PageRenderTime 53ms CodeModel.GetById 17ms RepoModel.GetById 1ms app.codeStats 0ms

/tests/Zend/OpenId/ProviderTest.php

https://bitbucket.org/dbaltas/zend-framework-1.x-on-git
PHP | 1645 lines | 1344 code | 124 blank | 177 comment | 14 complexity | 7fc4d817b547af1206c708c7bf6bab3f MD5 | raw file
Possible License(s): BSD-3-Clause, LGPL-2.0, MIT

Large files files are truncated, but you can click here to view the full file

  1. <?php
  2. /**
  3. * Zend Framework
  4. *
  5. * LICENSE
  6. *
  7. * This source file is subject to the new BSD license that is bundled
  8. * with this package in the file LICENSE.txt.
  9. * It is also available through the world-wide-web at this URL:
  10. * http://framework.zend.com/license/new-bsd
  11. * If you did not receive a copy of the license and are unable to
  12. * obtain it through the world-wide-web, please send an email
  13. * to license@zend.com so we can send you a copy immediately.
  14. *
  15. * @category Zend
  16. * @package Zend_OpenId
  17. * @subpackage UnitTests
  18. * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
  19. * @license http://framework.zend.com/license/new-bsd New BSD License
  20. * @version $Id: ProviderTest.php 24593 2012-01-05 20:35:02Z matthew $
  21. */
  22. /**
  23. * Zend_OpenId
  24. */
  25. require_once 'Zend/OpenId/Provider.php';
  26. /**
  27. * Zend_OpenId_ResponseHelper
  28. */
  29. require_once 'Zend/OpenId/ResponseHelper.php';
  30. /**
  31. * @see Zend_OpenId_Provider_User_Session
  32. */
  33. require_once 'Zend/OpenId/Provider/User/Session.php';
  34. /**
  35. * @category Zend
  36. * @package Zend_OpenId
  37. * @subpackage UnitTests
  38. * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
  39. * @license http://framework.zend.com/license/new-bsd New BSD License
  40. * @group Zend_OpenId
  41. */
  42. class Zend_OpenId_ProviderTest extends PHPUnit_Framework_TestCase
  43. {
  44. const USER = "http://test_user.myopenid.com/";
  45. const PASSWORD = "01234567890abcdef";
  46. const HANDLE = "01234567890abcdef";
  47. private $_user;
  48. public function __construct($name = NULL, array $data = array(), $dataName = '')
  49. {
  50. parent::__construct($name, $data, $dataName);
  51. $this->_user = new Zend_OpenId_Provider_User_Session();
  52. }
  53. /**
  54. * testing register
  55. *
  56. */
  57. public function testRegister()
  58. {
  59. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  60. $storage->delUser(self::USER);
  61. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  62. $this->assertFalse( $storage->checkUser(self::USER, self::PASSWORD) );
  63. // wrong ID
  64. $this->assertFalse( $provider->register("", self::PASSWORD) );
  65. // registration of new user
  66. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  67. // registration of existent user
  68. $this->assertFalse( $provider->register(self::USER, self::PASSWORD) );
  69. $this->assertTrue( $storage->checkUser(self::USER, md5(self::USER . self::PASSWORD)) );
  70. $storage->delUser(self::USER);
  71. }
  72. /**
  73. * testing hasUser
  74. *
  75. */
  76. public function testHasUser()
  77. {
  78. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  79. $storage->delUser(self::USER);
  80. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  81. // wrong ID
  82. $this->assertFalse( $provider->hasUser("") );
  83. $this->assertFalse( $provider->hasUser("http://:80/test") );
  84. // check for non existent
  85. $this->assertFalse( $provider->hasUser(self::USER) );
  86. // check for existent user
  87. $this->assertTrue( $storage->addUser(self::USER, self::PASSWORD) );
  88. $this->assertTrue( $provider->hasUser(self::USER) );
  89. $storage->delUser(self::USER);
  90. }
  91. /**
  92. * testing login
  93. *
  94. */
  95. public function testLogin()
  96. {
  97. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  98. $storage->delUser(self::USER);
  99. $this->_user->delLoggedInUser();
  100. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  101. // wrong ID
  102. $this->assertFalse( $provider->login("", self::PASSWORD) );
  103. $this->assertFalse( $this->_user->getLoggedInUser() );
  104. $this->assertFalse( $provider->login("http://:80/test", self::PASSWORD) );
  105. $this->assertFalse( $this->_user->getLoggedInUser() );
  106. // login as non existent user
  107. $this->assertFalse( $provider->login(self::USER, self::PASSWORD) );
  108. $this->assertFalse( $this->_user->getLoggedInUser() );
  109. // login as existent user with wrong password
  110. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  111. $this->assertFalse( $provider->login(self::USER, self::PASSWORD . "x") );
  112. $this->assertFalse( $this->_user->getLoggedInUser() );
  113. // login as existent user with proper password
  114. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  115. $this->assertSame( self::USER, $this->_user->getLoggedInUser() );
  116. $storage->delUser(self::USER);
  117. $this->_user->delLoggedInUser();
  118. }
  119. /**
  120. * testing logout
  121. *
  122. */
  123. public function testLogout()
  124. {
  125. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  126. $storage->delUser(self::USER);
  127. $this->_user->delLoggedInUser();
  128. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  129. $this->assertFalse( $this->_user->getLoggedInUser() );
  130. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  131. $this->assertFalse( $this->_user->getLoggedInUser() );
  132. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  133. $this->assertSame( self::USER, $this->_user->getLoggedInUser() );
  134. $this->assertTrue( $provider->logout() );
  135. $this->assertFalse( $this->_user->getLoggedInUser() );
  136. $storage->delUser(self::USER);
  137. $this->_user->delLoggedInUser();
  138. }
  139. /**
  140. * testing logout
  141. *
  142. */
  143. public function testLoggedInUser()
  144. {
  145. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  146. $storage->delUser(self::USER);
  147. $this->_user->delLoggedInUser();
  148. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  149. $this->assertFalse( $provider->getLoggedInUser() );
  150. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  151. $this->assertFalse( $provider->getLoggedInUser() );
  152. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  153. $this->assertSame( self::USER, $this->_user->getLoggedInUser() );
  154. $this->assertTrue( $provider->logout() );
  155. $this->assertFalse( $provider->getLoggedInUser() );
  156. $storage->delUser(self::USER);
  157. $this->_user->delLoggedInUser();
  158. }
  159. /**
  160. * testing getSiteRoot
  161. *
  162. */
  163. public function testGetSiteRoot()
  164. {
  165. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  166. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  167. $params = array(
  168. 'openid_realm' => "http://wrong/",
  169. 'openid_trust_root' => "http://root/",
  170. 'openid_return_to' => "http://wrong/",
  171. );
  172. $this->assertSame( "http://root/", $provider->getSiteRoot($params) );
  173. $params = array(
  174. 'openid_realm' => "http://wrong/",
  175. 'openid_return_to' => "http://root/",
  176. );
  177. $this->assertSame( "http://root/", $provider->getSiteRoot($params) );
  178. $params = array(
  179. 'openid_realm' => "http://wrong/",
  180. );
  181. $this->assertFalse( $provider->getSiteRoot($params) );
  182. $params = array(
  183. 'openid_ns' => Zend_OpenId::NS_2_0,
  184. 'openid_realm' => "http://root/",
  185. 'openid_trust_root' => "http://wrong/",
  186. 'openid_return_to' => "http://wrong/",
  187. );
  188. $this->assertSame( "http://root/", $provider->getSiteRoot($params) );
  189. $params = array(
  190. 'openid_ns' => Zend_OpenId::NS_2_0,
  191. 'openid_trust_root' => "http://wrong/",
  192. 'openid_return_to' => "http://root/",
  193. );
  194. $this->assertSame( "http://root/", $provider->getSiteRoot($params) );
  195. $params = array(
  196. 'openid_ns' => Zend_OpenId::NS_2_0,
  197. 'openid_return_to' => "http://root/",
  198. );
  199. $this->assertSame( "http://root/", $provider->getSiteRoot($params) );
  200. $params = array(
  201. 'openid_ns' => Zend_OpenId::NS_2_0,
  202. );
  203. $this->assertFalse( $provider->getSiteRoot($params) );
  204. $params = array(
  205. 'openid_trust_root' => "",
  206. );
  207. $this->assertFalse( $provider->getSiteRoot($params) );
  208. }
  209. /**
  210. * testing allowSite
  211. *
  212. */
  213. public function testAllowSite()
  214. {
  215. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  216. $storage->delUser(self::USER);
  217. $this->_user->delLoggedInUser();
  218. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  219. // not logged in
  220. $this->assertFalse( $provider->allowSite("http://www.test.com/") );
  221. // logged in
  222. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  223. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  224. $this->assertTrue( $provider->allowSite("http://www.test.com/") );
  225. $trusted = $storage->getTrustedSites(self::USER);
  226. $this->assertTrue( is_array($trusted) );
  227. $this->assertSame( 1, count($trusted) );
  228. reset($trusted);
  229. $this->assertSame( "http://www.test.com/", key($trusted) );
  230. $this->assertSame( true, current($trusted) );
  231. // duplicate
  232. $this->assertTrue( $provider->allowSite("http://www.test.com/") );
  233. $trusted = $storage->getTrustedSites(self::USER);
  234. $this->assertTrue( is_array($trusted) );
  235. $this->assertSame( 1, count($trusted) );
  236. reset($trusted);
  237. $this->assertSame( "http://www.test.com/", key($trusted) );
  238. $this->assertSame( true, current($trusted) );
  239. // extensions
  240. $sreg = new Zend_OpenId_Extension_Sreg(array("nickname"=>"test_id"));
  241. $this->assertTrue( $provider->allowSite("http://www.test.com/", $sreg) );
  242. $trusted = $storage->getTrustedSites(self::USER);
  243. $this->assertTrue( is_array($trusted) );
  244. $this->assertSame( 1, count($trusted) );
  245. reset($trusted);
  246. $this->assertSame( "http://www.test.com/", key($trusted) );
  247. $this->assertSame( array('Zend_OpenId_Extension_Sreg'=>array('nickname'=>'test_id')), current($trusted) );
  248. $this->_user->delLoggedInUser();
  249. $storage->delUser(self::USER);
  250. }
  251. /**
  252. * testing denySite
  253. *
  254. */
  255. public function testDenySite()
  256. {
  257. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  258. $storage->delUser(self::USER);
  259. $this->_user->delLoggedInUser();
  260. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  261. $sreg = new Zend_OpenId_Extension_Sreg(array("nickname"=>"test_id"));
  262. // not logged in
  263. $this->assertFalse( $provider->denySite("http://www.test.com/") );
  264. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  265. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  266. $this->assertTrue( $provider->allowSite("http://www.test1.com/") );
  267. $this->assertTrue( $provider->allowSite("http://www.test2.com/", $sreg) );
  268. $this->AssertSame( array(
  269. 'http://www.test1.com/' => true,
  270. 'http://www.test2.com/' => array(
  271. 'Zend_OpenId_Extension_Sreg' => array(
  272. 'nickname' => 'test_id'
  273. )
  274. )
  275. ),
  276. $storage->getTrustedSites(self::USER) );
  277. $this->assertTrue( $provider->denySite("http://www.test3.com/") );
  278. $this->AssertSame( array(
  279. 'http://www.test1.com/' => true,
  280. 'http://www.test2.com/' => array(
  281. 'Zend_OpenId_Extension_Sreg' => array(
  282. 'nickname' => 'test_id'
  283. )
  284. ),
  285. 'http://www.test3.com/' => false
  286. ),
  287. $storage->getTrustedSites(self::USER) );
  288. $this->assertTrue( $provider->denySite("http://www.test1.com/") );
  289. $this->AssertSame( array(
  290. 'http://www.test1.com/' => false,
  291. 'http://www.test2.com/' => array(
  292. 'Zend_OpenId_Extension_Sreg' => array(
  293. 'nickname' => 'test_id'
  294. )
  295. ),
  296. 'http://www.test3.com/' => false
  297. ),
  298. $storage->getTrustedSites(self::USER) );
  299. $this->assertTrue( $provider->denySite("http://www.test2.com/") );
  300. $this->AssertSame( array(
  301. 'http://www.test1.com/' => false,
  302. 'http://www.test2.com/' => false,
  303. 'http://www.test3.com/' => false
  304. ),
  305. $storage->getTrustedSites(self::USER) );
  306. $this->_user->delLoggedInUser();
  307. $storage->delUser(self::USER);
  308. }
  309. /**
  310. * testing delSite
  311. *
  312. */
  313. public function testDelSite()
  314. {
  315. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  316. $storage->delUser(self::USER);
  317. $this->_user->delLoggedInUser();
  318. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  319. $sreg = new Zend_OpenId_Extension_Sreg(array("nickname"=>"test_id"));
  320. // not logged in
  321. $this->assertFalse( $provider->delSite("http://www.test.com/") );
  322. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  323. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  324. $this->assertTrue( $provider->allowSite("http://www.test1.com/") );
  325. $this->assertTrue( $provider->allowSite("http://www.test2.com/", $sreg) );
  326. $this->AssertSame( array(
  327. 'http://www.test1.com/' => true,
  328. 'http://www.test2.com/' => array(
  329. 'Zend_OpenId_Extension_Sreg' => array(
  330. 'nickname' => 'test_id'
  331. )
  332. )
  333. ),
  334. $storage->getTrustedSites(self::USER) );
  335. $this->assertTrue( $provider->delSite("http://www.test3.com/") );
  336. $this->AssertSame( array(
  337. 'http://www.test1.com/' => true,
  338. 'http://www.test2.com/' => array(
  339. 'Zend_OpenId_Extension_Sreg' => array(
  340. 'nickname' => 'test_id'
  341. )
  342. )
  343. ),
  344. $storage->getTrustedSites(self::USER) );
  345. $this->assertTrue( $provider->delSite("http://www.test1.com/") );
  346. $this->AssertSame( array(
  347. 'http://www.test2.com/' => array(
  348. 'Zend_OpenId_Extension_Sreg' => array(
  349. 'nickname' => 'test_id'
  350. )
  351. )
  352. ),
  353. $storage->getTrustedSites(self::USER) );
  354. $this->assertTrue( $provider->delSite("http://www.test2.com/") );
  355. $this->AssertSame( array(
  356. ),
  357. $storage->getTrustedSites(self::USER) );
  358. $this->_user->delLoggedInUser();
  359. $storage->delUser(self::USER);
  360. }
  361. /**
  362. * testing getTrustedSites
  363. *
  364. */
  365. public function testGetTrustedSites()
  366. {
  367. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  368. $storage->delUser(self::USER);
  369. $this->_user->delLoggedInUser();
  370. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  371. $sreg = new Zend_OpenId_Extension_Sreg(array("nickname"=>"test_id"));
  372. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  373. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  374. $this->assertTrue( $provider->allowSite("http://www.test1.com/") );
  375. $this->assertTrue( $provider->allowSite("http://www.test2.com/", $sreg) );
  376. $this->AssertSame( array(
  377. 'http://www.test1.com/' => true,
  378. 'http://www.test2.com/' => array(
  379. 'Zend_OpenId_Extension_Sreg' => array(
  380. 'nickname' => 'test_id'
  381. )
  382. )
  383. ),
  384. $provider->getTrustedSites() );
  385. $this->_user->delLoggedInUser();
  386. $this->AssertFalse( $provider->getTrustedSites() );
  387. $storage->delUser(self::USER);
  388. }
  389. /**
  390. * testing genSecret
  391. *
  392. */
  393. public function testGenSecret()
  394. {
  395. $provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider"));
  396. // SHA1
  397. $x = $provider->genSecret("sha1");
  398. $this->assertTrue( is_string($x) );
  399. $this->assertSame( 20, strlen($x) );
  400. // SHA256
  401. $x = $provider->genSecret("sha256");
  402. $this->assertTrue( is_string($x) );
  403. $this->assertSame( 32, strlen($x) );
  404. // invalid function
  405. $this->assertFalse( $provider->genSecret("md5") );
  406. }
  407. /**
  408. * testing _associate
  409. *
  410. */
  411. public function testAssociate()
  412. {
  413. try {
  414. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  415. $provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, $storage);
  416. // Wrong assoc_type
  417. $ret = $provider->handle(array('openid_mode'=>'associate'));
  418. $res = array();
  419. foreach (explode("\n", $ret) as $line) {
  420. if (!empty($line)) {
  421. list($key, $val) = explode(":", $line, 2);
  422. $res[$key] = $val;
  423. }
  424. }
  425. $this->assertSame( 'unsupported-type', $res['error-code'] );
  426. // Wrong assoc_type (OpenID 2.0)
  427. $ret = $provider->handle(array('openid_ns'=>Zend_OpenId::NS_2_0,
  428. 'openid_mode'=>'associate'));
  429. $res = array();
  430. foreach (explode("\n", $ret) as $line) {
  431. if (!empty($line)) {
  432. list($key, $val) = explode(":", $line, 2);
  433. $res[$key] = $val;
  434. }
  435. }
  436. $this->assertSame( Zend_OpenId::NS_2_0, $res['ns'] );
  437. $this->assertSame( 'unsupported-type', $res['error-code'] );
  438. // Wrong session_type
  439. $ret = $provider->handle(array('openid_mode'=>'associate',
  440. 'openid_assoc_type'=>'HMAC-SHA1',
  441. 'openid_session_type'=>'DH-SHA257'));
  442. $res = array();
  443. foreach (explode("\n", $ret) as $line) {
  444. if (!empty($line)) {
  445. list($key, $val) = explode(":", $line, 2);
  446. $res[$key] = $val;
  447. }
  448. }
  449. $this->assertSame( 'unsupported-type', $res['error-code'] );
  450. // Associaation without encryption
  451. $ret = $provider->handle(array('openid_assoc_type'=>'HMAC-SHA1',
  452. 'openid_mode'=>'associate'));
  453. $res = array();
  454. foreach (explode("\n", $ret) as $line) {
  455. if (!empty($line)) {
  456. list($key, $val) = explode(":", $line, 2);
  457. $res[$key] = $val;
  458. }
  459. }
  460. $this->assertSame( 'HMAC-SHA1', $res['assoc_type'] );
  461. $this->assertTrue( isset($res['mac_key']) );
  462. $this->assertSame( 20, strlen(base64_decode($res['mac_key'])) );
  463. $this->assertTrue( isset($res['assoc_handle']) );
  464. $this->assertSame( '3600', $res['expires_in'] );
  465. $this->assertFalse( isset($res['session_type']) );
  466. $this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
  467. $this->assertSame( 'sha1', $macFunc );
  468. $this->assertSame( bin2hex(base64_decode($res['mac_key'])), bin2hex($secret) );
  469. // Associaation without encryption (OpenID 2.0)
  470. $ret = $provider->handle(array('openid_ns'=>Zend_OpenId::NS_2_0,
  471. 'openid_assoc_type'=>'HMAC-SHA256',
  472. 'openid_mode'=>'associate'));
  473. $res = array();
  474. foreach (explode("\n", $ret) as $line) {
  475. if (!empty($line)) {
  476. list($key, $val) = explode(":", $line, 2);
  477. $res[$key] = $val;
  478. }
  479. }
  480. $this->assertSame( Zend_OpenId::NS_2_0, $res['ns'] );
  481. $this->assertSame( 'HMAC-SHA256', $res['assoc_type'] );
  482. $this->assertTrue( isset($res['mac_key']) );
  483. $this->assertSame( 32, strlen(base64_decode($res['mac_key'])) );
  484. $this->assertTrue( isset($res['assoc_handle']) );
  485. $this->assertSame( '3600', $res['expires_in'] );
  486. $this->assertFalse( isset($res['session_type']) );
  487. $this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
  488. $this->assertSame( 'sha256', $macFunc );
  489. $this->assertSame( bin2hex(base64_decode($res['mac_key'])), bin2hex($secret) );
  490. // Associaation without encryption (OpenID 2.0)
  491. $ret = $provider->handle(array('openid_ns'=>Zend_OpenId::NS_2_0,
  492. 'openid_assoc_type'=>'HMAC-SHA256',
  493. 'openid_mode'=>'associate',
  494. 'openid_session_type'=>'no-encryption'));
  495. $res = array();
  496. foreach (explode("\n", $ret) as $line) {
  497. if (!empty($line)) {
  498. list($key, $val) = explode(":", $line, 2);
  499. $res[$key] = $val;
  500. }
  501. }
  502. $this->assertSame( Zend_OpenId::NS_2_0, $res['ns'] );
  503. $this->assertSame( 'HMAC-SHA256', $res['assoc_type'] );
  504. $this->assertTrue( isset($res['mac_key']) );
  505. $this->assertSame( 32, strlen(base64_decode($res['mac_key'])) );
  506. $this->assertTrue( isset($res['assoc_handle']) );
  507. $this->assertSame( '3600', $res['expires_in'] );
  508. $this->assertSame( 'no-encryption', $res['session_type'] );
  509. $this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
  510. $this->assertSame( 'sha256', $macFunc );
  511. $this->assertSame( bin2hex(base64_decode($res['mac_key'])), bin2hex($secret) );
  512. // Associaation with DH-SHA1 encryption
  513. $ret = $provider->handle(array('openid_assoc_type'=>'HMAC-SHA1',
  514. 'openid_mode'=>'associate',
  515. 'openid_session_type'=>'DH-SHA1',
  516. 'openid_dh_modulus'=>'ANz5OguIOXLsDhmYmsWizjEOHTdxfo2Vcbt2I3MYZuYe91ouJ4mLBX+YkcLiemOcPym2CBRYHNOyyjmG0mg3BVd9RcLn5S3IHHoXGHblzqdLFEi/368Ygo79JRnxTkXjgmY0rxlJ5bU1zIKaSDuKdiI+XUkKJX8Fvf8W8vsixYOr',
  517. 'openid_dh_gen'=>'Ag==',
  518. 'openid_dh_consumer_public'=>'RqexRm+Zn5s3sXxFBjI9WfCOBwBDDQBKPzX4fjMGl3YEJh5tx8SVo7awgwuqsliR+nvjmRh5kSFIGv8YSCsy88v1CcAfWUGfjehO9euxQcXOYJnNGbl6GQrE2FYe2RCvML4Yi8eYCYtCQi0wlDE7BJXGSVPXFzj/ru0lR/voPpk=',
  519. ));
  520. $res = array();
  521. foreach (explode("\n", $ret) as $line) {
  522. if (!empty($line)) {
  523. list($key, $val) = explode(":", $line, 2);
  524. $res[$key] = $val;
  525. }
  526. }
  527. $this->assertSame( 'HMAC-SHA1', $res['assoc_type'] );
  528. $this->assertSame( 'DH-SHA1', $res['session_type'] );
  529. $this->assertTrue( isset($res['dh_server_public']) );
  530. $this->assertTrue( isset($res['enc_mac_key']) );
  531. $this->assertSame( 20, strlen(base64_decode($res['enc_mac_key'])) );
  532. $this->assertTrue( isset($res['assoc_handle']) );
  533. $this->assertSame( '3600', $res['expires_in'] );
  534. $this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
  535. $this->assertSame( 'sha1', $macFunc );
  536. // Associaation with DH-SHA256 encryption (OpenID 2.0)
  537. $ret = $provider->handle(array('openid_ns'=>Zend_OpenId::NS_2_0,
  538. 'openid_assoc_type'=>'HMAC-SHA256',
  539. 'openid_mode'=>'associate',
  540. 'openid_session_type'=>'DH-SHA256',
  541. 'openid_dh_modulus'=>'ANz5OguIOXLsDhmYmsWizjEOHTdxfo2Vcbt2I3MYZuYe91ouJ4mLBX+YkcLiemOcPym2CBRYHNOyyjmG0mg3BVd9RcLn5S3IHHoXGHblzqdLFEi/368Ygo79JRnxTkXjgmY0rxlJ5bU1zIKaSDuKdiI+XUkKJX8Fvf8W8vsixYOr',
  542. 'openid_dh_gen'=>'Ag==',
  543. 'openid_dh_consumer_public'=>'RqexRm+Zn5s3sXxFBjI9WfCOBwBDDQBKPzX4fjMGl3YEJh5tx8SVo7awgwuqsliR+nvjmRh5kSFIGv8YSCsy88v1CcAfWUGfjehO9euxQcXOYJnNGbl6GQrE2FYe2RCvML4Yi8eYCYtCQi0wlDE7BJXGSVPXFzj/ru0lR/voPpk=',
  544. ));
  545. $res = array();
  546. foreach (explode("\n", $ret) as $line) {
  547. if (!empty($line)) {
  548. list($key, $val) = explode(":", $line, 2);
  549. $res[$key] = $val;
  550. }
  551. }
  552. $this->assertSame( 'HMAC-SHA256', $res['assoc_type'] );
  553. $this->assertSame( 'DH-SHA256', $res['session_type'] );
  554. $this->assertTrue( isset($res['dh_server_public']) );
  555. $this->assertTrue( isset($res['enc_mac_key']) );
  556. $this->assertSame( 32, strlen(base64_decode($res['enc_mac_key'])) );
  557. $this->assertTrue( isset($res['assoc_handle']) );
  558. $this->assertSame( '3600', $res['expires_in'] );
  559. $this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
  560. $this->assertSame( 'sha256', $macFunc );
  561. } catch (Zend_OpenId_Exception $e) {
  562. $this->markTestSkipped($e->getMessage());
  563. }
  564. }
  565. /**
  566. * testing _checkAuthentication
  567. *
  568. */
  569. public function testCheckAuthentication()
  570. {
  571. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  572. $provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, $storage);
  573. // Wrong arguments
  574. $ret = $provider->handle(array('openid_mode'=>'check_authentication'));
  575. $res = array();
  576. foreach (explode("\n", $ret) as $line) {
  577. if (!empty($line)) {
  578. list($key, $val) = explode(":", $line, 2);
  579. $res[$key] = $val;
  580. }
  581. }
  582. $this->assertSame( 'id_res', $res['openid.mode'] );
  583. $this->assertSame( 'false', $res['is_valid'] );
  584. // Wrong arguments (OpenID 2.0)
  585. $ret = $provider->handle(array('openid_ns'=>Zend_OpenId::NS_2_0,
  586. 'openid_mode'=>'check_authentication'));
  587. $res = array();
  588. foreach (explode("\n", $ret) as $line) {
  589. if (!empty($line)) {
  590. list($key, $val) = explode(":", $line, 2);
  591. $res[$key] = $val;
  592. }
  593. }
  594. $this->assertSame( Zend_OpenId::NS_2_0, $res['ns'] );
  595. $this->assertSame( 'id_res', $res['openid.mode'] );
  596. $this->assertSame( 'false', $res['is_valid'] );
  597. // Wrong session id
  598. $storage->delAssociation(self::HANDLE);
  599. $ret = $provider->handle(array('openid_mode'=>'check_authentication',
  600. 'openid_assoc_handle'=>self::HANDLE));
  601. $res = array();
  602. foreach (explode("\n", $ret) as $line) {
  603. if (!empty($line)) {
  604. list($key, $val) = explode(":", $line, 2);
  605. $res[$key] = $val;
  606. }
  607. }
  608. $this->assertSame( 'id_res', $res['openid.mode'] );
  609. $this->assertSame( 'false', $res['is_valid'] );
  610. // Proper session signed with HAMC-SHA256
  611. $storage->addAssociation(self::HANDLE, "sha1", pack("H*", '0102030405060708091011121314151617181920'), time() + 3660);
  612. $ret = $provider->handle(array('openid_mode'=>'check_authentication',
  613. 'openid_assoc_handle'=>self::HANDLE,
  614. 'openid_signed'=>'mode,assoc_handle,signed',
  615. 'openid_sig'=>'IgLZCOXmEPowYl6yyFZjYL4ZTtQ='));
  616. $res = array();
  617. foreach (explode("\n", $ret) as $line) {
  618. if (!empty($line)) {
  619. list($key, $val) = explode(":", $line, 2);
  620. $res[$key] = $val;
  621. }
  622. }
  623. $this->assertSame( 'id_res', $res['openid.mode'] );
  624. $this->assertSame( 'true', $res['is_valid'] );
  625. // Proper session signed with HAMC-SHA256
  626. $storage->delAssociation(self::HANDLE);
  627. $storage->addAssociation(self::HANDLE, "sha256", pack("H*", '0102030405060708091011121314151617181920212223242526272829303132'), time() + 3660);
  628. $ret = $provider->handle(array('openid_mode'=>'check_authentication',
  629. 'openid_assoc_handle'=>self::HANDLE,
  630. 'openid_signed'=>'mode,assoc_handle,signed',
  631. 'openid_sig'=>'xoJcXj30L1N7QRir7I2ovop1SaijXnAI97X/yH+kvck='));
  632. $res = array();
  633. foreach (explode("\n", $ret) as $line) {
  634. if (!empty($line)) {
  635. list($key, $val) = explode(":", $line, 2);
  636. $res[$key] = $val;
  637. }
  638. }
  639. $this->assertSame( 'id_res', $res['openid.mode'] );
  640. $this->assertSame( 'true', $res['is_valid'] );
  641. // Wrong signature
  642. $storage->delAssociation(self::HANDLE);
  643. $storage->addAssociation(self::HANDLE, "sha256", pack("H*", '0102030405060708091011121314151617181920212223242526272829303132'), time() + 3660);
  644. $ret = $provider->handle(array('openid_ns'=>Zend_OpenId::NS_2_0,
  645. 'openid_mode'=>'check_authentication',
  646. 'openid_assoc_handle'=>self::HANDLE,
  647. 'openid_signed'=>'ns,mode,assoc_handle,signed',
  648. 'openid_sig'=>'xoJcXj30L1N7QRir7I2ovop1SaijXnAI97X/yH+kvck='));
  649. $res = array();
  650. foreach (explode("\n", $ret) as $line) {
  651. if (!empty($line)) {
  652. list($key, $val) = explode(":", $line, 2);
  653. $res[$key] = $val;
  654. }
  655. }
  656. $this->assertSame( 'id_res', $res['openid.mode'] );
  657. $this->assertSame( 'false', $res['is_valid'] );
  658. $storage->delAssociation(self::HANDLE);
  659. }
  660. /**
  661. * testing respondToConsumer
  662. *
  663. */
  664. public function testRespondToConsumer()
  665. {
  666. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  667. $provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, $storage);
  668. // dumb mode
  669. $response = new Zend_OpenId_ResponseHelper(true);
  670. $storage->delAssociation(self::HANDLE);
  671. $this->assertTrue( $provider->respondToConsumer(array(
  672. 'openid_assoc_handle' => self::HANDLE,
  673. 'openid_return_to' => 'http://www.test.com/test.php'
  674. ), null, $response) );
  675. $headers = $response->getHeaders();
  676. $this->assertSame( 'Location', $headers[0]['name'] );
  677. $url = parse_url($headers[0]['value']);
  678. $this->assertSame( 'www.test.com', $url['host'] );
  679. $this->assertSame( '/test.php', $url['path'] );
  680. $ret = array();
  681. foreach (explode('&', $url['query']) as $line) {
  682. list($key,$val) = explode('=', $line, 2);
  683. $ret[$key] = urldecode($val);
  684. }
  685. $this->assertSame( 'id_res', $ret['openid.mode'] );
  686. $this->assertSame( 'http://www.test.com/test.php', $ret['openid.return_to'] );
  687. $this->assertTrue( isset($ret['openid.assoc_handle']) );
  688. $this->assertTrue( isset($ret['openid.response_nonce']) );
  689. $this->assertTrue( isset($ret['openid.signed']) );
  690. $this->assertTrue( isset($ret['openid.sig']) );
  691. $this->assertTrue( $storage->getAssociation($ret['openid.assoc_handle'], $macFunc, $secret, $expires) );
  692. $this->assertSame( 'sha1', $macFunc );
  693. // OpenID 2.0 with SHA256
  694. $_SERVER['SCRIPT_URI'] = "http://www.test.com/endpoint.php";
  695. $response = new Zend_OpenId_ResponseHelper(true);
  696. $storage->addAssociation(self::HANDLE, "sha256", pack("H*", '0102030405060708091011121314151617181920212223242526272829303132'), time() + 3660);
  697. $this->assertTrue( $provider->respondToConsumer(array(
  698. 'openid_ns' => Zend_OpenId::NS_2_0,
  699. 'openid_assoc_handle' => self::HANDLE,
  700. 'openid_return_to' => 'http://www.test.com/test.php'
  701. ), null, $response) );
  702. $headers = $response->getHeaders();
  703. $this->assertSame( 'Location', $headers[0]['name'] );
  704. $url = parse_url($headers[0]['value']);
  705. $this->assertSame( 'www.test.com', $url['host'] );
  706. $this->assertSame( '/test.php', $url['path'] );
  707. $ret = array();
  708. foreach (explode('&', $url['query']) as $line) {
  709. list($key,$val) = explode('=', $line, 2);
  710. $ret[$key] = urldecode($val);
  711. }
  712. $this->assertSame( 'id_res', $ret['openid.mode'] );
  713. $this->assertSame( 'http://www.test.com/test.php', $ret['openid.return_to'] );
  714. $this->assertSame( self::HANDLE, $ret['openid.assoc_handle'] );
  715. $this->assertTrue( isset($ret['openid.response_nonce']) );
  716. $this->assertTrue( isset($ret['openid.signed']) );
  717. $this->assertTrue( isset($ret['openid.sig']) );
  718. $this->assertSame( Zend_OpenId::NS_2_0, $ret['openid.ns'] );
  719. $this->assertSame( "http://www.test.com/endpoint.php", $ret['openid.op_endpoint'] );
  720. $this->assertTrue( $storage->getAssociation(self::HANDLE, $macFunc, $secret, $expires) );
  721. $this->assertSame( 'sha256', $macFunc );
  722. $storage->delAssociation(self::HANDLE);
  723. // OpenID 1.1 with SHA1
  724. $storage->addAssociation(self::HANDLE, "sha1", pack("H*", '0102030405060708091011121314151617181920'), time() + 3660);
  725. $response = new Zend_OpenId_ResponseHelper(true);
  726. $ret = $provider->respondToConsumer(array(
  727. 'openid_assoc_handle' => self::HANDLE,
  728. 'openid_return_to' => 'http://www.test.com/test.php',
  729. 'openid_claimed_id' => 'http://claimed_id/',
  730. 'openid_identity' => 'http://identity/',
  731. 'openid_unknown' => 'http://www.test.com/test.php',
  732. ), null, $response);
  733. $headers = $response->getHeaders();
  734. $this->assertSame( 'Location', $headers[0]['name'] );
  735. $url = parse_url($headers[0]['value']);
  736. $this->assertSame( 'www.test.com', $url['host'] );
  737. $this->assertSame( '/test.php', $url['path'] );
  738. $ret = array();
  739. foreach (explode('&', $url['query']) as $line) {
  740. list($key,$val) = explode('=', $line, 2);
  741. $ret[$key] = urldecode($val);
  742. }
  743. $this->assertSame( 'id_res', $ret['openid.mode'] );
  744. $this->assertSame( 'http://www.test.com/test.php', $ret['openid.return_to'] );
  745. $this->assertSame( self::HANDLE, $ret['openid.assoc_handle'] );
  746. $this->assertTrue( isset($ret['openid.response_nonce']) );
  747. $this->assertTrue( isset($ret['openid.signed']) );
  748. $this->assertTrue( isset($ret['openid.sig']) );
  749. $this->assertFalse( isset($ret['openid.ns']) );
  750. $this->assertFalse( isset($ret['openid.op_endpoint']) );
  751. $this->assertSame( 'http://claimed_id/', $ret['openid.claimed_id'] );
  752. $this->assertSame( 'http://identity/', $ret['openid.identity'] );
  753. $this->assertFalse( isset($ret['openid.unknown']) );
  754. $this->assertTrue( $storage->getAssociation(self::HANDLE, $macFunc, $secret, $expires) );
  755. $this->assertSame( 'sha1', $macFunc );
  756. $storage->delAssociation(self::HANDLE);
  757. // extensions
  758. $sreg = new Zend_OpenId_Extension_Sreg(array("nickname"=>"test_id"));
  759. $response = new Zend_OpenId_ResponseHelper(true);
  760. $this->assertTrue( $provider->respondToConsumer(array(
  761. 'openid_return_to' => 'http://www.test.com/test.php',
  762. ), $sreg, $response) );
  763. $headers = $response->getHeaders();
  764. $this->assertSame( 'Location', $headers[0]['name'] );
  765. $url = parse_url($headers[0]['value']);
  766. $this->assertSame( 'www.test.com', $url['host'] );
  767. $this->assertSame( '/test.php', $url['path'] );
  768. $ret = array();
  769. foreach (explode('&', $url['query']) as $line) {
  770. list($key,$val) = explode('=', $line, 2);
  771. $ret[$key] = urldecode($val);
  772. }
  773. $this->assertSame( 'test_id', $ret['openid.sreg.nickname'] );
  774. }
  775. /**
  776. * testing _checkId
  777. *
  778. */
  779. public function testCheckIdImmediate()
  780. {
  781. $_SERVER['SCRIPT_URI'] = "http://www.test.com/server.php";
  782. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  783. $provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, $storage);
  784. $provider->logout();
  785. // Wrong arguments (no openid.return_to and openid.trust_root)
  786. $response = new Zend_OpenId_ResponseHelper(true);
  787. $this->assertFalse( $provider->handle(array(
  788. 'openid_mode'=>'checkid_immediate'),
  789. null, $response) );
  790. // Unexistent user
  791. $storage->delUser(self::USER);
  792. $response = new Zend_OpenId_ResponseHelper(true);
  793. $this->assertTrue($provider->handle(array(
  794. 'openid_mode'=>'checkid_immediate',
  795. 'openid_identity'=>self::USER,
  796. 'openid_return_to'=>'http://www.test.com/test.php'),
  797. null, $response));
  798. $headers = $response->getHeaders();
  799. $this->assertSame( 'Location', $headers[0]['name'] );
  800. $this->assertSame( 'http://www.test.com/test.php?openid.mode=cancel', $headers[0]['value'] );
  801. // No openid_identity
  802. $response = new Zend_OpenId_ResponseHelper(true);
  803. $this->assertTrue($provider->handle(array(
  804. 'openid_mode'=>'checkid_immediate',
  805. 'openid_return_to'=>'http://www.test.com/test.php'),
  806. null, $response));
  807. $headers = $response->getHeaders();
  808. $this->assertSame( 'Location', $headers[0]['name'] );
  809. $url = parse_url($headers[0]['value']);
  810. $this->assertSame( 'www.test.com', $url['host'] );
  811. $this->assertSame( '/test.php', $url['path'] );
  812. $query = array();
  813. foreach (explode('&', $url['query']) as $line) {
  814. list($key,$val) = explode('=', $line, 2);
  815. $query[$key] = urldecode($val);
  816. }
  817. $this->assertSame( 'id_res', $query['openid.mode'] );
  818. $url2 = parse_url($query['openid.user_setup_url']);
  819. $this->assertSame( 'www.test.com', $url2['host'] );
  820. $this->assertSame( '/server.php', $url2['path'] );
  821. $query2 = array();
  822. foreach (explode('&', $url2['query']) as $line) {
  823. list($key,$val) = explode('=', $line, 2);
  824. $query2[$key] = urldecode($val);
  825. }
  826. $this->assertSame( 'login', $query2['openid.action'] );
  827. $this->assertSame( 'checkid_setup', $query2['openid.mode'] );
  828. $this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
  829. // Non logged in user
  830. $provider->register(self::USER, self::PASSWORD);
  831. $response = new Zend_OpenId_ResponseHelper(true);
  832. $this->assertTrue($provider->handle(array(
  833. 'openid_mode'=>'checkid_immediate',
  834. 'openid_identity'=>self::USER,
  835. 'openid_return_to'=>'http://www.test.com/test.php'),
  836. null, $response));
  837. $headers = $response->getHeaders();
  838. $this->assertSame( 'Location', $headers[0]['name'] );
  839. $url = parse_url($headers[0]['value']);
  840. $this->assertSame( 'www.test.com', $url['host'] );
  841. $this->assertSame( '/test.php', $url['path'] );
  842. $query = array();
  843. foreach (explode('&', $url['query']) as $line) {
  844. list($key,$val) = explode('=', $line, 2);
  845. $query[$key] = urldecode($val);
  846. }
  847. $this->assertSame( 'id_res', $query['openid.mode'] );
  848. $url2 = parse_url($query['openid.user_setup_url']);
  849. $this->assertSame( 'www.test.com', $url2['host'] );
  850. $this->assertSame( '/server.php', $url2['path'] );
  851. $query2 = array();
  852. foreach (explode('&', $url2['query']) as $line) {
  853. list($key,$val) = explode('=', $line, 2);
  854. $query2[$key] = urldecode($val);
  855. }
  856. $this->assertSame( 'login', $query2['openid.action'] );
  857. $this->assertSame( 'checkid_setup', $query2['openid.mode'] );
  858. $this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
  859. $this->assertSame( self::USER, $query2['openid.identity'] );
  860. // Non logged in user with SREG
  861. $provider->register(self::USER, self::PASSWORD);
  862. $response = new Zend_OpenId_ResponseHelper(true);
  863. $this->assertTrue($provider->handle(array(
  864. 'openid_mode'=>'checkid_immediate',
  865. 'openid_identity'=>self::USER,
  866. 'openid_return_to'=>'http://www.test.com/test.php',
  867. 'openid_ns_sreg'=>Zend_OpenId_Extension_Sreg::NAMESPACE_1_1,
  868. 'openid_sreg_required'=>'nickname'),
  869. null, $response));
  870. $headers = $response->getHeaders();
  871. $this->assertSame( 'Location', $headers[0]['name'] );
  872. $url = parse_url($headers[0]['value']);
  873. $this->assertSame( 'www.test.com', $url['host'] );
  874. $this->assertSame( '/test.php', $url['path'] );
  875. $query = array();
  876. foreach (explode('&', $url['query']) as $line) {
  877. list($key,$val) = explode('=', $line, 2);
  878. $query[$key] = urldecode($val);
  879. }
  880. $this->assertSame( 'id_res', $query['openid.mode'] );
  881. $url2 = parse_url($query['openid.user_setup_url']);
  882. $this->assertSame( 'www.test.com', $url2['host'] );
  883. $this->assertSame( '/server.php', $url2['path'] );
  884. $query2 = array();
  885. foreach (explode('&', $url2['query']) as $line) {
  886. list($key,$val) = explode('=', $line, 2);
  887. $query2[$key] = urldecode($val);
  888. }
  889. $this->assertSame( 'login', $query2['openid.action'] );
  890. $this->assertSame( 'checkid_setup', $query2['openid.mode'] );
  891. $this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
  892. $this->assertSame( self::USER, $query2['openid.identity'] );
  893. $this->assertSame( Zend_OpenId_Extension_Sreg::NAMESPACE_1_1, $query2['openid.ns.sreg'] );
  894. $this->assertSame( "nickname", $query2['openid.sreg.required'] );
  895. // Logged in user (unknown site)
  896. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  897. $response = new Zend_OpenId_ResponseHelper(true);
  898. $this->assertTrue($provider->handle(array(
  899. 'openid_mode'=>'checkid_immediate',
  900. 'openid_identity'=>self::USER,
  901. 'openid_return_to'=>'http://www.test.com/test.php'),
  902. null, $response));
  903. $headers = $response->getHeaders();
  904. $this->assertSame( 'Location', $headers[0]['name'] );
  905. $url = parse_url($headers[0]['value']);
  906. $this->assertSame( 'www.test.com', $url['host'] );
  907. $this->assertSame( '/test.php', $url['path'] );
  908. $query = array();
  909. foreach (explode('&', $url['query']) as $line) {
  910. list($key,$val) = explode('=', $line, 2);
  911. $query[$key] = urldecode($val);
  912. }
  913. $this->assertSame( 'id_res', $query['openid.mode'] );
  914. $url2 = parse_url($query['openid.user_setup_url']);
  915. $this->assertSame( 'www.test.com', $url2['host'] );
  916. $this->assertSame( '/server.php', $url2['path'] );
  917. $query2 = array();
  918. foreach (explode('&', $url2['query']) as $line) {
  919. list($key,$val) = explode('=', $line, 2);
  920. $query2[$key] = urldecode($val);
  921. }
  922. $this->assertSame( 'trust', $query2['openid.action'] );
  923. $this->assertSame( 'checkid_setup', $query2['openid.mode'] );
  924. $this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
  925. $this->assertSame( self::USER, $query2['openid.identity'] );
  926. // Logged in user (unknown site 2)
  927. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  928. $this->assertTrue( $provider->allowSite('http://www.test.com/test1.php') );
  929. $response = new Zend_OpenId_ResponseHelper(true);
  930. $this->assertTrue($provider->handle(array(
  931. 'openid_mode'=>'checkid_immediate',
  932. 'openid_identity'=>self::USER,
  933. 'openid_return_to'=>'http://www.test.com/test.php'),
  934. null, $response));
  935. $headers = $response->getHeaders();
  936. $this->assertSame( 'Location', $headers[0]['name'] );
  937. $url = parse_url($headers[0]['value']);
  938. $this->assertSame( 'www.test.com', $url['host'] );
  939. $this->assertSame( '/test.php', $url['path'] );
  940. $query = array();
  941. foreach (explode('&', $url['query']) as $line) {
  942. list($key,$val) = explode('=', $line, 2);
  943. $query[$key] = urldecode($val);
  944. }
  945. $this->assertSame( 'id_res', $query['openid.mode'] );
  946. $url2 = parse_url($query['openid.user_setup_url']);
  947. $this->assertSame( 'www.test.com', $url2['host'] );
  948. $this->assertSame( '/server.php', $url2['path'] );
  949. $query2 = array();
  950. foreach (explode('&', $url2['query']) as $line) {
  951. list($key,$val) = explode('=', $line, 2);
  952. $query2[$key] = urldecode($val);
  953. }
  954. $this->assertSame( 'trust', $query2['openid.action'] );
  955. $this->assertSame( 'checkid_setup', $query2['openid.mode'] );
  956. $this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
  957. $this->assertSame( self::USER, $query2['openid.identity'] );
  958. // Logged in user (unknown site + SREG)
  959. $response = new Zend_OpenId_ResponseHelper(true);
  960. $this->assertTrue( $provider->delSite('http://www.test.com/test1.php') );
  961. $this->assertTrue($provider->handle(array(
  962. 'openid_mode'=>'checkid_immediate',
  963. 'openid_identity'=>self::USER,
  964. 'openid_return_to'=>'http://www.test.com/test.php',
  965. 'openid_ns_sreg'=>Zend_OpenId_Extension_Sreg::NAMESPACE_1_1,
  966. 'openid_sreg_required'=>'nickname'),
  967. null, $response));
  968. $headers = $response->getHeaders();
  969. $this->assertSame( 'Location', $headers[0]['name'] );
  970. $url = parse_url($headers[0]['value']);
  971. $this->assertSame( 'www.test.com', $url['host'] );
  972. $this->assertSame( '/test.php', $url['path'] );
  973. $query = array();
  974. foreach (explode('&', $url['query']) as $line) {
  975. list($key,$val) = explode('=', $line, 2);
  976. $query[$key] = urldecode($val);
  977. }
  978. $this->assertSame( 'id_res', $query['openid.mode'] );
  979. $url2 = parse_url($query['openid.user_setup_url']);
  980. $this->assertSame( 'www.test.com', $url2['host'] );
  981. $this->assertSame( '/server.php', $url2['path'] );
  982. $query2 = array();
  983. foreach (explode('&', $url2['query']) as $line) {
  984. list($key,$val) = explode('=', $line, 2);
  985. $query2[$key] = urldecode($val);
  986. }
  987. $this->assertSame( 'trust', $query2['openid.action'] );
  988. $this->assertSame( 'checkid_setup', $query2['openid.mode'] );
  989. $this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
  990. $this->assertSame( self::USER, $query2['openid.identity'] );
  991. $this->assertSame( Zend_OpenId_Extension_Sreg::NAMESPACE_1_1, $query2['openid.ns.sreg'] );
  992. $this->assertSame( "nickname", $query2['openid.sreg.required'] );
  993. // Logged in user (untrusted site)
  994. $this->assertTrue( $provider->denySite('http://www.test.com') );

Large files files are truncated, but you can click here to view the full file