[project @ Added Auth_OpenID::getQuery, removed Auth_OpenID::fixArgs, consumer now calls getQuery]

author: tailor <cygnus@janrain.com> 2007-03-31 00:37:12 +0000
committer: tailor <cygnus@janrain.com> 2007-03-31 00:37:12 +0000
commit: da6798b4e38e171cd84657052ac6658c6686f6d9 (patch)
tree: 68c14420c80d8427f10c04883d61e38e0b55d393
parent: 4c38681d6c2f790f58780a3914763ea9e5107289 (diff)
download: php-openid-da6798b4e38e171cd84657052ac6658c6686f6d9.zip
php-openid-da6798b4e38e171cd84657052ac6658c6686f6d9.tar.gz
php-openid-da6798b4e38e171cd84657052ac6658c6686f6d9.tar.bz2
3 files changed, 44 insertions, 48 deletions
diff --git a/Auth/OpenID.php b/Auth/OpenID.php
index ae35880..eeb540a 100644
--- a/Auth/OpenID.php
+++ b/Auth/OpenID.php
@@ -109,16 +109,6 @@ if (Auth_OpenID_getMathLib() === null) {
 class Auth_OpenID {
 
     /**
-     * These namespaces are automatically fixed in query arguments by
-     * Auth_OpenID::fixArgs.
-     */
-    function getOpenIDNamespaces()
-    {
-        return array('openid',
-                     'sreg');
-    }
-
-    /**
      * Return true if $thing is an Auth_OpenID_FailureResponse object;
      * false if not.
      */
@@ -128,31 +118,45 @@ class Auth_OpenID {
     }
 
     /**
-     * Rename query arguments back to 'openid.' from 'openid_'
+     * Gets the query data from the server environment based on the
+     * request method used.  If GET was used, this looks at
+     * $_SERVER['QUERY_STRING'] directly.  If POST was used, this
+     * fetches data from the special php://input file stream.
      *
-     * @access private
-     * @param array $args An associative array of URL query arguments
+     * Returns an associative array of the query arguments.
+     *
+     * Skips invalid key/value pairs (i.e. keys with no '=value'
+     * portion).
+     *
+     * Returns an empty array if neither GET nor POST was used.
      */
-    function fixArgs($args)
+    function getQuery($query_str=null)
     {
-        foreach (array_keys($args) as $key) {
-            $fixed = $key;
-            if (preg_match('/^openid/', $key)) {
-                foreach (Auth_OpenID::getOpenIDNamespaces() as $ns) {
-                    if (preg_match('/'.$ns.'_/', $key)) {
-                        $fixed = preg_replace('/'.$ns.'_/', $ns.'.', $fixed);
-                    }
-                }
+        if ($query_str !== null) {
+            $str = $query_str;
+        } else if ($_SERVER['REQUEST_METHOD'] == 'GET') {
+            $str = $_SERVER['QUERY_STRING'];
+        } else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+            $str = file_get_contents('php://input');
+        } else {
+            return array();
+        }
 
-                if ($fixed != $key) {
-                    $val = $args[$key];
-                    unset($args[$key]);
-                    $args[$fixed] = $val;
-                }
+        $chunks = explode("&", $str);
+
+        $data = array();
+        foreach ($chunks as $chunk) {
+            $parts = explode("=", $chunk, 2);
+
+            if (count($parts) != 2) {
+                continue;
             }
+
+            list($k, $v) = $parts;
+            $data[$k] = urldecode($v);
         }
 
-        return $args;
+        return $data;
     }
 
     /**
diff --git a/Auth/OpenID/Consumer.php b/Auth/OpenID/Consumer.php
index 7a9fb28..95818c6 100644
--- a/Auth/OpenID/Consumer.php
+++ b/Auth/OpenID/Consumer.php
@@ -379,9 +379,11 @@ class Auth_OpenID_Consumer {
      * indicated by the status attribute, which will be one of
      * SUCCESS, CANCEL, FAILURE, or SETUP_NEEDED.
      */
-    function complete($query)
+    function complete($query=null)
     {
-        $query = Auth_OpenID::fixArgs($query);
+        if ($query === null) {
+            $query = Auth_OpenID::getQuery();
+        }
 
         $loader = new Auth_OpenID_ServiceEndpointLoader();
         $endpoint_data = $this->session->get($this->_token_key);
diff --git a/Tests/Auth/OpenID/Server.php b/Tests/Auth/OpenID/Server.php
index 7c37d2d..41cfcab 100644
--- a/Tests/Auth/OpenID/Server.php
+++ b/Tests/Auth/OpenID/Server.php
@@ -84,9 +84,7 @@ class Tests_Auth_OpenID_Test_ServerError extends PHPUnit_TestCase {
         }
 
         list($rt_base, $_result_args) = explode("?", $e->encodeToURL(), 2);
-        $result_args = array();
-        parse_str($_result_args, $result_args);
-        $result_args = Auth_OpenID::fixArgs($result_args);
+        $result_args = Auth_OpenID::getQuery($_result_args);
 
         $this->assertEquals($result_args, $expected_args);
     }
@@ -713,9 +711,7 @@ class Tests_Auth_OpenID_SigningEncode extends PHPUnit_TestCase {
 
         $location = $webresponse->headers['location'];
         $parsed = parse_url($location);
-        $query = array();
-        parse_str($parsed['query'], $query);
-        $query = Auth_OpenID::fixArgs($query);
+        $query = Auth_OpenID::getQuery($parsed['query']);
 
         $this->assertTrue(array_key_exists('openid.sig', $query));
         $this->assertTrue(array_key_exists('openid.assoc_handle', $query));
@@ -730,9 +726,8 @@ class Tests_Auth_OpenID_SigningEncode extends PHPUnit_TestCase {
 
         $location = $webresponse->headers['location'];
         $parsed = parse_url($location);
-        $query = array();
-        parse_str($parsed['query'], $query);
-        $query = Auth_OpenID::fixArgs($query);
+        $query = Auth_OpenID::getQuery($parsed['query']);
+
         $this->assertTrue(array_key_exists('openid.sig', $query));
         $this->assertTrue(array_key_exists('openid.assoc_handle', $query));
         $this->assertTrue(array_key_exists('openid.signed', $query));
@@ -764,9 +759,8 @@ class Tests_Auth_OpenID_SigningEncode extends PHPUnit_TestCase {
         $this->assertTrue(array_key_exists('location', $webresponse->headers));
         $location = $webresponse->headers['location'];
         $parsed = parse_url($location);
-        $query = array();
-        parse_str($parsed['query'], $query);
-        $query = Auth_OpenID::fixArgs($query);
+        $query = Auth_OpenID::getQuery($parsed['query']);
+
         $this->assertFalse(array_key_exists('openid.sig', $query));
     }
 
@@ -1041,9 +1035,7 @@ class Tests_Auth_OpenID_CheckID extends PHPUnit_TestCase {
 
         // How to check?  How about a round-trip test.
         list($base, $result_args) = explode("?", $result, 2);
-        $args = array();
-        parse_str($result_args, $args);
-        $args = Auth_OpenID::fixArgs($args);
+        $args = Auth_OpenID::getQuery($result_args);
         $message = Auth_OpenID_Message::fromPostArgs($args);
 
         $rebuilt_request = Auth_OpenID_CheckIDRequest::fromMessage($message,
@@ -1106,9 +1098,7 @@ class Tests_Auth_OpenID_CheckID extends PHPUnit_TestCase {
         $url = $this->request->getCancelURL();
 
         $parsed = parse_url($url);
-        $query = array();
-        parse_str($parsed['query'], $query);
-        $query = Auth_OpenID::fixArgs($query);
+        $query = Auth_OpenID::getQuery($parsed['query']);
 
 	$this->assertEquals(array('openid.mode' => 'cancel',
 				  'openid.ns' => Auth_OpenID_OPENID2_NS),
author	tailor <cygnus@janrain.com>	2007-03-31 00:37:12 +0000
committer	tailor <cygnus@janrain.com>	2007-03-31 00:37:12 +0000
commit	da6798b4e38e171cd84657052ac6658c6686f6d9 (patch)
tree	68c14420c80d8427f10c04883d61e38e0b55d393
parent	4c38681d6c2f790f58780a3914763ea9e5107289 (diff)
download	php-openid-da6798b4e38e171cd84657052ac6658c6686f6d9.zip php-openid-da6798b4e38e171cd84657052ac6658c6686f6d9.tar.gz php-openid-da6798b4e38e171cd84657052ac6658c6686f6d9.tar.bz2