X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=citadel%2Fmodules%2Fopenid%2Fserv_openid_rp.c;h=d6dd692a521581fd3cde85d748ae7e43ea8cacae;hb=d83e2f76ce35cfbf85536b32078ea182b0addf3c;hp=1ad50971f9c37303c0cc35da246d5ed1105b5c5e;hpb=15c6132df4db5743141cdaccba96e85dd19c10d1;p=citadel.git

diff --git a/citadel/modules/openid/serv_openid_rp.c b/citadel/modules/openid/serv_openid_rp.c
index 1ad50971f..d6dd692a5 100644
--- a/citadel/modules/openid/serv_openid_rp.c
+++ b/citadel/modules/openid/serv_openid_rp.c
@@ -1,5 +1,9 @@
 /*
  * This is an implementation of OpenID 2.0 RELYING PARTY SUPPORT CURRENTLY B0RKEN AND BEING DEVEL0PZ0RED
+
+
+			OPENID2 BRANCH -- NEEDS TO BE MERGEZ0RED !!!!!!111
+
  *
  * Copyright (c) 2007-2011 by the citadel.org team
  *
@@ -49,18 +53,19 @@
 #include "user_ops.h"
 
 typedef struct _ctdl_openid {
-	StrBuf *claimed_id;
-	StrBuf *server;
+	StrBuf *op_url;			/* OpenID Provider Endpoint URL */
+	StrBuf *claimed_id;		/* Claimed Identifier */
 	int verified;
 	HashList *sreg_keys;
 } ctdl_openid;
 
 void Free_ctdl_openid(ctdl_openid **FreeMe)
 {
-	if (*FreeMe == NULL)
+	if (*FreeMe == NULL) {
 		return;
+	}
+	FreeStrBuf(&(*FreeMe)->op_url);
 	FreeStrBuf(&(*FreeMe)->claimed_id);
-	FreeStrBuf(&(*FreeMe)->server);
 	DeleteHash(&(*FreeMe)->sreg_keys);
 	free(*FreeMe);
 	*FreeMe = NULL;
@@ -582,46 +587,12 @@ CURL *ctdl_openid_curl_easy_init(char *errmsg) {
 }
 
 
-/*
- * Begin an HTTP fetch (returns number of bytes actually fetched, or -1 for error) using libcurl.
- */
-int fetch_http(StrBuf *url, StrBuf **target_buf)
-{
-	StrBuf *ReplyBuf;
-	CURL *curl;
-	CURLcode result;
-	char *effective_url = NULL;
-	char errmsg[1024] = "";
-
-	if (StrLength(url) <=0 ) return(-1);
-	ReplyBuf = *target_buf = NewStrBuf ();
-	if (ReplyBuf == 0) return(-1);
-
-	curl = ctdl_openid_curl_easy_init(errmsg);
-	if (!curl) return(-1);
-
-	curl_easy_setopt(curl, CURLOPT_URL, ChrPtr(url));
-	curl_easy_setopt(curl, CURLOPT_WRITEDATA, ReplyBuf);
-	curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, CurlFillStrBuf_callback);
-
-	result = curl_easy_perform(curl);
-	if (result) {
-		syslog(LOG_DEBUG, "libcurl error %d: %s", result, errmsg);
-	}
-	curl_easy_getinfo(curl, CURLINFO_EFFECTIVE_URL, &effective_url);
-	StrBufPlain(url, effective_url, -1);
-	
-	curl_easy_cleanup(curl);
-	return StrLength(ReplyBuf);
-}
-
-
-
 struct xrds {
+	StrBuf *CharData;
 	int nesting_level;
 	int in_xrd;
 	int current_service_priority;
-	int selected_service_priority;	/* more here later */
+	int selected_service_priority;	/* FIXME more here later */
 };
 
 
@@ -644,6 +615,8 @@ void xrds_xml_start(void *data, const char *supplied_el, const char **attr) {
 			}
 		}
 	}
+
+	FlushStrBuf(xrds->CharData);
 }
 
 
@@ -661,27 +634,32 @@ void xrds_xml_end(void *data, const char *supplied_el) {
 		/* this is where we should evaluate the service and do stuff */
 		xrds->current_service_priority = 0;
 	}
+
+	FlushStrBuf(xrds->CharData);
 }
 
 
 void xrds_xml_chardata(void *data, const XML_Char *s, int len) {
 	struct xrds *xrds = (struct xrds *) data;
 
-	if (xrds) ;	/* this is only here to silence the warning for now */
-	
-	/* StrBufAppendBufPlain (xrds->CData, s, len, 0); */
+	StrBufAppendBufPlain (xrds->CharData, s, len, 0);
 }
 
 
 /*
  * Parse an XRDS document.
- * If OpenID stuff is discovered, populate FIXME something and return nonzero
+ * If an OpenID Provider URL is discovered, op_url to that value and return nonzero.
  * If nothing useful happened, return 0.
  */
 int parse_xrds_document(StrBuf *ReplyBuf) {
+	ctdl_openid *oiddata = (ctdl_openid *) CC->openid_data;
 	struct xrds xrds;
+	int return_value = 0;
+
+	syslog(LOG_DEBUG, "\033[32m --- XRDS DOCUMENT --- \n%s\033[0m", ChrPtr(ReplyBuf));
 
 	memset(&xrds, 0, sizeof (struct xrds));
+	xrds.CharData = NewStrBuf();
 	XML_Parser xp = XML_ParserCreate(NULL);
 	if (xp) {
 		XML_SetUserData(xp, &xrds);
@@ -694,14 +672,19 @@ int parse_xrds_document(StrBuf *ReplyBuf) {
 	else {
 		syslog(LOG_ALERT, "Cannot create XML parser");
 	}
+	FreeStrBuf(&xrds.CharData);
 
-	return(0);	/* FIXME return nonzero if something wonderful happened */
+	if (StrLength(oiddata->op_url) > 0) {
+		syslog(LOG_DEBUG, "\033[31mOP VIA XRDS DISCO: %s\033[0m", ChrPtr(oiddata->op_url));
+		return_value = 1;
+	}
+	return(return_value);
 }
 
 
 
 /*
- * Callback function for perform_yadis_discovery()
+ * Callback function for perform_openid2_discovery()
  * We're interested in the X-XRDS-Location: header.
  */
 size_t yadis_headerfunction(void *ptr, size_t size, size_t nmemb, void *userdata) {
@@ -722,10 +705,14 @@ size_t yadis_headerfunction(void *ptr, size_t size, size_t nmemb, void *userdata
 
 
 /* Attempt to perform Yadis discovery as specified in Yadis 1.0 section 6.2.5.
+ * 
+ * If Yadis fails, we then attempt HTML discovery using the same document.
+ *
  * If successful, returns nonzero and calls parse_xrds_document() to act upon the received data.
- * If Yadis fails, returns 0 and does nothing else.
+ * If fails, returns 0 and does nothing else.
  */
-int perform_yadis_discovery(StrBuf *YadisURL) {
+int perform_openid2_discovery(StrBuf *YadisURL) {
+	ctdl_openid *oiddata = (ctdl_openid *) CC->openid_data;
 	int docbytes = (-1);
 	StrBuf *ReplyBuf = NULL;
 	int return_value = 0;
@@ -735,12 +722,12 @@ int perform_yadis_discovery(StrBuf *YadisURL) {
 	struct curl_slist *my_headers = NULL;
 	StrBuf *x_xrds_location = NULL;
 
-	if (YadisURL == NULL) return(0);
-	syslog(LOG_DEBUG, "perform_yadis_discovery(%s)", ChrPtr(YadisURL));
+	if (!YadisURL) return(0);
+	syslog(LOG_DEBUG, "perform_openid2_discovery(%s)", ChrPtr(YadisURL));
 	if (StrLength(YadisURL) == 0) return(0);
 
-	ReplyBuf = NewStrBuf ();
-	if (ReplyBuf == 0) return(0);
+	ReplyBuf = NewStrBuf();
+	if (!ReplyBuf) return(0);
 
 	curl = ctdl_openid_curl_easy_init(errmsg);
 	if (!curl) return(0);
@@ -785,7 +772,7 @@ int perform_yadis_discovery(StrBuf *YadisURL) {
 		&& (strcmp(ChrPtr(x_xrds_location), ChrPtr(YadisURL)))
 	) {
 		syslog(LOG_DEBUG, "X-XRDS-Location: %s ... recursing!", ChrPtr(x_xrds_location));
-		return_value = perform_yadis_discovery(x_xrds_location);
+		return_value = perform_openid2_discovery(x_xrds_location);
 		FreeStrBuf(&x_xrds_location);
 	}
 
@@ -796,6 +783,21 @@ int perform_yadis_discovery(StrBuf *YadisURL) {
 		return_value = parse_xrds_document(ReplyBuf);
 	}
 
+	/*
+	 * Option 5: if all else fails, attempt HTML based discovery.
+	 */
+	if (return_value == 0) {
+		syslog(LOG_DEBUG, "Attempting HTML discovery");
+		if (oiddata->op_url == NULL) {
+			oiddata->op_url = NewStrBuf();
+		}
+		extract_link(oiddata->op_url, HKEY("openid2.provider"), ReplyBuf);
+		if (StrLength(oiddata->op_url) > 0) {
+			syslog(LOG_DEBUG, "\033[31mOP VIA HTML DISCO: %s\033[0m", ChrPtr(oiddata->op_url));
+			return_value = 1;
+		}
+	}
+
 	if (ReplyBuf != NULL) {
 		FreeStrBuf(&ReplyBuf);
 	}
@@ -807,6 +809,7 @@ int perform_yadis_discovery(StrBuf *YadisURL) {
  * Setup an OpenID authentication
  */
 void cmd_oids(char *argbuf) {
+	struct CitContext *CCC = CC;	/* CachedCitContext - performance boost */
 	const char *Pos = NULL;
 	StrBuf *ArgBuf = NULL;
 	StrBuf *ReplyBuf = NULL;
@@ -814,13 +817,14 @@ void cmd_oids(char *argbuf) {
 	StrBuf *trust_root = NULL;
 	StrBuf *openid_delegate = NULL;
 	StrBuf *RedirectUrl = NULL;
-	struct CitContext *CCC = CC;	/* CachedCitContext - performance boost */
 	ctdl_openid *oiddata;
+	int discovery_succeeded = 0;
 
 	Free_ctdl_openid ((ctdl_openid**)&CCC->openid_data);
 
 	CCC->openid_data = oiddata = malloc(sizeof(ctdl_openid));
 	if (oiddata == NULL) {
+		syslog(LOG_ALERT, "malloc() failed: %s", strerror(errno));
 		cprintf("%d malloc failed\n", ERROR + INTERNAL_ERROR);
 		return;
 	}
@@ -848,32 +852,18 @@ void cmd_oids(char *argbuf) {
 	 * So we're not even going to bother attempting this mode.
 	 */
 
-	/* Section 7.3.2 specifies Yadis discovery.
-	 * Google uses this so we'd better do our best to implement it.
+	/* Attempt section 7.3.2 (Yadis discovery) and section 7.3.3 (HTML discovery);
 	 */
-	int yadis_succeeded = perform_yadis_discovery(oiddata->claimed_id);
+	discovery_succeeded = perform_openid2_discovery(oiddata->claimed_id);
 
-	/* Section 7.3.3 specifies HTML-based discovery which is similar to what we did in OpenID 1.1
-	 */
-	if (	(yadis_succeeded == 0)
-		&& (fetch_http(oiddata->claimed_id, &ReplyBuf) > 0)
-		&& (StrLength(ReplyBuf) > 0)
-	) {
-		openid_delegate = NewStrBuf();
-		oiddata->server = NewStrBuf();
-		extract_link(oiddata->server, HKEY("openid.server"), ReplyBuf);
-		extract_link(openid_delegate, HKEY("openid.delegate"), ReplyBuf);
-
-		if (StrLength(oiddata->server) == 0) {
-			cprintf("%d There is no OpenID identity provider at this URL.\n", ERROR);
-			FreeStrBuf(&ArgBuf);
-			FreeStrBuf(&ReplyBuf);
-			FreeStrBuf(&return_to);
-			FreeStrBuf(&trust_root);
-			FreeStrBuf(&openid_delegate);
-			FreeStrBuf(&RedirectUrl);
-			return;
-		}
+	if (StrLength(oiddata->op_url) == 0) {
+		cprintf("%d There is no OpenID identity provider at this location.\n", ERROR);
+	}
+
+	else {
+		/*
+		 * If we get to this point we are in possession of a valid OpenID Provider URL.
+		 */
 
 		/* Empty delegate is legal; we just use the openid_url instead */
 		if (StrLength(openid_delegate) == 0) {
@@ -881,42 +871,30 @@ void cmd_oids(char *argbuf) {
 		}
 
 		/* Assemble a URL to which the user-agent will be redirected. */
-
-		RedirectUrl = NewStrBufDup(oiddata->server);
-
-		StrBufAppendBufPlain(RedirectUrl, HKEY("?openid.mode=checkid_setup"
-						       "&openid.identity="), 0);
+	
+		RedirectUrl = NewStrBufDup(oiddata->op_url);
+	
+		StrBufAppendBufPlain(RedirectUrl, HKEY("?openid.mode=checkid_setup&openid.identity="), 0);
 		StrBufUrlescAppend(RedirectUrl, openid_delegate, NULL);
-
+	
 		StrBufAppendBufPlain(RedirectUrl, HKEY("&openid.return_to="), 0);
 		StrBufUrlescAppend(RedirectUrl, return_to, NULL);
-
+	
 		StrBufAppendBufPlain(RedirectUrl, HKEY("&openid.trust_root="), 0);
 		StrBufUrlescAppend(RedirectUrl, trust_root, NULL);
-
+	
 		StrBufAppendBufPlain(RedirectUrl, HKEY("&openid.sreg.optional="), 0);
 		StrBufUrlescAppend(RedirectUrl, NULL, "nickname,email,fullname,postcode,country,dob,gender");
-
+	
 		cprintf("%d %s\n", CIT_OK, ChrPtr(RedirectUrl));
-		
-		FreeStrBuf(&ArgBuf);
-		FreeStrBuf(&ReplyBuf);
-		FreeStrBuf(&return_to);
-		FreeStrBuf(&trust_root);
-		FreeStrBuf(&openid_delegate);
-		FreeStrBuf(&RedirectUrl);
-
-		return;
 	}
-
+	
 	FreeStrBuf(&ArgBuf);
 	FreeStrBuf(&ReplyBuf);
 	FreeStrBuf(&return_to);
 	FreeStrBuf(&trust_root);
 	FreeStrBuf(&openid_delegate);
 	FreeStrBuf(&RedirectUrl);
-
-	cprintf("%d Unable to fetch OpenID URL\n", ERROR);
 }
 
 
@@ -938,7 +916,7 @@ void cmd_oidf(char *argbuf) {
 		cprintf("%d run OIDS first.\n", ERROR + INTERNAL_ERROR);
 		return;
 	}
-	if (StrLength(oiddata->server) == 0){
+	if (StrLength(oiddata->op_url) == 0){
 		cprintf("%d need a remote server to authenticate against\n", ERROR + ILLEGAL_VALUE);
 		return;
 	}
@@ -1029,7 +1007,7 @@ void cmd_oidf(char *argbuf) {
 	ReplyBuf = NewStrBuf();
 
 	curl = ctdl_openid_curl_easy_init(errmsg);
-	curl_easy_setopt(curl, CURLOPT_URL, ChrPtr(oiddata->server));
+	curl_easy_setopt(curl, CURLOPT_URL, ChrPtr(oiddata->op_url));
 	curl_easy_setopt(curl, CURLOPT_WRITEDATA, ReplyBuf);
 	curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, CurlFillStrBuf_callback);
 	curl_easy_setopt(curl, CURLOPT_HTTPPOST, formpost);