Auth/OpenID/HTTPFetcher.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170

<?php
/**
 * This module contains the HTTP fetcher interface
 *
 * PHP versions 4 and 5
 *
 * LICENSE: See the COPYING file included in this distribution.
 *
 * @package OpenID
 * @author JanRain, Inc. <openid@janrain.com>
 * @copyright 2005 Janrain, Inc.
 * @license http://www.gnu.org/copyleft/lesser.html LGPL
 */

/**
 * Require the parser and OpenID util functions.
 */
require_once "Auth/OpenID/Parse.php";
require_once "Auth/OpenID.php";

/**
 * An HTTP response descriptor returned by all fetcher methods.
 *
 * @package OpenID
 */
class Auth_OpenID_HTTPResponse {
    function Auth_OpenID_HTTPResponse($final_url = null, $status = null,
                                      $headers = null, $body = null)
    {
        $this->final_url = $final_url;
        $this->status = $status;
        $this->headers = $headers;
        $this->body = $body;
    }
}

/**
 * This is the status code beginAuth returns when it is unable to
 * fetch the OpenID URL the user entered.
 */
define('Auth_OpenID_HTTP_FAILURE', 'http failure');

/**
 * The maximum allowed timeout for fetcher operations.
 */
define('Auth_OpenID_FETCHER_TIMEOUT', 20);

/**
 * This class is the interface for HTTP fetchers the OpenID consumer
 * library uses.  This interface is only important if you need to
 * write a new fetcher for some reason.
 *
 * @access private
 * @package OpenID
 */
class Auth_OpenID_HTTPFetcher {

    /**
     * Allowed socket timeout in seconds.
     */
    var $timeout = Auth_OpenID_FETCHER_TIMEOUT;

    /**
     * Return whether a URL should be allowed. Override this method to
     * conform to your local policy.
     *
     * By default, will attempt to fetch any http or https URL.
     */
    function allowedURL($url)
    {
        return $this->URLHasAllowedScheme($url);
    }

    /**
     * Is this an http or https URL?
     *
     * @access private
     */
    function URLHasAllowedScheme($url)
    {
        return (bool)preg_match('/^https?:\/\//i', $url);
    }

    /**
     * @access private
     */
    function _findRedirect($headers)
    {
        foreach ($headers as $line) {
            if (strpos($line, "Location: ") === 0) {
                $parts = explode(" ", $line, 2);
                return $parts[1];
            }
        }
        return null;
    }

    /**
     * This performs an HTTP get, following redirects along the way.
     *
     * @return array $tuple This returns a three-tuple on success.
     * The first value is the http return code. The second value is
     * the final url that was fetched, after following any redirects.
     * The third value is the data that was retrieved from the site.
     * If the fetch didn't succeed, return null.
    */
    function get($url)
    {
        trigger_error("not implemented", E_USER_ERROR);
    }

    /**
     * This performs an HTTP post.  If it makes sense, it will follow
     * redirects along the way.
     *
     * @return array $tuple This returns a three-tuple on success.
     * The first value is the http return code. The second value is
     * the final url that was fetched, after following any redirects.
     * The third value is the data that was retrieved from the site.
     * If the fetch didn't succeed, return null.
     */
    function post($url, $body)
    {
        trigger_error("not implemented", E_USER_ERROR);
    }

    /**
     * Retrieve the given URL and return the identity information
     * contained therein. That is, perform OpenID discovery.
     *
     * @param string $identity_url The URL that the user entered
     *
     * @return array list($status, $info) The information parsed from
     * the page or an error. If the status is {@link Auth_OpenID_SUCCESS},
     * the information returned is array($consumer_id, $server_id,
     * $server_url). The $server_url is the OpenID server's URL. The
     * consumer ID is the identifier by which the user should be known
     * to the consumer. The server ID is the identifier by which the
     * user should be known to the server.
     */
    function findIdentityInfo($identity_url)
    {
        $url = Auth_OpenID::normalizeURL($identity_url);
        $ret = @$this->get($url);
        if ($ret === null) {
            return array(Auth_OpenID_HTTP_FAILURE, null);
        }

        list($http_code, $consumer_id, $data) = $ret;
        if ($http_code != 200) {
            return array(Auth_OpenID_HTTP_FAILURE, $http_code);
        }

        $parser = new Auth_OpenID_Parse();

        $link_attrs = $parser->parseLinkAttrs($data);
        $server = $parser->findFirstHref($link_attrs, 'openid.server');
        $delegate = $parser->findFirstHref($link_attrs, 'openid.delegate');

        if ($server === null) {
            return array(Auth_OpenID_PARSE_ERROR, null);
        } else {
            $server_id = $delegate ? $delegate : $consumer_id;
            $urls = array($consumer_id, $server_id, $server);
            return array(Auth_OpenID_SUCCESS, $urls);
        }
    }
}

?>