incubator-heraldry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ket...@apache.org
Subject svn commit: r463021 [3/12] - in /incubator/heraldry/libraries/php: ./ openid/ openid/trunk/ openid/trunk/Auth/ openid/trunk/Auth/OpenID/ openid/trunk/Services/ openid/trunk/Services/Yadis/ openid/trunk/Tests/ openid/trunk/Tests/Auth/ openid/trunk/Tests...
Date Wed, 11 Oct 2006 22:49:59 GMT
Added: incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/HMACSHA1.php
URL: http://svn.apache.org/viewvc/incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/HMACSHA1.php?view=auto&rev=463021
==============================================================================
--- incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/HMACSHA1.php (added)
+++ incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/HMACSHA1.php Wed Oct 11 15:49:50 2006
@@ -0,0 +1,72 @@
+<?php
+
+/**
+ * This is the HMACSHA1 implementation for the OpenID library.
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @access private
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2005 Janrain, Inc.
+ * @license http://www.gnu.org/copyleft/lesser.html LGPL
+ */
+
+/**
+ * SHA1_BLOCKSIZE is this module's SHA1 blocksize used by the fallback
+ * implementation.
+ */
+define('Auth_OpenID_SHA1_BLOCKSIZE', 64);
+
+if (!function_exists('sha1')) {
+    /**
+     * Return a raw SHA1 hash of the given string
+     *
+     * XXX: include the SHA1 code from Dan Libby's OpenID library
+     */
+    function Auth_OpenID_SHA1($text)
+    {
+        trigger_error('No SHA1 function found', E_USER_ERROR);
+    }
+} else {
+    /**
+     * @ignore
+     */
+    function Auth_OpenID_SHA1($text)
+        {
+            $hex = sha1($text);
+            $raw = '';
+            for ($i = 0; $i < 40; $i += 2) {
+                $hexcode = substr($hex, $i, 2);
+                $charcode = (int)base_convert($hexcode, 16, 10);
+                $raw .= chr($charcode);
+            }
+            return $raw;
+        }
+}
+
+/**
+ * Compute an HMAC/SHA1 hash.
+ *
+ * @access private
+ * @param string $key The HMAC key
+ * @param string $text The message text to hash
+ * @return string $mac The MAC
+ */
+function Auth_OpenID_HMACSHA1($key, $text)
+{
+    if (strlen($key) > Auth_OpenID_SHA1_BLOCKSIZE) {
+        $key = Auth_OpenID_SHA1($key, true);
+    }
+
+    $key = str_pad($key, Auth_OpenID_SHA1_BLOCKSIZE, chr(0x00));
+    $ipad = str_repeat(chr(0x36), Auth_OpenID_SHA1_BLOCKSIZE);
+    $opad = str_repeat(chr(0x5c), Auth_OpenID_SHA1_BLOCKSIZE);
+    $hash1 = Auth_OpenID_SHA1(($key ^ $ipad) . $text, true);
+    $hmac = Auth_OpenID_SHA1(($key ^ $opad) . $hash1, true);
+    return $hmac;
+}
+
+?>
\ No newline at end of file

Added: incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/Interface.php
URL: http://svn.apache.org/viewvc/incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/Interface.php?view=auto&rev=463021
==============================================================================
--- incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/Interface.php (added)
+++ incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/Interface.php Wed Oct 11 15:49:50 2006
@@ -0,0 +1,188 @@
+<?php
+
+/**
+ * This file specifies the interface for PHP OpenID store implementations.
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2005 Janrain, Inc.
+ * @license http://www.gnu.org/copyleft/lesser.html LGPL
+ */
+
+/**
+ * This is the interface for the store objects the OpenID library
+ * uses. It is a single class that provides all of the persistence
+ * mechanisms that the OpenID library needs, for both servers and
+ * consumers.  If you want to create an SQL-driven store, please see
+ * then {@link Auth_OpenID_SQLStore} class.
+ *
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ */
+class Auth_OpenID_OpenIDStore {
+    /**
+     * @var integer The length of the auth key that should be returned
+     * by the getAuthKey method.
+     */
+    var $AUTH_KEY_LEN = 20;
+
+    /**
+     * This method puts an Association object into storage,
+     * retrievable by server URL and handle.
+     *
+     * @param string $server_url The URL of the identity server that
+     * this association is with. Because of the way the server portion
+     * of the library uses this interface, don't assume there are any
+     * limitations on the character set of the input string. In
+     * particular, expect to see unescaped non-url-safe characters in
+     * the server_url field.
+     *
+     * @param Association $association The Association to store.
+     */
+    function storeAssociation($server_url, $association)
+    {
+        trigger_error("Auth_OpenID_OpenIDStore::storeAssociation ".
+                      "not implemented", E_USER_ERROR);
+    }
+
+    /**
+     * This method returns an Association object from storage that
+     * matches the server URL and, if specified, handle. It returns
+     * null if no such association is found or if the matching
+     * association is expired.
+     *
+     * If no handle is specified, the store may return any association
+     * which matches the server URL. If multiple associations are
+     * valid, the recommended return value for this method is the one
+     * that will remain valid for the longest duration.
+     *
+     * This method is allowed (and encouraged) to garbage collect
+     * expired associations when found. This method must not return
+     * expired associations.
+     *
+     * @param string $server_url The URL of the identity server to get
+     * the association for. Because of the way the server portion of
+     * the library uses this interface, don't assume there are any
+     * limitations on the character set of the input string.  In
+     * particular, expect to see unescaped non-url-safe characters in
+     * the server_url field.
+     *
+     * @param mixed $handle This optional parameter is the handle of
+     * the specific association to get. If no specific handle is
+     * provided, any valid association matching the server URL is
+     * returned.
+     *
+     * @return Association The Association for the given identity
+     * server.
+     */
+    function getAssociation($server_url, $handle = null)
+    {
+        trigger_error("Auth_OpenID_OpenIDStore::getAssociation ".
+                      "not implemented", E_USER_ERROR);
+    }
+
+    /**
+     * This method removes the matching association if it's found, and
+     * returns whether the association was removed or not.
+     *
+     * @param string $server_url The URL of the identity server the
+     * association to remove belongs to. Because of the way the server
+     * portion of the library uses this interface, don't assume there
+     * are any limitations on the character set of the input
+     * string. In particular, expect to see unescaped non-url-safe
+     * characters in the server_url field.
+     *
+     * @param string $handle This is the handle of the association to
+     * remove. If there isn't an association found that matches both
+     * the given URL and handle, then there was no matching handle
+     * found.
+     *
+     * @return mixed Returns whether or not the given association existed.
+     */
+    function removeAssociation($server_url, $handle)
+    {
+        trigger_error("Auth_OpenID_OpenIDStore::removeAssociation ".
+                      "not implemented", E_USER_ERROR);
+    }
+
+    /**
+     * Stores a nonce. This is used by the consumer to prevent replay
+     * attacks.
+     *
+     * @param string $nonce The nonce to store.
+     *
+     * @return null
+     */
+    function storeNonce($nonce)
+    {
+        trigger_error("Auth_OpenID_OpenIDStore::storeNonce ".
+                      "not implemented", E_USER_ERROR);
+    }
+
+    /**
+     * This method is called when the library is attempting to use a
+     * nonce. If the nonce is in the store, this method removes it and
+     * returns a value which evaluates as true. Otherwise it returns a
+     * value which evaluates as false.
+     *
+     * This method is allowed and encouraged to treat nonces older
+     * than some period (a very conservative window would be 6 hours,
+     * for example) as no longer existing, and return False and remove
+     * them.
+     *
+     * @param string $nonce The nonce to use.
+     *
+     * @return bool Whether or not the nonce was valid.
+     */
+    function useNonce($nonce)
+    {
+        trigger_error("Auth_OpenID_OpenIDStore::useNonce ".
+                      "not implemented", E_USER_ERROR);
+    }
+
+    /**
+     * This method returns a key used to sign the tokens, to ensure
+     * that they haven't been tampered with in transit. It should
+     * return the same key every time it is called. The key returned
+     * should be {@link AUTH_KEY_LEN} bytes long.
+     *
+     * @return string The key. It should be {@link AUTH_KEY_LEN} bytes in
+     * length, and use the full range of byte values. That is, it
+     * should be treated as a lump of binary data stored in a string.
+     */
+    function getAuthKey()
+    {
+        trigger_error("Auth_OpenID_OpenIDStore::getAuthKey ".
+                      "not implemented", E_USER_ERROR);
+    }
+
+    /**
+     * This method must return true if the store is a dumb-mode-style
+     * store. Unlike all other methods in this class, this one
+     * provides a default implementation, which returns false.
+     *
+     * In general, any custom subclass of {@link Auth_OpenID_OpenIDStore}
+     * won't override this method, as custom subclasses are only likely to
+     * be created when the store is fully functional.
+     *
+     * @return bool true if the store works fully, false if the
+     * consumer will have to use dumb mode to use this store.
+     */
+    function isDumb()
+    {
+        return false;
+    }
+
+    /**
+     * Removes all entries from the store; implementation is optional.
+     */
+    function reset()
+    {
+    }
+
+}
+?>
\ No newline at end of file

Added: incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/KVForm.php
URL: http://svn.apache.org/viewvc/incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/KVForm.php?view=auto&rev=463021
==============================================================================
--- incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/KVForm.php (added)
+++ incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/KVForm.php Wed Oct 11 15:49:50 2006
@@ -0,0 +1,112 @@
+<?php
+
+/**
+ * OpenID protocol key-value/comma-newline format parsing and
+ * serialization
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @access private
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2005 Janrain, Inc.
+ * @license http://www.gnu.org/copyleft/lesser.html LGPL
+ */
+
+/**
+ * Container for key-value/comma-newline OpenID format and parsing
+ */
+class Auth_OpenID_KVForm {
+    /**
+     * Convert an OpenID colon/newline separated string into an
+     * associative array
+     *
+     * @static
+     * @access private
+     */
+    function toArray($kvs, $strict=false)
+    {
+        $lines = explode("\n", $kvs);
+
+        $last = array_pop($lines);
+        if ($last !== '') {
+            array_push($lines, $last);
+            if ($strict) {
+                return false;
+            }
+        }
+
+        $values = array();
+
+        for ($lineno = 0; $lineno < count($lines); $lineno++) {
+            $line = $lines[$lineno];
+            $kv = explode(':', $line, 2);
+            if (count($kv) != 2) {
+                if ($strict) {
+                    return false;
+                }
+                continue;
+            }
+
+            $key = $kv[0];
+            $tkey = trim($key);
+            if ($tkey != $key) {
+                if ($strict) {
+                    return false;
+                }
+            }
+
+            $value = $kv[1];
+            $tval = trim($value);
+            if ($tval != $value) {
+                if ($strict) {
+                    return false;
+                }
+            }
+
+            $values[$tkey] = $tval;
+        }
+
+        return $values;
+    }
+
+    /**
+     * Convert an array into an OpenID colon/newline separated string
+     *
+     * @static
+     * @access private
+     */
+    function fromArray($values)
+    {
+        if ($values === null) {
+            return null;
+        }
+
+        ksort($values);
+
+        $serialized = '';
+        foreach ($values as $key => $value) {
+            if (is_array($value)) {
+                list($key, $value) = array($value[0], $value[1]);
+            }
+
+            if (strpos($key, ':') !== false) {
+                return null;
+            }
+
+            if (strpos($key, "\n") !== false) {
+                return null;
+            }
+
+            if (strpos($value, "\n") !== false) {
+                return null;
+            }
+            $serialized .= "$key:$value\n";
+        }
+        return $serialized;
+    }
+}
+
+?>
\ No newline at end of file

Added: incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/Message.php
URL: http://svn.apache.org/viewvc/incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/Message.php?view=auto&rev=463021
==============================================================================
--- incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/Message.php (added)
+++ incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/Message.php Wed Oct 11 15:49:50 2006
@@ -0,0 +1,686 @@
+<?php
+
+/**
+ * Extension argument processing code
+ */
+
+// import urllib
+
+require_once 'Auth/OpenID.php';
+require_once 'Auth/OpenID/KVForm.php';
+require_once 'Services/Yadis/XML.php';
+
+// This doesn't REALLY belong here, but where is better?
+$Auth_OpenID_IDENTIFIER_SELECT = "http://openid.net/identifier_select/2.0";
+
+// URI for Simple Registration extension, the only commonly deployed
+// OpenID 1.x extension, and so a special case
+$Auth_OpenID_SREG_URI = 'http://openid.net/sreg/1.0';
+
+// The OpenID 1.X namespace URI
+$Auth_OpenID_OPENID1_NS = 'http://openid.net/sso/1.0';
+
+// The OpenID 2.0 namespace URI
+// XXX: not official (yet)
+$Auth_OpenID_OPENID2_NS = 'http://openid.net/specs/2.0/base';
+
+// The namespace consisting of pairs with keys that are prefixed with
+// "openid."  but not in another namespace.
+$Auth_OpenID_NULL_NAMESPACE = 'Null namespace';
+
+// The null namespace, when it is an allowed OpenID namespace
+$Auth_OpenID_OPENID_NS = 'OpenID namespace';
+
+// The top-level namespace, excluding all pairs with keys that start
+// with "openid."
+$Auth_OpenID_BARE_NS = 'Bare namespace';
+
+class Auth_OpenID_Mapping {
+    function Auth_OpenID_Mapping($classic_array = null)
+    {
+        $this->keys = array();
+        $this->values = array();
+
+        if (is_array($classic_array)) {
+            foreach ($classic_array as $key => $value) {
+                $this->set($key, $value);
+            }
+        }
+    }
+
+    function isA($thing)
+    {
+        return (is_object($thing) &&
+                strtolower(get_class($thing)) == 'auth_openid_mapping');
+    }
+
+    function keys()
+    {
+        return $this->keys;
+    }
+
+    function values()
+    {
+        return $this->values;
+    }
+
+    function items()
+    {
+        $temp = array();
+        for ($i = 0; $i < count($this->keys); $i++) {
+            $temp[] = array($this->keys[$i],
+                            $this->values[$i]);
+        }
+    }
+
+    function len()
+    {
+        return count($this->keys);
+    }
+
+    function set($key, $value)
+    {
+        $index = array_search($key, $this->keys);
+
+        if ($index !== false) {
+            $this->values[$index] = $value;
+        } else {
+            $this->keys[] = $key;
+            $this->values[] = $value;
+        }
+    }
+
+    function get($key, $default = null)
+    {
+        $index = array_search($key, $this->keys);
+
+        if ($index !== false) {
+            return $this->values[$index];
+        } else {
+            return $default;
+        }
+    }
+
+    function del($key)
+    {
+        $index = array_search($key, $this->keys);
+
+        if ($index !== false) {
+            unset($this->keys[$index]);
+            unset($this->values[$index]);
+        }
+    }
+
+    function contains($value)
+    {
+        return (array_search($value, $this->values) !== false);
+    }
+}
+
+/**
+ * Maintains a bijective map between namespace uris and aliases.
+ */
+class Auth_OpenID_NamespaceMap {
+    function Auth_OpenID_NamespaceMap()
+    {
+        global $Auth_OpenID_SREG_URI;
+
+        $this->default_aliases = array($Auth_OpenID_SREG_URI => 'sreg');
+        $this->alias_to_namespace = new Auth_OpenID_Mapping();
+        $this->namespace_to_alias = new Auth_OpenID_Mapping();
+    }
+
+    function getAlias($namespace_uri)
+    {
+        return $this->namespace_to_alias->get($namespace_uri);
+    }
+
+    function getNamespaceURI($alias)
+    {
+        return $this->alias_to_namespace->get($alias);
+    }
+
+    function iterNamespaceURIs()
+    {
+        // Return an iterator over the namespace URIs
+        return $this->namespace_to_alias->keys();
+    }
+
+    function iterAliases()
+    {
+        // Return an iterator over the aliases"""
+        return $this->alias_to_namespace->keys();
+    }
+
+    function iteritems()
+    {
+        return $this->namespace_to_alias->items();
+    }
+
+    function addAlias($namespace_uri, $desired_alias)
+    {
+        global $Auth_OpenID_NULL_NAMESPACE;
+        // Add an alias from this namespace URI to the desired alias
+
+        // Check that there is not a namespace already defined for the
+        // desired alias
+        $current_namespace_uri =
+            $this->alias_to_namespace->get($desired_alias);
+
+        if (($current_namespace_uri !== null) &&
+            ($current_namespace_uri != $namespace_uri)) {
+            // Cannot map because previous mapping exists
+            return null;
+        }
+
+        // Check that there is not already a (different) alias for
+        // this namespace URI
+        $alias = $this->namespace_to_alias->get($namespace_uri);
+
+        if (($alias !== null) && ($alias != $desired_alias)) {
+            // fmt = ('Cannot map %r to alias %r. '
+            //        'It is already mapped to alias %r')
+            // raise KeyError(fmt % (namespace_uri, desired_alias, alias))
+            return null;
+        }
+
+        assert(($NULL_NAMESPACE === $desired_alias) ||
+               is_string($desired_alias));
+
+        $this->alias_to_namespace->set($desired_alias, $namespace_uri);
+        $this->namespace_to_alias->set($namespace_uri, $desired_alias);
+        return $desired_alias;
+    }
+
+    function add($namespace_uri)
+    {
+        // Add this namespace URI to the mapping, without caring what
+        // alias it ends up with
+
+        // See if this namespace is already mapped to an alias
+        $alias = $this->namespace_to_alias->get($namespace_uri);
+
+        if ($alias !== null) {
+            return $alias;
+        }
+
+        // See if there is a default alias for this namespace
+        $default_alias = $this->default_aliases->get($namespace_uri);
+
+        if ($default_alias !== null) {
+            if ($this->addAlias($namespace_uri, $default_alias) !== null) {
+                return $default_alias;
+            }
+        }
+
+        // Fall back to generating a numerical alias
+        $i = 0;
+        while (1) {
+            $alias = strval($i);
+            if ($this->addAlias($namespace_uri, strval($i)) === null) {
+                $i += 1;
+            } else {
+                return $alias;
+            }
+        }
+
+        // Should NEVER be reached!
+        return null;
+    }
+
+    function isDefined($namespace_uri)
+    {
+        return $this->namespace_to_alias->contains($namespace_uri);
+    }
+}
+
+/**
+ * In the implementation of this object, null represents the global
+ * namespace as well as a namespace with no key.
+ */
+class Auth_OpenID_Message {
+
+    function Auth_OpenID_Message($openid_namespace = null)
+    {
+        global $Auth_OpenID_OPENID1_NS,
+            $Auth_OpenID_OPENID2_NS,
+            $Auth_OpenID_SREG_URI;
+
+        // Create an empty Message
+        $this->allowed_openid_namespaces = array(
+                               $Auth_OpenID_OPENID1_NS,
+                               $Auth_OpenID_OPENID2_NS);
+
+        $this->default_namespaces = array(
+                       'sreg' => $Auth_OpenID_SREG_URI
+                                          );
+
+        $this->args = new Auth_OpenID_Mapping();
+        $this->namespaces = new Auth_OpenID_NamespaceMap();
+        if ($openid_namespace === null) {
+            $this->_openid_ns_uri = null;
+        } else {
+            $this->setOpenIDNamespace($openid_namespace);
+        }
+    }
+
+    function fromPostArgs($args)
+    {
+        global $Auth_OpenID_BARE_NS;
+
+        // Construct a Message containing a set of POST arguments
+        $obj = new Auth_OpenID_Message();
+
+        // Partition into "openid." args and bare args
+        $openid_args = array();
+        foreach ($args as $key => $value) {
+
+            $parts = explode('.', $key, 2);
+
+            if (count($parts) == 2) {
+                list($prefix, $rest) = $parts;
+            } else {
+                $prefix = null;
+            }
+
+            if ($prefix != 'openid') {
+                $obj->args->set(array($Auth_OpenID_BARE_NS, $key), $value);
+            } else {
+                $openid_args[$rest] = $value;
+            }
+        }
+
+        $obj->_fromOpenIDArgs($openid_args);
+
+        return $obj;
+    }
+
+    function fromOpenIDArgs($openid_args)
+    {
+        // Takes an array.
+
+        // Construct a Message from a parsed KVForm message
+        $obj = new Auth_OpenID_Message();
+        $obj->_fromOpenIDArgs($openid_args);
+        return $obj;
+    }
+
+    function _fromOpenIDArgs($openid_args)
+    {
+        // Takes an Auth_OpenID_Mapping instance OR an array.
+        global $Auth_OpenID_NULL_NAMESPACE,
+            $Auth_OpenID_OPENID1_NS;
+
+        if (!Auth_OpenID_Mapping::isA($openid_args)) {
+            $openid_args = new Auth_OpenID_Mapping($openid_args);
+        }
+
+        $ns_args = array();
+
+        // Resolve namespaces
+        foreach ($openid_args->items() as $pair) {
+            list($rest, $value) = $pair;
+
+            $parts = explode('.', $rest, 2);
+
+            if (count($parts) == 2) {
+                list($ns_alias, $ns_key) = $parts;
+            } else {
+                $ns_alias = $Auth_OpenID_NULL_NAMESPACE;
+                $ns_key = $rest;
+            }
+
+            if ($ns_alias == 'ns') {
+                $this->namespaces->addAlias($value, $ns_key);
+            } else if (($ns_alias == $Auth_OpenID_NULL_NAMESPACE) &&
+                       ($ns_key == 'ns')) {
+                // null namespace
+                $this->namespaces->addAlias($value,
+                                            $Auth_OpenID_NULL_NAMESPACE);
+            } else {
+                $ns_args[] = array($ns_alias, $ns_key, $value);
+            }
+        }
+
+        // Ensure that there is an OpenID namespace definition
+        $openid_ns_uri =
+            $this->namespaces->getNamespaceURI($Auth_OpenID_NULL_NAMESPACE);
+
+        if ($openid_ns_uri === null) {
+            $openid_ns_uri = $Auth_OpenID_OPENID1_NS;
+        }
+
+        $this->setOpenIDNamespace($openid_ns_uri);
+
+        // Actually put the pairs into the appropriate namespaces
+        foreach ($ns_args as $triple) {
+            list($ns_alias, $ns_key, $value) = $triple;
+            $ns_uri = $this->namespaces->getNamespaceURI($ns_alias);
+            if ($ns_uri === null) {
+                // Only try to map an alias to a default if it's an
+                // OpenID 1.x message.
+                if ($openid_ns_uri == $Auth_OpenID_OPENID1_NS) {
+                    $ns_uri = Auth_OpenID::arrayGet(
+                                        $this->default_namespaces,
+                                        $ns_alias);
+                }
+
+                if ($ns_uri === null) {
+                    $ns_uri = $openid_ns_uri;
+                    $ns_key = sprintf('%s.%s', $ns_alias, $ns_key);
+                } else {
+                    $this->namespaces->addAlias($ns_uri, $ns_alias);
+                }
+            }
+
+            $this->setArg($ns_uri, $ns_key, $value);
+        }
+    }
+
+    function setOpenIDNamespace($openid_ns_uri)
+    {
+        global $Auth_OpenID_NULL_NAMESPACE;
+
+        if (!in_array($openid_ns_uri, $this->allowed_openid_namespaces)) {
+            // raise ValueError('Invalid null namespace: %r' % (openid_ns_uri,))
+            return false;
+        }
+
+        $this->namespaces->addAlias($openid_ns_uri,
+                                    $Auth_OpenID_NULL_NAMESPACE);
+        $this->_openid_ns_uri = $openid_ns_uri;
+    }
+
+    function getOpenIDNamespace()
+    {
+        return $this->_openid_ns_uri;
+    }
+
+    function fromKVForm($kvform_string)
+    {
+        // Create a Message from a KVForm string
+        return Auth_OpenID_Message::fromOpenIDArgs(
+                     Auth_OpenID_KVForm::toArray($kvform_string));
+    }
+
+    function copy()
+    {
+        return $this;
+    }
+
+    function toPostArgs()
+    {
+        // Return all arguments with openid. in front of namespaced
+        // arguments.
+
+        global $Auth_OpenID_NULL_NAMESPACE,
+            $Auth_OpenID_OPENID1_NS;
+
+        $args = array();
+
+        // Add namespace definitions to the output
+        foreach ($this->namespaces->iteritems() as $pair) {
+            list($ns_uri, $alias) = $pair;
+            if ($alias == $Auth_OpenID_NULL_NAMESPACE) {
+                if ($ns_uri != $Auth_OpenID_OPENID1_NS) {
+                    $args['openid.ns'] = $ns_uri;
+                } else {
+                    // drop the default null namespace
+                    // definition. This potentially changes a message
+                    // since we have no way of knowing whether it was
+                    // explicitly specified at the time the message
+                    // was parsed. The vast majority of the time, this
+                    // will be the right thing to do. Possibly this
+                    // could look in the signed list.
+                }
+            } else {
+                $ns_key = 'openid.ns.' . $alias;
+                $args[$ns_key] = $ns_uri;
+            }
+        }
+
+        foreach ($this->args->items() as $pair) {
+            list($ns_parts, $value) = $pair;
+            list($ns_uri, $ns_key) = $ns_parts;
+            $key = $this->getKey($ns_uri, $ns_key);
+            $args[$key] = $value;
+        }
+
+        return $args;
+    }
+
+    function toArgs()
+    {
+        // Return all namespaced arguments, failing if any
+        // non-namespaced arguments exist.
+        $post_args = $this->toPostArgs();
+        $kvargs = array();
+        foreach ($post_args as $k => $v) {
+            if (strpos($k, 'openid.') !== 0) {
+                // raise ValueError(
+                //   'This message can only be encoded as a POST, because it '
+                //   'contains arguments that are not prefixed with "openid."')
+                return null;
+            } else {
+                $kvargs[substr($k, 7)] = $v;
+            }
+        }
+
+        return $kvargs;
+    }
+
+    function toFormMarkup($action_url, $form_tag_attrs = null,
+                          $submit_text = "Continue")
+    {
+        $xml =& Services_Yadis_getXMLParser();
+
+        if ($xml === null) {
+            // raise RuntimeError('This function requires ElementTree.')
+            return null;
+        }
+
+        $form = "<form accept-charset=\"UTF-8\" ".
+            "enctype=\"application/x-www-form-urlencoded\"";
+
+        if (!$form_tag_attrs) {
+            $form_tag_attrs = array();
+        }
+
+        $form_tag_attrs['action'] = $action_url;
+        $form_tag_attrs['method'] = 'post';
+
+        if ($form_tag_attrs) {
+            foreach ($form_tag_attrs as $name => $attr) {
+                $form .= sprintf(" %s=\"%s\"", $name, $attr);
+            }
+        }
+
+        $form .= ">\n";
+
+        foreach ($this->toPostArgs() as $name => $value) {
+            $form .= sprintf(
+                        "<input type=\"hidden\" name=\"%s\" value=\"%s\" />\n",
+                        $name, $value);
+        }
+
+        $form .= sprintf("<input type=\"submit\" value=\"\" />\n",
+                         $submit_text);
+
+        $form .= "</form>\n";
+
+        return $form;
+    }
+
+    function toURL($base_url)
+    {
+        // Generate a GET URL with the parameters in this message
+        // attached as query parameters.
+        return Auth_OpenID::appendArgs($base_url, $this->toPostArgs());
+    }
+
+    function toKVForm()
+    {
+        // Generate a KVForm string that contains the parameters in
+        // this message. This will fail if the message contains
+        // arguments outside of the 'openid.' prefix.
+        return Auth_OpenID_KVForm::fromArray($this->toArgs());
+    }
+
+    function toURLEncoded()
+    {
+        // Generate an x-www-urlencoded string
+        $args = array();
+
+        foreach ($this->toPostArgs() as $k => $v) {
+            $args[] = array($k, $v);
+        }
+
+        sort($args);
+        return Auth_OpenID::httpBuildQuery($args);
+    }
+
+    function _fixNS($namespace)
+    {
+        global $Auth_OpenID_OPENID_NS,
+            $Auth_OpenID_BARE_NS,
+            $Auth_OpenID_SREG_URI;
+
+        // Convert an input value into the internally used values of
+        // this object
+
+        if ($namespace == $OPENID_NS) {
+            if ($this->_openid_ns_uri === null) {
+                // raise UndefinedOpenIDNamespace('OpenID namespace not set')
+                return null;
+            } else {
+                $namespace = $this->_openid_ns_uri;
+            }
+        }
+
+        if (($namespace != $Auth_OpenID_BARE_NS) &&
+            (!is_string($namespace))) {
+            // raise TypeError(
+            //     "Namespace must be BARE_NS, OPENID_NS or a string. got %r"
+            //     % (namespace,))
+            return null;
+        }
+
+        if (($namespace != $Auth_OpenID_BARE_NS) &&
+            (strpos($namespace, ':') === false)) {
+            // fmt = 'OpenID 2.0 namespace identifiers SHOULD be URIs. Got %r'
+            // warnings.warn(fmt % (namespace,), DeprecationWarning)
+
+            if ($namespace == 'sreg') {
+                // fmt = 'Using %r instead of "sreg" as namespace'
+                // warnings.warn(fmt % (SREG_URI,), DeprecationWarning,)
+                return $Auth_OpenID_SREG_URI;
+            }
+        }
+
+        return $namespace;
+    }
+
+    function hasKey($namespace, $ns_key)
+    {
+        $namespace = $this->_fixNS($namespace);
+        if ($namespace !== null) {
+            return $this->args->contains(array($namespace, $ns_key));
+        } else {
+            return false;
+        }
+    }
+
+    function getKey($namespace, $ns_key)
+    {
+        global $Auth_OpenID_BARE_NS,
+            $Auth_OpenID_NULL_NAMESPACE;
+
+        // Get the key for a particular namespaced argument
+        $namespace = $this->_fixNS($namespace);
+        if ($namespace == $Auth_OpenID_BARE_NS) {
+            return $ns_key;
+        }
+
+        $ns_alias = $this->namespaces->getAlias($namespace);
+
+        // No alias is defined, so no key can exist
+        if ($ns_alias === null) {
+            return null;
+        }
+
+        if ($ns_alias == $Auth_OpenID_NULL_NAMESPACE) {
+            $tail = $ns_key;
+        } else {
+            $tail = sprintf('%s.%s', $ns_alias, $ns_key);
+        }
+
+        return 'openid.' . $tail;
+    }
+
+    function getArg($namespace, $key, $default = null)
+    {
+        // Get a value for a namespaced key.
+        $namespace = $this->_fixNS($namespace);
+        if ($namespace !== null) {
+            return $this->args->get(array($namespace, $key), $default);
+        } else {
+            return null;
+        }
+    }
+
+    function getArgs($namespace)
+    {
+        // Get the arguments that are defined for this namespace URI
+
+        $namespace = $this->_fixNS($namespace);
+        if ($namespace !== null) {
+            $stuff = array();
+            foreach ($this->args->items() as $pair) {
+                list($key, $value) = $pair;
+                list($pair_ns, $ns_key) = $key;
+                if ($pair_ns == $namespace) {
+                    $stuff[$ns_key] = $value;
+                }
+            }
+
+            return $stuff;
+        }
+
+        return null;
+    }
+
+    function updateArgs($namespace, $updates)
+    {
+        // Set multiple key/value pairs in one call
+
+        $namespace = $this->_fixNS($namespace);
+
+        if ($namespace !== null) {
+            foreach ($updates as $k => $v) {
+                $this->setArg($namespace, $k, $v);
+            }
+        }
+    }
+
+    function setArg($namespace, $key, $value)
+    {
+        // Set a single argument in this namespace
+        $namespace = $this->_fixNS($namespace);
+
+        if ($namespace !== null) {
+            $this->args->set(array($namespace, $key), $value);
+            $this->namespaces->add($namespace);
+        }
+    }
+
+    function delArg($namespace, $key)
+    {
+        $namespace = $this->_fixNS($namespace);
+
+        if ($namespace !== null) {
+            $this->args->del(array($namespace, $key));
+        }
+    }
+}
+
+?>
\ No newline at end of file

Added: incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/MySQLStore.php
URL: http://svn.apache.org/viewvc/incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/MySQLStore.php?view=auto&rev=463021
==============================================================================
--- incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/MySQLStore.php (added)
+++ incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/MySQLStore.php Wed Oct 11 15:49:50 2006
@@ -0,0 +1,81 @@
+<?php
+
+/**
+ * A MySQL store.
+ *
+ * @package OpenID
+ */
+
+/**
+ * Require the base class file.
+ */
+require_once "Auth/OpenID/SQLStore.php";
+
+/**
+ * An SQL store that uses MySQL as its backend.
+ *
+ * @package OpenID
+ */
+class Auth_OpenID_MySQLStore extends Auth_OpenID_SQLStore {
+    /**
+     * @access private
+     */
+    function setSQL()
+    {
+        $this->sql['nonce_table'] =
+            "CREATE TABLE %s (\n".
+            "  server_url VARCHAR(2047),\n".
+            "  timestamp INTEGER,\n".
+            "  salt CHAR(40),\n".
+            "  UNIQUE (server_url(255), timestamp, salt)\n".
+            ") TYPE=InnoDB";
+
+        $this->sql['assoc_table'] =
+            "CREATE TABLE %s (\n".
+            "  server_url BLOB,\n".
+            "  handle VARCHAR(255),\n".
+            "  secret BLOB,\n".
+            "  issued INTEGER,\n".
+            "  lifetime INTEGER,\n".
+            "  assoc_type VARCHAR(64),\n".
+            "  PRIMARY KEY (server_url(255), handle)\n".
+            ") TYPE=InnoDB";
+
+        $this->sql['settings_table'] =
+            "CREATE TABLE %s (setting VARCHAR(128) UNIQUE PRIMARY KEY, ".
+            "value BLOB) TYPE=InnoDB";
+
+        $this->sql['create_auth'] =
+            "INSERT INTO %s VALUES ('auth_key', !)";
+
+        $this->sql['get_auth'] =
+            "SELECT value FROM %s WHERE setting = 'auth_key'";
+
+        $this->sql['set_assoc'] =
+            "REPLACE INTO %s VALUES (?, ?, !, ?, ?, ?)";
+
+        $this->sql['get_assocs'] =
+            "SELECT handle, secret, issued, lifetime, assoc_type FROM %s ".
+            "WHERE server_url = ?";
+
+        $this->sql['get_assoc'] =
+            "SELECT handle, secret, issued, lifetime, assoc_type FROM %s ".
+            "WHERE server_url = ? AND handle = ?";
+
+        $this->sql['remove_assoc'] =
+            "DELETE FROM %s WHERE server_url = ? AND handle = ?";
+
+        $this->sql['add_nonce'] =
+            "INSERT INTO %s (server_url, timestamp, salt) VALUES (?, ?, ?)";
+    }
+
+    /**
+     * @access private
+     */
+    function blobEncode($blob)
+    {
+        return "0x" . bin2hex($blob);
+    }
+}
+
+?>
\ No newline at end of file

Added: incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/Nonce.php
URL: http://svn.apache.org/viewvc/incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/Nonce.php?view=auto&rev=463021
==============================================================================
--- incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/Nonce.php (added)
+++ incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/Nonce.php Wed Oct 11 15:49:50 2006
@@ -0,0 +1,99 @@
+<?php
+
+/**
+ * Nonce-related functionality.
+ */
+
+require_once 'Auth/OpenID/CryptUtil.php';
+
+/**
+ * This is the characters that the nonces are made from.
+ */
+define('Auth_OpenID_Nonce_CHRS',"abcdefghijklmnopqrstuvwxyz" .
+       "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789");
+
+// Keep nonces for five hours (allow five hours for the combination of
+// request time and clock skew). This is probably way more than is
+// necessary, but there is not much overhead in storing nonces.
+$Auth_OpenID_SKEW = 60 * 60 * 5;
+
+define('Auth_OpenID_Nonce_REGEX',
+       '/(\d{4})-(\d\d)-(\d\d)T(\d\d):(\d\d):(\d\d)Z(.*)/');
+
+define('Auth_OpenID_Nonce_TIME_FMT',
+       '%Y-%m-%dT%H:%M:%SZ');
+
+function Auth_OpenID_splitNonce($nonce_string)
+{
+    // Extract a timestamp from the given nonce string
+    $result = preg_match(Auth_OpenID_Nonce_REGEX, $nonce_string, $matches);
+    if ($result != 1 || count($matches) != 8) {
+        return null;
+    }
+
+    list($unused,
+         $tm_year,
+         $tm_mon,
+         $tm_mday,
+         $tm_hour,
+         $tm_min,
+         $tm_sec,
+         $uniquifier) = $matches;
+
+    $timestamp =
+        @gmmktime($tm_hour, $tm_min, $tm_sec, $tm_mon, $tm_mday, $tm_year);
+
+    if ($timestamp === false || $timestamp < 0) {
+        return null;
+    }
+
+    return array($timestamp, $uniquifier);
+}
+
+function Auth_OpenID_checkTimestamp($nonce_string,
+                                    $allowed_skew = null,
+                                    $now = null)
+{
+    // Is the timestamp that is part of the specified nonce string
+    // within the allowed clock-skew of the current time?
+    global $Auth_OpenID_SKEW;
+
+    if ($allowed_skew === null) {
+        $allowed_skew = $Auth_OpenID_SKEW;
+    }
+
+    $parts = Auth_OpenID_splitNonce($nonce_string);
+    if ($parts == null) {
+        return false;
+    }
+
+    if ($now === null) {
+        $now = time();
+    }
+
+    $stamp = $parts[0];
+
+    // Time after which we should not use the nonce
+    $past = $now - $allowed_skew;
+
+    // Time that is too far in the future for us to allow
+    $future = $now + $allowed_skew;
+
+    // the stamp is not too far in the future and is not too far
+    // in the past
+    return (($past <= $stamp) && ($stamp <= $future));
+}
+
+function Auth_OpenID_mkNonce($when = null)
+{
+    // Generate a nonce with the current timestamp
+    $salt = Auth_OpenID_CryptUtil::randomString(
+        6, Auth_OpenID_Nonce_CHRS);
+    if ($when === null) {
+        $when = gmmktime();
+    }
+    $time_str = gmstrftime(Auth_OpenID_Nonce_TIME_FMT, $when);
+    return $time_str . $salt;
+}
+
+?>
\ No newline at end of file

Added: incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/Parse.php
URL: http://svn.apache.org/viewvc/incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/Parse.php?view=auto&rev=463021
==============================================================================
--- incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/Parse.php (added)
+++ incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/Parse.php Wed Oct 11 15:49:50 2006
@@ -0,0 +1,308 @@
+<?php
+
+/**
+ * This module implements a VERY limited parser that finds <link> tags
+ * in the head of HTML or XHTML documents and parses out their
+ * attributes according to the OpenID spec. It is a liberal parser,
+ * but it requires these things from the data in order to work:
+ *
+ * - There must be an open <html> tag
+ *
+ * - There must be an open <head> tag inside of the <html> tag
+ *
+ * - Only <link>s that are found inside of the <head> tag are parsed
+ *   (this is by design)
+ *
+ * - The parser follows the OpenID specification in resolving the
+ *   attributes of the link tags. This means that the attributes DO
+ *   NOT get resolved as they would by an XML or HTML parser. In
+ *   particular, only certain entities get replaced, and href
+ *   attributes do not get resolved relative to a base URL.
+ *
+ * From http://openid.net/specs.bml:
+ *
+ * - The openid.server URL MUST be an absolute URL. OpenID consumers
+ *   MUST NOT attempt to resolve relative URLs.
+ *
+ * - The openid.server URL MUST NOT include entities other than &amp;,
+ *   &lt;, &gt;, and &quot;.
+ *
+ * The parser ignores SGML comments and <![CDATA[blocks]]>. Both kinds
+ * of quoting are allowed for attributes.
+ *
+ * The parser deals with invalid markup in these ways:
+ *
+ * - Tag names are not case-sensitive
+ *
+ * - The <html> tag is accepted even when it is not at the top level
+ *
+ * - The <head> tag is accepted even when it is not a direct child of
+ *   the <html> tag, but a <html> tag must be an ancestor of the
+ *   <head> tag
+ *
+ * - <link> tags are accepted even when they are not direct children
+ *   of the <head> tag, but a <head> tag must be an ancestor of the
+ *   <link> tag
+ *
+ * - If there is no closing tag for an open <html> or <head> tag, the
+ *   remainder of the document is viewed as being inside of the
+ *   tag. If there is no closing tag for a <link> tag, the link tag is
+ *   treated as a short tag. Exceptions to this rule are that <html>
+ *   closes <html> and <body> or <head> closes <head>
+ *
+ * - Attributes of the <link> tag are not required to be quoted.
+ *
+ * - In the case of duplicated attribute names, the attribute coming
+ *   last in the tag will be the value returned.
+ *
+ * - Any text that does not parse as an attribute within a link tag
+ *   will be ignored. (e.g. <link pumpkin rel='openid.server' /> will
+ *   ignore pumpkin)
+ *
+ * - If there are more than one <html> or <head> tag, the parser only
+ *   looks inside of the first one.
+ *
+ * - The contents of <script> tags are ignored entirely, except
+ *   unclosed <script> tags. Unclosed <script> tags are ignored.
+ *
+ * - Any other invalid markup is ignored, including unclosed SGML
+ *   comments and unclosed <![CDATA[blocks.
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @access private
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2005 Janrain, Inc.
+ * @license http://www.gnu.org/copyleft/lesser.html LGPL
+ */
+
+/**
+ * Require Auth_OpenID::arrayGet().
+ */
+require_once "Auth/OpenID.php";
+
+class Auth_OpenID_Parse {
+
+    /**
+     * Specify some flags for use with regex matching.
+     */
+    var $_re_flags = "si";
+
+    /**
+     * Stuff to remove before we start looking for tags
+     */
+    var $_removed_re =
+           "<!--.*?-->|<!\[CDATA\[.*?\]\]>|<script\b(?!:)[^>]*>.*?<\/script>";
+
+    /**
+     * Starts with the tag name at a word boundary, where the tag name
+     * is not a namespace
+     */
+    var $_tag_expr = "<%s\b(?!:)([^>]*?)(?:\/>|>(.*?)(?:<\/?%s\s*>|\Z))";
+
+    var $_attr_find = '\b(\w+)=("[^"]*"|\'[^\']*\'|[^\'"\s\/<>]+)';
+
+    function Auth_OpenID_Parse()
+    {
+        $this->_link_find = sprintf("/<link\b(?!:)([^>]*)(?!<)>/%s",
+                                    $this->_re_flags);
+
+        $this->_entity_replacements = array(
+                                            'amp' => '&',
+                                            'lt' => '<',
+                                            'gt' => '>',
+                                            'quot' => '"'
+                                            );
+
+        $this->_attr_find = sprintf("/%s/%s",
+                                    $this->_attr_find,
+                                    $this->_re_flags);
+
+        $this->_removed_re = sprintf("/%s/%s",
+                                     $this->_removed_re,
+                                     $this->_re_flags);
+
+        $this->_ent_replace =
+            sprintf("&(%s);", implode("|",
+                                      $this->_entity_replacements));
+    }
+
+    /**
+     * Returns a regular expression that will match a given tag in an
+     * SGML string.
+     */
+    function tagMatcher($tag_name, $close_tags = null)
+    {
+        if ($close_tags) {
+            $options = implode("|", array_merge(array($tag_name), $close_tags));
+            $closer = sprintf("(?:%s)", $options);
+        } else {
+            $closer = $tag_name;
+        }
+
+        $expr = sprintf($this->_tag_expr, $tag_name, $closer);
+        return sprintf("/%s/%s", $expr, $this->_re_flags);
+    }
+
+    function htmlFind()
+    {
+        return $this->tagMatcher('html');
+    }
+
+    function headFind()
+    {
+        return $this->tagMatcher('head', array('body'));
+    }
+
+    function replaceEntities($str)
+    {
+        foreach ($this->_entity_replacements as $old => $new) {
+            $str = preg_replace(sprintf("/&%s;/", $old), $new, $str);
+        }
+        return $str;
+    }
+
+    function removeQuotes($str)
+    {
+        $matches = array();
+        $double = '/^"(.*)"$/';
+        $single = "/^\'(.*)\'$/";
+
+        if (preg_match($double, $str, $matches)) {
+            return $matches[1];
+        } else if (preg_match($single, $str, $matches)) {
+            return $matches[1];
+        } else {
+            return $str;
+        }
+    }
+
+    /**
+     * Find all link tags in a string representing a HTML document and
+     * return a list of their attributes.
+     *
+     * @param string $html The text to parse
+     * @return array $list An array of arrays of attributes, one for each
+     * link tag
+     */
+    function parseLinkAttrs($html)
+    {
+        $stripped = preg_replace($this->_removed_re,
+                                 "",
+                                 $html);
+
+        // Try to find the <HTML> tag.
+        $html_re = $this->htmlFind();
+        $html_matches = array();
+        if (!preg_match($html_re, $stripped, $html_matches)) {
+            return array();
+        }
+
+        // Try to find the <HEAD> tag.
+        $head_re = $this->headFind();
+        $head_matches = array();
+        if (!preg_match($head_re, $html_matches[0], $head_matches)) {
+            return array();
+        }
+
+        $link_data = array();
+        $link_matches = array();
+
+        if (!preg_match_all($this->_link_find, $head_matches[0],
+                            $link_matches)) {
+            return array();
+        }
+
+        foreach ($link_matches[0] as $link) {
+            $attr_matches = array();
+            preg_match_all($this->_attr_find, $link, $attr_matches);
+            $link_attrs = array();
+            foreach ($attr_matches[0] as $index => $full_match) {
+                $name = $attr_matches[1][$index];
+                $value = $this->replaceEntities(
+                              $this->removeQuotes($attr_matches[2][$index]));
+
+                $link_attrs[strtolower($name)] = $value;
+            }
+            $link_data[] = $link_attrs;
+        }
+
+        return $link_data;
+    }
+
+    function relMatches($rel_attr, $target_rel)
+    {
+        // Does this target_rel appear in the rel_str?
+        // XXX: TESTME
+        $rels = preg_split("/\s+/", trim($rel_attr));
+        foreach ($rels as $rel) {
+            $rel = strtolower($rel);
+            if ($rel == $target_rel) {
+                return 1;
+            }
+        }
+
+        return 0;
+    }
+
+    function linkHasRel($link_attrs, $target_rel)
+    {
+        // Does this link have target_rel as a relationship?
+        // XXX: TESTME
+        $rel_attr = Auth_OpeniD::arrayGet($link_attrs, 'rel', null);
+        return ($rel_attr && $this->relMatches($rel_attr,
+                                               $target_rel));
+    }
+
+    function findLinksRel($link_attrs_list, $target_rel)
+    {
+        // Filter the list of link attributes on whether it has
+        // target_rel as a relationship.
+        // XXX: TESTME
+        $result = array();
+        foreach ($link_attrs_list as $attr) {
+            if ($this->linkHasRel($attr, $target_rel)) {
+                $result[] = $attr;
+            }
+        }
+
+        return $result;
+    }
+
+    function findFirstHref($link_attrs_list, $target_rel)
+    {
+        // Return the value of the href attribute for the first link
+        // tag in the list that has target_rel as a relationship.
+        // XXX: TESTME
+        $matches = $this->findLinksRel($link_attrs_list,
+                                       $target_rel);
+        if (!$matches) {
+            return null;
+        }
+        $first = $matches[0];
+        return Auth_OpenID::arrayGet($first, 'href', null);
+    }
+}
+
+function Auth_OpenID_legacy_discover($html_text)
+{
+    $p = new Auth_OpenID_Parse();
+
+    $link_attrs = $p->parseLinkAttrs($html_text);
+
+    $server_url = $p->findFirstHref($link_attrs,
+                                    'openid.server');
+
+    if ($server_url === null) {
+        return false;
+    } else {
+        $delegate_url = $p->findFirstHref($link_attrs,
+                                          'openid.delegate');
+        return array($delegate_url, $server_url);
+    }
+}
+
+?>
\ No newline at end of file

Added: incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/PostgreSQLStore.php
URL: http://svn.apache.org/viewvc/incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/PostgreSQLStore.php?view=auto&rev=463021
==============================================================================
--- incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/PostgreSQLStore.php (added)
+++ incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/PostgreSQLStore.php Wed Oct 11 15:49:50 2006
@@ -0,0 +1,112 @@
+<?php
+
+/**
+ * A PostgreSQL store.
+ *
+ * @package OpenID
+ */
+
+/**
+ * Require the base class file.
+ */
+require_once "Auth/OpenID/SQLStore.php";
+
+/**
+ * An SQL store that uses PostgreSQL as its backend.
+ *
+ * @package OpenID
+ */
+class Auth_OpenID_PostgreSQLStore extends Auth_OpenID_SQLStore {
+    /**
+     * @access private
+     */
+    function setSQL()
+    {
+        $this->sql['nonce_table'] =
+            "CREATE TABLE %s (server_url VARCHAR(2047), timestamp INTEGER, ".
+            "salt CHAR(40), UNIQUE (server_url, timestamp, salt))";
+
+        $this->sql['assoc_table'] =
+            "CREATE TABLE %s (server_url VARCHAR(2047), handle VARCHAR(255), ".
+            "secret BYTEA, issued INTEGER, lifetime INTEGER, ".
+            "assoc_type VARCHAR(64), PRIMARY KEY (server_url, handle), ".
+            "CONSTRAINT secret_length_constraint CHECK ".
+            "(LENGTH(secret) <= 128))";
+
+        $this->sql['settings_table'] =
+            "CREATE TABLE %s (setting VARCHAR(128) UNIQUE PRIMARY KEY, ".
+            "value BYTEA, ".
+            "CONSTRAINT value_length_constraint CHECK (LENGTH(value) <= 20))";
+
+        $this->sql['create_auth'] =
+            "INSERT INTO %s VALUES ('auth_key', '!')";
+
+        $this->sql['get_auth'] =
+            "SELECT value FROM %s WHERE setting = 'auth_key'";
+
+        $this->sql['set_assoc'] =
+            array(
+                  'insert_assoc' => "INSERT INTO %s (server_url, handle, ".
+                  "secret, issued, lifetime, assoc_type) VALUES ".
+                  "(?, ?, '!', ?, ?, ?)",
+                  'update_assoc' => "UPDATE %s SET secret = '!', issued = ?, ".
+                  "lifetime = ?, assoc_type = ? WHERE server_url = ? AND ".
+                  "handle = ?"
+                  );
+
+        $this->sql['get_assocs'] =
+            "SELECT handle, secret, issued, lifetime, assoc_type FROM %s ".
+            "WHERE server_url = ?";
+
+        $this->sql['get_assoc'] =
+            "SELECT handle, secret, issued, lifetime, assoc_type FROM %s ".
+            "WHERE server_url = ? AND handle = ?";
+
+        $this->sql['remove_assoc'] =
+            "DELETE FROM %s WHERE server_url = ? AND handle = ?";
+
+        $this->sql['add_nonce'] =
+                  "INSERT INTO %s (server_url, timestamp, salt) VALUES ".
+                  "(?, ?, ?)"
+                  ;
+    }
+
+    /**
+     * @access private
+     */
+    function _set_assoc($server_url, $handle, $secret, $issued, $lifetime,
+                        $assoc_type)
+    {
+        $result = $this->_get_assoc($server_url, $handle);
+        if ($result) {
+            // Update the table since this associations already exists.
+            $this->connection->query($this->sql['set_assoc']['update_assoc'],
+                                     array($secret, $issued, $lifetime,
+                                           $assoc_type, $server_url, $handle));
+        } else {
+            // Insert a new record because this association wasn't
+            // found.
+            $this->connection->query($this->sql['set_assoc']['insert_assoc'],
+                                     array($server_url, $handle, $secret,
+                                           $issued, $lifetime, $assoc_type));
+        }
+    }
+
+    /**
+     * @access private
+     */
+    function blobEncode($blob)
+    {
+        return $this->_octify($blob);
+    }
+
+    /**
+     * @access private
+     */
+    function blobDecode($blob)
+    {
+        return $this->_unoctify($blob);
+    }
+}
+
+?>
\ No newline at end of file

Added: incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/SQLStore.php
URL: http://svn.apache.org/viewvc/incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/SQLStore.php?view=auto&rev=463021
==============================================================================
--- incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/SQLStore.php (added)
+++ incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/SQLStore.php Wed Oct 11 15:49:50 2006
@@ -0,0 +1,608 @@
+<?php
+
+/**
+ * SQL-backed OpenID stores.
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2005 Janrain, Inc.
+ * @license http://www.gnu.org/copyleft/lesser.html LGPL
+ */
+
+/**
+ * Require the PEAR DB module because we'll need it for the SQL-based
+ * stores implemented here.  We silence any errors from the inclusion
+ * because it might not be present, and a user of the SQL stores may
+ * supply an Auth_OpenID_DatabaseConnection instance that implements
+ * its own storage.
+ */
+global $__Auth_OpenID_PEAR_AVAILABLE;
+$__Auth_OpenID_PEAR_AVAILABLE = @include_once 'DB.php';
+
+/**
+ * @access private
+ */
+require_once 'Auth/OpenID/Interface.php';
+
+/**
+ * This is the parent class for the SQL stores, which contains the
+ * logic common to all of the SQL stores.
+ *
+ * The table names used are determined by the class variables
+ * settings_table_name, associations_table_name, and
+ * nonces_table_name.  To change the name of the tables used, pass new
+ * table names into the constructor.
+ *
+ * To create the tables with the proper schema, see the createTables
+ * method.
+ *
+ * This class shouldn't be used directly.  Use one of its subclasses
+ * instead, as those contain the code necessary to use a specific
+ * database.  If you're an OpenID integrator and you'd like to create
+ * an SQL-driven store that wraps an application's database
+ * abstraction, be sure to create a subclass of
+ * {@link Auth_OpenID_DatabaseConnection} that calls the application's
+ * database abstraction calls.  Then, pass an instance of your new
+ * database connection class to your SQLStore subclass constructor.
+ *
+ * All methods other than the constructor and createTables should be
+ * considered implementation details.
+ *
+ * @package OpenID
+ */
+class Auth_OpenID_SQLStore extends Auth_OpenID_OpenIDStore {
+
+    /**
+     * This creates a new SQLStore instance.  It requires an
+     * established database connection be given to it, and it allows
+     * overriding the default table names.
+     *
+     * @param connection $connection This must be an established
+     * connection to a database of the correct type for the SQLStore
+     * subclass you're using.  This must either be an PEAR DB
+     * connection handle or an instance of a subclass of
+     * Auth_OpenID_DatabaseConnection.
+     *
+     * @param string $settings_table This is an optional parameter to
+     * specify the name of the table used for this store's settings.
+     * The default value is 'oid_settings'.
+     *
+     * @param associations_table: This is an optional parameter to
+     * specify the name of the table used for storing associations.
+     * The default value is 'oid_associations'.
+     *
+     * @param nonces_table: This is an optional parameter to specify
+     * the name of the table used for storing nonces.  The default
+     * value is 'oid_nonces'.
+     */
+    function Auth_OpenID_SQLStore($connection, $settings_table = null,
+                                  $associations_table = null,
+                                  $nonces_table = null)
+    {
+        global $__Auth_OpenID_PEAR_AVAILABLE;
+
+        $this->settings_table_name = "oid_settings";
+        $this->associations_table_name = "oid_associations";
+        $this->nonces_table_name = "oid_nonces";
+
+        // Check the connection object type to be sure it's a PEAR
+        // database connection.
+        if (!(is_object($connection) &&
+              (is_subclass_of($connection, 'db_common') ||
+               is_subclass_of($connection,
+                              'auth_openid_databaseconnection')))) {
+            trigger_error("Auth_OpenID_SQLStore expected PEAR connection " .
+                          "object (got ".get_class($connection).")",
+                          E_USER_ERROR);
+            return;
+        }
+
+        $this->connection = $connection;
+
+        // Be sure to set the fetch mode so the results are keyed on
+        // column name instead of column index.  This is a PEAR
+        // constant, so only try to use it if PEAR is present.  Note
+        // that Auth_Openid_Databaseconnection instances need not
+        // implement ::setFetchMode for this reason.
+        if ($__Auth_OpenID_PEAR_AVAILABLE) {
+            $this->connection->setFetchMode(DB_FETCHMODE_ASSOC);
+        }
+
+        if ($settings_table) {
+            $this->settings_table_name = $settings_table;
+        }
+
+        if ($associations_table) {
+            $this->associations_table_name = $associations_table;
+        }
+
+        if ($nonces_table) {
+            $this->nonces_table_name = $nonces_table;
+        }
+
+        $this->max_nonce_age = 6 * 60 * 60;
+
+        // Be sure to run the database queries with auto-commit mode
+        // turned OFF, because we want every function to run in a
+        // transaction, implicitly.  As a rule, methods named with a
+        // leading underscore will NOT control transaction behavior.
+        // Callers of these methods will worry about transactions.
+        $this->connection->autoCommit(false);
+
+        // Create an empty SQL strings array.
+        $this->sql = array();
+
+        // Call this method (which should be overridden by subclasses)
+        // to populate the $this->sql array with SQL strings.
+        $this->setSQL();
+
+        // Verify that all required SQL statements have been set, and
+        // raise an error if any expected SQL strings were either
+        // absent or empty.
+        list($missing, $empty) = $this->_verifySQL();
+
+        if ($missing) {
+            trigger_error("Expected keys in SQL query list: " .
+                          implode(", ", $missing),
+                          E_USER_ERROR);
+            return;
+        }
+
+        if ($empty) {
+            trigger_error("SQL list keys have no SQL strings: " .
+                          implode(", ", $empty),
+                          E_USER_ERROR);
+            return;
+        }
+
+        // Add table names to queries.
+        $this->_fixSQL();
+    }
+
+    function tableExists($table_name)
+    {
+        return !$this->isError(
+                      $this->connection->query("SELECT * FROM %s LIMIT 0",
+                                               $table_name));
+    }
+
+    /**
+     * Returns true if $value constitutes a database error; returns
+     * false otherwise.
+     */
+    function isError($value)
+    {
+        return PEAR::isError($value);
+    }
+
+    /**
+     * Converts a query result to a boolean.  If the result is a
+     * database error according to $this->isError(), this returns
+     * false; otherwise, this returns true.
+     */
+    function resultToBool($obj)
+    {
+        if ($this->isError($obj)) {
+            return false;
+        } else {
+            return true;
+        }
+    }
+
+    /**
+     * This method should be overridden by subclasses.  This method is
+     * called by the constructor to set values in $this->sql, which is
+     * an array keyed on sql name.
+     */
+    function setSQL()
+    {
+    }
+
+    /**
+     * Resets the store by removing all records from the store's
+     * tables.
+     */
+    function reset()
+    {
+        $this->connection->query(sprintf("DELETE FROM %s",
+                                         $this->associations_table_name));
+
+        $this->connection->query(sprintf("DELETE FROM %s",
+                                         $this->nonces_table_name));
+
+        $this->connection->query(sprintf("DELETE FROM %s",
+                                         $this->settings_table_name));
+    }
+
+    /**
+     * @access private
+     */
+    function _verifySQL()
+    {
+        $missing = array();
+        $empty = array();
+
+        $required_sql_keys = array(
+                                   'nonce_table',
+                                   'assoc_table',
+                                   'settings_table',
+                                   'get_auth',
+                                   'create_auth',
+                                   'set_assoc',
+                                   'get_assoc',
+                                   'get_assocs',
+                                   'remove_assoc',
+                                   );
+
+        foreach ($required_sql_keys as $key) {
+            if (!array_key_exists($key, $this->sql)) {
+                $missing[] = $key;
+            } else if (!$this->sql[$key]) {
+                $empty[] = $key;
+            }
+        }
+
+        return array($missing, $empty);
+    }
+
+    /**
+     * @access private
+     */
+    function _fixSQL()
+    {
+        $replacements = array(
+                              array(
+                                    'value' => $this->nonces_table_name,
+                                    'keys' => array('nonce_table',
+                                                    'add_nonce')
+                                    ),
+                              array(
+                                    'value' => $this->associations_table_name,
+                                    'keys' => array('assoc_table',
+                                                    'set_assoc',
+                                                    'get_assoc',
+                                                    'get_assocs',
+                                                    'remove_assoc')
+                                    ),
+                              array(
+                                    'value' => $this->settings_table_name,
+                                    'keys' => array('settings_table',
+                                                    'get_auth',
+                                                    'create_auth')
+                                    )
+                              );
+
+        foreach ($replacements as $item) {
+            $value = $item['value'];
+            $keys = $item['keys'];
+
+            foreach ($keys as $k) {
+                if (is_array($this->sql[$k])) {
+                    foreach ($this->sql[$k] as $part_key => $part_value) {
+                        $this->sql[$k][$part_key] = sprintf($part_value,
+                                                            $value);
+                    }
+                } else {
+                    $this->sql[$k] = sprintf($this->sql[$k], $value);
+                }
+            }
+        }
+    }
+
+    function blobDecode($blob)
+    {
+        return $blob;
+    }
+
+    function blobEncode($str)
+    {
+        return $str;
+    }
+
+    function createTables()
+    {
+        $this->connection->autoCommit(true);
+        $n = $this->create_nonce_table();
+        $a = $this->create_assoc_table();
+        $s = $this->create_settings_table();
+        $this->connection->autoCommit(false);
+
+        if ($n && $a && $s) {
+            return true;
+        } else {
+            return false;
+        }
+    }
+
+    function create_nonce_table()
+    {
+        if (!$this->tableExists($this->nonces_table_name)) {
+            $r = $this->connection->query($this->sql['nonce_table']);
+            return $this->resultToBool($r);
+        }
+        return true;
+    }
+
+    function create_assoc_table()
+    {
+        if (!$this->tableExists($this->associations_table_name)) {
+            $r = $this->connection->query($this->sql['assoc_table']);
+            return $this->resultToBool($r);
+        }
+        return true;
+    }
+
+    function create_settings_table()
+    {
+        if (!$this->tableExists($this->settings_table_name)) {
+            $r = $this->connection->query($this->sql['settings_table']);
+            return $this->resultToBool($r);
+        }
+        return true;
+    }
+
+    /**
+     * @access private
+     */
+    function _get_auth()
+    {
+        return $this->connection->getOne($this->sql['get_auth']);
+    }
+
+    /**
+     * @access private
+     */
+    function _create_auth($str)
+    {
+        return $this->connection->query($this->sql['create_auth'],
+                                        array($str));
+    }
+
+    function getAuthKey()
+    {
+        $value = $this->_get_auth();
+        if (!$value) {
+            $auth_key =
+                Auth_OpenID_CryptUtil::randomString($this->AUTH_KEY_LEN);
+
+            $auth_key_s = $this->blobEncode($auth_key);
+            $this->_create_auth($auth_key_s);
+        } elseif ($this->isError($value)) {
+            trigger_error("Database error: " . $value->userinfo,
+                          E_USER_WARNING);
+            return null;
+        } else {
+            $auth_key_s = $value;
+            $auth_key = $this->blobDecode($auth_key_s);
+        }
+
+        $this->connection->commit();
+
+        if (strlen($auth_key) != $this->AUTH_KEY_LEN) {
+            $fmt = "Expected %d-byte string for auth key. Got key of length %d";
+            trigger_error(sprintf($fmt, $this->AUTH_KEY_LEN, strlen($auth_key)),
+                          E_USER_WARNING);
+            return null;
+        }
+
+        return $auth_key;
+    }
+
+    /**
+     * @access private
+     */
+    function _set_assoc($server_url, $handle, $secret, $issued,
+                        $lifetime, $assoc_type)
+    {
+        return $this->connection->query($this->sql['set_assoc'],
+                                        array(
+                                              $server_url,
+                                              $handle,
+                                              $secret,
+                                              $issued,
+                                              $lifetime,
+                                              $assoc_type));
+    }
+
+    function storeAssociation($server_url, $association)
+    {
+        if ($this->resultToBool($this->_set_assoc(
+                                            $server_url,
+                                            $association->handle,
+                                            $this->blobEncode(
+                                                  $association->secret),
+                                            $association->issued,
+                                            $association->lifetime,
+                                            $association->assoc_type
+                                            ))) {
+            $this->connection->commit();
+        } else {
+            $this->connection->rollback();
+        }
+    }
+
+    /**
+     * @access private
+     */
+    function _get_assoc($server_url, $handle)
+    {
+        $result = $this->connection->getRow($this->sql['get_assoc'],
+                                            array($server_url, $handle));
+        if ($this->isError($result)) {
+            return null;
+        } else {
+            return $result;
+        }
+    }
+
+    /**
+     * @access private
+     */
+    function _get_assocs($server_url)
+    {
+        $result = $this->connection->getAll($this->sql['get_assocs'],
+                                            array($server_url));
+
+        if ($this->isError($result)) {
+            return array();
+        } else {
+            return $result;
+        }
+    }
+
+    function removeAssociation($server_url, $handle)
+    {
+        if ($this->_get_assoc($server_url, $handle) == null) {
+            return false;
+        }
+
+        if ($this->resultToBool($this->connection->query(
+                              $this->sql['remove_assoc'],
+                              array($server_url, $handle)))) {
+            $this->connection->commit();
+        } else {
+            $this->connection->rollback();
+        }
+
+        return true;
+    }
+
+    function getAssociation($server_url, $handle = null)
+    {
+        if ($handle !== null) {
+            $assoc = $this->_get_assoc($server_url, $handle);
+
+            $assocs = array();
+            if ($assoc) {
+                $assocs[] = $assoc;
+            }
+        } else {
+            $assocs = $this->_get_assocs($server_url);
+        }
+
+        if (!$assocs || (count($assocs) == 0)) {
+            return null;
+        } else {
+            $associations = array();
+
+            foreach ($assocs as $assoc_row) {
+                $assoc = new Auth_OpenID_Association($assoc_row['handle'],
+                                                     $assoc_row['secret'],
+                                                     $assoc_row['issued'],
+                                                     $assoc_row['lifetime'],
+                                                     $assoc_row['assoc_type']);
+
+                $assoc->secret = $this->blobDecode($assoc->secret);
+
+                if ($assoc->getExpiresIn() == 0) {
+                    $this->removeAssociation($server_url, $assoc->handle);
+                } else {
+                    $associations[] = array($assoc->issued, $assoc);
+                }
+            }
+
+            if ($associations) {
+                $issued = array();
+                $assocs = array();
+                foreach ($associations as $key => $assoc) {
+                    $issued[$key] = $assoc[0];
+                    $assocs[$key] = $assoc[1];
+                }
+
+                array_multisort($issued, SORT_DESC, $assocs, SORT_DESC,
+                                $associations);
+
+                // return the most recently issued one.
+                list($issued, $assoc) = $associations[0];
+                return $assoc;
+            } else {
+                return null;
+            }
+        }
+    }
+
+    /**
+     * @access private
+     */
+    function _add_nonce($server_url, $timestamp, $salt)
+    {
+        $sql = $this->sql['add_nonce'];
+        $result = $this->connection->query($sql, array($server_url,
+                                                       $timestamp,
+                                                       $salt));
+        if ($this->isError($result)) {
+            $this->connection->rollback();
+        } else {
+            $this->connection->commit();
+        }
+        return $this->resultToBool($result);
+    }
+
+    function useNonce($server_url, $timestamp, $salt)
+    {
+        return $this->_add_nonce($server_url, $timestamp, $salt);
+    }
+
+    /**
+     * "Octifies" a binary string by returning a string with escaped
+     * octal bytes.  This is used for preparing binary data for
+     * PostgreSQL BYTEA fields.
+     *
+     * @access private
+     */
+    function _octify($str)
+    {
+        $result = "";
+        for ($i = 0; $i < strlen($str); $i++) {
+            $ch = substr($str, $i, 1);
+            if ($ch == "\\") {
+                $result .= "\\\\\\\\";
+            } else if (ord($ch) == 0) {
+                $result .= "\\\\000";
+            } else {
+                $result .= "\\" . strval(decoct(ord($ch)));
+            }
+        }
+        return $result;
+    }
+
+    /**
+     * "Unoctifies" octal-escaped data from PostgreSQL and returns the
+     * resulting ASCII (possibly binary) string.
+     *
+     * @access private
+     */
+    function _unoctify($str)
+    {
+        $result = "";
+        $i = 0;
+        while ($i < strlen($str)) {
+            $char = $str[$i];
+            if ($char == "\\") {
+                // Look to see if the next char is a backslash and
+                // append it.
+                if ($str[$i + 1] != "\\") {
+                    $octal_digits = substr($str, $i + 1, 3);
+                    $dec = octdec($octal_digits);
+                    $char = chr($dec);
+                    $i += 4;
+                } else {
+                    $char = "\\";
+                    $i += 2;
+                }
+            } else {
+                $i += 1;
+            }
+
+            $result .= $char;
+        }
+
+        return $result;
+    }
+}
+
+?>

Added: incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/SQLiteStore.php
URL: http://svn.apache.org/viewvc/incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/SQLiteStore.php?view=auto&rev=463021
==============================================================================
--- incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/SQLiteStore.php (added)
+++ incubator/heraldry/libraries/php/openid/trunk/Auth/OpenID/SQLiteStore.php Wed Oct 11 15:49:50 2006
@@ -0,0 +1,72 @@
+<?php
+
+/**
+ * An SQLite store.
+ *
+ * @package OpenID
+ */
+
+/**
+ * Require the base class file.
+ */
+require_once "Auth/OpenID/SQLStore.php";
+
+/**
+ * An SQL store that uses SQLite as its backend.
+ *
+ * @package OpenID
+ */
+class Auth_OpenID_SQLiteStore extends Auth_OpenID_SQLStore {
+    function setSQL()
+    {
+        $this->sql['nonce_table'] =
+            "CREATE TABLE %s (server_url VARCHAR(2047), timestamp INTEGER, ".
+            "salt CHAR(40), UNIQUE (server_url, timestamp, salt))";
+
+        $this->sql['assoc_table'] =
+            "CREATE TABLE %s (server_url VARCHAR(2047), handle VARCHAR(255), ".
+            "secret BLOB(128), issued INTEGER, lifetime INTEGER, ".
+            "assoc_type VARCHAR(64), PRIMARY KEY (server_url, handle))";
+
+        $this->sql['settings_table'] =
+            "CREATE TABLE %s (setting VARCHAR(128) UNIQUE PRIMARY KEY, ".
+            "value BLOB(20))";
+
+        $this->sql['create_auth'] =
+            "INSERT INTO %s VALUES ('auth_key', ?)";
+
+        $this->sql['get_auth'] =
+            "SELECT value FROM %s WHERE setting = 'auth_key'";
+
+        $this->sql['set_assoc'] =
+            "INSERT OR REPLACE INTO %s VALUES (?, ?, ?, ?, ?, ?)";
+
+        $this->sql['get_assocs'] =
+            "SELECT handle, secret, issued, lifetime, assoc_type FROM %s ".
+            "WHERE server_url = ?";
+
+        $this->sql['get_assoc'] =
+            "SELECT handle, secret, issued, lifetime, assoc_type FROM %s ".
+            "WHERE server_url = ? AND handle = ?";
+
+        $this->sql['remove_assoc'] =
+            "DELETE FROM %s WHERE server_url = ? AND handle = ?";
+
+        $this->sql['add_nonce'] =
+            "INSERT INTO %s (server_url, timestamp, salt) VALUES (?, ?, ?)";
+    }
+
+    function _add_nonce($server_url, $timestamp, $salt)
+    {
+        // PECL SQLite extensions 1.0.3 and older (1.0.3 is the
+        // current release at the time of this writing) have a broken
+        // sqlite_escape_string function that breaks when passed the
+        // empty string. Prefixing all strings with one character
+        // keeps them unique and avoids this bug. The nonce table is
+        // write-only, so we don't have to worry about updating other
+        // functions with this same bad hack.
+        return parent::_add_nonce('x' . $server_url, $timestamp, $salt);
+    }
+}
+
+?>
\ No newline at end of file



Mime
View raw message