1<?php
2
3/**
4 * This module contains the HTTP fetcher interface
5 *
6 * PHP versions 4 and 5
7 *
8 * LICENSE: See the COPYING file included in this distribution.
9 *
10 * @package OpenID
11 * @author JanRain, Inc. <openid@janrain.com>
12 * @copyright 2005-2008 Janrain, Inc.
13 * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
14 */
15
16/**
17 * Require logging functionality
18 */
19require_once "Auth/OpenID.php";
20
21define('Auth_OpenID_FETCHER_MAX_RESPONSE_KB', 1024);
22define('Auth_OpenID_USER_AGENT',
23       'php-openid/'.Auth_OpenID_VERSION.' (php/'.phpversion().')');
24
25class Auth_Yadis_HTTPResponse {
26
27    public $final_url = '';
28    public $status = '';
29    public $body = '';
30    public $headers = [];
31
32    function __construct($final_url = null, $status = null,
33                                         $headers = null, $body = null)
34    {
35        $this->final_url = $final_url;
36        $this->status = $status;
37        $this->headers = $headers;
38        $this->body = $body;
39    }
40}
41
42/**
43 * This class is the interface for HTTP fetchers the Yadis library
44 * uses.  This interface is only important if you need to write a new
45 * fetcher for some reason.
46 *
47 * @access private
48 * @package OpenID
49 */
50class Auth_Yadis_HTTPFetcher {
51
52    public $timeout = 20; // timeout in seconds.
53
54    /**
55     * Return whether a URL can be fetched.  Returns false if the URL
56     * scheme is not allowed or is not supported by this fetcher
57     * implementation; returns true otherwise.
58     *
59     * @param string $url
60     * @return bool
61     */
62    function canFetchURL($url)
63    {
64        if ($this->isHTTPS($url) && !$this->supportsSSL()) {
65            Auth_OpenID::log("HTTPS URL unsupported fetching %s",
66                             $url);
67            return false;
68        }
69
70        if (!$this->allowedURL($url)) {
71            Auth_OpenID::log("URL fetching not allowed for '%s'",
72                             $url);
73            return false;
74        }
75
76        return true;
77    }
78
79    /**
80     * Return whether a URL should be allowed. Override this method to
81     * conform to your local policy.
82     *
83     * By default, will attempt to fetch any http or https URL.
84     *
85     * @param string $url
86     * @return bool
87     */
88    function allowedURL($url)
89    {
90        return $this->URLHasAllowedScheme($url);
91    }
92
93    /**
94     * Does this fetcher implementation (and runtime) support fetching
95     * HTTPS URLs?  May inspect the runtime environment.
96     *
97     * @return bool $support True if this fetcher supports HTTPS
98     * fetching; false if not.
99     */
100    function supportsSSL()
101    {
102        trigger_error("not implemented", E_USER_ERROR);
103        return false;
104    }
105
106    /**
107     * Is this an https URL?
108     *
109     * @access private
110     * @param string $url
111     * @return bool
112     */
113    function isHTTPS($url)
114    {
115        return (bool)preg_match('/^https:\/\//i', $url);
116    }
117
118    /**
119     * Is this an http or https URL?
120     *
121     * @access private
122     * @param string $url
123     * @return bool
124     */
125    function URLHasAllowedScheme($url)
126    {
127        return (bool)preg_match('/^https?:\/\//i', $url);
128    }
129
130    /**
131     * @access private
132     * @param array $headers
133     * @param string $url
134     * @return null|string
135     */
136    function _findRedirect($headers, $url)
137    {
138        foreach ($headers as $line) {
139            if (strpos(strtolower($line), "location: ") === 0) {
140                $parts = explode(" ", $line, 2);
141                $loc = $parts[1];
142                $ppos = strpos($loc, "://");
143                if ($ppos === false || $ppos > strpos($loc, "/")) {
144                  /* no host; add it */
145                  $hpos = strpos($url, "://");
146                  $prt = substr($url, 0, $hpos+3);
147                  $url = substr($url, $hpos+3);
148                  if (substr($loc, 0, 1) == "/") {
149                    /* absolute path */
150                    $fspos = strpos($url, "/");
151                    if ($fspos) $loc = $prt.substr($url, 0, $fspos).$loc;
152                    else $loc = $prt.$url.$loc;
153                  } else {
154                    /* relative path */
155                    $pp = $prt;
156                    while (1) {
157                      $xpos = strpos($url, "/");
158                      if ($xpos === false) break;
159                      $apos = strpos($url, "?");
160                      if ($apos !== false && $apos < $xpos) break;
161                      $apos = strpos($url, "&");
162                      if ($apos !== false && $apos < $xpos) break;
163                      $pp .= substr($url, 0, $xpos+1);
164                      $url = substr($url, $xpos+1);
165                    }
166                    $loc = $pp.$loc;
167                  }
168                }
169                return $loc;
170            }
171        }
172        return null;
173    }
174
175    /**
176     * Fetches the specified URL using optional extra headers and
177     * returns the server's response.
178     *
179     * @param string $url The URL to be fetched.
180     * @param array $headers
181     * @return Auth_Yadis_HTTPResponse|null
182     */
183    function get($url, $headers = null)
184    {
185        trigger_error("not implemented", E_USER_ERROR);
186        return null;
187    }
188}
189
190