public function chooseAction(HttpRequest $request)
 {
     $action = Primitive::choice('action')->setList($this->methodMap);
     if ($this->getDefaultAction()) {
         $action->setDefault($this->getDefaultAction());
     }
     Form::create()->add($action)->import($request->getGet())->importMore($request->getPost())->importMore($request->getAttached());
     if (!($command = $action->getValue())) {
         return $action->getDefault();
     }
     return $command;
 }
Example #2
0
 /**
  * 验证token是否有效
  */
 public function valid()
 {
     if ($this->checkSignature()) {
         exit(HttpRequest::getGet('echostr'));
     }
 }
 protected function makeHandle(HttpRequest $request, CurlHttpResponse $response)
 {
     $handle = curl_init();
     Assert::isNotNull($request->getMethod());
     $options = array(CURLOPT_WRITEFUNCTION => array($response, 'writeBody'), CURLOPT_HEADERFUNCTION => array($response, 'writeHeader'), CURLOPT_URL => $request->getUrl()->toString(), CURLOPT_USERAGENT => 'onPHP::' . __CLASS__);
     if ($this->isPhp55()) {
         $options[CURLOPT_SAFE_UPLOAD] = true;
     }
     if ($this->noBody !== null) {
         $options[CURLOPT_NOBODY] = $this->noBody;
     }
     if ($this->followLocation !== null) {
         $options[CURLOPT_FOLLOWLOCATION] = $this->followLocation;
     }
     switch ($request->getMethod()->getId()) {
         case HttpMethod::GET:
             $options[CURLOPT_HTTPGET] = true;
             if ($request->getGet()) {
                 $options[CURLOPT_URL] .= ($request->getUrl()->getQuery() ? '&' : '?') . $this->argumentsToString($request->getGet());
             }
             break;
         case HttpMethod::POST:
             if ($request->getGet()) {
                 $options[CURLOPT_URL] .= ($request->getUrl()->getQuery() ? '&' : '?') . $this->argumentsToString($request->getGet());
             }
             $options[CURLOPT_POST] = true;
             $options[CURLOPT_POSTFIELDS] = $this->getPostFields($request);
             break;
         default:
             $options[CURLOPT_CUSTOMREQUEST] = $request->getMethod()->getName();
             break;
     }
     $headers = array();
     foreach ($request->getHeaderList() as $headerName => $headerValue) {
         $headers[] = "{$headerName}: {$headerValue}";
     }
     if ($headers) {
         $options[CURLOPT_HTTPHEADER] = $headers;
     }
     if ($request->getCookie()) {
         $cookies = array();
         foreach ($request->getCookie() as $name => $value) {
             $cookies[] = $name . '=' . urlencode($value);
         }
         $options[CURLOPT_COOKIE] = implode('; ', $cookies);
     }
     foreach ($this->options as $key => $value) {
         $options[$key] = $value;
     }
     curl_setopt_array($handle, $options);
     return $handle;
 }
 /**
  * proceed results of checkid_immediate and checkid_setup
  *
  * @param $request incoming request
  * @param
  **/
 public function doContinue(HttpRequest $request, $manager = null)
 {
     if ($manager) {
         Assert::isTrue($manager instanceof OpenIdConsumerAssociationManager);
     }
     $parameters = $this->parseGetParameters($request->getGet());
     foreach ($this->extensions as $extension) {
         $extension->parseResponce($request, $parameters);
     }
     if (!isset($parameters['openid.mode'])) {
         throw new WrongArgumentException('not an openid request');
     }
     if ($parameters['openid.mode'] == 'id_res') {
         if (isset($parameters['openid.user_setup_url'])) {
             $setupUrl = HttpUrl::create()->parse($parameters['openid.user_setup_url']);
             Assert::isTrue($setupUrl->isValid());
             return new OpenIdConsumerSetupRequired($setupUrl);
         }
     } elseif ($parameters['openid.mode'] = 'cancel') {
         return new OpenIdConsumerCancel();
     }
     if (!isset($parameters['openid.assoc_handle'])) {
         throw new WrongArgumentException('no association handle');
     }
     if (!isset($parameters['openid.identity'])) {
         throw new WrongArgumentException('no identity');
     }
     $identity = HttpUrl::create()->parse($parameters['openid.identity']);
     Assert::isTrue($identity->isValid(), 'invalid identity');
     $identity->makeComparable();
     $signedFields = array();
     if (isset($parameters['openid.signed'], $parameters['openid.sig'])) {
         $signedFields = explode(',', $parameters['openid.signed']);
         if (!in_array('identity', $signedFields)) {
             throw new WrongArgumentException('identity must be signed');
         }
     } else {
         throw new WrongArgumentException('no signature in response');
     }
     if ($manager && ($association = $manager->findByHandle($parameters['openid.assoc_handle'], self::ASSOCIATION_TYPE)) && !isset($parameters['openid.invalidate_handle'])) {
         // smart mode
         $tokenContents = null;
         foreach ($signedFields as $signedField) {
             $tokenContents .= $signedField . ':' . $parameters['openid.' . strtr($signedField, '.', '_')] . "\n";
         }
         if (base64_encode(CryptoFunctions::hmacsha1($association->getSecret(), $tokenContents)) != $parameters['openid.sig']) {
             throw new WrongArgumentException('signature mismatch');
         }
         return new OpenIdConsumerPositive($identity);
     } elseif (!$manager || isset($parameters['openid.invalidate_handle'])) {
         // dumb or handle invalidation mode
         if ($this->checkAuthentication($parameters, $manager)) {
             return new OpenIdConsumerPositive($identity);
         } else {
             return new OpenIdConsumerFail();
         }
     }
     Assert::isUnreachable();
 }