| public static fetch ( string $url, array $context = [], boolean $getHeaders = false ) : mixed | ||
| $url | string | The path or URL we should fetch. |
| $context | array | Extra context options. This parameter is optional. |
| $getHeaders | boolean | Whether to also return response headers. Optional. |
| return | mixed | array if $getHeaders is set, string otherwise |
public static function fetch($url, $context = array(), $getHeaders = false)
{
if (!is_string($url)) {
throw new \InvalidArgumentException('Invalid input parameters.');
}
$config = \SimpleSAML_Configuration::getInstance();
$proxy = $config->getString('proxy', null);
if ($proxy !== null) {
if (!isset($context['http']['proxy'])) {
$context['http']['proxy'] = $proxy;
}
$proxy_auth = $config->getString('proxy.auth', false);
if ($proxy_auth !== false) {
$context['http']['header'] = "Proxy-Authorization: Basic" . base64_encode($proxy_auth);
}
if (!isset($context['http']['request_fulluri'])) {
$context['http']['request_fulluri'] = true;
}
/*
* If the remote endpoint over HTTPS uses the SNI extension (Server Name Indication RFC 4366), the proxy
* could introduce a mismatch between the names in the Host: HTTP header and the SNI_server_name in TLS
* negotiation (thanks to Cristiano Valli @ GARR-IDEM to have pointed this problem).
* See: https://bugs.php.net/bug.php?id=63519
* These controls will force the same value for both fields.
* Marco Ferrante ([email protected]), Nov 2012
*/
if (preg_match('#^https#i', $url) && defined('OPENSSL_TLSEXT_SERVER_NAME') && OPENSSL_TLSEXT_SERVER_NAME) {
// extract the hostname
$hostname = parse_url($url, PHP_URL_HOST);
if (!empty($hostname)) {
$context['ssl'] = array('SNI_server_name' => $hostname, 'SNI_enabled' => true);
} else {
Logger::warning('Invalid URL format or local URL used through a proxy');
}
}
}
$context = stream_context_create($context);
$data = file_get_contents($url, false, $context);
if ($data === false) {
$error = error_get_last();
throw new \SimpleSAML_Error_Exception('Error fetching ' . var_export($url, true) . ':' . $error['message']);
}
// data and headers
if ($getHeaders) {
if (isset($http_response_header)) {
$headers = array();
foreach ($http_response_header as $h) {
if (preg_match('@^HTTP/1\\.[01]\\s+\\d{3}\\s+@', $h)) {
$headers = array();
// reset
$headers[0] = $h;
continue;
}
$bits = explode(':', $h, 2);
if (count($bits) === 2) {
$headers[strtolower($bits[0])] = trim($bits[1]);
}
}
} else {
// no HTTP headers, probably a different protocol, e.g. file
$headers = null;
}
return array($data, $headers);
}
return $data;
} public function finalStep(&$state)
{
SimpleSAML_Logger::debug("oauth wrap: Using this verification code [" . $state['authwindowslive:wrap_verification_code'] . "]");
// Retrieve Access Token
// Documentation at: http://msdn.microsoft.com/en-us/library/ff749686.aspx
$postData = 'wrap_client_id=' . urlencode($this->key) . '&wrap_client_secret=' . urlencode($this->secret) . '&wrap_callback=' . urlencode(SimpleSAML_Module::getModuleUrl('authwindowslive') . '/linkback.php') . '&wrap_verification_code=' . urlencode($state['authwindowslive:wrap_verification_code']);
$context = array('http' => array('method' => 'POST', 'header' => 'Content-type: application/x-www-form-urlencoded', 'content' => $postData));
$result = \SimpleSAML\Utils\HTTP::fetch('https://consent.live.com/AccessToken.aspx', $context);
parse_str($result, $response);
// error checking of $response to make sure we can proceed
if (!array_key_exists('wrap_access_token', $response)) {
throw new Exception('[' . $response['error_code'] . '] ' . $response['wrap_error_reason'] . "\r\nNo wrap_access_token returned - cannot proceed\r\n" . $response['internal_info']);
}
SimpleSAML_Logger::debug("Got an access token from the OAuth WRAP service provider [" . $response['wrap_access_token'] . "] for user [" . $response['uid'] . "]");
// Documentation at: http://msdn.microsoft.com/en-us/library/ff751708.aspx
$opts = array('http' => array('header' => "Accept: application/json\r\nAuthorization: WRAP access_token=" . $response['wrap_access_token'] . "\r\n"));
$data = \SimpleSAML\Utils\HTTP::fetch('https://apis.live.net/V4.1/cid-' . $response['uid'] . '/Profiles', $opts);
$userdata = json_decode($data, TRUE);
$attributes = array();
$attributes['windowslive_uid'] = array($response['uid']);
$attributes['windowslive_targetedID'] = array('http://windowslive.com!' . $response['uid']);
$attributes['windowslive_user'] = array($response['uid'] . '@windowslive.com');
if (array_key_exists('Entries', $userdata)) {
foreach ($userdata['Entries'][0] as $key => $value) {
if (is_string($value)) {
$attributes['windowslive.' . $key] = array((string) $value);
}
}
if (array_key_exists('Emails', $userdata['Entries'][0])) {
$attributes['windowslive_mail'] = array($userdata['Entries'][0]['Emails'][0]['Address']);
}
}
SimpleSAML_Logger::debug('LiveID Returned Attributes: ' . implode(", ", array_keys($attributes)));
$state['Attributes'] = $attributes;
}
