/**
* Check the input values for a login request
*/
function login_checkInput($input)
{
$openid_url = false;
$errors = array();
if (!isset($input['openid_url'])) {
$errors[] = 'Enter an OpenID URL to continue';
}
if (!isset($input['password'])) {
$errors[] = 'Enter a password to continue';
}
if (count($errors) == 0) {
$openid_url = $input['openid_url'];
$openid_url = Auth_OpenID::normalizeUrl($openid_url);
$password = $input['password'];
if (!checkLogin($openid_url, $password)) {
$errors[] = 'The entered password does not match the ' . 'entered identity URL.';
}
}
return array($errors, $openid_url);
}
function Auth_OpenID_discoverURI($uri, $fetcher)
{
$uri = Auth_OpenID::normalizeUrl($uri);
return Auth_OpenID_discoverWithYadis($uri, $fetcher);
}
/**
* Functions.
*/
function check_url($url)
{
return Auth_OpenID::normalizeUrl($url) !== null;
}
function test_normalizeUrl()
{
$this->assertEquals("http://foo.com/", Auth_OpenID::normalizeUrl("foo.com"));
$this->assertEquals("http://foo.com/", Auth_OpenID::normalizeUrl("http://foo.com"));
$this->assertEquals("https://foo.com/", Auth_OpenID::normalizeUrl("https://foo.com"));
$this->assertEquals("http://foo.com/bar", Auth_OpenID::normalizeUrl("foo.com/bar"));
$this->assertEquals("http://foo.com/bar", Auth_OpenID::normalizeUrl("http://foo.com/bar"));
$this->assertEquals("http://foo.com/", Auth_OpenID::normalizeUrl("http://foo.com/"));
$this->assertEquals("https://foo.com/", Auth_OpenID::normalizeUrl("https://foo.com/"));
$this->assertEquals("https://foo.com/bar", Auth_OpenID::normalizeUrl("https://foo.com/bar"));
$this->assertEquals("http://foo.com/bar", Auth_OpenID::normalizeUrl("HTtp://foo.com/bar"));
$this->assertEquals("http://foo.com/bar", Auth_OpenID::normalizeUrl("HTtp://foo.com/bar#fraggle"));
$this->assertEquals("http://foo.com/bAr/", Auth_OpenID::normalizeUrl("HTtp://fOo.com/bAr/.#fraggle"));
if (0) {
$this->assertEquals("http://foo.com/%E8%8D%89", Auth_OpenID::normalizeUrl("foo.com/\\u8349"));
$this->assertEquals("http://foo.com/%E8%8D%89", Auth_OpenID::normalizeUrl("http://foo.com/\\u8349"));
}
$non_ascii_domain_cases = array(array("http://xn--vl1a.com/", "\\u8349.com"), array("http://xn--vl1a.com/", "http://\\u8349.com"), array("http://xn--vl1a.com/", "\\u8349.com/"), array("http://xn--vl1a.com/", "http://\\u8349.com/"), array("http://xn--vl1a.com/%E8%8D%89", "\\u8349.com/\\u8349"), array("http://xn--vl1a.com/%E8%8D%89", "http://\\u8349.com/\\u8349"));
// XXX
/*
codecs.getencoder('idna')
except LookupError:
# If there is no idna codec, these cases with
# non-ascii-representable domain names should fail.
should_raise = True
else:
should_raise = False
for expected, case in non_ascii_domain_cases:
try:
actual = Auth_OpenID::normalizeUrl(case)
except UnicodeError:
assert should_raise
else:
assert not should_raise and actual == expected, case
*/
$this->assertNull(Auth_OpenID::normalizeUrl(null));
$this->assertNull(Auth_OpenID::normalizeUrl(''));
$this->assertNull(Auth_OpenID::normalizeUrl('http://'));
}
function openid_profile_update($user_id)
{
if (empty($_POST['openid_delegate'])) {
delete_usermeta($user_id, 'openid_delegate');
} else {
$old_delegate = get_usermeta($user_id, 'openid_delegate');
$delegate = Auth_OpenID::normalizeUrl($_POST['openid_delegate']);
if (openid_server_update_delegation_info($user_id, $delegate)) {
openid_message(sprintf(__('Gathered OpenID information for delegate URL %s', 'openid'), '<strong>' . $delegate . '</strong>'));
openid_status('success');
} else {
openid_message(sprintf(__('Unable to find any OpenID information for delegate URL %s', 'openid'), '<strong>' . $delegate . '</strong>'));
openid_status('error');
}
}
}
/**
* Start the OpenID authentication process. See steps 1-2 in the
* overview at the top of this file.
*
* @param User_url: Identity URL given by the user. This method
* performs a textual transformation of the URL to try and make
* sure it is normalized. For example, a user_url of example.com
* will be normalized to http://example.com/ normalizing and
* resolving any redirects the server might issue.
*
* @return Auth_OpenID_AuthRequest $auth_request An object
* containing the discovered information will be returned, with a
* method for building a redirect URL to the server, as described
* in step 3 of the overview. This object may also be used to add
* extension arguments to the request, using its 'addExtensionArg'
* method.
*/
function begin($user_url)
{
$discoverMethod = '_Auth_OpenID_discoverServiceList';
$openid_url = $user_url;
if (Services_Yadis_identifierScheme($user_url) == 'XRI') {
$discoverMethod = '_Auth_OpenID_discoverXRIServiceList';
} else {
$openid_url = Auth_OpenID::normalizeUrl($user_url);
}
$disco =& new Services_Yadis_Discovery($this->session, $openid_url, $this->session_key_prefix);
// Set the 'stale' attribute of the manager. If discovery
// fails in a fatal way, the stale flag will cause the manager
// to be cleaned up next time discovery is attempted.
$m = $disco->getManager();
$loader = new Services_Yadis_ManagerLoader();
if ($m) {
if ($m->stale) {
$disco->destroyManager();
} else {
$m->stale = true;
$disco->session->set($disco->session_key, serialize($loader->toSession($m)));
}
}
$endpoint = $disco->getNextService($discoverMethod, $this->consumer->fetcher);
// Reset the 'stale' attribute of the manager.
$m =& $disco->getManager();
if ($m) {
$m->stale = false;
$disco->session->set($disco->session_key, serialize($loader->toSession($m)));
}
if ($endpoint === null) {
return null;
} else {
return $this->beginWithoutDiscovery($endpoint);
}
}
function init_session() {
global $messages;
// Set a guess value for the server url.
if (!array_key_exists('server_url', $_SESSION)) {
$_SESSION['server_url'] = build_url();
}
foreach (array('server_url', 'include_path', 'store_type') as $key) {
if (!isset($_SESSION[$key])) {
$_SESSION[$key] = "";
}
}
if (!isset($_SESSION['store_data'])) {
$_SESSION['store_data'] = array();
}
if (!isset($_SESSION['users'])) {
$_SESSION['users'] = array();
}
if (!isset($_SESSION['trust_roots'])) {
$_SESSION['trust_roots'] = array();
}
foreach (array('server_url', 'include_path', 'store_type') as $field) {
if (array_key_exists($field, $_GET)) {
$_SESSION[$field] = $_GET[$field];
}
}
foreach (array('username', 'password', 'database', 'host', 'fs_path', 'sqlite_path') as $field) {
if (array_key_exists($field, $_GET)) {
$_SESSION['store_data'][$field] = $_GET[$field];
}
}
if ($_GET &&
isset($_GET['add_openid']) &&
isset($_GET['openid_url']) &&
isset($_GET['p1']) &&
isset($_GET['p2']) &&
$_GET['p1'] == $_GET['p2'] &&
$_GET['p1']) {
if (check_url($_GET['openid_url'])) {
$normalized = Auth_OpenID::normalizeUrl($_GET['openid_url']);
$_SESSION['users'][$normalized] = sha1($_GET['p1']);
} else {
$messages[] = "Cannot add OpenID URL; '".$_GET['openid_url']."' doesn't look like a URL.";
}
} else if ($_GET &&
isset($_GET['trust_root']) &&
$_GET['trust_root']) {
if (!in_array($_GET['trust_root'], $_SESSION['trust_roots'])) {
$_SESSION['trust_roots'][] = $_GET['trust_root'];
}
} else if ($_GET &&
isset($_GET['del_user'])) {
unset($_SESSION['users'][$_GET['del_user']]);
}
}
/**
* Report any OpenID errors during user profile updating.
*/
function openid_profile_update_errors($errors, $update, $user)
{
global $openid_user_delegation_info;
$delegate = Auth_OpenID::normalizeUrl($_POST['openid_delegate']);
if (empty($delegate)) {
return $errors;
}
$openid_user_delegation_info = openid_server_get_delegation_info($user->ID, $delegate);
if (!$openid_user_delegation_info) {
$errors->add('openid_delegate', sprintf(__('Unable to find any OpenID information for delegate URL %s', 'openid'), '<strong>' . $delegate . '</strong>'));
} else {
$id_select_count = 0;
foreach ($openid_user_delegation_info['services'] as $service) {
if (array_key_exists('LocalID', $service) && $service['LocalID'] == Auth_OpenID_IDENTIFIER_SELECT) {
$id_select_count++;
}
}
if (count($openid_user_delegation_info['services']) <= $id_select_count) {
$errors->add('openid_delegate', sprintf(__('You cannot delegate to an OpenID provider which uses Identifier Select.', 'openid')));
}
}
return $errors;
}
function Auth_OpenID_discoverURI($uri, &$fetcher)
{
$parsed = parse_url($uri);
if ($parsed && isset($parsed['scheme']) && isset($parsed['host'])) {
if (!in_array($parsed['scheme'], array('http', 'https'))) {
// raise DiscoveryFailure('URI scheme is not HTTP or HTTPS', None)
return array($uri, array());
}
} else {
$uri = 'http://' . $uri;
}
$uri = Auth_OpenID::normalizeUrl($uri);
return Auth_OpenID_discoverWithYadis($uri, $fetcher);
}
<?php
require_once dirname(__FILE__) . '/include/setup.php';
$path_extra = dirname(__FILE__) . '/include/';
$path = ini_get('include_path');
$path = $path_extra . PATH_SEPARATOR . $path;
ini_set('include_path', $path);
require 'Auth/OpenID.php';
require_once dirname(__FILE__) . '/include/connectDB.php';
if (!$_REQUEST['url']) {
die('Must specify a URL!');
}
$url = Auth_OpenID::normalizeUrl($_REQUEST['url']);
$url = mysql_real_escape_string($url, $db);
header('Content-Type: application/xhtml+xml; charset=utf-8');
echo '<?xml version="1.0" encoding="utf-8"?>';
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>Demand No Flash! - User <?php
echo htmlentities($url);
?>
</title>
<link rel="stylesheet" media="screen" type="text/css" href="main.css" />
</head>
<body>
<?php
require 'header.php';
/**
* hook in and call when user is updating their profile URL... make sure it is an OpenID they control.
*/
function personal_options_update()
{
set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path());
require_once 'Auth/OpenID.php';
$claimed = Auth_OpenID::normalizeUrl($_POST['url']);
$user = wp_get_current_user();
openid_init();
$store =& WordPressOpenID_Logic::getStore();
$identities = $store->get_identities($user->ID);
if (!empty($identities)) {
$urls = array();
foreach ($identities as $id) {
if ($id['url'] == $claimed) {
return;
} else {
$urls[] = $id['url'];
}
}
wp_die('For security reasons, your profile URL must be one of your claimed ' . 'Identity URLs: <ul><li>' . join('</li><li>', $urls) . '</li></ul>');
}
}
/**
* Perform XRDS discovery at the specified URI for any EAUT Services.
*/
function Auth_Yadis_Email_getServices($uri, $fetcher)
{
$uri = Auth_OpenID::normalizeUrl($uri);
$response = Auth_Yadis_Yadis::discover($uri, $fetcher);
if ($response->isXRDS()) {
$xrds =& Auth_Yadis_XRDS::parseXRDS($response->response_text);
if ($xrds) {
return $xrds->services(array('filter_MatchesAnyEmailType'));
}
}
}
