* identity check.
*
* LIBRARY DESIGN
- *
+ *
* This consumer library is designed with that flow in mind. The goal
* is to make it as easy as possible to perform the above steps
* securely.
$loader->fromSession($endpoint_data);
$message = Auth_OpenID_Message::fromPostArgs($query);
- $response = $this->consumer->complete($message, $endpoint,
+ $response = $this->consumer->complete($message, $endpoint,
$current_url);
$this->session->del($this->_token_key);
$this->store = $store;
$this->negotiator = Auth_OpenID_getDefaultNegotiator();
$this->_use_assocs = (is_null($this->store) ? false : true);
+ if (get_class($this->store) == "Auth_OpenID_DumbStore") {
+ $this->_use_assocs = false;
+ }
$this->fetcher = Auth_Yadis_Yadis::getHTTPFetcher();
'_completeInvalid');
return call_user_func_array(array($this, $method),
- array($message, &$endpoint, $return_to));
+ array($message, $endpoint, $return_to));
}
/**
list($unused, $services) = call_user_func_array($this->discoverMethod,
array(
$claimed_id,
- &$this->fetcher,
+ $this->fetcher,
));
if (!$services) {
/**
* @access private
*/
- function _verifyDiscoveryServices($claimed_id,
+ function _verifyDiscoveryServices($claimed_id,
$services, $to_match_endpoints)
{
// Search the services resulting from discovery to find one
foreach ($services as $endpoint) {
foreach ($to_match_endpoints as $to_match_endpoint) {
- $result = $this->_verifyDiscoverySingle($endpoint,
+ $result = $this->_verifyDiscoverySingle($endpoint,
$to_match_endpoint);
if (!Auth_OpenID::isFailure($result)) {
}
}
$ca_message = $message->copy();
- $ca_message->setArg(Auth_OpenID_OPENID_NS, 'mode',
+ $ca_message->setArg(Auth_OpenID_OPENID_NS, 'mode',
'check_authentication');
return $ca_message;
}
$expires_in = Auth_OpenID::intval($expires_in_str);
if ($expires_in === false) {
-
+
$err = sprintf("Could not parse expires_in from association ".
"response %s", print_r($assoc_response, true));
return new Auth_OpenID_FailureResponse(null, $err);
function htmlMarkup($realm, $return_to=null, $immediate=false,
$form_tag_attrs=null)
{
- $form = $this->formMarkup($realm, $return_to, $immediate,
+ $form = $this->formMarkup($realm, $return_to, $immediate,
$form_tag_attrs);
if (Auth_OpenID::isFailure($form)) {
}
if ($handle = opendir($dir)) {
- while ($item = readdir($handle)) {
+ while (false !== ($item = readdir($handle))) {
if (!in_array($item, array('.', '..'))) {
if (is_dir($dir . $item)) {
// no handle given, receiving the latest issued
$serverKey = $this->associationServerKey($server_url);
- $lastKey = $this->redis->lpop($serverKey);
- if (!$lastKey) { return null; }
+ $lastKey = $this->redis->lindex($serverKey, -1);
+ if (!$lastKey) {
+ // no previous association with this server
+ return null;
+ }
// get association, return null if failed
return $this->getAssociationFromServer($lastKey);
// SETNX will set the value only of the key doesn't exist yet.
$nonceKey = $this->nonceKey($server_url, $salt);
- $added = $this->predis->setnx($nonceKey);
+ $added = $this->redis->setnx($nonceKey, "1");
if ($added) {
// Will set expiration
- $this->predis->expire($nonceKey, $Auth_OpenID_SKEW);
+ $this->redis->expire($nonceKey, $Auth_OpenID_SKEW);
return true;
} else {
return false;
if ($parts['host'] == 'localhost') {
return true;
}
-
+
$host_parts = explode('.', $parts['host']);
if ($parts['wildcard']) {
// Remove the empty string from the beginning of the array
}
call_user_func_array($discover_function,
- array($relying_party_url, &$fetcher));
+ array($relying_party_url, $fetcher));
$return_to_urls = array();
$matching_endpoints = Auth_OpenID_extractReturnURL($endpoints);
list($yadis_url, $services) = call_user_func_array($discover_cb,
array(
$this->url,
- &$fetcher,
+ $fetcher,
));
$manager = $this->createManager($services, $yadis_url);
$this->reset();
$c = curl_init();
+ if (defined('Auth_OpenID_DISABLE_SSL_VERIFYPEER')
+ && Auth_OpenID_DISABLE_SSL_VERIFYPEER === true) {
+ trigger_error(
+ 'You have disabled SSL verifcation, this is a TERRIBLE ' .
+ 'idea in almost all cases. Set Auth_OpenID_DISABLE_SSL_' .
+ 'VERIFYPEER to false if you want to be safe again',
+ E_USER_WARNING);
+ curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
+ }
if ($c === false) {
Auth_OpenID::log(
$this->_entity_replacements));
}
- /**
- * Replace HTML entities (amp, lt, gt, and quot) as well as
- * numeric entities (e.g. #x9f;) with their actual values and
- * return the new string.
- *
- * @access private
- * @param string $str The string in which to look for entities
- * @return string $new_str The new string entities decoded
- */
- function replaceEntities($str)
- {
- foreach ($this->_entity_replacements as $old => $new) {
- $str = preg_replace(sprintf("/&%s;/", $old), $new, $str);
- }
-
- // Replace numeric entities because html_entity_decode doesn't
- // do it for us.
- $str = preg_replace('~&#x([0-9a-f]+);~ei', 'chr(hexdec("\\1"))', $str);
- $str = preg_replace('~&#([0-9]+);~e', 'chr(\\1)', $str);
-
- return $str;
- }
-
/**
* Strip single and double quotes off of a string, if they are
* present.
$link_attrs = array();
foreach ($attr_matches[0] as $index => $full_match) {
$name = $attr_matches[1][$index];
- $value = $this->replaceEntities(
+ $value = html_entity_decode(
$this->removeQuotes($attr_matches[2][$index]));
$link_attrs[strtolower($name)] = $value;
return false;
}
+ if (isset($this->doc->doctype)) {
+ return false;
+ }
+
$this->xpath = new DOMXPath($this->doc);
if ($this->xpath) {
function Auth_Yadis_getXMLParser()
{
global $__Auth_Yadis_defaultParser;
-
+
if (isset($__Auth_Yadis_defaultParser)) {
return $__Auth_Yadis_defaultParser;
}
-
+
foreach(Auth_Yadis_getSupportedExtensions() as $extension => $classname)
{
if (extension_loaded($extension))
return $p;
}
}
-
+
return false;
}
foreach ($filters as $filter) {
- if (call_user_func_array($filter, array(&$service))) {
+ if (call_user_func_array($filter, array($service))) {
$matches++;
if ($filter_mode == SERVICES_YADIS_MATCH_ANY) {
}
$yadis_result = call_user_func_array($discover_func,
- array($input_url, &$fetcher));
+ array($input_url, $fetcher));
if ($yadis_result === null) {
return array($input_url, array());
projects / quix0rs-gnu-social.git / commitdiff