Changeset 26555


Ignore:
Timestamp:
Jan 9, 2014, 6:11:33 PM (7 years ago)
Author:
mistic100
Message:

update Hybridauth, update guides

Location:
extensions/oAuth
Files:
11 edited

Legend:

Unmodified
Added
Removed
  • extensions/oAuth/admin/template/providers.tpl

    r20625 r26555  
    6969      <td class="keys" {if not $CONFIG[$p].enabled}style="display:none;"{/if}>
    7070        {if $provider.require_client_id}
    71           <label for="{$p}_app_id">Application ID</label>
     71          <label for="{$p}_app_id">Application/Client ID</label>
    7272          <input type="text" id="{$p}_app_id" name="providers[{$p}][keys][id]" value="{$CONFIG[$p].keys.id}">
    7373        {else}
     
    8888       
    8989      {if $p=='Google'}
    90         <li>{'On the <b>API Access</b> tab, <b>create an OAuth 2.0 Client ID</b>'|@translate}</li>
    91         <li>{'Fill out any required fields such as the application name and description'|@translate}</li>
    92         <li>{'On the <b>Create Client ID</b> popup, switch to advanced settings by clicking on <b>(more options)</b>'|@translate}</li>
     90        <li>{'On the <b>APIs & auth -> Credentials</b> tab, <b>Create new client ID</b>'|@translate}</li>
    9391      {else}
    9492        <li>{'Fill out any required fields such as the application name and description'|@translate}</li>
     
    105103        <li>{'Put your website domain in the %s fields. It should match with the current hostname: <em>%s</em>'|@translate|sprintf:'<b>Redirect Domain</b>':$SERVERNAME}</li>
    106104      {elseif $p=='Facebook'}
    107         <li>{'Set the <b>%s</b> to <em>%s</em>'|@translate|sprintf:'application type':'Website with facebook authentication'}</li>
    108         <li>{'Put your website domain in the %s fields. It should match with the current hostname: <em>%s</em>'|@translate|sprintf:'<b>Site Url</b>, <b>App Domains</b>':$SERVERNAME}</li>
     105        <li>{'Go to <b>Settings->Advanced</b> and activate <em>Client OAuth Login</em>.'|translate}</li>
     106        <li>{'Put your website domain in the %s fields. It should match with the current hostname: <em>%s</em>'|@translate|sprintf:'<b>Valid OAuth redirect URIs</b>':$SERVERNAME}</li>
    109107      {elseif $p=='LinkedIn'}
    110108        <li>{'Put your website domain in the %s fields. It should match with the current hostname: <em>%s</em>'|@translate|sprintf:'<b>Website URL</b>':$SERVERNAME}</li>
    111         <li>{'Set the <b>%s</b> to <em>%s</em>'|@translate|sprintf:'Application Type':'Web Application'}</li>
     109        <li>{'Set <b>%s</b> to <em>%s</em>'|@translate|sprintf:'Application Type':'Web Application'}</li>
     110        <li>{'Set <b>%s</b> to <em>%s</em>'|@translate|sprintf:'Default Scope':'r_basicprofile & r_emailaddress'}</li>
    112111      {elseif $p=='Yahoo'}
    113112        <li>{'Put your website domain in the %s fields. It should match with the current hostname: <em>%s</em>'|@translate|sprintf:'<b>Application URL</b>, <b>Application Domain</b>':$SERVERNAME}</li>
    114         <li>{'Set the <b>%s</b> to <em>%s</em>'|@translate|sprintf:'Kind of Application':'Web-based'}</li>
    115         <li>{'Set the <b>%s</b> to <em>%s</em>'|@translate|sprintf:'Access Scopes':'This app will only access public...'}</li>
     113        <li>{'Set <b>%s</b> to <em>%s</em>'|@translate|sprintf:'Kind of Application':'Web-based'}</li>
     114        <li>{'Set <b>%s</b> to <em>%s</em>'|@translate|sprintf:'Access Scopes':'This app will only access public...'}</li>
    116115        <li>{'Once the application is registered update the permissions : set <b>Contacts</b> as <em>Read</em> and <b>Social Directory</b> as <em>Read Public</em>'|@translate}</li>
    117116      {elseif $p=='Twitter'}
    118         <li>{'Put your website domain in the %s fields. It should match with the current hostname: <em>%s</em>'|@translate|sprintf:'<b>Application Website</b>, <b>Application Callback URL</b>':$SERVERNAME}</li>
    119         <li>{'Set the <b>%s</b> to <em>%s</em>'|@translate|sprintf:'Default Access Type':'Read only'}</li>
     117        <li>{'Put your website domain in the %s fields. It should match with the current hostname: <em>%s</em>'|@translate|sprintf:'<b>Website</b>, <b>Callback URL</b>':$SERVERNAME}</li>
    120118      {elseif $p=='Tumblr'}
    121119        <li>{'Put your website domain in the %s fields. It should match with the current hostname: <em>%s</em>'|@translate|sprintf:'<b>Application Website</b>, <b>Default Callback URL</b>':$SERVERNAME}</li>
    122120      {elseif $p=='Instagram'}
    123121        <li>{'Put your website domain in the %s fields. It should match with the current hostname: <em>%s</em>'|@translate|sprintf:'<b>Website</b>':$SERVERNAME}</li>
     122      {elseif $p=='Google'}
     123        <li>{'Set <b>%s</b> to <em>%s</em>'|@translate|sprintf:'Application Type':'Web Application'}</li>
     124        <li>{'Put your website domain in the %s fields. It should match with the current hostname: <em>%s</em>'|@translate|sprintf:'<b>Authorized Javascript origins </b>':$SERVERNAME}</li>
    124125      {/if}
    125126     
  • extensions/oAuth/include/hybridauth/Hybrid/Auth.php

    r20293 r26555  
    1515class Hybrid_Auth
    1616{
    17         public static $version = "2.1.1-dev";
     17        public static $version = "2.1.2";
    1818
    1919        public static $config  = array();
     
    250250                        $params = Hybrid_Auth::storage()->get( "hauth_session.$providerId.id_provider_params" );
    251251                       
    252                         Hybrid_Logger::debug( "Hybrid_Auth::setup( $providerId ), no params given. Trying to get the stored for this provider.", $params );
     252                        Hybrid_Logger::debug( "Hybrid_Auth::setup( $providerId ), no params given. Trying to get the sotred for this provider.", $params );
    253253                }
    254254
     
    387387
    388388                // use port if non default
    389                 $url .=
    390                         isset( $_SERVER['SERVER_PORT'] )
    391                         &&( ($protocol === 'http://' && $_SERVER['SERVER_PORT'] != 80) || ($protocol === 'https://' && $_SERVER['SERVER_PORT'] != 443) )
    392                         ? ':' . $_SERVER['SERVER_PORT']
    393                         : '';
     389                if( isset( $_SERVER['SERVER_PORT'] ) && strpos( $url, ':'.$_SERVER['SERVER_PORT'] ) === FALSE ) {
     390                        $url .= ($protocol === 'http://' && $_SERVER['SERVER_PORT'] != 80 && !isset( $_SERVER['HTTP_X_FORWARDED_PROTO']))
     391                                || ($protocol === 'https://' && $_SERVER['SERVER_PORT'] != 443 && !isset( $_SERVER['HTTP_X_FORWARDED_PROTO']))
     392                                ? ':' . $_SERVER['SERVER_PORT']
     393                                : '';
     394                }
    394395
    395396                if( $request_uri ){
  • extensions/oAuth/include/hybridauth/Hybrid/Endpoint.php

    r20293 r26555  
    198198                               
    199199                                $storage = new Hybrid_Storage();
    200        
     200
    201201                                // Check if Hybrid_Auth session already exist
    202202                                if ( ! $storage->config( "CONFIG" ) ) {
    203203                                        header( "HTTP/1.0 404 Not Found" );
    204                                         die( "You cannot access this page directly.2" );
     204                                        die( "You cannot access this page directly." );
    205205                                }
    206206
  • extensions/oAuth/include/hybridauth/Hybrid/Provider_Adapter.php

    r20293 r26555  
    140140                // move on
    141141                Hybrid_Logger::debug( "Hybrid_Provider_Adapter::login( {$this->id} ), redirect the user to login_start URL." );
    142    
     142
    143143                Hybrid_Auth::redirect( $this->params["login_start"] );
    144144        }
  • extensions/oAuth/include/hybridauth/Hybrid/Providers/Facebook.php

    r20293 r26555  
    3131                        require_once Hybrid_Auth::$config["path_libraries"] . "Facebook/facebook.php";
    3232                }
     33               
     34                if ( isset ( Hybrid_Auth::$config["proxy"] ) ) {
     35                        BaseFacebook::$CURL_OPTS[CURLOPT_PROXY] = Hybrid_Auth::$config["proxy"];
     36                }
    3337
    3438                $this->api = new Facebook( ARRAY( 'appId' => $this->config["keys"]["id"], 'secret' => $this->config["keys"]["secret"] ) );
     
    128132                $this->user->profile->firstName     = (array_key_exists('first_name',$data))?$data['first_name']:"";
    129133                $this->user->profile->lastName      = (array_key_exists('last_name',$data))?$data['last_name']:"";
    130                 $this->user->profile->photoURL      = "https://graph.facebook.com/" . $this->user->profile->identifier . "/picture?type=square";
     134                $this->user->profile->photoURL      = "https://graph.facebook.com/" . $this->user->profile->identifier . "/picture?width=150&height=150";
    131135                $this->user->profile->profileURL    = (array_key_exists('link',$data))?$data['link']:"";
    132136                $this->user->profile->webSiteURL    = (array_key_exists('website',$data))?$data['website']:"";
     
    172176                        $uc->displayName = (array_key_exists("name",$item))?$item["name"]:"";
    173177                        $uc->profileURL  = "https://www.facebook.com/profile.php?id=" . $uc->identifier;
    174                         $uc->photoURL    = "https://graph.facebook.com/" . $uc->identifier . "/picture?type=square";
     178                        $uc->photoURL    = "https://graph.facebook.com/" . $uc->identifier . "/picture?width=150&height=150";
    175179
    176180                        $contacts[] = $uc;
  • extensions/oAuth/include/hybridauth/Hybrid/Providers/Instagram.php

    r20293 r26555  
    3434
    3535                if ( $data->meta->code != 200 ){
    36                         throw new Exception( "User profile request failed! {$this->providerId} returned an invalide response.", 6 );
     36                        throw new Exception( "User profile request failed! {$this->providerId} returned an invalid response.", 6 );
    3737                }
    3838
  • extensions/oAuth/include/hybridauth/Hybrid/Providers/Twitter.php

    r20293 r26555  
    1818                parent::initialize();
    1919
    20                 // Provider api end-points
    21                 $this->api->api_base_url      = "https://api.twitter.com/1/";
     20                // Provider api end-points 
     21                $this->api->api_base_url      = "https://api.twitter.com/1.1/";
    2222                $this->api->authorize_url     = "https://api.twitter.com/oauth/authenticate";
    2323                $this->api->request_token_url = "https://api.twitter.com/oauth/request_token";
    2424                $this->api->access_token_url  = "https://api.twitter.com/oauth/access_token";
    2525
     26                if ( isset( $this->config['api_version'] ) && $this->config['api_version'] ){
     27                        $this->api->api_base_url  = "https://api.twitter.com/{$this->config['api_version']}/";
     28                }
     29 
     30                if ( isset( $this->config['authorize'] ) && $this->config['authorize'] ){
     31                        $this->api->authorize_url = "https://api.twitter.com/oauth/authorize";
     32                }
     33
    2634                $this->api->curl_auth_header  = false;
    2735        }
     36
     37        /**
     38         * begin login step
     39         */
     40        function loginBegin()
     41        {
     42                $tokens = $this->api->requestToken( $this->endpoint );
     43       
     44                // request tokens as recived from provider
     45                $this->request_tokens_raw = $tokens;
     46       
     47                // check the last HTTP status code returned
     48                if ( $this->api->http_code != 200 ){
     49                        throw new Exception( "Authentification failed! {$this->providerId} returned an error. " . $this->errorMessageByStatus( $this->api->http_code ), 5 );
     50                }
     51       
     52                if ( ! isset( $tokens["oauth_token"] ) ){
     53                        throw new Exception( "Authentification failed! {$this->providerId} returned an invalid oauth token.", 5 );
     54                }
     55       
     56                $this->token( "request_token"       , $tokens["oauth_token"] );
     57                $this->token( "request_token_secret", $tokens["oauth_token_secret"] );
     58       
     59                // redirect the user to the provider authentication url with force_login
     60                if ( isset( $this->config['force_login'] ) && $this->config['force_login'] ){
     61                        Hybrid_Auth::redirect( $this->api->authorizeUrl( $tokens, array( 'force_login' => true ) ) );
     62                }
     63
     64                // else, redirect the user to the provider authentication url
     65                Hybrid_Auth::redirect( $this->api->authorizeUrl( $tokens ) );
     66        }
    2867
    2968        /**
  • extensions/oAuth/include/hybridauth/Hybrid/Storage.php

    r20369 r26555  
    2828
    2929                if( $value ){
    30                         $_SESSION["HA::CONFIG"][$key] = serialize($value);
     30                        $_SESSION["HA::CONFIG"][$key] = serialize( $value );
    3131                }
    3232                elseif( isset( $_SESSION["HA::CONFIG"][$key] ) ){
    33                         return unserialize($_SESSION["HA::CONFIG"][$key]); 
     33                        return unserialize( $_SESSION["HA::CONFIG"][$key] ); 
    3434                }
    3535
     
    4242
    4343                if( isset( $_SESSION["HA::STORE"], $_SESSION["HA::STORE"][$key] ) ){
    44                         return unserialize($_SESSION["HA::STORE"][$key]); 
     44                        return unserialize( $_SESSION["HA::STORE"][$key] ); 
    4545                }
    4646
     
    5252                $key = strtolower( $key );
    5353
    54                 $_SESSION["HA::STORE"][$key] = serialize($value);
     54                $_SESSION["HA::STORE"][$key] = serialize( $value );
    5555        }
    5656
     
    6565
    6666                if( isset( $_SESSION["HA::STORE"], $_SESSION["HA::STORE"][$key] ) ){
    67                         unset( $_SESSION["HA::STORE"][$key] );
     67                    $f = $_SESSION['HA::STORE'];
     68                    unset($f[$key]);
     69                    $_SESSION["HA::STORE"] = $f;
    6870                }
    6971        }
     
    7476
    7577                if( isset( $_SESSION["HA::STORE"] ) && count( $_SESSION["HA::STORE"] ) ) {
    76                         foreach( $_SESSION["HA::STORE"] as $k => $v ){
     78                    $f = $_SESSION['HA::STORE'];
     79                    foreach( $f as $k => $v ){
    7780                                if( strstr( $k, $key ) ){
    78                                         unset( $_SESSION["HA::STORE"][ $k ] );
     81                                        unset( $f[ $k ] );
    7982                                }
    8083                        }
     84                        $_SESSION["HA::STORE"] = $f;
     85                       
    8186                }
    8287        }
     
    8590        {
    8691                if( isset( $_SESSION["HA::STORE"] ) ){
    87                         return $_SESSION["HA::STORE"];
     92                        return serialize( $_SESSION["HA::STORE"] );
    8893                }
    8994
     
    9398        function restoreSessionData( $sessiondata = NULL )
    9499        {
    95                 $_SESSION["HA::STORE"] = $sessiondata;
     100                $_SESSION["HA::STORE"] = unserialize( $sessiondata );
    96101        }
    97102}
  • extensions/oAuth/include/hybridauth/Hybrid/thirdparty/LinkedIn/LinkedIn.php

    r20293 r26555  
    124124        const _URL_AUTH                    = 'https://www.linkedin.com/uas/oauth/authenticate?oauth_token=';
    125125        // const _URL_REQUEST                 = 'https://api.linkedin.com/uas/oauth/requestToken';
    126         const _URL_REQUEST                 = 'https://api.linkedin.com/uas/oauth/requestToken?scope=r_basicprofile+r_emailaddress';
     126        const _URL_REQUEST                 = 'https://api.linkedin.com/uas/oauth/requestToken?scope=r_basicprofile+r_emailaddress+rw_nus';
    127127        const _URL_REVOKE                  = 'https://api.linkedin.com/uas/oauth/invalidateToken';
    128128       
  • extensions/oAuth/include/hybridauth/Hybrid/thirdparty/OpenID/LightOpenID.php

    r20293 r26555  
    11<?php
    2 // http://gitorious.org/lightopenid
    3 // updated 29/12/2012
     2// https://github.com/iignatov/LightOpenID
    43
    54/**
    6  * This class provides a simple interface for OpenID (1.1 and 2.0) authentication.
    7  * Supports Yadis discovery.
    8  * The authentication process is stateless/dumb.
     5 * This class provides a simple interface for OpenID 1.1/2.0 authentication.
     6 *
     7 * It requires PHP >= 5.1.2 with cURL or HTTP/HTTPS stream wrappers enabled.
    98 *
    10  * Usage:
    11  * Sign-on with OpenID is a two step process:
    12  * Step one is authentication with the provider:
    13  * <code>
    14  * $openid = new LightOpenID('my-host.example.org');
    15  * $openid->identity = 'ID supplied by user';
    16  * header('Location: ' . $openid->authUrl());
    17  * </code>
    18  * The provider then sends various parameters via GET, one of them is openid_mode.
    19  * Step two is verification:
    20  * <code>
    21  * $openid = new LightOpenID('my-host.example.org');
    22  * if ($openid->mode) {
    23  *     echo $openid->validate() ? 'Logged in.' : 'Failed';
    24  * }
    25  * </code>
    26  *
    27  * Change the 'my-host.example.org' to your domain name. Do NOT use $_SERVER['HTTP_HOST']
    28  * for that, unless you know what you are doing.
    29  *
    30  * Optionally, you can set $returnUrl and $realm (or $trustRoot, which is an alias).
    31  * The default values for those are:
    32  * $openid->realm     = (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'];
    33  * $openid->returnUrl = $openid->realm . $_SERVER['REQUEST_URI'];
    34  * If you don't know their meaning, refer to any openid tutorial, or specification. Or just guess.
    35  *
    36  * AX and SREG extensions are supported.
    37  * To use them, specify $openid->required and/or $openid->optional before calling $openid->authUrl().
    38  * These are arrays, with values being AX schema paths (the 'path' part of the URL).
    39  * For example:
    40  *   $openid->required = array('namePerson/friendly', 'contact/email');
    41  *   $openid->optional = array('namePerson/first');
    42  * If the server supports only SREG or OpenID 1.1, these are automaticaly
    43  * mapped to SREG names, so that user doesn't have to know anything about the server.
    44  *
    45  * To get the values, use $openid->getAttributes().
    46  *
    47  *
    48  * The library requires PHP >= 5.1.2 with curl or http/https stream wrappers enabled.
     9 * @version v1.1.2 2013-01-15
     10 * @link http://gitorious.org/lightopenid Official Repo
     11 * @link http://github.com/iignatov/LightOpenID GitHub Clone
    4912 * @author Mewp
    5013 * @copyright Copyright (c) 2010, Mewp
    51  * @license http://www.opensource.org/licenses/mit-license.php MIT
     14 * @license http://www.opensource.org/licenses/mit-license.php MIT License
    5215 */
    5316class LightOpenID
     
    5922         , $capath = null
    6023         , $cainfo = null
    61          , $data;
     24         , $data
     25         , $oauth = array();
    6226    private $identity, $claimed_id;
    6327    protected $server, $version, $trustRoot, $aliases, $identifier_select = false
    64             , $ax = false, $sreg = false, $setup_url = null, $headers = array();
     28            , $ax = false, $sreg = false, $setup_url = null, $headers = array(), $proxy = null
     29            , $xrds_override_pattern = null, $xrds_override_replacement = null;
    6530    static protected $ax_to_sreg = array(
    6631        'namePerson/friendly'     => 'nickname',
     
    7540        );
    7641
    77     function __construct($host)
     42    function __construct($host, $proxy = null)
    7843    {
    7944        $this->trustRoot = (strpos($host, '://') ? $host : 'http://' . $host);
     
    8853            $this->trustRoot = substr($this->trustRoot, 0, $host_end);
    8954        }
     55       
     56        $this->set_proxy($proxy);
    9057
    9158        $uri = rtrim(preg_replace('#((?<=\?)|&)openid\.[^&]+#', '', $_SERVER['REQUEST_URI']), '?');
     
    11885        case 'realm':
    11986            $this->trustRoot = trim($value);
     87            break;
     88        case 'xrdsOverride':
     89            if (is_array($value)) {
     90                list($pattern, $replacement) = $value;
     91                $this->xrds_override_pattern = $pattern;
     92                $this->xrds_override_replacement = $replacement;
     93            } else {
     94                trigger_error('Invalid value specified for "xrdsOverride".', E_USER_ERROR);
     95            }
     96            break;
    12097        }
    12198    }
     
    136113        }
    137114    }
     115   
     116    function set_proxy($proxy)
     117    {
     118        if (!empty($proxy)) {
     119            // When the proxy is a string - try to parse it.
     120            if (!is_array($proxy)) {
     121                $proxy = parse_url($proxy);
     122            }
     123           
     124            // Check if $proxy is valid after the parsing.
     125            if ($proxy && !empty($proxy['host'])) {
     126                // Make sure that a valid port number is specified.
     127                if (array_key_exists('port', $proxy)) {
     128                    if (!is_int($proxy['port'])) {
     129                        $proxy['port'] = is_numeric($proxy['port']) ? intval($proxy['port']) : 0;
     130                    }
     131                   
     132                    if ($proxy['port'] <= 0) {
     133                        throw new ErrorException('The specified proxy port number is invalid.');
     134                    }
     135                }
     136               
     137                $this->proxy = $proxy;
     138            }
     139        }
     140    }
    138141
    139142    /**
     
    167170        curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
    168171        curl_setopt($curl, CURLOPT_HTTPHEADER, array('Accept: application/xrds+xml, */*'));
     172       
     173        if (!empty($this->proxy)) {
     174            curl_setopt($curl, CURLOPT_PROXY, $this->proxy['host']);
     175           
     176            if (!empty($this->proxy['port'])) {
     177                curl_setopt($curl, CURLOPT_PROXYPORT, $this->proxy['port']);
     178            }
     179           
     180            if (!empty($this->proxy['user'])) {
     181                curl_setopt($curl, CURLOPT_PROXYUSERPWD, $this->proxy['user'] . ':' . $this->proxy['pass']);           
     182            }
     183        }
    169184
    170185        if($this->verify_peer !== null) {
     
    285300            );
    286301            $url = $url . ($params ? '?' . $params : '');
     302            if (!empty($this->proxy)) {
     303                $opts['http']['proxy'] = $this->proxy_url();
     304            }
    287305            break;
    288306        case 'POST':
     
    297315                ),
    298316            );
     317            if (!empty($this->proxy)) {
     318                $opts['http']['proxy'] = $this->proxy_url();
     319            }
    299320            break;
    300321        case 'HEAD':
    301             # We want to send a HEAD request,
    302             # but since get_headers doesn't accept $context parameter,
    303             # we have to change the defaults.
     322            // We want to send a HEAD request, but since get_headers() doesn't
     323            // accept $context parameter, we have to change the defaults.
    304324            $default = stream_context_get_options(stream_context_get_default());
    305             stream_context_get_default(
    306                 array(
    307                     'http' => array(
    308                         'method' => 'HEAD',
    309                         'header' => 'Accept: application/xrds+xml, */*',
    310                         'ignore_errors' => true,
    311                     ), 'ssl' => array(
    312                         'CN_match' => parse_url($url, PHP_URL_HOST),
    313                     ),
     325           
     326            // PHP does not reset all options. Instead, it just sets the options
     327            // available in the passed array, therefore set the defaults manually.
     328            $default += array(
     329                'http' => array(),
     330                'ssl' => array()
     331            );
     332            $default['http'] += array(
     333                'method' => 'GET',
     334                'header' => '',
     335                'ignore_errors' => false
     336            );
     337            $default['ssl'] += array(
     338                'CN_match' => ''
     339            );
     340           
     341            $opts = array(
     342                'http' => array(
     343                    'method' => 'HEAD',
     344                    'header' => 'Accept: application/xrds+xml, */*',
     345                    'ignore_errors' => true,
     346                ),
     347                'ssl' => array(
     348                    'CN_match' => parse_url($url, PHP_URL_HOST)
    314349                )
    315350            );
    316 
    317             $url = $url . ($params ? '?' . $params : '');
    318             $headers = get_headers ($url);
    319             if(!$headers) {
    320                 return array();
    321             }
    322 
    323             if(intval(substr($headers[0], strlen('HTTP/1.1 '))) == 405) {
    324                 # The server doesn't support HEAD, so let's emulate it with
    325                 # a GET.
    326                 $args = func_get_args();
    327                 $args[1] = 'GET';
    328                 call_user_func_array(array($this, 'request_streams'), $args);
    329                 return $this->headers;
    330             }
    331 
    332             $headers = $this->parse_header_array($headers, $update_claimed_id);
    333 
    334             # And restore them.
     351           
     352            // Enable validation of the SSL certificates.
     353            if ($this->verify_peer) {
     354                $default['ssl'] += array(
     355                    'verify_peer' => false,
     356                    'capath' => '',
     357                    'cafile' => ''
     358                );
     359                $opts['ssl'] += array(
     360                    'verify_peer' => true,
     361                    'capath' => $this->capath,
     362                    'cafile' => $this->cainfo
     363                );
     364            }
     365           
     366            // Change the stream context options.
     367            stream_context_get_default($opts);
     368           
     369            $headers = get_headers($url . ($params ? '?' . $params : ''));
     370           
     371            // Restore the stream context options.
    335372            stream_context_get_default($default);
     373           
     374            if (!empty($headers)) {
     375                if (intval(substr($headers[0], strlen('HTTP/1.1 '))) == 405) {
     376                    // The server doesn't support HEAD - emulate it with a GET.
     377                    $args = func_get_args();
     378                    $args[1] = 'GET';
     379                    call_user_func_array(array($this, 'request_streams'), $args);
     380                    $headers = $this->headers;
     381                } else {
     382                    $headers = $this->parse_header_array($headers, $update_claimed_id);
     383                }
     384            } else {
     385                $headers = array();
     386            }
     387           
    336388            return $headers;
    337389        }
    338390
    339         if($this->verify_peer) {
     391        if ($this->verify_peer) {
    340392            $opts['ssl'] += array(
    341393                'verify_peer' => true,
    342394                'capath'      => $this->capath,
    343                 'cafile'      => $this->cainfo,
     395                'cafile'      => $this->cainfo
    344396            );
    345397        }
     
    364416        }
    365417        return $this->request_streams($url, $method, $params, $update_claimed_id);
     418    }
     419   
     420    protected function proxy_url()
     421    {
     422        $result = '';
     423       
     424        if (!empty($this->proxy)) {
     425            $result = $this->proxy['host'];
     426           
     427            if (!empty($this->proxy['port'])) {
     428                $result = $result . ':' . $this->proxy['port'];
     429            }
     430           
     431            if (!empty($this->proxy['user'])) {
     432                $result = $this->proxy['user'] . ':' . $this->proxy['pass'] . '@' . $result;
     433            }
     434           
     435            $result = 'http://' . $result;
     436        }
     437       
     438        return $result;
    366439    }
    367440
     
    419492        # A flag to disable yadis discovery in case of failure in headers.
    420493        $yadis = true;
     494       
     495        # Allows optional regex replacement of the URL, e.g. to use Google Apps
     496        # as an OpenID provider without setting up XRDS on the domain hosting.
     497        if (!is_null($this->xrds_override_pattern) && !is_null($this->xrds_override_replacement)) {
     498            $url = preg_replace($this->xrds_override_pattern, $this->xrds_override_replacement, $url);
     499        }
    421500
    422501        # We'll jump a maximum of 5 times, to avoid endless redirections.
     
    639718            'openid.realm'       => $this->trustRoot,
    640719        );
     720       
    641721        if ($this->ax) {
    642722            $params += $this->axParams();
    643723        }
     724       
    644725        if ($this->sreg) {
    645726            $params += $this->sregParams();
    646727        }
     728       
    647729        if (!$this->ax && !$this->sreg) {
    648730            # If OP doesn't advertise either SREG, nor AX, let's send them both
    649731            # in worst case we don't get anything in return.
    650732            $params += $this->axParams() + $this->sregParams();
     733        }
     734
     735        if (!empty($this->oauth) && is_array($this->oauth)) {
     736            $params['openid.ns.oauth'] = 'http://specs.openid.net/extensions/oauth/1.0';
     737            $params['openid.oauth.consumer'] = str_replace(array('http://', 'https://'), '', $this->trustRoot);
     738            $params['openid.oauth.scope'] = implode(' ', $this->oauth);
    651739        }
    652740
     
    749837    protected function getAxAttributes()
    750838    {
    751         $alias = null;
    752         if (isset($this->data['openid_ns_ax'])
    753             && $this->data['openid_ns_ax'] != 'http://openid.net/srv/ax/1.0'
    754         ) { # It's the most likely case, so we'll check it before
    755             $alias = 'ax';
     839        $result = array();
     840       
     841        if ($alias = $this->getNamespaceAlias('http://openid.net/srv/ax/1.0', 'ax')) {
     842            $prefix = 'openid_' . $alias;
     843            $length = strlen('http://axschema.org/');
     844           
     845            foreach (explode(',', $this->data['openid_signed']) as $key) {
     846                $keyMatch = $alias . '.type.';
     847               
     848                if (strncmp($key, $keyMatch, strlen($keyMatch)) !== 0) {
     849                    continue;
     850                }
     851               
     852                $key = substr($key, strlen($keyMatch));
     853                $idv = $prefix . '_value_' . $key;
     854                $idc = $prefix . '_count_' . $key;
     855                $key = substr($this->getItem($prefix . '_type_' . $key), $length);
     856               
     857                if (!empty($key)) {
     858                    if (($count = intval($this->getItem($idc))) > 0) {
     859                        $value = array();
     860                       
     861                        for ($i = 1; $i <= $count; $i++) {
     862                            $value[] = $this->getItem($idv . '_' . $i);
     863                        }
     864                       
     865                        $value = ($count == 1) ? reset($value) : $value;
     866                    } else {
     867                        $value = $this->getItem($idv);
     868                    }
     869                   
     870                    if (!is_null($value)) {
     871                        $result[$key] = $value;
     872                    }
     873                }
     874            }
    756875        } else {
    757             # 'ax' prefix is either undefined, or points to another extension,
    758             # so we search for another prefix
    759             foreach ($this->data as $key => $val) {
    760                 if (substr($key, 0, strlen('openid_ns_')) == 'openid_ns_'
    761                     && $val == 'http://openid.net/srv/ax/1.0'
    762                 ) {
    763                     $alias = substr($key, strlen('openid_ns_'));
    764                     break;
    765                 }
    766             }
    767         }
    768         if (!$alias) {
    769             # An alias for AX schema has not been found,
    770             # so there is no AX data in the OP's response
    771             return array();
    772         }
    773 
    774         $attributes = array();
    775         foreach (explode(',', $this->data['openid_signed']) as $key) {
    776             $keyMatch = $alias . '.value.';
    777             if (substr($key, 0, strlen($keyMatch)) != $keyMatch) {
    778                 continue;
    779             }
    780             $key = substr($key, strlen($keyMatch));
    781             if (!isset($this->data['openid_' . $alias . '_type_' . $key])) {
    782                 # OP is breaking the spec by returning a field without
    783                 # associated ns. This shouldn't happen, but it's better
    784                 # to check, than cause an E_NOTICE.
    785                 continue;
    786             }
    787             $value = $this->data['openid_' . $alias . '_value_' . $key];
    788             $key = substr($this->data['openid_' . $alias . '_type_' . $key],
    789                           strlen('http://axschema.org/'));
    790 
    791             $attributes[$key] = $value;
    792         }
    793         return $attributes;
     876            // No alias for the AX schema has been found,
     877            // so there is no AX data in the OP's response.
     878        }
     879       
     880        return $result;
    794881    }
    795882
     
    800887        foreach (explode(',', $this->data['openid_signed']) as $key) {
    801888            $keyMatch = 'sreg.';
    802             if (substr($key, 0, strlen($keyMatch)) != $keyMatch) {
     889            if (strncmp($key, $keyMatch, strlen($keyMatch)) !== 0) {
    803890                continue;
    804891            }
     
    832919        return $this->getSregAttributes();
    833920    }
     921
     922    /**
     923     * Gets an OAuth request token if the OpenID+OAuth hybrid protocol has been used.
     924     *
     925     * In order to use the OpenID+OAuth hybrid protocol, you need to add at least one
     926     * scope to the $openid->oauth array before you get the call to getAuthUrl(), e.g.:
     927     * $openid->oauth[] = 'https://www.googleapis.com/auth/plus.me';
     928     *
     929     * Furthermore the registered consumer name must fit the OpenID realm.
     930     * To register an OpenID consumer at Google use: https://www.google.com/accounts/ManageDomains
     931     *
     932     * @return string|bool OAuth request token on success, FALSE if no token was provided.
     933     */
     934    function getOAuthRequestToken()
     935    {
     936        $alias = $this->getNamespaceAlias('http://specs.openid.net/extensions/oauth/1.0');
     937       
     938        return !empty($alias) ? $this->data['openid_' . $alias . '_request_token'] : false;
     939    }
     940   
     941    /**
     942     * Gets the alias for the specified namespace, if it's present.
     943     *
     944     * @param string $namespace The namespace for which an alias is needed.
     945     * @param string $hint Common alias of this namespace, used for optimization.
     946     * @return string|null The namespace alias if found, otherwise - NULL.
     947     */
     948    private function getNamespaceAlias($namespace, $hint = null)
     949    {
     950        $result = null;
     951       
     952        if (empty($hint) || $this->getItem('openid_ns_' . $hint) != $namespace) {
     953            // The common alias is either undefined or points to
     954            // some other extension - search for another alias..
     955            $prefix = 'openid_ns_';
     956            $length = strlen($prefix);
     957           
     958            foreach ($this->data as $key => $val) {
     959                if (strncmp($key, $prefix, $length) === 0 && $val === $namespace) {
     960                    $result = trim(substr($key, $length));
     961                    break;
     962                }
     963            }
     964        } else {
     965            $result = $hint;
     966        }
     967       
     968        return $result;
     969    }
     970   
     971    /**
     972     * Gets an item from the $data array by the specified id.
     973     *
     974     * @param string $id The id of the desired item.
     975     * @return string|null The item if found, otherwise - NULL.
     976     */
     977    private function getItem($id)
     978    {
     979        return isset($this->data[$id]) ? $this->data[$id] : null;
     980    }
    834981}
  • extensions/oAuth/include/providers_stats.inc.php

    r23808 r26555  
    1515    'callback'          => true,
    1616    'require_client_id' => true,
    17     'new_app_link'      => 'https://code.google.com/apis/console',
     17    'new_app_link'      => 'https://cloud.google.com/console/project',
    1818    'scope'             => 'https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email',
    1919  ),
     
    4444    'provider_name'     => 'Windows Live',
    4545    'require_client_id' => true,
    46     'new_app_link'      => 'https://manage.dev.live.com/ApplicationOverview.aspx',
     46    'new_app_link'      => 'https://account.live.com/developers/applications/index',
    4747  ),
    4848  'Yahoo' => array(
Note: See TracChangeset for help on using the changeset viewer.