From aebf3a2af37c6d9bb86d2bf1c3246a90b20484f4 Mon Sep 17 00:00:00 2001 From: Aaron Parecki Date: Sun, 30 Aug 2015 16:13:36 -0700 Subject: upgrade indieauth-client to fix #28 paths are allowed in Quill URLs now --- CONTRIBUTING.md | 1 + composer.json | 4 +-- composer.lock | 88 ++++++++++++++++++++++++++++++++++++++++------------ controllers/auth.php | 40 ++---------------------- 4 files changed, 73 insertions(+), 60 deletions(-) create mode 100644 CONTRIBUTING.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..2eebfde --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1 @@ +By submitting code to this project, you agree to irrevocably release it under the same license as this project. See README.md for more details. \ No newline at end of file diff --git a/composer.json b/composer.json index a0003bd..1a61c65 100644 --- a/composer.json +++ b/composer.json @@ -3,10 +3,10 @@ "slim/slim": "2.2.*", "saltybeagle/savant3": "dev-master", "j4mie/idiorm": "1.4.*", - "mf2/mf2": "0.1.*", + "mf2/mf2": "0.2.*", "indieweb/mention-client": "0.*", "indieweb/date-formatter": "0.1.*", - "indieauth/client": "0.1.3", + "indieauth/client": ">=0.1.11", "mpratt/relativetime": ">=1.0", "firebase/php-jwt": "2.*", "ruudk/twitter-oauth": "dev-master", diff --git a/composer.lock b/composer.lock index 530edb6..fef94a8 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "hash": "ee4d8d4e5d4ced9e6a7191bd5bc1fa29", + "hash": "66741248756ed56d19ea2afd34809fe2", "packages": [ { "name": "andreyco/instagram", @@ -49,6 +49,46 @@ ], "time": "2014-07-14 19:53:19" }, + { + "name": "barnabywalters/mf-cleaner", + "version": "v0.1.4", + "source": { + "type": "git", + "url": "https://github.com/barnabywalters/php-mf-cleaner.git", + "reference": "ef6a16628db6e8aee2b4f8bb8093d18c24b74cd4" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/barnabywalters/php-mf-cleaner/zipball/ef6a16628db6e8aee2b4f8bb8093d18c24b74cd4", + "reference": "ef6a16628db6e8aee2b4f8bb8093d18c24b74cd4", + "shasum": "" + }, + "require-dev": { + "php": ">=5.3", + "phpunit/phpunit": "*" + }, + "suggest": { + "mf2/mf2": "To parse microformats2 structures from (X)HTML" + }, + "type": "library", + "autoload": { + "files": [ + "src/BarnabyWalters/Mf2/Functions.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Barnaby Walters", + "email": "barnaby@waterpigs.co.uk" + } + ], + "description": "Cleans up microformats2 array structures", + "time": "2014-10-06 23:11:15" + }, { "name": "firebase/php-jwt", "version": "v2.2.0", @@ -95,20 +135,22 @@ }, { "name": "indieauth/client", - "version": "0.1.3", + "version": "0.1.11", "source": { "type": "git", "url": "https://github.com/indieweb/indieauth-client-php.git", - "reference": "d0a9748aa643d826616ec1b02fb121f4aba0c9fc" + "reference": "6504ed0d4714084e9955f639d6e5cf4e976f9038" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/indieweb/indieauth-client-php/zipball/d0a9748aa643d826616ec1b02fb121f4aba0c9fc", - "reference": "d0a9748aa643d826616ec1b02fb121f4aba0c9fc", + "url": "https://api.github.com/repos/indieweb/indieauth-client-php/zipball/6504ed0d4714084e9955f639d6e5cf4e976f9038", + "reference": "6504ed0d4714084e9955f639d6e5cf4e976f9038", "shasum": "" }, "require": { + "barnabywalters/mf-cleaner": "0.*", "indieweb/link-rel-parser": "0.1.1", + "mf2/mf2": "0.2.*", "php": ">5.3.0" }, "type": "library", @@ -128,7 +170,7 @@ } ], "description": "IndieAuth Client Library", - "time": "2014-03-02 21:07:38" + "time": "2015-08-30 22:29:40" }, { "name": "indieweb/date-formatter", @@ -221,19 +263,20 @@ }, { "name": "indieweb/mention-client", - "version": "0.4.1", + "version": "0.4.7", "source": { "type": "git", "url": "https://github.com/indieweb/mention-client-php.git", - "reference": "dc88d797a54c0f138ab202acfeb4a1fb9aa38fff" + "reference": "15271f4988c7bf661896fad188fdf0bf91877a7f" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/indieweb/mention-client-php/zipball/dc88d797a54c0f138ab202acfeb4a1fb9aa38fff", - "reference": "dc88d797a54c0f138ab202acfeb4a1fb9aa38fff", + "url": "https://api.github.com/repos/indieweb/mention-client-php/zipball/15271f4988c7bf661896fad188fdf0bf91877a7f", + "reference": "15271f4988c7bf661896fad188fdf0bf91877a7f", "shasum": "" }, "require": { + "mf2/mf2": "0.2.*", "php": ">=5.3" }, "type": "library", @@ -255,7 +298,7 @@ ], "description": "Client library for sending webmention and pingback notifications", "homepage": "https://github.com/indieweb/mention-client-php", - "time": "2013-09-14 20:30:04" + "time": "2015-04-03 11:21:06" }, { "name": "j4mie/idiorm", @@ -317,16 +360,16 @@ }, { "name": "mf2/mf2", - "version": "v0.1.23", + "version": "v0.2.12", "source": { "type": "git", "url": "https://github.com/indieweb/php-mf2.git", - "reference": "9094e4f7ad535e0796f5a384dec42bab81393e0e" + "reference": "6701504876d6c9242eb310b35f41d40d9785ab4e" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/indieweb/php-mf2/zipball/9094e4f7ad535e0796f5a384dec42bab81393e0e", - "reference": "9094e4f7ad535e0796f5a384dec42bab81393e0e", + "url": "https://api.github.com/repos/indieweb/php-mf2/zipball/6701504876d6c9242eb310b35f41d40d9785ab4e", + "reference": "6701504876d6c9242eb310b35f41d40d9785ab4e", "shasum": "" }, "require": { @@ -338,11 +381,15 @@ "suggest": { "barnabywalters/mf-cleaner": "To more easily handle the canonical data php-mf2 gives you" }, + "bin": [ + "bin/fetch-mf2", + "bin/parse-mf2" + ], "type": "library", "autoload": { - "psr-0": { - "mf2\\Parser": "" - } + "files": [ + "Mf2/Parser.php" + ] }, "notification-url": "https://packagist.org/downloads/", "license": [ @@ -354,14 +401,15 @@ "homepage": "http://waterpigs.co.uk" } ], - "description": "A pure (generic) microformats-2 parser", + "description": "A pure, generic microformats2 parser — makes HTML as easy to consume as a JSON API", "keywords": [ + "html", "microformats", "microformats 2", "parser", "semantic" ], - "time": "2013-10-20 12:25:50" + "time": "2015-07-12 14:10:01" }, { "name": "mpratt/relativetime", diff --git a/controllers/auth.php b/controllers/auth.php index 55bbf0c..0237c59 100644 --- a/controllers/auth.php +++ b/controllers/auth.php @@ -17,42 +17,6 @@ function build_url($parsed_url) { return "$scheme$user$pass$host$port$path$query$fragment"; } -// Input: Any URL or string like "aaronparecki.com" -// Output: Normlized URL (default to http if no scheme, force "/" path) -// or return false if not a valid URL (has query string params, etc) -function normalizeMeURL($url) { - $me = parse_url($url); - - if(array_key_exists('path', $me) && $me['path'] == '') - return false; - - // parse_url returns just "path" for naked domains - if(count($me) == 1 && array_key_exists('path', $me)) { - $me['host'] = $me['path']; - unset($me['path']); - } - - if(!array_key_exists('scheme', $me)) - $me['scheme'] = 'http'; - - if(!array_key_exists('path', $me)) - $me['path'] = '/'; - - // Invalid scheme - if(!in_array($me['scheme'], array('http','https'))) - return false; - - // Invalid path - if($me['path'] != '/') - return false; - - // query and fragment not allowed - if(array_key_exists('query', $me) || array_key_exists('fragment', $me)) - return false; - - return build_url($me); -} - $app->get('/', function($format='html') use($app) { $res = $app->response(); @@ -75,7 +39,7 @@ $app->get('/auth/start', function() use($app) { // the "me" parameter is user input, and may be in a couple of different forms: // aaronparecki.com http://aaronparecki.com http://aaronparecki.com/ // Normlize the value now (move this into a function in IndieAuth\Client later) - if(!array_key_exists('me', $params) || !($me = normalizeMeURL($params['me']))) { + if(!array_key_exists('me', $params) || !($me = IndieAuth\Client::normalizeMeURL($params['me']))) { $html = render('auth_error', array( 'title' => 'Sign In', 'error' => 'Invalid "me" Parameter', @@ -156,7 +120,7 @@ $app->get('/auth/callback', function() use($app) { // Double check there is a "me" parameter // Should only fail for really hacked up requests - if(!array_key_exists('me', $params) || !($me = normalizeMeURL($params['me']))) { + if(!array_key_exists('me', $params) || !($me = IndieAuth\Client::normalizeMeURL($params['me']))) { if(array_key_exists('me', $params)) $error = 'The ID you entered, ' . $params['me'] . ' is not valid.'; else -- cgit v1.2.3