diff options
| author | Aaron Parecki <aaron@parecki.com> | 2015-08-30 16:13:36 -0700 |
|---|---|---|
| committer | Aaron Parecki <aaron@parecki.com> | 2015-08-30 16:13:36 -0700 |
| commit | aebf3a2af37c6d9bb86d2bf1c3246a90b20484f4 (patch) | |
| tree | 2b4119ff3ddad69eb613d70c4d1178b58a5844f3 /controllers/auth.php | |
| parent | 9a2af20e9e8ea709d59f774b5f408a040eebfaf9 (diff) | |
upgrade indieauth-client to fix #28
paths are allowed in Quill URLs now
Diffstat (limited to 'controllers/auth.php')
| -rw-r--r-- | controllers/auth.php | 40 |
1 files changed, 2 insertions, 38 deletions
diff --git a/controllers/auth.php b/controllers/auth.php index 55bbf0c..0237c59 100644 --- a/controllers/auth.php +++ b/controllers/auth.php @@ -17,42 +17,6 @@ function build_url($parsed_url) { return "$scheme$user$pass$host$port$path$query$fragment"; } -// Input: Any URL or string like "aaronparecki.com" -// Output: Normlized URL (default to http if no scheme, force "/" path) -// or return false if not a valid URL (has query string params, etc) -function normalizeMeURL($url) { - $me = parse_url($url); - - if(array_key_exists('path', $me) && $me['path'] == '') - return false; - - // parse_url returns just "path" for naked domains - if(count($me) == 1 && array_key_exists('path', $me)) { - $me['host'] = $me['path']; - unset($me['path']); - } - - if(!array_key_exists('scheme', $me)) - $me['scheme'] = 'http'; - - if(!array_key_exists('path', $me)) - $me['path'] = '/'; - - // Invalid scheme - if(!in_array($me['scheme'], array('http','https'))) - return false; - - // Invalid path - if($me['path'] != '/') - return false; - - // query and fragment not allowed - if(array_key_exists('query', $me) || array_key_exists('fragment', $me)) - return false; - - return build_url($me); -} - $app->get('/', function($format='html') use($app) { $res = $app->response(); @@ -75,7 +39,7 @@ $app->get('/auth/start', function() use($app) { // the "me" parameter is user input, and may be in a couple of different forms: // aaronparecki.com http://aaronparecki.com http://aaronparecki.com/ // Normlize the value now (move this into a function in IndieAuth\Client later) - if(!array_key_exists('me', $params) || !($me = normalizeMeURL($params['me']))) { + if(!array_key_exists('me', $params) || !($me = IndieAuth\Client::normalizeMeURL($params['me']))) { $html = render('auth_error', array( 'title' => 'Sign In', 'error' => 'Invalid "me" Parameter', @@ -156,7 +120,7 @@ $app->get('/auth/callback', function() use($app) { // Double check there is a "me" parameter // Should only fail for really hacked up requests - if(!array_key_exists('me', $params) || !($me = normalizeMeURL($params['me']))) { + if(!array_key_exists('me', $params) || !($me = IndieAuth\Client::normalizeMeURL($params['me']))) { if(array_key_exists('me', $params)) $error = 'The ID you entered, <strong>' . $params['me'] . '</strong> is not valid.'; else |