00001 <?php
00002
00003
00017 define('OPENID_DH_DEFAULT_MOD', '155172898181473697471232257763715539915724801' .
00018 '966915404479707795314057629378541917580651227423698188993727816152646631' .
00019 '438561595825688188889951272158842675419950341258706556549803580104870537' .
00020 '681476726513255747040765857479291291572334510643245094715007229621094194' .
00021 '349783925984760375594985848253359305585439638443');
00022
00026 define('OPENID_DH_DEFAULT_GEN', '2');
00027
00031 define('OPENID_SHA1_BLOCKSIZE', 64);
00032
00036 define('OPENID_RAND_SOURCE', '/dev/urandom');
00037
00041 define('OPENID_NS_2_0', 'http://specs.openid.net/auth/2.0');
00042
00046 define('OPENID_NS_1_1', 'http://openid.net/signon/1.1');
00047
00051 define('OPENID_NS_1_0', 'http://openid.net/signon/1.0');
00052
00056 function openid_redirect_http($url, $message) {
00057 $query = array();
00058 foreach ($message as $key => $val) {
00059 $query[] = $key . '=' . urlencode($val);
00060 }
00061
00062 $sep = (strpos($url, '?') === FALSE) ? '?' : '&';
00063 header('Location: ' . $url . $sep . implode('&', $query), TRUE, 302);
00064 exit;
00065 }
00066
00070 function openid_redirect($url, $message) {
00071 $output = '<html><head><title>' . t('OpenID redirect') . "</title></head>\n<body>";
00072 $output .= drupal_get_form('openid_redirect_form', $url, $message);
00073 $output .= '<script type="text/javascript">document.getElementById("openid-redirect-form").submit();</script>';
00074 $output .= "</body></html>\n";
00075 print $output;
00076 exit;
00077 }
00078
00079 function openid_redirect_form(&$form_state, $url, $message) {
00080 $form = array();
00081 $form['#action'] = $url;
00082 $form['#method'] = "post";
00083 foreach ($message as $key => $value) {
00084 $form[$key] = array(
00085 '#type' => 'hidden',
00086 '#name' => $key,
00087 '#value' => $value,
00088 );
00089 }
00090 $form['submit'] = array(
00091 '#type' => 'submit',
00092 '#prefix' => '<noscript>',
00093 '#suffix' => '</noscript>',
00094 '#value' => t('Send'),
00095 );
00096
00097 return $form;
00098 }
00099
00103 function _openid_is_xri($identifier) {
00104 $firstchar = substr($identifier, 0, 1);
00105 if ($firstchar == "@" || $firstchar == "=")
00106 return TRUE;
00107
00108 if (stristr($identifier, 'xri://') !== FALSE) {
00109 return TRUE;
00110 }
00111
00112 return FALSE;
00113 }
00114
00118 function _openid_normalize($identifier) {
00119 if (_openid_is_xri($identifier)) {
00120 return _openid_normalize_xri($identifier);
00121 }
00122 else {
00123 return _openid_normalize_url($identifier);
00124 }
00125 }
00126
00127 function _openid_normalize_xri($xri) {
00128 $normalized_xri = $xri;
00129 if (stristr($xri, 'xri://') !== FALSE) {
00130 $normalized_xri = substr($xri, 6);
00131 }
00132 return $normalized_xri;
00133 }
00134
00135 function _openid_normalize_url($url) {
00136 $normalized_url = $url;
00137
00138 if (stristr($url, '://') === FALSE) {
00139 $normalized_url = 'http://' . $url;
00140 }
00141
00142 if (substr_count($normalized_url, '/') < 3) {
00143 $normalized_url .= '/';
00144 }
00145
00146 return $normalized_url;
00147 }
00148
00152 function _openid_create_message($data) {
00153 $serialized = '';
00154
00155 foreach ($data as $key => $value) {
00156 if ((strpos($key, ':') !== FALSE) || (strpos($key, "\n") !== FALSE) || (strpos($value, "\n") !== FALSE)) {
00157 return null;
00158 }
00159 $serialized .= "$key:$value\n";
00160 }
00161 return $serialized;
00162 }
00163
00167 function _openid_encode_message($message) {
00168 $encoded_message = '';
00169
00170 $items = explode("\n", $message);
00171 foreach ($items as $item) {
00172 $parts = explode(':', $item, 2);
00173
00174 if (count($parts) == 2) {
00175 if ($encoded_message != '') {
00176 $encoded_message .= '&';
00177 }
00178 $encoded_message .= rawurlencode(trim($parts[0])) . '=' . rawurlencode(trim($parts[1]));
00179 }
00180 }
00181
00182 return $encoded_message;
00183 }
00184
00189 function _openid_parse_message($message) {
00190 $parsed_message = array();
00191
00192 $items = explode("\n", $message);
00193 foreach ($items as $item) {
00194 $parts = explode(':', $item, 2);
00195
00196 if (count($parts) == 2) {
00197 $parsed_message[$parts[0]] = $parts[1];
00198 }
00199 }
00200
00201 return $parsed_message;
00202 }
00203
00207 function _openid_nonce() {
00208
00209 return gmstrftime('%Y-%m-%dT%H:%M:%S%Z') .
00210 chr(mt_rand(0, 25) + 65) .
00211 chr(mt_rand(0, 25) + 65) .
00212 chr(mt_rand(0, 25) + 65) .
00213 chr(mt_rand(0, 25) + 65);
00214 }
00215
00219 function _openid_link_href($rel, $html) {
00220 $rel = preg_quote($rel);
00221 preg_match('|<link\s+rel=["\'](.*)' . $rel . '(.*)["\'](.*)/?>|iUs', $html, $matches);
00222 if (isset($matches[3])) {
00223 preg_match('|href=["\']([^"]+)["\']|iU', $matches[3], $href);
00224 return trim($href[1]);
00225 }
00226 return FALSE;
00227 }
00228
00232 function _openid_meta_httpequiv($equiv, $html) {
00233 preg_match('|<meta\s+http-equiv=["\']' . $equiv . '["\'](.*)/?>|iUs', $html, $matches);
00234 if (isset($matches[1])) {
00235 preg_match('|content=["\']([^"]+)["\']|iUs', $matches[1], $content);
00236 if (isset($content[1])) {
00237 return $content[1];
00238 }
00239 }
00240 return FALSE;
00241 }
00242
00251 function _openid_signature($association, $message_array, $keys_to_sign) {
00252 $signature = '';
00253 $sign_data = array();
00254
00255 foreach ($keys_to_sign as $key) {
00256 if (isset($message_array['openid.' . $key])) {
00257 $sign_data[$key] = $message_array['openid.' . $key];
00258 }
00259 }
00260
00261 $message = _openid_create_message($sign_data);
00262 $secret = base64_decode($association->mac_key);
00263 $signature = _openid_hmac($secret, $message);
00264
00265 return base64_encode($signature);
00266 }
00267
00268 function _openid_hmac($key, $text) {
00269 if (strlen($key) > OPENID_SHA1_BLOCKSIZE) {
00270 $key = _openid_sha1($key, true);
00271 }
00272
00273 $key = str_pad($key, OPENID_SHA1_BLOCKSIZE, chr(0x00));
00274 $ipad = str_repeat(chr(0x36), OPENID_SHA1_BLOCKSIZE);
00275 $opad = str_repeat(chr(0x5c), OPENID_SHA1_BLOCKSIZE);
00276 $hash1 = _openid_sha1(($key ^ $ipad) . $text, true);
00277 $hmac = _openid_sha1(($key ^ $opad) . $hash1, true);
00278
00279 return $hmac;
00280 }
00281
00282 function _openid_sha1($text) {
00283 $hex = sha1($text);
00284 $raw = '';
00285 for ($i = 0; $i < 40; $i += 2) {
00286 $hexcode = substr($hex, $i, 2);
00287 $charcode = (int)base_convert($hexcode, 16, 10);
00288 $raw .= chr($charcode);
00289 }
00290 return $raw;
00291 }
00292
00293 function _openid_dh_base64_to_long($str) {
00294 $b64 = base64_decode($str);
00295
00296 return _openid_dh_binary_to_long($b64);
00297 }
00298
00299 function _openid_dh_long_to_base64($str) {
00300 return base64_encode(_openid_dh_long_to_binary($str));
00301 }
00302
00303 function _openid_dh_binary_to_long($str) {
00304 $bytes = array_merge(unpack('C*', $str));
00305
00306 $n = 0;
00307 foreach ($bytes as $byte) {
00308 $n = bcmul($n, pow(2, 8));
00309 $n = bcadd($n, $byte);
00310 }
00311
00312 return $n;
00313 }
00314
00315 function _openid_dh_long_to_binary($long) {
00316 $cmp = bccomp($long, 0);
00317 if ($cmp < 0) {
00318 return FALSE;
00319 }
00320
00321 if ($cmp == 0) {
00322 return "\x00";
00323 }
00324
00325 $bytes = array();
00326
00327 while (bccomp($long, 0) > 0) {
00328 array_unshift($bytes, bcmod($long, 256));
00329 $long = bcdiv($long, pow(2, 8));
00330 }
00331
00332 if ($bytes && ($bytes[0] > 127)) {
00333 array_unshift($bytes, 0);
00334 }
00335
00336 $string = '';
00337 foreach ($bytes as $byte) {
00338 $string .= pack('C', $byte);
00339 }
00340
00341 return $string;
00342 }
00343
00344 function _openid_dh_xorsecret($shared, $secret) {
00345 $dh_shared_str = _openid_dh_long_to_binary($shared);
00346 $sha1_dh_shared = _openid_sha1($dh_shared_str);
00347 $xsecret = "";
00348 for ($i = 0; $i < strlen($secret); $i++) {
00349 $xsecret .= chr(ord($secret[$i]) ^ ord($sha1_dh_shared[$i]));
00350 }
00351
00352 return $xsecret;
00353 }
00354
00355 function _openid_dh_rand($stop) {
00356 static $duplicate_cache = array();
00357
00358
00359 $rbytes = _openid_dh_long_to_binary($stop);
00360
00361 if (array_key_exists($rbytes, $duplicate_cache)) {
00362 list($duplicate, $nbytes) = $duplicate_cache[$rbytes];
00363 }
00364 else {
00365 if ($rbytes[0] == "\x00") {
00366 $nbytes = strlen($rbytes) - 1;
00367 }
00368 else {
00369 $nbytes = strlen($rbytes);
00370 }
00371
00372 $mxrand = bcpow(256, $nbytes);
00373
00374
00375
00376 $duplicate = bcmod($mxrand, $stop);
00377
00378 if (count($duplicate_cache) > 10) {
00379 $duplicate_cache = array();
00380 }
00381
00382 $duplicate_cache[$rbytes] = array($duplicate, $nbytes);
00383 }
00384
00385 do {
00386 $bytes = "\x00" . _openid_get_bytes($nbytes);
00387 $n = _openid_dh_binary_to_long($bytes);
00388
00389 } while (bccomp($n, $duplicate) < 0);
00390
00391 return bcmod($n, $stop);
00392 }
00393
00394 function _openid_get_bytes($num_bytes) {
00395 static $f = null;
00396 $bytes = '';
00397 if (!isset($f)) {
00398 $f = @fopen(OPENID_RAND_SOURCE, "r");
00399 }
00400 if (!$f) {
00401
00402 $bytes = '';
00403 for ($i = 0; $i < $num_bytes; $i += 4) {
00404 $bytes .= pack('L', mt_rand());
00405 }
00406 $bytes = substr($bytes, 0, $num_bytes);
00407 }
00408 else {
00409 $bytes = fread($f, $num_bytes);
00410 }
00411 return $bytes;
00412 }
00413
00414 function _openid_response($str = NULL) {
00415 $data = array();
00416
00417 if (isset($_SERVER['REQUEST_METHOD'])) {
00418 $data = _openid_get_params($_SERVER['QUERY_STRING']);
00419
00420 if ($_SERVER['REQUEST_METHOD'] == 'POST') {
00421 $str = file_get_contents('php://input');
00422
00423 $post = array();
00424 if ($str !== false) {
00425 $post = _openid_get_params($str);
00426 }
00427
00428 $data = array_merge($data, $post);
00429 }
00430 }
00431
00432 return $data;
00433 }
00434
00435 function _openid_get_params($str) {
00436 $chunks = explode("&", $str);
00437
00438 $data = array();
00439 foreach ($chunks as $chunk) {
00440 $parts = explode("=", $chunk, 2);
00441
00442 if (count($parts) == 2) {
00443 list($k, $v) = $parts;
00444 $data[$k] = urldecode($v);
00445 }
00446 }
00447 return $data;
00448 }
00449
00453 if (!function_exists('bcpowmod')) {
00454 function bcpowmod($base, $exp, $mod) {
00455 $square = bcmod($base, $mod);
00456 $result = 1;
00457 while (bccomp($exp, 0) > 0) {
00458 if (bcmod($exp, 2)) {
00459 $result = bcmod(bcmul($result, $square), $mod);
00460 }
00461 $square = bcmod(bcmul($square, $square), $mod);
00462 $exp = bcdiv($exp, 2);
00463 }
00464 return $result;
00465 }
00466 }