verify.go

package openid

import (
	"errors"
	"fmt"
	"io/ioutil"
	"net/url"
	"strings"
)

func Verify(uri string, cache DiscoveryCache, nonceStore NonceStore) (id string, err error) {
	return defaultInstance.Verify(uri, cache, nonceStore)
}

func (oid *OpenID) Verify(uri string, cache DiscoveryCache, nonceStore NonceStore) (id string, err error) {
	parsedURL, err := url.Parse(uri)
	if err != nil {
		return "", err
	}
	values, err := url.ParseQuery(parsedURL.RawQuery)
	if err != nil {
		return "", err
	}

	// 11.  Verifying Assertions
	// When the Relying Party receives a positive assertion, it MUST
	// verify the following before accepting the assertion:

	// - The value of "openid.signed" contains all the required fields.
	//   (Section 10.1)
	if err = verifySignedFields(values); err != nil {
		return "", err
	}

	// - The signature on the assertion is valid (Section 11.4)
	if err = verifySignature(uri, values, oid.urlGetter); err != nil {
		return "", err
	}

	// - The value of "openid.return_to" matches the URL of the current
	//   request (Section 11.1)
	if err = verifyReturnTo(parsedURL, values); err != nil {
		return "", err
	}

	// - Discovered information matches the information in the assertion
	//   (Section 11.2)
	if err = oid.verifyDiscovered(parsedURL, values, cache); err != nil {
		return "", err
	}

	// - An assertion has not yet been accepted from this OP with the
	//   same value for "openid.response_nonce" (Section 11.3)
	if err = verifyNonce(values, nonceStore); err != nil {
		return "", err
	}

	// If all four of these conditions are met, assertion is now
	// verified. If the assertion contained a Claimed Identifier, the
	// user is now authenticated with that identifier.
	return values.Get("openid.claimed_id"), nil
}

// 10.1. Positive Assertions
// openid.signed - Comma-separated list of signed fields.
// This entry consists of the fields without the "openid." prefix that the signature covers.
// This list MUST contain at least "op_endpoint", "return_to" "response_nonce" and "assoc_handle",
// and if present in the response, "claimed_id" and "identity".
func verifySignedFields(vals url.Values) error {
	ok := map[string]bool{
		"op_endpoint":    false,
		"return_to":      false,
		"response_nonce": false,
		"assoc_handle":   false,
		"claimed_id":     vals.Get("openid.claimed_id") == "",
		"identity":       vals.Get("openid.identity") == "",
	}
	signed := strings.Split(vals.Get("openid.signed"), ",")
	for _, sf := range signed {
		ok[sf] = true
	}
	for k, v := range ok {
		if !v {
			return fmt.Errorf("%v must be signed but isn't", k)
		}
	}
	return nil
}

// 11.1.  Verifying the Return URL
// To verify that the "openid.return_to" URL matches the URL that is processing this assertion:
// - The URL scheme, authority, and path MUST be the same between the two
//   URLs.
// - Any query parameters that are present in the "openid.return_to" URL
//   MUST also be present with the same values in the URL of the HTTP
//   request the RP received.
func verifyReturnTo(uri *url.URL, vals url.Values) error {
	returnTo := vals.Get("openid.return_to")
	rp, err := url.Parse(returnTo)
	if err != nil {
		return err
	}
	if uri.Scheme != rp.Scheme ||
		uri.Host != rp.Host ||
		uri.Path != rp.Path {
		return errors.New(
			"Scheme, host or path don't match in return_to URL")
	}
	qp, err := url.ParseQuery(rp.RawQuery)
	if err != nil {
		return err
	}
	return compareQueryParams(qp, vals)
}

// Any parameter in q1 must also be present in q2, and values must match.
func compareQueryParams(q1, q2 url.Values) error {
	for k := range q1 {
		v1 := q1.Get(k)
		v2 := q2.Get(k)
		if v1 != v2 {
			return fmt.Errorf(
				"URLs query params don't match: Param %s different: %s vs %s",
				k, v1, v2)
		}
	}
	return nil
}

func (oid *OpenID) verifyDiscovered(uri *url.URL, vals url.Values, cache DiscoveryCache) error {
	version := vals.Get("openid.ns")
	if version != "http://specs.openid.net/auth/2.0" {
		return errors.New("Bad protocol version")
	}

	endpoint := vals.Get("openid.op_endpoint")
	if len(endpoint) == 0 {
		return errors.New("missing openid.op_endpoint url param")
	}
	localID := vals.Get("openid.identity")
	if len(localID) == 0 {
		return errors.New("no localId to verify")
	}
	claimedID := vals.Get("openid.claimed_id")
	if len(claimedID) == 0 {
		// If no Claimed Identifier is present in the response, the
		// assertion is not about an identifier and the RP MUST NOT use the
		// User-supplied Identifier associated with the current OpenID
		// authentication transaction to identify the user. Extension
		// information in the assertion MAY still be used.
		// --- This library does not support this case. So claimed
		//     identifier must be present.
		return errors.New("no claimed_id to verify")
	}

	// 11.2.  Verifying Discovered Information

	// If the Claimed Identifier in the assertion is a URL and contains a
	// fragment, the fragment part and the fragment delimiter character "#"
	// MUST NOT be used for the purposes of verifying the discovered
	// information.
	claimedIDVerify := claimedID
	if fragmentIndex := strings.Index(claimedID, "#"); fragmentIndex != -1 {
		claimedIDVerify = claimedID[0:fragmentIndex]
	}

	// If the Claimed Identifier is included in the assertion, it
	// MUST have been discovered by the Relying Party and the
	// information in the assertion MUST be present in the
	// discovered information. The Claimed Identifier MUST NOT be an
	// OP Identifier.
	if discovered := cache.Get(claimedIDVerify); discovered != nil &&
		discovered.OpEndpoint() == endpoint &&
		discovered.OpLocalID() == localID &&
		discovered.ClaimedID() == claimedIDVerify {
		return nil
	}

	// If the Claimed Identifier was not previously discovered by the
	// Relying Party (the "openid.identity" in the request was
	// "http://specs.openid.net/auth/2.0/identifier_select" or a different
	// Identifier, or if the OP is sending an unsolicited positive
	// assertion), the Relying Party MUST perform discovery on the Claimed
	// Identifier in the response to make sure that the OP is authorized to
	// make assertions about the Claimed Identifier.
	if ep, _, _, err := oid.Discover(claimedID); err == nil {
		if ep == endpoint {
			// This claimed ID points to the same endpoint, therefore this
			// endpoint is authorized to make assertions about that claimed ID.
			// TODO: There may be multiple endpoints found during discovery.
			// They should all be checked.
			cache.Put(claimedIDVerify, &SimpleDiscoveredInfo{opEndpoint: endpoint, opLocalID: localID, claimedID: claimedIDVerify})
			return nil
		}
	}

	return errors.New("Could not verify the claimed ID")
}

func verifyNonce(vals url.Values, store NonceStore) error {
	nonce := vals.Get("openid.response_nonce")
	endpoint := vals.Get("openid.op_endpoint")
	return store.Accept(endpoint, nonce)
}

func verifySignature(uri string, vals url.Values, getter httpGetter) error {
	// To have the signature verification performed by the OP, the
	// Relying Party sends a direct request to the OP. To verify the
	// signature, the OP uses a private association that was generated
	// when it issued the positive assertion.

	// 11.4.2.1.  Request Parameters
	params := make(url.Values)
	// openid.mode: Value: "check_authentication"
	params.Add("openid.mode", "check_authentication")
	// Exact copies of all fields from the authentication response,
	// except for "openid.mode".
	for k, vs := range vals {
		if k == "openid.mode" {
			continue
		}
		for _, v := range vs {
			params.Add(k, v)
		}
	}
	resp, err := getter.Post(vals.Get("openid.op_endpoint"), params)
	if err != nil {
		return err
	}
	defer resp.Body.Close()
	content, err := ioutil.ReadAll(resp.Body)
	response := string(content)
	lines := strings.Split(response, "\n")

	isValid := false
	nsValid := false
	for _, l := range lines {
		if l == "is_valid:true" {
			isValid = true
		} else if l == "ns:http://specs.openid.net/auth/2.0" {
			nsValid = true
		}
	}
	if isValid && nsValid {
		// Yay !
		return nil
	}

	return errors.New("Could not verify assertion with provider")
}