4 * URI normalization routines.
7 * @author JanRain, Inc. <openid@janrain.com>
8 * @copyright 2005-2008 Janrain, Inc.
9 * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
12 require_once 'Auth/Yadis/Misc.php';
14 // from appendix B of rfc 3986 (http://www.ietf.org/rfc/rfc3986.txt)
15 function Auth_OpenID_getURIPattern()
17 return '&^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\?([^#]*))?(#(.*))?&';
20 function Auth_OpenID_getAuthorityPattern()
22 return '/^([^@]*@)?([^:]*)(:.*)?/';
25 function Auth_OpenID_getEncodedPattern()
27 return '/%([0-9A-Fa-f]{2})/';
30 # gen-delims = ":" / "/" / "?" / "#" / "[" / "]" / "@"
32 # sub-delims = "!" / "$" / "&" / "'" / "(" / ")"
33 # / "*" / "+" / "," / ";" / "="
35 # unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~"
36 function Auth_OpenID_getURLIllegalCharRE()
38 return "/([^-A-Za-z0-9:\/\?#\[\]@\!\$&'\(\)\*\+,;=\._~\%])/";
41 function Auth_OpenID_getUnreserved()
43 $_unreserved = array();
44 for ($i = 0; $i < 256; $i++) {
45 $_unreserved[$i] = false;
48 for ($i = ord('A'); $i <= ord('Z'); $i++) {
49 $_unreserved[$i] = true;
52 for ($i = ord('0'); $i <= ord('9'); $i++) {
53 $_unreserved[$i] = true;
56 for ($i = ord('a'); $i <= ord('z'); $i++) {
57 $_unreserved[$i] = true;
60 $_unreserved[ord('-')] = true;
61 $_unreserved[ord('.')] = true;
62 $_unreserved[ord('_')] = true;
63 $_unreserved[ord('~')] = true;
68 function Auth_OpenID_getEscapeRE()
71 foreach (array_merge(Auth_Yadis_getUCSChars(),
72 Auth_Yadis_getIPrivateChars()) as $pair) {
74 $parts[] = sprintf("%s-%s", chr($m), chr($n));
77 return sprintf('[%s]', implode('', $parts));
80 function Auth_OpenID_pct_encoded_replace_unreserved($mo)
82 $_unreserved = Auth_OpenID_getUnreserved();
84 $i = intval($mo[1], 16);
85 if ($_unreserved[$i]) {
88 return strtoupper($mo[0]);
94 function Auth_OpenID_pct_encoded_replace($mo)
96 $code = intval($mo[1], 16);
98 // Prevent request splitting by ignoring newline and space characters
99 if($code === 0xA || $code === 0xD || $code === ord(' '))
109 function Auth_OpenID_remove_dot_segments($path)
111 $result_segments = array();
114 if (Auth_Yadis_startswith($path, '../')) {
115 $path = substr($path, 3);
116 } else if (Auth_Yadis_startswith($path, './')) {
117 $path = substr($path, 2);
118 } else if (Auth_Yadis_startswith($path, '/./')) {
119 $path = substr($path, 2);
120 } else if ($path == '/.') {
122 } else if (Auth_Yadis_startswith($path, '/../')) {
123 $path = substr($path, 3);
124 if ($result_segments) {
125 array_pop($result_segments);
127 } else if ($path == '/..') {
129 if ($result_segments) {
130 array_pop($result_segments);
132 } else if (($path == '..') ||
137 if ($path[0] == '/') {
140 $i = strpos($path, '/', $i);
144 $result_segments[] = substr($path, 0, $i);
145 $path = substr($path, $i);
149 return implode('', $result_segments);
152 function Auth_OpenID_urinorm($uri)
154 $uri_matches = array();
155 preg_match(Auth_OpenID_getURIPattern(), $uri, $uri_matches);
157 if (count($uri_matches) < 9) {
158 for ($i = count($uri_matches); $i <= 9; $i++) {
163 $illegal_matches = array();
164 preg_match(Auth_OpenID_getURLIllegalCharRE(),
165 $uri, $illegal_matches);
166 if ($illegal_matches) {
170 $scheme = $uri_matches[2];
172 $scheme = strtolower($scheme);
175 $scheme = $uri_matches[2];
176 if ($scheme === '') {
177 // No scheme specified
181 $scheme = strtolower($scheme);
182 if (!in_array($scheme, array('http', 'https'))) {
183 // Not an absolute HTTP or HTTPS URI
187 $authority = $uri_matches[4];
188 if ($authority === '') {
189 // Not an absolute URI
193 $authority_matches = array();
194 preg_match(Auth_OpenID_getAuthorityPattern(),
195 $authority, $authority_matches);
196 if (count($authority_matches) === 0) {
197 // URI does not have a valid authority
201 if (count($authority_matches) < 4) {
202 for ($i = count($authority_matches); $i <= 4; $i++) {
203 $authority_matches[] = '';
207 list($_whole, $userinfo, $host, $port) = $authority_matches;
209 if ($userinfo === null) {
213 if (strpos($host, '%') !== -1) {
214 $host = strtolower($host);
215 $host = preg_replace_callback(
216 Auth_OpenID_getEncodedPattern(),
217 'Auth_OpenID_pct_encoded_replace', $host);
219 // $host = unicode($host, 'utf-8').encode('idna');
221 $host = strtolower($host);
225 if (($port == ':') ||
226 ($scheme == 'http' && $port == ':80') ||
227 ($scheme == 'https' && $port == ':443')) {
234 $authority = $userinfo . $host . $port;
236 $path = $uri_matches[5];
237 $path = preg_replace_callback(
238 Auth_OpenID_getEncodedPattern(),
239 'Auth_OpenID_pct_encoded_replace_unreserved', $path);
241 $path = Auth_OpenID_remove_dot_segments($path);
246 $query = $uri_matches[6];
247 if ($query === null) {
251 $fragment = $uri_matches[8];
252 if ($fragment === null) {
256 return $scheme . '://' . $authority . $path . $query . $fragment;