Browse Source

upgrade indieauth-client to fix #28

paths are allowed in Quill URLs now
pull/30/head
Aaron Parecki 8 years ago
parent
commit
aebf3a2af3
4 changed files with 73 additions and 60 deletions
  1. +1
    -0
      CONTRIBUTING.md
  2. +2
    -2
      composer.json
  3. +68
    -20
      composer.lock
  4. +2
    -38
      controllers/auth.php

+ 1
- 0
CONTRIBUTING.md View File

@ -0,0 +1 @@
By submitting code to this project, you agree to irrevocably release it under the same license as this project. See README.md for more details.

+ 2
- 2
composer.json View File

@ -3,10 +3,10 @@
"slim/slim": "2.2.*", "slim/slim": "2.2.*",
"saltybeagle/savant3": "dev-master", "saltybeagle/savant3": "dev-master",
"j4mie/idiorm": "1.4.*", "j4mie/idiorm": "1.4.*",
"mf2/mf2": "0.1.*",
"mf2/mf2": "0.2.*",
"indieweb/mention-client": "0.*", "indieweb/mention-client": "0.*",
"indieweb/date-formatter": "0.1.*", "indieweb/date-formatter": "0.1.*",
"indieauth/client": "0.1.3",
"indieauth/client": ">=0.1.11",
"mpratt/relativetime": ">=1.0", "mpratt/relativetime": ">=1.0",
"firebase/php-jwt": "2.*", "firebase/php-jwt": "2.*",
"ruudk/twitter-oauth": "dev-master", "ruudk/twitter-oauth": "dev-master",

+ 68
- 20
composer.lock View File

@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically" "This file is @generated automatically"
], ],
"hash": "ee4d8d4e5d4ced9e6a7191bd5bc1fa29",
"hash": "66741248756ed56d19ea2afd34809fe2",
"packages": [ "packages": [
{ {
"name": "andreyco/instagram", "name": "andreyco/instagram",
@ -49,6 +49,46 @@
], ],
"time": "2014-07-14 19:53:19" "time": "2014-07-14 19:53:19"
}, },
{
"name": "barnabywalters/mf-cleaner",
"version": "v0.1.4",
"source": {
"type": "git",
"url": "https://github.com/barnabywalters/php-mf-cleaner.git",
"reference": "ef6a16628db6e8aee2b4f8bb8093d18c24b74cd4"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/barnabywalters/php-mf-cleaner/zipball/ef6a16628db6e8aee2b4f8bb8093d18c24b74cd4",
"reference": "ef6a16628db6e8aee2b4f8bb8093d18c24b74cd4",
"shasum": ""
},
"require-dev": {
"php": ">=5.3",
"phpunit/phpunit": "*"
},
"suggest": {
"mf2/mf2": "To parse microformats2 structures from (X)HTML"
},
"type": "library",
"autoload": {
"files": [
"src/BarnabyWalters/Mf2/Functions.php"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Barnaby Walters",
"email": "barnaby@waterpigs.co.uk"
}
],
"description": "Cleans up microformats2 array structures",
"time": "2014-10-06 23:11:15"
},
{ {
"name": "firebase/php-jwt", "name": "firebase/php-jwt",
"version": "v2.2.0", "version": "v2.2.0",
@ -95,20 +135,22 @@
}, },
{ {
"name": "indieauth/client", "name": "indieauth/client",
"version": "0.1.3",
"version": "0.1.11",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/indieweb/indieauth-client-php.git", "url": "https://github.com/indieweb/indieauth-client-php.git",
"reference": "d0a9748aa643d826616ec1b02fb121f4aba0c9fc"
"reference": "6504ed0d4714084e9955f639d6e5cf4e976f9038"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/indieweb/indieauth-client-php/zipball/d0a9748aa643d826616ec1b02fb121f4aba0c9fc",
"reference": "d0a9748aa643d826616ec1b02fb121f4aba0c9fc",
"url": "https://api.github.com/repos/indieweb/indieauth-client-php/zipball/6504ed0d4714084e9955f639d6e5cf4e976f9038",
"reference": "6504ed0d4714084e9955f639d6e5cf4e976f9038",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
"barnabywalters/mf-cleaner": "0.*",
"indieweb/link-rel-parser": "0.1.1", "indieweb/link-rel-parser": "0.1.1",
"mf2/mf2": "0.2.*",
"php": ">5.3.0" "php": ">5.3.0"
}, },
"type": "library", "type": "library",
@ -128,7 +170,7 @@
} }
], ],
"description": "IndieAuth Client Library", "description": "IndieAuth Client Library",
"time": "2014-03-02 21:07:38"
"time": "2015-08-30 22:29:40"
}, },
{ {
"name": "indieweb/date-formatter", "name": "indieweb/date-formatter",
@ -221,19 +263,20 @@
}, },
{ {
"name": "indieweb/mention-client", "name": "indieweb/mention-client",
"version": "0.4.1",
"version": "0.4.7",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/indieweb/mention-client-php.git", "url": "https://github.com/indieweb/mention-client-php.git",
"reference": "dc88d797a54c0f138ab202acfeb4a1fb9aa38fff"
"reference": "15271f4988c7bf661896fad188fdf0bf91877a7f"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/indieweb/mention-client-php/zipball/dc88d797a54c0f138ab202acfeb4a1fb9aa38fff",
"reference": "dc88d797a54c0f138ab202acfeb4a1fb9aa38fff",
"url": "https://api.github.com/repos/indieweb/mention-client-php/zipball/15271f4988c7bf661896fad188fdf0bf91877a7f",
"reference": "15271f4988c7bf661896fad188fdf0bf91877a7f",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
"mf2/mf2": "0.2.*",
"php": ">=5.3" "php": ">=5.3"
}, },
"type": "library", "type": "library",
@ -255,7 +298,7 @@
], ],
"description": "Client library for sending webmention and pingback notifications", "description": "Client library for sending webmention and pingback notifications",
"homepage": "https://github.com/indieweb/mention-client-php", "homepage": "https://github.com/indieweb/mention-client-php",
"time": "2013-09-14 20:30:04"
"time": "2015-04-03 11:21:06"
}, },
{ {
"name": "j4mie/idiorm", "name": "j4mie/idiorm",
@ -317,16 +360,16 @@
}, },
{ {
"name": "mf2/mf2", "name": "mf2/mf2",
"version": "v0.1.23",
"version": "v0.2.12",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/indieweb/php-mf2.git", "url": "https://github.com/indieweb/php-mf2.git",
"reference": "9094e4f7ad535e0796f5a384dec42bab81393e0e"
"reference": "6701504876d6c9242eb310b35f41d40d9785ab4e"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/indieweb/php-mf2/zipball/9094e4f7ad535e0796f5a384dec42bab81393e0e",
"reference": "9094e4f7ad535e0796f5a384dec42bab81393e0e",
"url": "https://api.github.com/repos/indieweb/php-mf2/zipball/6701504876d6c9242eb310b35f41d40d9785ab4e",
"reference": "6701504876d6c9242eb310b35f41d40d9785ab4e",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@ -338,11 +381,15 @@
"suggest": { "suggest": {
"barnabywalters/mf-cleaner": "To more easily handle the canonical data php-mf2 gives you" "barnabywalters/mf-cleaner": "To more easily handle the canonical data php-mf2 gives you"
}, },
"bin": [
"bin/fetch-mf2",
"bin/parse-mf2"
],
"type": "library", "type": "library",
"autoload": { "autoload": {
"psr-0": {
"mf2\\Parser": ""
}
"files": [
"Mf2/Parser.php"
]
}, },
"notification-url": "https://packagist.org/downloads/", "notification-url": "https://packagist.org/downloads/",
"license": [ "license": [
@ -354,14 +401,15 @@
"homepage": "http://waterpigs.co.uk" "homepage": "http://waterpigs.co.uk"
} }
], ],
"description": "A pure (generic) microformats-2 parser",
"description": "A pure, generic microformats2 parser — makes HTML as easy to consume as a JSON API",
"keywords": [ "keywords": [
"html",
"microformats", "microformats",
"microformats 2", "microformats 2",
"parser", "parser",
"semantic" "semantic"
], ],
"time": "2013-10-20 12:25:50"
"time": "2015-07-12 14:10:01"
}, },
{ {
"name": "mpratt/relativetime", "name": "mpratt/relativetime",

+ 2
- 38
controllers/auth.php View File

@ -17,42 +17,6 @@ function build_url($parsed_url) {
return "$scheme$user$pass$host$port$path$query$fragment"; return "$scheme$user$pass$host$port$path$query$fragment";
} }
// Input: Any URL or string like "aaronparecki.com"
// Output: Normlized URL (default to http if no scheme, force "/" path)
// or return false if not a valid URL (has query string params, etc)
function normalizeMeURL($url) {
$me = parse_url($url);
if(array_key_exists('path', $me) && $me['path'] == '')
return false;
// parse_url returns just "path" for naked domains
if(count($me) == 1 && array_key_exists('path', $me)) {
$me['host'] = $me['path'];
unset($me['path']);
}
if(!array_key_exists('scheme', $me))
$me['scheme'] = 'http';
if(!array_key_exists('path', $me))
$me['path'] = '/';
// Invalid scheme
if(!in_array($me['scheme'], array('http','https')))
return false;
// Invalid path
if($me['path'] != '/')
return false;
// query and fragment not allowed
if(array_key_exists('query', $me) || array_key_exists('fragment', $me))
return false;
return build_url($me);
}
$app->get('/', function($format='html') use($app) { $app->get('/', function($format='html') use($app) {
$res = $app->response(); $res = $app->response();
@ -75,7 +39,7 @@ $app->get('/auth/start', function() use($app) {
// the "me" parameter is user input, and may be in a couple of different forms: // the "me" parameter is user input, and may be in a couple of different forms:
// aaronparecki.com http://aaronparecki.com http://aaronparecki.com/ // aaronparecki.com http://aaronparecki.com http://aaronparecki.com/
// Normlize the value now (move this into a function in IndieAuth\Client later) // Normlize the value now (move this into a function in IndieAuth\Client later)
if(!array_key_exists('me', $params) || !($me = normalizeMeURL($params['me']))) {
if(!array_key_exists('me', $params) || !($me = IndieAuth\Client::normalizeMeURL($params['me']))) {
$html = render('auth_error', array( $html = render('auth_error', array(
'title' => 'Sign In', 'title' => 'Sign In',
'error' => 'Invalid "me" Parameter', 'error' => 'Invalid "me" Parameter',
@ -156,7 +120,7 @@ $app->get('/auth/callback', function() use($app) {
// Double check there is a "me" parameter // Double check there is a "me" parameter
// Should only fail for really hacked up requests // Should only fail for really hacked up requests
if(!array_key_exists('me', $params) || !($me = normalizeMeURL($params['me']))) {
if(!array_key_exists('me', $params) || !($me = IndieAuth\Client::normalizeMeURL($params['me']))) {
if(array_key_exists('me', $params)) if(array_key_exists('me', $params))
$error = 'The ID you entered, <strong>' . $params['me'] . '</strong> is not valid.'; $error = 'The ID you entered, <strong>' . $params['me'] . '</strong> is not valid.';
else else

Loading…
Cancel
Save