123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393 |
- <?PHP
-
- /* Poidsy 0.6 - http://chris.smith.name/projects/poidsy
- * Copyright (c) 2008-2010 Chris Smith
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE.
- */
-
- require_once(dirname(__FILE__) . '/logging.inc.php');
-
- class Server {
-
- private $url = null;
- private $version = 1;
- private $services = array();
-
- public function __construct($url, $version) {
- $this->url = $url;
- $this->version = $version;
- }
-
- public function getURL() {
- return $this->url;
- }
-
- public function getVersion() {
- return $this->version;
- }
-
- public function getServices() {
- return $this->services;
- }
-
- public function addServices($services) {
- foreach ($services as $service) {
- $this->services[] = $service;
- }
- }
-
- public function hasService($service) {
- return array_search($service, $this->services) !== false;
- }
-
- }
-
- class Discoverer {
-
- const ID_SELECT_URL = 'http://specs.openid.net/auth/2.0/identifier_select';
-
- private $version; // OpenID 2 teminology || OpenID 1 terminology
- // --------------------- || ----------------------
- private $userSuppliedId; // User supplied ID || [Same as Claimed ID]
- private $claimedId; // Claimed ID || Claimed ID
- private $endpointUrl; // OP Endpoint URL || Identity Provider
- private $opLocalId; // OP-local ID || Delegate
-
- private $servers = array();
-
- public function __construct($uri, $normalise = true) {
- if ($uri !== null) {
- $this->discover($this->userSuppliedId = ($normalise ? $this->normalise($uri) : $uri));
- }
- }
-
- public function getEndpointUrl() {
- return $this->endpointUrl;
- }
-
- public function getUserSuppliedId() {
- return $this->userSuppliedId;
- }
-
- public function getClaimedId() {
- return $this->claimedId;
- }
-
- public function getOpLocalId() {
- return $this->opLocalId;
- }
-
- public function getVersion() {
- return $this->version;
- }
-
- public function hasServer($endpointUrl) {
- return isset($this->servers[$endpointUrl]);
- }
-
- public static function normalise($uri) {
- // Strip xri:// prefix
- if (substr($uri, 0, 6) == 'xri://') {
- $uri = substr($uri, 6);
- }
-
- // If the first char is a global context symbol, treat it as XRI
- if (in_array($uri[0], array('=', '@', '+', '$', '!'))) {
- // TODO: Implement
- throw new Exception('This implementation does not currently support XRI');
- }
-
- // Add http:// if needed
- if (strpos($uri, '://') === false) {
- $uri = 'http://' . $uri;
- }
-
- $bits = @parse_url($uri);
-
- $result = $bits['scheme'] . '://';
- if (defined('OPENID_ALLOWUSER') && isset($bits['user'])) {
- $result .= $bits['user'];
- if (isset($bits['pass'])) {
- $result .= ':' . $bits['pass'];
- }
- $result .= '@';
- }
- $result .= preg_replace('/\.$/', '', $bits['host']);
-
- if (isset($bits['port']) && !empty($bits['port']) &&
- (($bits['scheme'] == 'http' && $bits['port'] != '80') ||
- ($bits['scheme'] == 'https' && $bits['port'] != '443') ||
- ($bits['scheme'] != 'http' && $bits['scheme'] != 'https'))) {
- $result .= ':' . $bits['port'];
- }
-
- if (isset($bits['path'])) {
- do {
- $bits['path'] = preg_replace('#/([^/]*)/\.\./#', '/', str_replace('/./', '/', $old = $bits['path']));
- } while ($old != $bits['path']);
- $result .= $bits['path'];
- } else {
- $result .= '/';
- }
-
- if (defined('OPENID_ALLOWQUERY') && isset($bits['query'])) {
- $result .= '?' . $bits['query'];
- }
-
- return $result;
- }
-
- private function discover($uri) {
- Logger::log('Performing discovery for %s', $uri);
-
- if (!$this->yadisDiscover($uri)) {
- $this->htmlDiscover($uri);
- }
- }
-
- private function yadisDiscover($uri, $allowLocation = true) {
- Logger::log('Attempting Yadis discovery on %s', $uri);
-
- if ($allowLocation) {
- $this->claimedId = $uri;
- }
-
- $ctx = stream_context_create(array(
- 'http' => array(
- 'header' => "Accept: application/xrds+xml\r\n",
- )
- ));
-
- $fh = @fopen($uri, 'r', false, $ctx);
-
- if (!$fh) {
- Logger::log('Unable to open stream');
- return false;
- }
-
- $details = stream_get_meta_data($fh);
-
- $data = '';
- while (!feof($fh) && strpos($data, '</head>') === false) {
- $data .= fgets($fh);
- }
-
- fclose($fh);
-
- foreach ($details['wrapper_data'] as $line) {
- if ($allowLocation && preg_match('/^X-XRDS-Location:\s*(.*?)$/i', $line, $m)) {
- // TODO: Allow relative URLs?
- $this->handleRedirects($details);
- return $this->yadisDiscover($m[1], false);
- } else if (preg_match('#^Content-type:\s*application/xrds\+xml(;.*?)?$#i', $line)) {
- $this->handleRedirects($details);
- return $this->parseYadis($data);
- }
- }
-
- if (($url = $this->parseYadisHTML($data)) !== false) {
- $this->handleRedirects($details);
- return $this->yadisDiscover($url, false);
- }
- }
-
- private function parseYadis($data) {
- $sxml = @new SimpleXMLElement($data);
-
- if (!$sxml) {
- Logger::log('Failed to parse XRDS data as XML');
- // TODO: Die somehow?
- return false;
- }
-
- // TODO: Better handling of namespaces
- $found = false;
- foreach ($sxml->XRD->Service as $service) {
- $services = array();
- $server = null;
-
- foreach ($service->Type as $type) {
- Logger::log('Found service of type %s', $type);
-
- if ((String) $type == 'http://specs.openid.net/auth/2.0/server') {
- $this->version = 2;
- $this->endpointUrl = (String) $service->URI;
- $this->claimedId = $this->opLocalId = self::ID_SELECT_URL;
- Logger::log('OpenID EP found (server). End point: %s, claimed id: %s, op local id: %s', $this->endpointUrl, $this->claimedId, $this->opLocalId);
- $found = true;
- $this->servers[$this->endpointUrl] = $server = new Server($this->endpointUrl, $this->version);
- } else if ((String) $type == 'http://specs.openid.net/auth/2.0/signon') {
- $this->version = 2;
- $this->endpointUrl = (String) $service->URI;
-
- if (isset($service->LocalID)) {
- $this->opLocalId = (String) $service->LocalID;
- } else {
- $this->opLocalId = self::ID_SELECT_URL;
- $this->claimedId = self::ID_SELECT_URL;
- }
-
- Logger::log('OpenID EP found (signon). End point: %s, claimed id: %s, op local id: %s', $this->endpointUrl, $this->claimedId, $this->opLocalId);
- $found = true;
- $this->servers[$this->endpointUrl] = $server = new Server($this->endpointUrl, $this->version);
- } else {
- $services[] = (String) $type;
- }
- }
-
- if ($server != null) {
- $server->addServices($services);
- }
- }
-
- return $found;
- }
-
- private function parseYadisHTML($data) {
- $meta = self::getMetaTags($data);
-
- if (isset($meta['x-xrds-location'])) {
- Logger::log('Found XRDS meta tag: %s', $meta['x-xrds-location']);
- // TODO: Allow relative URLs?
- return $meta['x-xrds-location'];
- }
-
- return false;
- }
-
- private function htmlDiscover($uri) {
- Logger::log('Performing HTML discovery on %s', $uri);
-
- $fh = @fopen($uri, 'r');
-
- if (!$fh) {
- Logger::log('Unable to open stream');
- return;
- }
-
- $this->claimedId = $uri;
-
- $details = stream_get_meta_data($fh);
-
- $this->handleRedirects($details);
-
- Logger::log('Claimed identity: %s', $this->claimedId);
-
- $data = '';
- while (!feof($fh) && strpos($data, '</head>') === false) {
- $data .= fgets($fh);
- }
-
- fclose($fh);
-
- $this->parseHtml($data);
- }
-
- protected function handleRedirects($details) {
- foreach ($details['wrapper_data'] as $line) {
- if (preg_match('/^Location: (.*?)$/i', $line, $m)) {
- if (strpos($m[1], '://') !== false) {
- // Fully qualified URL
- $this->claimedId = $m[1];
- Logger::log('Redirection (fully qualified) to ' . $m[1]);
- } else if ($m[1][0] == '/') {
- // Absolute URL
- $this->claimedId = preg_replace('#^(.*?://.*?)/.*$#', '\1', $this->claimedId) . $m[1];
- Logger::log('Redirection (absolute) to ' . $m[1] . ': ' . $this->claimedId);
- } else {
- // Relative URL
- $this->claimedId = preg_replace('#^(.*?://.*/).*?$#', '\1', $this->claimedId) . $m[1];
- Logger::log('Redirection (relative) to ' . $m[1] . ': ' . $this->claimedId);
- }
- }
- $this->claimedId = self::normalise($this->claimedId);
- }
- }
-
- protected static function getLinks($data) {
- return self::getTags($data, 'link', 'rel', 'href', true);
- }
-
- protected static function getMetaTags($data) {
- return self::getTags($data, 'meta', 'http-equiv', 'content');
- }
-
- protected static function getTags($data, $tag, $att1, $att2, $split = false) {
- preg_match_all('#<' . $tag . '\s*(.*?)\s*/?' . '>#is', $data, $matches);
-
- $links = array();
-
- foreach ($matches[1] as $link) {
- $rel = $href = null;
-
- if (preg_match('#' . $att1 . '\s*=\s*(?:([^"\'>\s]*)|"([^">]*)"|\'([^\'>]*)\')(?:\s|$)#is', $link, $m)) {
- array_shift($m);
- $rel = implode('', $m);
- }
-
- if (preg_match('#' . $att2 . '\s*=\s*(?:([^"\'>\s]*)|"([^">]*)"|\'([^\'>]*)\')(?:\s|$)#is', $link, $m)) {
- array_shift($m);
- $href = implode('', $m);
- }
-
- if ($split) {
- foreach (explode(' ', strtolower($rel)) as $part) {
- $links[$part] = html_entity_decode($href);
- }
- } else {
- $links[strtolower($rel)] = html_entity_decode($href);
- }
- }
-
- return $links;
- }
-
- public function parseHtml($data) {
- $links = self::getLinks($data);
-
- if (isset($links['openid2.provider'])) {
- $this->version = 2;
- $this->endpointUrl = $links['openid2.provider'];
- //$this->servers[] = new Server($this->server, 2);
-
- $this->claimedId = $this->userSuppliedId;
- $this->opLocalId = isset($links['openid2.local_id']) ? $links['openid2.local_id'] : $this->claimedId;
-
- $this->servers[$this->endpointUrl] = $server = new Server($this->endpointUrl, $this->version);
- Logger::log('OpenID EP found. End point: %s, claimed id: %s, op local id: %s', $this->endpointUrl, $this->claimedId, $this->opLocalId);
- } else if (isset($links['openid.server'])) {
- $this->version = 1;
- $this->endpointUrl = $links['openid.server'];
- //$this->servers[] = new Server($this->server, 2);
-
- $this->claimedId = $this->userSuppliedId;
-
- if (isset($links['openid.delegate'])) {
- $this->opLocalId = $links['openid.delegate'];
- }
-
- $this->servers[$this->endpointUrl] = $server = new Server($this->endpointUrl, $this->version);
- Logger::log('OpenID EP found. End point: %s, claimed id: %s, op local id: %s', $this->endpointUrl, $this->claimedId, $this->opLocalId);
- }
- }
-
- }
-
- ?>
|