ruby-openid 2.1.7 → 2.1.8

data/lib/openid/extensions/ax.rb

@@ -110,10 +110,12 @@ module OpenID
     class FetchRequest < AXMessage
       attr_reader :requested_attributes
       attr_accessor :update_url
+      
+      MODE = 'fetch_request'
 
       def initialize(update_url = nil)
         super()
-        @mode = 'fetch_request'
+        @mode = MODE
         @requested_attributes = {}
         @update_url = update_url
       end
@@ -180,7 +182,7 @@ module OpenID
       def self.from_openid_request(oidreq)
         message = oidreq.message
         ax_args = message.get_args(NS_URI)
-        return nil if ax_args == {}
+        return nil if ax_args == {} or ax_args['mode'] != MODE
         req = new
         req.parse_extension_args(ax_args)
 
@@ -467,11 +469,26 @@ module OpenID
 
     # A store request attribute exchange message representation
     class StoreRequest < KeyValueMessage
+      
+      MODE = 'store_request'
+      
       def initialize
         super
-        @mode = 'store_request'
+        @mode = MODE
       end
-
+      
+      # Extract a StoreRequest from an OpenID message
+      # message: OpenID::Message
+      # return a StoreRequest or nil if AX arguments are not present
+      def self.from_openid_request(oidreq)
+        message = oidreq.message 
+        ax_args = message.get_args(NS_URI)
+        return nil if ax_args.empty? or ax_args['mode'] != MODE
+        req = new
+        req.parse_extension_args(ax_args)
+        req
+      end
+      
       def get_extension_args(aliases=nil)
         ax_args = new_args
         kv_args = _get_extension_kv_args(aliases)
@@ -499,7 +516,13 @@ module OpenID
         end
         @error_message = error_message
       end
-
+      
+      def self.from_success_response(success_response)
+        resp = nil
+        ax_args = success_response.message.get_args(NS_URI)
+        resp = ax_args.key?('error') ? new(false, ax_args['error']) : new
+      end
+      
       def succeeded?
         @mode == SUCCESS_MODE
       end

data/lib/openid/extensions/oauth.rb

@@ -0,0 +1,91 @@
+# An implementation of the OpenID OAuth Extension
+# Extension 1.0
+# see: http://openid.net/specs/
+
+require 'openid/extension'
+
+module OpenID
+
+  module OAuth
+    NS_URI = "http://specs.openid.net/extensions/oauth/1.0"
+    # An OAuth token request, sent from a relying
+    # party to a provider
+    class Request < Extension
+      attr_accessor :consumer, :scope, :ns_alias, :ns_uri
+      def initialize(consumer=nil, scope=nil)
+        @ns_alias = 'oauth'
+        @ns_uri = NS_URI
+        @consumer = consumer
+        @scope = scope
+      end
+
+
+      def get_extension_args
+        ns_args = {}
+        ns_args['consumer'] = @consumer if @consumer        
+        ns_args['scope'] = @scope if @scope
+        return ns_args
+      end
+
+      # Instantiate a Request object from the arguments in a
+      # checkid_* OpenID message
+      # return nil if the extension was not requested.
+      def self.from_openid_request(oid_req)
+        oauth_req = new
+        args = oid_req.message.get_args(NS_URI)
+        if args == {}
+          return nil
+        end
+        oauth_req.parse_extension_args(args)
+        return oauth_req
+      end
+
+      # Set the state of this request to be that expressed in these
+      # OAuth arguments
+      def parse_extension_args(args)
+        @consumer = args["consumer"]
+        @scope = args["scope"]
+      end
+
+    end
+
+    # A OAuth request token response, sent from a provider
+    # to a relying party
+    class Response < Extension
+      attr_accessor :request_token, :scope
+      def initialize(request_token=nil, scope=nil)
+        @ns_alias = 'oauth'
+        @ns_uri = NS_URI
+        @request_token = request_token
+        @scope = scope
+      end
+
+      # Create a Response object from an OpenID::Consumer::SuccessResponse
+      def self.from_success_response(success_response)
+        args = success_response.get_signed_ns(NS_URI)
+        return nil if args.nil?
+        oauth_resp = new
+        oauth_resp.parse_extension_args(args)
+        return oauth_resp
+      end
+
+      # parse the oauth request arguments into the
+      # internal state of this object
+      # if strict is specified, raise an exception when bad data is
+      # encountered
+      def parse_extension_args(args, strict=false)
+        @request_token = args["request_token"]
+        @scope = args["scope"]
+      end
+
+      def get_extension_args
+        ns_args = {}
+        ns_args['request_token'] = @request_token if @request_token
+        ns_args['scope'] = @scope if @scope
+        return ns_args
+      end
+
+    end
+  end
+
+end

data/lib/openid/fetchers.rb

@@ -205,6 +205,9 @@ module OpenID
             conn.request_post(url.request_uri, body, headers)
           end
         }
+        setup_encoding(response)
+      rescue Timeout::Error => why
+        raise FetchingError, "Error fetching #{url}: #{why}"
       rescue RuntimeError => why
         raise why
       rescue OpenSSL::SSL::SSLError => why
@@ -212,8 +215,6 @@ module OpenID
       rescue FetchingError => why
         raise why
       rescue Exception => why
-        # Things we've caught here include a Timeout::Error, which descends
-        # from SignalException.
         raise FetchingError, "Error fetching #{url}: #{why}"
       end
 
@@ -234,5 +235,24 @@ module OpenID
         return HTTPResponse._from_net_response(response, unparsed_url)
       end
     end
+
+    private
+    def setup_encoding(response)
+      return unless defined?(::Encoding::ASCII_8BIT)
+      charset = response.type_params["charset"]
+      return if charset.nil?
+      encoding = nil
+      begin
+        encoding = Encoding.find(charset)
+      rescue ArgumentError
+      end
+      encoding ||= Encoding::ASCII_8BIT
+      body = response.body
+      if body.respond_to?(:force_encoding)
+        body.force_encoding(encoding)
+      else
+        body.set_encoding(encoding)
+      end
+    end
   end
 end

data/lib/openid/yadis/xrires.rb

@@ -42,34 +42,27 @@ module OpenID
           return XRI.append_args(hxri, args)
         end
 
-        def query(xri, service_types)
+        def query(xri)
           # these can be query args or http headers, needn't be both.
           # headers = {'Accept' => 'application/xrds+xml;sep=true'}
           canonicalID = nil
 
-          services = service_types.collect { |service_type|
-            url = self.query_url(xri, service_type)
+          url = self.query_url(xri)
             begin
               response = OpenID.fetch(url)
             rescue
-              raise XRIHTTPError, ["Could not fetch #{xri}", $!]
+              raise XRIHTTPError, "Could not fetch #{xri}, #{$!}"
             end
             raise XRIHTTPError, "Could not fetch #{xri}" if response.nil?
 
             xrds = Yadis::parseXRDS(response.body)
             canonicalID = Yadis::get_canonical_id(xri, xrds)
 
-            Yadis::services(xrds) unless xrds.nil?
-          }
+          return canonicalID, Yadis::services(xrds)
           # TODO:
           #  * If we do get hits for multiple service_types, we're almost
           #    certainly going to have duplicated service entries and
           #    broken priority ordering.
-          services = services.inject([]) { |flatter, some_services|
-            flatter += some_services unless some_services.nil?
-          }
-
-          return canonicalID, services
         end
       end
 

data/test/data/test_discover/openid_utf8.html

@@ -0,0 +1,11 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html>
+  <head>
+    <title>Identity Page for Smoker</title>
+    <link rel="openid.server" href="http://www.myopenid.com/server" />
+    <link rel="openid.delegate" href="http://smoker.myopenid.com/" />
+  </head>
+  <body>
+    <p>こんにちは</p>
+  </body>
+</html>

data/test/test_ax.rb

@@ -371,7 +371,28 @@ module OpenID
         ax_req = FetchRequest.from_openid_request(openid_req)
         assert(ax_req.nil?)
       end
-
+      
+      def test_from_openid_request_wrong_ax_mode
+        uri = 'http://under.the.sea/'
+        name = 'ext0'
+        value = 'snarfblat'
+        
+        message = OpenID::Message.from_openid_args({
+                                               'mode' => 'id_res',
+                                               'ns' => OPENID2_NS,
+                                               'ns.ax' => AXMessage::NS_URI,
+                                               'ax.update_url' => 'http://example.com/realm/update_path',
+                                               'ax.mode' => 'store_request',
+                                               'ax.type.' + name => uri,
+                                               'ax.count.' + name => '1',
+                                               'ax.value.' + name + '.1' => value
+                                             })
+        openid_req = Server::OpenIDRequest.new
+        openid_req.message = message
+        ax_req = FetchRequest.from_openid_request(openid_req)
+        assert(ax_req.nil?)
+      end
+      
       def test_openid_update_url_verification_error
         openid_req_msg = Message.from_openid_args({
                                                     'mode' => 'checkid_setup',
@@ -602,7 +623,28 @@ module OpenID
         }
         assert_equal(eargs, @msg.get_extension_args)
       end
-
+      
+      def test_from_openid_request_wrong_ax_mode
+        uri = 'http://under.the.sea/'
+        name = 'ext0'
+        value = 'snarfblat'
+        
+        message = OpenID::Message.from_openid_args({
+                                               'mode' => 'id_res',
+                                               'ns' => OPENID2_NS,
+                                               'ns.ax' => AXMessage::NS_URI,
+                                               'ax.update_url' => 'http://example.com/realm/update_path',
+                                               'ax.mode' => 'fetch_request',
+                                               'ax.type.' + name => uri,
+                                               'ax.count.' + name => '1',
+                                               'ax.value.' + name + '.1' => value
+                                             })
+        openid_req = Server::OpenIDRequest.new
+        openid_req.message = message
+        ax_req = StoreRequest.from_openid_request(openid_req)
+        assert(ax_req.nil?)
+      end
+      
       def test_get_extension_args_nonempty
         @msg.set_values(@type_a, ['foo','bar'])
         aliases = NamespaceMap.new

data/test/test_discover.rb

@@ -369,6 +369,20 @@ module OpenID
       }
     end
 
+    def test_html_utf8
+      utf8_html = read_data_file('test_discover/openid_utf8.html', false)
+      utf8_html.force_encoding("UTF-8") if utf8_html.respond_to?(:force_encoding)
+      services = _discover('text/html', utf8_html, 1)
+
+      _checkService(services[0],
+                    "http://www.myopenid.com/server",
+                    @id_url,
+                    'http://smoker.myopenid.com/',
+                    nil,
+                    ['1.1'],
+                    false)
+    end
+
     def test_yadisEmpty
       services = _discover('application/xrds+xml',
                            read_data_file('test_discover/yadis_0entries.xml', false),

data/test/test_fetchers.rb

@@ -1,3 +1,5 @@
+# -*- coding: utf-8 -*-
+
 require 'test/unit'
 require 'net/http'
 require 'webrick'
@@ -112,7 +114,22 @@ class FetcherTestCase < Test::Unit::TestCase
       assert_block("Fetched too many times.") { @_redirect_counter < 10 }
     }
   end
-  
+
+  UTF8_PAGE_CONTENT = <<-EOHTML
+<html>
+  <head><title>UTF-8</title></head>
+  <body>こんにちは</body>
+</html>
+EOHTML
+  def _utf8_page
+    lambda { |req, resp|
+      resp['Content-Type'] = "text/html; charset=utf-8"
+      body = UTF8_PAGE_CONTENT.dup
+      body.force_encoding("ASCII-8BIT") if body.respond_to?(:force_encoding)
+      resp.body = body
+    }
+  end
+
   def setup
     @fetcher = OpenID::StandardFetcher.new
     @logfile = StringIO.new
@@ -138,6 +155,7 @@ class FetcherTestCase < Test::Unit::TestCase
       }
       @server.mount_proc('/post', _require_post)
       @server.mount_proc('/redirect_loop', _redirect_loop)
+      @server.mount_proc('/utf8_page', _utf8_page)
       @server.start
     }
     @uri = _uri_build
@@ -211,6 +229,15 @@ class FetcherTestCase < Test::Unit::TestCase
     }
   end
 
+  def test_utf8_page
+    uri = _uri_build('/utf8_page')
+    response = @fetcher.fetch(uri)
+    assert_equal(UTF8_PAGE_CONTENT, response.body)
+    if response.body.respond_to?(:encoding)
+      assert_equal(Encoding::UTF_8, response.body.encoding)
+    end
+  end
+
   def test_cases
     for path, expected_code, expected_url in @@cases
       uri = _uri_build(path)

data/test/test_idres.rb

@@ -61,6 +61,7 @@ module OpenID
         # test all missing fields for OpenID 1 and 2
         1.times do
           [["openid1", OPENID1_NS, OPENID1_FIELDS],
+           ["openid1", OPENID11_NS, OPENID1_FIELDS],
            ["openid2", OPENID2_NS, OPENID2_FIELDS],
           ].each do |ver, ns, all_fields|
             all_fields.each do |field|
@@ -81,6 +82,7 @@ module OpenID
         # Test all missing signed for OpenID 1 and 2
         1.times do
           [["openid1", OPENID1_NS, OPENID1_FIELDS, OPENID1_SIGNED],
+           ["openid1", OPENID11_NS, OPENID1_FIELDS, OPENID1_SIGNED],
            ["openid2", OPENID2_NS, OPENID2_FIELDS, OPENID2_SIGNED],
           ].each do |ver, ns, all_fields, signed_fields|
             signed_fields.each do |signed_field|
@@ -144,6 +146,14 @@ module OpenID
             idres.send(:check_for_fields)
           }
         end
+
+        def test_success_openid1_1
+          msg = mkMsg(OPENID11_NS, OPENID1_FIELDS, OPENID1_SIGNED)
+          idres = IdResHandler.new(msg, nil)
+          assert_nothing_raised {
+            idres.send(:check_for_fields)
+          }
+        end
       end
 
       class ReturnToArgsTest < Test::Unit::TestCase
@@ -499,13 +509,23 @@ module OpenID
         end
 
         def test_openid1_success
-          assert_nothing_raised {
-            call_check_nonce({'rp_nonce' => @nonce}, true)
-          }
+          [{},
+           {'openid.ns' => OPENID1_NS},
+           {'openid.ns' => OPENID11_NS}
+          ].each do |args|
+            assert_nothing_raised {
+              call_check_nonce({'rp_nonce' => @nonce}.merge(args), true)
+            }
+          end
         end
 
         def test_openid1_missing
-          assert_protocol_error('Nonce missing') { call_check_nonce({}) }
+          [{},
+           {'openid.ns' => OPENID1_NS},
+           {'openid.ns' => OPENID11_NS}
+          ].each do |args|
+            assert_protocol_error('Nonce missing') { call_check_nonce(args) }
+          end
         end
 
         def test_openid2_ignore_rp_nonce
@@ -523,9 +543,14 @@ module OpenID
         end
 
         def test_openid1_ignore_response_nonce
-          assert_protocol_error('Nonce missing') {
-            call_check_nonce({'openid.response_nonce' => @nonce})
-          }
+          [{},
+           {'openid.ns' => OPENID1_NS},
+           {'openid.ns' => OPENID11_NS}
+          ].each do |args|
+            assert_protocol_error('Nonce missing') {
+              call_check_nonce({'openid.response_nonce' => @nonce}.merge(args))
+            }
+          end
         end
 
         def test_no_store
@@ -587,37 +612,38 @@ module OpenID
         end
 
         def test_openid1_fallback_1_0
-          claimed_id = 'http://claimed.id/'
-          @endpoint = nil
-          resp_mesg = Message.from_openid_args({
-            'ns' => OPENID1_NS,
-            'identity' => claimed_id,
-            })
+          [OPENID1_NS, OPENID11_NS].each do |openid1_ns|
+            claimed_id = 'http://claimed.id/'
+            @endpoint = nil
+            resp_mesg = Message.from_openid_args({
+              'ns' => openid1_ns,
+              'identity' => claimed_id,
+              })
 
-          # Pass the OpenID 1 claimed_id this way since we're passing
-          # None for the endpoint.
-          resp_mesg.set_arg(BARE_NS, 'openid1_claimed_id', claimed_id)
-
-          # We expect the OpenID 1 discovery verification to try
-          # matching the discovered endpoint against the 1.1 type and
-          # fall back to 1.0.
-          expected_endpoint = OpenIDServiceEndpoint.new
-          expected_endpoint.type_uris = [OPENID_1_0_TYPE]
-          expected_endpoint.local_id = nil
-          expected_endpoint.claimed_id = claimed_id
-  
-          hacked_discover = Proc.new {
-            |_claimed_id| ['unused', [expected_endpoint]]
-          }
-          idres = IdResHandler.new(resp_mesg, nil, nil, @endpoint)
-          assert_log_matches('Performing discovery') {
-            OpenID.with_method_overridden(:discover, hacked_discover) {
-              idres.send(:verify_discovery_results)
-            }
-          }
-          actual_endpoint = idres.instance_variable_get(:@endpoint)
-          assert_equal(actual_endpoint, expected_endpoint)
+            # Pass the OpenID 1 claimed_id this way since we're
+            # passing None for the endpoint.
+            resp_mesg.set_arg(BARE_NS, 'openid1_claimed_id', claimed_id)
+
+            # We expect the OpenID 1 discovery verification to try
+            # matching the discovered endpoint against the 1.1 type
+            # and fall back to 1.0.
+            expected_endpoint = OpenIDServiceEndpoint.new
+            expected_endpoint.type_uris = [OPENID_1_0_TYPE]
+            expected_endpoint.local_id = nil
+            expected_endpoint.claimed_id = claimed_id
 
+            hacked_discover = Proc.new {
+              |_claimed_id| ['unused', [expected_endpoint]]
+            }
+            idres = IdResHandler.new(resp_mesg, nil, nil, @endpoint)
+            assert_log_matches('Performing discovery') {
+              OpenID.with_method_overridden(:discover, hacked_discover) {
+                idres.send(:verify_discovery_results)
+              }
+            }
+            actual_endpoint = idres.instance_variable_get(:@endpoint)
+            assert_equal(actual_endpoint, expected_endpoint)
+          end
         end
 
         def test_openid2_no_op_endpoint
@@ -710,6 +736,21 @@ module OpenID
           assert(e.to_s =~ /different subjects/)
         end
 
+        def test_openid1_1_verify_discovery_single_no_server_url
+          idres = IdResHandler.new(nil, nil)
+          @endpoint.local_id = 'my identity'
+          @endpoint.claimed_id = 'http://i-am-sam/'
+          @endpoint.server_url = 'Phone Home'
+          @endpoint.type_uris = [OPENID_1_1_TYPE]
+
+          to_match = @endpoint.dup
+          to_match.claimed_id = 'http://i-am-sam/'
+          to_match.type_uris = [OPENID_1_1_TYPE]
+          to_match.server_url = nil
+
+          idres.send(:verify_discovery_single, @endpoint, to_match)
+        end
+
         def test_openid2_use_pre_discovered
           @endpoint.local_id = 'my identity'
           @endpoint.claimed_id = 'http://i-am-sam/'