diff options
| author | tailor <cygnus@janrain.com> | 2006-01-24 22:51:35 +0000 |
|---|---|---|
| committer | tailor <cygnus@janrain.com> | 2006-01-24 22:51:35 +0000 |
| commit | 1213ccea4f42e89a233834d50d025ee98984f1d4 (patch) | |
| tree | b055772e8a663a62d7832f1663c68046376da91e | |
| parent | 22e12b7311e15f3080fe1bd24330412591122b73 (diff) | |
| download | php-openid-1213ccea4f42e89a233834d50d025ee98984f1d4.zip php-openid-1213ccea4f42e89a233834d50d025ee98984f1d4.tar.gz php-openid-1213ccea4f42e89a233834d50d025ee98984f1d4.tar.bz2 | |
[project @ Converted Auth_OpenID_ status codes to define()s rather than global variables.]
| -rw-r--r-- | Auth/OpenID/Consumer/Consumer.php | 91 | ||||
| -rw-r--r-- | Tests/Auth/OpenID/Consumer.php | 17 | ||||
| -rw-r--r-- | examples/consumer.php | 23 |
3 files changed, 56 insertions, 75 deletions
diff --git a/Auth/OpenID/Consumer/Consumer.php b/Auth/OpenID/Consumer/Consumer.php index 90710d3..e10c6c0 100644 --- a/Auth/OpenID/Consumer/Consumer.php +++ b/Auth/OpenID/Consumer/Consumer.php @@ -183,6 +183,7 @@ /** * Require utility classes and functions for the consumer. */ +require_once "Auth/OpenID/HMACSHA1.php"; require_once "Auth/OpenID/Association.php"; require_once "Auth/OpenID/Consumer/Fetchers.php"; require_once "Auth/OpenID/Consumer/Parse.php"; @@ -195,13 +196,13 @@ require_once "Auth/OpenID/OIDUtil.php"; * This is the status code returned when either the of the beginAuth * or completeAuth methods return successfully. */ -$Auth_OpenID_SUCCESS = 'success'; +define('Auth_OpenID_SUCCESS', 'success'); /** * This is the status code completeAuth returns when the value it * received indicated an invalid login. */ -$Auth_OpenID_FAILURE = 'failure'; +define('Auth_OpenID_FAILURE', 'failure'); /** * This is the status code completeAuth returns when the @@ -209,20 +210,20 @@ $Auth_OpenID_FAILURE = 'failure'; * server sends back a URL to send the user to to complete his or her * login. */ -$Auth_OpenID_SETUP_NEEDED = 'setup needed'; +define('Auth_OpenID_SETUP_NEEDED', 'setup needed'); /** * This is the status code beginAuth returns when it is unable to * fetch the OpenID URL the user entered. */ -$Auth_OpenID_HTTP_FAILURE = 'http failure'; +define('Auth_OpenID_HTTP_FAILURE', 'http failure'); /** * This is the status code beginAuth returns when the page fetched * from the entered OpenID URL doesn't contain the necessary link tags * to function as an identity page. */ -$Auth_OpenID_PARSE_ERROR = 'parse error'; +define('Auth_OpenID_PARSE_ERROR', 'parse error'); /** * This is the characters that the nonces are made from. @@ -339,8 +340,8 @@ class Auth_OpenID_Consumer { * First, the user's claimed identity page is fetched, to * determine their identity server. If the page cannot be fetched * or if the page does not have the necessary link tags in it, - * this method returns one of $Auth_OpenID_HTTP_FAILURE or - * $Auth_OpenID_PARSE_ERROR, depending on where the process failed. + * this method returns one of Auth_OpenID_HTTP_FAILURE or + * Auth_OpenID_PARSE_ERROR, depending on where the process failed. * * Second, unless the store provided is a dumb store, it checks to * see if it has an association with that identity server, and @@ -370,7 +371,7 @@ class Auth_OpenID_Consumer { * status code and additional information about the code. * * If there was a problem fetching the identity page the user - * gave, the status code is set to $Auth_OpenID_HTTP_FAILURE, and + * gave, the status code is set to Auth_OpenID_HTTP_FAILURE, and * the additional information value is either set to null if the * HTTP transaction failed or the HTTP return code, which will be * in the 400-500 range. This additional information value may @@ -378,11 +379,11 @@ class Auth_OpenID_Consumer { * * If the identity page fetched successfully, but didn't include * the correct link tags, the status code is set to - * $Auth_OpenID_PARSE_ERROR, and the additional information value + * Auth_OpenID_PARSE_ERROR, and the additional information value * is currently set to null. The additional information value may * change in a future release. * - * Otherwise, the status code is set to $Auth_OpenID_SUCCESS, and + * Otherwise, the status code is set to Auth_OpenID_SUCCESS, and * the additional information is an instance of * Auth_OpenID_AuthRequest. The $token attribute contains the * token to be preserved for the next HTTP request. The @@ -392,10 +393,8 @@ class Auth_OpenID_Consumer { */ function beginAuth($user_url) { - global $Auth_OpenID_SUCCESS; - list($status, $info) = $this->_findIdentityInfo($user_url); - if ($status != $Auth_OpenID_SUCCESS) { + if ($status != Auth_OpenID_SUCCESS) { return array($status, $info); } @@ -457,23 +456,23 @@ class Auth_OpenID_Consumer { * The return value is a pair, consisting of a status and * additional information. The status values are strings, but * should be referred to by their symbolic values: - * $Auth_OpenID_SUCCESS, $Auth_OpenID_FAILURE, and - * $Auth_OpenID_SETUP_NEEDED. + * Auth_OpenID_SUCCESS, Auth_OpenID_FAILURE, and + * Auth_OpenID_SETUP_NEEDED. * - * When $Auth_OpenID_SUCCESS is returned, the additional + * When Auth_OpenID_SUCCESS is returned, the additional * information returned is either null or a string. If it is * null, it means the user cancelled the login, and no further * information can be determined. If the additional information * is a string, it is the identity that has been verified as * belonging to the user making this request. * - * When $Auth_OpenID_FAILURE is returned, the additional + * When Auth_OpenID_FAILURE is returned, the additional * information is either null or a string. In either case, this * code means that the identity verification failed. If it can be * determined, the identity that failed to verify is returned. * Otherwise null is returned. * - * When $Auth_OpenID_SETUP_NEEDED is returned, the additional + * When Auth_OpenID_SETUP_NEEDED is returned, the additional * information is the user setup URL. This is a URL returned only * as a response to requests made with openid.mode=immediate, * which indicates that the login was unable to proceed, and the @@ -493,14 +492,12 @@ class Auth_OpenID_Consumer { */ function completeAuth($token, $query) { - global $Auth_OpenID_SUCCESS, $Auth_OpenID_FAILURE; - $query = Auth_OpenID_fixArgs($query); $mode = Auth_OpenID_array_get($query, 'openid.mode', ''); if ($mode == 'cancel') { - return array($Auth_OpenID_SUCCESS, null); + return array(Auth_OpenID_SUCCESS, null); } else if ($mode == 'error') { $error = Auth_OpenID_array_get($query, 'openid.error', null); @@ -508,11 +505,11 @@ class Auth_OpenID_Consumer { if ($error !== null) { Auth_OpenID_log($error); } - return array($Auth_OpenID_FAILURE, null); + return array(Auth_OpenID_FAILURE, null); } else if ($mode == 'id_res') { return $this->_doIdRes($token, $query); } else { - return array($Auth_OpenID_FAILURE, null); + return array(Auth_OpenID_FAILURE, null); } } @@ -521,8 +518,7 @@ class Auth_OpenID_Consumer { */ function _gotIdentityInfo($consumer_id, $server_id, $server_url) { - global $Auth_OpenID_SUCCESS, $_Auth_OpenID_NONCE_CHRS, - $_Auth_OpenID_NONCE_LEN; + global $_Auth_OpenID_NONCE_CHRS, $_Auth_OpenID_NONCE_LEN; $nonce = Auth_OpenID_randomString($_Auth_OpenID_NONCE_LEN, $_Auth_OpenID_NONCE_CHRS); @@ -533,7 +529,7 @@ class Auth_OpenID_Consumer { $req = new Auth_OpenID_AuthRequest ($token, $server_id, $server_url, $nonce); - return array($Auth_OpenID_SUCCESS, $req); + return array(Auth_OpenID_SUCCESS, $req); } /** @@ -561,12 +557,9 @@ class Auth_OpenID_Consumer { */ function _doIdRes($token, $query) { - global $Auth_OpenID_FAILURE, $Auth_OpenID_SETUP_NEEDED, - $Auth_OpenID_SUCCESS; - $ret = $this->_splitToken($token); if ($ret === null) { - return array($Auth_OpenID_FAILURE, null); + return array(Auth_OpenID_FAILURE, null); } list($nonce, $consumer_id, $server_id, $server_url) = $ret; @@ -579,18 +572,18 @@ class Auth_OpenID_Consumer { if (($return_to === null) || ($server_id === null) || ($assoc_handle === null)) { - return array($Auth_OpenID_FAILURE, $consumer_id); + return array(Auth_OpenID_FAILURE, $consumer_id); } if ($server_id != $server_id2) { - return array($Auth_OpenID_FAILURE, $consumer_id); + return array(Auth_OpenID_FAILURE, $consumer_id); } $user_setup_url = Auth_OpenID_array_get($query, 'openid.user_setup_url', null); if ($user_setup_url !== null) { - return array($Auth_OpenID_SETUP_NEEDED, $user_setup_url); + return array(Auth_OpenID_SETUP_NEEDED, $user_setup_url); } $assoc = $this->store->getAssociation($server_url); @@ -609,21 +602,21 @@ class Auth_OpenID_Consumer { $signed = Auth_OpenID_array_get($query, 'openid.signed', null); if (($sig === null) || ($signed === null)) { - return array($Auth_OpenID_FAILURE, $consumer_id); + return array(Auth_OpenID_FAILURE, $consumer_id); } $signed_list = explode(",", $signed); $v_sig = $assoc->signDict($signed_list, $query); if ($v_sig != $sig) { - return array($Auth_OpenID_FAILURE, $consumer_id); + return array(Auth_OpenID_FAILURE, $consumer_id); } if (!$this->store->useNonce($nonce)) { - return array($Auth_OpenID_FAILURE, $consumer_id); + return array(Auth_OpenID_FAILURE, $consumer_id); } - return array($Auth_OpenID_SUCCESS, $consumer_id); + return array(Auth_OpenID_SUCCESS, $consumer_id); } /** @@ -631,11 +624,9 @@ class Auth_OpenID_Consumer { */ function _checkAuth($nonce, $query, $server_url) { - global $Auth_OpenID_FAILURE, $Auth_OpenID_SUCCESS; - $signed = Auth_OpenID_array_get($query, 'openid.signed', null); if ($signed === null) { - return $Auth_OpenID_FAILURE; + return Auth_OpenID_FAILURE; } $whitelist = array('assoc_handle', 'sig', @@ -656,7 +647,7 @@ class Auth_OpenID_Consumer { $ret = $this->fetcher->post($server_url, $post_data); if ($ret === null) { - return $Auth_OpenID_FAILURE; + return Auth_OpenID_FAILURE; } $results = Auth_OpenID_KVForm::kvToArray($ret[2]); @@ -672,10 +663,10 @@ class Auth_OpenID_Consumer { } if (!$this->store->useNonce($nonce)) { - return $Auth_OpenID_FAILURE; + return Auth_OpenID_FAILURE; } - return $Auth_OpenID_SUCCESS; + return Auth_OpenID_SUCCESS; } $error = Auth_OpenID_array_get($results, 'error', null); @@ -684,7 +675,7 @@ class Auth_OpenID_Consumer { "check_authentication: %s", $error)); } - return $Auth_OpenID_FAILURE; + return Auth_OpenID_FAILURE; } /** @@ -784,17 +775,15 @@ class Auth_OpenID_Consumer { */ function _findIdentityInfo($identity_url) { - global $Auth_OpenID_HTTP_FAILURE; - $url = Auth_OpenID_normalizeUrl($identity_url); $ret = $this->fetcher->get($url); if ($ret === null) { - return array($Auth_OpenID_HTTP_FAILURE, null); + return array(Auth_OpenID_HTTP_FAILURE, null); } list($http_code, $consumer_id, $data) = $ret; if ($http_code != 200) { - return array($Auth_OpenID_HTTP_FAILURE, $http_code); + return array(Auth_OpenID_HTTP_FAILURE, $http_code); } // This method is split in two this way to allow for @@ -807,14 +796,12 @@ class Auth_OpenID_Consumer { */ function _parseIdentityInfo($data, $consumer_id) { - global $Auth_OpenID_PARSE_ERROR, $Auth_OpenID_SUCCESS; - $link_attrs = Auth_OpenID_parseLinkAttrs($data); $server = Auth_OpenID_findFirstHref($link_attrs, 'openid.server'); $delegate = Auth_OpenID_findFirstHref($link_attrs, 'openid.delegate'); if ($server === null) { - return array($Auth_OpenID_PARSE_ERROR, null); + return array(Auth_OpenID_PARSE_ERROR, null); } if ($delegate !== null) { @@ -831,7 +818,7 @@ class Auth_OpenID_Consumer { $normalized[] = Auth_OpenID_normalizeUrl($url); } - return array($Auth_OpenID_SUCCESS, $normalized); + return array(Auth_OpenID_SUCCESS, $normalized); } /** diff --git a/Tests/Auth/OpenID/Consumer.php b/Tests/Auth/OpenID/Consumer.php index 8ae649e..bab2d6f 100644 --- a/Tests/Auth/OpenID/Consumer.php +++ b/Tests/Auth/OpenID/Consumer.php @@ -152,12 +152,11 @@ class Tests_Auth_OpenID_Consumer extends PHPUnit_TestCase { function _run(&$consumer, $user_url, $mode, $delegate_url, &$fetcher, &$store) { - global $Auth_OpenID_SUCCESS, - $_Auth_OpenID_consumer_url, + global $_Auth_OpenID_consumer_url, $_Auth_OpenID_server_url; list($status, $info) = $consumer->beginAuth($user_url); - $this->assertEquals($Auth_OpenID_SUCCESS, $status); + $this->assertEquals(Auth_OpenID_SUCCESS, $status); $return_to = $_Auth_OpenID_consumer_url; $trust_root = $_Auth_OpenID_consumer_url; @@ -205,7 +204,7 @@ class Tests_Auth_OpenID_Consumer extends PHPUnit_TestCase { list($status, $info) = $consumer->completeAuth($info->token, $query); - $this->assertEquals($Auth_OpenID_SUCCESS, $status); + $this->assertEquals(Auth_OpenID_SUCCESS, $status); $this->assertEquals($info, $user_url); } @@ -292,8 +291,7 @@ class Tests_Auth_OpenID_Consumer extends PHPUnit_TestCase { function test_bad_fetch() { - global $_Auth_OpenID_filestore_base_dir, - $Auth_OpenID_HTTP_FAILURE; + global $_Auth_OpenID_filestore_base_dir; $store = new Auth_OpenID_FileStore( Auth_OpenID_mkdtemp($_Auth_OpenID_filestore_base_dir)); @@ -311,7 +309,7 @@ class Tests_Auth_OpenID_Consumer extends PHPUnit_TestCase { list($error_code, $url) = $case; $fetcher->get_responses[$url] = array($error_code, $url, null); list($status, $info) = $consumer->beginAuth($url); - $this->assertEquals($status, $Auth_OpenID_HTTP_FAILURE); + $this->assertEquals($status, Auth_OpenID_HTTP_FAILURE); $this->assertEquals($info, $error_code); } @@ -320,8 +318,7 @@ class Tests_Auth_OpenID_Consumer extends PHPUnit_TestCase { function test_bad_parse() { - global $_Auth_OpenID_filestore_base_dir, - $Auth_OpenID_PARSE_ERROR; + global $_Auth_OpenID_filestore_base_dir; $store = new Auth_OpenID_FileStore( Auth_OpenID_mkdtemp($_Auth_OpenID_filestore_base_dir)); @@ -338,7 +335,7 @@ class Tests_Auth_OpenID_Consumer extends PHPUnit_TestCase { null, null); $consumer = new Auth_OpenID_TestConsumer($store, $fetcher); list($status, $info) = $consumer->beginAuth($user_url); - $this->assertEquals($status, $Auth_OpenID_PARSE_ERROR); + $this->assertEquals($status, Auth_OpenID_PARSE_ERROR); $this->assertNull($info); } diff --git a/examples/consumer.php b/examples/consumer.php index f78e768..3c34835 100644 --- a/examples/consumer.php +++ b/examples/consumer.php @@ -5,6 +5,8 @@ * Auth/OpenID has been installed and is in your PHP include path. */ +set_include_path(get_include_path() . ":/home/cygnus/production/"); + /** * Require the OpenID consumer code. */ @@ -301,10 +303,7 @@ function render($message = null, $css_class = null, */ function verify() { - global $consumer, $urls, $self_url, - $Auth_OpenID_HTTP_FAILURE, - $Auth_OpenID_PARSE_ERROR, - $Auth_OpenID_SUCCESS; + global $consumer, $urls, $self_url; // Render a default page if we got a submission without an // openid_url value. @@ -320,13 +319,13 @@ function verify() list($status, $info) = $consumer->beginAuth($openid_url); // Handle failure status return values. - if (in_array($status, array($Auth_OpenID_HTTP_FAILURE, $Auth_OpenID_PARSE_ERROR))) { - if ($status == $Auth_OpenID_HTTP_FAILURE) { + if (in_array($status, array(Auth_OpenID_HTTP_FAILURE, Auth_OpenID_PARSE_ERROR))) { + if ($status == Auth_OpenID_HTTP_FAILURE) { render("HTTP failure"); } else { render("HTTP Parse error"); } - } else if ($status == $Auth_OpenID_SUCCESS) { + } else if ($status == Auth_OpenID_SUCCESS) { // If we got a successful return, continue the auth by // redirecting the user agent to the OpenID server. Be sure // to give the server a URL that will cause this script's @@ -347,9 +346,7 @@ function verify() */ function process() { - global $consumer, - $Auth_OpenID_SUCCESS, - $Auth_OpenID_FAILURE; + global $consumer; // Retrieve the token from the session. $token = $_SESSION['openid_token']; @@ -367,7 +364,7 @@ function process() $openid_url = null; // React to the server's response status. - if (($status == $Auth_OpenID_FAILURE) && + if (($status == Auth_OpenID_FAILURE) && $info) { // In the case of failure, if info is non-None, it is the URL // that we were verifying. We include it in the error message @@ -375,7 +372,7 @@ function process() $openid_url = $info; $fmt = "Verification of %s failed."; $message = sprintf($fmt, $openid_url); - } else if ($status == $Auth_OpenID_SUCCESS) { + } else if ($status == Auth_OpenID_SUCCESS) { // Success means that the transaction completed without // error. If info is None, it means that the user cancelled // the verification. @@ -402,4 +399,4 @@ function process() render($message, $css_class); } -?>
\ No newline at end of file +?> |