We are no longer offering accounts on this server. Consider https://gitlab.freedesktop.org/ as a place to host projects.

Commit 15b1d130 authored by Brion Vibber's avatar Brion Vibber

Update to last upstream version of libomb: coding style updates, static call...

Update to last upstream version of libomb: coding style updates, static call fix, improved handling of invalid XRD URIs.
parent c038164c
<?php
require_once 'xrds_mapper.php';
require_once 'constants.php';
/**
* Map XRDS actions to URLs using base URLs.
*
* This interface specifies classes which write the XRDS file announcing
* the OMB server. An instance of an implementing class should be passed to
* OMB_Service_Provider->writeXRDS.
* This file is part of libomb
*
* PHP version 5
*
......@@ -25,27 +17,56 @@ require_once 'constants.php';
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @package OMB
* @author Adrian Lang <mail@adrianlang.de>
* @copyright 2009 Adrian Lang
* @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
**/
* @package OMB
* @author Adrian Lang <mail@adrianlang.de>
* @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
* @version 0.1a-20090828
* @link http://adrianlang.de/libomb
*/
class OMB_Base_URL_XRDS_Mapper implements OMB_XRDS_Mapper {
require_once 'xrds_mapper.php';
require_once 'constants.php';
protected $urls;
/**
* Map XRDS actions to URLs using base URLs
*
* This class realizes a simple mapping of action URIs to handler URLs. The
* target URLs are constructed using a base URL.
*/
class OMB_Base_URL_XRDS_Mapper implements OMB_XRDS_Mapper
{
protected $urls;
public function __construct($oauth_base, $omb_base) {
$this->urls = array(
OAUTH_ENDPOINT_REQUEST => $oauth_base . 'requesttoken',
OAUTH_ENDPOINT_AUTHORIZE => $oauth_base . 'userauthorization',
OAUTH_ENDPOINT_ACCESS => $oauth_base . 'accesstoken',
OMB_ENDPOINT_POSTNOTICE => $omb_base . 'postnotice',
OMB_ENDPOINT_UPDATEPROFILE => $omb_base . 'updateprofile');
}
/**
* Constructor
*
* Initialize the XRDS mapper with base URLs for OAuth and OMB endpoints.
*
* @param string $oauth_base The base URL for OAuth endpoints
* @param string $omb_base The base URL for OMB endpoints
*/
public function __construct($oauth_base, $omb_base)
{
$this->urls = array(
OAUTH_ENDPOINT_REQUEST => $oauth_base . 'requesttoken',
OAUTH_ENDPOINT_AUTHORIZE => $oauth_base . 'userauthorization',
OAUTH_ENDPOINT_ACCESS => $oauth_base . 'accesstoken',
OMB_ENDPOINT_POSTNOTICE => $omb_base . 'postnotice',
OMB_ENDPOINT_UPDATEPROFILE => $omb_base . 'updateprofile');
}
public function getURL($action) {
return $this->urls[$action];
}
/**
* Fetch an URL for a specified action
*
* Returns the action URL for an action specified by the endpoint URI.
*
* @param string $action The endpoint URI
*
* @return string The action URL
*/
public function getURL($action)
{
return $this->urls[$action];
}
}
?>
......@@ -20,15 +20,16 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @package OMB
* @author Adrian Lang <mail@adrianlang.de>
* @copyright 2009 Adrian Lang
* @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
**/
* @package OMB
* @author Adrian Lang <mail@adrianlang.de>
* @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
* @version 0.1a-20090828
* @link http://adrianlang.de/libomb
*/
/**
* The OMB constants.
**/
*/
define('OMB_VERSION_01', 'http://openmicroblogging.org/protocol/0.1');
......@@ -40,7 +41,7 @@ define('OMB_ENDPOINT_POSTNOTICE', OMB_VERSION . '/postNotice');
/**
* The OAuth constants.
**/
*/
define('OAUTH_NAMESPACE', 'http://oauth.net/core/1.0/');
......
<?php
/**
* This file is part of libomb
*
* PHP version 5
*
* LICENSE: This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @package OMB
* @author Adrian Lang <mail@adrianlang.de>
* @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
* @version 0.1a-20090828
* @link http://adrianlang.de/libomb
*/
require_once 'OAuth.php';
......@@ -27,174 +51,162 @@ require_once 'OAuth.php';
* Most of the parameters passed to these methods are unescaped and unverified
* user input. Therefore they should be handled with extra care to avoid
* security problems like SQL injections.
*
* PHP version 5
*
* LICENSE: This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @package OMB
* @author Adrian Lang <mail@adrianlang.de>
* @copyright 2009 Adrian Lang
* @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
**/
class OMB_Datastore extends OAuthDataStore {
*/
class OMB_Datastore extends OAuthDataStore
{
/*********
* OAUTH *
*********/
/*********
* OAUTH *
*********/
/**
* Revoke specified OAuth token
*
* Revokes the authorization token specified by $token_key.
* Throws exceptions in case of error.
*
* @param string $token_key The key of the token to be revoked
*
* @access public
**/
public function revoke_token($token_key) {
throw new Exception();
}
/**
* Revoke specified OAuth token
*
* Revokes the authorization token specified by $token_key.
* Throws exceptions in case of error.
*
* @param string $token_key The key of the token to be revoked
*
* @access public
*/
public function revoke_token($token_key)
{
throw new Exception();
}
/**
* Authorize specified OAuth token
*
* Authorizes the authorization token specified by $token_key.
* Throws exceptions in case of error.
*
* @param string $token_key The key of the token to be authorized
*
* @access public
**/
public function authorize_token($token_key) {
throw new Exception();
}
/**
* Authorize specified OAuth token
*
* Authorizes the authorization token specified by $token_key.
* Throws exceptions in case of error.
*
* @param string $token_key The key of the token to be authorized
*
* @access public
*/
public function authorize_token($token_key)
{
throw new Exception();
}
/*********
* OMB *
*********/
/*********
* OMB *
*********/
/**
* Get profile by identifying URI
*
* Returns an OMB_Profile object representing the OMB profile identified by
* $identifier_uri.
* Returns null if there is no such OMB profile.
* Throws exceptions in case of other error.
*
* @param string $identifier_uri The OMB identifier URI specifying the
* requested profile
*
* @access public
*
* @return OMB_Profile The corresponding profile
**/
public function getProfile($identifier_uri) {
throw new Exception();
}
/**
* Get profile by identifying URI
*
* Returns an OMB_Profile object representing the OMB profile identified by
* $identifier_uri.
* Returns null if there is no such OMB profile.
* Throws exceptions in case of other error.
*
* @param string $identifier_uri The OMB identifier URI specifying the
* requested profile
*
* @access public
*
* @return OMB_Profile The corresponding profile
*/
public function getProfile($identifier_uri)
{
throw new Exception();
}
/**
* Save passed profile
*
* Stores the OMB profile $profile. Overwrites an existing entry.
* Throws exceptions in case of error.
*
* @param OMB_Profile $profile The OMB profile which should be saved
*
* @access public
**/
public function saveProfile($profile) {
throw new Exception();
}
/**
* Save passed profile
*
* Stores the OMB profile $profile. Overwrites an existing entry.
* Throws exceptions in case of error.
*
* @param OMB_Profile $profile The OMB profile which should be saved
*
* @access public
*/
public function saveProfile($profile)
{
throw new Exception();
}
/**
* Save passed notice
*
* Stores the OMB notice $notice. The datastore may change the passed notice.
* This might by neccessary for URIs depending on a database key. Note that
* it is the user’s duty to present a mechanism for his OMB_Datastore to
* appropriately change his OMB_Notice. TODO: Ugly.
* Throws exceptions in case of error.
*
* @param OMB_Notice $notice The OMB notice which should be saved
*
* @access public
**/
public function saveNotice(&$notice) {
throw new Exception();
}
/**
* Save passed notice
*
* Stores the OMB notice $notice. The datastore may change the passed
* notice. This might by necessary for URIs depending on a database key.
* Note that it is the user’s duty to present a mechanism for his
* OMB_Datastore to appropriately change his OMB_Notice.
* Throws exceptions in case of error.
*
* @param OMB_Notice &$notice The OMB notice which should be saved
*
* @access public
*/
public function saveNotice(&$notice)
{
throw new Exception();
}
/**
* Get subscriptions of a given profile
*
* Returns an array containing subscription informations for the specified
* profile. Every array entry should in turn be an array with keys
* 'uri´: The identifier URI of the subscriber
* 'token´: The subscribe token
* 'secret´: The secret token
* Throws exceptions in case of error.
*
* @param string $subscribed_user_uri The OMB identifier URI specifying the
* subscribed profile
*
* @access public
*
* @return mixed An array containing the subscriptions or 0 if no
* subscription has been found.
**/
public function getSubscriptions($subscribed_user_uri) {
throw new Exception();
}
/**
* Get subscriptions of a given profile
*
* Returns an array containing subscription informations for the specified
* profile. Every array entry should in turn be an array with keys
* 'uri´: The identifier URI of the subscriber
* 'token´: The subscribe token
* 'secret´: The secret token
* Throws exceptions in case of error.
*
* @param string $subscribed_user_uri The OMB identifier URI specifying the
* subscribed profile
*
* @access public
*
* @return mixed An array containing the subscriptions or 0 if no
* subscription has been found.
*/
public function getSubscriptions($subscribed_user_uri)
{
throw new Exception();
}
/**
* Delete a subscription
*
* Deletes the subscription from $subscriber_uri to $subscribed_user_uri.
* Throws exceptions in case of error.
*
* @param string $subscriber_uri The OMB identifier URI specifying the
* subscribing profile
*
* @param string $subscribed_user_uri The OMB identifier URI specifying the
* subscribed profile
*
* @access public
**/
public function deleteSubscription($subscriber_uri, $subscribed_user_uri) {
throw new Exception();
}
/**
* Delete a subscription
*
* Deletes the subscription from $subscriber_uri to $subscribed_user_uri.
* Throws exceptions in case of error.
*
* @param string $subscriber_uri The OMB identifier URI specifying the
* subscribing profile
*
* @param string $subscribed_user_uri The OMB identifier URI specifying the
* subscribed profile
*
* @access public
*/
public function deleteSubscription($subscriber_uri, $subscribed_user_uri)
{
throw new Exception();
}
/**
* Save a subscription
*
* Saves the subscription from $subscriber_uri to $subscribed_user_uri.
* Throws exceptions in case of error.
*
* @param string $subscriber_uri The OMB identifier URI specifying
* the subscribing profile
*
* @param string $subscribed_user_uri The OMB identifier URI specifying
* the subscribed profile
* @param OAuthToken $token The access token
*
* @access public
**/
public function saveSubscription($subscriber_uri, $subscribed_user_uri,
$token) {
throw new Exception();
}
/**
* Save a subscription
*
* Saves the subscription from $subscriber_uri to $subscribed_user_uri.
* Throws exceptions in case of error.
*
* @param string $subscriber_uri The OMB identifier URI specifying
* the subscribing profile
*
* @param string $subscribed_user_uri The OMB identifier URI specifying
* the subscribed profile
* @param OAuthToken $token The access token
*
* @access public
*/
public function saveSubscription($subscriber_uri, $subscribed_user_uri,
$token)
{
throw new Exception();
}
}
?>
<?php
require_once 'Validate.php';
/**
* Helper functions for libomb
*
* This file contains helper functions for libomb.
* This file is part of libomb
*
* PHP version 5
*
......@@ -22,78 +17,88 @@ require_once 'Validate.php';
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @package OMB
* @author Adrian Lang <mail@adrianlang.de>
* @copyright 2009 Adrian Lang
* @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
**/
* @package OMB
* @author Adrian Lang <mail@adrianlang.de>
* @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
* @version 0.1a-20090828
* @link http://adrianlang.de/libomb
*/
class OMB_Helper {
require_once 'Validate.php';
/**
* Non-scalar constants
*
* The set of OMB and OAuth Services an OMB Server has to implement.
*/
/**
* Helper functions for libomb
*
* This class contains helper functions for libomb.
*/
class OMB_Helper
{
public static $OMB_SERVICES =
array(OMB_ENDPOINT_UPDATEPROFILE, OMB_ENDPOINT_POSTNOTICE);
public static $OAUTH_SERVICES =
array(OAUTH_ENDPOINT_REQUEST, OAUTH_ENDPOINT_AUTHORIZE, OAUTH_ENDPOINT_ACCESS);
/**
* Non-scalar constants
*
* The set of OMB and OAuth Services an OMB Server has to implement.
*/
/**
* Validate URL
*
* Basic URL validation. Currently http, https, ftp and gopher are supported
* schemes.
*
* @param string $url The URL which is to be validated.
*
* @return bool Whether URL is valid.
*
* @access public
*/
public static function validateURL($url) {
return Validate::uri($url, array('allowed_schemes' => array('http', 'https',
'gopher', 'ftp')));
}
public static $OMB_SERVICES = array(OMB_ENDPOINT_UPDATEPROFILE,
OMB_ENDPOINT_POSTNOTICE);
public static $OAUTH_SERVICES = array(OAUTH_ENDPOINT_REQUEST,
OAUTH_ENDPOINT_AUTHORIZE,
OAUTH_ENDPOINT_ACCESS);
/**
* Validate Media type
*
* Basic Media type validation. Checks for valid maintype and correct format.
*
* @param string $mediatype The Media type which is to be validated.
*
* @return bool Whether media type is valid.
*
* @access public
*/
public static function validateMediaType($mediatype) {
if (0 === preg_match('/^(\w+)\/([\w\d-+.]+)$/', $mediatype, $subtypes)) {
return false;
/**
* Validate URL
*
* Basic URL validation. Currently http, https, ftp and gopher are supported
* schemes.
*
* @param string $url The URL which is to be validated.
*
* @return bool Whether URL is valid.
*
* @access public
*/
public static function validateURL($url)
{
return Validate::uri($url, array('allowed_schemes' => array('http',
'https', 'gopher', 'ftp')));
}
if (!in_array(strtolower($subtypes[1]), array('application', 'audio', 'image',
'message', 'model', 'multipart', 'text', 'video'))) {
return false;
/**
* Validate Media type
*
* Basic Media type validation. Checks for valid maintype and correct
* format.
*
* @param string $mediatype The Media type which is to be validated.
*
* @return bool Whether media type is valid.
*
* @access public
*/
public static function validateMediaType($mediatype)
{
return preg_match('/^(\w+)\/([\w\d-+.]+)$/', $mediatype, $subtypes) > 0
&&
in_array(strtolower($subtypes[1]), array('application', 'audio',
'image', 'message', 'model', 'multipart', 'text', 'video'));
}
return true;
}
/**
* Remove escaping from request parameters
*
* Neutralise the evil effects of magic_quotes_gpc in the current request.
* This is used before handing a request off to OAuthRequest::from_request.
* Many thanks to Ciaran Gultnieks for this fix.
*
* @access public
*/
public static function removeMagicQuotesFromRequest() {
if(get_magic_quotes_gpc() == 1) {
$_POST = array_map('stripslashes', $_POST);
$_GET = array_map('stripslashes', $_GET);
/**
* Remove escaping from request parameters
*
* Neutralise the evil effects of magic_quotes_gpc in the current request.
* This is used before handing a request off to OAuthRequest::from_request.
* Many thanks to Ciaran Gultnieks for this fix.
*
* @access public
*/
public static function removeMagicQuotesFromRequest()
{
if (get_magic_quotes_gpc() === 1) {
$_POST = array_map('stripslashes', $_POST);
$_GET = array_map('stripslashes', $_GET);
}
}