archive
/
poidsy
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 2 Wiki Activity
Browse Source

Add logging to processor. Issue #1 

Fix some problems with incorrect identity/delegate values. Issue #2
tags/0.6
Chris Smith 15 years ago
parent
8c72eeb438
commit
f8c6c04c38
3 changed files with 24 additions and 17 deletions
Split View Show Diff Stats
  1. 10
    11
      discoverer.inc.php
  2. 12
    4
      processor.php
  3. 2
    2
      urlbuilder.inc.php

+ 10
- 11
discoverer.inc.php View File 

@@ -63,7 +63,7 @@ class Discoverer {
63 63
64 64 
  private $server = null;
65 65 
  private $servers = array();
66 
- private $delegate = '';
66 
+ private $claimedId = '';
67 67 
  private $identity = '';
68 68 
  private $version = 1;
69 69 
 
@@ -88,7 +88,7 @@ class Discoverer {
88 88 
  }
89 89
90 90 
  public function getDelegate() {
91 
-  return $this->delegate;
91 
+  return $this->claimedId;
92 92 
  }
93 93
94 94 
  public function getIdentity() {
 
@@ -154,7 +154,7 @@ class Discoverer {
154 154 
  private function discover($uri) {
155 155 
   Logger::log('Performing discovery for %s', $uri);
156 156
157 
-  $this->delegate = $uri;
157 
+  $this->claimedId = $uri;
158 158 
   $this->server = null;
159 159
160 160 
   if (!$this->yadisDiscover($uri)) {
 
@@ -220,9 +220,9 @@ class Discoverer {
220 220 
     if ((String) $type == 'http://specs.openid.net/auth/2.0/server') {
221 221 
      $this->version = 2;
222 222 
      $this->server = (String) $service->URI;
223 
-     $this->identity = $this->delegate = 'http://specs.openid.net/auth/2.0/identifier_select';
223 
+     $this->identity = 'http://specs.openid.net/auth/2.0/identifier_select';
224 224 
      $this->servers[] = $server = new Server($this->server, 2);
225 
-     Logger::log('OpenID EP found (server). Server: %s, identity: %s, delegate: %s', $this->server, $this->identity, $this->delegate);
225 
+     Logger::log('OpenID EP found (server). Server: %s, identity: %s, claimed id: %s', $this->server, $this->identity, $this->claimedId);
226 226 
      $found = true;
227 227 
     } else if ((String) $type == 'http://specs.openid.net/auth/2.0/signon') {
228 228 
      $this->version = 2;
 
@@ -234,9 +234,8 @@ class Discoverer {
234 234 
      } else {
235 235 
       $this->identity = 'http://specs.openid.net/auth/2.0/identifier_select';
236 236 
      }
237 
-     $this->delegate = 'http://specs.openid.net/auth/2.0/identifier_select';
238 237
239 
-     Logger::log('OpenID EP found (signon). Server: %s, identity: %s, delegate: %s', $this->server, $this->identity, $this->delegate);
238 
+     Logger::log('OpenID EP found (signon). Server: %s, identity: %s, claimed id: %s', $this->server, $this->identity, $this->claimedId);
240 239 
      $found = true;
241 240 
     } else {
242 241 
      $services[] = (String) $type;
 
@@ -344,18 +343,18 @@ class Discoverer {
344 343 
    $this->servers[] = new Server($this->server, 2);
345 344
346 345 
    if (isset($links['openid2.local_id'])) {
347 
-    $this->delegate = $links['openid2.local_id'];
346 
+    $this->identity = $links['openid2.local_id'];
348 347 
    }
349 
-   Logger::log('OpenID EP found. Server: %s, identity: %s, delegate: %s', $this->server, $this->identity, $this->delegate);
348 
+   Logger::log('OpenID EP found. Server: %s, identity: %s, claimed id: %s', $this->server, $this->identity, $this->claimedId);
350 349 
   } else if (isset($links['openid.server'])) {
351 350 
    $this->version = 1;
352 351 
    $this->server = $links['openid.server'];
353 352 
    $this->servers[] = new Server($this->server, 2);
354 353
355 354 
    if (isset($links['openid.delegate'])) {
356 
-    $this->delegate = $links['openid.delegate'];
355 
+    $this->claimedId = $links['openid.claimedId'];
357 356 
    }
358 
-   Logger::log('OpenID EP found. Server: %s, identity: %s, delegate: %s', $this->server, $this->identity, $this->delegate);
357 
+   Logger::log('OpenID EP found. Server: %s, identity: %s, claimed id: %s', $this->server, $this->identity, $this->claimedId);
359 358 
   }
360 359 
  }
361 360

+ 12
- 4
processor.php View File 

@@ -22,6 +22,7 @@
22 22 
  * SOFTWARE.
23 23 
  */
24 24
25 
+ require_once(dirname(__FILE__) . '/logging.inc.php');
25 26 
  require_once(dirname(__FILE__) . '/discoverer.inc.php');
26 27 
  require_once(dirname(__FILE__) . '/poster.inc.php');
27 28 
  require_once(dirname(__FILE__) . '/sreg.inc.php');
 
@@ -60,6 +61,7 @@
60 61 
  function process() {
61 62 
   if (defined('OPENID_URL')) {
62 63 
    // Initial authentication attempt (they just entered their identifier)
64 
+   Logger::log('Processing authentication attempt for %s', OPENID_URL);
63 65
64 66 
    $reqs = checkRequests();
65 67 
    $disc = tryDiscovery(OPENID_URL);
 
@@ -87,7 +89,7 @@
87 89 
    $func = 'process' . str_replace(' ', '', ucwords(str_replace('_', ' ',
88 90 
 			strtolower($_REQUEST['openid_mode']))));
89 91 
    if (function_exists($func)) {
90 
-  	 call_user_func($func, checkHandleRevocation());
92 
+    call_user_func($func, checkHandleRevocation());
91 93 
    }
92 94 
   }
93 95 
  }
 
@@ -112,6 +114,8 @@
112 114
113 115 
   } else if ($requests['count'] > OPENID_THROTTLE_NUM) {
114 116
117 
+   Logger::log('Client throttled: %s requests made', $requests['count']);
118 
+
115 119 
    // More than the legal number of requests
116 120 
    error('throttled', 'You are trying to authenticate too often');
117 121 
 
@@ -135,11 +139,13 @@
135 139 
    $disc = new Discoverer($url);
136 140
137 141 
    if ($disc->getServer() == null) {
142 
+    Logger::log('Couldn\'t perform discovery on %s', $url);
138 143 
     error('notvalid', 'Claimed identity is not a valid identifier');
139 144 
    }
140 145
141 146 
    return $disc;
142 147 
   } catch (Exception $e) {
148 
+   Logger::log('Error during discovery on %s: %s', $url, $e->getMessage());
143 149 
    error('discovery', $e->getMessage());
144 150 
   }
145 151 
   
@@ -194,7 +200,7 @@
194 200 
    if ($valid) {
195 201 
     KeyManager::removeKey($_SESSION['openid']['server'], $_REQUEST['openid_invalidate_handle']);
196 202 
    } else {
197 
-   	error('noauth', 'Provider didn\'t authenticate message');
203 
+    error('noauth', 'Provider didn\'t authenticate message');
198 204 
    }
199 205 
   }
200 206 
 
@@ -239,8 +245,10 @@
239 245 
   * @param Boolean $valid True if the request has already been authenticated
240 246 
   */
241 247 
  function processPositiveResponse($valid) {
242 
-  if ($_REQUEST['openid_identity'] != $_SESSION['openid']['delegate']) {
243 
-   if ($_SESSION['openid']['delegate'] == 'http://specs.openid.net/auth/2.0/identifier_select') {
248 
+  Logger::log('Positive response: identity = %s, expected = %s', $_REQUEST['openid_identity'], $_SESSION['openid']['identity']);
249 
+
250 
+  if ($_REQUEST['openid_identity'] != $_SESSION['openid']['identity']) {
251 
+   if ($_SESSION['openid']['identity'] == 'http://specs.openid.net/auth/2.0/identifier_select') {
244 252 
     $disc = new Discoverer($_REQUEST['openid_claimed_id'], false);
245 253
246 254 
     if ($disc->hasServer($_SESSION['openid']['server'])) {

+ 2
- 2
urlbuilder.inc.php View File 

@@ -61,8 +61,8 @@
61 61 
   public static function buildRequest($type, $base, $delegate, $identity, $returnURL, $handle, $version = 1) {
62 62 
    $args = array(
63 63 
     'openid.mode' => 'checkid_' . $type,
64 
-    'openid.identity' => $delegate,
65 
-    'openid.claimed_id' => $identity,
64 
+    'openid.identity' => $identity,
65 
+    'openid.claimed_id' => $delegate,
66 66 
     ($version == 1 ? 'openid.trust_root' : 'openid.realm') => self::getTrustRoot($returnURL),
67 67 
     'openid.return_to' => self::addArguments($returnURL,
68 68 
 		array('openid.nonce' => $_SESSION['openid']['nonce']))

Write Preview
Loading…
Cancel
Save