[project @ Encode indirect OpenID 2 responses as POSTs when length exceeds OpenID 1 limit]

author: tailor <cygnus@janrain.com> 2007-09-20 21:41:35 +0000
committer: tailor <cygnus@janrain.com> 2007-09-20 21:41:35 +0000
commit: 907ee6c24137b2100e704d91b4bd4b65c68b823f (patch)
tree: 60e0448efb0218553d6f39dc335723fde7a266ad /Auth
parent: 1269040606f48bdae7cc3a2b0a31f27102a77b45 (diff)
download: php-openid-907ee6c24137b2100e704d91b4bd4b65c68b823f.zip
php-openid-907ee6c24137b2100e704d91b4bd4b65c68b823f.tar.gz
php-openid-907ee6c24137b2100e704d91b4bd4b65c68b823f.tar.bz2
2 files changed, 67 insertions, 17 deletions
diff --git a/Auth/OpenID/Message.php b/Auth/OpenID/Message.php
index 95d1103..6bfc5f8 100644
--- a/Auth/OpenID/Message.php
+++ b/Auth/OpenID/Message.php
@@ -42,6 +42,10 @@ define('Auth_OpenID_BARE_NS', 'Bare namespace');
 // return null instead of returning a default.
 define('Auth_OpenID_NO_DEFAULT', 'NO DEFAULT ALLOWED');
 
+// Limit, in bytes, of identity provider and return_to URLs, including
+// response payload.  See OpenID 1.1 specification, Appendix D.
+define('Auth_OpenID_OPENID1_URL_LIMIT', 2047);
+
 // All OpenID protocol fields.  Used to check namespace aliases.
 global $Auth_OpenID_OPENID_PROTOCOL_FIELDS;
 $Auth_OpenID_OPENID_PROTOCOL_FIELDS = array(
diff --git a/Auth/OpenID/Server.php b/Auth/OpenID/Server.php
index 58501cc..bd2619a 100644
--- a/Auth/OpenID/Server.php
+++ b/Auth/OpenID/Server.php
@@ -127,6 +127,11 @@ define(Auth_OpenID_ENCODE_URL, 'URL/redirect');
 /**
  * @access private
  */
+define(Auth_OpenID_ENCODE_HTML_FORM, 'HTML form');
+
+/**
+ * @access private
+ */
 function Auth_OpenID_isError($obj, $cls = 'Auth_OpenID_ServerError')
 {
     return is_a($obj, $cls);
@@ -152,18 +157,24 @@ class Auth_OpenID_ServerError {
         $this->reference = $reference;
     }
 
+    function getReturnTo()
+    {
+        if ($this->message &&
+            $this->message->hasKey(Auth_OpenID_OPENID_NS, 'return_to')) {
+            return $this->message->getArg(Auth_OpenID_OPENID_NS,
+                                          'return_to');
+        } else {
+            return false;
+        }
+    }
+
     /**
      * Returns the return_to URL for the request which caused this
      * error.
      */
     function hasReturnTo()
     {
-        if ($this->message) {
-            return $this->message->hasKey(Auth_OpenID_OPENID_NS,
-                                          'return_to');
-        } else {
-            return false;
-        }
+        return $this->getReturnTo() !== false;
     }
 
     /**
@@ -177,15 +188,7 @@ class Auth_OpenID_ServerError {
             return null;
         }
 
-        $return_to = $this->message->getArg(Auth_OpenID_OPENID_NS,
-                                            'return_to');
-        if (!$return_to) {
-            return null;
-        }
-
-        return Auth_OpenID::appendArgs($return_to,
-                            array('openid.mode' => 'error',
-                                  'openid.error' => $this->toString()));
+        return $this->toMessage()->toURL($this->getReturnTo());
     }
 
     /**
@@ -201,6 +204,11 @@ class Auth_OpenID_ServerError {
                                             'error' => $this->toString()));
     }
 
+    function toFormMarkup()
+    {
+        return $this->toMessage()->toFormMarkup($this->getReturnTo());
+    }
+
     function toMessage()
     {
         // Generate a Message object for sending to the relying party,
@@ -232,7 +240,13 @@ class Auth_OpenID_ServerError {
         global $_Auth_OpenID_Request_Modes;
 
         if ($this->hasReturnTo()) {
-            return Auth_OpenID_ENCODE_URL;
+            if ($this->message->isOpenID2() &&
+                (strlen($this->encodeToURL()) >
+                   Auth_OpenID_OPENID1_URL_LIMIT)) {
+                return Auth_OpenID_ENCODE_HTML_FORM;
+            } else {
+                return Auth_OpenID_ENCODE_URL;
+            }
         }
 
         if (!$this->message) {
@@ -1135,12 +1149,41 @@ class Auth_OpenID_ServerResponse {
       global $_Auth_OpenID_Request_Modes;
 
         if (in_array($this->request->mode, $_Auth_OpenID_Request_Modes)) {
-            return Auth_OpenID_ENCODE_URL;
+            if ($this->fields->isOpenID2() &&
+                (strlen($this->encodeToURL()) >
+                   Auth_OpenID_OPENID1_URL_LIMIT)) {
+                return Auth_OpenID_ENCODE_HTML_FORM;
+            } else {
+                return Auth_OpenID_ENCODE_URL;
+            }
         } else {
             return Auth_OpenID_ENCODE_KVFORM;
         }
     }
 
+    /*
+     * Returns the form markup for this response.
+     *
+     * @return str
+     */
+    function toFormMarkup()
+    {
+        return $this->fields->toFormMarkup(
+                 $this->fields->getArg(Auth_OpenID_OPENID_NS, 'return_to'));
+    }
+
+    /*
+     * Returns True if this response's encoding is ENCODE_HTML_FORM.
+     * Convenience method for server authors.
+     *
+     * @return bool
+     */
+    function renderAsForm()
+    {
+        return $this->whichEncoding() == Auth_OpenID_ENCODE_HTML_FORM;
+    }
+
+
     function encodeToURL()
     {
         return $this->fields->toURL($this->request->return_to);
@@ -1364,6 +1407,9 @@ class Auth_OpenID_Encoder {
             $location = $response->encodeToURL();
             $wr = new $cls(AUTH_OPENID_HTTP_REDIRECT,
                            array('location' => $location));
+        } else if ($encode_as == Auth_OpenID_ENCODE_HTML_FORM) {
+          $wr = new $cls(AUTH_OPENID_HTTP_OK, array(),
+                         $response->toFormMarkup());
         } else {
             return new Auth_OpenID_EncodingError($response);
         }
author	tailor <cygnus@janrain.com>	2007-09-20 21:41:35 +0000
committer	tailor <cygnus@janrain.com>	2007-09-20 21:41:35 +0000
commit	907ee6c24137b2100e704d91b4bd4b65c68b823f (patch)
tree	60e0448efb0218553d6f39dc335723fde7a266ad /Auth
parent	1269040606f48bdae7cc3a2b0a31f27102a77b45 (diff)
download	php-openid-907ee6c24137b2100e704d91b4bd4b65c68b823f.zip php-openid-907ee6c24137b2100e704d91b4bd4b65c68b823f.tar.gz php-openid-907ee6c24137b2100e704d91b4bd4b65c68b823f.tar.bz2