Implemented WebFinger and replaced our XRD with PEAR XML_XRD

New plugins:
* LRDD
    LRDD implements client-side RFC6415 and RFC7033 resource descriptor
    discovery procedures. I.e. LRDD, host-meta and WebFinger stuff.

    OStatus and OpenID now depend on the LRDD plugin (XML_XRD).

* WebFinger
    This plugin implements the server-side of RFC6415 and RFC7033. Note:
    WebFinger technically doesn't handle XRD, but we serve both that and
    JRD (JSON Resource Descriptor), depending on Accept header and one
    ugly hack to check for old StatusNet installations.

    WebFinger depends on LRDD.

We might make this even prettier by using Net_WebFinger, but it is not
currently RFC7033 compliant (no /.well-known/webfinger resource GETs).

Disabling the WebFinger plugin would effectively render your site non-
federated (which might be desired on a private site).

Disabling the LRDD plugin would make your site unable to do modern web
URI lookups (making life just a little bit harder).

plugins/LRDD/lib/lrddmethod/hostmeta.php

@@ -0,0 +1,60 @@
+<?php
+/**
+ * Implementation of discovery using host-meta file
+ *
+ * Discovers resource descriptor file for a user by going to the
+ * organization's host-meta file and trying to find a template for LRDD.
+ *
+ * @category  Discovery
+ * @package   StatusNet
+ * @author    James Walker <james@status.net>
+ * @copyright 2010 StatusNet, Inc.
+ * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
+ * @link      http://status.net/
+ */
+class LRDDMethod_HostMeta extends LRDDMethod
+{
+    /**
+     * For RFC6415 and HTTP URIs, fetch the host-meta file
+     * and look for LRDD templates
+     */
+    public function discover($uri)
+    {
+        // This is allowed for RFC6415 but not the 'WebFinger' RFC7033.
+        $try_schemes = array('https', 'http');
+
+        $scheme = mb_strtolower(parse_url($uri, PHP_URL_SCHEME));
+        switch ($scheme) {
+        case 'acct':
+            if (!Discovery::isAcct($uri)) {
+                throw new Exception('Bad resource URI: '.$uri);
+            }
+            // We can't use parse_url data for this, since the 'host'
+            // entry is only set if the scheme has '://' after it.
+            list($user, $domain) = explode('@', parse_url($uri, PHP_URL_PATH));
+            break;
+        case 'http':
+        case 'https':
+            $domain = mb_strtolower(parse_url($uri, PHP_URL_HOST));
+            $try_schemes = array($scheme);
+            break;
+        default:
+            throw new Exception('Unable to discover resource descriptor endpoint.');
+        }
+
+        foreach ($try_schemes as $scheme) {
+            $url = $scheme . '://' . $domain . '/.well-known/host-meta';
+            
+            try {
+                $response = self::fetchUrl($url);
+                $this->xrd->loadString($response->getBody());
+            } catch (Exception $e) {
+                common_debug('LRDD could not load resource descriptor: '.$url.' ('.$e->getMessage().')');
+                continue;
+            }
+            return $this->xrd->links;
+        }
+
+        throw new Exception('Unable to retrieve resource descriptor links.');
+    }
+}

plugins/LRDD/lib/lrddmethod/linkheader.php

@@ -0,0 +1,50 @@
+<?php
+/**
+ * Implementation of discovery using HTTP Link header
+ *
+ * Discovers XRD file for a user by fetching the URL and reading any
+ * Link: headers in the HTTP response.
+ *
+ * @category  Discovery
+ * @package   StatusNet
+ * @author    James Walker <james@status.net>
+ * @copyright 2010 StatusNet, Inc.
+ * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
+ * @link      http://status.net/
+ */
+class LRDDMethod_LinkHeader extends LRDDMethod
+{
+    /**
+     * For HTTP IDs fetch the URL and look for Link headers.
+     *
+     * @todo fail out of WebFinger URIs faster
+     */
+    public function discover($uri)
+    {
+        $response = self::fetchUrl($uri, HTTPClient::METHOD_HEAD);
+
+        $link_header = $response->getHeader('Link');
+        if (empty($link_header)) {
+            throw new Exception('No Link header found');
+        }
+        common_debug('LRDD LinkHeader found: '.var_export($link_header,true));
+
+        return self::parseHeader($link_header);
+    }
+
+    /**
+     * Given a string or array of headers, returns JRD-like assoc array
+     *
+     * @param string|array $header string or array of strings for headers
+     *
+     * @return array of associative arrays in JRD-like array format
+     */
+    protected static function parseHeader($header)
+    {
+        $lh = new LinkHeader($header);
+
+        $link = new XML_XRD_Element_Link($lh->rel, $lh->href, $lh->type);
+
+        return array($link);
+    }
+}

plugins/LRDD/lib/lrddmethod/linkhtml.php

@@ -0,0 +1,79 @@
+<?php
+/**
+ * Implementation of discovery using HTML <link> element
+ *
+ * Discovers XRD file for a user by fetching the URL and reading any
+ * <link> elements in the HTML response.
+ *
+ * @category  Discovery
+ * @package   StatusNet
+ * @author    James Walker <james@status.net>
+ * @copyright 2010 StatusNet, Inc.
+ * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
+ * @link      http://status.net/
+ */
+class LRDDMethod_LinkHTML extends LRDDMethod
+{
+    /**
+     * For HTTP IDs, fetch the URL and look for <link> elements
+     * in the HTML response.
+     *
+     * @todo fail out of WebFinger URIs faster
+     */
+    public function discover($uri)
+    {
+        $response = self::fetchUrl($uri);
+
+        return self::parse($response->getBody());
+    }
+
+    /**
+     * Parse HTML and return <link> elements
+     *
+     * Given an HTML string, scans the string for <link> elements
+     *
+     * @param string $html HTML to scan
+     *
+     * @return array array of associative arrays in JRD-ish array format
+     */
+    public function parse($html)
+    {
+        $links = array();
+
+        preg_match('/<head(\s[^>]*)?>(.*?)<\/head>/is', $html, $head_matches);
+        $head_html = $head_matches[2];
+
+        preg_match_all('/<link\s[^>]*>/i', $head_html, $link_matches);
+
+        foreach ($link_matches[0] as $link_html) {
+            $link_url  = null;
+            $link_rel  = null;
+            $link_type = null;
+
+            preg_match('/\srel=(("|\')([^\\2]*?)\\2|[^"\'\s]+)/i', $link_html, $rel_matches);
+            if ( isset($rel_matches[3]) ) {
+                $link_rel = $rel_matches[3];
+            } else if ( isset($rel_matches[1]) ) {
+                $link_rel = $rel_matches[1];
+            }
+
+            preg_match('/\shref=(("|\')([^\\2]*?)\\2|[^"\'\s]+)/i', $link_html, $href_matches);
+            if ( isset($href_matches[3]) ) {
+                $link_uri = $href_matches[3];
+            } else if ( isset($href_matches[1]) ) {
+                $link_uri = $href_matches[1];
+            }
+
+            preg_match('/\stype=(("|\')([^\\2]*?)\\2|[^"\'\s]+)/i', $link_html, $type_matches);
+            if ( isset($type_matches[3]) ) {
+                $link_type = $type_matches[3];
+            } else if ( isset($type_matches[1]) ) {
+                $link_type = $type_matches[1];
+            }
+
+            $links[] = new XML_XRD_Element_Link($link_rel, $link_uri, $link_type);
+        }
+
+        return $links;
+    }
+}

plugins/LRDD/lib/lrddmethod/webfinger.php

@@ -0,0 +1,37 @@
+<?php
+/**
+ * Implementation of WebFinger resource discovery (RFC7033)
+ *
+ * @category  Discovery
+ * @package   GNUSocial
+ * @author    Mikael Nordfeldth <mmn@hethane.se>
+ * @copyright 2013 Free Software Foundation, Inc.
+ * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
+ * @link      http://status.net/
+ */
+class LRDDMethod_WebFinger extends LRDDMethod
+{
+    /**
+     * Simply returns the WebFinger URL over HTTPS at the uri's domain:
+     * https://{domain}/.well-known/webfinger?resource={uri}
+     */
+    public function discover($uri)
+    {
+        if (!Discovery::isAcct($uri)) {
+            throw new Exception('Bad resource URI: '.$uri);
+        }
+        list($user, $domain) = explode('@', parse_url($uri, PHP_URL_PATH));
+        if (!filter_var($domain, FILTER_VALIDATE_IP)
+                && !filter_var(gethostbyname($domain), FILTER_VALIDATE_IP)) {
+            throw new Exception('Bad resource host.');
+        }
+
+        $link = new XML_XRD_Element_Link(
+                        Discovery::LRDD_REL,
+                        'https://' . $domain . '/.well-known/webfinger?resource={uri}',
+                        Discovery::JRD_MIMETYPE,
+                        true);  //isTemplate
+
+        return array($link);
+    }
+}