Changeset 426589
- Timestamp:
- 08/21/2011 06:17:02 AM (15 years ago)
- Location:
- xmpp-auth/trunk
- Files:
-
- 4 edited
-
xmpp-auth.php (modified) (5 diffs)
-
xmpp_callbacks.php (modified) (2 diffs)
-
xmpp_stanzas.php (modified) (3 diffs)
-
xmpp_stream.php (modified) (8 diffs)
Legend:
- Unmodified
- Added
- Removed
-
xmpp-auth/trunk/xmpp-auth.php
r426587 r426589 209 209 'method' => 'POST' 210 210 ); 211 $auth_message = http_auth($xs->jid, $userinfo->jabber, get_site_url(), 'POST', 212 $params['transaction_id'], $params['thread'], 213 sprintf(__("Someone (maybe you) has requested access to \"%s\" (%s).\n"), get_bloginfo('name'), get_site_url())); 211 214 $xs->add_callback('http_auth_cb', $params); 212 $auth_message = http_auth($xs->jid, $userinfo->jabber, get_site_url(), 'POST', $_POST['transaction_id'], $params['thread'],213 sprintf(__("Someone (maybe you) has requested access to \"%s\" (%s).\n"), get_bloginfo('name'), get_site_url()));214 /*if ($xs->http_auth(get_site_url(), 'POST', $userinfo->jabber, $_POST['transaction_id'],215 sprintf(__("Someone (maybe you) has requested access to \"%s\" at address:\n\n\t%s\n"), get_bloginfo('name'), get_site_url()))216 && $xs->quit ())*/217 215 if ($auth_message && $xs->raw_send($auth_message) && $xs->run()) 218 216 { 219 //status_header(202);220 217 $user = new WP_User($userinfo->ID); 221 218 //if (! empty($_POST['rememberme'])) … … 224 221 // $remember = false; 225 222 //wp_set_auth_cookie($user->ID, $remember, $secure_cookie); // secure cookie? 223 $xs->quit(); 226 224 return $user; 227 225 } … … 229 227 { 230 228 $error->add('xmpp_connect', __('<strong>ERROR</strong>: authentication has been refused or timed-out.')); 229 $xs->quit(); 231 230 return $error; 232 231 } … … 536 535 include_once(dirname(__FILE__) . '/xmpp_stanzas.php'); 537 536 include_once(dirname(__FILE__) . '/xmpp_callbacks.php'); 538 $xs->add_callback('http_auth_callback', array('from' => $_POST['jid'])); 539 $auth_message = http_auth($xs->jid, $_POST['jid'], get_permalink($commentdata['comment_post_ID']), 'POST', $comment_content, 537 $params = array( 538 'from' => $_POST['jid'], 539 'transaction_id' => $comment_content, 540 'thread' => time () . rand (), // Is it random enough? Probably for such use... 541 'url' => get_permalink($commentdata['comment_post_ID']), 542 'method' => 'POST' 543 ); 544 $auth_message = http_auth($xs->jid, $_POST['jid'], get_permalink($commentdata['comment_post_ID']), 'POST', 545 $params['transaction_id'], $params['thread'], 540 546 sprintf(__("Someone (maybe you) is commenting on the website \"%s\" (%s)"), get_bloginfo('name'), get_site_url())); 541 /*if ($xs->http_auth(get_permalink($commentdata['comment_post_ID']), 'POST', $_POST['jid'], $comment_content, 542 sprintf(__("Someone (maybe you) is commenting on the website \"%s\" (%s)"), get_bloginfo('name'), get_site_url())) 543 && $xs->quit ())*/ 547 $xs->add_callback('http_auth_cb', $params); 544 548 if ($auth_message && $xs->raw_send($auth_message) && $xs->run()) 545 549 { … … 551 555 $xs->quit(); 552 556 // return "trash"; 553 wp_die(__('Error: the comment was not validated. Are you sure your JID is valid? Comment:<br />') . esc_attr($comment_content)); 557 wp_die(__('<strong>Error</strong>: either the comment authentication has been refused or it timed-out.<br/>Are you sure your JID is valid? Comment:<br /><em>') 558 . esc_attr($comment_content) . '</em>'); 554 559 } 555 560 } -
xmpp-auth/trunk/xmpp_callbacks.php
r426587 r426589 42 42 { 43 43 $child = $children->item($i); 44 jabber_feed_log($child->localName);45 jabber_feed_log($child->namespaceURI);46 44 if ($child->nodeType == XML_ELEMENT_NODE 47 45 && $child->localName == 'thread' … … 72 70 $confirm = true; 73 71 else 72 { 73 jabber_feed_log('BAD'); 74 jabber_feed_log($child->getAttributeNS(NULL, 'id')); 75 jabber_feed_log($params['transaction_id']); 76 jabber_feed_log($child->getAttributeNS(NULL, 'method')); 77 jabber_feed_log($params['method']); 78 jabber_feed_log($child->getAttributeNS(NULL, 'url')); 79 jabber_feed_log($params['url']); 74 80 return FALSE; // something is wrong with this <confirm/> 81 } 75 82 76 83 break; -
xmpp-auth/trunk/xmpp_stanzas.php
r426587 r426589 25 25 */ 26 26 27 function http_auth($from, $to, $http_url, $http_method, $transaction_id,$thread, $readable_message = NULL) // {{{27 function http_auth($from, $to, $http_url, $http_method, &$transaction_id, &$thread, $readable_message = NULL) // {{{ 28 28 { 29 29 $http_method = strtoupper($http_method); … … 31 31 return false; 32 32 33 // Gajim has issues with tags, even when they have been transformed into entities! 33 34 $transaction_id = strip_tags($transaction_id); 34 35 // I had some issues which Gajim which was stripping newlines! Though it is definitely a bug in Gajim, 35 36 // for now I bypass it. TODO: check latest version of Gajim. 36 37 $transaction_id = preg_replace('/\r\n|\r|\n/', ' ', $transaction_id); 37 $transaction_id = htmlspecialchars($transaction_id, ENT_QUOTES, "UTF-8"); 38 // I don't save the transaction ID, XML-formatted. 39 $_transaction_id = htmlspecialchars($transaction_id, ENT_QUOTES, "UTF-8"); 38 40 39 41 if (is_null($readable_message)) 40 42 $readable_message = __("Someone (maybe you) has requested access to the following web page:\n") . $http_url; 41 $readable_message .= __("\nThe transaction identifier is:\n\t") . $ transaction_id;43 $readable_message .= __("\nThe transaction identifier is:\n\t") . $_transaction_id; 42 44 $readable_message .= __("\nIf you confirm you made this request, answer \"OK\". Otherwise answer \"NO\"."); 43 45 … … 46 48 $message .= "<thread>" . $thread . "</thread>"; 47 49 $message .= "<body>" . $readable_message . "</body>"; 48 $message .= "<confirm xmlns='http://jabber.org/protocol/http-auth' id='$ transaction_id' method='$http_method' url='$http_url'/></message>";50 $message .= "<confirm xmlns='http://jabber.org/protocol/http-auth' id='$_transaction_id' method='$http_method' url='$http_url'/></message>"; 49 51 50 52 return $message; -
xmpp-auth/trunk/xmpp_stream.php
r426587 r426589 34 34 require_once(dirname(__FILE__) . '/xmpp_utils.php'); 35 35 36 if (!class_exists('xmpp_stream')) 37 { 36 if (!class_exists('xmpp_stream')): 38 37 class xmpp_stream // {{{ 39 38 { … … 484 483 } // }}} 485 484 486 // $http_method = POST/GET/PUT/DELETE.487 public function http_auth ($http_url, $http_method, $to, $transaction_id, $readable_message = NULL) // {{{488 {489 $http_method = strtoupper($http_method);490 if (!in_array($http_method, array('GET', 'POST', 'PUT', 'DELETE')))491 return false;492 493 $transaction_id = strip_tags($transaction_id);494 // I had some issues which Gajim which was stripping newlines! Though it is definitely a bug in Gajim,495 // for now I bypass it. TODO: check latest version of Gajim.496 $transaction_id = preg_replace('/\r\n|\r|\n/', ' ', $transaction_id);497 498 if (is_null($readable_message))499 $readable_message = __("Someone (maybe you) has requested access to the following web page:\n") . $http_url;500 501 $readable_message .= __("\nThe transaction identifier is:\n\t") . $transaction_id;502 $readable_message .= __("\nIf you confirm you made this request, answer \"OK\". Otherwise answer \"NO\".");503 504 $iq_id = time () . rand (); // Is it random enough? Probably for such use...505 $this->flags['http_auth'] = $transaction_id; // TODO: actually I must save this information in db.506 $this->flags['http_auth_thread'] = $iq_id; // TODO: actually I must save this information in db.507 $this->flags['http_auth_recipient'] = $to;508 509 $transaction_id = htmlspecialchars($transaction_id, ENT_QUOTES, "UTF-8");510 511 $message = "<message type='normal' from='" . $this->jid . "' ";512 $message .= "to='" . $to . "' id='http_auth" . $iq_id . "'>";513 $message .= "<thread>" . $iq_id . "</thread>";514 $message .= "<body>" . $readable_message . "</body>";515 516 $message .= "<confirm xmlns='http://jabber.org/protocol/http-auth' id='$transaction_id' method='$http_method' url='$http_url'/></message>";517 518 519 if (! $this->socket->send ($message))520 {521 $this->last_error = __('HTTP authentication failure: ');522 $this->last_error .= $this->socket->last_error;523 $this->quit ();524 return FALSE;525 }526 527 $this->run();528 /*return ($this->process_read ("http_auth_start_handler",529 "http_auth_end_handler", 'http_authenticated'));*/530 } // }}}531 532 485 protected function flag_for_reset($start_element_handler, $end_element_handler, $flag) 533 486 { … … 1052 1005 } // }}} 1053 1006 1054 1055 // TODO: HTTP authentication // 1056 1057 private function http_auth_start_handler ($parser, $name, $attrs) // {{{ 1007 /****** TODO: avatar. ******/ 1008 1009 public function retrieve_avatar($jid) // {{{ 1010 { 1011 $iq_id = time () . rand (); // Is it random enough? Probably for such use... 1012 $this->flags['avatar'] = $iq_id; 1013 $this->flags['avatar_recipient'] = $jid; 1014 1015 $query = "<iq type='get' from='" . $this->jid . "' "; 1016 $query .= "to='" . $jid . "' id='" . $iq_id . "'>"; 1017 $query .= "<thread>" . $iq_id . "</thread>"; 1018 $query .= "<body>" . $readable_message . "</body>"; 1019 1020 $message .= "<confirm xmlns='http://jabber.org/protocol/http-auth' id='$transaction_id' method='$http_method' url='$http_url'/></message>"; 1021 1022 1023 if (! $this->socket->send ($query)) 1024 { 1025 $this->last_error = __('HTTP authentication failure: '); 1026 $this->last_error .= $this->socket->last_error; 1027 $this->quit (); 1028 return FALSE; 1029 } 1030 1031 return ($this->process_read ("avatar1_start_handler", 1032 "avatar1_end_handler", 'http_authenticated')); 1033 } // }}} 1034 1035 private function avatar1_start_handler ($parser, $name, $attrs) // {{{ 1058 1036 { 1059 1037 if ($name == 'jabber:client:message' && $attrs['type'] == 'error' … … 1070 1048 // ELSE check the <confirm/> 1071 1049 } 1072 elseif ($name == ' http://jabber.org/protocol/http-auth:confirm' &&1050 elseif ($name == 'CONFIRM' && 1073 1051 (isset($this->flags['http_auth_more']) || isset($this->flags['http_auth_error']))) 1074 1052 { // TODO check method and url and ns. … … 1078 1056 $this->flags['same_request_confirmed'] = false; 1079 1057 } 1080 elseif ($name == ' jabber:client:error' && (isset($this->flags['http_auth_error'])1058 elseif ($name == 'ERROR' && (isset($this->flags['http_auth_error']) 1081 1059 || isset($this->flags['http_auth_more']))) 1082 1060 // This one should not happen. … … 1092 1070 } // }}} 1093 1071 1094 private function http_auth_end_handler ($parser, $name) // {{{1072 private function avatar1_end_handler ($parser, $name) // {{{ 1095 1073 { 1096 1074 if ($name == 'jabber:client:thread' && … … 1139 1117 } // }}} 1140 1118 1141 1142 /****** TODO: avatar. ******/1143 1144 public function retrieve_avatar($jid) // {{{1145 {1146 $iq_id = time () . rand (); // Is it random enough? Probably for such use...1147 $this->flags['avatar'] = $iq_id;1148 $this->flags['avatar_recipient'] = $jid;1149 1150 $query = "<iq type='get' from='" . $this->jid . "' ";1151 $query .= "to='" . $jid . "' id='" . $iq_id . "'>";1152 $query .= "<thread>" . $iq_id . "</thread>";1153 $query .= "<body>" . $readable_message . "</body>";1154 1155 $message .= "<confirm xmlns='http://jabber.org/protocol/http-auth' id='$transaction_id' method='$http_method' url='$http_url'/></message>";1156 1157 1158 if (! $this->socket->send ($query))1159 {1160 $this->last_error = __('HTTP authentication failure: ');1161 $this->last_error .= $this->socket->last_error;1162 $this->quit ();1163 return FALSE;1164 }1165 1166 return ($this->process_read ("avatar1_start_handler",1167 "avatar1_end_handler", 'http_authenticated'));1168 } // }}}1169 1170 private function avatar1_start_handler ($parser, $name, $attrs) // {{{1171 {1172 if ($name == 'jabber:client:message' && $attrs['type'] == 'error'1173 && xmpp_bare_jid($attrs['from']) == xmpp_bare_jid($this->flags['http_auth_recipient'])) // TODO: thread!1174 {1175 //unset ($this->ids['http_auth']);1176 $this->flags['http_auth_error'] = true;1177 }1178 elseif ($name == 'jabber:client:message'1179 && xmpp_bare_jid($attrs['from']) == xmpp_bare_jid($this->flags['http_auth_recipient']))1180 {1181 $this->flags['http_auth_more'] = true;1182 // TODO: check if there is a textual message. If so, it must be "OK"/"NO".1183 // ELSE check the <confirm/>1184 }1185 elseif ($name == 'CONFIRM' &&1186 (isset($this->flags['http_auth_more']) || isset($this->flags['http_auth_error'])))1187 { // TODO check method and url and ns.1188 if (html_entity_decode($attrs['id']) == $this->flags['http_auth'])1189 $this->flags['same_request_confirmed'] = true;1190 else1191 $this->flags['same_request_confirmed'] = false;1192 }1193 elseif ($name == 'ERROR' && (isset($this->flags['http_auth_error'])1194 || isset($this->flags['http_auth_more'])))1195 // This one should not happen.1196 // Let's say that if it does, that's an error, so the authentication fails.1197 {1198 // TODO: check the thread and error code.1199 //unset ($this->flags['http_auth_error']);1200 $this->last_error = __('Publication returned an error of type "') . $attrs['type'] . '".';1201 $this->flags['http_authenticated'] = false;1202 }1203 1204 $this->common_start_handler ($name);1205 } // }}}1206 1207 private function avatar1_end_handler ($parser, $name) // {{{1208 {1209 if ($name == 'jabber:client:thread' &&1210 (isset($this->flags['http_auth_more']) || isset($this->flags['http_auth_error'])))1211 {1212 if ($this->flags['http_auth_thread'] == $this->current_cdata)1213 {1214 // TODO: check if there is a textual message. If so, it must be "OK"/"NO".1215 // ELSE check the <confirm/>1216 //unset ($this->ids['http_auth']);1217 //$this->flags['http_authenticated'] = true;1218 $this->flags['thread_confirmed'] = true;1219 }1220 else1221 $this->flags['thread_confirmed'] = false;1222 }1223 elseif ($name == 'jabber:client:body' && array_key_exists ('http_auth_more', $this->flags))1224 {1225 if (trim(strtolower($this->current_cdata)) == "no")1226 {1227 $this->flags['body_denied'] = true;1228 }1229 elseif (trim(strtolower($this->current_cdata)) == "ok")1230 {1231 $this->flags['body_confirmed'] = true;1232 }1233 }1234 elseif ($name== 'jabber:client:message' && array_key_exists ('http_auth_more', $this->flags))1235 {1236 if (isset($this->flags['thread_confirmed']) && $this->flags['thread_confirmed'])1237 {1238 if (isset($this->flags['body_denied']))1239 $this->flags['http_authenticated'] = false;1240 //elseif (isset($this->flags['http_auth_error']))1241 // $this->flags['http_authenticated'] = false;1242 // if (isset($this->flags['body_confirmed'])) || nothing set.1243 elseif (isset($this->flags['body_confirmed'])1244 || $this->flags['same_request_confirmed'])1245 $this->flags['http_authenticated'] = true;1246 }1247 }1248 elseif ($name== 'jabber:client:message' && array_key_exists ('http_auth_error', $this->flags))1249 $this->flags['http_authenticated'] = false;1250 1251 $this->common_end_handler ();1252 } // }}}1253 1254 1119 /***** TODO: I leave this only not (hopefully) to break Jabber Feed. Will have to get into it later. */ 1255 1120 … … 1876 1741 } // }}} 1877 1742 } // }}} 1878 } 1743 endif; 1879 1744 1880 1745 ?>
Note: See TracChangeset
for help on using the changeset viewer.