From 9bc3991c230ca464b8af9b7fb219ee7925edcac9 Mon Sep 17 00:00:00 2001
From: Robin Appelman <icewind1991@gmail.com>
Date: Wed, 20 Jul 2011 00:53:55 +0200
Subject: [PATCH] serveral small fixes to the openid server

---
 apps/user_openid/phpmyid.php | 12 +++++-------
 apps/user_openid/user.php    |  6 +++++-
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/apps/user_openid/phpmyid.php b/apps/user_openid/phpmyid.php
index 7991b87c6d..146eb380f7 100644
--- a/apps/user_openid/phpmyid.php
+++ b/apps/user_openid/phpmyid.php
@@ -209,7 +209,6 @@ function authorize_mode () {
 	$profile['idp_url']=$IDENTITY;
 	if (isset($_SERVER['PHP_AUTH_USER']) && $profile['authorized'] === false && $_SERVER['PHP_AUTH_USER']==$USERNAME) {
 		if (OC_USER::checkPassword($USERNAME, $_SERVER['PHP_AUTH_PW'])) {// successful login!
-			error_log('success');
 			// return to the refresh url if they get in
 			$_SESSION['openid_auth']=true;
 			$_SESSION['openid_user']=$USERNAME;
@@ -339,7 +338,7 @@ function checkid ( $wait ) {
 			: error_get($return_to, 'Missing identity');
 
 	$assoc_handle = @strlen($_REQUEST['openid_assoc_handle'])
-			? $_REQUEST['openid_assoc.handle']
+			? $_REQUEST['openid_assoc_handle']
 			: null;
 
 	$trust_root = @strlen($_REQUEST['openid_trust_root'])
@@ -1626,7 +1625,6 @@ $GLOBALS['port'] = ((isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == 'on' && $_
 		: ':' . $_SERVER['SERVER_PORT'];
 
 
-error_log($_SERVER['HTTP_HOST']);
 /**
  * Determine the HTTP request protocol
  * @name $proto
@@ -1651,15 +1649,15 @@ $profile['req_url'] = sprintf("%s://%s%s",
 // 		      $port,//host  already includes the path
 		      $_SERVER["REQUEST_URI"]);
 
-$fullId=urlencode('.php/'.$USERNAME);
-$incompleteId=urlencode('.php/');
+$fullId='user.php/'.$USERNAME.'/';
+$incompleteId='user.php/';
 
 if(!strpos($profile['req_url'],$fullId)){
 	$profile['req_url']=str_replace($incompleteId,$fullId,$profile['req_url']);
 }
 
-error_log('inc id: '.$fullId);
-error_log('req url: '.$profile['req_url']);
+// error_log('inc id: '.$fullId);
+// error_log('req url: '.$profile['req_url']);
 
 // Set the default allowance for testing
 if (! array_key_exists('allow_test', $profile))
diff --git a/apps/user_openid/user.php b/apps/user_openid/user.php
index 52af9ba3a5..4b5d13e339 100644
--- a/apps/user_openid/user.php
+++ b/apps/user_openid/user.php
@@ -25,6 +25,9 @@ $USERNAME=substr($_SERVER["REQUEST_URI"],strpos($_SERVER["REQUEST_URI"],'.php/')
 if(strpos($USERNAME,'?')!==false){
 	$USERNAME=substr($USERNAME,0,strpos($USERNAME,'?'));
 }
+if(substr($USERNAME,-1,1)=='/'){//openid sometimes add slashes to the username
+	$USERNAME=substr($USERNAME,0,-1);
+}
 
 
 if($USERNAME=='' and isset($_SERVER['PHP_AUTH_USER'])){
@@ -36,7 +39,8 @@ $RUNTIME_NOAPPS=false;
 require_once '../../lib/base.php';
 
 if(!OC_USER::userExists($USERNAME)){
-		$USERNAME='';
+	error_log($USERNAME.' doesn\'t exist');
+	$USERNAME='';
 }
 global $WEBROOT;
 $IDENTITY=((isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == 'on') ? 'https' : 'http').'://'.$_SERVER['HTTP_HOST'].$WEBROOT.'/apps/user_openid/user.php/'.$USERNAME;
-- 
GitLab