public function chooseAction(HttpRequest $request)
{
$action = Primitive::choice('action')->setList($this->methodMap);
if ($this->getDefaultAction()) {
$action->setDefault($this->getDefaultAction());
}
Form::create()->add($action)->import($request->getGet())->importMore($request->getPost())->importMore($request->getAttached());
if (!($command = $action->getValue())) {
return $action->getDefault();
}
return $command;
}
/**
* 验证token是否有效
*/
public function valid()
{
if ($this->checkSignature()) {
exit(HttpRequest::getGet('echostr'));
}
}
protected function makeHandle(HttpRequest $request, CurlHttpResponse $response)
{
$handle = curl_init();
Assert::isNotNull($request->getMethod());
$options = array(CURLOPT_WRITEFUNCTION => array($response, 'writeBody'), CURLOPT_HEADERFUNCTION => array($response, 'writeHeader'), CURLOPT_URL => $request->getUrl()->toString(), CURLOPT_USERAGENT => 'onPHP::' . __CLASS__);
if ($this->isPhp55()) {
$options[CURLOPT_SAFE_UPLOAD] = true;
}
if ($this->noBody !== null) {
$options[CURLOPT_NOBODY] = $this->noBody;
}
if ($this->followLocation !== null) {
$options[CURLOPT_FOLLOWLOCATION] = $this->followLocation;
}
switch ($request->getMethod()->getId()) {
case HttpMethod::GET:
$options[CURLOPT_HTTPGET] = true;
if ($request->getGet()) {
$options[CURLOPT_URL] .= ($request->getUrl()->getQuery() ? '&' : '?') . $this->argumentsToString($request->getGet());
}
break;
case HttpMethod::POST:
if ($request->getGet()) {
$options[CURLOPT_URL] .= ($request->getUrl()->getQuery() ? '&' : '?') . $this->argumentsToString($request->getGet());
}
$options[CURLOPT_POST] = true;
$options[CURLOPT_POSTFIELDS] = $this->getPostFields($request);
break;
default:
$options[CURLOPT_CUSTOMREQUEST] = $request->getMethod()->getName();
break;
}
$headers = array();
foreach ($request->getHeaderList() as $headerName => $headerValue) {
$headers[] = "{$headerName}: {$headerValue}";
}
if ($headers) {
$options[CURLOPT_HTTPHEADER] = $headers;
}
if ($request->getCookie()) {
$cookies = array();
foreach ($request->getCookie() as $name => $value) {
$cookies[] = $name . '=' . urlencode($value);
}
$options[CURLOPT_COOKIE] = implode('; ', $cookies);
}
foreach ($this->options as $key => $value) {
$options[$key] = $value;
}
curl_setopt_array($handle, $options);
return $handle;
}
/**
* proceed results of checkid_immediate and checkid_setup
*
* @param $request incoming request
* @param
**/
public function doContinue(HttpRequest $request, $manager = null)
{
if ($manager) {
Assert::isTrue($manager instanceof OpenIdConsumerAssociationManager);
}
$parameters = $this->parseGetParameters($request->getGet());
foreach ($this->extensions as $extension) {
$extension->parseResponce($request, $parameters);
}
if (!isset($parameters['openid.mode'])) {
throw new WrongArgumentException('not an openid request');
}
if ($parameters['openid.mode'] == 'id_res') {
if (isset($parameters['openid.user_setup_url'])) {
$setupUrl = HttpUrl::create()->parse($parameters['openid.user_setup_url']);
Assert::isTrue($setupUrl->isValid());
return new OpenIdConsumerSetupRequired($setupUrl);
}
} elseif ($parameters['openid.mode'] = 'cancel') {
return new OpenIdConsumerCancel();
}
if (!isset($parameters['openid.assoc_handle'])) {
throw new WrongArgumentException('no association handle');
}
if (!isset($parameters['openid.identity'])) {
throw new WrongArgumentException('no identity');
}
$identity = HttpUrl::create()->parse($parameters['openid.identity']);
Assert::isTrue($identity->isValid(), 'invalid identity');
$identity->makeComparable();
$signedFields = array();
if (isset($parameters['openid.signed'], $parameters['openid.sig'])) {
$signedFields = explode(',', $parameters['openid.signed']);
if (!in_array('identity', $signedFields)) {
throw new WrongArgumentException('identity must be signed');
}
} else {
throw new WrongArgumentException('no signature in response');
}
if ($manager && ($association = $manager->findByHandle($parameters['openid.assoc_handle'], self::ASSOCIATION_TYPE)) && !isset($parameters['openid.invalidate_handle'])) {
// smart mode
$tokenContents = null;
foreach ($signedFields as $signedField) {
$tokenContents .= $signedField . ':' . $parameters['openid.' . strtr($signedField, '.', '_')] . "\n";
}
if (base64_encode(CryptoFunctions::hmacsha1($association->getSecret(), $tokenContents)) != $parameters['openid.sig']) {
throw new WrongArgumentException('signature mismatch');
}
return new OpenIdConsumerPositive($identity);
} elseif (!$manager || isset($parameters['openid.invalidate_handle'])) {
// dumb or handle invalidation mode
if ($this->checkAuthentication($parameters, $manager)) {
return new OpenIdConsumerPositive($identity);
} else {
return new OpenIdConsumerFail();
}
}
Assert::isUnreachable();
}
