resolved conflicts from upstream

joe1chen · Nov 3, 2011 · 51f3521 · 51f3521
2 parents 3c4ebc0 + 8e979da
commit 51f3521
Show file tree

Hide file tree

Showing 29 changed files with 167 additions and 15 deletions.
diff --git a/admin/build-docs b/admin/build-docs
diff --git a/admin/fixperms b/admin/fixperms
diff --git a/admin/graph-require.sh b/admin/graph-require.sh
diff --git a/admin/prepare-release b/admin/prepare-release
diff --git a/admin/runtests b/admin/runtests
diff --git a/examples/discover b/examples/discover
diff --git a/examples/rails_openid/script/about b/examples/rails_openid/script/about
diff --git a/examples/rails_openid/script/breakpointer b/examples/rails_openid/script/breakpointer
diff --git a/examples/rails_openid/script/console b/examples/rails_openid/script/console
diff --git a/examples/rails_openid/script/destroy b/examples/rails_openid/script/destroy
diff --git a/examples/rails_openid/script/generate b/examples/rails_openid/script/generate
diff --git a/examples/rails_openid/script/performance/benchmarker b/examples/rails_openid/script/performance/benchmarker
diff --git a/examples/rails_openid/script/performance/profiler b/examples/rails_openid/script/performance/profiler
diff --git a/examples/rails_openid/script/plugin b/examples/rails_openid/script/plugin
diff --git a/examples/rails_openid/script/process/reaper b/examples/rails_openid/script/process/reaper
diff --git a/examples/rails_openid/script/process/spawner b/examples/rails_openid/script/process/spawner
diff --git a/examples/rails_openid/script/process/spinner b/examples/rails_openid/script/process/spinner
diff --git a/examples/rails_openid/script/runner b/examples/rails_openid/script/runner
diff --git a/examples/rails_openid/script/server b/examples/rails_openid/script/server
diff --git a/lib/openid/association.rb b/lib/openid/association.rb
@@ -125,7 +125,7 @@ def check_message_signature(message)
         raise ProtocolError, "#{message} has no sig."
       end
       calculated_sig = get_message_signature(message)
-      return calculated_sig == message_sig
+      return CryptUtil.const_eq(calculated_sig, message_sig)
     end
 
     # Get the signature for this message
@@ -134,7 +134,7 @@ def get_message_signature(message)
     end
 
     def ==(other)
-      (other.class == self.class and 
+      (other.class == self.class and
        other.handle == self.handle and
        other.secret == self.secret and
 

diff --git a/lib/openid/consumer/html_parse.rb b/lib/openid/consumer/html_parse.rb
@@ -18,7 +18,7 @@ module OpenID
 
     [^>]*>.*?<\/script>
 
-  /mixu 
+  /mix
 
   def OpenID.openid_unescape(s)
     s.gsub('&amp;','&').gsub('&lt;','<').gsub('&gt;','>').gsub('&quot;','"')

diff --git a/lib/openid/cryptutil.rb b/lib/openid/cryptutil.rb
@@ -37,7 +37,7 @@ def CryptUtil.sha1(text)
     end
 
     def CryptUtil.hmac_sha1(key, text)
-      if Digest.const_defined? :HMAC      
+      if Digest.const_defined? :HMAC
         Digest::HMAC.new(key,Digest::SHA1).update(text).digest
       else
         return HMAC::SHA1.digest(key, text)
@@ -49,7 +49,7 @@ def CryptUtil.sha256(text)
     end
 
     def CryptUtil.hmac_sha256(key, text)
-      if Digest.const_defined? :HMAC      
+      if Digest.const_defined? :HMAC
         Digest::HMAC.new(key,Digest::SHA256).update(text).digest
       else
         return HMAC::SHA256.digest(key, text)
@@ -100,5 +100,16 @@ def CryptUtil.num_to_base64(l)
     def CryptUtil.base64_to_num(s)
       return binary_to_num(OpenID::Util.from_base64(s))
     end
+
+    def CryptUtil.const_eq(s1, s2)
+      if s1.length != s2.length
+        return false
+      end
+      result = true
+      s1.length.times do |i|
+        result &= (s1[i] == s2[i])
+      end
+      return result
+    end
   end
 end
diff --git a/lib/openid/extensions/ax.rb b/lib/openid/extensions/ax.rb
@@ -110,10 +110,12 @@ def self.to_type_uris(namespace_map, alias_list_s)
     class FetchRequest < AXMessage
       attr_reader :requested_attributes
       attr_accessor :update_url
+
+      MODE = 'fetch_request'
 
       def initialize(update_url = nil)
         super()
-        @mode = 'fetch_request'
+        @mode = MODE
         @requested_attributes = {}
         @update_url = update_url
       end
@@ -180,7 +182,7 @@ def get_required_attrs
       def self.from_openid_request(oidreq)
         message = oidreq.message
         ax_args = message.get_args(NS_URI)
-        return nil if ax_args == {}
+        return nil if ax_args == {} or ax_args['mode'] != MODE
         req = new
         req.parse_extension_args(ax_args)
 
@@ -467,11 +469,26 @@ def self.from_success_response(success_response, signed=true)
 
     # A store request attribute exchange message representation
     class StoreRequest < KeyValueMessage
+
+      MODE = 'store_request'
+
       def initialize
         super
-        @mode = 'store_request'
+        @mode = MODE
       end
-
+
+      # Extract a StoreRequest from an OpenID message
+      # message: OpenID::Message
+      # return a StoreRequest or nil if AX arguments are not present
+      def self.from_openid_request(oidreq)
+        message = oidreq.message 
+        ax_args = message.get_args(NS_URI)
+        return nil if ax_args.empty? or ax_args['mode'] != MODE
+        req = new
+        req.parse_extension_args(ax_args)
+        req
+      end
+
       def get_extension_args(aliases=nil)
         ax_args = new_args
         kv_args = _get_extension_kv_args(aliases)
@@ -499,7 +516,13 @@ def initialize(succeeded = true, error_message = nil)
         end
         @error_message = error_message
       end
-
+
+      def self.from_success_response(success_response)
+        resp = nil
+        ax_args = success_response.message.get_args(NS_URI)
+        resp = ax_args.key?('error') ? new(false, ax_args['error']) : new
+      end
+
       def succeeded?
         @mode == SUCCESS_MODE
       end

diff --git a/lib/openid/fetchers.rb b/lib/openid/fetchers.rb
@@ -205,15 +205,16 @@ def fetch(url, body=nil, headers=nil, redirect_limit=REDIRECT_LIMIT)
             conn.request_post(url.request_uri, body, headers)
           end
         }
+        setup_encoding(response)
+      rescue Timeout::Error => why
+        raise FetchingError, "Error fetching #{url}: #{why}"
       rescue RuntimeError => why
         raise why
       rescue OpenSSL::SSL::SSLError => why
         raise SSLFetchingError, "Error connecting to SSL URL #{url}: #{why}"
       rescue FetchingError => why
         raise why
       rescue Exception => why
-        # Things we've caught here include a Timeout::Error, which descends
-        # from SignalException.
         raise FetchingError, "Error fetching #{url}: #{why}"
       end
 
@@ -234,5 +235,24 @@ def fetch(url, body=nil, headers=nil, redirect_limit=REDIRECT_LIMIT)
         return HTTPResponse._from_net_response(response, unparsed_url)
       end
     end
+
+    private
+    def setup_encoding(response)
+      return unless defined?(::Encoding::ASCII_8BIT)
+      charset = response.type_params["charset"]
+      return if charset.nil?
+      encoding = nil
+      begin
+        encoding = Encoding.find(charset)
+      rescue ArgumentError
+      end
+      encoding ||= Encoding::ASCII_8BIT
+      body = response.body
+      if body.respond_to?(:force_encoding)
+        body.force_encoding(encoding)
+      else
+        body.set_encoding(encoding)
+      end
+    end
   end
 end
diff --git a/lib/openid/yadis/xrires.rb b/lib/openid/yadis/xrires.rb
@@ -31,7 +31,7 @@ def query_url(xri, service_type=nil)
           # XRI Resolution WD 11.
           qxri = XRI.to_uri_normal(xri)[6..-1]
           hxri = @proxy_url + CGI::escape( qxri )
-          args = {'_xrd_r' => 'application/xrds+xml'}          
+          args = {'_xrd_r' => 'application/xrds+xml'}
           args['_xrd_t'] = service_type if service_type
 
           return XRI.append_args(hxri, args)
@@ -54,6 +54,10 @@ def query(xri)
           canonicalID = Yadis::get_canonical_id(xri, xrds)
 
           return canonicalID, Yadis::services(xrds)
+          # TODO:
+          #  * If we do get hits for multiple service_types, we're almost
+          #    certainly going to have duplicated service entries and
+          #    broken priority ordering.
         end
       end
 

diff --git a/test/data/test_discover/openid_utf8.html b/test/data/test_discover/openid_utf8.html
@@ -0,0 +1,11 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html>
+  <head>
+    <title>Identity Page for Smoker</title>
+    <link rel="openid.server" href="http://www.myopenid.com/server" />
+    <link rel="openid.delegate" href="http://smoker.myopenid.com/" />
+  </head>
+  <body>
+    <p>こんにちは</p>
+  </body>
+</html>
diff --git a/test/test_ax.rb b/test/test_ax.rb
@@ -371,7 +371,28 @@ def test_from_openid_request_no_ax
         ax_req = FetchRequest.from_openid_request(openid_req)
         assert(ax_req.nil?)
       end
-
+
+      def test_from_openid_request_wrong_ax_mode
+        uri = 'http://under.the.sea/'
+        name = 'ext0'
+        value = 'snarfblat'
+
+        message = OpenID::Message.from_openid_args({
+                                               'mode' => 'id_res',
+                                               'ns' => OPENID2_NS,
+                                               'ns.ax' => AXMessage::NS_URI,
+                                               'ax.update_url' => 'http://example.com/realm/update_path',
+                                               'ax.mode' => 'store_request',
+                                               'ax.type.' + name => uri,
+                                               'ax.count.' + name => '1',
+                                               'ax.value.' + name + '.1' => value
+                                             })
+        openid_req = Server::OpenIDRequest.new
+        openid_req.message = message
+        ax_req = FetchRequest.from_openid_request(openid_req)
+        assert(ax_req.nil?)
+      end
+
       def test_openid_update_url_verification_error
         openid_req_msg = Message.from_openid_args({
                                                     'mode' => 'checkid_setup',
@@ -602,7 +623,28 @@ def test_get_extension_args_empty
         }
         assert_equal(eargs, @msg.get_extension_args)
       end
-
+
+      def test_from_openid_request_wrong_ax_mode
+        uri = 'http://under.the.sea/'
+        name = 'ext0'
+        value = 'snarfblat'
+
+        message = OpenID::Message.from_openid_args({
+                                               'mode' => 'id_res',
+                                               'ns' => OPENID2_NS,
+                                               'ns.ax' => AXMessage::NS_URI,
+                                               'ax.update_url' => 'http://example.com/realm/update_path',
+                                               'ax.mode' => 'fetch_request',
+                                               'ax.type.' + name => uri,
+                                               'ax.count.' + name => '1',
+                                               'ax.value.' + name + '.1' => value
+                                             })
+        openid_req = Server::OpenIDRequest.new
+        openid_req.message = message
+        ax_req = StoreRequest.from_openid_request(openid_req)
+        assert(ax_req.nil?)
+      end
+
       def test_get_extension_args_nonempty
         @msg.set_values(@type_a, ['foo','bar'])
         aliases = NamespaceMap.new

diff --git a/test/test_discover.rb b/test/test_discover.rb
@@ -365,6 +365,20 @@ def test_html1And2
       }
     end
 
+    def test_html_utf8
+      utf8_html = read_data_file('test_discover/openid_utf8.html', false)
+      utf8_html.force_encoding("UTF-8") if utf8_html.respond_to?(:force_encoding)
+      services = _discover('text/html', utf8_html, 1)
+
+      _checkService(services[0],
+                    "http://www.myopenid.com/server",
+                    @id_url,
+                    'http://smoker.myopenid.com/',
+                    nil,
+                    ['1.1'],
+                    false)
+    end
+
     def test_yadisEmpty
       services = _discover('application/xrds+xml',
                            read_data_file('test_discover/yadis_0entries.xml', false),

diff --git a/test/test_fetchers.rb b/test/test_fetchers.rb
@@ -1,4 +1,6 @@
+# -*- coding: utf-8 -*-
 require "test_helper"
+
 require 'net/http'
 require 'webrick'
 require 'openid/fetchers'
@@ -108,6 +110,21 @@ def _redirect_loop
     }
   end
 
+  UTF8_PAGE_CONTENT = <<-EOHTML
+<html>
+  <head><title>UTF-8</title></head>
+  <body>こんにちは</body>
+</html>
+EOHTML
+  def _utf8_page
+    lambda { |req, resp|
+      resp['Content-Type'] = "text/html; charset=utf-8"
+      body = UTF8_PAGE_CONTENT.dup
+      body.force_encoding("ASCII-8BIT") if body.respond_to?(:force_encoding)
+      resp.body = body
+    }
+  end
+
   def setup
     @fetcher = OpenID::StandardFetcher.new
     @logfile = StringIO.new
@@ -133,6 +150,7 @@ def setup
       }
       @server.mount_proc('/post', _require_post)
       @server.mount_proc('/redirect_loop', _redirect_loop)
+      @server.mount_proc('/utf8_page', _utf8_page)
       @server.start
     }
     @uri = _uri_build
@@ -206,6 +224,15 @@ def test_redirect_limit
     }
   end
 
+  def test_utf8_page
+    uri = _uri_build('/utf8_page')
+    response = @fetcher.fetch(uri)
+    assert_equal(UTF8_PAGE_CONTENT, response.body)
+    if response.body.respond_to?(:encoding)
+      assert_equal(Encoding::UTF_8, response.body.encoding)
+    end
+  end
+
   def test_cases
     for path, expected_code, expected_url in @@cases
       uri = _uri_build(path)
-Original file line number
+Diff line change
@@ Expand Up / @@ -18,7 +18,7 @@ module OpenID @@
         [^>]*>.*?<\/script>
-      /mixu
+      /mix
       def OpenID.openid_unescape(s)
         s.gsub('&amp;','&').gsub('&lt;','<').gsub('&gt;','>').gsub('&quot;','"')
@@ Expand Down @@