttpStatusException
  * @throws HttpClient_ConnectionErrorException
  * @access public
  */
 public function send($url, $requestMethod, $data = null, array $headers = null)
 {
     $params = array();
     if (false !== ($pos = strpos($url, '?'))) {
         $paramPairs = explode('&', substr($url, $pos + 1));
         foreach ($paramPairs as $pair) {
             $pairSplit = explode('=', $pair);
             $params[$pairSplit[0]] = isset($pairSplit[1]) ? $pairSplit[1] : null;
         }
     }
     $request = Lib\OAuthRequest::from_consumer_and_token($this->consumer, $this->token, $requestMethod, $url, $params);
     $request->sign_request(new Lib\OAuthSignatureMethod_HMAC_SHA1(), $this->consumer, $this->token);
     if (is_null($headers)) {
         $headers = array();
     }
     $headers = array_merge($headers, array($request->to_header()));
     return parent::send($url, $requestMethod, $data, $headers);
 }