diff options
Diffstat (limited to 'extlib/Auth/OpenID/Server.php')
-rw-r--r-- | extlib/Auth/OpenID/Server.php | 95 |
1 files changed, 50 insertions, 45 deletions
diff --git a/extlib/Auth/OpenID/Server.php b/extlib/Auth/OpenID/Server.php index f1db4d872..cc8ba961c 100644 --- a/extlib/Auth/OpenID/Server.php +++ b/extlib/Auth/OpenID/Server.php @@ -43,7 +43,7 @@ * consumers to add extensions to their requests. For example, with * sites using the Simple Registration * Extension - * (http://www.openidenabled.com/openid/simple-registration-extension/), + * (http://openid.net/specs/openid-simple-registration-extension-1_0.html), * a user can agree to have their nickname and e-mail address sent to * a site when they sign up. * @@ -365,7 +365,7 @@ class Auth_OpenID_CheckAuthRequest extends Auth_OpenID_Request { $this->message = null; } - function fromMessage($message, $server=null) + static function fromMessage($message, $server=null) { $required_keys = array('assoc_handle', 'sig', 'signed'); @@ -396,7 +396,7 @@ class Auth_OpenID_CheckAuthRequest extends Auth_OpenID_Request { return $result; } - function answer(&$signatory) + function answer($signatory) { $is_valid = $signatory->verify($this->assoc_handle, $this->signed); @@ -436,7 +436,7 @@ class Auth_OpenID_PlainTextServerSession { var $needs_math = false; var $allowed_assoc_types = array('HMAC-SHA1', 'HMAC-SHA256'); - function fromMessage($unused_request) + static function fromMessage($unused_request) { return new Auth_OpenID_PlainTextServerSession(); } @@ -469,7 +469,7 @@ class Auth_OpenID_DiffieHellmanSHA1ServerSession { $this->consumer_pubkey = $consumer_pubkey; } - function getDH($message) + static function getDH($message) { $dh_modulus = $message->getArg(Auth_OpenID_OPENID_NS, 'dh_modulus'); $dh_gen = $message->getArg(Auth_OpenID_OPENID_NS, 'dh_gen'); @@ -489,7 +489,7 @@ class Auth_OpenID_DiffieHellmanSHA1ServerSession { $missing); } - $lib =& Auth_OpenID_getMathLib(); + $lib = Auth_OpenID_getMathLib(); if ($dh_modulus || $dh_gen) { $dh_modulus = $lib->base64ToLong($dh_modulus); @@ -523,7 +523,7 @@ class Auth_OpenID_DiffieHellmanSHA1ServerSession { return array($dh, $consumer_pubkey); } - function fromMessage($message) + static function fromMessage($message) { $result = Auth_OpenID_DiffieHellmanSHA1ServerSession::getDH($message); @@ -538,7 +538,7 @@ class Auth_OpenID_DiffieHellmanSHA1ServerSession { function answer($secret) { - $lib =& Auth_OpenID_getMathLib(); + $lib = Auth_OpenID_getMathLib(); $mac_key = $this->dh->xorSecret($this->consumer_pubkey, $secret, $this->hash_func); return array( @@ -560,7 +560,7 @@ class Auth_OpenID_DiffieHellmanSHA256ServerSession var $hash_func = 'Auth_OpenID_SHA256'; var $allowed_assoc_types = array('HMAC-SHA256'); - function fromMessage($message) + static function fromMessage($message) { $result = Auth_OpenID_DiffieHellmanSHA1ServerSession::getDH($message); @@ -582,7 +582,7 @@ class Auth_OpenID_DiffieHellmanSHA256ServerSession class Auth_OpenID_AssociateRequest extends Auth_OpenID_Request { var $mode = "associate"; - function getSessionClasses() + static function getSessionClasses() { return array( 'no-encryption' => 'Auth_OpenID_PlainTextServerSession', @@ -590,14 +590,14 @@ class Auth_OpenID_AssociateRequest extends Auth_OpenID_Request { 'DH-SHA256' => 'Auth_OpenID_DiffieHellmanSHA256ServerSession'); } - function Auth_OpenID_AssociateRequest(&$session, $assoc_type) + function Auth_OpenID_AssociateRequest($session, $assoc_type) { - $this->session =& $session; + $this->session = $session; $this->namespace = Auth_OpenID_OPENID2_NS; $this->assoc_type = $assoc_type; } - function fromMessage($message, $server=null) + static function fromMessage($message, $server=null) { if ($message->isOpenID1()) { $session_type = $message->getArg(Auth_OpenID_OPENID_NS, @@ -696,7 +696,7 @@ class Auth_OpenID_AssociateRequest extends Auth_OpenID_Request { 'session_type', $preferred_session_type); } - + $response->code = AUTH_OPENID_HTTP_ERROR; return $response; } } @@ -734,7 +734,7 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request { */ var $namespace; - function make(&$message, $identity, $return_to, $trust_root = null, + static function make($message, $identity, $return_to, $trust_root = null, $immediate = false, $assoc_handle = null, $server = null) { if ($server === null) { @@ -752,7 +752,7 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request { $assoc_handle, $server); $r->namespace = $message->getOpenIDNamespace(); - $r->message =& $message; + $r->message = $message; if (!$r->trustRootValid()) { return new Auth_OpenID_UntrustedReturnURL($message, @@ -778,7 +778,7 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request { } $this->return_to = $return_to; $this->trust_root = $trust_root; - $this->server =& $server; + $this->server = $server; if ($immediate) { $this->immediate = true; @@ -817,11 +817,12 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request { */ function returnToVerified() { + $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); return call_user_func_array($this->verifyReturnTo, - array($this->trust_root, $this->return_to)); + array($this->trust_root, $this->return_to, $fetcher)); } - - function fromMessage(&$message, $server) + + static function fromMessage($message, $server) { $mode = $message->getArg(Auth_OpenID_OPENID_NS, 'mode'); $immediate = null; @@ -1097,7 +1098,7 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request { in OpenID 1.x immediate mode.'); } - $setup_request =& new Auth_OpenID_CheckIDRequest( + $setup_request = new Auth_OpenID_CheckIDRequest( $this->identity, $this->return_to, $this->trust_root, @@ -1183,9 +1184,9 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request { */ class Auth_OpenID_ServerResponse { - function Auth_OpenID_ServerResponse(&$request) + function Auth_OpenID_ServerResponse($request) { - $this->request =& $request; + $this->request = $request; $this->fields = new Auth_OpenID_Message($this->request->namespace); } @@ -1310,10 +1311,10 @@ class Auth_OpenID_Signatory { /** * Create a new signatory using a given store. */ - function Auth_OpenID_Signatory(&$store) + function Auth_OpenID_Signatory($store) { // assert store is not None - $this->store =& $store; + $this->store = $store; } /** @@ -1447,7 +1448,7 @@ class Auth_OpenID_Encoder { * Encode an {@link Auth_OpenID_ServerResponse} and return an * {@link Auth_OpenID_WebResponse}. */ - function encode(&$response) + function encode($response) { $cls = $this->responseFactory; @@ -1463,10 +1464,14 @@ class Auth_OpenID_Encoder { array('location' => $location)); } else if ($encode_as == Auth_OpenID_ENCODE_HTML_FORM) { $wr = new $cls(AUTH_OPENID_HTTP_OK, array(), - $response->toFormMarkup()); + $response->toHTML()); } else { return new Auth_OpenID_EncodingError($response); } + /* Allow the response to carry a custom error code (ex: for Association errors) */ + if(isset($response->code)) { + $wr->code = $response->code; + } return $wr; } } @@ -1478,16 +1483,16 @@ class Auth_OpenID_Encoder { */ class Auth_OpenID_SigningEncoder extends Auth_OpenID_Encoder { - function Auth_OpenID_SigningEncoder(&$signatory) + function Auth_OpenID_SigningEncoder($signatory) { - $this->signatory =& $signatory; + $this->signatory = $signatory; } /** * Sign an {@link Auth_OpenID_ServerResponse} and return an * {@link Auth_OpenID_WebResponse}. */ - function encode(&$response) + function encode($response) { // the isinstance is a bit of a kludge... it means there isn't // really an adapter to make the interfaces quite match. @@ -1516,9 +1521,9 @@ class Auth_OpenID_SigningEncoder extends Auth_OpenID_Encoder { */ class Auth_OpenID_Decoder { - function Auth_OpenID_Decoder(&$server) + function Auth_OpenID_Decoder($server) { - $this->server =& $server; + $this->server = $server; $this->handlers = array( 'checkid_setup' => 'Auth_OpenID_CheckIDRequest', @@ -1599,9 +1604,9 @@ class Auth_OpenID_Decoder { * @package OpenID */ class Auth_OpenID_EncodingError { - function Auth_OpenID_EncodingError(&$response) + function Auth_OpenID_EncodingError($response) { - $this->response =& $response; + $this->response = $response; } } @@ -1674,14 +1679,14 @@ class Auth_OpenID_UntrustedReturnURL extends Auth_OpenID_ServerError { * @package OpenID */ class Auth_OpenID_Server { - function Auth_OpenID_Server(&$store, $op_endpoint=null) + function Auth_OpenID_Server($store, $op_endpoint=null) { - $this->store =& $store; - $this->signatory =& new Auth_OpenID_Signatory($this->store); - $this->encoder =& new Auth_OpenID_SigningEncoder($this->signatory); - $this->decoder =& new Auth_OpenID_Decoder($this); + $this->store = $store; + $this->signatory = new Auth_OpenID_Signatory($this->store); + $this->encoder = new Auth_OpenID_SigningEncoder($this->signatory); + $this->decoder = new Auth_OpenID_Decoder($this); $this->op_endpoint = $op_endpoint; - $this->negotiator =& Auth_OpenID_getDefaultNegotiator(); + $this->negotiator = Auth_OpenID_getDefaultNegotiator(); } /** @@ -1699,7 +1704,7 @@ class Auth_OpenID_Server { { if (method_exists($this, "openid_" . $request->mode)) { $handler = array($this, "openid_" . $request->mode); - return call_user_func($handler, $request); + return call_user_func($handler, &$request); } return null; } @@ -1707,7 +1712,7 @@ class Auth_OpenID_Server { /** * The callback for 'check_authentication' messages. */ - function openid_check_authentication(&$request) + function openid_check_authentication($request) { return $request->answer($this->signatory); } @@ -1715,7 +1720,7 @@ class Auth_OpenID_Server { /** * The callback for 'associate' messages. */ - function openid_associate(&$request) + function openid_associate($request) { $assoc_type = $request->assoc_type; $session_type = $request->session->session_type; @@ -1738,7 +1743,7 @@ class Auth_OpenID_Server { * Encodes as response in the appropriate format suitable for * sending to the user agent. */ - function encodeResponse(&$response) + function encodeResponse($response) { return $this->encoder->encode($response); } @@ -1757,4 +1762,4 @@ class Auth_OpenID_Server { } } -?> + |