Add simpleid-1.0.5
diff --git a/simpleid/www/discovery.inc.php b/simpleid/www/discovery.inc.php
new file mode 100644
index 0000000..30c50e6
--- /dev/null
+++ b/simpleid/www/discovery.inc.php
@@ -0,0 +1,649 @@
+<?php
+/*
+ * SimpleID
+ *
+ * Copyright (C) Kelvin Mo 2007-9
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public
+ * License along with this program; if not, write to the Free
+ * Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+ * $Id$
+ */
+
+/**
+ * Support for XRDS based discovery.
+ *
+ * The functions for this file supports HTTP-based identifiers. For XRIs, the
+ * resolution service xri.net is used to resolve to HTTP-based URLs.
+ *
+ * @package simpleid
+ * @since 0.7
+ * @filesource
+ */
+
+include_once "http.inc.php";
+
+/**
+ * The namespace identifier for an XRDS document.
+ */
+define('XRDS_NS', 'xri://$xrds');
+
+/**
+ * The namespace identifier for XRDS version 2.
+ */
+define('XRD2_NS', 'xri://$xrd*($v*2.0)');
+
+/**
+ * The namespace identifier for XRDS Simple.
+ */
+define('XRDS_SIMPLE_NS', 'http://xrds-simple.net/core/1.0');
+
+/**
+ * The type identifier for XRDS Simple.
+ */
+define('XRDS_SIMPLE_TYPE', 'xri://$xrds*simple');
+
+/**
+ * The namespace identifier for OpenID services.
+ */
+define('XRD_OPENID_NS', 'http://openid.net/xmlns/1.0');
+
+/**
+ * Obtains the services for particular identifier.
+ *
+ * This function attempts to discover and obtain the XRDS document associated
+ * with the identifier, parses the XRDS document and returns an array of
+ * services.
+ *
+ * If an XRDS document is not found, and $openid is set to true, this function
+ * will also attempt to discover OpenID services by looking for link elements
+ * with rel of openid.server or openid2.provider in the discovered HTML document.
+ *
+ * @param string $identifier the identifier
+ * @param bool $openid if true, performs additional discovery of OpenID services
+ * by looking for link elements within the discovered document
+ * @return array an array of discovered services, or an empty array if no services
+ * are found
+ */
+function discovery_xrds_discover($identifier, $openid = FALSE) {
+ $identifier = discovery_xrds_normalize($identifier);
+ $url = discovery_xrds_url($identifier);
+
+ $xrds = discovery_xrds_get($url);
+
+ if ($xrds) {
+ return discovery_xrds_parse($xrds);
+ } else {
+ if ($openid) return discovery_html_get_services($url);
+ return array();
+ }
+}
+
+/**
+ * Given an array of discovered services, obtains information on services of
+ * a particular type.
+ *
+ * @param array $services the discovered services
+ * @param string $type the URI of the type of service to obtain
+ * @return array an array of matching services, or an empty array of no services
+ * match
+ */
+function discovery_xrds_services_by_type($services, $type) {
+ $matches = array();
+
+ foreach ($services as $service) {
+ foreach ($service['type'] as $service_type) {
+ if ($service_type == $type) $matches[] = $service;
+ }
+ }
+ return $matches;
+}
+
+/**
+ * Given an array of discovered services, obtains information on the service of
+ * a specified ID.
+ *
+ * @param array $services the discovered services
+ * @param string $id the XML ID of the service in the XRDS document
+ * @return array the matching service, or NULL of no services
+ * are found
+ */
+function discovery_xrds_service_by_id($services, $id) {
+ foreach ($services as $service) {
+ if ($service['#id'] == $id) return $service;
+ }
+ return NULL;
+}
+
+/**
+ * Obtains a XRDS document at a particular URL. Performs Yadis discovery if
+ * the URL does not produce a XRDS document.
+ *
+ * @param string $url the URL
+ * @param bool $check whether to check the content type of the response is
+ * application/xrds+xml
+ * @param int $retries the number of tries to make
+ * @return string the contents of the XRDS document
+ */
+function discovery_xrds_get($url, $check = TRUE, $retries = 5) {
+ if ($retries == 0) return NULL;
+
+ $response = http_make_request($url, array('Accept' => 'application/xrds+xml'));
+
+ if (isset($response['http-error'])) return NULL;
+ if (($response['content-type'] == 'application/xrds+xml') || ($check == FALSE)) {
+ return $response['data'];
+ } elseif (isset($response['headers']['x-xrds-location'])) {
+ return discovery_xrds_get($response['headers']['x-xrds-location'], false, $retries - 1);
+ } elseif (isset($response['data'])) {
+ $location = _discovery_meta_httpequiv('X-XRDS-Location', $response['data']);
+ if ($location) {
+ return discovery_xrds_get($location, false, $retries - 1);
+ }
+ return NULL;
+ } else {
+ return NULL;
+ }
+}
+
+/**
+ * Normalises an identifier for discovery.
+ *
+ * If the identifier begins with xri://, acct: or mailto:, this is stripped out. If the identifier
+ * does not begin with a valid URI scheme, http:// is assumed and added to the
+ * identifier.
+ *
+ * @param string $identifier the identifier to normalise
+ * @return string the normalised identifier
+ */
+function discovery_xrds_normalize($identifier) {
+ $normalized = $identifier;
+
+ if (discovery_is_xri($identifier)) {
+ if (stristr($identifier, 'xri://') !== false) $normalized = substr($identifier, 6);
+ } elseif (discovery_is_email($identifier)) {
+ if (stristr($identifier, 'acct:') !== false) $normalized = substr($identifier, 5);
+ if (stristr($identifier, 'mailto:') !== false) $normalized = substr($identifier, 7);
+ } else {
+ if (stristr($identifier, '://') === false) $normalized = 'http://'. $identifier;
+ if (substr_count($normalized, '/') < 3) $normalized .= '/';
+ }
+
+ return $normalized;
+}
+
+/**
+ * Obtains a URL for an identifier. If the identifier is a XRI, the XRI resolution
+ * service is used to convert the identifier to a URL.
+ *
+ * @param string $identifier the identifier
+ * @return string the URL
+ */
+function discovery_xrds_url($identifier) {
+ if (discovery_is_xri($identifier)) {
+ return 'http://xri.net/' . $identifier;
+ } elseif (discovery_is_email($identifier)) {
+ //list($user, $host) = explode('@', $identifier, 2);
+ //$host_meta = 'http://' . $host . '/.well-known/host-meta';
+ } else {
+ return $identifier;
+ }
+
+}
+
+/**
+ * Determines whether an identifier is an XRI.
+ *
+ * XRI identifiers either start with xri:// or with @, =, +, $ or !.
+ *
+ * @param string $identifier the parameter to test
+ * @return bool true if the identifier is an XRI
+ */
+function discovery_is_xri($identifier) {
+ $firstchar = substr($identifier, 0, 1);
+ if ($firstchar == "@" || $firstchar == "=" || $firstchar == "+" || $firstchar == "\$" || $firstchar == "!") return true;
+ if (stristr($identifier, 'xri://') !== FALSE) return true;
+ return false;
+}
+
+/**
+ * Determines whether an identifier is an e-mail address.
+ *
+ * An identifier is an e-mail address if it:
+ *
+ * - has a single @ character
+ * - does not have a slash character
+ *
+ * @param string $identifier the parameter to test
+ * @return bool true if the identifier is an e-mail address
+ */
+function discovery_is_email($identifier) {
+ // If it begins with acct: or mailto:, strip it out
+ if (stristr($identifier, 'acct:') !== false) $identifier = substr($identifier, 5);
+ if (stristr($identifier, 'mailto:') !== false) $identifier = substr($identifier, 7);
+
+ // If it contains a slash, it is not an e-mail address
+ if (strpos($identifier, "/") !== false) return false;
+
+ $at = strpos($identifier, "@");
+
+ // If it does not contain a @, it is not an e-mail address
+ if ($at === false) return false;
+
+ // If it contains more than one @, it is not an e-mail
+ if (strrpos($identifier, "@") != $at) return false;
+
+ return true;
+}
+
+
+/**
+ * Callback function to sort service and URI elements based on priorities
+ * specified in the XRDS document.
+ *
+ * The XRDS specification allows multiple instances of certain elements, such
+ * as Service and URI. The specification allows an attribute called priority
+ * so that the document creator can specify the order the elements should be used.
+ *
+ * @param array $a
+ * @param array $b
+ * @return int
+ */
+function discovery_xrds_priority_sort($a, $b) {
+ if (!isset($a['#priority']) && !isset($b['#priority'])) return 0;
+
+ // if #priority is missing, #priority is assumed to be infinity
+ if (!isset($a['#priority'])) return 1;
+ if (!isset($b['#priority'])) return -1;
+
+ if ($a['#priority'] == $b['#priority']) return 0;
+ return ($a['#priority'] < $b['#priority']) ? -1 : 1;
+}
+
+/**
+ * Parses an XRDS document to return services available.
+ *
+ * @param string $xrds the XRDS document
+ * @return array the parsed structure
+ *
+ * @see XRDSParser
+ */
+function discovery_xrds_parse($xrds) {
+ $parser = new XRDSParser();
+ $parser->parse($xrds);
+ $parser->free();
+ $services = $parser->services();
+ uasort($services, 'discovery_xrds_priority_sort');
+
+ return $services;
+}
+
+/**
+ * Obtains the OpenID services for particular identifier by scanning for link
+ * elements in the returned document.
+ *
+ * Note that this function does not use the YADIS protocol to scan for services.
+ * To use the YADIS protocol, use {@link discovery_get_services()}.
+ *
+ * @param string $url the URL
+ * @return array an array of discovered services, or an empty array if no services
+ * are found
+ */
+function discovery_html_get_services($url) {
+ $services = array();
+
+ $response = http_make_request($url);
+ $html = $response['data'];
+
+ $uri = _discovery_link_rel('openid2.provider', $html);
+ $delegate = _discovery_link_rel('openid2.local_id', $html);
+
+ if ($uri) {
+ $service = array(
+ 'type' => 'http://specs.openid.net/auth/2.0/signon',
+ 'uri' => $uri
+ );
+ if ($delegate) $service['localid'] = $delegate;
+ $services[] = $service;
+ }
+
+ $uri = _discovery_link_rel('openid.server', $html);
+ $delegate = _discovery_link_rel('openid.delegate', $html);
+
+ if ($uri) {
+ $service = array(
+ 'type' => 'http://openid.net/signon/1.0',
+ 'uri' => $uri
+ );
+ if ($delegate) $service['localid'] = $delegate;
+ $services[] = $service;
+ }
+
+ return $services;
+}
+
+/**
+ * Searches through an HTML document to obtain the value of a meta
+ * element with a specified http-equiv attribute.
+ *
+ * @param string $equiv the http-equiv attribute for which to search
+ * @param string $html the HTML document to search
+ * @return mixed the value of the meta element, or FALSE if the element is not
+ * found
+ */
+function _discovery_meta_httpequiv($equiv, $html) {
+ $html = preg_replace('/<!(?:--(?:[^-]*|-[^-]+)*--\s*)>/', '', $html); // Strip html comments
+
+ $equiv = preg_quote($equiv);
+ preg_match('|<meta\s+http-equiv=["\']'. $equiv .'["\'](.*)/?>|iUs', $html, $matches);
+ if (isset($matches[1])) {
+ preg_match('|content=["\']([^"]+)["\']|iUs', $matches[1], $content);
+ if (isset($content[1])) {
+ return $content[1];
+ }
+ }
+ return FALSE;
+}
+
+/**
+ * Searches through an HTML document to obtain the value of a link
+ * element with a specified rel attribute.
+ *
+ * @param string $rel the rel attribute for which to search
+ * @param string $html the HTML document to search
+ * @return mixed the href of the link element, or FALSE if the element is not
+ * found
+ */
+function _discovery_link_rel($rel, $html) {
+ $html = preg_replace('/<!(?:--(?:[^-]*|-[^-]+)*--\s*)>/s', '', $html); // Strip html comments
+
+ $rel = preg_quote($rel);
+ preg_match('|<link\s+rel=["\'](.*)'. $rel .'(.*)["\'](.*)/?>|iUs', $html, $matches);
+ if (isset($matches[3])) {
+ preg_match('|href=["\']([^"]+)["\']|iU', $matches[3], $href);
+ return trim($href[1]);
+ }
+ return FALSE;
+}
+
+/**
+ * A simple XRDS parser.
+ *
+ * This parser uses the classic expat functions available in PHP to parse the
+ * XRDS Simple XML document.
+ *
+ * The result is an array of discovered services.
+ *
+ * @link http://xrds-simple.net/
+ */
+class XRDSParser {
+ /**
+ * XML parser
+ * @var resource
+ * @access private
+ */
+ var $parser;
+
+ /**
+ * Discovered services
+ * @var array
+ * @access private
+ */
+ var $services = array();
+
+ /**
+ * State: are we parsing a service element?
+ * @var bool
+ * @access private
+ */
+ var $in_service = FALSE;
+
+ /**
+ * CDATA buffer
+ * @var string
+ * @access private
+ */
+ var $_buffer;
+ /**
+ * Attributes buffer
+ * @var array
+ * @access private
+ */
+ var $_attribs = array();
+
+ /**
+ * priority attribute buffer
+ * @var string
+ * @access private
+ */
+ var $priority = NULL;
+
+ /**
+ * Currently parsed service buffer
+ * @var array
+ * @access private
+ */
+ var $service = array();
+
+ /**
+ * Creates an instance of the XRDS parser.
+ *
+ * This constructor also initialises the underlying XML parser.
+ */
+ function XRDSParser() {
+ $this->parser = xml_parser_create_ns();
+ xml_parser_set_option($this->parser, XML_OPTION_CASE_FOLDING,0);
+ xml_set_object($this->parser, $this);
+ xml_set_element_handler($this->parser, 'element_start', 'element_end');
+ xml_set_character_data_handler($this->parser, 'cdata');
+ }
+
+ /**
+ * Frees memory associated with the underlying XML parser.
+ *
+ * Note that only the memory associated with the underlying XML parser is
+ * freed. Memory associated with the class itself is not freed.
+ *
+ * @access public
+ */
+ function free() {
+ xml_parser_free($this->parser);
+ }
+
+ /**
+ * Parses an XRDS document.
+ *
+ * Once the parsing is complete, use {@link XRDSParser::services()} to obtain
+ * the services extracted from the document.
+ *
+ * @param string $xml the XML document to parse
+ * @access public
+ */
+ function parse($xml) {
+ xml_parse($this->parser, $xml);
+ }
+
+ /**
+ * Gets an array of discovered services.
+ *
+ * @return array an array of discovered services, or an empty array
+ * @access public
+ * @see XRDSParser::parse()
+ */
+ function services() {
+ return $this->services;
+ }
+
+ /**
+ * XML parser callback
+ *
+ * @access private
+ */
+ function element_start(&$parser, $qualified, $attribs) {
+ list($ns, $name) = $this->parse_namespace($qualified);
+
+ // Strictly speaking, XML namespace URIs are semi-case sensitive
+ // (i.e. the scheme and host are not case sensitive, but other elements
+ // are). However, the XRDS-Simple specifications defines a
+ // namespace URI for XRD (xri://$XRD*($v*2.0) rather than xri://$xrd*($v*2.0))
+ // with an unusual case.
+ if ((strtolower($ns) == strtolower(XRD2_NS)) && ($name == 'Service')) {
+ $this->in_service = TRUE;
+ $this->service = array();
+
+ if (in_array('priority', $attribs)) {
+ $this->service['#priority'] = $attribs['priority'];
+ }
+ if (in_array('id', $attribs)) {
+ $this->service['#id'] = $attribs['id'];
+ }
+ }
+
+ if ((strtolower($ns) == strtolower(XRD2_NS)) && ($this->in_service)) {
+ switch ($name) {
+ case 'Type':
+ case 'LocalID':
+ case 'URI':
+ if (in_array('priority', $attribs)) {
+ $this->priority = $attribs['priority'];
+ } else {
+ $this->priority = NULL;
+ }
+ }
+ }
+
+ $this->_buffer = '';
+ $this->_attribs = $attribs;
+ }
+
+ /**
+ * XML parser callback
+ *
+ * @access private
+ */
+ function element_end(&$parser, $qualified) {
+ list($ns, $name) = $this->parse_namespace($qualified);
+
+ if ((strtolower($ns) == strtolower(XRD2_NS)) && ($this->in_service)) {
+ switch ($name) {
+ case 'Service':
+ foreach (array('type', 'localid', 'uri') as $key) {
+ if (!isset($this->service[$key])) continue;
+ $this->service[$key] = $this->flatten_uris($this->service[$key]);
+ }
+
+ $this->services[] = $this->service;
+ $this->in_service = FALSE;
+ break;
+
+ case 'Type':
+ case 'LocalID':
+ case 'URI':
+ $key = strtolower($name);
+ if (!isset($this->service[$key])) {
+ $this->service[$key] = array();
+ }
+ if ($this->priority != NULL) {
+ $this->service[$key][] = array('#uri' => trim($this->_buffer), '#priority' => $this->priority);
+ } else {
+ $this->service[$key][] = array('#uri' => trim($this->_buffer));
+ }
+ $this->priority = NULL;
+ break;
+ }
+ }
+
+ if ((strtolower($ns) == strtolower(XRD_OPENID_NS)) && ($this->in_service)) {
+ switch ($name) {
+ case 'Delegate':
+ $this->service['delegate'] = trim($this->_buffer);
+ }
+ }
+
+ $this->_attribs = array();
+ }
+
+ /**
+ * XML parser callback
+ *
+ * @access private
+ */
+ function cdata(&$parser, $data) {
+ $this->_buffer .= $data;
+ }
+
+ /**
+ * Parses a namespace-qualified element name.
+ *
+ * @param string $qualified the qualified name
+ * @return array an array with two elements - the first element contains
+ * the namespace qualifier (or an empty string), the second element contains
+ * the element name
+ * @access protected
+ */
+ function parse_namespace($qualified) {
+ $pos = strrpos($qualified, ':');
+ if ($pos !== FALSE) return array(substr($qualified, 0, $pos), substr($qualified, $pos + 1, strlen($qualified)));
+ return array('', $qualified);
+ }
+
+ /**
+ * Flattens the service array.
+ *
+ * In an XRDS document, child elements of the service element often contains
+ * a list of URIs, with the priority specified in the priority attribute.
+ *
+ * When the document is parsed in this class, the URI and the priority are first
+ * extracted into the #uri and the #priority keys respectively. This function
+ * takes this array, sorts the elements using the #priority keys (if $sort is
+ * true), then collapses the array using the value associated with the #uri key.
+ *
+ * @param array $array the service array, with URIs and priorities
+ * @param bool $sort whether to sort the service array using the #priority
+ * keys
+ * @return array the services array with URIs sorted by priority
+ * @access protected
+ */
+ function flatten_uris($array, $sort = TRUE) {
+ $result = array();
+
+ if ($sort) uasort($array, 'discovery_xrds_priority_sort');
+
+ for ($i = 0; $i < count($array); $i++) {
+ $result[] = $array[$i]['#uri'];
+ }
+
+ return $result;
+ }
+}
+
+if (!function_exists('rfc3986_urlencode')) {
+ /**
+ * Encodes a URL using RFC 3986.
+ *
+ * PHP's rawurlencode function encodes a URL using RFC 1738. RFC 1738 has been
+ * updated by RFC 3986, which change the list of characters which needs to be
+ * encoded.
+ *
+ * Strictly correct encoding is required for various purposes, such as OAuth
+ * signature base strings.
+ *
+ * @param string $s the URL to encode
+ * @return string the encoded URL
+ */
+ function rfc3986_urlencode($s) {
+ return str_replace('%7E', '~', rawurlencode($s));
+ }
+}
+?>