nov-ruby-openid 2.1.9

data/lib/openid/urinorm.rb

@@ -0,0 +1,75 @@
+require 'uri'
+
+require "openid/extras"
+
+module OpenID
+
+  module URINorm
+    public
+    def URINorm.urinorm(uri)
+      uri = URI.parse(uri)
+
+      raise URI::InvalidURIError.new('no scheme') unless uri.scheme
+      uri.scheme = uri.scheme.downcase
+      unless ['http','https'].member?(uri.scheme)
+        raise URI::InvalidURIError.new('Not an HTTP or HTTPS URI')
+      end
+
+      raise URI::InvalidURIError.new('no host') unless uri.host
+      uri.host = uri.host.downcase
+
+      uri.path = remove_dot_segments(uri.path)
+      uri.path = '/' if uri.path.length == 0
+
+      uri = uri.normalize.to_s
+      uri = uri.gsub(PERCENT_ESCAPE_RE) {
+        sub = $&[1..2].to_i(16).chr
+        reserved(sub) ? $&.upcase : sub
+      }
+
+      return uri
+    end
+
+    private
+    RESERVED_RE = /[A-Za-z0-9._~-]/
+    PERCENT_ESCAPE_RE = /%[0-9a-zA-Z]{2}/
+
+    def URINorm.reserved(chr)
+      not RESERVED_RE =~ chr
+    end
+
+    def URINorm.remove_dot_segments(path)
+      result_segments = []
+
+      while path.length > 0
+        if path.starts_with?('../')
+          path = path[3..-1]
+        elsif path.starts_with?('./')
+          path = path[2..-1]
+        elsif path.starts_with?('/./')
+          path = path[2..-1]
+        elsif path == '/.'
+          path = '/'
+        elsif path.starts_with?('/../')
+          path = path[3..-1]
+          result_segments.pop if result_segments.length > 0
+        elsif path == '/..'
+          path = '/'
+          result_segments.pop if result_segments.length > 0
+        elsif path == '..' or path == '.'
+          path = ''
+        else
+          i = 0
+          i = 1 if path[0].chr == '/'
+          i = path.index('/', i)
+          i = path.length if i.nil?
+          result_segments << path[0...i]
+          path = path[i..-1]
+        end
+      end
+
+      return result_segments.join('')
+    end
+  end
+
+end

data/lib/openid/util.rb

@@ -0,0 +1,110 @@
+require "cgi"
+require "uri"
+require "logger"
+
+require "openid/extras"
+
+# See OpenID::Consumer or OpenID::Server modules, as well as the store classes
+module OpenID
+  class AssertionError < Exception
+  end
+
+  # Exceptions that are raised by the library are subclasses of this
+  # exception type, so if you want to catch all exceptions raised by
+  # the library, you can catch OpenIDError
+  class OpenIDError < StandardError
+  end
+
+  module Util
+
+    BASE64_CHARS = ('ABCDEFGHIJKLMNOPQRSTUVWXYZ' \
+                    'abcdefghijklmnopqrstuvwxyz0123456789+/')
+    BASE64_RE = Regexp.compile("
+    \\A
+    ([#{BASE64_CHARS}]{4})*
+    ([#{BASE64_CHARS}]{2}==|
+     [#{BASE64_CHARS}]{3}=)?
+    \\Z", Regexp::EXTENDED)
+
+    def Util.assert(value, message=nil)
+      if not value
+        raise AssertionError, message or value
+      end
+    end
+
+    def Util.to_base64(s)
+      [s].pack('m').gsub("\n", "")
+    end
+
+    def Util.from_base64(s)
+      without_newlines = s.gsub(/[\r\n]+/, '')
+      if !BASE64_RE.match(without_newlines)
+        raise ArgumentError, "Malformed input: #{s.inspect}"
+      end
+      without_newlines.unpack('m').first
+    end
+
+    def Util.urlencode(args)
+      a = []
+      args.each do |key, val|
+        val = '' unless val
+        a << (CGI::escape(key) + "=" + CGI::escape(val))
+      end
+      a.join("&")
+    end
+
+    def Util.parse_query(qs)
+      query = {}
+      CGI::parse(qs).each {|k,v| query[k] = v[0]}
+      return query
+    end
+
+    def Util.append_args(url, args)
+      url = url.dup
+      return url if args.length == 0
+
+      if args.respond_to?('each_pair')
+        args = args.sort
+      end
+
+      url << (url.include?("?") ? "&" : "?")
+      url << Util.urlencode(args)
+    end
+
+    @@logger = Logger.new(STDERR)
+    @@logger.progname = "OpenID"
+
+    def Util.logger=(logger)
+      @@logger = logger
+    end
+
+    def Util.logger
+      @@logger
+    end
+
+    # change the message below to do whatever you like for logging
+    def Util.log(message)
+      logger.info(message)
+    end
+
+    def Util.auto_submit_html(form, title='OpenID transaction in progress')
+      return "
+<html>
+<head>
+  <title>#{title}</title>
+</head>
+<body onload='document.forms[0].submit();'>
+#{form}
+<script>
+var elements = document.forms[0].elements;
+for (var i = 0; i < elements.length; i++) {
+  elements[i].style.display = \"none\";
+}
+</script>
+</body>
+</html>
+"
+    end
+  end
+
+end

data/lib/openid/yadis/accept.rb

@@ -0,0 +1,148 @@
+module OpenID
+
+  module Yadis
+
+    # Generate an accept header value
+    #
+    # [str or (str, float)] -> str
+    def self.generate_accept_header(*elements)
+      parts = []
+      elements.each { |element|
+        if element.is_a?(String)
+          qs = "1.0"
+          mtype = element
+        else
+          mtype, q = element
+          q = q.to_f
+          if q > 1 or q <= 0
+            raise ArgumentError.new("Invalid preference factor: #{q}")
+          end
+          qs = sprintf("%0.1f", q)
+        end
+
+        parts << [qs, mtype]
+      }
+
+      parts.sort!
+      chunks = []
+      parts.each { |q, mtype|
+        if q == '1.0'
+          chunks << mtype
+        else
+          chunks << sprintf("%s; q=%s", mtype, q)
+        end
+      }
+
+      return chunks.join(', ')
+    end
+
+    def self.parse_accept_header(value)
+      # Parse an accept header, ignoring any accept-extensions
+      #
+      # returns a list of tuples containing main MIME type, MIME
+      # subtype, and quality markdown.
+      #
+      # str -> [(str, str, float)]
+      chunks = value.split(',', -1).collect { |v| v.strip }
+      accept = []
+      chunks.each { |chunk|
+        parts = chunk.split(";", -1).collect { |s| s.strip }
+
+        mtype = parts.shift
+        if mtype.index('/').nil?
+          # This is not a MIME type, so ignore the bad data
+          next
+        end
+
+        main, sub = mtype.split('/', 2)
+
+        q = nil
+        parts.each { |ext|
+          if !ext.index('=').nil?
+            k, v = ext.split('=', 2)
+            if k == 'q'
+              q = v.to_f
+            end
+          end
+        }
+
+        q = 1.0 if q.nil?
+
+        accept << [q, main, sub]
+      }
+
+      accept.sort!
+      accept.reverse!
+
+      return accept.collect { |q, main, sub| [main, sub, q] }
+    end
+
+    def self.match_types(accept_types, have_types)
+      # Given the result of parsing an Accept: header, and the
+      # available MIME types, return the acceptable types with their
+      # quality markdowns.
+      #
+      # For example:
+      #
+      # >>> acceptable = parse_accept_header('text/html, text/plain; q=0.5')
+      # >>> matchTypes(acceptable, ['text/plain', 'text/html', 'image/jpeg'])
+      # [('text/html', 1.0), ('text/plain', 0.5)]
+      #
+      # Type signature: ([(str, str, float)], [str]) -> [(str, float)]
+      if accept_types.nil? or accept_types == []
+        # Accept all of them
+        default = 1
+      else
+        default = 0
+      end
+
+      match_main = {}
+      match_sub = {}
+      accept_types.each { |main, sub, q|
+        if main == '*'
+          default = [default, q].max
+          next
+        elsif sub == '*'
+          match_main[main] = [match_main.fetch(main, 0), q].max
+        else
+          match_sub[[main, sub]] = [match_sub.fetch([main, sub], 0), q].max
+        end
+      }
+
+      accepted_list = []
+      order_maintainer = 0
+      have_types.each { |mtype|
+        main, sub = mtype.split('/', 2)
+        if match_sub.member?([main, sub])
+          q = match_sub[[main, sub]]
+        else
+          q = match_main.fetch(main, default)
+        end
+
+        if q != 0
+          accepted_list << [1 - q, order_maintainer, q, mtype]
+          order_maintainer += 1
+        end
+      }
+
+      accepted_list.sort!
+      return accepted_list.collect { |_, _, q, mtype| [mtype, q] }
+    end
+
+    def self.get_acceptable(accept_header, have_types)
+      # Parse the accept header and return a list of available types
+      # in preferred order. If a type is unacceptable, it will not be
+      # in the resulting list.
+      #
+      # This is a convenience wrapper around matchTypes and
+      # parse_accept_header
+      #
+      # (str, [str]) -> [str]
+      accepted = self.parse_accept_header(accept_header)
+      preferred = self.match_types(accepted, have_types)
+      return preferred.collect { |mtype, _| mtype }
+    end
+
+  end
+
+end

data/lib/openid/yadis/constants.rb

@@ -0,0 +1,21 @@
+
+require 'openid/yadis/accept'
+
+module OpenID
+
+  module Yadis
+
+    YADIS_HEADER_NAME = 'X-XRDS-Location'
+    YADIS_CONTENT_TYPE = 'application/xrds+xml'
+
+    # A value suitable for using as an accept header when performing
+    # YADIS discovery, unless the application has special requirements
+    YADIS_ACCEPT_HEADER = generate_accept_header(
+                                                 ['text/html', 0.3],
+                                                 ['application/xhtml+xml', 0.5],
+                                                 [YADIS_CONTENT_TYPE, 1.0]
+                                                 )
+
+  end
+
+end

data/lib/openid/yadis/discovery.rb

@@ -0,0 +1,153 @@
+
+require 'openid/util'
+require 'openid/fetchers'
+require 'openid/yadis/constants'
+require 'openid/yadis/parsehtml'
+
+module OpenID
+
+  # Raised when a error occurs in the discovery process
+  class DiscoveryFailure < OpenIDError
+    attr_accessor :identity_url, :http_response
+
+    def initialize(message, http_response)
+      super(message)
+      @identity_url = nil
+      @http_response = http_response
+    end
+  end
+
+  module Yadis
+
+    # Contains the result of performing Yadis discovery on a URI
+    class DiscoveryResult
+
+      # The result of following redirects from the request_uri
+      attr_accessor :normalize_uri
+
+      # The URI from which the response text was returned (set to
+      # nil if there was no XRDS document found)
+      attr_accessor :xrds_uri
+
+      # The content-type returned with the response_text
+      attr_accessor :content_type
+
+      # The document returned from the xrds_uri
+      attr_accessor :response_text
+
+      attr_accessor :request_uri, :normalized_uri
+
+      def initialize(request_uri)
+        # Initialize the state of the object
+        #
+        # sets all attributes to None except the request_uri
+        @request_uri = request_uri
+        @normalized_uri = nil
+        @xrds_uri = nil
+        @content_type = nil
+        @response_text = nil
+      end
+
+      # Was the Yadis protocol's indirection used?
+      def used_yadis_location?
+        return @normalized_uri != @xrds_uri
+      end
+
+      # Is the response text supposed to be an XRDS document?
+      def is_xrds
+        return (used_yadis_location?() or
+                @content_type == YADIS_CONTENT_TYPE)
+      end
+    end
+
+    # Discover services for a given URI.
+    #
+    # uri: The identity URI as a well-formed http or https URI. The
+    # well-formedness and the protocol are not checked, but the
+    # results of this function are undefined if those properties do
+    # not hold.
+    #
+    # returns a DiscoveryResult object
+    #
+    # Raises DiscoveryFailure when the HTTP response does not have
+    # a 200 code.
+    def self.discover(uri)
+      result = DiscoveryResult.new(uri)
+      begin
+        resp = OpenID.fetch(uri, nil, {'Accept' => YADIS_ACCEPT_HEADER})
+      rescue Exception
+        raise DiscoveryFailure.new("Failed to fetch identity URL #{uri} : #{$!}", $!)
+      end
+      if resp.code != "200" and resp.code != "206"
+        raise DiscoveryFailure.new(
+                "HTTP Response status from identity URL host is not \"200\"."\
+                "Got status #{resp.code.inspect} for #{resp.final_url}", resp)
+      end
+
+      # Note the URL after following redirects
+      result.normalized_uri = resp.final_url
+
+      # Attempt to find out where to go to discover the document or if
+      # we already have it
+      result.content_type = resp['content-type']
+
+      result.xrds_uri = self.where_is_yadis?(resp)
+
+      if result.xrds_uri and result.used_yadis_location?
+        begin
+          resp = OpenID.fetch(result.xrds_uri)
+        rescue
+          raise DiscoveryFailure.new("Failed to fetch Yadis URL #{result.xrds_uri} : #{$!}", $!)
+        end
+        if resp.code != "200" and resp.code != "206"
+            exc = DiscoveryFailure.new(
+                    "HTTP Response status from Yadis host is not \"200\". " +
+                                       "Got status #{resp.code.inspect} for #{resp.final_url}", resp)
+            exc.identity_url = result.normalized_uri
+            raise exc
+        end
+
+        result.content_type = resp['content-type']
+      end
+
+      result.response_text = resp.body
+      return result
+    end
+
+    # Given a HTTPResponse, return the location of the Yadis
+    # document.
+    #
+    # May be the URL just retrieved, another URL, or None, if I
+    # can't find any.
+    #
+    # [non-blocking]
+    def self.where_is_yadis?(resp)
+      # Attempt to find out where to go to discover the document or if
+      # we already have it
+      content_type = resp['content-type']
+
+      # According to the spec, the content-type header must be an
+      # exact match, or else we have to look for an indirection.
+      if (!content_type.nil? and !content_type.to_s.empty? and
+          content_type.split(';', 2)[0].downcase == YADIS_CONTENT_TYPE)
+        return resp.final_url
+      else
+        # Try the header
+        yadis_loc = resp[YADIS_HEADER_NAME.downcase]
+
+        if yadis_loc.nil?
+          # Parse as HTML if the header is missing.
+          #
+          # XXX: do we want to do something with content-type, like
+          # have a whitelist or a blacklist (for detecting that it's
+          # HTML)?
+          yadis_loc = Yadis.html_yadis_location(resp.body)
+        end
+      end
+
+      return yadis_loc
+    end
+
+  end
+
+end