File Coverage

blib/lib/Net/OpenID/VerifiedIdentity.pm
Criterion Covered Total %
statement 12 140 8.5
branch 0 74 0.0
condition 0 10 0.0
subroutine 4 28 14.2
pod 11 15 73.3
total 27 267 10.1


line stmt bran cond sub pod time code
1 6     6   47 use strict;
  6         6  
  6         122  
2 6     6   17 use Carp ();
  6         3  
  6         206  
3              
4             ############################################################################
5             package Net::OpenID::VerifiedIdentity;
6             $Net::OpenID::VerifiedIdentity::VERSION = '1.18';
7             use fields (
8 6         25 'identity', # the verified identity URL
9             'id_uri', # the verified identity's URI object
10              
11             'claimed_identity', # The ClaimedIdentity object that we've verified
12             'semantic_info', # The "semantic info" (RSS URLs, etc) at the verified identity URL
13              
14             'consumer', # The Net::OpenID::Consumer module which created us
15              
16             'signed_fields' , # hashref of key->value of things that were signed. without "openid." prefix
17             'signed_message', # the signed fields as an IndirectMessage object. Created when needed.
18 6     6   16 );
  6         6  
19 6     6   2925 use URI;
  6         30646  
  6         7885  
20              
21             sub new {
22 0     0 0   my Net::OpenID::VerifiedIdentity $self = shift;
23 0 0         $self = fields::new( $self ) unless ref $self;
24 0           my %opts = @_;
25              
26 0           $self->{'consumer'} = delete $opts{'consumer'};
27              
28 0 0         if ($self->{'claimed_identity'} = delete $opts{'claimed_identity'}) {
29 0           $self->{identity} = $self->{claimed_identity}->claimed_url;
30 0 0         unless ($self->{'id_uri'} = URI->new($self->{identity})) {
31 0           return $self->{'consumer'}->_fail("invalid_uri");
32             }
33             }
34              
35 0           for my $par (qw(signed_fields)) {
36 0           $self->$par(delete $opts{$par});
37             }
38              
39 0 0         Carp::croak("Unknown options: " . join(", ", keys %opts)) if %opts;
40 0           return $self;
41             }
42              
43             sub url {
44 0     0 1   my Net::OpenID::VerifiedIdentity $self = shift;
45 0           return $self->{'identity'};
46             }
47              
48             sub display {
49 0     0 1   my Net::OpenID::VerifiedIdentity $self = shift;
50 0           return DisplayOfURL($self->{'identity'});
51             }
52              
53             sub _semantic_info_hash {
54 0     0     my ($self) = @_;
55 0 0         return $self->{semantic_info} if $self->{semantic_info};
56 0           my $sem_info = $self->{claimed_identity}->semantic_info;
57             $self->{semantic_info} = {
58             'foaf' => $self->_identity_relative_uri($sem_info->{"foaf"}),
59             'foafmaker' => $sem_info->{"foaf.maker"},
60             'rss' => $self->_identity_relative_uri($sem_info->{"rss"}),
61 0           'atom' => $self->_identity_relative_uri($sem_info->{"atom"}),
62             };
63 0           return $self->{semantic_info};
64             }
65              
66             sub _identity_relative_uri {
67 0     0     my $self = shift;
68 0           my $url = shift;
69              
70 0 0         return $url if ref $url;
71 0 0         return undef unless $url;
72 0           return URI->new_abs($url, $self->{'id_uri'});
73             }
74              
75 0     0 0   sub signed_fields { &_getset; }
76              
77 0     0 1   sub foaf { &_getset_semurl; }
78 0     0 1   sub rss { &_getset_semurl; }
79 0     0 1   sub atom { &_getset_semurl; }
80 0     0 1   sub foafmaker { &_getset_sem; }
81              
82 0     0 1   sub declared_foaf { &_dec_semurl; }
83 0     0 1   sub declared_rss { &_dec_semurl; }
84 0     0 1   sub declared_atom { &_dec_semurl; }
85              
86             sub extension_fields {
87 0     0 1   my ($self, $ns_uri) = @_;
88 0           return $self->_extension_fields($ns_uri, $self->{consumer}->message);
89             }
90              
91             sub signed_extension_fields {
92 0     0 1   my ($self, $ns_uri) = @_;
93              
94 0           return $self->_extension_fields($ns_uri, $self->signed_message);
95             }
96              
97             sub _extension_fields {
98 0     0     my ($self, $ns_uri, $args) = @_;
99              
100 0           return $args->get_ext($ns_uri);
101             }
102              
103             sub signed_message {
104 0     0 0   my ($self) = @_;
105              
106 0 0         return $self->{signed_message} if $self->{signed_message};
107              
108             # This is maybe a bit hacky.
109             # We need to synthesize an IndirectMessage object
110             # representing the signed fields, which means
111             # that we need to fake up the mandatory message
112             # arguments that probably weren't signed.
113              
114 0           my %args = map { 'openid.'.$_ => $self->{signed_fields}{$_} } keys %{$self->{signed_fields}};
  0            
  0            
115              
116 0           my $real_message = $self->{consumer}->message;
117 0 0         if ($real_message->protocol_version == 1) {
118             # OpenID 1.1 just needs a mode.
119 0           $args{'openid.mode'} = 'id_res';
120             }
121             else {
122             # OpenID 2.2 needs the namespace URI as well
123 0           $args{'openid.ns'} = 'http://specs.openid.net/auth/2.0';
124 0           $args{'openid.mode'} = 'id_res';
125             }
126              
127 0           my $message = Net::OpenID::IndirectMessage->new(\%args);
128              
129 0           return $self->{signed_message} = $message;
130             }
131              
132             sub _getset {
133 0     0     my $self = shift;
134 0           my $param = (caller(1))[3];
135 0           $param =~ s/.+:://;
136              
137 0 0         if (@_) {
138 0           my $val = shift;
139 0 0         Carp::croak("Too many parameters") if @_;
140 0           $self->{$param} = $val;
141             }
142 0           return $self->{$param};
143             }
144              
145             sub _getset_sem {
146 0     0     my $self = shift;
147 0           my $param = (caller(1))[3];
148 0           $param =~ s/.+:://;
149              
150 0           my $info = $self->_semantic_info_hash;
151              
152 0 0         if (my $value = shift) {
153 0 0         Carp::croak("Too many parameters") if @_;
154 0           $info->{$param} = $value;
155             }
156 0           return $info->{$param};
157             }
158              
159             sub _getset_semurl {
160 0     0     my $self = shift;
161 0           my $param = (caller(1))[3];
162 0           $param =~ s/.+:://;
163              
164 0           my $info = $self->_semantic_info_hash;
165              
166 0 0         if (my $surl = shift) {
167 0 0         Carp::croak("Too many parameters") if @_;
168              
169             # TODO: make absolute URL from possibly relative one
170 0           my $abs = URI->new_abs($surl, $self->{'id_uri'});
171 0           $info->{$param} = $abs;
172             }
173              
174 0           my $uri = $info->{$param};
175 0 0 0       return $uri && _url_is_under($self->{'id_uri'}, $uri) ? $uri->as_string : undef;
176             }
177              
178             sub _dec_semurl {
179 0     0     my $self = shift;
180 0           my $param = (caller(1))[3];
181 0           $param =~ s/.+::declared_//;
182              
183 0           my $info = $self->_semantic_info_hash;
184              
185 0           my $uri = $info->{$param};
186 0 0         return $uri ? $uri->as_string : undef;
187             }
188              
189             sub DisplayOfURL {
190 0     0 0   my $url = shift;
191 0           my $dev_mode = shift;
192              
193 0 0         return $url unless
194             $url =~ m!^https?://([^/]+)(/.*)?$!;
195              
196 0           my ($host, $path) = ($1, $2);
197 0           $host = lc($host);
198              
199 0 0         if ($dev_mode) {
200 0           $host =~ s!^dev\.!!;
201 0           $host =~ s!:\d+!!;
202             }
203              
204 0           $host =~ s/:.+//;
205 0           $host =~ s/^www\.//i;
206              
207 0 0         if (length($path) <= 1) {
208 0           return $host;
209             }
210              
211             # obvious username
212 0 0 0       if ($path =~ m!^/~([^/]+)/?$! ||
213             $path =~ m!^/(?:users?|members?)/([^/]+)/?$!) {
214 0           return "$1 [$host]";
215             }
216              
217 0 0         if ($host =~ m!^profile\.(.+)!i) {
218 0           my $site = $1;
219 0 0         if ($path =~ m!^/([^/]+)/?$!) {
220 0           return "$1 [$site]";
221             }
222             }
223              
224 0           return $url;
225             }
226              
227             # FIXME: duplicated in Net::OpenID::Server
228             sub _url_is_under {
229 0     0     my ($root, $test, $err_ref) = @_;
230              
231             my $err = sub {
232 0 0   0     $$err_ref = shift if $err_ref;
233 0           return undef;
234 0           };
235              
236 0 0         my $ru = ref $root ? $root : URI->new($root);
237 0 0         return $err->("invalid root scheme") unless $ru->scheme =~ /^https?$/;
238 0 0         my $tu = ref $test ? $test : URI->new($test);
239 0 0         return $err->("invalid test scheme") unless $tu->scheme =~ /^https?$/;
240 0 0         return $err->("schemes don't match") unless $ru->scheme eq $tu->scheme;
241 0 0         return $err->("ports don't match") unless $ru->port == $tu->port;
242              
243             # check hostnames
244 0           my $ru_host = $ru->host;
245 0           my $tu_host = $tu->host;
246 0           my $wildcard_host = 0;
247 0 0         if ($ru_host =~ s!^\*\.!!) {
248 0           $wildcard_host = 1;
249             }
250 0 0         unless ($ru_host eq $tu_host) {
251 0 0         if ($wildcard_host) {
252 0 0         return $err->("host names don't match") unless
253             $tu_host =~ /\.\Q$ru_host\E$/;
254             } else {
255 0           return $err->("host names don't match");
256             }
257             }
258              
259             # check paths
260 0   0       my $ru_path = $ru->path || "/";
261 0   0       my $tu_path = $tu->path || "/";
262 0 0         $ru_path .= "/" unless $ru_path =~ m!/$!;
263 0 0         $tu_path .= "/" unless $tu_path =~ m!/$!;
264 0 0         return $err->("path not a subpath") unless $tu_path =~ m!^\Q$ru_path\E!;
265              
266 0           return 1;
267             }
268              
269             1;
270              
271             __END__