/**
* testNormalizeIdentifierFailXRI
*
* @return void
*/
public function testNormalizeIdentifierFailXRI()
{
try {
OpenID::normalizeIdentifier('xri://foo.com');
} catch (OpenID_Exception $e1) {
$this->assertFalse(false);
}
try {
OpenID::normalizeIdentifier('=example');
} catch (OpenID_Exception $e2) {
$this->assertFalse(false);
}
}
/**
* Gets an instance of OpenID_Discover from the SQL server if it exists.
*
* @param string $identifier The user supplied identifier
*
* @return false on failure, OpenID_Discover on success
*/
public function getDiscover($identifier)
{
$normalized = OpenID::normalizeIdentifier($identifier);
$sql = "SELECT serialized_discover\n FROM {$this->tableNames['discovery']}\n WHERE identifier = ?\n AND expires > ?";
$result = $this->prepareExecute($sql, array($normalized, time()));
if (!$result->numRows()) {
return false;
}
$row = $result->fetchRow(MDB2_FETCHMODE_ASSOC);
$result->free();
return unserialize($row['serialized_discover']);
}
$content['cached'] = true;
}
$content['OpenID_Discover'] = $d->services;
$extensions = array('OAuth', 'AX', 'SREG11', 'UI');
$supported = array();
foreach ($extensions as $extension) {
$supported[$extension] = $d->extensionSupported($extension);
}
$content['Extensions Supported'] = $supported;
return $content;
}
$identifier = isset($_POST['identifier']) ? $_POST['identifier'] : null;
$skipcache = isset($_POST['skipcache']) ? $_POST['skipcache'] : null;
if ($identifier) {
try {
$identifier = OpenID::normalizeIdentifier($_POST['identifier']);
$content = getServiceContent($identifier, $skipcache);
} catch (OpenID_Exception $e) {
$content = get_class($e) . ': ' . $e->getMessage();
}
}
ob_start();
require_once 'common/discover_form.php';
$contents .= ob_get_contents();
ob_end_clean();
if (isset($content)) {
$contents .= "<div class='discover_results'>\n";
$contents .= "<b>Results:</b> <br><pre>\n";
$contents .= print_r($content, true);
$contents .= "</pre>\n";
$contents .= '</div>';
/**
* Constructor. Enables libxml internal errors, normalized the identifier.
*
* @param mixed $identifier The user supplied identifier
*
* @return void
*/
public function __construct($identifier)
{
libxml_use_internal_errors(true);
$this->identifier = OpenID::normalizeIdentifier($identifier);
}
/**
* Common method for creating a cache key based on the normalized identifier
*
* @param string $identifier User supplied identifier
*
* @return string md5 of the normalized identifier
*/
protected function getDiscoverCacheKey($identifier)
{
return md5(OpenID::normalizeIdentifier($identifier));
}
/**
* Verifies an assertion response from the OP. If the openid.mode is error, an
* exception is thrown.
*
* @param Net_URL2 $requestedURL The requested URL (that the user was
* directed to by the OP) as a Net_URL2
* object
* @param OpenID_Message $message The OpenID_Message instance, as extractd
* from the input (GET or POST)
*
* @throws OpenID_Exception on error or invalid openid.mode
* @return OpenID_Assertion_Response
*/
public function verify(Net_URL2 $requestedURL, OpenID_Message $message)
{
// Unsolicited assertion?
if ($this->normalizedID === null) {
$unsolicitedID = $message->get('openid.claimed_id');
$this->normalizedID = OpenID::normalizeIdentifier($unsolicitedID);
}
$mode = $message->get('openid.mode');
$result = new OpenID_Assertion_Result();
OpenID::setLastEvent(__METHOD__, print_r($message->getArrayFormat(), true));
switch ($mode) {
case OpenID::MODE_ID_RES:
if ($message->get('openid.ns') === null && $message->get('openid.user_setup_url') !== null) {
// Negative 1.1 checkid_immediate response
$result->setAssertionMethod($mode);
$result->setUserSetupURL($message->get('openid.user_setup_url'));
return $result;
}
break;
case OpenID::MODE_CANCEL:
case OpenID::MODE_SETUP_NEEDED:
$result->setAssertionMethod($mode);
return $result;
case OpenID::MODE_ERROR:
throw new OpenID_Exception($message->get('openid.error'));
default:
throw new OpenID_Exception('Unknown mode: ' . $mode);
}
$discover = $this->getDiscover();
$serviceEndpoint = $discover->services[0];
$URIs = $serviceEndpoint->getURIs();
$opEndpointURL = array_shift($URIs);
$assertion = $this->getAssertionObject($message, $requestedURL);
$result->setDiscover($discover);
// Check via associations
if ($this->useAssociations) {
if ($message->get('openid.invalidate_handle') === null) {
// Don't fall back to check_authentication
$result->setAssertionMethod(OpenID::MODE_ASSOCIATE);
$assoc = $this->getStore()->getAssociation($opEndpointURL, $message->get('openid.assoc_handle'));
OpenID::setLastEvent(__METHOD__, print_r($assoc, true));
if ($assoc instanceof OpenID_Association && $assoc->checkMessageSignature($message)) {
$result->setAssertionResult(true);
}
// If it's not an unsolicited assertion, just return
if (!isset($unsolicitedID)) {
return $result;
}
} else {
// Invalidate handle requested. Delete it and fall back to
// check_authenticate
$this->getStore()->deleteAssociation($opEndpointURL);
}
}
// Check via check_authenticate
$result->setAssertionMethod(OpenID::MODE_CHECK_AUTHENTICATION);
$result->setCheckAuthResponse($assertion->checkAuthentication());
if ($result->getCheckAuthResponse()->get('is_valid') == 'true') {
$result->setAssertionResult(true);
}
return $result;
}
