summaryrefslogtreecommitdiff
path: root/extlib/Auth/OpenID/Server.php
diff options
context:
space:
mode:
Diffstat (limited to 'extlib/Auth/OpenID/Server.php')
-rw-r--r--extlib/Auth/OpenID/Server.php95
1 files changed, 50 insertions, 45 deletions
diff --git a/extlib/Auth/OpenID/Server.php b/extlib/Auth/OpenID/Server.php
index f1db4d872..cc8ba961c 100644
--- a/extlib/Auth/OpenID/Server.php
+++ b/extlib/Auth/OpenID/Server.php
@@ -43,7 +43,7 @@
* consumers to add extensions to their requests. For example, with
* sites using the Simple Registration
* Extension
- * (http://www.openidenabled.com/openid/simple-registration-extension/),
+ * (http://openid.net/specs/openid-simple-registration-extension-1_0.html),
* a user can agree to have their nickname and e-mail address sent to
* a site when they sign up.
*
@@ -365,7 +365,7 @@ class Auth_OpenID_CheckAuthRequest extends Auth_OpenID_Request {
$this->message = null;
}
- function fromMessage($message, $server=null)
+ static function fromMessage($message, $server=null)
{
$required_keys = array('assoc_handle', 'sig', 'signed');
@@ -396,7 +396,7 @@ class Auth_OpenID_CheckAuthRequest extends Auth_OpenID_Request {
return $result;
}
- function answer(&$signatory)
+ function answer($signatory)
{
$is_valid = $signatory->verify($this->assoc_handle, $this->signed);
@@ -436,7 +436,7 @@ class Auth_OpenID_PlainTextServerSession {
var $needs_math = false;
var $allowed_assoc_types = array('HMAC-SHA1', 'HMAC-SHA256');
- function fromMessage($unused_request)
+ static function fromMessage($unused_request)
{
return new Auth_OpenID_PlainTextServerSession();
}
@@ -469,7 +469,7 @@ class Auth_OpenID_DiffieHellmanSHA1ServerSession {
$this->consumer_pubkey = $consumer_pubkey;
}
- function getDH($message)
+ static function getDH($message)
{
$dh_modulus = $message->getArg(Auth_OpenID_OPENID_NS, 'dh_modulus');
$dh_gen = $message->getArg(Auth_OpenID_OPENID_NS, 'dh_gen');
@@ -489,7 +489,7 @@ class Auth_OpenID_DiffieHellmanSHA1ServerSession {
$missing);
}
- $lib =& Auth_OpenID_getMathLib();
+ $lib = Auth_OpenID_getMathLib();
if ($dh_modulus || $dh_gen) {
$dh_modulus = $lib->base64ToLong($dh_modulus);
@@ -523,7 +523,7 @@ class Auth_OpenID_DiffieHellmanSHA1ServerSession {
return array($dh, $consumer_pubkey);
}
- function fromMessage($message)
+ static function fromMessage($message)
{
$result = Auth_OpenID_DiffieHellmanSHA1ServerSession::getDH($message);
@@ -538,7 +538,7 @@ class Auth_OpenID_DiffieHellmanSHA1ServerSession {
function answer($secret)
{
- $lib =& Auth_OpenID_getMathLib();
+ $lib = Auth_OpenID_getMathLib();
$mac_key = $this->dh->xorSecret($this->consumer_pubkey, $secret,
$this->hash_func);
return array(
@@ -560,7 +560,7 @@ class Auth_OpenID_DiffieHellmanSHA256ServerSession
var $hash_func = 'Auth_OpenID_SHA256';
var $allowed_assoc_types = array('HMAC-SHA256');
- function fromMessage($message)
+ static function fromMessage($message)
{
$result = Auth_OpenID_DiffieHellmanSHA1ServerSession::getDH($message);
@@ -582,7 +582,7 @@ class Auth_OpenID_DiffieHellmanSHA256ServerSession
class Auth_OpenID_AssociateRequest extends Auth_OpenID_Request {
var $mode = "associate";
- function getSessionClasses()
+ static function getSessionClasses()
{
return array(
'no-encryption' => 'Auth_OpenID_PlainTextServerSession',
@@ -590,14 +590,14 @@ class Auth_OpenID_AssociateRequest extends Auth_OpenID_Request {
'DH-SHA256' => 'Auth_OpenID_DiffieHellmanSHA256ServerSession');
}
- function Auth_OpenID_AssociateRequest(&$session, $assoc_type)
+ function Auth_OpenID_AssociateRequest($session, $assoc_type)
{
- $this->session =& $session;
+ $this->session = $session;
$this->namespace = Auth_OpenID_OPENID2_NS;
$this->assoc_type = $assoc_type;
}
- function fromMessage($message, $server=null)
+ static function fromMessage($message, $server=null)
{
if ($message->isOpenID1()) {
$session_type = $message->getArg(Auth_OpenID_OPENID_NS,
@@ -696,7 +696,7 @@ class Auth_OpenID_AssociateRequest extends Auth_OpenID_Request {
'session_type',
$preferred_session_type);
}
-
+ $response->code = AUTH_OPENID_HTTP_ERROR;
return $response;
}
}
@@ -734,7 +734,7 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request {
*/
var $namespace;
- function make(&$message, $identity, $return_to, $trust_root = null,
+ static function make($message, $identity, $return_to, $trust_root = null,
$immediate = false, $assoc_handle = null, $server = null)
{
if ($server === null) {
@@ -752,7 +752,7 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request {
$assoc_handle, $server);
$r->namespace = $message->getOpenIDNamespace();
- $r->message =& $message;
+ $r->message = $message;
if (!$r->trustRootValid()) {
return new Auth_OpenID_UntrustedReturnURL($message,
@@ -778,7 +778,7 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request {
}
$this->return_to = $return_to;
$this->trust_root = $trust_root;
- $this->server =& $server;
+ $this->server = $server;
if ($immediate) {
$this->immediate = true;
@@ -817,11 +817,12 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request {
*/
function returnToVerified()
{
+ $fetcher = Auth_Yadis_Yadis::getHTTPFetcher();
return call_user_func_array($this->verifyReturnTo,
- array($this->trust_root, $this->return_to));
+ array($this->trust_root, $this->return_to, $fetcher));
}
-
- function fromMessage(&$message, $server)
+
+ static function fromMessage($message, $server)
{
$mode = $message->getArg(Auth_OpenID_OPENID_NS, 'mode');
$immediate = null;
@@ -1097,7 +1098,7 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request {
in OpenID 1.x immediate mode.');
}
- $setup_request =& new Auth_OpenID_CheckIDRequest(
+ $setup_request = new Auth_OpenID_CheckIDRequest(
$this->identity,
$this->return_to,
$this->trust_root,
@@ -1183,9 +1184,9 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request {
*/
class Auth_OpenID_ServerResponse {
- function Auth_OpenID_ServerResponse(&$request)
+ function Auth_OpenID_ServerResponse($request)
{
- $this->request =& $request;
+ $this->request = $request;
$this->fields = new Auth_OpenID_Message($this->request->namespace);
}
@@ -1310,10 +1311,10 @@ class Auth_OpenID_Signatory {
/**
* Create a new signatory using a given store.
*/
- function Auth_OpenID_Signatory(&$store)
+ function Auth_OpenID_Signatory($store)
{
// assert store is not None
- $this->store =& $store;
+ $this->store = $store;
}
/**
@@ -1447,7 +1448,7 @@ class Auth_OpenID_Encoder {
* Encode an {@link Auth_OpenID_ServerResponse} and return an
* {@link Auth_OpenID_WebResponse}.
*/
- function encode(&$response)
+ function encode($response)
{
$cls = $this->responseFactory;
@@ -1463,10 +1464,14 @@ class Auth_OpenID_Encoder {
array('location' => $location));
} else if ($encode_as == Auth_OpenID_ENCODE_HTML_FORM) {
$wr = new $cls(AUTH_OPENID_HTTP_OK, array(),
- $response->toFormMarkup());
+ $response->toHTML());
} else {
return new Auth_OpenID_EncodingError($response);
}
+ /* Allow the response to carry a custom error code (ex: for Association errors) */
+ if(isset($response->code)) {
+ $wr->code = $response->code;
+ }
return $wr;
}
}
@@ -1478,16 +1483,16 @@ class Auth_OpenID_Encoder {
*/
class Auth_OpenID_SigningEncoder extends Auth_OpenID_Encoder {
- function Auth_OpenID_SigningEncoder(&$signatory)
+ function Auth_OpenID_SigningEncoder($signatory)
{
- $this->signatory =& $signatory;
+ $this->signatory = $signatory;
}
/**
* Sign an {@link Auth_OpenID_ServerResponse} and return an
* {@link Auth_OpenID_WebResponse}.
*/
- function encode(&$response)
+ function encode($response)
{
// the isinstance is a bit of a kludge... it means there isn't
// really an adapter to make the interfaces quite match.
@@ -1516,9 +1521,9 @@ class Auth_OpenID_SigningEncoder extends Auth_OpenID_Encoder {
*/
class Auth_OpenID_Decoder {
- function Auth_OpenID_Decoder(&$server)
+ function Auth_OpenID_Decoder($server)
{
- $this->server =& $server;
+ $this->server = $server;
$this->handlers = array(
'checkid_setup' => 'Auth_OpenID_CheckIDRequest',
@@ -1599,9 +1604,9 @@ class Auth_OpenID_Decoder {
* @package OpenID
*/
class Auth_OpenID_EncodingError {
- function Auth_OpenID_EncodingError(&$response)
+ function Auth_OpenID_EncodingError($response)
{
- $this->response =& $response;
+ $this->response = $response;
}
}
@@ -1674,14 +1679,14 @@ class Auth_OpenID_UntrustedReturnURL extends Auth_OpenID_ServerError {
* @package OpenID
*/
class Auth_OpenID_Server {
- function Auth_OpenID_Server(&$store, $op_endpoint=null)
+ function Auth_OpenID_Server($store, $op_endpoint=null)
{
- $this->store =& $store;
- $this->signatory =& new Auth_OpenID_Signatory($this->store);
- $this->encoder =& new Auth_OpenID_SigningEncoder($this->signatory);
- $this->decoder =& new Auth_OpenID_Decoder($this);
+ $this->store = $store;
+ $this->signatory = new Auth_OpenID_Signatory($this->store);
+ $this->encoder = new Auth_OpenID_SigningEncoder($this->signatory);
+ $this->decoder = new Auth_OpenID_Decoder($this);
$this->op_endpoint = $op_endpoint;
- $this->negotiator =& Auth_OpenID_getDefaultNegotiator();
+ $this->negotiator = Auth_OpenID_getDefaultNegotiator();
}
/**
@@ -1699,7 +1704,7 @@ class Auth_OpenID_Server {
{
if (method_exists($this, "openid_" . $request->mode)) {
$handler = array($this, "openid_" . $request->mode);
- return call_user_func($handler, $request);
+ return call_user_func($handler, &$request);
}
return null;
}
@@ -1707,7 +1712,7 @@ class Auth_OpenID_Server {
/**
* The callback for 'check_authentication' messages.
*/
- function openid_check_authentication(&$request)
+ function openid_check_authentication($request)
{
return $request->answer($this->signatory);
}
@@ -1715,7 +1720,7 @@ class Auth_OpenID_Server {
/**
* The callback for 'associate' messages.
*/
- function openid_associate(&$request)
+ function openid_associate($request)
{
$assoc_type = $request->assoc_type;
$session_type = $request->session->session_type;
@@ -1738,7 +1743,7 @@ class Auth_OpenID_Server {
* Encodes as response in the appropriate format suitable for
* sending to the user agent.
*/
- function encodeResponse(&$response)
+ function encodeResponse($response)
{
return $this->encoder->encode($response);
}
@@ -1757,4 +1762,4 @@ class Auth_OpenID_Server {
}
}
-?>
+