uth_OpenID_TrustRoot::_parse($values['return_to'])) { return new Auth_OpenID_MalformedReturnURL($query, $values['return_to']); } $obj = Auth_OpenID_CheckIDRequest::make($query, $values['identity'], $values['return_to'], Auth_OpenID::arrayGet($values, 'trust_root', null), $immediate); if (is_a($obj, 'Auth_OpenID_ServerError')) { return $obj; } if (Auth_OpenID::arrayGet($values, 'assoc_handle')) { $obj->assoc_handle = $values['assoc_handle']; } return $obj; } function trustRootValid() { if (!$this->trust_root) { return true; } $tr = Auth_OpenID_TrustRoot::_parse($this->trust_root); if ($tr === false) { return new Auth_OpenID_MalformedTrustRoot(null, $this->trust_root); } return Auth_OpenID_TrustRoot::match($this->trust_root, $this->return_to); } function answer($allow, $server_url = null) { if ($allow || $this->immediate) { $mode = 'id_res'; } else { $mode = 'cancel'; } $response = new Auth_OpenID_CheckIDResponse($this, $mode); if ($allow) { $response->fields['identity'] = $this->identity; $response->fields['return_to'] = $this->return_to; if (!$this->trustRootValid()) { return new Auth_OpenID_UntrustedReturnURL($this->return_to, $this->trust_root); } } else { $response->signed = array(); if ($this->immediate) { if (!$server_url) { return new Auth_OpenID_ServerError(null, 'setup_url is required for $allow=false \ in immediate mode.'); } $setup_request =& new Auth_OpenID_CheckIDRequest( $this->identity, $this->return_to, $this->trust_root, false, $this->assoc_handle); $setup_url = $setup_request->encodeToURL($server_url); $response->fields['user_setup_url'] = $setup_url; } } return $response; } function encodeToURL($server_url) { global $_Auth_OpenID_OpenID_Prefix; // Imported from the alternate reality where these classes are // used in both the client and server code, so Requests are // Encodable too. That's right, code imported from alternate // realities all for the love of you, id_res/user_setup_url. $q = array('mode' => $this->mode, 'identity' => $this->identity, 'return_to' => $this->return_to); if ($this->trust_root) { $q['trust_root'] = $this->trust_root; } if ($this->assoc_handle) { $q['assoc_handle'] = $this->assoc_handle; } $_q = array(); foreach ($q as $k => $v) { $_q[$_Auth_OpenID_OpenID_Prefix . $k] = $v; } return Auth_OpenID::appendArgs($server_url, $_q); } function getCancelURL() { global $_Auth_OpenID_OpenID_Prefix; if ($this->immediate) { return new Auth_OpenID_ServerError(null, "Cancel is not an appropriate \ response to immediate mode \ requests."); } return Auth_OpenID::appendArgs($this->return_to, array($_Auth_OpenID_OpenID_Prefix . 'mode' => 'cancel')); } } /** * This class encapsulates the response to an OpenID server request. * * @access private * @package OpenID */ class Auth_OpenID_ServerResponse { function Auth_OpenID_ServerResponse($request) { $this->request = $request; $this->fields = array(); } function whichEncoding() { global $_Auth_OpenID_Encode_Kvform, $_Auth_OpenID_Request_Modes, $_Auth_OpenID_Encode_Url; if (in_array($this->request->mode, $_Auth_OpenID_Request_Modes)) { return $_Auth_OpenID_Encode_Url; } else { return $_Auth_OpenID_Encode_Kvform; } } function encodeToURL() { global $_Auth_OpenID_OpenID_Prefix; $fields = array(); foreach ($this->fields as $k => $v) { $fields[$_Auth_OpenID_OpenID_Prefix . $k] = $v; } return Auth_OpenID::appendArgs($this->request->return_to, $fields); } function encodeToKVForm() { return Auth_OpenID_KVForm::fromArray($this->fields); } } /** * A response to a checkid request. * * @access private * @package OpenID */ class Auth_OpenID_CheckIDResponse extends Auth_OpenID_ServerResponse { function Auth_OpenID_CheckIDResponse(&$request, $mode = 'id_res') { parent::Auth_OpenID_ServerResponse($request); $this->fields['mode'] = $mode; $this->signed = array(); if ($mode == 'id_res') { array_push($this->signed, 'mode', 'identity', 'return_to'); } } function addField($namespace, $key, $value, $signed = true) { if ($namespace) { $key = sprintf('%s.%s', $namespace, $key); } $this->fields[$key] = $value; if ($signed && !in_array($key, $this->signed)) { $this->signed[] = $key; } } function addFields($namespace, $fields, $signed = true) { foreach ($fields as $k => $v) { $this->addField($namespace, $k, $v, $signed); } } function update($namespace, $other) { $namespaced_fields = array(); foreach ($other->fields as $k => $v) { $name = sprintf('%s.%s', $namespace, $k); $namespaced_fields[$name] = $v; } $this->fields = array_merge($this->fields, $namespaced_fields); $this->signed = array_merge($this->signed, $other->signed); } } /** * A web-capable response object which you can use to generate a * user-agent response. * * @package OpenID */ class Auth_OpenID_WebResponse { var $code = AUTH_OPENID_HTTP_OK; var $body = ""; function Auth_OpenID_WebResponse($code = null, $headers = null,