Bug #21444 » 12455_v2.diff
| typo3/sysext/openid/lib/php-openid/Auth/Yadis/Yadis.php (Arbeitskopie) | ||
|---|---|---|
|
* Auth_Yadis_Yadis, depending on whether the discovery
|
||
|
* succeeded.
|
||
|
*/
|
||
|
function discover($uri, &$fetcher,
|
||
|
function discover($uri, $fetcher,
|
||
|
$extra_ns_map = null, $timeout = 20)
|
||
|
{
|
||
|
$result = new Auth_Yadis_DiscoveryResult($uri);
|
||
| typo3/sysext/openid/lib/php-openid/Auth/Yadis/XRIRes.php (Arbeitskopie) | ||
|---|---|---|
|
require_once 'Auth/Yadis/XRI.php';
|
||
|
class Auth_Yadis_ProxyResolver {
|
||
|
function Auth_Yadis_ProxyResolver(&$fetcher, $proxy_url = null)
|
||
|
function Auth_Yadis_ProxyResolver($fetcher, $proxy_url = null)
|
||
|
{
|
||
|
$this->fetcher =& $fetcher;
|
||
|
$this->proxy_url = $proxy_url;
|
||
| typo3/sysext/openid/lib/php-openid/Auth/Yadis/XRDS.php (Arbeitskopie) | ||
|---|---|---|
|
* Instantiate a Auth_Yadis_XRDS object. Requires an XPath
|
||
|
* instance which has been used to parse a valid XRDS document.
|
||
|
*/
|
||
|
function Auth_Yadis_XRDS(&$xmlParser, &$xrdNodes)
|
||
|
function Auth_Yadis_XRDS($xmlParser, $xrdNodes)
|
||
|
{
|
||
|
$this->parser =& $xmlParser;
|
||
|
$this->xrdNode = $xrdNodes[count($xrdNodes) - 1];
|
||
| ... | ... | |
|
$services = $this->parser->evalXPath('xrd:Service', $this->xrdNode);
|
||
|
foreach ($services as $node) {
|
||
|
$s =& new Auth_Yadis_Service();
|
||
|
$s = new Auth_Yadis_Service();
|
||
|
$s->element = $node;
|
||
|
$s->parser =& $this->parser;
|
||
| ... | ... | |
|
$matches = 0;
|
||
|
foreach ($filters as $filter) {
|
||
|
if (call_user_func_array($filter, array($service))) {
|
||
|
if (call_user_func_array($filter, array(&$service))) {
|
||
|
$matches++;
|
||
|
if ($filter_mode == SERVICES_YADIS_MATCH_ANY) {
|
||
| typo3/sysext/openid/lib/php-openid/Auth/OpenID/Consumer.php (Arbeitskopie) | ||
|---|---|---|
|
* when creating the internal consumer object. This is used for
|
||
|
* testing.
|
||
|
*/
|
||
|
function Auth_OpenID_Consumer(&$store, $session = null,
|
||
|
function Auth_OpenID_Consumer($store, $session = null,
|
||
|
$consumer_cls = null)
|
||
|
{
|
||
|
if ($session === null) {
|
||
| ... | ... | |
|
$this->session =& $session;
|
||
|
if ($consumer_cls !== null) {
|
||
|
$this->consumer =& new $consumer_cls($store);
|
||
|
$this->consumer = new $consumer_cls($store);
|
||
|
} else {
|
||
|
$this->consumer =& new Auth_OpenID_GenericConsumer($store);
|
||
|
$this->consumer = new Auth_OpenID_GenericConsumer($store);
|
||
|
}
|
||
|
$this->_token_key = $this->session_key_prefix . $this->_token_suffix;
|
||
| ... | ... | |
|
*
|
||
|
* @access private
|
||
|
*/
|
||
|
function getDiscoveryObject(&$session, $openid_url,
|
||
|
function getDiscoveryObject($session, $openid_url,
|
||
|
$session_key_prefix)
|
||
|
{
|
||
|
return new Auth_Yadis_Discovery($session, $openid_url,
|
||
| ... | ... | |
|
* in the module description. The default value is False, which
|
||
|
* disables immediate mode.
|
||
|
*/
|
||
|
function Auth_OpenID_GenericConsumer(&$store)
|
||
|
function Auth_OpenID_GenericConsumer($store)
|
||
|
{
|
||
|
$this->store =& $store;
|
||
|
$this->negotiator =& Auth_OpenID_getDefaultNegotiator();
|
||
| ... | ... | |
|
$method = Auth_OpenID::arrayGet($mode_methods, $mode,
|
||
|
'_completeInvalid');
|
||
|
return call_user_func_array(array(&$this, $method),
|
||
|
return call_user_func_array(array($this, $method),
|
||
|
array($message, $endpoint, $return_to));
|
||
|
}
|
||
|
/**
|
||
|
* @access private
|
||
|
*/
|
||
|
function _completeInvalid($message, &$endpoint, $unused)
|
||
|
function _completeInvalid($message, $endpoint, $unused)
|
||
|
{
|
||
|
$mode = $message->getArg(Auth_OpenID_OPENID_NS, 'mode',
|
||
|
'<No mode set>');
|
||
| ... | ... | |
|
/**
|
||
|
* @access private
|
||
|
*/
|
||
|
function _complete_cancel($message, &$endpoint, $unused)
|
||
|
function _complete_cancel($message, $endpoint, $unused)
|
||
|
{
|
||
|
return new Auth_OpenID_CancelResponse($endpoint);
|
||
|
}
|
||
| ... | ... | |
|
/**
|
||
|
* @access private
|
||
|
*/
|
||
|
function _complete_error($message, &$endpoint, $unused)
|
||
|
function _complete_error($message, $endpoint, $unused)
|
||
|
{
|
||
|
$error = $message->getArg(Auth_OpenID_OPENID_NS, 'error');
|
||
|
$contact = $message->getArg(Auth_OpenID_OPENID_NS, 'contact');
|
||
| ... | ... | |
|
/**
|
||
|
* @access private
|
||
|
*/
|
||
|
function _complete_setup_needed($message, &$endpoint, $unused)
|
||
|
function _complete_setup_needed($message, $endpoint, $unused)
|
||
|
{
|
||
|
if (!$message->isOpenID2()) {
|
||
|
return $this->_completeInvalid($message, $endpoint);
|
||
| ... | ... | |
|
/**
|
||
|
* @access private
|
||
|
*/
|
||
|
function _complete_id_res($message, &$endpoint, $return_to)
|
||
|
function _complete_id_res($message, $endpoint, $return_to)
|
||
|
{
|
||
|
$user_setup_url = $message->getArg(Auth_OpenID_OPENID1_NS,
|
||
|
'user_setup_url');
|
||
| ... | ... | |
|
*/
|
||
|
function _discoverAndVerify($claimed_id, $to_match_endpoints)
|
||
|
{
|
||
|
// oidutil.log('Performing discovery on %s' % (claimed_id,))
|
||
|
list($unused, $services) = call_user_func($this->discoverMethod,
|
||
|
$claimed_id,
|
||
| ... | ... | |
|
* @access private
|
||
|
*/
|
||
|
function _verifyDiscoveryServices($claimed_id,
|
||
|
&$services, &$to_match_endpoints)
|
||
|
$services, $to_match_endpoints)
|
||
|
{
|
||
|
// Search the services resulting from discovery to find one
|
||
|
// that matches the information from the assertion
|
||
| ... | ... | |
|
*
|
||
|
* @access private
|
||
|
*/
|
||
|
function _extractSupportedAssociationType(&$server_error, &$endpoint,
|
||
|
function _extractSupportedAssociationType($server_error, $endpoint,
|
||
|
$assoc_type)
|
||
|
{
|
||
|
// Any error message whose code is not 'unsupported-type'
|
||
| ... | ... | |
|
/**
|
||
|
* @access private
|
||
|
*/
|
||
|
function _extractAssociation(&$assoc_response, &$assoc_session)
|
||
|
function _extractAssociation($assoc_response, $assoc_session)
|
||
|
{
|
||
|
// Extract the common fields from the response, raising an
|
||
|
// exception if they are not found
|
||
| ... | ... | |
|
* class. Instances of this class are created by the library when
|
||
|
* needed.
|
||
|
*/
|
||
|
function Auth_OpenID_AuthRequest(&$endpoint, $assoc)
|
||
|
function Auth_OpenID_AuthRequest($endpoint, $assoc)
|
||
|
{
|
||
|
$this->assoc = $assoc;
|
||
|
$this->endpoint =& $endpoint;
|
||
| ... | ... | |
|
* $extension_request: An object that implements the extension
|
||
|
* request interface for adding arguments to an OpenID message.
|
||
|
*/
|
||
|
function addExtension(&$extension_request)
|
||
|
function addExtension($extension_request)
|
||
|
{
|
||
|
$extension_request->toMessage($this->message);
|
||
|
}
|
||
| ... | ... | |
|
}
|
||
|
}
|
||
|
?>
|
||
|
?>
|
||
| typo3/sysext/openid/lib/php-openid/Auth/OpenID/Server.php (Arbeitskopie) | ||
|---|---|---|
|
in OpenID 1.x immediate mode.');
|
||
|
}
|
||
|
$setup_request =& new Auth_OpenID_CheckIDRequest(
|
||
|
$setup_request = new Auth_OpenID_CheckIDRequest(
|
||
|
$this->identity,
|
||
|
$this->return_to,
|
||
|
$this->trust_root,
|
||
| ... | ... | |
|
function Auth_OpenID_Server(&$store, $op_endpoint=null)
|
||
|
{
|
||
|
$this->store =& $store;
|
||
|
$this->signatory =& new Auth_OpenID_Signatory($this->store);
|
||
|
$this->encoder =& new Auth_OpenID_SigningEncoder($this->signatory);
|
||
|
$this->decoder =& new Auth_OpenID_Decoder($this);
|
||
|
$this->signatory = new Auth_OpenID_Signatory($this->store);
|
||
|
$this->encoder = new Auth_OpenID_SigningEncoder($this->signatory);
|
||
|
$this->decoder = new Auth_OpenID_Decoder($this);
|
||
|
$this->op_endpoint = $op_endpoint;
|
||
|
$this->negotiator =& Auth_OpenID_getDefaultNegotiator();
|
||
|
}
|
||
| ... | ... | |
|
}
|
||
|
}
|
||
|
?>
|
||
|
?>
|
||
| typo3/sysext/openid/lib/php-openid/Auth/OpenID/AX.php (Arbeitskopie) | ||
|---|---|---|
|
* return null If an alias is present in the list of aliases but
|
||
|
* is not present in the namespace map.
|
||
|
*/
|
||
|
function Auth_OpenID_AX_toTypeURIs(&$namespace_map, $alias_list_s)
|
||
|
function Auth_OpenID_AX_toTypeURIs($namespace_map, $alias_list_s)
|
||
|
{
|
||
|
$uris = array();
|
||
| ... | ... | |
|
* @param type_uri: The URI for the attribute
|
||
|
* @param values: A list of values to send for this attribute.
|
||
|
*/
|
||
|
function setValues($type_uri, &$values)
|
||
|
function setValues($type_uri, $values)
|
||
|
{
|
||
|
$this->data[$type_uri] =& $values;
|
||
|
}
|
||
| ... | ... | |
|
*
|
||
|
* @access private
|
||
|
*/
|
||
|
function _getExtensionKVArgs(&$aliases)
|
||
|
function _getExtensionKVArgs($aliases)
|
||
|
{
|
||
|
if ($aliases === null) {
|
||
|
$aliases = new Auth_OpenID_NamespaceMap();
|
||
| ... | ... | |
|
$ax_args['update_url'] = $update_url;
|
||
|
}
|
||
|
Auth_OpenID::update(&$ax_args, $kv_args);
|
||
|
Auth_OpenID::update($ax_args, $kv_args);
|
||
|
return $ax_args;
|
||
|
}
|
||
| ... | ... | |
|
{
|
||
|
$ax_args = $this->_newArgs();
|
||
|
$kv_args = $this->_getExtensionKVArgs($aliases);
|
||
|
Auth_OpenID::update(&$ax_args, $kv_args);
|
||
|
Auth_OpenID::update($ax_args, $kv_args);
|
||
|
return $ax_args;
|
||
|
}
|
||
|
}
|
||
| typo3/sysext/openid/lib/php-openid/Auth/OpenID/BigMath.php (Arbeitskopie) | ||
|---|---|---|
|
function Auth_OpenID_detectMathLibrary($exts)
|
||
|
{
|
||
|
$loaded = false;
|
||
|
$hasDl = function_exists('dl');
|
||
|
foreach ($exts as $extension) {
|
||
|
// See if the extension specified is already loaded.
|
||
| ... | ... | |
|
}
|
||
|
// Try to load dynamic modules.
|
||
|
if (!$loaded) {
|
||
|
if (!$loaded && $hasDl) {
|
||
|
foreach ($extension['modules'] as $module) {
|
||
|
if (@dl($module . "." . PHP_SHLIB_SUFFIX)) {
|
||
|
$loaded = true;
|
||
| typo3/sysext/openid/lib/php-openid/Auth/OpenID/Association.php (Arbeitskopie) | ||
|---|---|---|
|
*
|
||
|
* @access private
|
||
|
*/
|
||
|
function _makePairs(&$message)
|
||
|
function _makePairs($message)
|
||
|
{
|
||
|
$signed = $message->getArg(Auth_OpenID_OPENID_NS, 'signed');
|
||
|
if (!$signed || Auth_OpenID::isFailure($signed)) {
|
||
| ... | ... | |
|
*
|
||
|
* @access private
|
||
|
*/
|
||
|
function getMessageSignature(&$message)
|
||
|
function getMessageSignature($message)
|
||
|
{
|
||
|
$pairs = $this->_makePairs($message);
|
||
|
return base64_encode($this->sign($pairs));
|
||
| ... | ... | |
|
*
|
||
|
* @access private
|
||
|
*/
|
||
|
function checkMessageSignature(&$message)
|
||
|
function checkMessageSignature($message)
|
||
|
{
|
||
|
$sig = $message->getArg(Auth_OpenID_OPENID_NS,
|
||
|
'sig');
|
||
| typo3/sysext/openid/lib/php-openid/Auth/OpenID/Discover.php (Arbeitskopie) | ||
|---|---|---|
|
return $local_id;
|
||
|
}
|
||
|
function filter_MatchesAnyOpenIDType(&$service)
|
||
|
function filter_MatchesAnyOpenIDType($service)
|
||
|
{
|
||
|
$uris = $service->getTypes();
|
||
| ... | ... | |
|
return $s;
|
||
|
}
|
||
|
function Auth_OpenID_discoverWithYadis($uri, &$fetcher,
|
||
|
function Auth_OpenID_discoverWithYadis($uri, $fetcher,
|
||
|
$endpoint_filter='Auth_OpenID_getOPOrUserServices',
|
||
|
$discover_function=null)
|
||
|
{
|
||
| ... | ... | |
|
$openid_services = array();
|
||
|
$response = call_user_func_array($discover_function,
|
||
|
array($uri, &$fetcher));
|
||
|
array($uri, $fetcher));
|
||
|
$yadis_url = $response->normalized_uri;
|
||
|
$yadis_services = array();
|
||
| ... | ... | |
|
}
|
||
|
$openid_services = call_user_func_array($endpoint_filter,
|
||
|
array(&$openid_services));
|
||
|
array($openid_services));
|
||
|
return array($yadis_url, $openid_services);
|
||
|
}
|
||
|
function Auth_OpenID_discoverURI($uri, &$fetcher)
|
||
|
function Auth_OpenID_discoverURI($uri, $fetcher)
|
||
|
{
|
||
|
$uri = Auth_OpenID::normalizeUrl($uri);
|
||
|
return Auth_OpenID_discoverWithYadis($uri, $fetcher);
|
||
|
}
|
||
|
function Auth_OpenID_discoverWithoutYadis($uri, &$fetcher)
|
||
|
function Auth_OpenID_discoverWithoutYadis($uri, $fetcher)
|
||
|
{
|
||
|
$http_resp = @$fetcher->get($uri);
|
||
| ... | ... | |
|
return array($identity_url, $openid_services);
|
||
|
}
|
||
|
function Auth_OpenID_discoverXRI($iname, &$fetcher)
|
||
|
function Auth_OpenID_discoverXRI($iname, $fetcher)
|
||
|
{
|
||
|
$resolver = new Auth_Yadis_ProxyResolver($fetcher);
|
||
|
list($canonicalID, $yadis_services) =
|
||
| ... | ... | |
|
return array($iname, $openid_services);
|
||
|
}
|
||
|
function Auth_OpenID_discover($uri, &$fetcher)
|
||
|
function Auth_OpenID_discover($uri, $fetcher)
|
||
|
{
|
||
|
// If the fetcher (i.e., PHP) doesn't support SSL, we can't do
|
||
|
// discovery on an HTTPS URL.
|
||
| typo3/sysext/openid/sv1/class.tx_openid_sv1.php (Arbeitskopie) | ||
|---|---|---|
|
// TODO Change this to a TYPO3-specific database-based store in future.
|
||
|
// File-based store is ineffective and insecure. After changing
|
||
|
// get rid of the FileStore include in includePHPOpenIDLibrary()
|
||
|
$openIDStorePath = PATH_site . 'typo3temp/tx_openid';
|
||
|
$openIDStorePath = PATH_site . 'typo3temp' . PATH_SEPARATOR . 'tx_openid';
|
||
|
// For now we just prevent any web access to these files
|
||
|
if (!file_exists($openIDStorePath . '/.htaccess')) {
|
||
|
file_put_contents($openIDStorePath . '/.htaccess', 'deny from all');
|
||