function parseService($yadis_url, $uri, $type_uris, $service_element) { // Set the state of this object based on the contents of the // service element. $this->type_uris = $type_uris; $this->identity_url = $yadis_url; $this->server_url = $uri; $this->delegate = Auth_OpenID_ServiceEndpoint::findDelegate($service_element); $this->used_yadis = true; }
static function fromDiscoveryResult($discoveryResult) { if ($discoveryResult->isXRDS()) { return Auth_OpenID_ServiceEndpoint::fromXRDS($discoveryResult->normalized_uri, $discoveryResult->response_text); } else { return Auth_OpenID_ServiceEndpoint::fromHTML($discoveryResult->normalized_uri, $discoveryResult->response_text); } }
/** * Discover and cache OpenID services for a user's delegate OpenID. * * @param int $userid user ID * @url string URL to discover. If not provided, user's current delegate will be used * @return bool true if successful */ function openid_server_update_delegation_info($userid, $url = null) { if (empty($url)) { $url = get_usermeta($userid, 'openid_delegate'); } if (empty($url)) { return false; } $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); $discoveryResult = Auth_Yadis_Yadis::discover($url, $fetcher); $endpoints = Auth_OpenID_ServiceEndpoint::fromDiscoveryResult($discoveryResult); $services = array(); if (!empty($endpoints)) { foreach ($endpoints as $endpoint) { $service = array('Type' => array(), 'URI' => $endpoint->server_url); foreach ($endpoint->type_uris as $type) { $service['Type'][] = array('content' => $type); if ($type == Auth_OpenID_TYPE_2_0_IDP) { $service['LocalID'] = Auth_OpenID_IDENTIFIER_SELECT; } else { if ($type == Auth_OpenID_TYPE_2_0) { $service['LocalID'] = $endpoint->local_id; } else { if (in_array($type, array(Auth_OpenID_TYPE_1_0, Auth_OpenID_TYPE_1_1, Auth_OpenID_TYPE_1_2))) { $service['openid:Delegate'] = $endpoint->local_id; } } } } $services[] = $service; } } if (empty($services)) { // resort to checking for HTML links $response = $fetcher->get($url); $html_content = $response->body; $p = new Auth_OpenID_Parse(); $link_attrs = $p->parseLinkAttrs($html_content); // check HTML for OpenID2 $server_url = $p->findFirstHref($link_attrs, 'openid2.provider'); if ($server_url !== null) { $openid_url = $p->findFirstHref($link_attrs, 'openid2.local_id'); if ($openid_url == null) { $openid_url = $url; } $services[] = array('Type' => array(array('content' => Auth_OpenID_Type_1_1)), 'URI' => $server_url, 'LocalID' => $openid_url); } // check HTML for OpenID1 $server_url = $p->findFirstHref($link_attrs, 'openid.server'); if ($server_url !== null) { $openid_url = $p->findFirstHref($link_attrs, 'openid.delegate'); if ($openid_url == null) { $openid_url = $url; } $services[] = array('Type' => array(array('content' => Auth_OpenID_Type_2_0)), 'URI' => $server_url, 'openid:Delegate' => $openid_url); } } if (empty($services)) { return false; } update_usermeta($userid, 'openid_delegate', $url); update_usermeta($userid, 'openid_delegate_services', $services); return true; }
/** * @access private */ function _verifyDiscoveryResultsOpenID2($message, $endpoint) { $to_match = new Auth_OpenID_ServiceEndpoint(); $to_match->type_uris = array(Auth_OpenID_TYPE_2_0); $to_match->claimed_id = $message->getArg(Auth_OpenID_OPENID2_NS, 'claimed_id'); $to_match->local_id = $message->getArg(Auth_OpenID_OPENID2_NS, 'identity'); $to_match->server_url = $message->getArg(Auth_OpenID_OPENID2_NS, 'op_endpoint'); if ($to_match->server_url === null) { return new Auth_OpenID_FailureResponse($endpoint, "OP Endpoint URL missing"); } // claimed_id and identifier must both be present or both be // absent if ($to_match->claimed_id === null && $to_match->local_id !== null) { return new Auth_OpenID_FailureResponse($endpoint, 'openid.identity is present without openid.claimed_id'); } if ($to_match->claimed_id !== null && $to_match->local_id === null) { return new Auth_OpenID_FailureResponse($endpoint, 'openid.claimed_id is present without openid.identity'); } if ($to_match->claimed_id === null) { // This is a response without identifiers, so there's // really no checking that we can do, so return an // endpoint that's for the specified `openid.op_endpoint' return Auth_OpenID_ServiceEndpoint::fromOPEndpointURL($to_match->server_url); } if (!$endpoint) { // The claimed ID doesn't match, so we have to do // discovery again. This covers not using sessions, OP // identifier endpoints and responses that didn't match // the original request. // oidutil.log('No pre-discovered information supplied.') return $this->_discoverAndVerify($to_match->claimed_id, array($to_match)); } else { // The claimed ID matches, so we use the endpoint that we // discovered in initiation. This should be the most // common case. $result = $this->_verifyDiscoverySingle($endpoint, $to_match); if (Auth_OpenID::isFailure($result)) { $endpoint = $this->_discoverAndVerify($to_match->claimed_id, array($to_match)); if (Auth_OpenID::isFailure($endpoint)) { return $endpoint; } } } // The endpoint we return should have the claimed ID from the // message we just verified, fragment and all. if ($endpoint->claimed_id != $to_match->claimed_id) { $endpoint->claimed_id = $to_match->claimed_id; } return $endpoint; }
function test_useCanonicalID() { $endpoint = new Auth_OpenID_ServiceEndpoint(); $endpoint->claimed_id = Auth_Yadis_XRI("=!1000"); $endpoint->canonicalID = Auth_Yadis_XRI("=!1000"); $htis->assertEquals($endpoint->getLocalID(), Auth_Yadis_XRI("=!1000")); }
function Auth_OpenID_discoverWithoutYadis($uri, &$fetcher) { $http_resp = @$fetcher->get($uri); if ($http_resp->status != 200) { return array($uri, array()); } $identity_url = $http_resp->final_url; // Try to parse the response as HTML to get OpenID 1.0/1.1 <link // rel="..."> $openid_services = Auth_OpenID_ServiceEndpoint::fromHTML($identity_url, $http_resp->body); return array($identity_url, $openid_services); }
function test_useCanonicalID() { // When there is no delegate, the CanonicalID should be used // with XRI. $endpoint = new Auth_OpenID_ServiceEndpoint(); $endpoint->identity_url = "=example"; $endpoint->canonicalID = Services_Yadis_XRI("=!1000"); $this->assertEquals($endpoint->getServerID(), Services_Yadis_XRI("=!1000")); }