Changeset 3386
- Timestamp:
- 05/31/07 03:20:34 (20 months ago)
- Location:
- trunk/plugins/CL_OpenID
- Files:
-
- 13 modified
-
Auth/OpenID.php (modified) (4 diffs)
-
Auth/OpenID/BigMath.php (modified) (2 diffs)
-
Auth/OpenID/DiffieHellman.php (modified) (7 diffs)
-
Auth/OpenID/URINorm.php (modified) (6 diffs)
-
Services/Yadis/Misc.php (modified) (2 diffs)
-
Services/Yadis/ParseHTML.php (modified) (3 diffs)
-
Services/Yadis/PlainHTTPFetcher.php (modified) (1 diff)
-
Services/Yadis/XML.php (modified) (6 diffs)
-
Services/Yadis/XRDS.php (modified) (6 diffs)
-
Services/Yadis/XRI.php (modified) (7 diffs)
-
Services/Yadis/XRIRes.php (modified) (1 diff)
-
index.php (modified) (6 diffs)
-
openid_session.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/plugins/CL_OpenID/Auth/OpenID.php
r3229 r3386 23 23 require_once "Services/Yadis/PlainHTTPFetcher.php"; 24 24 require_once "Services/Yadis/ParanoidHTTPFetcher.php"; 25 require_once "Auth/OpenID/BigMath.php"; 25 26 26 27 /** … … 96 97 "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~"); 97 98 98 /** 99 * These namespaces are automatically fixed in query arguments by 100 * Auth_OpenID::fixArgs. 101 */ 102 global $_Auth_OpenID_namespaces; 103 $_Auth_OpenID_namespaces = array('openid', 104 'sreg'); 99 if (Auth_OpenID_getMathLib() === null) { 100 if( !defined('Auth_OpenID_NO_MATH_SUPPORT') ) { 101 define('Auth_OpenID_NO_MATH_SUPPORT', true); 102 } 103 } 105 104 106 105 /** … … 113 112 114 113 /** 114 * These namespaces are automatically fixed in query arguments by 115 * Auth_OpenID::fixArgs. 116 */ 117 function getOpenIDNamespaces() 118 { 119 return array('openid', 120 'sreg'); 121 } 122 123 /** 115 124 * Rename query arguments back to 'openid.' from 'openid_' 116 125 * … … 120 129 function fixArgs($args) 121 130 { 122 global $_Auth_OpenID_namespaces;123 131 foreach (array_keys($args) as $key) { 124 132 $fixed = $key; 125 133 if (preg_match('/^openid/', $key)) { 126 foreach ( $_Auth_OpenID_namespacesas $ns) {134 foreach (Auth_OpenID::getOpenIDNamespaces() as $ns) { 127 135 if (preg_match('/'.$ns.'_/', $key)) { 128 136 $fixed = preg_replace('/'.$ns.'_/', $ns.'.', $fixed); -
trunk/plugins/CL_OpenID/Auth/OpenID/BigMath.php
r3229 r3386 336 336 * this array. 337 337 */ 338 global $_Auth_OpenID_math_extensions; 338 339 $_Auth_OpenID_math_extensions = array( 339 340 array('modules' => array('gmp', 'php_gmp'), … … 429 430 } 430 431 $triedstr = implode(", ", $tried); 431 $msg = 'This PHP installation has no big integer math ' . 432 'library. Define Auth_OpenID_NO_MATH_SUPPORT to use ' . 433 'this library in dumb mode. Tried: ' . $triedstr; 434 trigger_error($msg, E_USER_ERROR); 432 433 define('Auth_OpenID_NO_MATH_SUPPORT', true); 434 return null; 435 435 } 436 436 -
trunk/plugins/CL_OpenID/Auth/OpenID/DiffieHellman.php
r3229 r3386 18 18 require_once 'Auth/OpenID/HMACSHA1.php'; 19 19 20 $_Auth_OpenID_DEFAULT_MOD = '155172898181473697471232257763715539915724801'. 21 '966915404479707795314057629378541917580651227423698188993727816152646631'. 22 '438561595825688188889951272158842675419950341258706556549803580104870537'. 23 '681476726513255747040765857479291291572334510643245094715007229621094194'. 24 '349783925984760375594985848253359305585439638443'; 20 function Auth_OpenID_getDefaultMod() 21 { 22 return '155172898181473697471232257763715539915724801'. 23 '966915404479707795314057629378541917580651227423'. 24 '698188993727816152646631438561595825688188889951'. 25 '272158842675419950341258706556549803580104870537'. 26 '681476726513255747040765857479291291572334510643'. 27 '245094715007229621094194349783925984760375594985'. 28 '848253359305585439638443'; 29 } 25 30 26 $_Auth_OpenID_DEFAULT_GEN = '2'; 31 function Auth_OpenID_getDefaultGen() 32 { 33 return '2'; 34 } 27 35 28 36 /** … … 43 51 $private = null, $lib = null) 44 52 { 45 global $_Auth_OpenID_DEFAULT_MOD, $_Auth_OpenID_DEFAULT_GEN;46 47 53 if ($lib === null) { 48 54 $this->lib =& Auth_OpenID_getMathLib(); … … 52 58 53 59 if ($mod === null) { 54 $this->mod = $this->lib->init( $_Auth_OpenID_DEFAULT_MOD);60 $this->mod = $this->lib->init(Auth_OpenID_getDefaultMod()); 55 61 } else { 56 62 $this->mod = $mod; … … 58 64 59 65 if ($gen === null) { 60 $this->gen = $this->lib->init( $_Auth_OpenID_DEFAULT_GEN);66 $this->gen = $this->lib->init(Auth_OpenID_getDefaultGen()); 61 67 } else { 62 68 $this->gen = $gen; … … 90 96 function getAssocArgs() 91 97 { 92 global $_Auth_OpenID_DEFAULT_MOD, $_Auth_OpenID_DEFAULT_GEN;93 94 98 $cpub = $this->lib->longToBase64($this->getPublicKey()); 95 99 $args = array( … … 98 102 ); 99 103 100 if ($this->lib->cmp($this->mod, $_Auth_OpenID_DEFAULT_MOD) ||101 $this->lib->cmp($this->gen, $_Auth_OpenID_DEFAULT_GEN)) {104 if ($this->lib->cmp($this->mod, Auth_OpenID_getDefaultMod()) || 105 $this->lib->cmp($this->gen, Auth_OpenID_getDefaultGen())) { 102 106 $args['openid.dh_modulus'] = $this->lib->longToBase64($this->mod); 103 107 $args['openid.dh_gen'] = $this->lib->longToBase64($this->gen); … … 109 113 function usingDefaultValues() 110 114 { 111 global $_Auth_OpenID_DEFAULT_GEN, $_Auth_OpenID_DEFAULT_MOD; 112 113 return ($this->mod == $_Auth_OpenID_DEFAULT_MOD && 114 $this->gen == $_Auth_OpenID_DEFAULT_GEN); 115 return ($this->mod == Auth_OpenID_getDefaultMod() && 116 $this->gen == Auth_OpenID_getDefaultGen()); 115 117 } 116 118 -
trunk/plugins/CL_OpenID/Auth/OpenID/URINorm.php
r3229 r3386 13 13 14 14 // from appendix B of rfc 3986 (http://www.ietf.org/rfc/rfc3986.txt) 15 $__uri_pattern = '&^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\?([^#]*))?(#(.*))?&'; 16 $__authority_pattern = '/^([^@]*@)?([^:]*)(:.*)?/'; 17 $__pct_encoded_pattern = '/%([0-9A-Fa-f]{2})/'; 18 19 $_unreserved = array(); 20 for ($i = 0; $i < 256; $i++) { 21 $_unreserved[$i] = false; 22 } 23 24 for ($i = ord('A'); $i <= ord('Z'); $i++) { 25 $_unreserved[$i] = true; 26 } 27 28 for ($i = ord('0'); $i <= ord('9'); $i++) { 29 $_unreserved[$i] = true; 30 } 31 32 for ($i = ord('a'); $i <= ord('z'); $i++) { 33 $_unreserved[$i] = true; 34 } 35 36 $_unreserved[ord('-')] = true; 37 $_unreserved[ord('.')] = true; 38 $_unreserved[ord('_')] = true; 39 $_unreserved[ord('~')] = true; 40 41 $parts = array(); 42 foreach (array_merge($__UCSCHAR, $__IPRIVATE) as $pair) { 43 list($m, $n) = $pair; 44 $parts[] = sprintf("%s-%s", chr($m), chr($n)); 45 } 46 47 $_escapeme_re = sprintf('[%s]', implode('', $parts)); 48 49 function _pct_encoded_replace_unreserved($mo) 50 { 51 global $_unreserved; 15 function Auth_OpenID_getURIPattern() 16 { 17 return '&^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\?([^#]*))?(#(.*))?&'; 18 } 19 20 function Auth_OpenID_getAuthorityPattern() 21 { 22 return '/^([^@]*@)?([^:]*)(:.*)?/'; 23 } 24 25 function Auth_OpenID_getEncodedPattern() 26 { 27 return '/%([0-9A-Fa-f]{2})/'; 28 } 29 30 function Auth_OpenID_getUnreserved() 31 { 32 $_unreserved = array(); 33 for ($i = 0; $i < 256; $i++) { 34 $_unreserved[$i] = false; 35 } 36 37 for ($i = ord('A'); $i <= ord('Z'); $i++) { 38 $_unreserved[$i] = true; 39 } 40 41 for ($i = ord('0'); $i <= ord('9'); $i++) { 42 $_unreserved[$i] = true; 43 } 44 45 for ($i = ord('a'); $i <= ord('z'); $i++) { 46 $_unreserved[$i] = true; 47 } 48 49 $_unreserved[ord('-')] = true; 50 $_unreserved[ord('.')] = true; 51 $_unreserved[ord('_')] = true; 52 $_unreserved[ord('~')] = true; 53 54 return $_unreserved; 55 } 56 57 function Auth_OpenID_getEscapeRE() 58 { 59 $parts = array(); 60 foreach (array_merge(Services_Yadis_getUCSChars(), 61 Services_Yadis_getIPrivateChars()) as $pair) { 62 list($m, $n) = $pair; 63 $parts[] = sprintf("%s-%s", chr($m), chr($n)); 64 } 65 66 return sprintf('[%s]', implode('', $parts)); 67 } 68 69 function Auth_OpenID_pct_encoded_replace_unreserved($mo) 70 { 71 $_unreserved = Auth_OpenID_getUnreserved(); 52 72 53 73 $i = intval($mo[1], 16); … … 61 81 } 62 82 63 function _pct_encoded_replace($mo)83 function Auth_OpenID_pct_encoded_replace($mo) 64 84 { 65 85 return chr(intval($mo[1], 16)); 66 86 } 67 87 68 function remove_dot_segments($path)88 function Auth_OpenID_remove_dot_segments($path) 69 89 { 70 90 $result_segments = array(); 71 91 72 92 while ($path) { 73 if ( _startswith($path, '../')) {93 if (Services_Yadis_startswith($path, '../')) { 74 94 $path = substr($path, 3); 75 } else if ( _startswith($path, './')) {95 } else if (Services_Yadis_startswith($path, './')) { 76 96 $path = substr($path, 2); 77 } else if ( _startswith($path, '/./')) {97 } else if (Services_Yadis_startswith($path, '/./')) { 78 98 $path = substr($path, 2); 79 99 } else if ($path == '/.') { 80 100 $path = '/'; 81 } else if ( _startswith($path, '/../')) {101 } else if (Services_Yadis_startswith($path, '/../')) { 82 102 $path = substr($path, 3); 83 103 if ($result_segments) { … … 111 131 function Auth_OpenID_urinorm($uri) 112 132 { 113 global $__uri_pattern, $__authority_pattern, $__pct_encoded_pattern;114 115 133 $uri_matches = array(); 116 preg_match( $__uri_pattern, $uri, $uri_matches);134 preg_match(Auth_OpenID_getURIPattern(), $uri, $uri_matches); 117 135 118 136 if (count($uri_matches) < 9) { … … 146 164 147 165 $authority_matches = array(); 148 preg_match($__authority_pattern, $authority, $authority_matches); 166 preg_match(Auth_OpenID_getAuthorityPattern(), 167 $authority, $authority_matches); 149 168 if (count($authority_matches) === 0) { 150 169 // URI does not have a valid authority … … 167 186 $host = strtolower($host); 168 187 $host = preg_replace_callback( 169 $__pct_encoded_pattern, '_pct_encoded_replace', $host); 188 Auth_OpenID_getEncodedPattern(), 189 'Auth_OpenID_pct_encoded_replace', $host); 170 190 // NO IDNA. 171 191 // $host = unicode($host, 'utf-8').encode('idna'); … … 188 208 $path = $uri_matches[5]; 189 209 $path = preg_replace_callback( 190 $__pct_encoded_pattern,191 ' _pct_encoded_replace_unreserved', $path);192 193 $path = remove_dot_segments($path);210 Auth_OpenID_getEncodedPattern(), 211 'Auth_OpenID_pct_encoded_replace_unreserved', $path); 212 213 $path = Auth_OpenID_remove_dot_segments($path); 194 214 if (!$path) { 195 215 $path = '/'; -
trunk/plugins/CL_OpenID/Services/Yadis/Misc.php
r3229 r3386 10 10 */ 11 11 12 $__UCSCHAR = array( 13 array(0xA0, 0xD7FF), 14 array(0xF900, 0xFDCF), 15 array(0xFDF0, 0xFFEF), 16 array(0x10000, 0x1FFFD), 17 array(0x20000, 0x2FFFD), 18 array(0x30000, 0x3FFFD), 19 array(0x40000, 0x4FFFD), 20 array(0x50000, 0x5FFFD), 21 array(0x60000, 0x6FFFD), 22 array(0x70000, 0x7FFFD), 23 array(0x80000, 0x8FFFD), 24 array(0x90000, 0x9FFFD), 25 array(0xA0000, 0xAFFFD), 26 array(0xB0000, 0xBFFFD), 27 array(0xC0000, 0xCFFFD), 28 array(0xD0000, 0xDFFFD), 29 array(0xE1000, 0xEFFFD) 30 ); 12 function Services_Yadis_getUCSChars() 13 { 14 return array( 15 array(0xA0, 0xD7FF), 16 array(0xF900, 0xFDCF), 17 array(0xFDF0, 0xFFEF), 18 array(0x10000, 0x1FFFD), 19 array(0x20000, 0x2FFFD), 20 array(0x30000, 0x3FFFD), 21 array(0x40000, 0x4FFFD), 22 array(0x50000, 0x5FFFD), 23 array(0x60000, 0x6FFFD), 24 array(0x70000, 0x7FFFD), 25 array(0x80000, 0x8FFFD), 26 array(0x90000, 0x9FFFD), 27 array(0xA0000, 0xAFFFD), 28 array(0xB0000, 0xBFFFD), 29 array(0xC0000, 0xCFFFD), 30 array(0xD0000, 0xDFFFD), 31 array(0xE1000, 0xEFFFD) 32 ); 33 } 31 34 32 $__IPRIVATE = array( 33 array(0xE000, 0xF8FF), 34 array(0xF0000, 0xFFFFD), 35 array(0x100000, 0x10FFFD) 36 ); 35 function Services_Yadis_getIPrivateChars() 36 { 37 return array( 38 array(0xE000, 0xF8FF), 39 array(0xF0000, 0xFFFFD), 40 array(0x100000, 0x10FFFD) 41 ); 42 } 37 43 38 function _pct_escape_unicode($char_match)44 function Services_Yadis_pct_escape_unicode($char_match) 39 45 { 40 46 $c = $char_match[0]; … … 46 52 } 47 53 48 function _startswith($s, $stuff)54 function Services_Yadis_startswith($s, $stuff) 49 55 { 50 56 return strpos($s, $stuff) === 0; -
trunk/plugins/CL_OpenID/Services/Yadis/ParseHTML.php
r3229 r3386 31 31 * @access private 32 32 */ 33 var $_tag_expr = "<%s\b(?!:)([^>]*?)(?:\/>|>(.*?)(?:<\/?%s\s*>|\Z))"; 34 35 /** 36 * @access private 37 */ 38 var $_close_tag_expr = "<\/?%s\s*>"; 39 40 /** 41 * @access private 42 */ 43 var $_removed_re = 44 "<!--.*?-->|<!\[CDATA\[.*?\]\]>|<script\b(?!:)[^>]*>.*?<\/script>"; 45 46 /** 47 * @access private 48 */ 49 var $_attr_find = '\b([-\w]+)=("[^"]*"|\'[^\']*\'|[^\'"\s\/<>]+)'; 33 var $_tag_expr = "<%s%s(?:\s.*?)?%s>"; 34 35 /** 36 * @access private 37 */ 38 var $_attr_find = '\b([-\w]+)=(".*?"|\'.*?\'|.+?)[\s>]'; 50 39 51 40 function Services_Yadis_ParseHTML() 52 41 { 53 $this->_meta_find = sprintf("/<meta\b(?!:)([^>]*)(?!<)>/%s",54 $this->_re_flags);55 56 $this->_removed_re = sprintf("/%s/%s",57 $this->_removed_re,58 $this->_re_flags);59 60 42 $this->_attr_find = sprintf("/%s/%s", 61 43 $this->_attr_find, … … 122 104 123 105 /** 124 * Create a regular expression that will match an opening (and125 * o ptional) closing tag of a given name.126 * 127 * @access private 128 * @param string $tag_name The tag nameto match129 * @param array $close_tags An array of tag names which also130 * constitute closing of the original tag106 * Create a regular expression that will match an opening 107 * or closing tag from a set of names. 108 * 109 * @access private 110 * @param mixed $tag_names Tag names to match 111 * @param mixed $close false/0 = no, true/1 = yes, other = maybe 112 * @param mixed $self_close false/0 = no, true/1 = yes, other = maybe 131 113 * @return string $regex A regular expression string to be used 132 114 * in, say, preg_match. 133 115 */ 134 function tagMatcher($tag_name, $close_tags = null) 135 { 136 if ($close_tags) { 137 $options = implode("|", array_merge(array($tag_name), $close_tags)); 138 $closer = sprintf("(?:%s)", $options); 116 function tagPattern($tag_names, $close, $self_close) 117 { 118 if (is_array($tag_names)) { 119 $tag_names = '(?:'.implode('|',$tag_names).')'; 120 } 121 if ($close) { 122 $close = '\/' . (($close == 1)? '' : '?'); 139 123 } else { 140 $closer = $tag_name; 141 } 142 143 $expr = sprintf($this->_tag_expr, $tag_name, $closer); 124 $close = ''; 125 } 126 if ($self_close) { 127 $self_close = '(?:\/\s*)' . (($self_close == 1)? '' : '?'); 128 } else { 129 $self_close = ''; 130 } 131 $expr = sprintf($this->_tag_expr, $close, $tag_names, $self_close); 132 144 133 return sprintf("/%s/%s", $expr, $this->_re_flags); 145 }146 147 /**148 * @access private149 */150 function htmlFind($str)151 {152 return $this->tagMatcher('html', array('body'));153 }154 155 /**156 * @access private157 */158 function headFind()159 {160 return $this->tagMatcher('head', array('body'));161 134 } 162 135 … … 174 147 function getMetaTags($html_string) 175 148 { 176 $stripped = preg_replace($this->_removed_re, 177 "", 178 $html_string); 179 180 // Look for the closing body tag. 181 $body_closer = sprintf($this->_close_tag_expr, 'body'); 182 $body_matches = array(); 183 preg_match($body_closer, $html_string, $body_matches, 184 PREG_OFFSET_CAPTURE); 185 if ($body_matches) { 186 $html_string = substr($html_string, 0, $body_matches[0][1]); 187 } 188 189 // Look for the opening body tag, and discard everything after 190 // that tag. 191 $body_re = $this->tagMatcher('body'); 192 $body_matches = array(); 193 preg_match($body_re, $html_string, $body_matches, PREG_OFFSET_CAPTURE); 194 if ($body_matches) { 195 $html_string = substr($html_string, 0, $body_matches[0][1]); 196 } 197 198 // If an HTML tag is found at all, it must be in the right 199 // order; else, it may be missing (which is a case we allow 200 // for). 201 $html_re = $this->tagMatcher('html', array('body')); 202 preg_match($html_re, $html_string, $html_matches); 203 if ($html_matches) { 204 $html = $html_matches[0]; 205 } else { 206 $html = $html_string; 207 } 208 209 // Try to find the <HEAD> tag. 210 $head_re = $this->headFind(); 211 $head_matches = array(); 212 if (!preg_match($head_re, $html, $head_matches)) { 213 return array(); 214 } 149 $key_tags = array($this->tagPattern('html', false, false), 150 $this->tagPattern('head', false, false), 151 $this->tagPattern('head', true, false), 152 $this->tagPattern('html', true, false), 153 $this->tagPattern(array( 154 'body', 'frameset', 'frame', 'p', 'div', 155 'table','span','a'), 'maybe', 'maybe')); 156 $key_tags_pos = array(); 157 foreach ($key_tags as $pat) { 158 $matches = array(); 159 preg_match($pat, $html_string, $matches, PREG_OFFSET_CAPTURE); 160 if($matches) { 161 $key_tags_pos[] = $matches[0][1]; 162 } else { 163 $key_tags_pos[] = null; 164 } 165 } 166 // no opening head tag 167 if (is_null($key_tags_pos[1])) { 168 return array(); 169 } 170 // the effective </head> is the min of the following 171 if (is_null($key_tags_pos[2])) { 172 $key_tags_pos[2] = strlen($html_string); 173 } 174 foreach (array($key_tags_pos[3], $key_tags_pos[4]) as $pos) { 175 if (!is_null($pos) && $pos < $key_tags_pos[2]) { 176 $key_tags_pos[2] = $pos; 177 } 178 } 179 // closing head tag comes before opening head tag 180 if ($key_tags_pos[1] > $key_tags_pos[2]) { 181 return array(); 182 } 183 // if there is an opening html tag, make sure the opening head tag 184 // comes after it 185 if (!is_null($key_tags_pos[0]) && $key_tags_pos[1] < $key_tags_pos[0]) { 186 return array(); 187 } 188 $html_string = substr($html_string, $key_tags_pos[1], ($key_tags_pos[2]-$key_tags_pos[1])); 215 189 216 190 $link_data = array(); 217 191 $link_matches = array(); 218 219 if (!preg_match_all($this-> _meta_find, $head_matches[0],220 $ link_matches)) {192 193 if (!preg_match_all($this->tagPattern('meta', false, 'maybe'), 194 $html_string, $link_matches)) { 221 195 return array(); 222 196 } -
trunk/plugins/CL_OpenID/Services/Yadis/PlainHTTPFetcher.php
r3229 r3386 148 148 $headers = array(); 149 149 150 $headers[] = "POST ".$parts['path']." HTTP/1.0"; 150 $post_path = $parts['path']; 151 if (isset($parts['query'])) { 152 $post_path .= '?' . $parts['query']; 153 } 154 155 $headers[] = "POST ".$post_path." HTTP/1.0"; 151 156 $headers[] = "Host: " . $parts['host']; 152 157 $headers[] = "Content-type: application/x-www-form-urlencoded"; -
trunk/plugins/CL_OpenID/Services/Yadis/XML.php
r3247 r3386 1 1 <?php 2 global $__Services_Yadis_defaultParser;