* @copyright 2005-2008 Janrain, Inc. * @license http://www.apache.org/licenses/LICENSE-2.0 Apache */ require_once 'Auth/Yadis/Misc.php'; // from appendix B of rfc 3986 (http://www.ietf.org/rfc/rfc3986.txt) function Auth_OpenID_getURIPattern() { return '&^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\?([^#]*))?(#(.*))?&'; } function Auth_OpenID_getAuthorityPattern() { return '/^([^@]*@)?([^:]*)(:.*)?/'; } function Auth_OpenID_getEncodedPattern() { return '/%([0-9A-Fa-f]{2})/'; } # gen-delims = ":" / "/" / "?" / "#" / "[" / "]" / "@" # # sub-delims = "!" / "$" / "&" / "'" / "(" / ")" # / "*" / "+" / "," / ";" / "=" # # unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~" function Auth_OpenID_getURLIllegalCharRE() { return "/([^-A-Za-z0-9:\/\?#\[\]@\!\$&'\(\)\*\+,;=\._~\%])/"; } function Auth_OpenID_getUnreserved() { $_unreserved = array(); for ($i = 0; $i < 256; $i++) { $_unreserved[$i] = false; } for ($i = ord('A'); $i <= ord('Z'); $i++) { $_unreserved[$i] = true; } for ($i = ord('0'); $i <= ord('9'); $i++) { $_unreserved[$i] = true; } for ($i = ord('a'); $i <= ord('z'); $i++) { $_unreserved[$i] = true; } $_unreserved[ord('-')] = true; $_unreserved[ord('.')] = true; $_unreserved[ord('_')] = true; $_unreserved[ord('~')] = true; return $_unreserved; } function Auth_OpenID_getEscapeRE() { $parts = array(); foreach (array_merge(Auth_Yadis_getUCSChars(), Auth_Yadis_getIPrivateChars()) as $pair) { list($m, $n) = $pair; $parts[] = sprintf("%s-%s", chr($m), chr($n)); } return sprintf('[%s]', implode('', $parts)); } function Auth_OpenID_pct_encoded_replace_unreserved($mo) { $_unreserved = Auth_OpenID_getUnreserved(); $i = intval($mo[1], 16); if ($_unreserved[$i]) { return chr($i); } return strtoupper($mo[0]); } function Auth_OpenID_pct_encoded_replace($mo) { $code = intval($mo[1], 16); // Prevent request splitting by ignoring newline and space characters if($code === 0xA || $code === 0xD || $code === ord(' ')) { return $mo[0]; } else { return chr($code); } } function Auth_OpenID_remove_dot_segments($path) { $result_segments = array(); while ($path) { if (Auth_Yadis_startswith($path, '../')) { $path = substr($path, 3); } else if (Auth_Yadis_startswith($path, './')) { $path = substr($path, 2); } else if (Auth_Yadis_startswith($path, '/./')) { $path = substr($path, 2); } else if ($path == '/.') { $path = '/'; } else if (Auth_Yadis_startswith($path, '/../')) { $path = substr($path, 3); if ($result_segments) { array_pop($result_segments); } } else if ($path == '/..') { $path = '/'; if ($result_segments) { array_pop($result_segments); } } else if (($path == '..') || ($path == '.')) { $path = ''; } else { $i = 0; if ($path[0] == '/') { $i = 1; } $i = strpos($path, '/', $i); if ($i === false) { $i = strlen($path); } $result_segments[] = substr($path, 0, $i); $path = substr($path, $i); } } return implode('', $result_segments); } function Auth_OpenID_urinorm($uri) { $uri_matches = array(); preg_match(Auth_OpenID_getURIPattern(), $uri, $uri_matches); if (count($uri_matches) < 9) { for ($i = count($uri_matches); $i <= 9; $i++) { $uri_matches[] = ''; } } $illegal_matches = array(); preg_match(Auth_OpenID_getURLIllegalCharRE(), $uri, $illegal_matches); if ($illegal_matches) { return null; } $scheme = $uri_matches[2]; if ($scheme === '') { // No scheme specified return null; } $scheme = strtolower($scheme); if (!in_array($scheme, array('http', 'https'))) { // Not an absolute HTTP or HTTPS URI return null; } $authority = $uri_matches[4]; if ($authority === '') { // Not an absolute URI return null; } $authority_matches = array(); preg_match(Auth_OpenID_getAuthorityPattern(), $authority, $authority_matches); if (count($authority_matches) === 0) { // URI does not have a valid authority return null; } if (count($authority_matches) < 4) { for ($i = count($authority_matches); $i <= 4; $i++) { $authority_matches[] = ''; } } list(, $userinfo, $host, $port) = $authority_matches; if ($userinfo === null) { $userinfo = ''; } if (strpos($host, '%') !== false) { $host = strtolower($host); $host = preg_replace_callback( Auth_OpenID_getEncodedPattern(), 'Auth_OpenID_pct_encoded_replace', $host); // NO IDNA. // $host = unicode($host, 'utf-8').encode('idna'); } else { $host = strtolower($host); } if ($port) { if (($port == ':') || ($scheme == 'http' && $port == ':80') || ($scheme == 'https' && $port == ':443')) { $port = ''; } } else { $port = ''; } $authority = $userinfo . $host . $port; $path = $uri_matches[5]; $path = preg_replace_callback( Auth_OpenID_getEncodedPattern(), 'Auth_OpenID_pct_encoded_replace_unreserved', $path); $path = Auth_OpenID_remove_dot_segments($path); if (!$path) { $path = '/'; } $query = $uri_matches[6]; if ($query === null) { $query = ''; } $fragment = $uri_matches[8]; if ($fragment === null) { $fragment = ''; } return $scheme . '://' . $authority . $path . $query . $fragment; }