public function __construct(HttpUrl $claimedId, HttpClient $httpClient)
{
$this->claimedId = $claimedId->makeComparable();
if (!$claimedId->isValid()) {
throw new OpenIdException('invalid claimed id');
}
$this->httpClient = $httpClient;
$response = $httpClient->send(HttpRequest::create()->setHeaderVar('Accept', self::HEADER_ACCEPT)->setMethod(HttpMethod::get())->setUrl($claimedId));
if ($response->getStatus()->getId() != 200) {
throw new OpenIdException('can\'t fetch document');
}
$contentType = $response->getHeader('content-type');
if (mb_stripos($contentType, self::HEADER_CONT_TYPE) !== false) {
$this->parseXRDS($response->getBody());
} elseif ($response->hasHeader(self::HEADER_XRDS_LOCATION)) {
$this->loadXRDS($response->getHeader(self::HEADER_XRDS_LOCATION));
} else {
$this->parseHTML($response->getBody());
}
if (!$this->server || !$this->server->isValid()) {
throw new OpenIdException('bad server');
} else {
$this->server->makeComparable();
}
if (!$this->realId) {
$this->realId = $claimedId;
} elseif (!$this->realId->isValid()) {
throw new OpenIdException('bad delegate');
} else {
$this->realId->makeComparable();
}
}
/**
* check_authentication mode request
**/
private function checkAuthentication(array $parameters, $manager = null)
{
$credentials = new OpenIdCredentials(HttpUrl::create()->parse($parameters['openid.identity']), $this->httpClient);
$request = HttpRequest::create()->setMethod(HttpMethod::post())->setUrl($credentials->getServer());
if (isset($parameters['openid.invalidate_handle']) && $manager) {
$request->setPostVar('openid.invalidate_handle', $parameters['openid.invalidate_handle']);
}
foreach (explode(',', $parameters['openid.signed']) as $key) {
$key = 'openid.' . $key;
$request->setPostVar($key, $parameters[$key]);
}
$request->setPostVar('openid.mode', 'check_authentication')->setPostVar('openid.assoc_handle', $parameters['openid.assoc_handle'])->setPostVar('openid.sig', $parameters['openid.sig'])->setPostVar('openid.signed', $parameters['openid.signed']);
$response = $this->httpClient->send($request);
if ($response->getStatus()->getId() != HttpStatus::CODE_200) {
throw new OpenIdException('bad response code from server');
}
$result = $this->parseKeyValueFormat($response->getBody());
if (!isset($result['is_valid']) || $result['is_valid'] !== 'true' && $result['is_valid'] !== 'false') {
throw new OpenIdException('strange response given');
}
if ($result['is_valid'] === 'true') {
if (isset($result['invalidate_handle']) && $manager) {
$manager->purgeByHandle($result['invalidate_handle']);
}
return true;
} elseif ($result['is_valid'] === 'false') {
return false;
}
Assert::isUnreachable();
}
/**
* Set Google authentication credentials.
* Must be done before trying to do any Google Data operations that
* require authentication.
* For example, viewing private data, or posting or deleting entries.
*
* @param string $email
* @param string $password
* @param string $service
* @param \ZendGData\HttpClient $client
* @param string $source
* @param string $loginToken The token identifier as provided by the server.
* @param string $loginCaptcha The user's response to the CAPTCHA challenge.
* @param string $accountType An optional string to identify whether the
* account to be authenticated is a google or a hosted account. Defaults to
* 'HOSTED_OR_GOOGLE'. See: http://code.google.com/apis/accounts/docs/AuthForInstalledApps.html#Request
* @throws \ZendGData\App\AuthException
* @throws \ZendGData\App\HttpException
* @throws \ZendGData\App\CaptchaRequiredException
* @return \ZendGData\HttpClient
*/
public static function getHttpClient($email, $password, $service = 'xapi', HttpClient $client = null, $source = self::DEFAULT_SOURCE, $loginToken = null, $loginCaptcha = null, $loginUri = self::CLIENTLOGIN_URI, $accountType = 'HOSTED_OR_GOOGLE')
{
if (!($email && $password)) {
throw new App\AuthException('Please set your Google credentials before trying to ' . 'authenticate');
}
if ($client == null) {
$client = new HttpClient();
}
// Build the HTTP client for authentication
$client->setUri($loginUri);
$client->setMethod('POST');
$useragent = App::getUserAgentString($source);
$client->setOptions(array('maxredirects' => 0, 'strictredirects' => true, 'useragent' => $useragent));
$client->setEncType('multipart/form-data');
$postParams = array('accountType' => $accountType, 'Email' => (string) $email, 'Passwd' => (string) $password, 'service' => (string) $service, 'source' => (string) $source);
if ($loginToken || $loginCaptcha) {
if ($loginToken && $loginCaptcha) {
$postParams += array('logintoken' => (string) $loginToken, 'logincaptcha' => (string) $loginCaptcha);
} else {
throw new App\AuthException('Please provide both a token ID and a user\'s response ' . 'to the CAPTCHA challenge.');
}
}
$client->setParameterPost($postParams);
// Send the authentication request
// For some reason Google's server causes an SSL error. We use the
// output buffer to supress an error from being shown. Ugly - but works!
ob_start();
try {
$response = $client->send();
} catch (\Zend\Http\Client\Exception\ExceptionInterface $e) {
throw new App\HttpException($e->getMessage(), $e);
}
ob_end_clean();
// Parse Google's response
$goog_resp = array();
foreach (explode("\n", $response->getBody()) as $l) {
$l = rtrim($l);
if ($l) {
list($key, $val) = explode('=', rtrim($l), 2);
$goog_resp[$key] = $val;
}
}
if ($response->getStatusCode() == 200) {
$client->setClientLoginToken($goog_resp['Auth']);
$useragent = App::getUserAgentString($source);
$client->setOptions(array('strictredirects' => true, 'useragent' => $useragent));
return $client;
} elseif ($response->getStatusCode() == 403) {
// Check if the server asked for a CAPTCHA
if (array_key_exists('Error', $goog_resp) && $goog_resp['Error'] == 'CaptchaRequired') {
throw new App\CaptchaRequiredException($goog_resp['CaptchaToken'], $goog_resp['CaptchaUrl']);
} else {
throw new App\AuthException('Authentication with Google failed. Reason: ' . (isset($goog_resp['Error']) ? $goog_resp['Error'] : 'Unspecified.'));
}
}
}
/**
* Check if the HTTP method is accepted and send a HTTP request to it.
* Retrieve error from the request and throw a new error
*
* @param string $method HTTP action to trigger
* @param array $arguments Array containing all the parameters pass to the magic method
*
* @throws \Crew\Unsplash\Exception if the HTTP request failed
*
* @see Crew\Unsplash\HttpClient::send()
*
* @return \GuzzleHttp\Psr7\Response
*/
public static function __callStatic($method, $arguments)
{
// Validate if the $method is part of the accepted http method array
if (in_array($method, self::$acceptedHttpMethod)) {
$httpClient = new HttpClient();
$response = $httpClient->send($method, $arguments);
// Validate if the request failed
if (!self::isGoodRequest($response)) {
throw new Exception(self::getErrorMessage($response), $response->getStatusCode());
}
return $response;
}
}
/**
* Perform the request
*
* @param string $url URL of request
* @param string $requestMethod (GET|POST|PUT|DELETE)
* @param string $data Data in string format
* @param array $headers
* @return string
* @throws HttpClient_Exception
* @throws HttpClient_HttpStatusException
* @throws HttpClient_UnknownHttpStatusException
* @throws HttpClient_ConnectionErrorException
* @access public
*/
public function send($url, $requestMethod, $data = null, array $headers = null)
{
$params = array();
if (false !== ($pos = strpos($url, '?'))) {
$paramPairs = explode('&', substr($url, $pos + 1));
foreach ($paramPairs as $pair) {
$pairSplit = explode('=', $pair);
$params[$pairSplit[0]] = isset($pairSplit[1]) ? $pairSplit[1] : null;
}
}
$request = Lib\OAuthRequest::from_consumer_and_token($this->consumer, $this->token, $requestMethod, $url, $params);
$request->sign_request(new Lib\OAuthSignatureMethod_HMAC_SHA1(), $this->consumer, $this->token);
if (is_null($headers)) {
$headers = array();
}
$headers = array_merge($headers, array($request->to_header()));
return parent::send($url, $requestMethod, $data, $headers);
}
