Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

=?utf-8?q?gofix=20os.ErrorString

=20rearrange=20verify.go=20to=20expose=20new=20VerifyValues=20which=20takes=20parsed=20http.Values.=20Verify(string)=20uses=20http.Values=20and=20calls=20this=20now.
=20Write=20regex=20parser=20for=20finding=20YADIS=20in=20HTML.=20HTML=20is=20not=20XML,=20and=20the=20XML=20parser=20can=20fail=20needlessly.=20HTML=20shouldn't=20be=20parsed=20by=20regex=20either,=20but=20a=20regex=20is=20just=20enough=20to=20get=20the=20right=20<meta=20=E2=80=A6>=20tag.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
  • Loading branch information...
commit 5da5c9aff326958ae153503666f68b2667f7f8df 1 parent dad73b4
@brianolson authored
Showing with 72 additions and 26 deletions.
  1. +3 −3 authrequest.go
  2. +38 −21 verify.go
  3. +31 −2 yadis.go
View
6 authrequest.go
@@ -25,7 +25,7 @@ func GetRedirectURL(Identifier string, realm string, returnto string) (string, o
// If the identifier is an XRI, [XRI_Resolution_2.0] will yield an XRDS document that contains the necessary information. It should also be noted that Relying Parties can take advantage of XRI Proxy Resolvers, such as the one provided by XDI.org at http://www.xri.net. This will remove the need for the RPs to perform XRI Resolution locally.
if IdType == IdentifierXRI {
// Not implemented yet
- return "", os.ErrorString("XRI identifier not implemented yed")
+ return "", os.NewError("XRI identifier not implemented yed")
}
// If it is a URL, the Yadis protocol [Yadis] SHALL be first attempted. If it succeeds, the result is again an XRDS document.
@@ -36,12 +36,12 @@ func GetRedirectURL(Identifier string, realm string, returnto string) (string, o
return "", err
}
if reader == nil {
- return "", os.ErrorString("Yadis returned an empty Reader for the ID: " + Id)
+ return "", os.NewError("Yadis returned an empty Reader for the ID: " + Id)
}
var endpoint, claimedid = ParseXRDS(reader)
if len(endpoint) == 0 {
- return "", os.ErrorString("Unable to parse the XRDS document")
+ return "", os.NewError("Unable to parse the XRDS document")
}
// At this point we have the endpoint and eventually a claimed id
View
59 verify.go
@@ -5,6 +5,7 @@
package openid
import (
+ "log"
"os"
"http"
"regexp"
@@ -21,8 +22,10 @@ func Verify(url string) (grant bool, identifier string, err os.Error) {
identifier = ""
err = nil
- var urlm map[string]string
- urlm, err = url2map(url)
+ //var urlm map[string]string
+ //urlm, err = url2map(url)
+ var values http.Values
+ values, err = http.ParseQuery(url)
if err != nil {
return false, "", err
}
@@ -36,38 +39,49 @@ func Verify(url string) (grant bool, identifier string, err os.Error) {
// The signature on the assertion is valid and all fields that are required to be signed are signed (Section 11.4)
- grant, err = verifyDirect(urlm)
- if err != nil {
- return
- }
+ return VerifyValues(values)
+ //if err != nil {
+ // return grant, identifier, err
+ //}
- identifier = urlm["openid.claimed_id"]
+ //identifier = urlm["openid.claimed_id"]
- return
+ //return grant, identifier, err
}
var REVerifyDirectIsValid = "is_valid:true"
var REVerifyDirectNs = regexp.MustCompile("ns:([a-zA-Z0-9:/.]*)")
-func verifyDirect(urlm map[string]string) (grant bool, err os.Error) {
- grant = false
+// Like Verify on a parsed URL
+func VerifyValues(values http.Values) (grant bool, identifier string, err os.Error) {
err = nil
- urlm["openid.mode"] = "check_authentication"
+ var postArgs http.Values
+ postArgs = http.Values(map[string][]string{})
+ //postArgs = new(http.Values)
+ postArgs.Set("openid.mode", "check_authentication")
// Create the url
- URLEndPoint := urlm["openid.op_endpoint"]
- var postContent string
- for k, v := range urlm {
- postContent += http.URLEscape(k) + "=" + http.URLEscape(v) + "&"
+ URLEndPoint := values.Get("openid.op_endpoint")
+ if URLEndPoint == "" {
+ log.Printf("no openid.op_endpoint")
+ return false, "", os.NewError("no openid.op_endpoint")
+ }
+ for k, v := range values {
+ if k == "openid.op_endpoint" {
+ continue // skip it
+ }
+ postArgs[k] = v
}
+ postContent := postArgs.Encode()
// Post the request
var client = new(http.Client)
postReader := bytes.NewBuffer([]byte(postContent))
response, err := client.Post(URLEndPoint, "application/x-www-form-urlencoded", postReader)
if err != nil {
- return false, err
+ log.Printf("VerifyValues failed at post")
+ return false, "", err
}
// Parse the response
@@ -76,26 +90,29 @@ func verifyDirect(urlm map[string]string) (grant bool, err os.Error) {
buffer := make([]byte, 1024)
_, err = response.Body.Read(buffer)
if err != nil {
- return false, err
+ log.Printf("VerifyValues failed reading response")
+ return false, "", err
}
// Check for ns
rematch := REVerifyDirectNs.FindSubmatch(buffer)
if rematch == nil {
- return false, os.ErrorString("verifyDirect: ns value not found on the response of the OP")
+ return false, "", os.NewError("VerifyValues: ns value not found on the response of the OP")
}
nsValue := string(rematch[1])
if !bytes.Equal([]byte(nsValue), []byte("http://specs.openid.net/auth/2.0")) {
- return false, os.ErrorString("verifyDirect: ns value not correct: " + nsValue)
+ return false, "", os.NewError("VerifyValues: ns value not correct: " + nsValue)
}
// Check for is_valid
match, err := regexp.Match(REVerifyDirectIsValid, buffer)
if err != nil {
- return false, err
+ return false, "", err
}
- return match, nil
+ identifier = values.Get("openid.claimed_id")
+
+ return match, identifier, nil
}
// Transform an url string into a map of parameters/value
View
33 yadis.go
@@ -10,7 +10,9 @@ import (
"xml"
"fmt"
"io"
+ "io/ioutil"
"bytes"
+ "regexp"
"strings"
)
@@ -87,10 +89,37 @@ func YadisRequest(url string, method string) (resp *http.Response, err os.Error)
return response, nil
}
}
- return nil, os.ErrorString("Too many redirections")
+ return nil, os.NewError("Too many redirections")
}
+// this is a ridiculous way to make a case insensitive pattern.
+var metaRE *regexp.Regexp
+var xrdsRE *regexp.Regexp
+
+func init() {
+metaRE = regexp.MustCompile("<[ \t]*[mM][eE][tT][aA][^>]*[hH][tT][tT][pP]-[eE][qQ][uU][iI][vV]=[\"'][xX]-[xX][rR][dD][sS]-[lL][oO][cC][aA][tT][iI][oO][nN][\"'][^>]*>")
+xrdsRE = regexp.MustCompile("[cC][oO][nN][tT][eE][nN][tT]=[\"']([^\"]+)[\"']")
+//xrdsRE = regexp.MustCompile("content=[\"']([^\"']+)[\"']")
+}
+
+
func searchHTMLMetaXRDS(r io.Reader) (string, os.Error) {
+ data, err := ioutil.ReadAll(r)
+ if err != nil {
+ return "", err
+ }
+ part := metaRE.Find(data)
+ if part == nil {
+ return "", os.NewError("No -meta- match")
+ }
+ content := xrdsRE.FindSubmatch(part)
+ if content == nil {
+ return "", os.NewError("No content in meta tag: " + string(part))
+ }
+ return string(content[1]), nil
+}
+
+func searchHTMLMetaXRDS_OLD(r io.Reader) (string, os.Error) {
parser := xml.NewParser(r)
var token xml.Token
var err os.Error
@@ -127,5 +156,5 @@ func searchHTMLMetaXRDS(r io.Reader) (string, os.Error) {
}
}
}
- return "", os.ErrorString("Value not found")
+ return "", os.NewError("Value not found")
}

0 comments on commit 5da5c9a

Please sign in to comment.
Something went wrong with that request. Please try again.