archive
/
poidsy
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 2 Wiki Activity
PHP OpenID consumer
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
3 Branches
Tree: 35095d4a92
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '35095d4a92'
${ noResults }
poidsy/urlbuilder.inc.php

urlbuilder.inc.php 5.3KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196 
  1. <?PHP

  2. 

  3. /* Poidsy 0.4 - http://chris.smith.name/projects/poidsy

  4.  * Copyright (c) 2008 Chris Smith

  5.  *

  6.  * Permission is hereby granted, free of charge, to any person obtaining a copy

  7.  * of this software and associated documentation files (the "Software"), to deal

  8.  * in the Software without restriction, including without limitation the rights

  9.  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell

  10.  * copies of the Software, and to permit persons to whom the Software is

  11.  * furnished to do so, subject to the following conditions:

  12.  *

  13.  * The above copyright notice and this permission notice shall be included in

  14.  * all copies or substantial portions of the Software.

  15.  *

  16.  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR

  17.  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,

  18.  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE

  19.  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER

  20.  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,

  21.  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE

  22.  * SOFTWARE.

  23.  */

  24. 

  25.  require_once(dirname(__FILE__) . '/keymanager.inc.php');

  26. 

  27.  class URLBuilder {

  28. 

  29.   const NAMESPACE = 'http://openid.net/signon/1.1';

  30. 

  31.   public static function addArguments($base, $arguments) {

  32.    $first = true;

  33.    $res = $base === false ? '' : $base;

  34. 

  35.    if ($base !== false && strrpos($base, '?', -2) === false) {

  36.     if ($base[strlen($base) - 1] != '?') {

  37.      $res .= '?';

  38.     }

  39.    } else if ($base !== false) {

  40.     $res .= '&';

  41.    }

  42. 

  43.    foreach ($arguments as $key => $value) {

  44.     if ($first) {

  45.      $first = false;

  46.     } else {

  47.      $res .= '&';

  48.     }

  49. 

  50.     $res .= urlencode($key) . '=' . urlencode($value);

  51.    }

  52. 

  53.    return $res;

  54.   }

  55. 

  56.   public static function buildRequest($type, $base, $delegate, $identity, $returnURL, $handle) {

  57.    $args = array(

  58.     'openid.ns' => self::NAMESPACE,

  59.     'openid.mode' => 'checkid_' . $type,

  60.     'openid.identity' => $delegate,

  61.     'openid.claimed_id' => $identity,

  62.     'openid.trust_root' => self::getTrustRoot($returnURL),

  63.     'openid.return_to' => self::addArguments($returnURL,

  64. 		array('openid.nonce' => $_SESSION['openid']['nonce']))

  65.    );

  66. 

  67.    if ($handle !== null) {

  68.     $args['openid.assoc_handle'] = $handle;

  69.    }

  70. 

  71.    self::addSRegArgs($args);

  72. 

  73.    return self::addArguments($base, $args);

  74.   }

  75. 

  76.   private static function getTrustRoot($base = null) {

  77.    if (defined('OPENID_TRUSTROOT')) {

  78.     return OPENID_TRUSTROOT;

  79.    }

  80. 

  81.    $curr = self::getCurrentURL();

  82.    $root = $base == null ? $curr : $base;

  83. 

  84.    while (substr($curr, 0, strlen($root)) != $root) {

  85.     $root = dirname($root) . '/';

  86.    }

  87. 

  88.    return $root; 

  89.   }

  90. 

  91.   private static function addSRegArgs(&$args) {

  92.    if (defined('OPENID_SREG_REQUEST')) {

  93.     $args['openid.sreg.required'] = OPENID_SREG_REQUEST;

  94.    }

  95. 

  96.    if (defined('OPENID_SREG_OPTIONAL')) {

  97.     $args['openid.sreg.optional'] = OPENID_SREG_OPTIONAL;

  98.    }

  99. 

  100.    if (defined('OPENID_SREG_POLICY')) {

  101.     $args['openid.sreg.policy_url'] = OPENID_SREG_POLICY;

  102.    }

  103.   }

  104. 

  105.   public static function buildAssociate($server) {

  106.    $args = array(

  107.         'openid.ns' => self::NAMESPACE,

  108. 	'openid.mode' => 'associate',

  109. 	'openid.assoc_type' => 'HMAC-SHA1',

  110.    );

  111. 

  112.    if (KeyManager::supportsDH()) {

  113.     $args['openid.session_type'] = 'DH-SHA1';

  114.     $args['openid.dh_modulus'] = KeyManager::getDhModulus();

  115.     $args['openid.dh_gen'] = KeyManager::getDhGen();

  116.     $args['openid.dh_consumer_public'] = KeyManager::getDhPublicKey($server);

  117.    } else {

  118.     $args['openid.session_type'] = '';

  119.    }

  120. 

  121.    return self::addArguments(false, $args);

  122.   }

  123. 

  124.   public static function buildAuth($params) {

  125.    $args = array(

  126.         'openid.ns' => self::NAMESPACE,

  127. 	'openid.mode' => 'check_authentication'

  128.    );

  129. 

  130.    $toadd = array('assoc_handle', 'sig', 'signed');

  131.    $toadd = array_merge($toadd, explode(',', $params['openid_signed']));

  132. 

  133.    foreach ($toadd as $arg) {

  134.     if (!isset($args['openid.' . $arg])) {

  135.      $args['openid.' . $arg] = $params['openid_' . $arg];

  136.     }

  137.    }

  138. 

  139.    return self::addArguments(false, $args);

  140.   }

  141. 

  142.   public static function getCurrentURL() {

  143.    $res = 'http';

  144. 

  145.    if (isset($_SERVER['HTTPS'])) {

  146.     $res = 'https';

  147.    }

  148. 

  149.    $res .= '://' . $_SERVER['SERVER_NAME'];

  150. 

  151.    if ($_SERVER['SERVER_PORT'] != 80) {

  152.     $res .= ':' . $_SERVER['SERVER_PORT'];

  153.    }

  154. 

  155.    $url = $_SERVER['REQUEST_URI'];

  156. 

  157.    while (preg_match('/([\?&])openid[\._](.*?)=(.*?)(&|$)/', $url, $m)) {

  158.     $url = str_replace($m[0], $m[1], $url);

  159.    }

  160. 

  161.    $url = preg_replace('/\??&*$/', '', $url);

  162. 

  163.    return $res . $url;

  164.   }

  165. 

  166.   /**

  167.    * Redirects the user back to their original page.

  168.    */

  169.   public static function redirect() {

  170.    if (defined('OPENID_REDIRECTURL')) {

  171.     $url = OPENID_REDIRECTURL;

  172.    } else if (isset($_SESSION['openid']['redirect'])) {

  173.     $url = $_SESSION['openid']['redirect'];

  174.    } else {

  175.     $url = self::getCurrentURL();

  176.    }

  177. 

  178.    self::doRedirect($url);

  179.   }

  180. 

  181.   /**

  182.    * Redirects the user to the specified URL.

  183.    *

  184.    * @param $url The URL to redirect the user to

  185.    */

  186.   public static function doRedirect($url) {

  187.    header('Location: ' . $url);

  188.    echo '<html><head><title>Redirecting</title></head><body>';

  189.    echo '<p>Redirecting to <a href="', htmlentities($url), '">';

  190.    echo htmlentities($url), '</a></p></body></html>';

  191.    exit();

  192.   }

  193. 

  194.  }

  195. 

  196. ?>