PageRenderTime 59ms CodeModel.GetById 24ms RepoModel.GetById 1ms app.codeStats 0ms

/tests/Zend/OpenID/ProviderTest.php

https://github.com/matthewfitz/zf2
PHP | 1634 lines | 1339 code | 124 blank | 171 comment | 14 complexity | 27f61667a51be70d45c510f3132be176 MD5 | raw file
Possible License(s): BSD-3-Clause

Large files files are truncated, but you can click here to view the full file

  1. <?php
  2. /**
  3. * Zend Framework
  4. *
  5. * LICENSE
  6. *
  7. * This source file is subject to the new BSD license that is bundled
  8. * with this package in the file LICENSE.txt.
  9. * It is also available through the world-wide-web at this URL:
  10. * http://framework.zend.com/license/new-bsd
  11. * If you did not receive a copy of the license and are unable to
  12. * obtain it through the world-wide-web, please send an email
  13. * to license@zend.com so we can send you a copy immediately.
  14. *
  15. * @category Zend
  16. * @package Zend_OpenID
  17. * @subpackage UnitTests
  18. * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
  19. * @license http://framework.zend.com/license/new-bsd New BSD License
  20. * @version $Id$
  21. */
  22. /**
  23. * @namespace
  24. */
  25. namespace ZendTest\OpenID\Provider;
  26. use Zend\OpenID\OpenID,
  27. Zend\OpenID\Provider,
  28. Zend\OpenID\Extension,
  29. ZendTest\OpenID as OpenIDTest;
  30. /**
  31. * @category Zend
  32. * @package Zend_OpenID
  33. * @subpackage UnitTests
  34. * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
  35. * @license http://framework.zend.com/license/new-bsd New BSD License
  36. * @group Zend_OpenID
  37. */
  38. class ProviderTest extends \PHPUnit_Framework_TestCase
  39. {
  40. const USER = "http://test_user.myopenid.com/";
  41. const PASSWORD = "01234567890abcdef";
  42. const HANDLE = "01234567890abcdef";
  43. private $_user;
  44. public function __construct($name = NULL, array $data = array(), $dataName = '')
  45. {
  46. parent::__construct($name, $data, $dataName);
  47. $this->_user = new Provider\User\Session();
  48. }
  49. /**
  50. * testing register
  51. *
  52. */
  53. public function testRegister()
  54. {
  55. $storage = new Provider\Storage\File(dirname(__FILE__)."/_files/provider");
  56. $storage->delUser(self::USER);
  57. $provider = new Provider\GenericProvider(null, null, $this->_user, $storage);
  58. $this->assertFalse( $storage->checkUser(self::USER, self::PASSWORD) );
  59. // wrong ID
  60. $this->assertFalse( $provider->register("", self::PASSWORD) );
  61. // registration of new user
  62. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  63. // registration of existent user
  64. $this->assertFalse( $provider->register(self::USER, self::PASSWORD) );
  65. $this->assertTrue( $storage->checkUser(self::USER, md5(self::USER . self::PASSWORD)) );
  66. $storage->delUser(self::USER);
  67. }
  68. /**
  69. * testing hasUser
  70. *
  71. */
  72. public function testHasUser()
  73. {
  74. $storage = new Provider\Storage\File(dirname(__FILE__)."/_files/provider");
  75. $storage->delUser(self::USER);
  76. $provider = new Provider\GenericProvider(null, null, $this->_user, $storage);
  77. // wrong ID
  78. $this->assertFalse( $provider->hasUser("") );
  79. $this->assertFalse( $provider->hasUser("http://:80/test") );
  80. // check for non existent
  81. $this->assertFalse( $provider->hasUser(self::USER) );
  82. // check for existent user
  83. $this->assertTrue( $storage->addUser(self::USER, self::PASSWORD) );
  84. $this->assertTrue( $provider->hasUser(self::USER) );
  85. $storage->delUser(self::USER);
  86. }
  87. /**
  88. * testing login
  89. *
  90. */
  91. public function testLogin()
  92. {
  93. $storage = new Provider\Storage\File(dirname(__FILE__)."/_files/provider");
  94. $storage->delUser(self::USER);
  95. $this->_user->delLoggedInUser();
  96. $provider = new Provider\GenericProvider(null, null, $this->_user, $storage);
  97. // wrong ID
  98. $this->assertFalse( $provider->login("", self::PASSWORD) );
  99. $this->assertFalse( $this->_user->getLoggedInUser() );
  100. $this->assertFalse( $provider->login("http://:80/test", self::PASSWORD) );
  101. $this->assertFalse( $this->_user->getLoggedInUser() );
  102. // login as non existent user
  103. $this->assertFalse( $provider->login(self::USER, self::PASSWORD) );
  104. $this->assertFalse( $this->_user->getLoggedInUser() );
  105. // login as existent user with wrong password
  106. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  107. $this->assertFalse( $provider->login(self::USER, self::PASSWORD . "x") );
  108. $this->assertFalse( $this->_user->getLoggedInUser() );
  109. // login as existent user with proper password
  110. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  111. $this->assertSame( self::USER, $this->_user->getLoggedInUser() );
  112. $storage->delUser(self::USER);
  113. $this->_user->delLoggedInUser();
  114. }
  115. /**
  116. * testing logout
  117. *
  118. */
  119. public function testLogout()
  120. {
  121. $storage = new Provider\Storage\File(dirname(__FILE__)."/_files/provider");
  122. $storage->delUser(self::USER);
  123. $this->_user->delLoggedInUser();
  124. $provider = new Provider\GenericProvider(null, null, $this->_user, $storage);
  125. $this->assertFalse( $this->_user->getLoggedInUser() );
  126. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  127. $this->assertFalse( $this->_user->getLoggedInUser() );
  128. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  129. $this->assertSame( self::USER, $this->_user->getLoggedInUser() );
  130. $this->assertTrue( $provider->logout() );
  131. $this->assertFalse( $this->_user->getLoggedInUser() );
  132. $storage->delUser(self::USER);
  133. $this->_user->delLoggedInUser();
  134. }
  135. /**
  136. * testing logout
  137. *
  138. */
  139. public function testLoggedInUser()
  140. {
  141. $storage = new Provider\Storage\File(dirname(__FILE__)."/_files/provider");
  142. $storage->delUser(self::USER);
  143. $this->_user->delLoggedInUser();
  144. $provider = new Provider\GenericProvider(null, null, $this->_user, $storage);
  145. $this->assertFalse( $provider->getLoggedInUser() );
  146. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  147. $this->assertFalse( $provider->getLoggedInUser() );
  148. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  149. $this->assertSame( self::USER, $this->_user->getLoggedInUser() );
  150. $this->assertTrue( $provider->logout() );
  151. $this->assertFalse( $provider->getLoggedInUser() );
  152. $storage->delUser(self::USER);
  153. $this->_user->delLoggedInUser();
  154. }
  155. /**
  156. * testing getSiteRoot
  157. *
  158. */
  159. public function testGetSiteRoot()
  160. {
  161. $storage = new Provider\Storage\File(dirname(__FILE__)."/_files/provider");
  162. $provider = new Provider\GenericProvider(null, null, $this->_user, $storage);
  163. $params = array(
  164. 'openid_realm' => "http://wrong/",
  165. 'openid_trust_root' => "http://root/",
  166. 'openid_return_to' => "http://wrong/",
  167. );
  168. $this->assertSame( "http://root/", $provider->getSiteRoot($params) );
  169. $params = array(
  170. 'openid_realm' => "http://wrong/",
  171. 'openid_return_to' => "http://root/",
  172. );
  173. $this->assertSame( "http://root/", $provider->getSiteRoot($params) );
  174. $params = array(
  175. 'openid_realm' => "http://wrong/",
  176. );
  177. $this->assertFalse( $provider->getSiteRoot($params) );
  178. $params = array(
  179. 'openid_ns' => OpenID::NS_2_0,
  180. 'openid_realm' => "http://root/",
  181. 'openid_trust_root' => "http://wrong/",
  182. 'openid_return_to' => "http://wrong/",
  183. );
  184. $this->assertSame( "http://root/", $provider->getSiteRoot($params) );
  185. $params = array(
  186. 'openid_ns' => OpenID::NS_2_0,
  187. 'openid_trust_root' => "http://wrong/",
  188. 'openid_return_to' => "http://root/",
  189. );
  190. $this->assertSame( "http://root/", $provider->getSiteRoot($params) );
  191. $params = array(
  192. 'openid_ns' => OpenID::NS_2_0,
  193. 'openid_return_to' => "http://root/",
  194. );
  195. $this->assertSame( "http://root/", $provider->getSiteRoot($params) );
  196. $params = array(
  197. 'openid_ns' => OpenID::NS_2_0,
  198. );
  199. $this->assertFalse( $provider->getSiteRoot($params) );
  200. $params = array(
  201. 'openid_trust_root' => "",
  202. );
  203. $this->assertFalse( $provider->getSiteRoot($params) );
  204. }
  205. /**
  206. * testing allowSite
  207. *
  208. */
  209. public function testAllowSite()
  210. {
  211. $storage = new Provider\Storage\File(dirname(__FILE__)."/_files/provider");
  212. $storage->delUser(self::USER);
  213. $this->_user->delLoggedInUser();
  214. $provider = new Provider\GenericProvider(null, null, $this->_user, $storage);
  215. // not logged in
  216. $this->assertFalse( $provider->allowSite("http://www.test.com/") );
  217. // logged in
  218. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  219. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  220. $this->assertTrue( $provider->allowSite("http://www.test.com/") );
  221. $trusted = $storage->getTrustedSites(self::USER);
  222. $this->assertTrue( is_array($trusted) );
  223. $this->assertSame( 1, count($trusted) );
  224. reset($trusted);
  225. $this->assertSame( "http://www.test.com/", key($trusted) );
  226. $this->assertSame( true, current($trusted) );
  227. // duplicate
  228. $this->assertTrue( $provider->allowSite("http://www.test.com/") );
  229. $trusted = $storage->getTrustedSites(self::USER);
  230. $this->assertTrue( is_array($trusted) );
  231. $this->assertSame( 1, count($trusted) );
  232. reset($trusted);
  233. $this->assertSame( "http://www.test.com/", key($trusted) );
  234. $this->assertSame( true, current($trusted) );
  235. // extensions
  236. $sreg = new Extension\Sreg(array("nickname"=>"test_id"));
  237. $this->assertTrue( $provider->allowSite("http://www.test.com/", $sreg) );
  238. $trusted = $storage->getTrustedSites(self::USER);
  239. $this->assertTrue( is_array($trusted) );
  240. $this->assertSame( 1, count($trusted) );
  241. reset($trusted);
  242. $this->assertSame( "http://www.test.com/", key($trusted) );
  243. $this->assertSame( array('Zend\OpenID\Extension\Sreg'=>array('nickname'=>'test_id')), current($trusted) );
  244. $this->_user->delLoggedInUser();
  245. $storage->delUser(self::USER);
  246. }
  247. /**
  248. * testing denySite
  249. *
  250. */
  251. public function testDenySite()
  252. {
  253. $storage = new Provider\Storage\File(dirname(__FILE__)."/_files/provider");
  254. $storage->delUser(self::USER);
  255. $this->_user->delLoggedInUser();
  256. $provider = new Provider\GenericProvider(null, null, $this->_user, $storage);
  257. $sreg = new Extension\Sreg(array("nickname"=>"test_id"));
  258. // not logged in
  259. $this->assertFalse( $provider->denySite("http://www.test.com/") );
  260. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  261. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  262. $this->assertTrue( $provider->allowSite("http://www.test1.com/") );
  263. $this->assertTrue( $provider->allowSite("http://www.test2.com/", $sreg) );
  264. $this->AssertSame( array(
  265. 'http://www.test1.com/' => true,
  266. 'http://www.test2.com/' => array(
  267. 'Zend\OpenID\Extension\Sreg' => array(
  268. 'nickname' => 'test_id'
  269. )
  270. )
  271. ),
  272. $storage->getTrustedSites(self::USER) );
  273. $this->assertTrue( $provider->denySite("http://www.test3.com/") );
  274. $this->AssertSame( array(
  275. 'http://www.test1.com/' => true,
  276. 'http://www.test2.com/' => array(
  277. 'Zend\OpenID\Extension\Sreg' => array(
  278. 'nickname' => 'test_id'
  279. )
  280. ),
  281. 'http://www.test3.com/' => false
  282. ),
  283. $storage->getTrustedSites(self::USER) );
  284. $this->assertTrue( $provider->denySite("http://www.test1.com/") );
  285. $this->AssertSame( array(
  286. 'http://www.test1.com/' => false,
  287. 'http://www.test2.com/' => array(
  288. 'Zend\OpenID\Extension\Sreg' => array(
  289. 'nickname' => 'test_id'
  290. )
  291. ),
  292. 'http://www.test3.com/' => false
  293. ),
  294. $storage->getTrustedSites(self::USER) );
  295. $this->assertTrue( $provider->denySite("http://www.test2.com/") );
  296. $this->AssertSame( array(
  297. 'http://www.test1.com/' => false,
  298. 'http://www.test2.com/' => false,
  299. 'http://www.test3.com/' => false
  300. ),
  301. $storage->getTrustedSites(self::USER) );
  302. $this->_user->delLoggedInUser();
  303. $storage->delUser(self::USER);
  304. }
  305. /**
  306. * testing delSite
  307. *
  308. */
  309. public function testDelSite()
  310. {
  311. $storage = new Provider\Storage\File(dirname(__FILE__)."/_files/provider");
  312. $storage->delUser(self::USER);
  313. $this->_user->delLoggedInUser();
  314. $provider = new Provider\GenericProvider(null, null, $this->_user, $storage);
  315. $sreg = new Extension\Sreg(array("nickname"=>"test_id"));
  316. // not logged in
  317. $this->assertFalse( $provider->delSite("http://www.test.com/") );
  318. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  319. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  320. $this->assertTrue( $provider->allowSite("http://www.test1.com/") );
  321. $this->assertTrue( $provider->allowSite("http://www.test2.com/", $sreg) );
  322. $this->AssertSame( array(
  323. 'http://www.test1.com/' => true,
  324. 'http://www.test2.com/' => array(
  325. 'Zend\OpenID\Extension\Sreg' => array(
  326. 'nickname' => 'test_id'
  327. )
  328. )
  329. ),
  330. $storage->getTrustedSites(self::USER) );
  331. $this->assertTrue( $provider->delSite("http://www.test3.com/") );
  332. $this->AssertSame( array(
  333. 'http://www.test1.com/' => true,
  334. 'http://www.test2.com/' => array(
  335. 'Zend\OpenID\Extension\Sreg' => array(
  336. 'nickname' => 'test_id'
  337. )
  338. )
  339. ),
  340. $storage->getTrustedSites(self::USER) );
  341. $this->assertTrue( $provider->delSite("http://www.test1.com/") );
  342. $this->AssertSame( array(
  343. 'http://www.test2.com/' => array(
  344. 'Zend\OpenID\Extension\Sreg' => array(
  345. 'nickname' => 'test_id'
  346. )
  347. )
  348. ),
  349. $storage->getTrustedSites(self::USER) );
  350. $this->assertTrue( $provider->delSite("http://www.test2.com/") );
  351. $this->AssertSame( array(
  352. ),
  353. $storage->getTrustedSites(self::USER) );
  354. $this->_user->delLoggedInUser();
  355. $storage->delUser(self::USER);
  356. }
  357. /**
  358. * testing getTrustedSites
  359. *
  360. */
  361. public function testGetTrustedSites()
  362. {
  363. $storage = new Provider\Storage\File(dirname(__FILE__)."/_files/provider");
  364. $storage->delUser(self::USER);
  365. $this->_user->delLoggedInUser();
  366. $provider = new Provider\GenericProvider(null, null, $this->_user, $storage);
  367. $sreg = new Extension\Sreg(array("nickname"=>"test_id"));
  368. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  369. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  370. $this->assertTrue( $provider->allowSite("http://www.test1.com/") );
  371. $this->assertTrue( $provider->allowSite("http://www.test2.com/", $sreg) );
  372. $this->AssertSame( array(
  373. 'http://www.test1.com/' => true,
  374. 'http://www.test2.com/' => array(
  375. 'Zend\OpenID\Extension\Sreg' => array(
  376. 'nickname' => 'test_id'
  377. )
  378. )
  379. ),
  380. $provider->getTrustedSites() );
  381. $this->_user->delLoggedInUser();
  382. $this->AssertFalse( $provider->getTrustedSites() );
  383. $storage->delUser(self::USER);
  384. }
  385. /**
  386. * testing genSecret
  387. *
  388. */
  389. public function testGenSecret()
  390. {
  391. $provider = new OpenIDTest\ProviderHelper(null, null, $this->_user, new Provider\Storage\File(dirname(__FILE__)."/_files/provider"));
  392. // SHA1
  393. $x = $provider->genSecret("sha1");
  394. $this->assertTrue( is_string($x) );
  395. $this->assertSame( 20, strlen($x) );
  396. // SHA256
  397. $x = $provider->genSecret("sha256");
  398. $this->assertTrue( is_string($x) );
  399. $this->assertSame( 32, strlen($x) );
  400. // invalid function
  401. $this->assertFalse( $provider->genSecret("md5") );
  402. }
  403. /**
  404. * testing _associate
  405. *
  406. */
  407. public function testAssociate()
  408. {
  409. try {
  410. $storage = new Provider\Storage\File(dirname(__FILE__)."/_files/provider");
  411. $provider = new OpenIDTest\ProviderHelper(null, null, $this->_user, $storage);
  412. // Wrong assoc_type
  413. $ret = $provider->handle(array('openid_mode'=>'associate'));
  414. $res = array();
  415. foreach (explode("\n", $ret) as $line) {
  416. if (!empty($line)) {
  417. list($key, $val) = explode(":", $line, 2);
  418. $res[$key] = $val;
  419. }
  420. }
  421. $this->assertSame( 'unsupported-type', $res['error-code'] );
  422. // Wrong assoc_type (OpenID 2.0)
  423. $ret = $provider->handle(array('openid_ns'=>OpenID::NS_2_0,
  424. 'openid_mode'=>'associate'));
  425. $res = array();
  426. foreach (explode("\n", $ret) as $line) {
  427. if (!empty($line)) {
  428. list($key, $val) = explode(":", $line, 2);
  429. $res[$key] = $val;
  430. }
  431. }
  432. $this->assertSame( OpenID::NS_2_0, $res['ns'] );
  433. $this->assertSame( 'unsupported-type', $res['error-code'] );
  434. // Wrong session_type
  435. $ret = $provider->handle(array('openid_mode'=>'associate',
  436. 'openid_assoc_type'=>'HMAC-SHA1',
  437. 'openid_session_type'=>'DH-SHA257'));
  438. $res = array();
  439. foreach (explode("\n", $ret) as $line) {
  440. if (!empty($line)) {
  441. list($key, $val) = explode(":", $line, 2);
  442. $res[$key] = $val;
  443. }
  444. }
  445. $this->assertSame( 'unsupported-type', $res['error-code'] );
  446. // Associaation without encryption
  447. $ret = $provider->handle(array('openid_assoc_type'=>'HMAC-SHA1',
  448. 'openid_mode'=>'associate'));
  449. $res = array();
  450. foreach (explode("\n", $ret) as $line) {
  451. if (!empty($line)) {
  452. list($key, $val) = explode(":", $line, 2);
  453. $res[$key] = $val;
  454. }
  455. }
  456. $this->assertSame( 'HMAC-SHA1', $res['assoc_type'] );
  457. $this->assertTrue( isset($res['mac_key']) );
  458. $this->assertSame( 20, strlen(base64_decode($res['mac_key'])) );
  459. $this->assertTrue( isset($res['assoc_handle']) );
  460. $this->assertSame( '3600', $res['expires_in'] );
  461. $this->assertFalse( isset($res['session_type']) );
  462. $this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
  463. $this->assertSame( 'sha1', $macFunc );
  464. $this->assertSame( bin2hex(base64_decode($res['mac_key'])), bin2hex($secret) );
  465. // Associaation without encryption (OpenID 2.0)
  466. $ret = $provider->handle(array('openid_ns'=>OpenID::NS_2_0,
  467. 'openid_assoc_type'=>'HMAC-SHA256',
  468. 'openid_mode'=>'associate'));
  469. $res = array();
  470. foreach (explode("\n", $ret) as $line) {
  471. if (!empty($line)) {
  472. list($key, $val) = explode(":", $line, 2);
  473. $res[$key] = $val;
  474. }
  475. }
  476. $this->assertSame( OpenID::NS_2_0, $res['ns'] );
  477. $this->assertSame( 'HMAC-SHA256', $res['assoc_type'] );
  478. $this->assertTrue( isset($res['mac_key']) );
  479. $this->assertSame( 32, strlen(base64_decode($res['mac_key'])) );
  480. $this->assertTrue( isset($res['assoc_handle']) );
  481. $this->assertSame( '3600', $res['expires_in'] );
  482. $this->assertFalse( isset($res['session_type']) );
  483. $this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
  484. $this->assertSame( 'sha256', $macFunc );
  485. $this->assertSame( bin2hex(base64_decode($res['mac_key'])), bin2hex($secret) );
  486. // Associaation without encryption (OpenID 2.0)
  487. $ret = $provider->handle(array('openid_ns'=>OpenID::NS_2_0,
  488. 'openid_assoc_type'=>'HMAC-SHA256',
  489. 'openid_mode'=>'associate',
  490. 'openid_session_type'=>'no-encryption'));
  491. $res = array();
  492. foreach (explode("\n", $ret) as $line) {
  493. if (!empty($line)) {
  494. list($key, $val) = explode(":", $line, 2);
  495. $res[$key] = $val;
  496. }
  497. }
  498. $this->assertSame( OpenID::NS_2_0, $res['ns'] );
  499. $this->assertSame( 'HMAC-SHA256', $res['assoc_type'] );
  500. $this->assertTrue( isset($res['mac_key']) );
  501. $this->assertSame( 32, strlen(base64_decode($res['mac_key'])) );
  502. $this->assertTrue( isset($res['assoc_handle']) );
  503. $this->assertSame( '3600', $res['expires_in'] );
  504. $this->assertSame( 'no-encryption', $res['session_type'] );
  505. $this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
  506. $this->assertSame( 'sha256', $macFunc );
  507. $this->assertSame( bin2hex(base64_decode($res['mac_key'])), bin2hex($secret) );
  508. // Associaation with DH-SHA1 encryption
  509. $ret = $provider->handle(array('openid_assoc_type'=>'HMAC-SHA1',
  510. 'openid_mode'=>'associate',
  511. 'openid_session_type'=>'DH-SHA1',
  512. 'openid_dh_modulus'=>'ANz5OguIOXLsDhmYmsWizjEOHTdxfo2Vcbt2I3MYZuYe91ouJ4mLBX+YkcLiemOcPym2CBRYHNOyyjmG0mg3BVd9RcLn5S3IHHoXGHblzqdLFEi/368Ygo79JRnxTkXjgmY0rxlJ5bU1zIKaSDuKdiI+XUkKJX8Fvf8W8vsixYOr',
  513. 'openid_dh_gen'=>'Ag==',
  514. 'openid_dh_consumer_public'=>'RqexRm+Zn5s3sXxFBjI9WfCOBwBDDQBKPzX4fjMGl3YEJh5tx8SVo7awgwuqsliR+nvjmRh5kSFIGv8YSCsy88v1CcAfWUGfjehO9euxQcXOYJnNGbl6GQrE2FYe2RCvML4Yi8eYCYtCQi0wlDE7BJXGSVPXFzj/ru0lR/voPpk=',
  515. ));
  516. $res = array();
  517. foreach (explode("\n", $ret) as $line) {
  518. if (!empty($line)) {
  519. list($key, $val) = explode(":", $line, 2);
  520. $res[$key] = $val;
  521. }
  522. }
  523. $this->assertSame( 'HMAC-SHA1', $res['assoc_type'] );
  524. $this->assertSame( 'DH-SHA1', $res['session_type'] );
  525. $this->assertTrue( isset($res['dh_server_public']) );
  526. $this->assertTrue( isset($res['enc_mac_key']) );
  527. $this->assertSame( 20, strlen(base64_decode($res['enc_mac_key'])) );
  528. $this->assertTrue( isset($res['assoc_handle']) );
  529. $this->assertSame( '3600', $res['expires_in'] );
  530. $this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
  531. $this->assertSame( 'sha1', $macFunc );
  532. // Associaation with DH-SHA256 encryption (OpenID 2.0)
  533. $ret = $provider->handle(array('openid_ns'=>OpenID::NS_2_0,
  534. 'openid_assoc_type'=>'HMAC-SHA256',
  535. 'openid_mode'=>'associate',
  536. 'openid_session_type'=>'DH-SHA256',
  537. 'openid_dh_modulus'=>'ANz5OguIOXLsDhmYmsWizjEOHTdxfo2Vcbt2I3MYZuYe91ouJ4mLBX+YkcLiemOcPym2CBRYHNOyyjmG0mg3BVd9RcLn5S3IHHoXGHblzqdLFEi/368Ygo79JRnxTkXjgmY0rxlJ5bU1zIKaSDuKdiI+XUkKJX8Fvf8W8vsixYOr',
  538. 'openid_dh_gen'=>'Ag==',
  539. 'openid_dh_consumer_public'=>'RqexRm+Zn5s3sXxFBjI9WfCOBwBDDQBKPzX4fjMGl3YEJh5tx8SVo7awgwuqsliR+nvjmRh5kSFIGv8YSCsy88v1CcAfWUGfjehO9euxQcXOYJnNGbl6GQrE2FYe2RCvML4Yi8eYCYtCQi0wlDE7BJXGSVPXFzj/ru0lR/voPpk=',
  540. ));
  541. $res = array();
  542. foreach (explode("\n", $ret) as $line) {
  543. if (!empty($line)) {
  544. list($key, $val) = explode(":", $line, 2);
  545. $res[$key] = $val;
  546. }
  547. }
  548. $this->assertSame( 'HMAC-SHA256', $res['assoc_type'] );
  549. $this->assertSame( 'DH-SHA256', $res['session_type'] );
  550. $this->assertTrue( isset($res['dh_server_public']) );
  551. $this->assertTrue( isset($res['enc_mac_key']) );
  552. $this->assertSame( 32, strlen(base64_decode($res['enc_mac_key'])) );
  553. $this->assertTrue( isset($res['assoc_handle']) );
  554. $this->assertSame( '3600', $res['expires_in'] );
  555. $this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
  556. $this->assertSame( 'sha256', $macFunc );
  557. } catch (Zend\OpenID\Exception $e) {
  558. $this->markTestSkipped($e->getMessage());
  559. }
  560. }
  561. /**
  562. * testing _checkAuthentication
  563. *
  564. */
  565. public function testCheckAuthentication()
  566. {
  567. $storage = new Provider\Storage\File(dirname(__FILE__)."/_files/provider");
  568. $provider = new OpenIDTest\ProviderHelper(null, null, $this->_user, $storage);
  569. // Wrong arguments
  570. $ret = $provider->handle(array('openid_mode'=>'check_authentication'));
  571. $res = array();
  572. foreach (explode("\n", $ret) as $line) {
  573. if (!empty($line)) {
  574. list($key, $val) = explode(":", $line, 2);
  575. $res[$key] = $val;
  576. }
  577. }
  578. $this->assertSame( 'id_res', $res['openid.mode'] );
  579. $this->assertSame( 'false', $res['is_valid'] );
  580. // Wrong arguments (OpenID 2.0)
  581. $ret = $provider->handle(array('openid_ns'=>OpenID::NS_2_0,
  582. 'openid_mode'=>'check_authentication'));
  583. $res = array();
  584. foreach (explode("\n", $ret) as $line) {
  585. if (!empty($line)) {
  586. list($key, $val) = explode(":", $line, 2);
  587. $res[$key] = $val;
  588. }
  589. }
  590. $this->assertSame( OpenID::NS_2_0, $res['ns'] );
  591. $this->assertSame( 'id_res', $res['openid.mode'] );
  592. $this->assertSame( 'false', $res['is_valid'] );
  593. // Wrong session id
  594. $storage->delAssociation(self::HANDLE);
  595. $ret = $provider->handle(array('openid_mode'=>'check_authentication',
  596. 'openid_assoc_handle'=>self::HANDLE));
  597. $res = array();
  598. foreach (explode("\n", $ret) as $line) {
  599. if (!empty($line)) {
  600. list($key, $val) = explode(":", $line, 2);
  601. $res[$key] = $val;
  602. }
  603. }
  604. $this->assertSame( 'id_res', $res['openid.mode'] );
  605. $this->assertSame( 'false', $res['is_valid'] );
  606. // Proper session signed with HAMC-SHA256
  607. $storage->addAssociation(self::HANDLE, "sha1", pack("H*", '0102030405060708091011121314151617181920'), time() + 3660);
  608. $ret = $provider->handle(array('openid_mode'=>'check_authentication',
  609. 'openid_assoc_handle'=>self::HANDLE,
  610. 'openid_signed'=>'mode,assoc_handle,signed',
  611. 'openid_sig'=>'IgLZCOXmEPowYl6yyFZjYL4ZTtQ='));
  612. $res = array();
  613. foreach (explode("\n", $ret) as $line) {
  614. if (!empty($line)) {
  615. list($key, $val) = explode(":", $line, 2);
  616. $res[$key] = $val;
  617. }
  618. }
  619. $this->assertSame( 'id_res', $res['openid.mode'] );
  620. $this->assertSame( 'true', $res['is_valid'] );
  621. // Proper session signed with HAMC-SHA256
  622. $storage->delAssociation(self::HANDLE);
  623. $storage->addAssociation(self::HANDLE, "sha256", pack("H*", '0102030405060708091011121314151617181920212223242526272829303132'), time() + 3660);
  624. $ret = $provider->handle(array('openid_mode'=>'check_authentication',
  625. 'openid_assoc_handle'=>self::HANDLE,
  626. 'openid_signed'=>'mode,assoc_handle,signed',
  627. 'openid_sig'=>'xoJcXj30L1N7QRir7I2ovop1SaijXnAI97X/yH+kvck='));
  628. $res = array();
  629. foreach (explode("\n", $ret) as $line) {
  630. if (!empty($line)) {
  631. list($key, $val) = explode(":", $line, 2);
  632. $res[$key] = $val;
  633. }
  634. }
  635. $this->assertSame( 'id_res', $res['openid.mode'] );
  636. $this->assertSame( 'true', $res['is_valid'] );
  637. // Wrong signature
  638. $storage->delAssociation(self::HANDLE);
  639. $storage->addAssociation(self::HANDLE, "sha256", pack("H*", '0102030405060708091011121314151617181920212223242526272829303132'), time() + 3660);
  640. $ret = $provider->handle(array('openid_ns'=>OpenID::NS_2_0,
  641. 'openid_mode'=>'check_authentication',
  642. 'openid_assoc_handle'=>self::HANDLE,
  643. 'openid_signed'=>'ns,mode,assoc_handle,signed',
  644. 'openid_sig'=>'xoJcXj30L1N7QRir7I2ovop1SaijXnAI97X/yH+kvck='));
  645. $res = array();
  646. foreach (explode("\n", $ret) as $line) {
  647. if (!empty($line)) {
  648. list($key, $val) = explode(":", $line, 2);
  649. $res[$key] = $val;
  650. }
  651. }
  652. $this->assertSame( 'id_res', $res['openid.mode'] );
  653. $this->assertSame( 'false', $res['is_valid'] );
  654. $storage->delAssociation(self::HANDLE);
  655. }
  656. /**
  657. * testing respondToConsumer
  658. *
  659. */
  660. public function testRespondToConsumer()
  661. {
  662. $storage = new Provider\Storage\File(dirname(__FILE__)."/_files/provider");
  663. $provider = new OpenIDTest\ProviderHelper(null, null, $this->_user, $storage);
  664. // dumb mode
  665. $response = new OpenIDTest\ResponseHelper(true);
  666. $storage->delAssociation(self::HANDLE);
  667. $this->assertTrue( $provider->respondToConsumer(array(
  668. 'openid_assoc_handle' => self::HANDLE,
  669. 'openid_return_to' => 'http://www.test.com/test.php'
  670. ), null, $response) );
  671. $headers = $response->getHeaders();
  672. $this->assertSame( 'Location', $headers[0]['name'] );
  673. $url = parse_url($headers[0]['value']);
  674. $this->assertSame( 'www.test.com', $url['host'] );
  675. $this->assertSame( '/test.php', $url['path'] );
  676. $ret = array();
  677. foreach (explode('&', $url['query']) as $line) {
  678. list($key,$val) = explode('=', $line, 2);
  679. $ret[$key] = urldecode($val);
  680. }
  681. $this->assertSame( 'id_res', $ret['openid.mode'] );
  682. $this->assertSame( 'http://www.test.com/test.php', $ret['openid.return_to'] );
  683. $this->assertTrue( isset($ret['openid.assoc_handle']) );
  684. $this->assertTrue( isset($ret['openid.response_nonce']) );
  685. $this->assertTrue( isset($ret['openid.signed']) );
  686. $this->assertTrue( isset($ret['openid.sig']) );
  687. $this->assertTrue( $storage->getAssociation($ret['openid.assoc_handle'], $macFunc, $secret, $expires) );
  688. $this->assertSame( 'sha1', $macFunc );
  689. // OpenID 2.0 with SHA256
  690. $_SERVER['SCRIPT_URI'] = "http://www.test.com/endpoint.php";
  691. $response = new OpenIDTest\ResponseHelper(true);
  692. $storage->addAssociation(self::HANDLE, "sha256", pack("H*", '0102030405060708091011121314151617181920212223242526272829303132'), time() + 3660);
  693. $this->assertTrue( $provider->respondToConsumer(array(
  694. 'openid_ns' => OpenID::NS_2_0,
  695. 'openid_assoc_handle' => self::HANDLE,
  696. 'openid_return_to' => 'http://www.test.com/test.php'
  697. ), null, $response) );
  698. $headers = $response->getHeaders();
  699. $this->assertSame( 'Location', $headers[0]['name'] );
  700. $url = parse_url($headers[0]['value']);
  701. $this->assertSame( 'www.test.com', $url['host'] );
  702. $this->assertSame( '/test.php', $url['path'] );
  703. $ret = array();
  704. foreach (explode('&', $url['query']) as $line) {
  705. list($key,$val) = explode('=', $line, 2);
  706. $ret[$key] = urldecode($val);
  707. }
  708. $this->assertSame( 'id_res', $ret['openid.mode'] );
  709. $this->assertSame( 'http://www.test.com/test.php', $ret['openid.return_to'] );
  710. $this->assertSame( self::HANDLE, $ret['openid.assoc_handle'] );
  711. $this->assertTrue( isset($ret['openid.response_nonce']) );
  712. $this->assertTrue( isset($ret['openid.signed']) );
  713. $this->assertTrue( isset($ret['openid.sig']) );
  714. $this->assertSame( OpenID::NS_2_0, $ret['openid.ns'] );
  715. $this->assertSame( "http://www.test.com/endpoint.php", $ret['openid.op_endpoint'] );
  716. $this->assertTrue( $storage->getAssociation(self::HANDLE, $macFunc, $secret, $expires) );
  717. $this->assertSame( 'sha256', $macFunc );
  718. $storage->delAssociation(self::HANDLE);
  719. // OpenID 1.1 with SHA1
  720. $storage->addAssociation(self::HANDLE, "sha1", pack("H*", '0102030405060708091011121314151617181920'), time() + 3660);
  721. $response = new OpenIDTest\ResponseHelper(true);
  722. $ret = $provider->respondToConsumer(array(
  723. 'openid_assoc_handle' => self::HANDLE,
  724. 'openid_return_to' => 'http://www.test.com/test.php',
  725. 'openid_claimed_id' => 'http://claimed_id/',
  726. 'openid_identity' => 'http://identity/',
  727. 'openid_unknown' => 'http://www.test.com/test.php',
  728. ), null, $response);
  729. $headers = $response->getHeaders();
  730. $this->assertSame( 'Location', $headers[0]['name'] );
  731. $url = parse_url($headers[0]['value']);
  732. $this->assertSame( 'www.test.com', $url['host'] );
  733. $this->assertSame( '/test.php', $url['path'] );
  734. $ret = array();
  735. foreach (explode('&', $url['query']) as $line) {
  736. list($key,$val) = explode('=', $line, 2);
  737. $ret[$key] = urldecode($val);
  738. }
  739. $this->assertSame( 'id_res', $ret['openid.mode'] );
  740. $this->assertSame( 'http://www.test.com/test.php', $ret['openid.return_to'] );
  741. $this->assertSame( self::HANDLE, $ret['openid.assoc_handle'] );
  742. $this->assertTrue( isset($ret['openid.response_nonce']) );
  743. $this->assertTrue( isset($ret['openid.signed']) );
  744. $this->assertTrue( isset($ret['openid.sig']) );
  745. $this->assertFalse( isset($ret['openid.ns']) );
  746. $this->assertFalse( isset($ret['openid.op_endpoint']) );
  747. $this->assertSame( 'http://claimed_id/', $ret['openid.claimed_id'] );
  748. $this->assertSame( 'http://identity/', $ret['openid.identity'] );
  749. $this->assertFalse( isset($ret['openid.unknown']) );
  750. $this->assertTrue( $storage->getAssociation(self::HANDLE, $macFunc, $secret, $expires) );
  751. $this->assertSame( 'sha1', $macFunc );
  752. $storage->delAssociation(self::HANDLE);
  753. // extensions
  754. $sreg = new Extension\Sreg(array("nickname"=>"test_id"));
  755. $response = new OpenIDTest\ResponseHelper(true);
  756. $this->assertTrue( $provider->respondToConsumer(array(
  757. 'openid_return_to' => 'http://www.test.com/test.php',
  758. ), $sreg, $response) );
  759. $headers = $response->getHeaders();
  760. $this->assertSame( 'Location', $headers[0]['name'] );
  761. $url = parse_url($headers[0]['value']);
  762. $this->assertSame( 'www.test.com', $url['host'] );
  763. $this->assertSame( '/test.php', $url['path'] );
  764. $ret = array();
  765. foreach (explode('&', $url['query']) as $line) {
  766. list($key,$val) = explode('=', $line, 2);
  767. $ret[$key] = urldecode($val);
  768. }
  769. $this->assertSame( 'test_id', $ret['openid.sreg.nickname'] );
  770. }
  771. /**
  772. * testing _checkId
  773. *
  774. */
  775. public function testCheckIdImmediate()
  776. {
  777. $_SERVER['SCRIPT_URI'] = "http://www.test.com/server.php";
  778. $storage = new Provider\Storage\File(dirname(__FILE__)."/_files/provider");
  779. $provider = new OpenIDTest\ProviderHelper(null, null, $this->_user, $storage);
  780. $provider->logout();
  781. // Wrong arguments (no openid.return_to and openid.trust_root)
  782. $response = new OpenIDTest\ResponseHelper(true);
  783. $this->assertFalse( $provider->handle(array(
  784. 'openid_mode'=>'checkid_immediate'),
  785. null, $response) );
  786. // Unexistent user
  787. $storage->delUser(self::USER);
  788. $response = new OpenIDTest\ResponseHelper(true);
  789. $this->assertTrue($provider->handle(array(
  790. 'openid_mode'=>'checkid_immediate',
  791. 'openid_identity'=>self::USER,
  792. 'openid_return_to'=>'http://www.test.com/test.php'),
  793. null, $response));
  794. $headers = $response->getHeaders();
  795. $this->assertSame( 'Location', $headers[0]['name'] );
  796. $this->assertSame( 'http://www.test.com/test.php?openid.mode=cancel', $headers[0]['value'] );
  797. // No openid_identity
  798. $response = new OpenIDTest\ResponseHelper(true);
  799. $this->assertTrue($provider->handle(array(
  800. 'openid_mode'=>'checkid_immediate',
  801. 'openid_return_to'=>'http://www.test.com/test.php'),
  802. null, $response));
  803. $headers = $response->getHeaders();
  804. $this->assertSame( 'Location', $headers[0]['name'] );
  805. $url = parse_url($headers[0]['value']);
  806. $this->assertSame( 'www.test.com', $url['host'] );
  807. $this->assertSame( '/test.php', $url['path'] );
  808. $query = array();
  809. foreach (explode('&', $url['query']) as $line) {
  810. list($key,$val) = explode('=', $line, 2);
  811. $query[$key] = urldecode($val);
  812. }
  813. $this->assertSame( 'id_res', $query['openid.mode'] );
  814. $url2 = parse_url($query['openid.user_setup_url']);
  815. $this->assertSame( 'www.test.com', $url2['host'] );
  816. $this->assertSame( '/server.php', $url2['path'] );
  817. $query2 = array();
  818. foreach (explode('&', $url2['query']) as $line) {
  819. list($key,$val) = explode('=', $line, 2);
  820. $query2[$key] = urldecode($val);
  821. }
  822. $this->assertSame( 'login', $query2['openid.action'] );
  823. $this->assertSame( 'checkid_setup', $query2['openid.mode'] );
  824. $this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
  825. // Non logged in user
  826. $provider->register(self::USER, self::PASSWORD);
  827. $response = new OpenIDTest\ResponseHelper(true);
  828. $this->assertTrue($provider->handle(array(
  829. 'openid_mode'=>'checkid_immediate',
  830. 'openid_identity'=>self::USER,
  831. 'openid_return_to'=>'http://www.test.com/test.php'),
  832. null, $response));
  833. $headers = $response->getHeaders();
  834. $this->assertSame( 'Location', $headers[0]['name'] );
  835. $url = parse_url($headers[0]['value']);
  836. $this->assertSame( 'www.test.com', $url['host'] );
  837. $this->assertSame( '/test.php', $url['path'] );
  838. $query = array();
  839. foreach (explode('&', $url['query']) as $line) {
  840. list($key,$val) = explode('=', $line, 2);
  841. $query[$key] = urldecode($val);
  842. }
  843. $this->assertSame( 'id_res', $query['openid.mode'] );
  844. $url2 = parse_url($query['openid.user_setup_url']);
  845. $this->assertSame( 'www.test.com', $url2['host'] );
  846. $this->assertSame( '/server.php', $url2['path'] );
  847. $query2 = array();
  848. foreach (explode('&', $url2['query']) as $line) {
  849. list($key,$val) = explode('=', $line, 2);
  850. $query2[$key] = urldecode($val);
  851. }
  852. $this->assertSame( 'login', $query2['openid.action'] );
  853. $this->assertSame( 'checkid_setup', $query2['openid.mode'] );
  854. $this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
  855. $this->assertSame( self::USER, $query2['openid.identity'] );
  856. // Non logged in user with SREG
  857. $provider->register(self::USER, self::PASSWORD);
  858. $response = new OpenIDTest\ResponseHelper(true);
  859. $this->assertTrue($provider->handle(array(
  860. 'openid_mode'=>'checkid_immediate',
  861. 'openid_identity'=>self::USER,
  862. 'openid_return_to'=>'http://www.test.com/test.php',
  863. 'openid_ns_sreg'=>Extension\Sreg::NAMESPACE_1_1,
  864. 'openid_sreg_required'=>'nickname'),
  865. null, $response));
  866. $headers = $response->getHeaders();
  867. $this->assertSame( 'Location', $headers[0]['name'] );
  868. $url = parse_url($headers[0]['value']);
  869. $this->assertSame( 'www.test.com', $url['host'] );
  870. $this->assertSame( '/test.php', $url['path'] );
  871. $query = array();
  872. foreach (explode('&', $url['query']) as $line) {
  873. list($key,$val) = explode('=', $line, 2);
  874. $query[$key] = urldecode($val);
  875. }
  876. $this->assertSame( 'id_res', $query['openid.mode'] );
  877. $url2 = parse_url($query['openid.user_setup_url']);
  878. $this->assertSame( 'www.test.com', $url2['host'] );
  879. $this->assertSame( '/server.php', $url2['path'] );
  880. $query2 = array();
  881. foreach (explode('&', $url2['query']) as $line) {
  882. list($key,$val) = explode('=', $line, 2);
  883. $query2[$key] = urldecode($val);
  884. }
  885. $this->assertSame( 'login', $query2['openid.action'] );
  886. $this->assertSame( 'checkid_setup', $query2['openid.mode'] );
  887. $this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
  888. $this->assertSame( self::USER, $query2['openid.identity'] );
  889. $this->assertSame( Extension\Sreg::NAMESPACE_1_1, $query2['openid.ns.sreg'] );
  890. $this->assertSame( "nickname", $query2['openid.sreg.required'] );
  891. // Logged in user (unknown site)
  892. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  893. $response = new OpenIDTest\ResponseHelper(true);
  894. $this->assertTrue($provider->handle(array(
  895. 'openid_mode'=>'checkid_immediate',
  896. 'openid_identity'=>self::USER,
  897. 'openid_return_to'=>'http://www.test.com/test.php'),
  898. null, $response));
  899. $headers = $response->getHeaders();
  900. $this->assertSame( 'Location', $headers[0]['name'] );
  901. $url = parse_url($headers[0]['value']);
  902. $this->assertSame( 'www.test.com', $url['host'] );
  903. $this->assertSame( '/test.php', $url['path'] );
  904. $query = array();
  905. foreach (explode('&', $url['query']) as $line) {
  906. list($key,$val) = explode('=', $line, 2);
  907. $query[$key] = urldecode($val);
  908. }
  909. $this->assertSame( 'id_res', $query['openid.mode'] );
  910. $url2 = parse_url($query['openid.user_setup_url']);
  911. $this->assertSame( 'www.test.com', $url2['host'] );
  912. $this->assertSame( '/server.php', $url2['path'] );
  913. $query2 = array();
  914. foreach (explode('&', $url2['query']) as $line) {
  915. list($key,$val) = explode('=', $line, 2);
  916. $query2[$key] = urldecode($val);
  917. }
  918. $this->assertSame( 'trust', $query2['openid.action'] );
  919. $this->assertSame( 'checkid_setup', $query2['openid.mode'] );
  920. $this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
  921. $this->assertSame( self::USER, $query2['openid.identity'] );
  922. // Logged in user (unknown site 2)
  923. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  924. $this->assertTrue( $provider->allowSite('http://www.test.com/test1.php') );
  925. $response = new OpenIDTest\ResponseHelper(true);
  926. $this->assertTrue($provider->handle(array(
  927. 'openid_mode'=>'checkid_immediate',
  928. 'openid_identity'=>self::USER,
  929. 'openid_return_to'=>'http://www.test.com/test.php'),
  930. null, $response));
  931. $headers = $response->getHeaders();
  932. $this->assertSame( 'Location', $headers[0]['name'] );
  933. $url = parse_url($headers[0]['value']);
  934. $this->assertSame( 'www.test.com', $url['host'] );
  935. $this->assertSame( '/test.php', $url['path'] );
  936. $query = array();
  937. foreach (explode('&', $url['query']) as $line) {
  938. list($key,$val) = explode('=', $line, 2);
  939. $query[$key] = urldecode($val);
  940. }
  941. $this->assertSame( 'id_res', $query['openid.mode'] );
  942. $url2 = parse_url($query['openid.user_setup_url']);
  943. $this->assertSame( 'www.test.com', $url2['host'] );
  944. $this->assertSame( '/server.php', $url2['path'] );
  945. $query2 = array();
  946. foreach (explode('&', $url2['query']) as $line) {
  947. list($key,$val) = explode('=', $line, 2);
  948. $query2[$key] = urldecode($val);
  949. }
  950. $this->assertSame( 'trust', $query2['openid.action'] );
  951. $this->assertSame( 'checkid_setup', $query2['openid.mode'] );
  952. $this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
  953. $this->assertSame( self::USER, $query2['openid.identity'] );
  954. // Logged in user (unknown site + SREG)
  955. $response = new OpenIDTest\ResponseHelper(true);
  956. $this->assertTrue( $provider->delSite('http://www.test.com/test1.php') );
  957. $this->assertTrue($provider->handle(array(
  958. 'openid_mode'=>'checkid_immediate',
  959. 'openid_identity'=>self::USER,
  960. 'openid_return_to'=>'http://www.test.com/test.php',
  961. 'openid_ns_sreg'=>Extension\Sreg::NAMESPACE_1_1,
  962. 'openid_sreg_required'=>'nickname'),
  963. null, $response));
  964. $headers = $response->getHeaders();
  965. $this->assertSame( 'Location', $headers[0]['name'] );
  966. $url = parse_url($headers[0]['value']);
  967. $this->assertSame( 'www.test.com', $url['host'] );
  968. $this->assertSame( '/test.php', $url['path'] );
  969. $query = array();
  970. foreach (explode('&', $url['query']) as $line) {
  971. list($key,$val) = explode('=', $line, 2);
  972. $query[$key] = urldecode($val);
  973. }
  974. $this->assertSame( 'id_res', $query['openid.mode'] );
  975. $url2 = parse_url($query['openid.user_setup_url']);
  976. $this->assertSame( 'www.test.com', $url2['host'] );
  977. $this->assertSame( '/server.php', $url2['path'] );
  978. $query2 = array();
  979. foreach (explode('&', $url2['query']) as $line) {
  980. list($key,$val) = explode('=', $line, 2);
  981. $query2[$key] = urldecode($val);
  982. }
  983. $this->assertSame( 'trust', $query2['openid.action'] );
  984. $this->assertSame( 'checkid_setup', $query2['openid.mode'] );
  985. $this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
  986. $this->assertSame( self::USER, $query2['openid.identity'] );
  987. $this->assertSame( Extension\Sreg::NAMESPACE_1_1, $query2['openid.ns.sreg'] );
  988. $this->assertSame( "nickname", $query2['openid.sreg.required'] );
  989. // Logged in user (untrusted site)
  990. $this->assertTrue( $provider->denySite('http://www.test.com') );
  991. $response = new OpenIDTest\ResponseHelper(true);
  992. $this->assertTrue($provider->handle(array(
  993. 'openid_mode'=>'checkid_immediate',
  994. 'openid_identity'=>self::USER,
  995. 'openid_return_to'=>'http://www.test.com/test.php'),
  996. null, $response));
  997. $headers = $response->getHeaders();
  998. $this->assertSame( 'Location', $headers[0]['name'] );
  999. $this->assertSame( 'http://www.test.com/test.php?openid.mode=cancel', $headers[0]['value'] );

Large files files are truncated, but you can click here to view the full file