123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564 |
- <?php
- /**
- * This is the PHP OpenID library by JanRain, Inc.
- *
- * This module contains core utility functionality used by the
- * library. See Consumer.php and Server.php for the consumer and
- * server implementations.
- *
- * PHP versions 4 and 5
- *
- * LICENSE: See the COPYING file included in this distribution.
- *
- * @package OpenID
- * @author JanRain, Inc. <openid@janrain.com>
- * @copyright 2005-2008 Janrain, Inc.
- * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
- */
- /**
- * The library version string
- */
- define('Auth_OpenID_VERSION', '2.2.2');
- /**
- * Require the fetcher code.
- */
- require_once "Auth/Yadis/PlainHTTPFetcher.php";
- require_once "Auth/Yadis/ParanoidHTTPFetcher.php";
- require_once "Auth/OpenID/BigMath.php";
- require_once "Auth/OpenID/URINorm.php";
- /**
- * Status code returned by the server when the only option is to show
- * an error page, since we do not have enough information to redirect
- * back to the consumer. The associated value is an error message that
- * should be displayed on an HTML error page.
- *
- * @see Auth_OpenID_Server
- */
- define('Auth_OpenID_LOCAL_ERROR', 'local_error');
- /**
- * Status code returned when there is an error to return in key-value
- * form to the consumer. The caller should return a 400 Bad Request
- * response with content-type text/plain and the value as the body.
- *
- * @see Auth_OpenID_Server
- */
- define('Auth_OpenID_REMOTE_ERROR', 'remote_error');
- /**
- * Status code returned when there is a key-value form OK response to
- * the consumer. The value associated with this code is the
- * response. The caller should return a 200 OK response with
- * content-type text/plain and the value as the body.
- *
- * @see Auth_OpenID_Server
- */
- define('Auth_OpenID_REMOTE_OK', 'remote_ok');
- /**
- * Status code returned when there is a redirect back to the
- * consumer. The value is the URL to redirect back to. The caller
- * should return a 302 Found redirect with a Location: header
- * containing the URL.
- *
- * @see Auth_OpenID_Server
- */
- define('Auth_OpenID_REDIRECT', 'redirect');
- /**
- * Status code returned when the caller needs to authenticate the
- * user. The associated value is a {@link Auth_OpenID_ServerRequest}
- * object that can be used to complete the authentication. If the user
- * has taken some authentication action, use the retry() method of the
- * {@link Auth_OpenID_ServerRequest} object to complete the request.
- *
- * @see Auth_OpenID_Server
- */
- define('Auth_OpenID_DO_AUTH', 'do_auth');
- /**
- * Status code returned when there were no OpenID arguments
- * passed. This code indicates that the caller should return a 200 OK
- * response and display an HTML page that says that this is an OpenID
- * server endpoint.
- *
- * @see Auth_OpenID_Server
- */
- define('Auth_OpenID_DO_ABOUT', 'do_about');
- /**
- * Defines for regexes and format checking.
- */
- define('Auth_OpenID_letters',
- "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ");
- define('Auth_OpenID_digits',
- "0123456789");
- define('Auth_OpenID_punct',
- "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~");
- Auth_OpenID_include_init();
- /**
- * The OpenID utility function class.
- *
- * @package OpenID
- * @access private
- */
- class Auth_OpenID {
- /**
- * Return true if $thing is an Auth_OpenID_FailureResponse object;
- * false if not.
- *
- * @access private
- */
- static function isFailure($thing)
- {
- return is_a($thing, 'Auth_OpenID_FailureResponse');
- }
- /**
- * Gets the query data from the server environment based on the
- * request method used. If GET was used, this looks at
- * $_SERVER['QUERY_STRING'] directly. If POST was used, this
- * fetches data from the special php://input file stream.
- *
- * Returns an associative array of the query arguments.
- *
- * Skips invalid key/value pairs (i.e. keys with no '=value'
- * portion).
- *
- * Returns an empty array if neither GET nor POST was used, or if
- * POST was used but php://input cannot be opened.
- *
- * See background:
- * http://lists.openidenabled.com/pipermail/dev/2007-March/000395.html
- *
- * @access private
- */
- static function getQuery($query_str=null)
- {
- $data = array();
- if ($query_str !== null) {
- $data = Auth_OpenID::params_from_string($query_str);
- } else if (!array_key_exists('REQUEST_METHOD', $_SERVER)) {
- // Do nothing.
- } else {
- // XXX HACK FIXME HORRIBLE.
- //
- // POSTing to a URL with query parameters is acceptable, but
- // we don't have a clean way to distinguish those parameters
- // when we need to do things like return_to verification
- // which only want to look at one kind of parameter. We're
- // going to emulate the behavior of some other environments
- // by defaulting to GET and overwriting with POST if POST
- // data is available.
- $data = Auth_OpenID::params_from_string($_SERVER['QUERY_STRING']);
- if ($_SERVER['REQUEST_METHOD'] == 'POST') {
- $str = file_get_contents('php://input');
- if ($str === false) {
- $post = array();
- } else {
- $post = Auth_OpenID::params_from_string($str);
- }
- $data = array_merge($data, $post);
- }
- }
- return $data;
- }
- static function params_from_string($str)
- {
- $chunks = explode("&", $str);
- $data = array();
- foreach ($chunks as $chunk) {
- $parts = explode("=", $chunk, 2);
- if (count($parts) != 2) {
- continue;
- }
- list($k, $v) = $parts;
- $data[urldecode($k)] = urldecode($v);
- }
- return $data;
- }
- /**
- * Create dir_name as a directory if it does not exist. If it
- * exists, make sure that it is, in fact, a directory. Returns
- * true if the operation succeeded; false if not.
- *
- * @access private
- */
- static function ensureDir($dir_name)
- {
- if (is_dir($dir_name) || @mkdir($dir_name)) {
- return true;
- } else {
- $parent_dir = dirname($dir_name);
- // Terminal case; there is no parent directory to create.
- if ($parent_dir == $dir_name) {
- return true;
- }
- return (Auth_OpenID::ensureDir($parent_dir) && @mkdir($dir_name));
- }
- }
- /**
- * Adds a string prefix to all values of an array. Returns a new
- * array containing the prefixed values.
- *
- * @access private
- */
- static function addPrefix($values, $prefix)
- {
- $new_values = array();
- foreach ($values as $s) {
- $new_values[] = $prefix . $s;
- }
- return $new_values;
- }
- /**
- * Convenience function for getting array values. Given an array
- * $arr and a key $key, get the corresponding value from the array
- * or return $default if the key is absent.
- *
- * @access private
- */
- static function arrayGet($arr, $key, $fallback = null)
- {
- if (is_array($arr)) {
- if (array_key_exists($key, $arr)) {
- return $arr[$key];
- } else {
- return $fallback;
- }
- } else {
- trigger_error("Auth_OpenID::arrayGet (key = ".$key.") expected " .
- "array as first parameter, got " .
- gettype($arr), E_USER_WARNING);
- return false;
- }
- }
- /**
- * Replacement for PHP's broken parse_str.
- */
- static function parse_str($query)
- {
- if ($query === null) {
- return null;
- }
- $parts = explode('&', $query);
- $new_parts = array();
- for ($i = 0; $i < count($parts); $i++) {
- $pair = explode('=', $parts[$i]);
- if (count($pair) != 2) {
- continue;
- }
- list($key, $value) = $pair;
- $new_parts[urldecode($key)] = urldecode($value);
- }
- return $new_parts;
- }
- /**
- * Implements the PHP 5 'http_build_query' functionality.
- *
- * @access private
- * @param array $data Either an array key/value pairs or an array
- * of arrays, each of which holding two values: a key and a value,
- * sequentially.
- * @return string $result The result of url-encoding the key/value
- * pairs from $data into a URL query string
- * (e.g. "username=bob&id=56").
- */
- static function httpBuildQuery($data)
- {
- $pairs = array();
- foreach ($data as $key => $value) {
- if (is_array($value)) {
- $pairs[] = urlencode($value[0])."=".urlencode($value[1]);
- } else {
- $pairs[] = urlencode($key)."=".urlencode($value);
- }
- }
- return implode("&", $pairs);
- }
- /**
- * "Appends" query arguments onto a URL. The URL may or may not
- * already have arguments (following a question mark).
- *
- * @access private
- * @param string $url A URL, which may or may not already have
- * arguments.
- * @param array $args Either an array key/value pairs or an array of
- * arrays, each of which holding two values: a key and a value,
- * sequentially. If $args is an ordinary key/value array, the
- * parameters will be added to the URL in sorted alphabetical order;
- * if $args is an array of arrays, their order will be preserved.
- * @return string $url The original URL with the new parameters added.
- *
- */
- static function appendArgs($url, $args)
- {
- if (count($args) == 0) {
- return $url;
- }
- // Non-empty array; if it is an array of arrays, use
- // multisort; otherwise use sort.
- if (array_key_exists(0, $args) &&
- is_array($args[0])) {
- // Do nothing here.
- } else {
- $keys = array_keys($args);
- sort($keys);
- $new_args = array();
- foreach ($keys as $key) {
- $new_args[] = array($key, $args[$key]);
- }
- $args = $new_args;
- }
- $sep = '?';
- if (strpos($url, '?') !== false) {
- $sep = '&';
- }
- return $url . $sep . Auth_OpenID::httpBuildQuery($args);
- }
- /**
- * Implements python's urlunparse, which is not available in PHP.
- * Given the specified components of a URL, this function rebuilds
- * and returns the URL.
- *
- * @access private
- * @param string $scheme The scheme (e.g. 'http'). Defaults to 'http'.
- * @param string $host The host. Required.
- * @param string $port The port.
- * @param string $path The path.
- * @param string $query The query.
- * @param string $fragment The fragment.
- * @return string $url The URL resulting from assembling the
- * specified components.
- */
- static function urlunparse($scheme, $host, $port = null, $path = '/',
- $query = '', $fragment = '')
- {
- if (!$scheme) {
- $scheme = 'http';
- }
- if (!$host) {
- return false;
- }
- if (!$path) {
- $path = '';
- }
- $result = $scheme . "://" . $host;
- if ($port) {
- $result .= ":" . $port;
- }
- $result .= $path;
- if ($query) {
- $result .= "?" . $query;
- }
- if ($fragment) {
- $result .= "#" . $fragment;
- }
- return $result;
- }
- /**
- * Given a URL, this "normalizes" it by adding a trailing slash
- * and / or a leading http:// scheme where necessary. Returns
- * null if the original URL is malformed and cannot be normalized.
- *
- * @access private
- * @param string $url The URL to be normalized.
- * @return mixed $new_url The URL after normalization, or null if
- * $url was malformed.
- */
- static function normalizeUrl($url)
- {
- @$parsed = parse_url($url);
- if (!$parsed) {
- return null;
- }
- if (isset($parsed['scheme']) &&
- isset($parsed['host'])) {
- $scheme = strtolower($parsed['scheme']);
- if (!in_array($scheme, array('http', 'https'))) {
- return null;
- }
- } else {
- $url = 'http://' . $url;
- }
- $normalized = Auth_OpenID_urinorm($url);
- if ($normalized === null) {
- return null;
- }
- list($defragged, $frag) = Auth_OpenID::urldefrag($normalized);
- return $defragged;
- }
- /**
- * Replacement (wrapper) for PHP's intval() because it's broken.
- *
- * @access private
- */
- static function intval($value)
- {
- $re = "/^\\d+$/";
- if (!preg_match($re, $value)) {
- return false;
- }
- return intval($value);
- }
- /**
- * Count the number of bytes in a string independently of
- * multibyte support conditions.
- *
- * @param string $str The string of bytes to count.
- * @return int The number of bytes in $str.
- */
- static function bytes($str)
- {
- return strlen(bin2hex($str)) / 2;
- }
- /**
- * Get the bytes in a string independently of multibyte support
- * conditions.
- */
- static function toBytes($str)
- {
- $hex = bin2hex($str);
- if (!$hex) {
- return array();
- }
- $b = array();
- for ($i = 0; $i < strlen($hex); $i += 2) {
- $b[] = chr(base_convert(substr($hex, $i, 2), 16, 10));
- }
- return $b;
- }
- static function urldefrag($url)
- {
- $parts = explode("#", $url, 2);
- if (count($parts) == 1) {
- return array($parts[0], "");
- } else {
- return $parts;
- }
- }
- static function filter($callback, &$sequence)
- {
- $result = array();
- foreach ($sequence as $item) {
- if (call_user_func_array($callback, array($item))) {
- $result[] = $item;
- }
- }
- return $result;
- }
- static function update(&$dest, &$src)
- {
- foreach ($src as $k => $v) {
- $dest[$k] = $v;
- }
- }
- /**
- * Wrap PHP's standard error_log functionality. Use this to
- * perform all logging. It will interpolate any additional
- * arguments into the format string before logging.
- *
- * @param string $format_string The sprintf format for the message
- */
- static function log($format_string)
- {
- $args = func_get_args();
- $message = call_user_func_array('sprintf', $args);
- error_log($message);
- }
- static function autoSubmitHTML($form, $title="OpenId transaction in progress")
- {
- return("<html>".
- "<head><title>".
- $title .
- "</title></head>".
- "<body onload='document.forms[0].submit();'>".
- $form .
- "<script>".
- "var elements = document.forms[0].elements;".
- "for (var i = 0; i < elements.length; i++) {".
- " elements[i].style.display = \"none\";".
- "}".
- "</script>".
- "</body>".
- "</html>");
- }
- }
- /*
- * Function to run when this file is included.
- * Abstracted to a function to make life easier
- * for some PHP optimizers.
- */
- function Auth_OpenID_include_init() {
- if (Auth_OpenID_getMathLib() === null) {
- Auth_OpenID_setNoMathSupport();
- }
- }
|