public function testURIParsing()
 {
     $uri = new PhutilURI('http://*****:*****@host:99/path/?query=value#fragment');
     $this->assertEqual('http', $uri->getProtocol(), 'protocol');
     $this->assertEqual('user', $uri->getUser(), 'user');
     $this->assertEqual('pass', $uri->getPass(), 'pass');
     $this->assertEqual('host', $uri->getDomain(), 'domain');
     $this->assertEqual('99', $uri->getPort(), 'port');
     $this->assertEqual('/path/', $uri->getPath(), 'path');
     $this->assertEqual(array('query' => 'value'), $uri->getQueryParams(), 'query params');
     $this->assertEqual('fragment', $uri->getFragment(), 'fragment');
     $this->assertEqual('http://*****:*****@host:99/path/?query=value#fragment', (string) $uri, 'uri');
     $uri = new PhutilURI('ssh://git@example.com/example/example.git');
     $this->assertEqual('ssh', $uri->getProtocol(), 'protocol');
     $this->assertEqual('git', $uri->getUser(), 'user');
     $this->assertEqual('', $uri->getPass(), 'pass');
     $this->assertEqual('example.com', $uri->getDomain(), 'domain');
     $this->assertEqual('', $uri->getPort(), 'port');
     $this->assertEqual('/example/example.git', $uri->getPath(), 'path');
     $this->assertEqual(array(), $uri->getQueryParams(), 'query params');
     $this->assertEqual('', $uri->getFragment(), 'fragment');
     $this->assertEqual('ssh://git@example.com/example/example.git', (string) $uri, 'uri');
     $uri = new PhutilURI('http://0@domain.com/');
     $this->assertEqual('0', $uri->getUser());
     $this->assertEqual('http://0@domain.com/', (string) $uri);
     $uri = new PhutilURI('http://*****:*****@domain.com/');
     $this->assertEqual('0', $uri->getUser());
     $this->assertEqual('0', $uri->getPass());
     $this->assertEqual('http://*****:*****@domain.com/', (string) $uri);
     $uri = new PhutilURI('http://%20:%20@domain.com/');
     $this->assertEqual(' ', $uri->getUser());
     $this->assertEqual(' ', $uri->getPass());
     $this->assertEqual('http://%20:%20@domain.com/', (string) $uri);
     $uri = new PhutilURI('http://%40:%40@domain.com/');
     $this->assertEqual('@', $uri->getUser());
     $this->assertEqual('@', $uri->getPass());
     $this->assertEqual('http://%40:%40@domain.com/', (string) $uri);
 }
 /**
  * If there's a URI specified in an OAuth request, it must be validated in
  * its own right. Further, it must have the same domain, the same path, the
  * same port, and (at least) the same query parameters as the primary URI.
  */
 public function validateSecondaryRedirectURI(PhutilURI $secondary_uri, PhutilURI $primary_uri)
 {
     // The secondary URI must be valid.
     if (!$this->validateRedirectURI($secondary_uri)) {
         return false;
     }
     // Both URIs must point at the same domain.
     if ($secondary_uri->getDomain() != $primary_uri->getDomain()) {
         return false;
     }
     // Both URIs must have the same path
     if ($secondary_uri->getPath() != $primary_uri->getPath()) {
         return false;
     }
     // Both URIs must have the same port
     if ($secondary_uri->getPort() != $primary_uri->getPort()) {
         return false;
     }
     // Any query parameters present in the first URI must be exactly present
     // in the second URI.
     $need_params = $primary_uri->getQueryParams();
     $have_params = $secondary_uri->getQueryParams();
     foreach ($need_params as $key => $value) {
         if (!array_key_exists($key, $have_params)) {
             return false;
         }
         if ((string) $have_params[$key] != (string) $value) {
             return false;
         }
     }
     // If the first URI is HTTPS, the second URI must also be HTTPS. This
     // defuses an attack where a third party with control over the network
     // tricks you into using HTTP to authenticate over a link which is supposed
     // to be HTTPS only and sniffs all your token cookies.
     if (strtolower($primary_uri->getProtocol()) == 'https') {
         if (strtolower($secondary_uri->getProtocol()) != 'https') {
             return false;
         }
     }
     return true;
 }
 private function renderViewOptionsDropdown(DifferentialChangesetDetailView $detail, $ref, DifferentialChangeset $changeset)
 {
     $meta = array();
     $qparams = array('ref' => $ref, 'whitespace' => $this->whitespace);
     if ($this->standaloneURI) {
         $uri = new PhutilURI($this->standaloneURI);
         $uri->setQueryParams($uri->getQueryParams() + $qparams);
         $meta['standaloneURI'] = (string) $uri;
     }
     $repository = $this->repository;
     if ($repository) {
         try {
             $meta['diffusionURI'] = (string) $repository->getDiffusionBrowseURIForPath($this->user, $changeset->getAbsoluteRepositoryPath($repository, $this->diff), idx($changeset->getMetadata(), 'line:first'), $this->getBranch());
         } catch (DiffusionSetupException $e) {
             // Ignore
         }
     }
     $change = $changeset->getChangeType();
     if ($this->leftRawFileURI) {
         if ($change != DifferentialChangeType::TYPE_ADD) {
             $uri = new PhutilURI($this->leftRawFileURI);
             $uri->setQueryParams($uri->getQueryParams() + $qparams);
             $meta['leftURI'] = (string) $uri;
         }
     }
     if ($this->rightRawFileURI) {
         if ($change != DifferentialChangeType::TYPE_DELETE && $change != DifferentialChangeType::TYPE_MULTICOPY) {
             $uri = new PhutilURI($this->rightRawFileURI);
             $uri->setQueryParams($uri->getQueryParams() + $qparams);
             $meta['rightURI'] = (string) $uri;
         }
     }
     $user = $this->user;
     if ($user && $repository) {
         $path = ltrim($changeset->getAbsoluteRepositoryPath($repository, $this->diff), '/');
         $line = idx($changeset->getMetadata(), 'line:first', 1);
         $callsign = $repository->getCallsign();
         $editor_link = $user->loadEditorLink($path, $line, $callsign);
         if ($editor_link) {
             $meta['editor'] = $editor_link;
         } else {
             $meta['editorConfigure'] = '/settings/panel/display/';
         }
     }
     $meta['containerID'] = $detail->getID();
     $caret = phutil_tag('span', array('class' => 'caret'), '');
     return javelin_tag('a', array('class' => 'button grey small dropdown', 'meta' => $meta, 'href' => idx($meta, 'detailURI', '#'), 'target' => '_blank', 'sigil' => 'differential-view-options'), array(pht('View Options'), $caret));
 }
 public function testUnusualURIs()
 {
     $uri = new PhutilURI('file:///path/to/file');
     $this->assertEqual('file', $uri->getProtocol(), pht('protocol'));
     $this->assertEqual('', $uri->getDomain(), pht('domain'));
     $this->assertEqual('/path/to/file', $uri->getPath(), pht('path'));
     $uri = new PhutilURI('idea://open?x=/');
     $this->assertEqual('idea', $uri->getProtocol(), pht('protocol'));
     $this->assertEqual('open', $uri->getDomain(), pht('domain'));
     $this->assertEqual('', $uri->getPath(), pht('path'));
     $this->assertEqual(array('x' => '/'), $uri->getQueryParams());
 }
 /**
  * If there's a URI specified in an OAuth request, it must be validated in
  * its own right. Further, it must have the same domain and (at least) the
  * same query parameters as the primary URI.
  */
 public function validateSecondaryRedirectURI(PhutilURI $secondary_uri, PhutilURI $primary_uri)
 {
     $valid = $this->validateRedirectURI($secondary_uri);
     if ($valid) {
         $valid_domain = $secondary_uri->getDomain() == $primary_uri->getDomain();
         $good_params = $primary_uri->getQueryParams();
         $test_params = $secondary_uri->getQueryParams();
         $missing_params = array_diff_key($good_params, $test_params);
         $valid = $valid_domain && empty($missing_params);
     }
     return $valid;
 }
 /**
  * Render a standard login/register button element.
  *
  * The `$attributes` parameter takes these keys:
  *
  *   - `uri`: URI the button should take the user to when clicked.
  *   - `method`: Optional HTTP method the button should use, defaults to GET.
  *
  * @param   AphrontRequest  HTTP request.
  * @param   string          Request mode string.
  * @param   map             Additional parameters, see above.
  * @return  wild            Login button.
  */
 protected function renderStandardLoginButton(AphrontRequest $request, $mode, array $attributes = array())
 {
     PhutilTypeSpec::checkMap($attributes, array('method' => 'optional string', 'uri' => 'string', 'sigil' => 'optional string'));
     $viewer = $request->getUser();
     $adapter = $this->getAdapter();
     if ($mode == 'link') {
         $button_text = pht('Link External Account');
     } else {
         if ($mode == 'refresh') {
             $button_text = pht('Refresh Account Link');
         } else {
             if ($mode == 'invite') {
                 $button_text = pht('Register Account');
             } else {
                 if ($this->shouldAllowRegistration()) {
                     $button_text = pht('Login or Register');
                 } else {
                     $button_text = pht('Login');
                 }
             }
         }
     }
     $icon = id(new PHUIIconView())->setSpriteSheet(PHUIIconView::SPRITE_LOGIN)->setSpriteIcon($this->getLoginIcon());
     $button = id(new PHUIButtonView())->setSize(PHUIButtonView::BIG)->setColor(PHUIButtonView::GREY)->setIcon($icon)->setText($button_text)->setSubtext($this->getProviderName());
     $uri = $attributes['uri'];
     $uri = new PhutilURI($uri);
     $params = $uri->getQueryParams();
     $uri->setQueryParams(array());
     $content = array($button);
     foreach ($params as $key => $value) {
         $content[] = phutil_tag('input', array('type' => 'hidden', 'name' => $key, 'value' => $value));
     }
     return phabricator_form($viewer, array('method' => idx($attributes, 'method', 'GET'), 'action' => (string) $uri, 'sigil' => idx($attributes, 'sigil')), $content);
 }
 private function renderViewOptionsDropdown(DifferentialChangesetDetailView $detail, $ref, DifferentialChangeset $changeset)
 {
     $meta = array();
     $qparams = array('ref' => $ref, 'whitespace' => $this->whitespace);
     if ($this->standaloneURI) {
         $uri = new PhutilURI($this->standaloneURI);
         $uri->setQueryParams($uri->getQueryParams() + $qparams);
         $meta['standaloneURI'] = (string) $uri;
     }
     $repository = $this->repository;
     if ($repository) {
         $meta['diffusionURI'] = (string) $repository->getDiffusionBrowseURIForPath($changeset->getAbsoluteRepositoryPath($repository, $this->diff));
     }
     $change = $changeset->getChangeType();
     if ($this->leftRawFileURI) {
         if ($change != DifferentialChangeType::TYPE_ADD) {
             $uri = new PhutilURI($this->leftRawFileURI);
             $uri->setQueryParams($uri->getQueryParams() + $qparams);
             $meta['leftURI'] = (string) $uri;
         }
     }
     if ($this->rightRawFileURI) {
         if ($change != DifferentialChangeType::TYPE_DELETE && $change != DifferentialChangeType::TYPE_MULTICOPY) {
             $uri = new PhutilURI($this->rightRawFileURI);
             $uri->setQueryParams($uri->getQueryParams() + $qparams);
             $meta['rightURI'] = (string) $uri;
         }
     }
     $user = $this->user;
     if ($user && $repository) {
         $path = ltrim($changeset->getAbsoluteRepositoryPath($repository, $this->diff), '/');
         $line = 1;
         // TODO: get first changed line
         $callsign = $repository->getCallsign();
         $editor_link = $user->loadEditorLink($path, $line, $callsign);
         if ($editor_link) {
             $meta['editor'] = $editor_link;
         } else {
             $meta['editorConfigure'] = '/settings/page/preferences/';
         }
     }
     $meta['containerID'] = $detail->getID();
     Javelin::initBehavior('differential-dropdown-menus', array());
     return javelin_render_tag('a', array('class' => 'button small grey', 'meta' => $meta, 'href' => idx($meta, 'detailURI', '#'), 'target' => '_blank', 'sigil' => 'differential-view-options'), "View Options ▼");
 }
 private function renderViewOptionsDropdown(DifferentialChangesetDetailView $detail, $ref, DifferentialChangeset $changeset)
 {
     $viewer = $this->getViewer();
     $meta = array();
     $qparams = array('ref' => $ref, 'whitespace' => $this->whitespace);
     if ($this->standaloneURI) {
         $uri = new PhutilURI($this->standaloneURI);
         $uri->setQueryParams($uri->getQueryParams() + $qparams);
         $meta['standaloneURI'] = (string) $uri;
     }
     $repository = $this->repository;
     if ($repository) {
         try {
             $meta['diffusionURI'] = (string) $repository->getDiffusionBrowseURIForPath($viewer, $changeset->getAbsoluteRepositoryPath($repository, $this->diff), idx($changeset->getMetadata(), 'line:first'), $this->getBranch());
         } catch (DiffusionSetupException $e) {
             // Ignore
         }
     }
     $change = $changeset->getChangeType();
     if ($this->leftRawFileURI) {
         if ($change != DifferentialChangeType::TYPE_ADD) {
             $uri = new PhutilURI($this->leftRawFileURI);
             $uri->setQueryParams($uri->getQueryParams() + $qparams);
             $meta['leftURI'] = (string) $uri;
         }
     }
     if ($this->rightRawFileURI) {
         if ($change != DifferentialChangeType::TYPE_DELETE && $change != DifferentialChangeType::TYPE_MULTICOPY) {
             $uri = new PhutilURI($this->rightRawFileURI);
             $uri->setQueryParams($uri->getQueryParams() + $qparams);
             $meta['rightURI'] = (string) $uri;
         }
     }
     if ($viewer && $repository) {
         $path = ltrim($changeset->getAbsoluteRepositoryPath($repository, $this->diff), '/');
         $line = idx($changeset->getMetadata(), 'line:first', 1);
         $editor_link = $viewer->loadEditorLink($path, $line, $repository);
         if ($editor_link) {
             $meta['editor'] = $editor_link;
         } else {
             $meta['editorConfigure'] = '/settings/panel/display/';
         }
     }
     $meta['containerID'] = $detail->getID();
     return id(new PHUIButtonView())->setTag('a')->setText(pht('View Options'))->setIcon('fa-bars')->setColor(PHUIButtonView::GREY)->setHref(idx($meta, 'detailURI', '#'))->setMetadata($meta)->addSigil('differential-view-options');
 }
 public function testUnusualURIs()
 {
     $uri = new PhutilURI('file:///path/to/file');
     $this->assertEqual('file', $uri->getProtocol(), pht('protocol'));
     $this->assertEqual('', $uri->getDomain(), pht('domain'));
     $this->assertEqual('/path/to/file', $uri->getPath(), pht('path'));
     $uri = new PhutilURI('idea://open?x=/');
     $this->assertEqual('idea', $uri->getProtocol(), pht('protocol'));
     $this->assertEqual('open', $uri->getDomain(), pht('domain'));
     $this->assertEqual('', $uri->getPath(), pht('path'));
     $this->assertEqual(array('x' => '/'), $uri->getQueryParams());
     // This is not a legitimate URI and should not parse as one.
     $uri = new PhutilURI('fruit.list: apple banana cherry');
     $this->assertEqual('', $uri->getDomain());
 }
 private function getCanonicalParameterList(HTTPSFuture $future)
 {
     $uri = new PhutilURI($future->getURI());
     $params = $uri->getQueryParams();
     ksort($params);
     $canonical_parameters = array();
     foreach ($params as $key => $value) {
         $canonical_parameters[] = rawurlencode($key) . '=' . rawurlencode($value);
     }
     $canonical_parameters = implode('&', $canonical_parameters);
     return $canonical_parameters;
 }