Handle IdPs rejecting assoc/session types

Poster now continues regardless of response code (as IdP may send 400 error
for bad assoc/session types, for example). This creates a dependency on
PHP 5.2.10.

Closes #1

keymanager.inc.php

@@ -23,6 +23,7 @@
  */
 
  require_once(dirname(__FILE__) . '/bigmath.inc.php');
+ require_once(dirname(__FILE__) . '/logging.inc.php');
  require_once(dirname(__FILE__) . '/poster.inc.php');
  require_once(dirname(__FILE__) . '/urlbuilder.inc.php');
 
@@ -60,12 +61,14 @@
    *
    * @param String $server The server to associate with
    */
-  public static function associate($server) {
-   $data = URLBuilder::buildAssociate($server, $_SESSION['openid']['version']);
+  public static function associate($server, $assocType = null, $sessionType = null) {
+   Logger::log('Attempting to associate with %s, assocType: %s, sessionType: %s', $server, $assocType, $sessionType);
+   $data = URLBuilder::buildAssociate($server, $_SESSION['openid']['version'], $assocType, $sessionType);
 
    try {
     $res = Poster::post($server, $data);
    } catch (Exception $ex) {
+    Logger::log('Exception while posting: %s', $ex->getMessage());
     return;
    }
 
@@ -77,6 +80,27 @@
     }
    }
 
+   if (isset($data['error_code']) && $data['error_code'] == 'unsupported-type') {
+    $cont = false;
+
+    if (isset($data['session_type']) && $data['session_type'] != $sessionType) {
+     // TODO: Check we support it before actually trying
+     $sessionType = $data['session_type'];
+     $cont = true;
+    }
+
+    if (isset($data['assoc_type']) && $data['assoc_type'] != $assocType) {
+     $assocType = $data['assoc_type'];
+     $cont = true;
+    }
+
+    if ($cont) {
+     self::associate($server, $assocType, $sessionType);
+    }
+
+    return;
+   }
+
    try {
     $data = self::decodeKey($server, $data);
    } catch (Exception $ex) {

poster.inc.php

@@ -28,7 +28,8 @@
    $params = array(
 	'http' => array(
 		'method' => 'POST',
-                 'content' => $data
+                'content' => $data,
+		'ignore_errors' => true
 	)
    );
 

test.php

@@ -55,7 +55,7 @@
  }
 
  echo '<tr><th colspan="2">Poidsy requirements</th></tr>';
- doTest('PHP Version', version_compare(PHP_VERSION, '5.2.0', '>='), 'Poidsy requires PHP version 5.2.0 or greater to run');
+ doTest('PHP Version', version_compare(PHP_VERSION, '5.2.10', '>='), 'Poidsy requires PHP version 5.2.10 or greater to run');
  doTest('Allow_url_fopen', ini_get('allow_url_fopen'), 'Poidsy requires allow_url_fopen to be configured to true');
 
  echo '<tr><th colspan="2">Associate mode requirements</th></tr>';

urlbuilder.inc.php

@@ -113,10 +113,13 @@
    }
   }
 
-  public static function buildAssociate($server, $version = 1) {
+  public static function buildAssociate($server, $version = 1, $assocType = null, $sessionType = null) {
+   if ($assocType == null) { $assocType = 'HMAC-SHA1'; }
+   if ($sessionType == null) { $sessionType = 'DH-SHA1'; }
+
    $args = array(
 	'openid.mode' => 'associate',
-	'openid.assoc_type' => 'HMAC-SHA1',
+	'openid.assoc_type' => $assocType,
    );
 
    if ($version >= self::MIN_VERSION_FOR_NS) {
@@ -124,7 +127,7 @@
    }
 
    if (KeyManager::supportsDH()) {
-    $args['openid.session_type'] = 'DH-SHA1';
+    $args['openid.session_type'] = $sessionType;
     $args['openid.dh_modulus'] = KeyManager::getDhModulus();
     $args['openid.dh_gen'] = KeyManager::getDhGen();
     $args['openid.dh_consumer_public'] = KeyManager::getDhPublicKey($server);