archive
/
poidsy
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 2 Wiki Activity
PHP OpenID consumer
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
41 Commits
3 Branches
Tree: 2c69d24462
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2c69d24462'
${ noResults }
poidsy/discoverer.inc.php

discoverer.inc.php 10KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368 
  1. <?PHP

  2. 

  3. /* Poidsy 0.5 - http://chris.smith.name/projects/poidsy

  4.  * Copyright (c) 2008-2010 Chris Smith

  5.  *

  6.  * Permission is hereby granted, free of charge, to any person obtaining a copy

  7.  * of this software and associated documentation files (the "Software"), to deal

  8.  * in the Software without restriction, including without limitation the rights

  9.  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell

  10.  * copies of the Software, and to permit persons to whom the Software is

  11.  * furnished to do so, subject to the following conditions:

  12.  *

  13.  * The above copyright notice and this permission notice shall be included in

  14.  * all copies or substantial portions of the Software.

  15.  *

  16.  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR

  17.  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,

  18.  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE

  19.  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER

  20.  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,

  21.  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE

  22.  * SOFTWARE.

  23.  */

  24. 

  25. require_once(dirname(__FILE__) . '/logging.inc.php');

  26. 

  27. class Server {

  28. 

  29.  private $url = null;

  30.  private $version = 1;

  31.  private $services = array();

  32. 

  33.  public function __construct($url, $version) {

  34.   $this->url = $url;

  35.   $this->version = $version;

  36.  }

  37. 

  38.  public function getURL() {

  39.   return $this->url;

  40.  }

  41. 

  42.  public function getVersion() {

  43.   return $this->version;

  44.  }

  45. 

  46.  public function getServices() {

  47.   return $this->services;

  48.  }

  49. 

  50.  public function addServices($services) {

  51.   foreach ($services as $service) {

  52.    $this->services[] = $service;

  53.   }

  54.  }

  55. 

  56.  public function hasService($service) {

  57.   return array_search($service, $this->services) !== false;

  58.  }

  59. 

  60. }

  61. 

  62. class Discoverer {

  63. 

  64.  const ID_SELECT_URL = 'http://specs.openid.net/auth/2.0/identifier_select';

  65. 

  66.  private $version;        // OpenID 2 teminology   || OpenID 1 terminology

  67.                           // --------------------- || ----------------------

  68.  private $userSuppliedId; // User supplied ID      || [Same as Claimed ID]

  69.  private $claimedId;      // Claimed ID            || Claimed ID

  70.  private $endpointUrl;    // OP Endpoint URL       || Identity Provider

  71.  private $opLocalId;      // OP-local ID           || Delegate

  72. 

  73.  public function __construct($uri, $normalise = true) {

  74.   if ($uri !== null) {

  75.    $this->discover($this->userSuppliedId = ($normalise ? $this->normalise($uri) : $uri));

  76.   }

  77.  }

  78. 

  79.  public function getEndpointUrl() {

  80.   return $this->endpointUrl;

  81.  }

  82. 

  83.  public function getUserSuppliedId() {

  84.   return $this->userSuppliedId;

  85.  }

  86. 

  87.  public function getClaimedId() {

  88.   return $this->claimedId;

  89.  }

  90. 

  91.  public function getOpLocalId() {

  92.   return $this->opLocalId;

  93.  }

  94. 

  95.  public function getVersion() {

  96.   return $this->version;

  97.  }

  98. 

  99.  public static function normalise($uri) {

  100.   // Strip xri:// prefix

  101.   if (substr($uri, 0, 6) == 'xri://') {

  102.    $uri = substr($uri, 6);

  103.   }

  104. 

  105.   // If the first char is a global context symbol, treat it as XRI

  106.   if (in_array($uri[0], array('=', '@', '+', '$', '!'))) {

  107.    // TODO: Implement

  108.    throw new Exception('This implementation does not currently support XRI');

  109.   }

  110. 

  111.   // Add http:// if needed

  112.   if (strpos($uri, '://') === false) {

  113.    $uri = 'http://' . $uri;

  114.   }

  115. 

  116.   $bits = @parse_url($uri);

  117. 

  118.   $result = $bits['scheme'] . '://';

  119.   if (defined('OPENID_ALLOWUSER') && isset($bits['user'])) {

  120.    $result .= $bits['user'];

  121.    if (isset($bits['pass'])) {

  122.     $result .= ':' . $bits['pass'];

  123.    }

  124.    $result .= '@';

  125.   }

  126.   $result .= preg_replace('/\.$/', '', $bits['host']);

  127. 

  128.   if (isset($bits['port']) && !empty($bits['port']) &&

  129.      (($bits['scheme'] == 'http' && $bits['port'] != '80') ||

  130.       ($bits['scheme'] == 'https' && $bits['port'] != '443') ||

  131.       ($bits['scheme'] != 'http' && $bits['scheme'] != 'https'))) {

  132.    $result .= ':' . $bits['port'];

  133.   }

  134. 

  135.   if (isset($bits['path'])) {

  136.    do {

  137.     $bits['path'] = preg_replace('#/([^/]*)/\.\./#', '/', str_replace('/./', '/', $old = $bits['path']));

  138.    } while ($old != $bits['path']);

  139.    $result .= $bits['path'];

  140.   } else {

  141.    $result .= '/';

  142.   }

  143. 

  144.   if (defined('OPENID_ALLOWQUERY') && isset($bits['query'])) {

  145.    $result .= '?' . $bits['query'];

  146.   }

  147. 

  148.   return $result;

  149.  }

  150. 

  151.  private function discover($uri) {

  152.   Logger::log('Performing discovery for %s', $uri);

  153. 

  154.   if (!$this->yadisDiscover($uri)) {

  155.    $this->htmlDiscover($uri);

  156.   }

  157.  }

  158. 

  159.  private function yadisDiscover($uri, $allowLocation = true) {

  160.   Logger::log('Attempting Yadis discovery on %s', $uri);

  161. 

  162.   $ctx = stream_context_create(array(

  163.     'http' => array(

  164.       'header' => "Accept: application/xrds+xml\r\n",

  165.     )

  166.   ));

  167. 

  168.   $fh = @fopen($uri, 'r', false, $ctx);

  169. 

  170.   if (!$fh) {

  171.    Logger::log('Unable to open stream');

  172.    return false;

  173.   }

  174. 

  175.   $details = stream_get_meta_data($fh);

  176. 

  177.   $data = '';

  178.   while (!feof($fh) && strpos($data, '</head>') === false) {

  179.    $data .= fgets($fh);

  180.   }

  181. 

  182.   fclose($fh);

  183. 

  184.   foreach ($details['wrapper_data'] as $line) {

  185.    if ($allowLocation && preg_match('/^X-XRDS-Location:\s*(.*?)$/i', $line, $m)) {

  186.     // TODO: Allow relative URLs?

  187.     return $this->yadisDiscover($m[1], false);

  188.    } else if (preg_match('#^Content-type:\s*application/xrds\+xml(;.*?)?$#i', $line)) {

  189.     return $this->parseYadis($data);

  190.    }

  191.   }

  192. 

  193.   return $this->parseYadisHTML($data);

  194.  }

  195. 

  196.  private function parseYadis($data) {

  197.   $sxml = @new SimpleXMLElement($data); 

  198. 

  199.   if (!$sxml) {

  200.    Logger::log('Failed to parse XRDS data as XML');

  201.    // TODO: Die somehow?

  202.    return false;

  203.   }

  204. 

  205.   // TODO: Better handling of namespaces

  206.   $found = false;

  207.   foreach ($sxml->XRD->Service as $service) {

  208.    $services = array();

  209.    $server = null;

  210. 

  211.    foreach ($service->Type as $type) {

  212.     Logger::log('Found service of type %s', $type);

  213. 

  214.     if ((String) $type == 'http://specs.openid.net/auth/2.0/server') {

  215.      $this->version = 2;

  216.      $this->server = (String) $service->URI;

  217.      $this->identity = self::ID_SELECT_URL; 

  218.      $this->servers[] = $server = new Server($this->server, 2);

  219.      Logger::log('OpenID EP found (server). Server: %s, identity: %s, claimed id: %s', $this->server, $this->identity, $this->claimedId);

  220.      $found = true;

  221.     } else if ((String) $type == 'http://specs.openid.net/auth/2.0/signon') {

  222.      $this->version = 2;

  223.      $this->server = (String) $service->URI;

  224.      $this->servers[] = $server = new Server($this->server, 2);

  225. 

  226.      if (isset($service->LocalID)) {

  227.       $this->identity = (String) $service->LocalID;

  228.      } else {

  229.       $this->identity = self::ID_SELECT_URL; 

  230.      }

  231. 

  232.      Logger::log('OpenID EP found (signon). Server: %s, identity: %s, claimed id: %s', $this->server, $this->identity, $this->claimedId); 

  233.      $found = true;

  234.     } else {

  235.      $services[] = (String) $type;

  236.     }

  237.    }

  238. 

  239.    if ($server != null) {

  240.     $server->addServices($services);

  241.    }

  242.   }

  243. 

  244.   return $found;

  245.  }

  246. 

  247.  private function parseYadisHTML($data) {

  248.   $meta = self::getMetaTags($data); 

  249. 

  250.   if (isset($meta['x-xrds-location'])) {

  251.    Logger::log('Found XRDS meta tag: %s', $meta['x-xrds-location']);

  252.    // TODO: Allow relative URLs?

  253.    return $this->yadisDiscover($meta['x-xrds-location'], false);

  254.   }

  255. 

  256.   return false;

  257.  }

  258. 

  259.  private function htmlDiscover($uri) {

  260.   Logger::log('Performing HTML discovery on %s', $uri);

  261. 

  262.   $fh = @fopen($uri, 'r');

  263. 

  264.   if (!$fh) {

  265.    Logger::log('Unable to open stream');

  266.    return;

  267.   }

  268. 

  269.   $this->claimedId = $uri;

  270. 

  271.   $details = stream_get_meta_data($fh);

  272. 

  273.   foreach ($details['wrapper_data'] as $line) {

  274.    if (preg_match('/^Location: (.*?)$/i', $line, $m)) {

  275.     if (strpos($m[1], '://') !== false) {

  276.      // Fully qualified URL

  277.      $this->claimedId = $m[1];

  278.     } else if ($m[1][0] == '/') {

  279.      // Absolute URL

  280.      $this->claimedId = preg_replace('#^(.*?://.*?)/.*$#', '\1', $this->claimedId) . $m[1];

  281.     } else {

  282.      // Relative URL

  283.      $this->claimedId = preg_replace('#^(.*?://.*/).*?$#', '\1', $this->claimedId) . $m[1];

  284.     }

  285.    }

  286.    $this->claimedId = self::normalise($this->claimedId);

  287.   }

  288. 

  289.   Logger::log('Claimed identity: %s', $this->claimedId);

  290. 

  291.   $data = '';

  292.   while (!feof($fh) && strpos($data, '</head>') === false) {

  293.    $data .= fgets($fh);

  294.   }

  295. 

  296.   fclose($fh);

  297. 

  298.   $this->parseHtml($data);

  299.  }

  300. 

  301.  protected static function getLinks($data) {

  302.   return self::getTags($data, 'link', 'rel', 'href', true);

  303.  }

  304. 

  305.  protected static function getMetaTags($data) {

  306.   return self::getTags($data, 'meta', 'http-equiv', 'content');

  307.  }

  308. 

  309.  protected static function getTags($data, $tag, $att1, $att2, $split = false) {

  310.   preg_match_all('#<' . $tag . '\s*(.*?)\s*/?' . '>#is', $data, $matches);

  311. 

  312.   $links = array();

  313. 

  314.   foreach ($matches[1] as $link) {

  315.    $rel = $href = null;

  316. 

  317.    if (preg_match('#' . $att1 . '\s*=\s*(?:([^"\'>\s]*)|"([^">]*)"|\'([^\'>]*)\')(?:\s|$)#is', $link, $m)) {

  318.     array_shift($m);

  319.     $rel = implode('', $m);

  320.    }

  321. 

  322.    if (preg_match('#' . $att2 . '\s*=\s*(?:([^"\'>\s]*)|"([^">]*)"|\'([^\'>]*)\')(?:\s|$)#is', $link, $m)) {

  323.     array_shift($m);

  324.     $href = implode('', $m);

  325.    }

  326. 

  327.    if ($split) {

  328.     foreach (explode(' ', strtolower($rel)) as $part) {

  329.      $links[$part] = html_entity_decode($href);

  330.     }

  331.    } else {

  332.     $links[strtolower($rel)] = html_entity_decode($href);

  333.    }

  334.   }

  335. 

  336.   return $links;

  337.  }

  338. 

  339.  public function parseHtml($data) {

  340.   $links = self::getLinks($data);

  341. 

  342.   if (isset($links['openid2.provider'])) {

  343.    $this->version = 2;

  344.    $this->endpointUrl = $links['openid2.provider'];

  345.    //$this->servers[] = new Server($this->server, 2);

  346. 

  347.    $this->claimedId = $this->userSuppliedId;

  348.    $this->opLocalId = isset($links['openid2.local_id']) ? $links['openid2.local_id'] : $this->claimedId;

  349. 

  350.    Logger::log('OpenID EP found. End point: %s, claimed id: %s, op local id: %s', $this->endpointUrl, $this->claimedId, $this->opLocalId);

  351.   } else if (isset($links['openid.server'])) {

  352.    $this->version = 1;

  353.    $this->endpointUrl = $links['openid.server'];

  354.    //$this->servers[] = new Server($this->server, 2);

  355. 

  356.    $this->claimedId = $this->userSuppliedId;

  357. 

  358.    if (isset($links['openid.delegate'])) {

  359.     $this->opLocalId = $links['openid.delegate'];

  360.    }

  361. 

  362.    Logger::log('OpenID EP found. End point: %s, claimed id: %s, op local id: %s', $this->endpointUrl, $this->claimedId, $this->opLocalId);

  363.   }

  364.  }

  365. 

  366. }

  367. 

  368. ?>