entp-ruby-openid 2.2

data/lib/openid/yadis/parsehtml.rb

@@ -0,0 +1,45 @@
+require "openid/yadis/htmltokenizer"
+require 'cgi'
+
+module OpenID
+  module Yadis
+    def Yadis.html_yadis_location(html)
+      parser = HTMLTokenizer.new(html)
+
+      # to keep track of whether or not we are in the head element
+      in_head = false
+
+      begin
+        while el = parser.getTag('head', '/head', 'meta', 'body', '/body',
+                                 'html', 'script')
+
+          # we are leaving head or have reached body, so we bail
+          return nil if ['/head', 'body', '/body'].member?(el.tag_name)
+
+          if el.tag_name == 'head'
+            unless el.to_s[-2] == ?/ # tag ends with a /: a short tag
+              in_head = true
+            end
+          end
+          next unless in_head
+
+          if el.tag_name == 'script'
+            unless el.to_s[-2] == ?/ # tag ends with a /: a short tag
+              parser.getTag('/script')
+            end
+          end
+
+          return nil if el.tag_name == 'html'
+
+          if el.tag_name == 'meta' and (equiv = el.attr_hash['http-equiv'])
+            if ['x-xrds-location','x-yadis-location'].member?(equiv.downcase) &&
+                el.attr_hash.member?('content')
+              return CGI::unescapeHTML(el.attr_hash['content'])
+            end
+          end
+        end
+      rescue HTMLTokenizerError # just stop parsing if there's an error
+      end
+    end
+  end
+end

data/lib/openid/yadis/services.rb

@@ -0,0 +1,42 @@
+
+require 'openid/yadis/filters'
+require 'openid/yadis/discovery'
+require 'openid/yadis/xrds'
+
+module OpenID
+  module Yadis
+    def Yadis.get_service_endpoints(input_url, flt=nil)
+      # Perform the Yadis protocol on the input URL and return an
+      # iterable of resulting endpoint objects.
+      #
+      # @param flt: A filter object or something that is convertable
+      # to a filter object (using mkFilter) that will be used to
+      # generate endpoint objects. This defaults to generating
+      # BasicEndpoint objects.
+      result = Yadis.discover(input_url)
+      begin
+        endpoints = Yadis.apply_filter(result.normalized_uri,
+                                       result.response_text, flt)
+      rescue XRDSError => err
+        raise DiscoveryFailure.new(err.to_s, nil)
+      end
+
+      return [result.normalized_uri, endpoints]
+    end
+
+    def Yadis.apply_filter(normalized_uri, xrd_data, flt=nil)
+      # Generate an iterable of endpoint objects given this input data,
+      # presumably from the result of performing the Yadis protocol.
+
+      flt = Yadis.make_filter(flt)
+      et = Yadis.parseXRDS(xrd_data)
+
+      endpoints = []
+      each_service(et) { |service_element|
+        endpoints += flt.get_service_endpoints(normalized_uri, service_element)
+      }
+
+      return endpoints
+    end
+  end
+end

data/lib/openid/yadis/xrds.rb

@@ -0,0 +1,155 @@
+require 'rexml/document'
+require 'rexml/element'
+require 'rexml/xpath'
+
+require 'openid/yadis/xri'
+
+module OpenID
+  module Yadis
+
+    XRD_NS_2_0 = 'xri://$xrd*($v*2.0)'
+    XRDS_NS = 'xri://$xrds'
+
+    XRDS_NAMESPACES = {
+      'xrds' => XRDS_NS,
+      'xrd' => XRD_NS_2_0,
+    }
+
+    class XRDSError < StandardError; end
+
+    # Raised when there's an assertion in the XRDS that it does not
+    # have the authority to make.
+    class XRDSFraud < XRDSError
+    end
+
+    def Yadis::get_canonical_id(iname, xrd_tree)
+      # Return the CanonicalID from this XRDS document.
+      #
+      # @param iname: the XRI being resolved.
+      # @type iname: unicode
+      #
+      # @param xrd_tree: The XRDS output from the resolver.
+      #
+      # @returns: The XRI CanonicalID or None.
+      # @returntype: unicode or None
+
+      xrd_list = []
+      REXML::XPath::match(xrd_tree.root, '/xrds:XRDS/xrd:XRD', XRDS_NAMESPACES).each { |el|
+        xrd_list << el
+      }
+
+      xrd_list.reverse!
+
+      cid_elements = []
+
+      if !xrd_list.empty?
+        xrd_list[0].elements.each { |e|
+          if !e.respond_to?('name')
+            next
+          end
+          if e.name == 'CanonicalID'
+            cid_elements << e
+          end
+        }
+      end
+
+      cid_element = cid_elements[0]
+
+      if !cid_element
+        return nil
+      end
+
+      canonicalID = XRI.make_xri(cid_element.text)
+
+      childID = canonicalID.downcase
+
+      xrd_list[1..-1].each { |xrd|
+        parent_sought = childID[0...childID.rindex('!')]
+
+        parent = XRI.make_xri(xrd.elements["CanonicalID"].text)
+
+        if parent_sought != parent.downcase
+          raise XRDSFraud.new(sprintf("%s can not come from %s", parent_sought,
+                                      parent))
+        end
+
+        childID = parent_sought
+      }
+
+      root = XRI.root_authority(iname)
+      if not XRI.provider_is_authoritative(root, childID)
+        raise XRDSFraud.new(sprintf("%s can not come from root %s", childID, root))
+      end
+
+      return canonicalID
+    end
+
+    class XRDSError < StandardError
+    end
+
+    def Yadis::parseXRDS(text)
+      if text.nil?
+        raise XRDSError.new("Not an XRDS document.")
+      end
+
+      begin
+        d = REXML::Document.new(text)
+      rescue RuntimeError => why
+        raise XRDSError.new("Not an XRDS document. Failed to parse XML.")
+      end
+
+      if is_xrds?(d)
+        return d
+      else
+        raise XRDSError.new("Not an XRDS document.")
+      end
+    end
+
+    def Yadis::is_xrds?(xrds_tree)
+      xrds_root = xrds_tree.root
+      return (!xrds_root.nil? and
+        xrds_root.name == 'XRDS' and
+        xrds_root.namespace == XRDS_NS)
+    end
+
+    def Yadis::get_yadis_xrd(xrds_tree)
+      REXML::XPath.each(xrds_tree.root,
+                        '/xrds:XRDS/xrd:XRD[last()]',
+                        XRDS_NAMESPACES) { |el|
+        return el
+      }
+      raise XRDSError.new("No XRD element found.")
+    end
+
+    # aka iterServices in Python
+    def Yadis::each_service(xrds_tree, &block)
+      xrd = get_yadis_xrd(xrds_tree)
+      xrd.each_element('Service', &block)
+    end
+
+    def Yadis::services(xrds_tree)
+      s = []
+      each_service(xrds_tree) { |service|
+        s << service
+      }
+      return s
+    end
+
+    def Yadis::expand_service(service_element)
+      es = service_element.elements
+      uris = es.each('URI') { |u| }
+      uris = prio_sort(uris)
+      types = es.each('Type/text()')
+      # REXML::Text objects are not strings.
+      types = types.collect { |t| t.to_s }
+      uris.collect { |uri| [types, uri.text, service_element] }
+    end
+
+    # Sort a list of elements that have priority attributes.
+    def Yadis::prio_sort(elements)
+      elements.sort { |a,b|
+        a.attribute('priority').to_s.to_i <=> b.attribute('priority').to_s.to_i
+      }
+    end
+  end
+end

data/lib/openid/yadis/xri.rb

@@ -0,0 +1,90 @@
+require 'openid/yadis/xrds'
+require 'openid/fetchers'
+
+module OpenID
+  module Yadis
+    module XRI
+
+      # The '(' is for cross-reference authorities, and hopefully has a
+      # matching ')' somewhere.
+      XRI_AUTHORITIES = ["!", "=", "@", "+", "$", "("]
+
+      def self.identifier_scheme(identifier)
+        if (!identifier.nil? and
+            identifier.length > 0 and
+            (identifier.match('^xri://') or
+             XRI_AUTHORITIES.member?(identifier[0].chr)))
+          return :xri
+        else
+          return :uri
+        end
+      end
+
+      # Transform an XRI reference to an IRI reference.  Note this is
+      # not not idempotent, so do not apply this to an identifier more
+      # than once.  XRI Syntax section 2.3.1
+      def self.to_iri_normal(xri)
+        iri = xri.dup
+        iri.insert(0, 'xri://') if not iri.match('^xri://')
+        return escape_for_iri(iri)
+      end
+
+      # Note this is not not idempotent, so do not apply this more than
+      # once.  XRI Syntax section 2.3.2
+      def self.escape_for_iri(xri)
+        esc = xri.dup
+        # encode all %
+        esc.gsub!(/%/, '%25')
+        esc.gsub!(/\((.*?)\)/) { |xref_match|
+          xref_match.gsub(/[\/\?\#]/) { |char_match|
+            CGI::escape(char_match)
+          }
+        }
+        return esc
+      end
+
+      # Transform an XRI reference to a URI reference.  Note this is not
+      # not idempotent, so do not apply this to an identifier more than
+      # once.  XRI Syntax section 2.3.1
+      def self.to_uri_normal(xri)
+        return iri_to_uri(to_iri_normal(xri))
+      end
+
+      # RFC 3987 section 3.1
+      def self.iri_to_uri(iri)
+        uri = iri.dup
+        # for char in ucschar or iprivate
+        # convert each char to %HH%HH%HH (as many %HH as octets)
+        return uri
+      end
+
+      def self.provider_is_authoritative(provider_id, canonical_id)
+        lastbang = canonical_id.rindex('!')
+        return false unless lastbang
+        parent = canonical_id[0...lastbang]
+        return parent == provider_id
+      end
+
+      def self.root_authority(xri)
+        xri = xri[6..-1] if xri.index('xri://') == 0
+        authority = xri.split('/', 2)[0]
+        if authority[0].chr == '('
+          root = authority[0...authority.index(')')+1]
+        elsif XRI_AUTHORITIES.member?(authority[0].chr)
+          root = authority[0].chr
+        else
+          root = authority.split(/[!*]/)[0]
+        end
+
+        self.make_xri(root)
+      end
+
+      def self.make_xri(xri)
+        if xri.index('xri://') != 0
+          xri = 'xri://' + xri
+        end
+        return xri
+      end
+    end
+  end
+end

data/lib/openid/yadis/xrires.rb

@@ -0,0 +1,91 @@
+require "cgi"
+require "openid/yadis/xri"
+require "openid/yadis/xrds"
+require "openid/fetchers"
+
+module OpenID
+
+  module Yadis
+
+    module XRI
+
+      class XRIHTTPError < StandardError; end
+
+      class ProxyResolver
+
+        DEFAULT_PROXY = 'http://proxy.xri.net/' unless defined?(DEFAULT_PROXY)
+
+        def initialize(proxy_url=nil)
+          if proxy_url
+            @proxy_url = proxy_url
+          else
+            @proxy_url = DEFAULT_PROXY
+          end
+
+          @proxy_url += '/' unless @proxy_url.match('/$')
+        end
+
+        def query_url(xri, service_type=nil)
+          # URI normal form has a leading xri://, but we need to strip
+          # that off again for the QXRI.  This is under discussion for
+          # XRI Resolution WD 11.
+          qxri = XRI.to_uri_normal(xri)[6..-1]
+          hxri = @proxy_url + CGI::escape( qxri )
+          args = {'_xrd_r' => 'application/xrds+xml'}
+          args['_xrd_t'] = service_type if service_type
+
+          return XRI.append_args(hxri, args)
+        end
+
+        def query(xri)
+          # these can be query args or http headers, needn't be both.
+          # headers = {'Accept' => 'application/xrds+xml;sep=true'}
+
+          url = self.query_url(xri)
+          begin
+            response = OpenID.fetch(url)
+          rescue
+            raise XRIHTTPError, "Could not fetch #{xri}, #{$!}"
+          end
+          raise XRIHTTPError, "Fetching #{xri} returned nothing" if response.nil?
+
+          xrds = Yadis::parseXRDS(response.body)
+          raise XRIHTTPError, "Fetching #{xri} did not return an XRDS" if xrds.nil?
+          canonicalID = Yadis::get_canonical_id(xri, xrds)
+
+          return canonicalID, Yadis::services(xrds)
+          # TODO:
+          #  * If we do get hits for multiple service_types, we're almost
+          #    certainly going to have duplicated service entries and
+          #    broken priority ordering.
+        end
+      end
+
+      def self.urlencode(args)
+        a = []
+        args.each do |key, val|
+          a << (CGI::escape(key) + "=" + CGI::escape(val))
+        end
+        a.join("&")
+      end
+
+      def self.append_args(url, args)
+        return url if args.length == 0
+
+        # strip all trailing question marks
+        rstripped = url.dup.sub(/\?+\z/, '').sub(/(%3F)+\z/, '')
+
+        if rstripped.include?('?') or rstripped.include?('%3F')
+          sep = ( rstripped[-1] == '&' ? '' : '&' )
+        else
+          sep = '?'
+        end
+
+        return rstripped + sep + XRI.urlencode(args)
+      end
+
+    end
+
+  end
+
+end

data/test/data/test_discover/openid_utf8.html

@@ -0,0 +1,11 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html>
+  <head>
+    <title>Identity Page for Smoker</title>
+    <link rel="openid.server" href="http://www.myopenid.com/server" />
+    <link rel="openid.delegate" href="http://smoker.myopenid.com/" />
+  </head>
+  <body>
+    <p>こんにちは</p>
+  </body>
+</html>

data/test/support/test_data_mixin.rb

@@ -0,0 +1,127 @@
+require "pathname"
+
+module OpenID
+  module TestDataMixin
+    TESTS_DIR = Pathname.new(__FILE__).dirname
+    TEST_DATA_DIR = Pathname.new('yadis_data')
+
+    def read_data_file(filename, lines=true, data_dir=TEST_DATA_DIR)
+      fname = TESTS_DIR.join(data_dir, filename)
+
+      if lines
+        fname.readlines
+      else
+        fname.read
+      end
+    end
+  end
+
+  module FetcherMixin
+    def with_fetcher(fetcher)
+      original_fetcher = OpenID.fetcher
+      begin
+        OpenID.fetcher = fetcher
+        return yield
+      ensure
+        OpenID.fetcher = original_fetcher
+      end
+    end
+  end
+
+  module Const
+    def const(symbol, value)
+      (class << self;self;end).instance_eval do
+        define_method(symbol) { value }
+      end
+    end
+  end
+
+  class MockResponse
+    attr_reader :code, :body
+
+    def initialize(code, body)
+      @code = code.to_s
+      @body = body
+    end
+  end
+
+  module ProtocolErrorMixin
+    def assert_protocol_error(str_prefix)
+      begin
+        result = yield
+      rescue ProtocolError => why
+        message = "Expected prefix #{str_prefix.inspect}, got "\
+                  "#{why.message.inspect}"
+        assert(why.message.starts_with?(str_prefix), message)
+      else
+        fail("Expected ProtocolError. Got #{result.inspect}")
+      end
+    end
+  end
+
+  module OverrideMethodMixin
+    def with_method_overridden(method_name, proc)
+      original = method(method_name)
+      begin
+        # TODO: find a combination of undef calls which prevent the warning
+        verbose, $VERBOSE = $VERBOSE, false
+        define_method(method_name, proc)
+        module_function(method_name)
+        $VERBOSE = verbose
+        yield
+      ensure
+        if original.respond_to? :owner
+          original.owner.send(:undef_method, method_name)
+          original.owner.send :define_method, method_name, original
+        else
+          define_method(method_name, original)
+          module_function(method_name)
+        end
+      end
+    end
+  end
+
+  # To use:
+  # > x = Object.new
+  # > x.extend(InstanceDefExtension)
+  # > x.instance_def(:monkeys) do
+  # >   "bananas"
+  # > end
+  # > x.monkeys
+  #
+  module InstanceDefExtension
+    def instance_def(method_name, &proc)
+      (class << self;self;end).instance_eval do
+        # TODO: find a combination of undef calls which prevent the warning
+        verbose, $VERBOSE = $VERBOSE, false
+        define_method(method_name, proc)
+        $VERBOSE = verbose
+      end
+    end
+  end
+
+  GOODSIG = '[A Good Signature]'
+
+  class GoodAssoc
+    attr_accessor :handle, :expires_in
+
+    def initialize(handle='-blah-')
+      @handle = handle
+      @expires_in = 3600
+    end
+
+    def check_message_signature(msg)
+      msg.get_arg(OPENID_NS, 'sig') == GOODSIG
+    end
+  end
+
+  class HTTPResponse
+    def self._from_raw_data(status, body="", headers={}, final_url=nil)
+      resp = Net::HTTPResponse.new('1.1', status.to_s, 'NONE')
+      me = self._from_net_response(resp, final_url)
+      me.initialize_http_header headers
+      me.body = body
+      return me
+    end
+  end
+end