[project @ Fix Auth_OpenID_getAllowedReturnURLs, Auth_Yadis_DiscoveryResult::usedYadisLocation, add Auth_Yadis_getServiceEndpoints, tests]

2 files changed, 53 insertions, 6 deletions

diff --git a/Auth/OpenID/TrustRoot.php b/Auth/OpenID/TrustRoot.php
index c420709..fbe8921 100644
--- a/Auth/OpenID/TrustRoot.php
+++ b/Auth/OpenID/TrustRoot.php
@@ -396,19 +396,24 @@ function Auth_OpenID_getAllowedReturnURLs($relying_party_url, &$fetcher,
         $discover_function = array('Auth_Yadis_Yadis', 'discover');
     }
 
+    $xrds_parse_cb = array('Auth_OpenID_ServiceEndpoint', 'fromXRDS');
+
     list($rp_url_after_redirects, $endpoints) =
-      Auth_OpenID_discoverWithYadis($relying_party_url,
-                                    $fetcher,
-                                    'Auth_OpenID_extractReturnURL',
-                                    $discover_function);
+        Auth_Yadis_getServiceEndpoints($relying_party_url, $xrds_parse_cb,
+                                       $discover_function);
 
     if ($rp_url_after_redirects != $relying_party_url) {
         // Verification caused a redirect
         return false;
     }
 
+    call_user_func_array($discover_function,
+                         array($relying_party_url, $fetcher));
+
     $return_to_urls = array();
-    foreach ($endpoints as $e) {
+    $matching_endpoints = Auth_OpenID_extractReturnURL($endpoints);
+
+    foreach ($matching_endpoints as $e) {
         $return_to_urls[] = $e->server_url;
     }
 
diff --git a/Auth/Yadis/Yadis.php b/Auth/Yadis/Yadis.php
index 1345cae..371f248 100644
--- a/Auth/Yadis/Yadis.php
+++ b/Auth/Yadis/Yadis.php
@@ -105,7 +105,7 @@ class Auth_Yadis_DiscoveryResult {
     function usedYadisLocation()
     {
         // Was the Yadis protocol's indirection used?
-        return $this->normalized_uri == $this->xrds_uri;
+        return $this->normalized_uri != $this->xrds_uri;
     }
 
     function isXRDS()
@@ -117,6 +117,48 @@ class Auth_Yadis_DiscoveryResult {
 }
 
 /**
+ *
+ * Perform the Yadis protocol on the input URL and return an iterable
+ * of resulting endpoint objects.
+ *
+ * input_url: The URL on which to perform the Yadis protocol
+ *
+ * @return: The normalized identity URL and an iterable of endpoint
+ * objects generated by the filter function.
+ *
+ * xrds_parse_func: a callback which will take (uri, xrds_text) and
+ * return an array of service endpoint objects or null.  Usually
+ * array('Auth_OpenID_ServiceEndpoint', 'fromXRDS').
+ *
+ * discover_func: if not null, a callback which should take (uri) and
+ * return an Auth_Yadis_Yadis object or null.
+ */
+function Auth_Yadis_getServiceEndpoints($input_url, $xrds_parse_func,
+                                        $discover_func=null, $fetcher=null)
+{
+    if ($discover_func === null) {
+        $discover_function = array('Auth_Yadis_Yadis', 'discover');
+    }
+
+    $yadis_result = call_user_func_array($discover_func,
+                                         array($input_url, $fetcher));
+
+    if ($yadis_result === null) {
+        return array($input_url, array());
+    }
+
+    $endpoints = call_user_func_array($xrds_parse_func,
+                      array($yadis_result->normalized_uri,
+                            $yadis_result->response_text));
+
+    if ($endpoints === null) {
+        $endpoints = array();
+    }
+
+    return array($yadis_result->normalized_uri, $endpoints);
+}
+
+/**
  * This is the core of the PHP Yadis library.  This is the only class
  * a user needs to use to perform Yadis discovery.  This class
  * performs the discovery AND stores the result of the discovery.