Menu
▾
▴
phpwebsite-comm-cvs-commits
|
From: Greg M. <bli...@us...> - 2008-07-11 17:32:36
|
Update of /cvsroot/phpwebsite-comm/modules/openid/class/Auth/Yadis In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv26802/Yadis Modified Files: HTTPFetcher.php Misc.php ParanoidHTTPFetcher.php ParseHTML.php PlainHTTPFetcher.php XRDS.php XRI.php XRIRes.php Yadis.php Log Message: Upgrade to PHP OpenID 2.1.1 Index: ParseHTML.php =================================================================== RCS file: /cvsroot/phpwebsite-comm/modules/openid/class/Auth/Yadis/ParseHTML.php,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -C2 -d -r1.1.1.1 -r1.2 *** ParseHTML.php 4 Feb 2008 04:54:31 -0000 1.1.1.1 --- ParseHTML.php 11 Jul 2008 17:32:40 -0000 1.2 *************** *** 10,15 **** * @package OpenID * @author JanRain, Inc. <op...@ja...> ! * @copyright 2005 Janrain, Inc. ! * @license http://www.gnu.org/copyleft/lesser.html LGPL */ --- 10,15 ---- * @package OpenID * @author JanRain, Inc. <op...@ja...> ! * @copyright 2005-2008 Janrain, Inc. ! * @license http://www.apache.org/licenses/LICENSE-2.0 Apache */ *************** *** 42,46 **** * @access private */ ! var $_attr_find = '\b([-\w]+)=(".*?"|\'.*?\'|.+?)[\s>]'; function Auth_Yadis_ParseHTML() --- 42,46 ---- * @access private */ ! var $_attr_find = '\b([-\w]+)=(".*?"|\'.*?\'|.+?)[\/\s>]'; function Auth_Yadis_ParseHTML() Index: XRDS.php =================================================================== RCS file: /cvsroot/phpwebsite-comm/modules/openid/class/Auth/Yadis/XRDS.php,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -C2 -d -r1.1.1.1 -r1.2 *** XRDS.php 4 Feb 2008 04:54:31 -0000 1.1.1.1 --- XRDS.php 11 Jul 2008 17:32:40 -0000 1.2 *************** *** 10,15 **** * @package OpenID * @author JanRain, Inc. <op...@ja...> ! * @copyright 2005 Janrain, Inc. ! * @license http://www.gnu.org/copyleft/lesser.html LGPL */ --- 10,15 ---- * @package OpenID * @author JanRain, Inc. <op...@ja...> ! * @copyright 2005-2008 Janrain, Inc. ! * @license http://www.apache.org/licenses/LICENSE-2.0 Apache */ Index: ParanoidHTTPFetcher.php =================================================================== RCS file: /cvsroot/phpwebsite-comm/modules/openid/class/Auth/Yadis/ParanoidHTTPFetcher.php,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** ParanoidHTTPFetcher.php 24 May 2008 14:45:29 -0000 1.2 --- ParanoidHTTPFetcher.php 11 Jul 2008 17:32:40 -0000 1.3 *************** *** 10,15 **** * @package OpenID * @author JanRain, Inc. <op...@ja...> ! * @copyright 2005 Janrain, Inc. ! * @license http://www.gnu.org/copyleft/lesser.html LGPL */ --- 10,15 ---- * @package OpenID * @author JanRain, Inc. <op...@ja...> ! * @copyright 2005-2008 Janrain, Inc. ! * @license http://www.apache.org/licenses/LICENSE-2.0 Apache */ *************** *** 19,22 **** --- 19,24 ---- require_once "Auth/Yadis/HTTPFetcher.php"; + require_once "Auth/OpenID.php"; + /** * A paranoid {@link Auth_Yadis_HTTPFetcher} class which uses CURL *************** *** 51,56 **** function _writeData($ch, $data) { ! $this->data .= $data; ! return strlen($data); } --- 53,62 ---- function _writeData($ch, $data) { ! if (strlen($this->data) > 1024*Auth_OpenID_FETCHER_MAX_RESPONSE_KB) { ! return 0; ! } else { ! $this->data .= $data; ! return strlen($data); ! } } *************** *** 72,76 **** function get($url, $extra_headers = null) { ! if ($this->isHTTPS($url) && !$this->supportsSSL()) { return null; } --- 78,82 ---- function get($url, $extra_headers = null) { ! if (!$this->canFetchURL($url)) { return null; } *************** *** 85,88 **** --- 91,102 ---- $c = curl_init(); + + if ($c === false) { + Auth_OpenID::log( + "curl_init returned false; could not " . + "initialize for URL '%s'", $url); + return null; + } + if (defined('CURLOPT_NOSIGNAL')) { curl_setopt($c, CURLOPT_NOSIGNAL, true); *************** *** 90,93 **** --- 104,109 ---- if (!$this->allowedURL($url)) { + Auth_OpenID::log("Fetching URL not allowed: %s", + $url); return null; } *************** *** 102,107 **** --- 118,133 ---- } + $cv = curl_version(); + if(is_array($cv)) { + $curl_user_agent = 'curl/'.$cv['version']; + } else { + $curl_user_agent = $cv; + } + curl_setopt($c, CURLOPT_USERAGENT, + Auth_OpenID_USER_AGENT.' '.$curl_user_agent); curl_setopt($c, CURLOPT_TIMEOUT, $off); curl_setopt($c, CURLOPT_URL, $url); + curl_setopt($c, CURLOPT_RANGE, + "0-".(1024 * Auth_OpenID_FETCHER_MAX_RESPONSE_KB)); curl_exec($c); *************** *** 112,115 **** --- 138,144 ---- if (!$code) { + Auth_OpenID::log("Got no response code when fetching %s", $url); + Auth_OpenID::log("CURL error (%s): %s", + curl_errno($c), curl_error($c)); return null; } *************** *** 125,134 **** foreach ($headers as $header) { ! if (preg_match("/:/", $header)) { ! list($name, $value) = explode(": ", $header, 2); $new_headers[$name] = $value; } } return new Auth_Yadis_HTTPResponse($url, $code, $new_headers, $body); --- 154,167 ---- foreach ($headers as $header) { ! if (strpos($header, ': ')) { ! list($name, $value) = explode(': ', $header, 2); $new_headers[$name] = $value; } } + Auth_OpenID::log( + "Successfully fetched '%s': GET response code %s", + $url, $code); + return new Auth_Yadis_HTTPResponse($url, $code, $new_headers, $body); *************** *** 143,155 **** function post($url, $body, $extra_headers = null) { ! $this->reset(); ! ! if ($this->isHTTPS($url) && !$this->supportsSSL()) { return null; } ! if (!$this->allowedURL($url)) { ! return null; ! } $c = curl_init(); --- 176,184 ---- function post($url, $body, $extra_headers = null) { ! if (!$this->canFetchURL($url)) { return null; } ! $this->reset(); $c = curl_init(); *************** *** 171,174 **** --- 200,204 ---- if (!$code) { + Auth_OpenID::log("Got no response code when fetching %s", $url); return null; } *************** *** 178,190 **** curl_close($c); ! if ($extra_headers === null) { ! $new_headers = null; ! } else { ! $new_headers = $extra_headers; ! } foreach ($this->headers as $header) { ! if (preg_match("/:/", $header)) { ! list($name, $value) = explode(": ", $header, 2); $new_headers[$name] = $value; } --- 208,216 ---- curl_close($c); ! $new_headers = $extra_headers; foreach ($this->headers as $header) { ! if (strpos($header, ': ')) { ! list($name, $value) = explode(': ', $header, 2); $new_headers[$name] = $value; } *************** *** 192,195 **** --- 218,224 ---- } + Auth_OpenID::log("Successfully fetched '%s': POST response code %s", + $url, $code); + return new Auth_Yadis_HTTPResponse($url, $code, $new_headers, $body); Index: PlainHTTPFetcher.php =================================================================== RCS file: /cvsroot/phpwebsite-comm/modules/openid/class/Auth/Yadis/PlainHTTPFetcher.php,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -C2 -d -r1.1.1.1 -r1.2 *** PlainHTTPFetcher.php 4 Feb 2008 04:54:31 -0000 1.1.1.1 --- PlainHTTPFetcher.php 11 Jul 2008 17:32:40 -0000 1.2 *************** *** 11,16 **** * @package OpenID * @author JanRain, Inc. <op...@ja...> ! * @copyright 2005 Janrain, Inc. ! * @license http://www.gnu.org/copyleft/lesser.html LGPL */ --- 11,16 ---- * @package OpenID * @author JanRain, Inc. <op...@ja...> ! * @copyright 2005-2008 Janrain, Inc. ! * @license http://www.apache.org/licenses/LICENSE-2.0 Apache */ *************** *** 37,45 **** function get($url, $extra_headers = null) { ! if ($this->isHTTPS($url) && !$this->supportsSSL()) { ! return null; ! } ! ! if (!$this->allowedURL($url)) { return null; } --- 37,41 ---- function get($url, $extra_headers = null) { ! if (!$this->canFetchURL($url)) { return null; } *************** *** 68,71 **** --- 64,71 ---- } + if (!array_key_exists('path', $parts)) { + $parts['path'] = '/'; + } + $host = $parts['host']; *************** *** 74,78 **** } ! $user_agent = "PHP Yadis Library Fetcher"; $headers = array( --- 74,78 ---- } ! $user_agent = Auth_OpenID_USER_AGENT; $headers = array( *************** *** 84,87 **** --- 84,89 ---- "Host: ".$parts['host']. ($specify_port ? ":".$parts['port'] : ""), + "Range: 0-". + (1024*Auth_OpenID_FETCHER_MAX_RESPONSE_KB), "Port: ".$parts['port']); *************** *** 106,111 **** $data = ""; ! while (!feof($sock)) { $data .= fgets($sock, 1024); } --- 108,116 ---- $data = ""; ! $kilobytes = 0; ! while (!feof($sock) && ! $kilobytes < Auth_OpenID_FETCHER_MAX_RESPONSE_KB ) { $data .= fgets($sock, 1024); + $kilobytes += 1; } *************** *** 133,138 **** foreach ($headers as $header) { if (preg_match("/:/", $header)) { ! list($name, $value) = explode(": ", $header, 2); ! $new_headers[$name] = $value; } --- 138,147 ---- foreach ($headers as $header) { if (preg_match("/:/", $header)) { ! $parts = explode(": ", $header, 2); ! ! if (count($parts) == 2) { ! list($name, $value) = $parts; ! $new_headers[$name] = $value; ! } } *************** *** 144,152 **** function post($url, $body, $extra_headers = null) { ! if ($this->isHTTPS($url) && !$this->supportsSSL()) { ! return null; ! } ! ! if (!$this->allowedURL($url)) { return null; } --- 153,157 ---- function post($url, $body, $extra_headers = null) { ! if (!$this->canFetchURL($url)) { return null; } Index: Misc.php =================================================================== RCS file: /cvsroot/phpwebsite-comm/modules/openid/class/Auth/Yadis/Misc.php,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -C2 -d -r1.1.1.1 -r1.2 *** Misc.php 4 Feb 2008 04:54:31 -0000 1.1.1.1 --- Misc.php 11 Jul 2008 17:32:40 -0000 1.2 *************** *** 6,11 **** * @package OpenID * @author JanRain, Inc. <op...@ja...> ! * @copyright 2005 Janrain, Inc. ! * @license http://www.gnu.org/copyleft/lesser.html LGPL */ --- 6,11 ---- * @package OpenID * @author JanRain, Inc. <op...@ja...> ! * @copyright 2005-2008 Janrain, Inc. ! * @license http://www.apache.org/licenses/LICENSE-2.0 Apache */ Index: XRIRes.php =================================================================== RCS file: /cvsroot/phpwebsite-comm/modules/openid/class/Auth/Yadis/XRIRes.php,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -C2 -d -r1.1.1.1 -r1.2 *** XRIRes.php 4 Feb 2008 04:54:31 -0000 1.1.1.1 --- XRIRes.php 11 Jul 2008 17:32:40 -0000 1.2 *************** *** 45,49 **** $url = $this->queryURL($xri, $service_type); $response = $this->fetcher->get($url); ! if ($response->status != 200) { continue; } --- 45,49 ---- $url = $this->queryURL($xri, $service_type); $response = $this->fetcher->get($url); ! if ($response->status != 200 and $response->status != 206) { continue; } *************** *** 70,72 **** } ! ?> \ No newline at end of file --- 70,72 ---- } ! ?> Index: Yadis.php =================================================================== RCS file: /cvsroot/phpwebsite-comm/modules/openid/class/Auth/Yadis/Yadis.php,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -C2 -d -r1.1.1.1 -r1.2 *** Yadis.php 4 Feb 2008 04:54:31 -0000 1.1.1.1 --- Yadis.php 11 Jul 2008 17:32:40 -0000 1.2 *************** *** 10,15 **** * @package OpenID * @author JanRain, Inc. <op...@ja...> ! * @copyright 2005 Janrain, Inc. ! * @license http://www.gnu.org/copyleft/lesser.html LGPL */ --- 10,15 ---- * @package OpenID * @author JanRain, Inc. <op...@ja...> ! * @copyright 2005-2008 Janrain, Inc. ! * @license http://www.apache.org/licenses/LICENSE-2.0 Apache */ *************** *** 106,110 **** { // Was the Yadis protocol's indirection used? ! return $this->normalized_uri == $this->xrds_uri; } --- 106,110 ---- { // Was the Yadis protocol's indirection used? ! return $this->normalized_uri != $this->xrds_uri; } *************** *** 118,121 **** --- 118,163 ---- /** + * + * Perform the Yadis protocol on the input URL and return an iterable + * of resulting endpoint objects. + * + * input_url: The URL on which to perform the Yadis protocol + * + * @return: The normalized identity URL and an iterable of endpoint + * objects generated by the filter function. + * + * xrds_parse_func: a callback which will take (uri, xrds_text) and + * return an array of service endpoint objects or null. Usually + * array('Auth_OpenID_ServiceEndpoint', 'fromXRDS'). + * + * discover_func: if not null, a callback which should take (uri) and + * return an Auth_Yadis_Yadis object or null. + */ + function Auth_Yadis_getServiceEndpoints($input_url, $xrds_parse_func, + $discover_func=null, $fetcher=null) + { + if ($discover_func === null) { + $discover_function = array('Auth_Yadis_Yadis', 'discover'); + } + + $yadis_result = call_user_func_array($discover_func, + array($input_url, $fetcher)); + + if ($yadis_result === null) { + return array($input_url, array()); + } + + $endpoints = call_user_func_array($xrds_parse_func, + array($yadis_result->normalized_uri, + $yadis_result->response_text)); + + if ($endpoints === null) { + $endpoints = array(); + } + + return array($yadis_result->normalized_uri, $endpoints); + } + + /** * This is the core of the PHP Yadis library. This is the only class * a user needs to use to perform Yadis discovery. This class *************** *** 282,288 **** $request_uri = $uri; ! $headers = array("Accept: " . Auth_Yadis_CONTENT_TYPE); ! if (!$fetcher) { $fetcher = Auth_Yadis_Yadis::getHTTPFetcher($timeout); } --- 324,331 ---- $request_uri = $uri; ! $headers = array("Accept: " . Auth_Yadis_CONTENT_TYPE . ! ', text/html; q=0.3, application/xhtml+xml; q=0.5'); ! if ($fetcher === null) { $fetcher = Auth_Yadis_Yadis::getHTTPFetcher($timeout); } *************** *** 290,294 **** $response = $fetcher->get($uri, $headers); ! if (!$response || ($response->status != 200)) { $result->fail(); return $result; --- 333,338 ---- $response = $fetcher->get($uri, $headers); ! if (!$response || ($response->status != 200 and ! $response->status != 206)) { $result->fail(); return $result; *************** *** 319,323 **** $response = $fetcher->get($yadis_location); ! if ($response->status != 200) { $result->fail(); return $result; --- 363,368 ---- $response = $fetcher->get($yadis_location); ! if ((!$response) || ($response->status != 200 and ! $response->status != 206)) { $result->fail(); return $result; *************** *** 335,337 **** } ! ?> \ No newline at end of file --- 380,382 ---- } ! ?> Index: XRI.php =================================================================== RCS file: /cvsroot/phpwebsite-comm/modules/openid/class/Auth/Yadis/XRI.php,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -C2 -d -r1.1.1.1 -r1.2 *** XRI.php 4 Feb 2008 04:54:31 -0000 1.1.1.1 --- XRI.php 11 Jul 2008 17:32:40 -0000 1.2 *************** *** 6,11 **** * @package OpenID * @author JanRain, Inc. <op...@ja...> ! * @copyright 2005 Janrain, Inc. ! * @license http://www.gnu.org/copyleft/lesser.html LGPL */ --- 6,11 ---- * @package OpenID * @author JanRain, Inc. <op...@ja...> ! * @copyright 2005-2008 Janrain, Inc. ! * @license http://www.apache.org/licenses/LICENSE-2.0 Apache */ *************** *** 16,20 **** function Auth_Yadis_getDefaultProxy() { ! return 'http://proxy.xri.net/'; } --- 16,20 ---- function Auth_Yadis_getDefaultProxy() { ! return 'http://xri.net/'; } *************** *** 200,204 **** } ! $canonicalID = $canonicalID_nodes[count($canonicalID_nodes) - 1]; $canonicalID = Auth_Yadis_XRI($parser->content($canonicalID)); --- 200,204 ---- } ! $canonicalID = $canonicalID_nodes[0]; $canonicalID = Auth_Yadis_XRI($parser->content($canonicalID)); *************** *** 209,219 **** $parent_sought = substr($childID, 0, strrpos($childID, '!')); ! $parent_list = array(); ! ! foreach ($parser->evalXPath('xrd:CanonicalID', $xrd) as $c) { ! $parent_list[] = Auth_Yadis_XRI($parser->content($c)); } ! if (!in_array($parent_sought, $parent_list)) { // raise XRDSFraud. return false; --- 209,219 ---- $parent_sought = substr($childID, 0, strrpos($childID, '!')); ! $parentCID = $parser->evalXPath('xrd:CanonicalID', $xrd); ! if (!$parentCID) { ! return false; } + $parentCID = Auth_Yadis_XRI($parser->content($parentCID[0])); ! if (strcasecmp($parent_sought, $parentCID)) { // raise XRDSFraud. return false; *************** *** 232,234 **** } ! ?> \ No newline at end of file --- 232,234 ---- } ! ?> Index: HTTPFetcher.php =================================================================== RCS file: /cvsroot/phpwebsite-comm/modules/openid/class/Auth/Yadis/HTTPFetcher.php,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** HTTPFetcher.php 24 May 2008 14:45:29 -0000 1.2 --- HTTPFetcher.php 11 Jul 2008 17:32:39 -0000 1.3 *************** *** 10,16 **** * @package OpenID * @author JanRain, Inc. <op...@ja...> ! * @copyright 2005 Janrain, Inc. ! * @license http://www.gnu.org/copyleft/lesser.html LGPL */ class Auth_Yadis_HTTPResponse { --- 10,25 ---- * @package OpenID * @author JanRain, Inc. <op...@ja...> ! * @copyright 2005-2008 Janrain, Inc. ! * @license http://www.apache.org/licenses/LICENSE-2.0 Apache ! */ ! ! /** ! * Require logging functionality */ + require_once "Auth/OpenID.php"; + + define('Auth_OpenID_FETCHER_MAX_RESPONSE_KB', 1024); + define('Auth_OpenID_USER_AGENT', + 'php-openid/'.Auth_OpenID_VERSION.' (php/'.phpversion().')'); class Auth_Yadis_HTTPResponse { *************** *** 38,41 **** --- 47,74 ---- /** + * Return whether a URL can be fetched. Returns false if the URL + * scheme is not allowed or is not supported by this fetcher + * implementation; returns true otherwise. + * + * @return bool + */ + function canFetchURL($url) + { + if ($this->isHTTPS($url) && !$this->supportsSSL()) { + Auth_OpenID::log("HTTPS URL unsupported fetching %s", + $url); + return false; + } + + if (!$this->allowedURL($url)) { + Auth_OpenID::log("URL fetching not allowed for '%s'", + $url); + return false; + } + + return true; + } + + /** * Return whether a URL should be allowed. Override this method to * conform to your local policy. |
Thanks for helping keep SourceForge clean.
X