HTTPFetcher.php 4.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175
  1. <?php
  2. /**
  3. * This module contains the HTTP fetcher interface
  4. *
  5. * PHP versions 4 and 5
  6. *
  7. * LICENSE: See the COPYING file included in this distribution.
  8. *
  9. * @package OpenID
  10. * @author JanRain, Inc. <openid@janrain.com>
  11. * @copyright 2005-2008 Janrain, Inc.
  12. * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
  13. */
  14. /**
  15. * Require logging functionality
  16. */
  17. require_once "Auth/OpenID.php";
  18. define('Auth_OpenID_FETCHER_MAX_RESPONSE_KB', 1024);
  19. define('Auth_OpenID_USER_AGENT',
  20. 'php-openid/'.Auth_OpenID_VERSION.' (php/'.phpversion().')');
  21. class Auth_Yadis_HTTPResponse {
  22. function Auth_Yadis_HTTPResponse($final_url = null, $status = null,
  23. $headers = null, $body = null)
  24. {
  25. $this->final_url = $final_url;
  26. $this->status = $status;
  27. $this->headers = $headers;
  28. $this->body = $body;
  29. }
  30. }
  31. /**
  32. * This class is the interface for HTTP fetchers the Yadis library
  33. * uses. This interface is only important if you need to write a new
  34. * fetcher for some reason.
  35. *
  36. * @access private
  37. * @package OpenID
  38. */
  39. class Auth_Yadis_HTTPFetcher {
  40. var $timeout = 20; // timeout in seconds.
  41. /**
  42. * Return whether a URL can be fetched. Returns false if the URL
  43. * scheme is not allowed or is not supported by this fetcher
  44. * implementation; returns true otherwise.
  45. *
  46. * @return bool
  47. */
  48. function canFetchURL($url)
  49. {
  50. if ($this->isHTTPS($url) && !$this->supportsSSL()) {
  51. Auth_OpenID::log("HTTPS URL unsupported fetching %s",
  52. $url);
  53. return false;
  54. }
  55. if (!$this->allowedURL($url)) {
  56. Auth_OpenID::log("URL fetching not allowed for '%s'",
  57. $url);
  58. return false;
  59. }
  60. return true;
  61. }
  62. /**
  63. * Return whether a URL should be allowed. Override this method to
  64. * conform to your local policy.
  65. *
  66. * By default, will attempt to fetch any http or https URL.
  67. */
  68. function allowedURL($url)
  69. {
  70. return $this->URLHasAllowedScheme($url);
  71. }
  72. /**
  73. * Does this fetcher implementation (and runtime) support fetching
  74. * HTTPS URLs? May inspect the runtime environment.
  75. *
  76. * @return bool $support True if this fetcher supports HTTPS
  77. * fetching; false if not.
  78. */
  79. function supportsSSL()
  80. {
  81. trigger_error("not implemented", E_USER_ERROR);
  82. }
  83. /**
  84. * Is this an https URL?
  85. *
  86. * @access private
  87. */
  88. function isHTTPS($url)
  89. {
  90. return (bool)preg_match('/^https:\/\//i', $url);
  91. }
  92. /**
  93. * Is this an http or https URL?
  94. *
  95. * @access private
  96. */
  97. function URLHasAllowedScheme($url)
  98. {
  99. return (bool)preg_match('/^https?:\/\//i', $url);
  100. }
  101. /**
  102. * @access private
  103. */
  104. function _findRedirect($headers, $url)
  105. {
  106. foreach ($headers as $line) {
  107. if (strpos(strtolower($line), "location: ") === 0) {
  108. $parts = explode(" ", $line, 2);
  109. $loc = $parts[1];
  110. $ppos = strpos($loc, "://");
  111. if ($ppos === false || $ppos > strpos($loc, "/")) {
  112. /* no host; add it */
  113. $hpos = strpos($url, "://");
  114. $prt = substr($url, 0, $hpos+3);
  115. $url = substr($url, $hpos+3);
  116. if (substr($loc, 0, 1) == "/") {
  117. /* absolute path */
  118. $fspos = strpos($url, "/");
  119. if ($fspos) $loc = $prt.substr($url, 0, $fspos).$loc;
  120. else $loc = $prt.$url.$loc;
  121. } else {
  122. /* relative path */
  123. $pp = $prt;
  124. while (1) {
  125. $xpos = strpos($url, "/");
  126. if ($xpos === false) break;
  127. $apos = strpos($url, "?");
  128. if ($apos !== false && $apos < $xpos) break;
  129. $apos = strpos($url, "&");
  130. if ($apos !== false && $apos < $xpos) break;
  131. $pp .= substr($url, 0, $xpos+1);
  132. $url = substr($url, $xpos+1);
  133. }
  134. $loc = $pp.$loc;
  135. }
  136. }
  137. return $loc;
  138. }
  139. }
  140. return null;
  141. }
  142. /**
  143. * Fetches the specified URL using optional extra headers and
  144. * returns the server's response.
  145. *
  146. * @param string $url The URL to be fetched.
  147. * @param array $extra_headers An array of header strings
  148. * (e.g. "Accept: text/html").
  149. * @return mixed $result An array of ($code, $url, $headers,
  150. * $body) if the URL could be fetched; null if the URL does not
  151. * pass the URLHasAllowedScheme check or if the server's response
  152. * is malformed.
  153. */
  154. function get($url, $headers = null)
  155. {
  156. trigger_error("not implemented", E_USER_ERROR);
  157. }
  158. }