Home Explore Help
Sign In
compsci-industry
/
TechEmpower.FrameworkBenchmarks
mirror of https://github.com/TechEmpower/FrameworkBenchmarks.git
2
0
Fork 0
Files Issues 0 Wiki
Tree: ba9702b441
Branches Tags
TechEmpower.Fra...
/
frameworks
/
PHP
/
php-fatfree
/
lib
/
web
/
openid.php

openid.php 6.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237 
  1. <?php
    2. 

  2. 

  3. /*
    4. 

  4. 	Copyright (c) 2009-2014 F3::Factory/Bong Cosca, All rights reserved.
    5. 

  5. 

  6. 	This file is part of the Fat-Free Framework (http://fatfree.sf.net).
    7. 

  7. 

  8. 	THE SOFTWARE AND DOCUMENTATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF
    9. 

  9. 	ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE
    10. 

  10. 	IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR
    11. 

  11. 	PURPOSE.
    12. 

  12. 

  13. 	Please see the license.txt file for more information.
    14. 

  14. */
    15. 

  15. 

  16. namespace Web;
    17. 

  17. 

  18. //! OpenID consumer
    19. 

  19. class OpenID extends \Magic {
    20. 

  20. 

  21. 	protected
    22. 

  22. 		//! OpenID provider endpoint URL
    23. 

  23. 		$url,
    24. 

  24. 		//! HTTP request parameters
    25. 

  25. 		$args=array();
    26. 

  26. 

  27. 	/**
    28. 

  28. 	*	Determine OpenID provider
    29. 

  29. 	*	@return string|FALSE
    30. 

  30. 	*	@param $proxy string
    31. 

  31. 	**/
    32. 

  32. 	protected function discover($proxy) {
    33. 

  33. 		// Normalize
    34. 

  34. 		if (!preg_match('/https?:\/\//i',$this->args['identity']))
    35. 

  35. 			$this->args['identity']='http://'.$this->args['identity'];
    36. 

  36. 		$url=parse_url($this->args['identity']);
    37. 

  37. 		// Remove fragment; reconnect parts
    38. 

  38. 		$this->args['identity']=$url['scheme'].'://'.
    39. 

  39. 			(isset($url['user'])?
    40. 

  40. 				($url['user'].
    41. 

  41. 				(isset($url['pass'])?(':'.$url['pass']):'').'@'):'').
    42. 

  42. 			strtolower($url['host']).(isset($url['path'])?$url['path']:'/').
    43. 

  43. 			(isset($url['query'])?('?'.$url['query']):'');
    44. 

  44. 		// HTML-based discovery of OpenID provider
    45. 

  45. 		$req=\Web::instance()->
    46. 

  46. 			request($this->args['identity'],array('proxy'=>$proxy));
    47. 

  47. 		if (!$req)
    48. 

  48. 			return FALSE;
    49. 

  49. 		$type=array_values(preg_grep('/Content-Type:/',$req['headers']));
    50. 

  50. 		if ($type &&
    51. 

  51. 			preg_match('/application\/xrds\+xml|text\/xml/',$type[0]) &&
    52. 

  52. 			($sxml=simplexml_load_string($req['body'])) &&
    53. 

  53. 			($xrds=json_decode(json_encode($sxml),TRUE)) &&
    54. 

  54. 			isset($xrds['XRD'])) {
    55. 

  55. 			// XRDS document
    56. 

  56. 			$svc=$xrds['XRD']['Service'];
    57. 

  57. 			if (isset($svc[0]))
    58. 

  58. 				$svc=$svc[0];
    59. 

  59. 			if (preg_grep('/http:\/\/specs\.openid\.net\/auth\/2.0\/'.
    60. 

  60. 					'(?:server|signon)/',$svc['Type'])) {
    61. 

  61. 				$this->args['provider']=$svc['URI'];
    62. 

  62. 				if (isset($svc['LocalID']))
    63. 

  63. 					$this->args['localidentity']=$svc['LocalID'];
    64. 

  64. 				elseif (isset($svc['CanonicalID']))
    65. 

  65. 					$this->args['localidentity']=$svc['CanonicalID'];
    66. 

  66. 			}
    67. 

  67. 			$this->args['server']=$svc['URI'];
    68. 

  68. 			if (isset($svc['Delegate']))
    69. 

  69. 				$this->args['delegate']=$svc['Delegate'];
    70. 

  70. 		}
    71. 

  71. 		else {
    72. 

  72. 			$len=strlen($req['body']);
    73. 

  73. 			$ptr=0;
    74. 

  74. 			// Parse document
    75. 

  75. 			while ($ptr<$len)
    76. 

  76. 				if (preg_match(
    77. 

  77. 					'/^<link\b((?:\h+\w+\h*=\h*'.
    78. 

  78. 					'(?:"(?:.+?)"|\'(?:.+?)\'))*)\h*\/?>/is',
    79. 

  79. 					substr($req['body'],$ptr),$parts)) {
    80. 

  80. 					if ($parts[1] &&
    81. 

  81. 						// Process attributes
    82. 

  82. 						preg_match_all('/\b(rel|href)\h*=\h*'.
    83. 

  83. 							'(?:"(.+?)"|\'(.+?)\')/s',$parts[1],$attr,
    84. 

  84. 							PREG_SET_ORDER)) {
    85. 

  85. 						$node=array();
    86. 

  86. 						foreach ($attr as $kv)
    87. 

  87. 							$node[$kv[1]]=isset($kv[2])?$kv[2]:$kv[3];
    88. 

  88. 						if (isset($node['rel']) &&
    89. 

  89. 							preg_match('/openid2?\.(\w+)/',
    90. 

  90. 								$node['rel'],$var) &&
    91. 

  91. 							isset($node['href']))
    92. 

  92. 							$this->args[$var[1]]=$node['href'];
    93. 

  93. 

  94. 					}
    95. 

  95. 					$ptr+=strlen($parts[0]);
    96. 

  96. 				}
    97. 

  97. 				else
    98. 

  98. 					$ptr++;
    99. 

  99. 		}
    100. 

  100. 		// Get OpenID provider's endpoint URL
    101. 

  101. 		if (isset($this->args['provider'])) {
    102. 

  102. 			// OpenID 2.0
    103. 

  103. 			$this->args['ns']='http://specs.openid.net/auth/2.0';
    104. 

  104. 			if (isset($this->args['localidentity']))
    105. 

  105. 				$this->args['identity']=$this->args['localidentity'];
    106. 

  106. 			if (isset($this->args['trust_root']))
    107. 

  107. 				$this->args['realm']=$this->args['trust_root'];
    108. 

  108. 		}
    109. 

  109. 		elseif (isset($this->args['server'])) {
    110. 

  110. 			// OpenID 1.1
    111. 

  111. 			$this->args['ns']='http://openid.net/signon/1.1';
    112. 

  112. 			if (isset($this->args['delegate']))
    113. 

  113. 				$this->args['identity']=$this->args['delegate'];
    114. 

  114. 		}
    115. 

  115. 		if (isset($this->args['provider'])) {
    116. 

  116. 			// OpenID 2.0
    117. 

  117. 			if (empty($this->args['claimed_id']))
    118. 

  118. 				$this->args['claimed_id']=$this->args['identity'];
    119. 

  119. 			return $this->args['provider'];
    120. 

  120. 		}
    121. 

  121. 		elseif (isset($this->args['server']))
    122. 

  122. 			// OpenID 1.1
    123. 

  123. 			return $this->args['server'];
    124. 

  124. 		else
    125. 

  125. 			return FALSE;
    126. 

  126. 	}
    127. 

  127. 

  128. 	/**
    129. 

  129. 	*	Initiate OpenID authentication sequence; Return FALSE on failure
    130. 

  130. 	*	or redirect to OpenID provider URL
    131. 

  131. 	*	@return bool
    132. 

  132. 	*	@param $proxy string
    133. 

  133. 	*	@param $attr array
    134. 

  134. 	*	@param $reqd string|array
    135. 

  135. 	**/
    136. 

  136. 	function auth($proxy=NULL,$attr=array(),array $reqd=NULL) {
    137. 

  137. 		$fw=\Base::instance();
    138. 

  138. 		$root=$fw->get('SCHEME').'://'.$fw->get('HOST');
    139. 

  139. 		if (empty($this->args['trust_root']))
    140. 

  140. 			$this->args['trust_root']=$root.$fw->get('BASE').'/';
    141. 

  141. 		if (empty($this->args['return_to']))
    142. 

  142. 			$this->args['return_to']=$root.$_SERVER['REQUEST_URI'];
    143. 

  143. 		$this->args['mode']='checkid_setup';
    144. 

  144. 		if ($this->url=$this->discover($proxy)) {
    145. 

  145. 			if ($attr) {
    146. 

  146. 				$this->args['ns.ax']='http://openid.net/srv/ax/1.0';
    147. 

  147. 				$this->args['ax.mode']='fetch_request';
    148. 

  148. 				foreach ($attr as $key=>$val)
    149. 

  149. 					$this->args['ax.type.'.$key]=$val;
    150. 

  150. 				$this->args['ax.required']=is_string($reqd)?
    151. 

  151. 					$reqd:implode(',',$reqd);
    152. 

  152. 			}
    153. 

  153. 			$var=array();
    154. 

  154. 			foreach ($this->args as $key=>$val)
    155. 

  155. 				$var['openid.'.$key]=$val;
    156. 

  156. 			$fw->reroute($this->url.'?'.http_build_query($var));
    157. 

  157. 		}
    158. 

  158. 		return FALSE;
    159. 

  159. 	}
    160. 

  160. 

  161. 	/**
    162. 

  162. 	*	Return TRUE if OpenID verification was successful
    163. 

  163. 	*	@return bool
    164. 

  164. 	*	@param $proxy string
    165. 

  165. 	**/
    166. 

  166. 	function verified($proxy=NULL) {
    167. 

  167. 		preg_match_all('/(?<=^|&)openid\.([^=]+)=([^&]+)/',
    168. 

  168. 			$_SERVER['QUERY_STRING'],$matches,PREG_SET_ORDER);
    169. 

  169. 		foreach ($matches as $match)
    170. 

  170. 			$this->args[$match[1]]=urldecode($match[2]);
    171. 

  171. 		if (isset($this->args['mode']) &&
    172. 

  172. 			$this->args['mode']!='error' &&
    173. 

  173. 			$this->url=$this->discover($proxy)) {
    174. 

  174. 			$this->args['mode']='check_authentication';
    175. 

  175. 			$var=array();
    176. 

  176. 			foreach ($this->args as $key=>$val)
    177. 

  177. 				$var['openid.'.$key]=$val;
    178. 

  178. 			$req=\Web::instance()->request(
    179. 

  179. 				$this->url,
    180. 

  180. 				array(
    181. 

  181. 					'method'=>'POST',
    182. 

  182. 					'content'=>http_build_query($var),
    183. 

  183. 					'proxy'=>$proxy
    184. 

  184. 				)
    185. 

  185. 			);
    186. 

  186. 			return (bool)preg_match('/is_valid:true/i',$req['body']);
    187. 

  187. 		}
    188. 

  188. 		return FALSE;
    189. 

  189. 	}
    190. 

  190. 

  191. 	/**
    192. 

  192. 	*	Return OpenID response fields
    193. 

  193. 	*	@return array
    194. 

  194. 	**/
    195. 

  195. 	function response() {
    196. 

  196. 		return $this->args;
    197. 

  197. 	}
    198. 

  198. 

  199. 	/**
    200. 

  200. 	*	Return TRUE if OpenID request parameter exists
    201. 

  201. 	*	@return bool
    202. 

  202. 	*	@param $key string
    203. 

  203. 	**/
    204. 

  204. 	function exists($key) {
    205. 

  205. 		return isset($this->args[$key]);
    206. 

  206. 	}
    207. 

  207. 

  208. 	/**
    209. 

  209. 	*	Bind value to OpenID request parameter
    210. 

  210. 	*	@return string
    211. 

  211. 	*	@param $key string
    212. 

  212. 	*	@param $val string
    213. 

  213. 	**/
    214. 

  214. 	function set($key,$val) {
    215. 

  215. 		return $this->args[$key]=$val;
    216. 

  216. 	}
    217. 

  217. 

  218. 	/**
    219. 

  219. 	*	Return value of OpenID request parameter
    220. 

  220. 	*	@return mixed
    221. 

  221. 	*	@param $key string
    222. 

  222. 	**/
    223. 

  223. 	function get($key) {
    224. 

  224. 		return isset($this->args[$key])?$this->args[$key]:NULL;
    225. 

  225. 	}
    226. 

  226. 

  227. 	/**
    228. 

  228. 	*	Remove OpenID request parameter
    229. 

  229. 	*	@return NULL
    230. 

  230. 	*	@param $key
    231. 

  231. 	**/
    232. 

  232. 	function clear($key) {
    233. 

  233. 		unset($this->args[$key]);
    234. 

  234. 	}
    235. 

  235. 

  236. }
    237. 

  237.