From 1d867396fa2e4737066a05990b570ea5a2e56d1d Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Wed, 18 Jun 2008 14:26:47 -0400 Subject: [PATCH] add xrds for trust root URL darcs-hash:20080618182647-84dde-e75e2c3441e8441ad6602f36fd9b7bf6ca39e70d.gz --- actions/public.php | 5 +++ actions/publicxrds.php | 77 ++++++++++++++++++++++++++++++++++++++++++ htaccess.sample | 1 + lib/openid.php | 2 +- lib/util.php | 2 ++ 5 files changed, 86 insertions(+), 1 deletion(-) create mode 100644 actions/publicxrds.php diff --git a/actions/public.php b/actions/public.php index 7e47b9f759..5d06c3c295 100644 --- a/actions/public.php +++ b/actions/public.php @@ -28,6 +28,8 @@ class PublicAction extends StreamAction { $page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; + header('X-XRDS-Location: '. common_local_url('publicxrds')); + common_show_header(_t('Public timeline'), array($this, 'show_header'), NULL, array($this, 'show_top')); @@ -50,6 +52,9 @@ class PublicAction extends StreamAction { 'href' => common_local_url('publicrss'), 'type' => 'application/rss+xml', 'title' => _t('Public Stream Feed'))); + # for client side of OpenID authentication + common_element('meta', array('http-equiv' => 'X-XRDS-Location', + 'content' => common_local_url('publicxrds'))); } function show_notices($page) { diff --git a/actions/publicxrds.php b/actions/publicxrds.php new file mode 100644 index 0000000000..f9ffa81b86 --- /dev/null +++ b/actions/publicxrds.php @@ -0,0 +1,77 @@ +. + */ + +if (!defined('LACONICA')) { exit(1); } + +require_once(INSTALLDIR.'/lib/openid.php'); + +# XXX: factor out similarities with XrdsAction + +class PublicxrdsAction extends Action { + + function handle($args) { + + parent::handle($args); + + header('Content-Type: application/xrds+xml'); + + common_start_xml(); + common_element_start('XRDS', array('xmlns' => 'xri://$xrds')); + + common_element_start('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', + 'xml:id' => 'oauth', + 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', + 'version' => '2.0')); + + common_element('Type', NULL, 'xri://$xrds*simple'); + + $this->show_service(Auth_OpenID_RP_RETURN_TO_URL_TYPE, + common_local_url('finishopenidlogin')); + + $this->show_service(Auth_OpenID_RP_RETURN_TO_URL_TYPE, + common_local_url('finishaddopenid')); + + common_element_end('XRD'); + + common_element_end('XRDS'); + common_end_xml(); + } + + function show_service($type, $uri, $params=NULL, $sigs=NULL, $localId=NULL) { + common_element_start('Service'); + if ($uri) { + common_element('URI', NULL, $uri); + } + common_element('Type', NULL, $type); + if ($params) { + foreach ($params as $param) { + common_element('Type', NULL, $param); + } + } + if ($sigs) { + foreach ($sigs as $sig) { + common_element('Type', NULL, $sig); + } + } + if ($localId) { + common_element('LocalID', NULL, $localId); + } + common_element_end('Service'); + } +} \ No newline at end of file diff --git a/htaccess.sample b/htaccess.sample index 14da3ba826..bd8e86855b 100644 --- a/htaccess.sample +++ b/htaccess.sample @@ -2,6 +2,7 @@ RewriteEngine On RewriteRule ^$ index.php?action=public [L,QSA] RewriteRule ^rss$ index.php?action=publicrss [L,QSA] +RewriteRule ^xrds$ index.php?action=publicxrds [L,QSA] RewriteRule ^doc/about$ index.php?action=doc&title=about [L,QSA] RewriteRule ^doc/help$ index.php?action=doc&title=help [L,QSA] diff --git a/lib/openid.php b/lib/openid.php index c98ff8bfc6..48c2a6cb1a 100644 --- a/lib/openid.php +++ b/lib/openid.php @@ -95,7 +95,7 @@ function oid_authenticate($openid_url, $returnto) { $auth_request->addExtension($sreg_request); } - $trust_root = common_root_url(); + $trust_root = common_local_url($public); $process_url = common_local_url($returnto); if ($auth_request->shouldSendRedirect()) { diff --git a/lib/util.php b/lib/util.php index 5091c4bad4..9b4415c176 100644 --- a/lib/util.php +++ b/lib/util.php @@ -530,6 +530,8 @@ function common_fancy_url($action, $args=NULL) { } case 'publicrss': return common_path('rss'); + case 'publicxrds': + return common_path('xrds'); case 'doc': return common_path('doc/'.$args['title']); case 'login':