Subversion Repositories Applications.annuaire

Rev

Rev 42 | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
42 aurelien 1
<?php
2
 
3
/**
4
 * This is the PHP OpenID library by JanRain, Inc.
5
 *
6
 * This module contains core utility functionality used by the
7
 * library.  See Consumer.php and Server.php for the consumer and
8
 * server implementations.
9
 *
10
 * PHP versions 4 and 5
11
 *
12
 * LICENSE: See the COPYING file included in this distribution.
13
 *
14
 * @package OpenID
15
 * @author JanRain, Inc. <openid@janrain.com>
16
 * @copyright 2005 Janrain, Inc.
17
 * @license http://www.gnu.org/copyleft/lesser.html LGPL
18
 */
19
 
20
/**
21
 * Require the fetcher code.
22
 */
23
require_once "Services/Yadis/PlainHTTPFetcher.php";
24
require_once "Services/Yadis/ParanoidHTTPFetcher.php";
25
require_once "Auth/OpenID/BigMath.php";
26
 
27
/**
28
 * Status code returned by the server when the only option is to show
29
 * an error page, since we do not have enough information to redirect
30
 * back to the consumer. The associated value is an error message that
31
 * should be displayed on an HTML error page.
32
 *
33
 * @see Auth_OpenID_Server
34
 */
35
define('Auth_OpenID_LOCAL_ERROR', 'local_error');
36
 
37
/**
38
 * Status code returned when there is an error to return in key-value
39
 * form to the consumer. The caller should return a 400 Bad Request
40
 * response with content-type text/plain and the value as the body.
41
 *
42
 * @see Auth_OpenID_Server
43
 */
44
define('Auth_OpenID_REMOTE_ERROR', 'remote_error');
45
 
46
/**
47
 * Status code returned when there is a key-value form OK response to
48
 * the consumer. The value associated with this code is the
49
 * response. The caller should return a 200 OK response with
50
 * content-type text/plain and the value as the body.
51
 *
52
 * @see Auth_OpenID_Server
53
 */
54
define('Auth_OpenID_REMOTE_OK', 'remote_ok');
55
 
56
/**
57
 * Status code returned when there is a redirect back to the
58
 * consumer. The value is the URL to redirect back to. The caller
59
 * should return a 302 Found redirect with a Location: header
60
 * containing the URL.
61
 *
62
 * @see Auth_OpenID_Server
63
 */
64
define('Auth_OpenID_REDIRECT', 'redirect');
65
 
66
/**
67
 * Status code returned when the caller needs to authenticate the
68
 * user. The associated value is a {@link Auth_OpenID_ServerRequest}
69
 * object that can be used to complete the authentication. If the user
70
 * has taken some authentication action, use the retry() method of the
71
 * {@link Auth_OpenID_ServerRequest} object to complete the request.
72
 *
73
 * @see Auth_OpenID_Server
74
 */
75
define('Auth_OpenID_DO_AUTH', 'do_auth');
76
 
77
/**
78
 * Status code returned when there were no OpenID arguments
79
 * passed. This code indicates that the caller should return a 200 OK
80
 * response and display an HTML page that says that this is an OpenID
81
 * server endpoint.
82
 *
83
 * @see Auth_OpenID_Server
84
 */
85
define('Auth_OpenID_DO_ABOUT', 'do_about');
86
 
87
/**
88
 * Defines for regexes and format checking.
89
 */
90
define('Auth_OpenID_letters',
91
       "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ");
92
 
93
define('Auth_OpenID_digits',
94
       "0123456789");
95
 
96
define('Auth_OpenID_punct',
97
       "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~");
98
 
99
if (Auth_OpenID_getMathLib() === null) {
100
    define('Auth_OpenID_NO_MATH_SUPPORT', true);
101
}
102
 
103
/**
104
 * The OpenID utility function class.
105
 *
106
 * @package OpenID
107
 * @access private
108
 */
109
class Auth_OpenID {
110
 
111
    /**
112
     * These namespaces are automatically fixed in query arguments by
113
     * Auth_OpenID::fixArgs.
114
     */
115
    function getOpenIDNamespaces()
116
    {
117
        return array('openid',
118
                     'sreg');
119
    }
120
 
121
    /**
122
     * Rename query arguments back to 'openid.' from 'openid_'
123
     *
124
     * @access private
125
     * @param array $args An associative array of URL query arguments
126
     */
127
    function fixArgs($args)
128
    {
129
        foreach (array_keys($args) as $key) {
130
            $fixed = $key;
131
            if (preg_match('/^openid/', $key)) {
132
                foreach (Auth_OpenID::getOpenIDNamespaces() as $ns) {
133
                    if (preg_match('/'.$ns.'_/', $key)) {
134
                        $fixed = preg_replace('/'.$ns.'_/', $ns.'.', $fixed);
135
                    }
136
                }
137
 
138
                if ($fixed != $key) {
139
                    $val = $args[$key];
140
                    unset($args[$key]);
141
                    $args[$fixed] = $val;
142
                }
143
            }
144
        }
145
 
146
        return $args;
147
    }
148
 
149
    /**
150
     * Create dir_name as a directory if it does not exist. If it
151
     * exists, make sure that it is, in fact, a directory.  Returns
152
     * true if the operation succeeded; false if not.
153
     *
154
     * @access private
155
     */
156
    function ensureDir($dir_name)
157
    {
158
        if (is_dir($dir_name) || @mkdir($dir_name)) {
159
            return true;
160
        } else {
161
            if (Auth_OpenID::ensureDir(dirname($dir_name))) {
162
                return is_dir($dir_name) || @mkdir($dir_name);
163
            } else {
164
                return false;
165
            }
166
        }
167
    }
168
 
169
    /**
170
     * Convenience function for getting array values.
171
     *
172
     * @access private
173
     */
174
    function arrayGet($arr, $key, $fallback = null)
175
    {
176
        if (is_array($arr)) {
177
            if (array_key_exists($key, $arr)) {
178
                return $arr[$key];
179
            } else {
180
                return $fallback;
181
            }
182
        } else {
183
            trigger_error("Auth_OpenID::arrayGet expected " .
184
                          "array as first parameter", E_USER_WARNING);
185
            return false;
186
        }
187
    }
188
 
189
    /**
190
     * Implements the PHP 5 'http_build_query' functionality.
191
     *
192
     * @access private
193
     * @param array $data Either an array key/value pairs or an array
194
     * of arrays, each of which holding two values: a key and a value,
195
     * sequentially.
196
     * @return string $result The result of url-encoding the key/value
197
     * pairs from $data into a URL query string
198
     * (e.g. "username=bob&id=56").
199
     */
200
    function httpBuildQuery($data)
201
    {
202
        $pairs = array();
203
        foreach ($data as $key => $value) {
204
            if (is_array($value)) {
205
                $pairs[] = urlencode($value[0])."=".urlencode($value[1]);
206
            } else {
207
                $pairs[] = urlencode($key)."=".urlencode($value);
208
            }
209
        }
210
        return implode("&", $pairs);
211
    }
212
 
213
    /**
214
     * "Appends" query arguments onto a URL.  The URL may or may not
215
     * already have arguments (following a question mark).
216
     *
217
     * @param string $url A URL, which may or may not already have
218
     * arguments.
219
     * @param array $args Either an array key/value pairs or an array of
220
     * arrays, each of which holding two values: a key and a value,
221
     * sequentially.  If $args is an ordinary key/value array, the
222
     * parameters will be added to the URL in sorted alphabetical order;
223
     * if $args is an array of arrays, their order will be preserved.
224
     * @return string $url The original URL with the new parameters added.
225
     *
226
     */
227
    function appendArgs($url, $args)
228
    {
229
        if (count($args) == 0) {
230
            return $url;
231
        }
232
 
233
        // Non-empty array; if it is an array of arrays, use
234
        // multisort; otherwise use sort.
235
        if (array_key_exists(0, $args) &&
236
            is_array($args[0])) {
237
            // Do nothing here.
238
        } else {
239
            $keys = array_keys($args);
240
            sort($keys);
241
            $new_args = array();
242
            foreach ($keys as $key) {
243
                $new_args[] = array($key, $args[$key]);
244
            }
245
            $args = $new_args;
246
        }
247
 
248
        $sep = '?';
249
        if (strpos($url, '?') !== false) {
250
            $sep = '&';
251
        }
252
 
253
        return $url . $sep . Auth_OpenID::httpBuildQuery($args);
254
    }
255
 
256
    /**
257
     * Turn a string into an ASCII string.
258
     *
259
     * Replace non-ascii characters with a %-encoded, UTF-8
260
     * encoding. This function will fail if the input is a string and
261
     * there are non-7-bit-safe characters. It is assumed that the
262
     * caller will have already translated the input into a Unicode
263
     * character sequence, according to the encoding of the HTTP POST
264
     * or GET.
265
     *
266
     * Do not escape anything that is already 7-bit safe, so we do the
267
     * minimal transform on the identity URL
268
     *
269
     * @access private
270
     */
271
    function quoteMinimal($s)
272
    {
273
        $res = array();
274
        for ($i = 0; $i < strlen($s); $i++) {
275
            $c = $s[$i];
276
            if ($c >= "\x80") {
277
                for ($j = 0; $j < count(utf8_encode($c)); $j++) {
278
                    array_push($res, sprintf("%02X", ord($c[$j])));
279
                }
280
            } else {
281
                array_push($res, $c);
282
            }
283
        }
284
 
285
        return implode('', $res);
286
    }
287
 
288
    /**
289
     * Implements python's urlunparse, which is not available in PHP.
290
     * Given the specified components of a URL, this function rebuilds
291
     * and returns the URL.
292
     *
293
     * @access private
294
     * @param string $scheme The scheme (e.g. 'http').  Defaults to 'http'.
295
     * @param string $host The host.  Required.
296
     * @param string $port The port.
297
     * @param string $path The path.
298
     * @param string $query The query.
299
     * @param string $fragment The fragment.
300
     * @return string $url The URL resulting from assembling the
301
     * specified components.
302
     */
303
    function urlunparse($scheme, $host, $port = null, $path = '/',
304
                                    $query = '', $fragment = '')
305
    {
306
 
307
        if (!$scheme) {
308
            $scheme = 'http';
309
        }
310
 
311
        if (!$host) {
312
            return false;
313
        }
314
 
315
        if (!$path) {
316
            $path = '/';
317
        }
318
 
319
        $result = $scheme . "://" . $host;
320
 
321
        if ($port) {
322
            $result .= ":" . $port;
323
        }
324
 
325
        $result .= $path;
326
 
327
        if ($query) {
328
            $result .= "?" . $query;
329
        }
330
 
331
        if ($fragment) {
332
            $result .= "#" . $fragment;
333
        }
334
 
335
        return $result;
336
    }
337
 
338
    /**
339
     * Given a URL, this "normalizes" it by adding a trailing slash
340
     * and / or a leading http:// scheme where necessary.  Returns
341
     * null if the original URL is malformed and cannot be normalized.
342
     *
343
     * @access private
344
     * @param string $url The URL to be normalized.
345
     * @return mixed $new_url The URL after normalization, or null if
346
     * $url was malformed.
347
     */
348
    function normalizeUrl($url)
349
    {
350
        if ($url === null) {
351
            return null;
352
        }
353
 
354
        assert(is_string($url));
355
 
356
        $old_url = $url;
357
        $url = trim($url);
358
 
359
        if (strpos($url, "://") === false) {
360
            $url = "http://" . $url;
361
        }
362
 
363
        $parsed = @parse_url($url);
364
 
365
        if ($parsed === false) {
366
            return null;
367
        }
368
 
369
        $defaults = array(
370
                          'scheme' => '',
371
                          'host' => '',
372
                          'path' => '',
373
                          'query' => '',
374
                          'fragment' => '',
375
                          'port' => ''
376
                          );
377
 
378
        $parsed = array_merge($defaults, $parsed);
379
 
380
        if (($parsed['scheme'] == '') ||
381
            ($parsed['host'] == '')) {
382
            if ($parsed['path'] == '' &&
383
                $parsed['query'] == '' &&
384
                $parsed['fragment'] == '') {
385
                return null;
386
            }
387
 
388
            $url = 'http://' + $url;
389
            $parsed = parse_url($url);
390
 
391
            $parsed = array_merge($defaults, $parsed);
392
        }
393
 
394
        $tail = array_map(array('Auth_OpenID', 'quoteMinimal'),
395
                          array($parsed['path'],
396
                                $parsed['query'],
397
                                $parsed['fragment']));
398
        if ($tail[0] == '') {
399
            $tail[0] = '/';
400
        }
401
 
402
        $url = Auth_OpenID::urlunparse($parsed['scheme'], $parsed['host'],
403
                                       $parsed['port'], $tail[0], $tail[1],
404
                                       $tail[2]);
405
 
406
        assert(is_string($url));
407
 
408
        return $url;
409
    }
410
}
411
 
412
?>