ILIAS  Release_5_0_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
TrustRoot.php File Reference

Go to the source code of this file.

Data Structures

class  Auth_OpenID_TrustRoot
 A wrapper for trust-root related functions. More...

Namespaces

namespace  OpenID
 This module contains code for dealing with associations between consumers and servers.

Functions

 filter_extractReturnURL ($endpoint)
Auth_OpenID_extractReturnURL (&$endpoint_list)
 Auth_OpenID_returnToMatches ($allowed_return_to_urls, $return_to)
 Auth_OpenID_getAllowedReturnURLs ($relying_party_url, $fetcher, $discover_function=null)
 Auth_OpenID_verifyReturnTo ($realm_str, $return_to, $fetcher, $_vrfy='Auth_OpenID_getAllowedReturnURLs')

Variables

const Auth_OpenID___TLDs = '/\.(ac|ad|ae|aero|af|ag|ai|al|am|an|ao|aq|ar|arpa|as|asia' . '|at|au|aw|ax|az|ba|bb|bd|be|bf|bg|bh|bi|biz|bj|bm|bn|bo|br' . '|bs|bt|bv|bw|by|bz|ca|cat|cc|cd|cf|cg|ch|ci|ck|cl|cm|cn|co' . '|com|coop|cr|cu|cv|cx|cy|cz|de|dj|dk|dm|do|dz|ec|edu|ee|eg' . '|er|es|et|eu|fi|fj|fk|fm|fo|fr|ga|gb|gd|ge|gf|gg|gh|gi|gl' . '|gm|gn|gov|gp|gq|gr|gs|gt|gu|gw|gy|hk|hm|hn|hr|ht|hu|id|ie' . '|il|im|in|info|int|io|iq|ir|is|it|je|jm|jo|jobs|jp|ke|kg|kh' . '|ki|km|kn|kp|kr|kw|ky|kz|la|lb|lc|li|lk|lr|ls|lt|lu|lv|ly' . '|ma|mc|md|me|mg|mh|mil|mk|ml|mm|mn|mo|mobi|mp|mq|mr|ms|mt' . '|mu|museum|mv|mw|mx|my|mz|na|name|nc|ne|net|nf|ng|ni|nl|no' . '|np|nr|nu|nz|om|org|pa|pe|pf|pg|ph|pk|pl|pm|pn|pr|pro|ps|pt' . '|pw|py|qa|re|ro|rs|ru|rw|sa|sb|sc|sd|se|sg|sh|si|sj|sk|sl' . '|sm|sn|so|sr|st|su|sv|sy|sz|tc|td|tel|tf|tg|th|tj|tk|tl|tm' . '|tn|to|tp|tr|travel|tt|tv|tw|tz|ua|ug|uk|us|uy|uz|va|vc|ve' . '|vg|vi|vn|vu|wf|ws|xn--0zwm56d|xn--11b5bs3a9aj6g' . '|xn--80akhbyknj4f|xn--9t4b11yi5a|xn--deba0ad|xn--g6w251d' . '|xn--hgbk6aj7f53bba|xn--hlcj6aya9esc7a|xn--jxalpdlp' . '|xn--kgbechtv|xn--zckzah|ye|yt|yu|za|zm|zw)\.?$/'
 A regular expression that matches a domain ending in a top-level domains.
const Auth_OpenID___HostSegmentRe = "/^(?:[-a-zA-Z0-9!$&'\\(\\)\\*+,;=._~]|%[a-zA-Z0-9]{2})*$/"

Function Documentation

& Auth_OpenID_extractReturnURL ( $endpoint_list)

Definition at line 351 of file TrustRoot.php.

Referenced by Auth_OpenID_getAllowedReturnURLs().

{
$result = array();
foreach ($endpoint_list as $endpoint) {
if (filter_extractReturnURL($endpoint)) {
$result[] = $endpoint;
}
}

+ Here is the caller graph for this function:

Auth_OpenID_getAllowedReturnURLs (   $relying_party_url,
  $fetcher,
  $discover_function = null 
)

Definition at line 395 of file TrustRoot.php.

References Auth_OpenID_extractReturnURL(), and Auth_Yadis_getServiceEndpoints().

{
if ($discover_function === null) {
$discover_function = array('Auth_Yadis_Yadis', 'discover');
}
$xrds_parse_cb = array('Auth_OpenID_ServiceEndpoint', 'consumerFromXRDS');
list($rp_url_after_redirects, $endpoints) =
Auth_Yadis_getServiceEndpoints($relying_party_url, $xrds_parse_cb,
$discover_function, $fetcher);
if ($rp_url_after_redirects != $relying_party_url) {
// Verification caused a redirect
return false;
}
call_user_func_array($discover_function,
array($relying_party_url, &$fetcher));
$return_to_urls = array();
$matching_endpoints = Auth_OpenID_extractReturnURL($endpoints);
foreach ($matching_endpoints as $e) {
$return_to_urls[] = $e->server_url;
}

+ Here is the call graph for this function:

Auth_OpenID_returnToMatches (   $allowed_return_to_urls,
  $return_to 
)

Definition at line 368 of file TrustRoot.php.

References Auth_OpenID_TrustRoot\_parse(), and Auth_OpenID_TrustRoot\match().

Referenced by Auth_OpenID_verifyReturnTo().

{
foreach ($allowed_return_to_urls as $allowed_return_to) {
// A return_to pattern works the same as a realm, except that
// it's not allowed to use a wildcard. We'll model this by
// parsing it as a realm, and not trying to match it if it has
// a wildcard.
$return_realm = Auth_OpenID_TrustRoot::_parse($allowed_return_to);
if (// Parses as a trust root
($return_realm !== false) &&
// Does not have a wildcard
(!$return_realm['wildcard']) &&
// Matches the return_to that we passed in with it
(Auth_OpenID_TrustRoot::match($allowed_return_to, $return_to))) {
return true;
}
}
// No URL in the list matched

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

Auth_OpenID_verifyReturnTo (   $realm_str,
  $return_to,
  $fetcher,
  $_vrfy = 'Auth_OpenID_getAllowedReturnURLs' 
)

Definition at line 436 of file TrustRoot.php.

References Auth_OpenID_returnToMatches(), and Auth_OpenID_TrustRoot\buildDiscoveryURL().

{
$disco_url = Auth_OpenID_TrustRoot::buildDiscoveryURL($realm_str);
if ($disco_url === false) {
return false;
}
$allowable_urls = call_user_func_array($_vrfy,
array($disco_url, $fetcher));
// The realm_str could not be parsed.
if ($allowable_urls === false) {
return false;
}
if (Auth_OpenID_returnToMatches($allowable_urls, $return_to)) {
return true;
} else {
return false;

+ Here is the call graph for this function:

filter_extractReturnURL (   $endpoint)

Definition at line 342 of file TrustRoot.php.

References Auth_OpenID_RP_RETURN_TO_URL_TYPE.

{
if ($endpoint->matchTypes(array(Auth_OpenID_RP_RETURN_TO_URL_TYPE))) {
return $endpoint;
} else {
return null;

Variable Documentation

const Auth_OpenID___HostSegmentRe = "/^(?:[-a-zA-Z0-9!$&'\\(\\)\\*+,;=._~]|%[a-zA-Z0-9]{2})*$/"

Definition at line 42 of file TrustRoot.php.

const Auth_OpenID___TLDs = '/\.(ac|ad|ae|aero|af|ag|ai|al|am|an|ao|aq|ar|arpa|as|asia' . '|at|au|aw|ax|az|ba|bb|bd|be|bf|bg|bh|bi|biz|bj|bm|bn|bo|br' . '|bs|bt|bv|bw|by|bz|ca|cat|cc|cd|cf|cg|ch|ci|ck|cl|cm|cn|co' . '|com|coop|cr|cu|cv|cx|cy|cz|de|dj|dk|dm|do|dz|ec|edu|ee|eg' . '|er|es|et|eu|fi|fj|fk|fm|fo|fr|ga|gb|gd|ge|gf|gg|gh|gi|gl' . '|gm|gn|gov|gp|gq|gr|gs|gt|gu|gw|gy|hk|hm|hn|hr|ht|hu|id|ie' . '|il|im|in|info|int|io|iq|ir|is|it|je|jm|jo|jobs|jp|ke|kg|kh' . '|ki|km|kn|kp|kr|kw|ky|kz|la|lb|lc|li|lk|lr|ls|lt|lu|lv|ly' . '|ma|mc|md|me|mg|mh|mil|mk|ml|mm|mn|mo|mobi|mp|mq|mr|ms|mt' . '|mu|museum|mv|mw|mx|my|mz|na|name|nc|ne|net|nf|ng|ni|nl|no' . '|np|nr|nu|nz|om|org|pa|pe|pf|pg|ph|pk|pl|pm|pn|pr|pro|ps|pt' . '|pw|py|qa|re|ro|rs|ru|rw|sa|sb|sc|sd|se|sg|sh|si|sj|sk|sl' . '|sm|sn|so|sr|st|su|sv|sy|sz|tc|td|tel|tf|tg|th|tj|tk|tl|tm' . '|tn|to|tp|tr|travel|tt|tv|tw|tz|ua|ug|uk|us|uy|uz|va|vc|ve' . '|vg|vi|vn|vu|wf|ws|xn--0zwm56d|xn--11b5bs3a9aj6g' . '|xn--80akhbyknj4f|xn--9t4b11yi5a|xn--deba0ad|xn--g6w251d' . '|xn--hgbk6aj7f53bba|xn--hlcj6aya9esc7a|xn--jxalpdlp' . '|xn--kgbechtv|xn--zckzah|ye|yt|yu|za|zm|zw)\.?$/'

A regular expression that matches a domain ending in a top-level domains.

Used in checking trust roots for sanity.

private

Definition at line 23 of file TrustRoot.php.