PageRenderTime 64ms CodeModel.GetById 18ms RepoModel.GetById 0ms app.codeStats 1ms

/tests/Zend/OpenId/ProviderTest.php

https://bitbucket.org/dbaltas/zend-framework-1.x-on-git
PHP | 1645 lines | 1344 code | 124 blank | 177 comment | 14 complexity | 7fc4d817b547af1206c708c7bf6bab3f MD5 | raw file
Possible License(s): BSD-3-Clause, LGPL-2.0, MIT
  1. <?php
  2. /**
  3. * Zend Framework
  4. *
  5. * LICENSE
  6. *
  7. * This source file is subject to the new BSD license that is bundled
  8. * with this package in the file LICENSE.txt.
  9. * It is also available through the world-wide-web at this URL:
  10. * http://framework.zend.com/license/new-bsd
  11. * If you did not receive a copy of the license and are unable to
  12. * obtain it through the world-wide-web, please send an email
  13. * to license@zend.com so we can send you a copy immediately.
  14. *
  15. * @category Zend
  16. * @package Zend_OpenId
  17. * @subpackage UnitTests
  18. * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
  19. * @license http://framework.zend.com/license/new-bsd New BSD License
  20. * @version $Id: ProviderTest.php 24593 2012-01-05 20:35:02Z matthew $
  21. */
  22. /**
  23. * Zend_OpenId
  24. */
  25. require_once 'Zend/OpenId/Provider.php';
  26. /**
  27. * Zend_OpenId_ResponseHelper
  28. */
  29. require_once 'Zend/OpenId/ResponseHelper.php';
  30. /**
  31. * @see Zend_OpenId_Provider_User_Session
  32. */
  33. require_once 'Zend/OpenId/Provider/User/Session.php';
  34. /**
  35. * @category Zend
  36. * @package Zend_OpenId
  37. * @subpackage UnitTests
  38. * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
  39. * @license http://framework.zend.com/license/new-bsd New BSD License
  40. * @group Zend_OpenId
  41. */
  42. class Zend_OpenId_ProviderTest extends PHPUnit_Framework_TestCase
  43. {
  44. const USER = "http://test_user.myopenid.com/";
  45. const PASSWORD = "01234567890abcdef";
  46. const HANDLE = "01234567890abcdef";
  47. private $_user;
  48. public function __construct($name = NULL, array $data = array(), $dataName = '')
  49. {
  50. parent::__construct($name, $data, $dataName);
  51. $this->_user = new Zend_OpenId_Provider_User_Session();
  52. }
  53. /**
  54. * testing register
  55. *
  56. */
  57. public function testRegister()
  58. {
  59. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  60. $storage->delUser(self::USER);
  61. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  62. $this->assertFalse( $storage->checkUser(self::USER, self::PASSWORD) );
  63. // wrong ID
  64. $this->assertFalse( $provider->register("", self::PASSWORD) );
  65. // registration of new user
  66. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  67. // registration of existent user
  68. $this->assertFalse( $provider->register(self::USER, self::PASSWORD) );
  69. $this->assertTrue( $storage->checkUser(self::USER, md5(self::USER . self::PASSWORD)) );
  70. $storage->delUser(self::USER);
  71. }
  72. /**
  73. * testing hasUser
  74. *
  75. */
  76. public function testHasUser()
  77. {
  78. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  79. $storage->delUser(self::USER);
  80. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  81. // wrong ID
  82. $this->assertFalse( $provider->hasUser("") );
  83. $this->assertFalse( $provider->hasUser("http://:80/test") );
  84. // check for non existent
  85. $this->assertFalse( $provider->hasUser(self::USER) );
  86. // check for existent user
  87. $this->assertTrue( $storage->addUser(self::USER, self::PASSWORD) );
  88. $this->assertTrue( $provider->hasUser(self::USER) );
  89. $storage->delUser(self::USER);
  90. }
  91. /**
  92. * testing login
  93. *
  94. */
  95. public function testLogin()
  96. {
  97. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  98. $storage->delUser(self::USER);
  99. $this->_user->delLoggedInUser();
  100. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  101. // wrong ID
  102. $this->assertFalse( $provider->login("", self::PASSWORD) );
  103. $this->assertFalse( $this->_user->getLoggedInUser() );
  104. $this->assertFalse( $provider->login("http://:80/test", self::PASSWORD) );
  105. $this->assertFalse( $this->_user->getLoggedInUser() );
  106. // login as non existent user
  107. $this->assertFalse( $provider->login(self::USER, self::PASSWORD) );
  108. $this->assertFalse( $this->_user->getLoggedInUser() );
  109. // login as existent user with wrong password
  110. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  111. $this->assertFalse( $provider->login(self::USER, self::PASSWORD . "x") );
  112. $this->assertFalse( $this->_user->getLoggedInUser() );
  113. // login as existent user with proper password
  114. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  115. $this->assertSame( self::USER, $this->_user->getLoggedInUser() );
  116. $storage->delUser(self::USER);
  117. $this->_user->delLoggedInUser();
  118. }
  119. /**
  120. * testing logout
  121. *
  122. */
  123. public function testLogout()
  124. {
  125. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  126. $storage->delUser(self::USER);
  127. $this->_user->delLoggedInUser();
  128. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  129. $this->assertFalse( $this->_user->getLoggedInUser() );
  130. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  131. $this->assertFalse( $this->_user->getLoggedInUser() );
  132. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  133. $this->assertSame( self::USER, $this->_user->getLoggedInUser() );
  134. $this->assertTrue( $provider->logout() );
  135. $this->assertFalse( $this->_user->getLoggedInUser() );
  136. $storage->delUser(self::USER);
  137. $this->_user->delLoggedInUser();
  138. }
  139. /**
  140. * testing logout
  141. *
  142. */
  143. public function testLoggedInUser()
  144. {
  145. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  146. $storage->delUser(self::USER);
  147. $this->_user->delLoggedInUser();
  148. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  149. $this->assertFalse( $provider->getLoggedInUser() );
  150. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  151. $this->assertFalse( $provider->getLoggedInUser() );
  152. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  153. $this->assertSame( self::USER, $this->_user->getLoggedInUser() );
  154. $this->assertTrue( $provider->logout() );
  155. $this->assertFalse( $provider->getLoggedInUser() );
  156. $storage->delUser(self::USER);
  157. $this->_user->delLoggedInUser();
  158. }
  159. /**
  160. * testing getSiteRoot
  161. *
  162. */
  163. public function testGetSiteRoot()
  164. {
  165. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  166. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  167. $params = array(
  168. 'openid_realm' => "http://wrong/",
  169. 'openid_trust_root' => "http://root/",
  170. 'openid_return_to' => "http://wrong/",
  171. );
  172. $this->assertSame( "http://root/", $provider->getSiteRoot($params) );
  173. $params = array(
  174. 'openid_realm' => "http://wrong/",
  175. 'openid_return_to' => "http://root/",
  176. );
  177. $this->assertSame( "http://root/", $provider->getSiteRoot($params) );
  178. $params = array(
  179. 'openid_realm' => "http://wrong/",
  180. );
  181. $this->assertFalse( $provider->getSiteRoot($params) );
  182. $params = array(
  183. 'openid_ns' => Zend_OpenId::NS_2_0,
  184. 'openid_realm' => "http://root/",
  185. 'openid_trust_root' => "http://wrong/",
  186. 'openid_return_to' => "http://wrong/",
  187. );
  188. $this->assertSame( "http://root/", $provider->getSiteRoot($params) );
  189. $params = array(
  190. 'openid_ns' => Zend_OpenId::NS_2_0,
  191. 'openid_trust_root' => "http://wrong/",
  192. 'openid_return_to' => "http://root/",
  193. );
  194. $this->assertSame( "http://root/", $provider->getSiteRoot($params) );
  195. $params = array(
  196. 'openid_ns' => Zend_OpenId::NS_2_0,
  197. 'openid_return_to' => "http://root/",
  198. );
  199. $this->assertSame( "http://root/", $provider->getSiteRoot($params) );
  200. $params = array(
  201. 'openid_ns' => Zend_OpenId::NS_2_0,
  202. );
  203. $this->assertFalse( $provider->getSiteRoot($params) );
  204. $params = array(
  205. 'openid_trust_root' => "",
  206. );
  207. $this->assertFalse( $provider->getSiteRoot($params) );
  208. }
  209. /**
  210. * testing allowSite
  211. *
  212. */
  213. public function testAllowSite()
  214. {
  215. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  216. $storage->delUser(self::USER);
  217. $this->_user->delLoggedInUser();
  218. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  219. // not logged in
  220. $this->assertFalse( $provider->allowSite("http://www.test.com/") );
  221. // logged in
  222. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  223. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  224. $this->assertTrue( $provider->allowSite("http://www.test.com/") );
  225. $trusted = $storage->getTrustedSites(self::USER);
  226. $this->assertTrue( is_array($trusted) );
  227. $this->assertSame( 1, count($trusted) );
  228. reset($trusted);
  229. $this->assertSame( "http://www.test.com/", key($trusted) );
  230. $this->assertSame( true, current($trusted) );
  231. // duplicate
  232. $this->assertTrue( $provider->allowSite("http://www.test.com/") );
  233. $trusted = $storage->getTrustedSites(self::USER);
  234. $this->assertTrue( is_array($trusted) );
  235. $this->assertSame( 1, count($trusted) );
  236. reset($trusted);
  237. $this->assertSame( "http://www.test.com/", key($trusted) );
  238. $this->assertSame( true, current($trusted) );
  239. // extensions
  240. $sreg = new Zend_OpenId_Extension_Sreg(array("nickname"=>"test_id"));
  241. $this->assertTrue( $provider->allowSite("http://www.test.com/", $sreg) );
  242. $trusted = $storage->getTrustedSites(self::USER);
  243. $this->assertTrue( is_array($trusted) );
  244. $this->assertSame( 1, count($trusted) );
  245. reset($trusted);
  246. $this->assertSame( "http://www.test.com/", key($trusted) );
  247. $this->assertSame( array('Zend_OpenId_Extension_Sreg'=>array('nickname'=>'test_id')), current($trusted) );
  248. $this->_user->delLoggedInUser();
  249. $storage->delUser(self::USER);
  250. }
  251. /**
  252. * testing denySite
  253. *
  254. */
  255. public function testDenySite()
  256. {
  257. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  258. $storage->delUser(self::USER);
  259. $this->_user->delLoggedInUser();
  260. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  261. $sreg = new Zend_OpenId_Extension_Sreg(array("nickname"=>"test_id"));
  262. // not logged in
  263. $this->assertFalse( $provider->denySite("http://www.test.com/") );
  264. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  265. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  266. $this->assertTrue( $provider->allowSite("http://www.test1.com/") );
  267. $this->assertTrue( $provider->allowSite("http://www.test2.com/", $sreg) );
  268. $this->AssertSame( array(
  269. 'http://www.test1.com/' => true,
  270. 'http://www.test2.com/' => array(
  271. 'Zend_OpenId_Extension_Sreg' => array(
  272. 'nickname' => 'test_id'
  273. )
  274. )
  275. ),
  276. $storage->getTrustedSites(self::USER) );
  277. $this->assertTrue( $provider->denySite("http://www.test3.com/") );
  278. $this->AssertSame( array(
  279. 'http://www.test1.com/' => true,
  280. 'http://www.test2.com/' => array(
  281. 'Zend_OpenId_Extension_Sreg' => array(
  282. 'nickname' => 'test_id'
  283. )
  284. ),
  285. 'http://www.test3.com/' => false
  286. ),
  287. $storage->getTrustedSites(self::USER) );
  288. $this->assertTrue( $provider->denySite("http://www.test1.com/") );
  289. $this->AssertSame( array(
  290. 'http://www.test1.com/' => false,
  291. 'http://www.test2.com/' => array(
  292. 'Zend_OpenId_Extension_Sreg' => array(
  293. 'nickname' => 'test_id'
  294. )
  295. ),
  296. 'http://www.test3.com/' => false
  297. ),
  298. $storage->getTrustedSites(self::USER) );
  299. $this->assertTrue( $provider->denySite("http://www.test2.com/") );
  300. $this->AssertSame( array(
  301. 'http://www.test1.com/' => false,
  302. 'http://www.test2.com/' => false,
  303. 'http://www.test3.com/' => false
  304. ),
  305. $storage->getTrustedSites(self::USER) );
  306. $this->_user->delLoggedInUser();
  307. $storage->delUser(self::USER);
  308. }
  309. /**
  310. * testing delSite
  311. *
  312. */
  313. public function testDelSite()
  314. {
  315. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  316. $storage->delUser(self::USER);
  317. $this->_user->delLoggedInUser();
  318. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  319. $sreg = new Zend_OpenId_Extension_Sreg(array("nickname"=>"test_id"));
  320. // not logged in
  321. $this->assertFalse( $provider->delSite("http://www.test.com/") );
  322. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  323. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  324. $this->assertTrue( $provider->allowSite("http://www.test1.com/") );
  325. $this->assertTrue( $provider->allowSite("http://www.test2.com/", $sreg) );
  326. $this->AssertSame( array(
  327. 'http://www.test1.com/' => true,
  328. 'http://www.test2.com/' => array(
  329. 'Zend_OpenId_Extension_Sreg' => array(
  330. 'nickname' => 'test_id'
  331. )
  332. )
  333. ),
  334. $storage->getTrustedSites(self::USER) );
  335. $this->assertTrue( $provider->delSite("http://www.test3.com/") );
  336. $this->AssertSame( array(
  337. 'http://www.test1.com/' => true,
  338. 'http://www.test2.com/' => array(
  339. 'Zend_OpenId_Extension_Sreg' => array(
  340. 'nickname' => 'test_id'
  341. )
  342. )
  343. ),
  344. $storage->getTrustedSites(self::USER) );
  345. $this->assertTrue( $provider->delSite("http://www.test1.com/") );
  346. $this->AssertSame( array(
  347. 'http://www.test2.com/' => array(
  348. 'Zend_OpenId_Extension_Sreg' => array(
  349. 'nickname' => 'test_id'
  350. )
  351. )
  352. ),
  353. $storage->getTrustedSites(self::USER) );
  354. $this->assertTrue( $provider->delSite("http://www.test2.com/") );
  355. $this->AssertSame( array(
  356. ),
  357. $storage->getTrustedSites(self::USER) );
  358. $this->_user->delLoggedInUser();
  359. $storage->delUser(self::USER);
  360. }
  361. /**
  362. * testing getTrustedSites
  363. *
  364. */
  365. public function testGetTrustedSites()
  366. {
  367. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  368. $storage->delUser(self::USER);
  369. $this->_user->delLoggedInUser();
  370. $provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
  371. $sreg = new Zend_OpenId_Extension_Sreg(array("nickname"=>"test_id"));
  372. $this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
  373. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  374. $this->assertTrue( $provider->allowSite("http://www.test1.com/") );
  375. $this->assertTrue( $provider->allowSite("http://www.test2.com/", $sreg) );
  376. $this->AssertSame( array(
  377. 'http://www.test1.com/' => true,
  378. 'http://www.test2.com/' => array(
  379. 'Zend_OpenId_Extension_Sreg' => array(
  380. 'nickname' => 'test_id'
  381. )
  382. )
  383. ),
  384. $provider->getTrustedSites() );
  385. $this->_user->delLoggedInUser();
  386. $this->AssertFalse( $provider->getTrustedSites() );
  387. $storage->delUser(self::USER);
  388. }
  389. /**
  390. * testing genSecret
  391. *
  392. */
  393. public function testGenSecret()
  394. {
  395. $provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider"));
  396. // SHA1
  397. $x = $provider->genSecret("sha1");
  398. $this->assertTrue( is_string($x) );
  399. $this->assertSame( 20, strlen($x) );
  400. // SHA256
  401. $x = $provider->genSecret("sha256");
  402. $this->assertTrue( is_string($x) );
  403. $this->assertSame( 32, strlen($x) );
  404. // invalid function
  405. $this->assertFalse( $provider->genSecret("md5") );
  406. }
  407. /**
  408. * testing _associate
  409. *
  410. */
  411. public function testAssociate()
  412. {
  413. try {
  414. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  415. $provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, $storage);
  416. // Wrong assoc_type
  417. $ret = $provider->handle(array('openid_mode'=>'associate'));
  418. $res = array();
  419. foreach (explode("\n", $ret) as $line) {
  420. if (!empty($line)) {
  421. list($key, $val) = explode(":", $line, 2);
  422. $res[$key] = $val;
  423. }
  424. }
  425. $this->assertSame( 'unsupported-type', $res['error-code'] );
  426. // Wrong assoc_type (OpenID 2.0)
  427. $ret = $provider->handle(array('openid_ns'=>Zend_OpenId::NS_2_0,
  428. 'openid_mode'=>'associate'));
  429. $res = array();
  430. foreach (explode("\n", $ret) as $line) {
  431. if (!empty($line)) {
  432. list($key, $val) = explode(":", $line, 2);
  433. $res[$key] = $val;
  434. }
  435. }
  436. $this->assertSame( Zend_OpenId::NS_2_0, $res['ns'] );
  437. $this->assertSame( 'unsupported-type', $res['error-code'] );
  438. // Wrong session_type
  439. $ret = $provider->handle(array('openid_mode'=>'associate',
  440. 'openid_assoc_type'=>'HMAC-SHA1',
  441. 'openid_session_type'=>'DH-SHA257'));
  442. $res = array();
  443. foreach (explode("\n", $ret) as $line) {
  444. if (!empty($line)) {
  445. list($key, $val) = explode(":", $line, 2);
  446. $res[$key] = $val;
  447. }
  448. }
  449. $this->assertSame( 'unsupported-type', $res['error-code'] );
  450. // Associaation without encryption
  451. $ret = $provider->handle(array('openid_assoc_type'=>'HMAC-SHA1',
  452. 'openid_mode'=>'associate'));
  453. $res = array();
  454. foreach (explode("\n", $ret) as $line) {
  455. if (!empty($line)) {
  456. list($key, $val) = explode(":", $line, 2);
  457. $res[$key] = $val;
  458. }
  459. }
  460. $this->assertSame( 'HMAC-SHA1', $res['assoc_type'] );
  461. $this->assertTrue( isset($res['mac_key']) );
  462. $this->assertSame( 20, strlen(base64_decode($res['mac_key'])) );
  463. $this->assertTrue( isset($res['assoc_handle']) );
  464. $this->assertSame( '3600', $res['expires_in'] );
  465. $this->assertFalse( isset($res['session_type']) );
  466. $this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
  467. $this->assertSame( 'sha1', $macFunc );
  468. $this->assertSame( bin2hex(base64_decode($res['mac_key'])), bin2hex($secret) );
  469. // Associaation without encryption (OpenID 2.0)
  470. $ret = $provider->handle(array('openid_ns'=>Zend_OpenId::NS_2_0,
  471. 'openid_assoc_type'=>'HMAC-SHA256',
  472. 'openid_mode'=>'associate'));
  473. $res = array();
  474. foreach (explode("\n", $ret) as $line) {
  475. if (!empty($line)) {
  476. list($key, $val) = explode(":", $line, 2);
  477. $res[$key] = $val;
  478. }
  479. }
  480. $this->assertSame( Zend_OpenId::NS_2_0, $res['ns'] );
  481. $this->assertSame( 'HMAC-SHA256', $res['assoc_type'] );
  482. $this->assertTrue( isset($res['mac_key']) );
  483. $this->assertSame( 32, strlen(base64_decode($res['mac_key'])) );
  484. $this->assertTrue( isset($res['assoc_handle']) );
  485. $this->assertSame( '3600', $res['expires_in'] );
  486. $this->assertFalse( isset($res['session_type']) );
  487. $this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
  488. $this->assertSame( 'sha256', $macFunc );
  489. $this->assertSame( bin2hex(base64_decode($res['mac_key'])), bin2hex($secret) );
  490. // Associaation without encryption (OpenID 2.0)
  491. $ret = $provider->handle(array('openid_ns'=>Zend_OpenId::NS_2_0,
  492. 'openid_assoc_type'=>'HMAC-SHA256',
  493. 'openid_mode'=>'associate',
  494. 'openid_session_type'=>'no-encryption'));
  495. $res = array();
  496. foreach (explode("\n", $ret) as $line) {
  497. if (!empty($line)) {
  498. list($key, $val) = explode(":", $line, 2);
  499. $res[$key] = $val;
  500. }
  501. }
  502. $this->assertSame( Zend_OpenId::NS_2_0, $res['ns'] );
  503. $this->assertSame( 'HMAC-SHA256', $res['assoc_type'] );
  504. $this->assertTrue( isset($res['mac_key']) );
  505. $this->assertSame( 32, strlen(base64_decode($res['mac_key'])) );
  506. $this->assertTrue( isset($res['assoc_handle']) );
  507. $this->assertSame( '3600', $res['expires_in'] );
  508. $this->assertSame( 'no-encryption', $res['session_type'] );
  509. $this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
  510. $this->assertSame( 'sha256', $macFunc );
  511. $this->assertSame( bin2hex(base64_decode($res['mac_key'])), bin2hex($secret) );
  512. // Associaation with DH-SHA1 encryption
  513. $ret = $provider->handle(array('openid_assoc_type'=>'HMAC-SHA1',
  514. 'openid_mode'=>'associate',
  515. 'openid_session_type'=>'DH-SHA1',
  516. 'openid_dh_modulus'=>'ANz5OguIOXLsDhmYmsWizjEOHTdxfo2Vcbt2I3MYZuYe91ouJ4mLBX+YkcLiemOcPym2CBRYHNOyyjmG0mg3BVd9RcLn5S3IHHoXGHblzqdLFEi/368Ygo79JRnxTkXjgmY0rxlJ5bU1zIKaSDuKdiI+XUkKJX8Fvf8W8vsixYOr',
  517. 'openid_dh_gen'=>'Ag==',
  518. 'openid_dh_consumer_public'=>'RqexRm+Zn5s3sXxFBjI9WfCOBwBDDQBKPzX4fjMGl3YEJh5tx8SVo7awgwuqsliR+nvjmRh5kSFIGv8YSCsy88v1CcAfWUGfjehO9euxQcXOYJnNGbl6GQrE2FYe2RCvML4Yi8eYCYtCQi0wlDE7BJXGSVPXFzj/ru0lR/voPpk=',
  519. ));
  520. $res = array();
  521. foreach (explode("\n", $ret) as $line) {
  522. if (!empty($line)) {
  523. list($key, $val) = explode(":", $line, 2);
  524. $res[$key] = $val;
  525. }
  526. }
  527. $this->assertSame( 'HMAC-SHA1', $res['assoc_type'] );
  528. $this->assertSame( 'DH-SHA1', $res['session_type'] );
  529. $this->assertTrue( isset($res['dh_server_public']) );
  530. $this->assertTrue( isset($res['enc_mac_key']) );
  531. $this->assertSame( 20, strlen(base64_decode($res['enc_mac_key'])) );
  532. $this->assertTrue( isset($res['assoc_handle']) );
  533. $this->assertSame( '3600', $res['expires_in'] );
  534. $this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
  535. $this->assertSame( 'sha1', $macFunc );
  536. // Associaation with DH-SHA256 encryption (OpenID 2.0)
  537. $ret = $provider->handle(array('openid_ns'=>Zend_OpenId::NS_2_0,
  538. 'openid_assoc_type'=>'HMAC-SHA256',
  539. 'openid_mode'=>'associate',
  540. 'openid_session_type'=>'DH-SHA256',
  541. 'openid_dh_modulus'=>'ANz5OguIOXLsDhmYmsWizjEOHTdxfo2Vcbt2I3MYZuYe91ouJ4mLBX+YkcLiemOcPym2CBRYHNOyyjmG0mg3BVd9RcLn5S3IHHoXGHblzqdLFEi/368Ygo79JRnxTkXjgmY0rxlJ5bU1zIKaSDuKdiI+XUkKJX8Fvf8W8vsixYOr',
  542. 'openid_dh_gen'=>'Ag==',
  543. 'openid_dh_consumer_public'=>'RqexRm+Zn5s3sXxFBjI9WfCOBwBDDQBKPzX4fjMGl3YEJh5tx8SVo7awgwuqsliR+nvjmRh5kSFIGv8YSCsy88v1CcAfWUGfjehO9euxQcXOYJnNGbl6GQrE2FYe2RCvML4Yi8eYCYtCQi0wlDE7BJXGSVPXFzj/ru0lR/voPpk=',
  544. ));
  545. $res = array();
  546. foreach (explode("\n", $ret) as $line) {
  547. if (!empty($line)) {
  548. list($key, $val) = explode(":", $line, 2);
  549. $res[$key] = $val;
  550. }
  551. }
  552. $this->assertSame( 'HMAC-SHA256', $res['assoc_type'] );
  553. $this->assertSame( 'DH-SHA256', $res['session_type'] );
  554. $this->assertTrue( isset($res['dh_server_public']) );
  555. $this->assertTrue( isset($res['enc_mac_key']) );
  556. $this->assertSame( 32, strlen(base64_decode($res['enc_mac_key'])) );
  557. $this->assertTrue( isset($res['assoc_handle']) );
  558. $this->assertSame( '3600', $res['expires_in'] );
  559. $this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
  560. $this->assertSame( 'sha256', $macFunc );
  561. } catch (Zend_OpenId_Exception $e) {
  562. $this->markTestSkipped($e->getMessage());
  563. }
  564. }
  565. /**
  566. * testing _checkAuthentication
  567. *
  568. */
  569. public function testCheckAuthentication()
  570. {
  571. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  572. $provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, $storage);
  573. // Wrong arguments
  574. $ret = $provider->handle(array('openid_mode'=>'check_authentication'));
  575. $res = array();
  576. foreach (explode("\n", $ret) as $line) {
  577. if (!empty($line)) {
  578. list($key, $val) = explode(":", $line, 2);
  579. $res[$key] = $val;
  580. }
  581. }
  582. $this->assertSame( 'id_res', $res['openid.mode'] );
  583. $this->assertSame( 'false', $res['is_valid'] );
  584. // Wrong arguments (OpenID 2.0)
  585. $ret = $provider->handle(array('openid_ns'=>Zend_OpenId::NS_2_0,
  586. 'openid_mode'=>'check_authentication'));
  587. $res = array();
  588. foreach (explode("\n", $ret) as $line) {
  589. if (!empty($line)) {
  590. list($key, $val) = explode(":", $line, 2);
  591. $res[$key] = $val;
  592. }
  593. }
  594. $this->assertSame( Zend_OpenId::NS_2_0, $res['ns'] );
  595. $this->assertSame( 'id_res', $res['openid.mode'] );
  596. $this->assertSame( 'false', $res['is_valid'] );
  597. // Wrong session id
  598. $storage->delAssociation(self::HANDLE);
  599. $ret = $provider->handle(array('openid_mode'=>'check_authentication',
  600. 'openid_assoc_handle'=>self::HANDLE));
  601. $res = array();
  602. foreach (explode("\n", $ret) as $line) {
  603. if (!empty($line)) {
  604. list($key, $val) = explode(":", $line, 2);
  605. $res[$key] = $val;
  606. }
  607. }
  608. $this->assertSame( 'id_res', $res['openid.mode'] );
  609. $this->assertSame( 'false', $res['is_valid'] );
  610. // Proper session signed with HAMC-SHA256
  611. $storage->addAssociation(self::HANDLE, "sha1", pack("H*", '0102030405060708091011121314151617181920'), time() + 3660);
  612. $ret = $provider->handle(array('openid_mode'=>'check_authentication',
  613. 'openid_assoc_handle'=>self::HANDLE,
  614. 'openid_signed'=>'mode,assoc_handle,signed',
  615. 'openid_sig'=>'IgLZCOXmEPowYl6yyFZjYL4ZTtQ='));
  616. $res = array();
  617. foreach (explode("\n", $ret) as $line) {
  618. if (!empty($line)) {
  619. list($key, $val) = explode(":", $line, 2);
  620. $res[$key] = $val;
  621. }
  622. }
  623. $this->assertSame( 'id_res', $res['openid.mode'] );
  624. $this->assertSame( 'true', $res['is_valid'] );
  625. // Proper session signed with HAMC-SHA256
  626. $storage->delAssociation(self::HANDLE);
  627. $storage->addAssociation(self::HANDLE, "sha256", pack("H*", '0102030405060708091011121314151617181920212223242526272829303132'), time() + 3660);
  628. $ret = $provider->handle(array('openid_mode'=>'check_authentication',
  629. 'openid_assoc_handle'=>self::HANDLE,
  630. 'openid_signed'=>'mode,assoc_handle,signed',
  631. 'openid_sig'=>'xoJcXj30L1N7QRir7I2ovop1SaijXnAI97X/yH+kvck='));
  632. $res = array();
  633. foreach (explode("\n", $ret) as $line) {
  634. if (!empty($line)) {
  635. list($key, $val) = explode(":", $line, 2);
  636. $res[$key] = $val;
  637. }
  638. }
  639. $this->assertSame( 'id_res', $res['openid.mode'] );
  640. $this->assertSame( 'true', $res['is_valid'] );
  641. // Wrong signature
  642. $storage->delAssociation(self::HANDLE);
  643. $storage->addAssociation(self::HANDLE, "sha256", pack("H*", '0102030405060708091011121314151617181920212223242526272829303132'), time() + 3660);
  644. $ret = $provider->handle(array('openid_ns'=>Zend_OpenId::NS_2_0,
  645. 'openid_mode'=>'check_authentication',
  646. 'openid_assoc_handle'=>self::HANDLE,
  647. 'openid_signed'=>'ns,mode,assoc_handle,signed',
  648. 'openid_sig'=>'xoJcXj30L1N7QRir7I2ovop1SaijXnAI97X/yH+kvck='));
  649. $res = array();
  650. foreach (explode("\n", $ret) as $line) {
  651. if (!empty($line)) {
  652. list($key, $val) = explode(":", $line, 2);
  653. $res[$key] = $val;
  654. }
  655. }
  656. $this->assertSame( 'id_res', $res['openid.mode'] );
  657. $this->assertSame( 'false', $res['is_valid'] );
  658. $storage->delAssociation(self::HANDLE);
  659. }
  660. /**
  661. * testing respondToConsumer
  662. *
  663. */
  664. public function testRespondToConsumer()
  665. {
  666. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  667. $provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, $storage);
  668. // dumb mode
  669. $response = new Zend_OpenId_ResponseHelper(true);
  670. $storage->delAssociation(self::HANDLE);
  671. $this->assertTrue( $provider->respondToConsumer(array(
  672. 'openid_assoc_handle' => self::HANDLE,
  673. 'openid_return_to' => 'http://www.test.com/test.php'
  674. ), null, $response) );
  675. $headers = $response->getHeaders();
  676. $this->assertSame( 'Location', $headers[0]['name'] );
  677. $url = parse_url($headers[0]['value']);
  678. $this->assertSame( 'www.test.com', $url['host'] );
  679. $this->assertSame( '/test.php', $url['path'] );
  680. $ret = array();
  681. foreach (explode('&', $url['query']) as $line) {
  682. list($key,$val) = explode('=', $line, 2);
  683. $ret[$key] = urldecode($val);
  684. }
  685. $this->assertSame( 'id_res', $ret['openid.mode'] );
  686. $this->assertSame( 'http://www.test.com/test.php', $ret['openid.return_to'] );
  687. $this->assertTrue( isset($ret['openid.assoc_handle']) );
  688. $this->assertTrue( isset($ret['openid.response_nonce']) );
  689. $this->assertTrue( isset($ret['openid.signed']) );
  690. $this->assertTrue( isset($ret['openid.sig']) );
  691. $this->assertTrue( $storage->getAssociation($ret['openid.assoc_handle'], $macFunc, $secret, $expires) );
  692. $this->assertSame( 'sha1', $macFunc );
  693. // OpenID 2.0 with SHA256
  694. $_SERVER['SCRIPT_URI'] = "http://www.test.com/endpoint.php";
  695. $response = new Zend_OpenId_ResponseHelper(true);
  696. $storage->addAssociation(self::HANDLE, "sha256", pack("H*", '0102030405060708091011121314151617181920212223242526272829303132'), time() + 3660);
  697. $this->assertTrue( $provider->respondToConsumer(array(
  698. 'openid_ns' => Zend_OpenId::NS_2_0,
  699. 'openid_assoc_handle' => self::HANDLE,
  700. 'openid_return_to' => 'http://www.test.com/test.php'
  701. ), null, $response) );
  702. $headers = $response->getHeaders();
  703. $this->assertSame( 'Location', $headers[0]['name'] );
  704. $url = parse_url($headers[0]['value']);
  705. $this->assertSame( 'www.test.com', $url['host'] );
  706. $this->assertSame( '/test.php', $url['path'] );
  707. $ret = array();
  708. foreach (explode('&', $url['query']) as $line) {
  709. list($key,$val) = explode('=', $line, 2);
  710. $ret[$key] = urldecode($val);
  711. }
  712. $this->assertSame( 'id_res', $ret['openid.mode'] );
  713. $this->assertSame( 'http://www.test.com/test.php', $ret['openid.return_to'] );
  714. $this->assertSame( self::HANDLE, $ret['openid.assoc_handle'] );
  715. $this->assertTrue( isset($ret['openid.response_nonce']) );
  716. $this->assertTrue( isset($ret['openid.signed']) );
  717. $this->assertTrue( isset($ret['openid.sig']) );
  718. $this->assertSame( Zend_OpenId::NS_2_0, $ret['openid.ns'] );
  719. $this->assertSame( "http://www.test.com/endpoint.php", $ret['openid.op_endpoint'] );
  720. $this->assertTrue( $storage->getAssociation(self::HANDLE, $macFunc, $secret, $expires) );
  721. $this->assertSame( 'sha256', $macFunc );
  722. $storage->delAssociation(self::HANDLE);
  723. // OpenID 1.1 with SHA1
  724. $storage->addAssociation(self::HANDLE, "sha1", pack("H*", '0102030405060708091011121314151617181920'), time() + 3660);
  725. $response = new Zend_OpenId_ResponseHelper(true);
  726. $ret = $provider->respondToConsumer(array(
  727. 'openid_assoc_handle' => self::HANDLE,
  728. 'openid_return_to' => 'http://www.test.com/test.php',
  729. 'openid_claimed_id' => 'http://claimed_id/',
  730. 'openid_identity' => 'http://identity/',
  731. 'openid_unknown' => 'http://www.test.com/test.php',
  732. ), null, $response);
  733. $headers = $response->getHeaders();
  734. $this->assertSame( 'Location', $headers[0]['name'] );
  735. $url = parse_url($headers[0]['value']);
  736. $this->assertSame( 'www.test.com', $url['host'] );
  737. $this->assertSame( '/test.php', $url['path'] );
  738. $ret = array();
  739. foreach (explode('&', $url['query']) as $line) {
  740. list($key,$val) = explode('=', $line, 2);
  741. $ret[$key] = urldecode($val);
  742. }
  743. $this->assertSame( 'id_res', $ret['openid.mode'] );
  744. $this->assertSame( 'http://www.test.com/test.php', $ret['openid.return_to'] );
  745. $this->assertSame( self::HANDLE, $ret['openid.assoc_handle'] );
  746. $this->assertTrue( isset($ret['openid.response_nonce']) );
  747. $this->assertTrue( isset($ret['openid.signed']) );
  748. $this->assertTrue( isset($ret['openid.sig']) );
  749. $this->assertFalse( isset($ret['openid.ns']) );
  750. $this->assertFalse( isset($ret['openid.op_endpoint']) );
  751. $this->assertSame( 'http://claimed_id/', $ret['openid.claimed_id'] );
  752. $this->assertSame( 'http://identity/', $ret['openid.identity'] );
  753. $this->assertFalse( isset($ret['openid.unknown']) );
  754. $this->assertTrue( $storage->getAssociation(self::HANDLE, $macFunc, $secret, $expires) );
  755. $this->assertSame( 'sha1', $macFunc );
  756. $storage->delAssociation(self::HANDLE);
  757. // extensions
  758. $sreg = new Zend_OpenId_Extension_Sreg(array("nickname"=>"test_id"));
  759. $response = new Zend_OpenId_ResponseHelper(true);
  760. $this->assertTrue( $provider->respondToConsumer(array(
  761. 'openid_return_to' => 'http://www.test.com/test.php',
  762. ), $sreg, $response) );
  763. $headers = $response->getHeaders();
  764. $this->assertSame( 'Location', $headers[0]['name'] );
  765. $url = parse_url($headers[0]['value']);
  766. $this->assertSame( 'www.test.com', $url['host'] );
  767. $this->assertSame( '/test.php', $url['path'] );
  768. $ret = array();
  769. foreach (explode('&', $url['query']) as $line) {
  770. list($key,$val) = explode('=', $line, 2);
  771. $ret[$key] = urldecode($val);
  772. }
  773. $this->assertSame( 'test_id', $ret['openid.sreg.nickname'] );
  774. }
  775. /**
  776. * testing _checkId
  777. *
  778. */
  779. public function testCheckIdImmediate()
  780. {
  781. $_SERVER['SCRIPT_URI'] = "http://www.test.com/server.php";
  782. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  783. $provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, $storage);
  784. $provider->logout();
  785. // Wrong arguments (no openid.return_to and openid.trust_root)
  786. $response = new Zend_OpenId_ResponseHelper(true);
  787. $this->assertFalse( $provider->handle(array(
  788. 'openid_mode'=>'checkid_immediate'),
  789. null, $response) );
  790. // Unexistent user
  791. $storage->delUser(self::USER);
  792. $response = new Zend_OpenId_ResponseHelper(true);
  793. $this->assertTrue($provider->handle(array(
  794. 'openid_mode'=>'checkid_immediate',
  795. 'openid_identity'=>self::USER,
  796. 'openid_return_to'=>'http://www.test.com/test.php'),
  797. null, $response));
  798. $headers = $response->getHeaders();
  799. $this->assertSame( 'Location', $headers[0]['name'] );
  800. $this->assertSame( 'http://www.test.com/test.php?openid.mode=cancel', $headers[0]['value'] );
  801. // No openid_identity
  802. $response = new Zend_OpenId_ResponseHelper(true);
  803. $this->assertTrue($provider->handle(array(
  804. 'openid_mode'=>'checkid_immediate',
  805. 'openid_return_to'=>'http://www.test.com/test.php'),
  806. null, $response));
  807. $headers = $response->getHeaders();
  808. $this->assertSame( 'Location', $headers[0]['name'] );
  809. $url = parse_url($headers[0]['value']);
  810. $this->assertSame( 'www.test.com', $url['host'] );
  811. $this->assertSame( '/test.php', $url['path'] );
  812. $query = array();
  813. foreach (explode('&', $url['query']) as $line) {
  814. list($key,$val) = explode('=', $line, 2);
  815. $query[$key] = urldecode($val);
  816. }
  817. $this->assertSame( 'id_res', $query['openid.mode'] );
  818. $url2 = parse_url($query['openid.user_setup_url']);
  819. $this->assertSame( 'www.test.com', $url2['host'] );
  820. $this->assertSame( '/server.php', $url2['path'] );
  821. $query2 = array();
  822. foreach (explode('&', $url2['query']) as $line) {
  823. list($key,$val) = explode('=', $line, 2);
  824. $query2[$key] = urldecode($val);
  825. }
  826. $this->assertSame( 'login', $query2['openid.action'] );
  827. $this->assertSame( 'checkid_setup', $query2['openid.mode'] );
  828. $this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
  829. // Non logged in user
  830. $provider->register(self::USER, self::PASSWORD);
  831. $response = new Zend_OpenId_ResponseHelper(true);
  832. $this->assertTrue($provider->handle(array(
  833. 'openid_mode'=>'checkid_immediate',
  834. 'openid_identity'=>self::USER,
  835. 'openid_return_to'=>'http://www.test.com/test.php'),
  836. null, $response));
  837. $headers = $response->getHeaders();
  838. $this->assertSame( 'Location', $headers[0]['name'] );
  839. $url = parse_url($headers[0]['value']);
  840. $this->assertSame( 'www.test.com', $url['host'] );
  841. $this->assertSame( '/test.php', $url['path'] );
  842. $query = array();
  843. foreach (explode('&', $url['query']) as $line) {
  844. list($key,$val) = explode('=', $line, 2);
  845. $query[$key] = urldecode($val);
  846. }
  847. $this->assertSame( 'id_res', $query['openid.mode'] );
  848. $url2 = parse_url($query['openid.user_setup_url']);
  849. $this->assertSame( 'www.test.com', $url2['host'] );
  850. $this->assertSame( '/server.php', $url2['path'] );
  851. $query2 = array();
  852. foreach (explode('&', $url2['query']) as $line) {
  853. list($key,$val) = explode('=', $line, 2);
  854. $query2[$key] = urldecode($val);
  855. }
  856. $this->assertSame( 'login', $query2['openid.action'] );
  857. $this->assertSame( 'checkid_setup', $query2['openid.mode'] );
  858. $this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
  859. $this->assertSame( self::USER, $query2['openid.identity'] );
  860. // Non logged in user with SREG
  861. $provider->register(self::USER, self::PASSWORD);
  862. $response = new Zend_OpenId_ResponseHelper(true);
  863. $this->assertTrue($provider->handle(array(
  864. 'openid_mode'=>'checkid_immediate',
  865. 'openid_identity'=>self::USER,
  866. 'openid_return_to'=>'http://www.test.com/test.php',
  867. 'openid_ns_sreg'=>Zend_OpenId_Extension_Sreg::NAMESPACE_1_1,
  868. 'openid_sreg_required'=>'nickname'),
  869. null, $response));
  870. $headers = $response->getHeaders();
  871. $this->assertSame( 'Location', $headers[0]['name'] );
  872. $url = parse_url($headers[0]['value']);
  873. $this->assertSame( 'www.test.com', $url['host'] );
  874. $this->assertSame( '/test.php', $url['path'] );
  875. $query = array();
  876. foreach (explode('&', $url['query']) as $line) {
  877. list($key,$val) = explode('=', $line, 2);
  878. $query[$key] = urldecode($val);
  879. }
  880. $this->assertSame( 'id_res', $query['openid.mode'] );
  881. $url2 = parse_url($query['openid.user_setup_url']);
  882. $this->assertSame( 'www.test.com', $url2['host'] );
  883. $this->assertSame( '/server.php', $url2['path'] );
  884. $query2 = array();
  885. foreach (explode('&', $url2['query']) as $line) {
  886. list($key,$val) = explode('=', $line, 2);
  887. $query2[$key] = urldecode($val);
  888. }
  889. $this->assertSame( 'login', $query2['openid.action'] );
  890. $this->assertSame( 'checkid_setup', $query2['openid.mode'] );
  891. $this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
  892. $this->assertSame( self::USER, $query2['openid.identity'] );
  893. $this->assertSame( Zend_OpenId_Extension_Sreg::NAMESPACE_1_1, $query2['openid.ns.sreg'] );
  894. $this->assertSame( "nickname", $query2['openid.sreg.required'] );
  895. // Logged in user (unknown site)
  896. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  897. $response = new Zend_OpenId_ResponseHelper(true);
  898. $this->assertTrue($provider->handle(array(
  899. 'openid_mode'=>'checkid_immediate',
  900. 'openid_identity'=>self::USER,
  901. 'openid_return_to'=>'http://www.test.com/test.php'),
  902. null, $response));
  903. $headers = $response->getHeaders();
  904. $this->assertSame( 'Location', $headers[0]['name'] );
  905. $url = parse_url($headers[0]['value']);
  906. $this->assertSame( 'www.test.com', $url['host'] );
  907. $this->assertSame( '/test.php', $url['path'] );
  908. $query = array();
  909. foreach (explode('&', $url['query']) as $line) {
  910. list($key,$val) = explode('=', $line, 2);
  911. $query[$key] = urldecode($val);
  912. }
  913. $this->assertSame( 'id_res', $query['openid.mode'] );
  914. $url2 = parse_url($query['openid.user_setup_url']);
  915. $this->assertSame( 'www.test.com', $url2['host'] );
  916. $this->assertSame( '/server.php', $url2['path'] );
  917. $query2 = array();
  918. foreach (explode('&', $url2['query']) as $line) {
  919. list($key,$val) = explode('=', $line, 2);
  920. $query2[$key] = urldecode($val);
  921. }
  922. $this->assertSame( 'trust', $query2['openid.action'] );
  923. $this->assertSame( 'checkid_setup', $query2['openid.mode'] );
  924. $this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
  925. $this->assertSame( self::USER, $query2['openid.identity'] );
  926. // Logged in user (unknown site 2)
  927. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  928. $this->assertTrue( $provider->allowSite('http://www.test.com/test1.php') );
  929. $response = new Zend_OpenId_ResponseHelper(true);
  930. $this->assertTrue($provider->handle(array(
  931. 'openid_mode'=>'checkid_immediate',
  932. 'openid_identity'=>self::USER,
  933. 'openid_return_to'=>'http://www.test.com/test.php'),
  934. null, $response));
  935. $headers = $response->getHeaders();
  936. $this->assertSame( 'Location', $headers[0]['name'] );
  937. $url = parse_url($headers[0]['value']);
  938. $this->assertSame( 'www.test.com', $url['host'] );
  939. $this->assertSame( '/test.php', $url['path'] );
  940. $query = array();
  941. foreach (explode('&', $url['query']) as $line) {
  942. list($key,$val) = explode('=', $line, 2);
  943. $query[$key] = urldecode($val);
  944. }
  945. $this->assertSame( 'id_res', $query['openid.mode'] );
  946. $url2 = parse_url($query['openid.user_setup_url']);
  947. $this->assertSame( 'www.test.com', $url2['host'] );
  948. $this->assertSame( '/server.php', $url2['path'] );
  949. $query2 = array();
  950. foreach (explode('&', $url2['query']) as $line) {
  951. list($key,$val) = explode('=', $line, 2);
  952. $query2[$key] = urldecode($val);
  953. }
  954. $this->assertSame( 'trust', $query2['openid.action'] );
  955. $this->assertSame( 'checkid_setup', $query2['openid.mode'] );
  956. $this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
  957. $this->assertSame( self::USER, $query2['openid.identity'] );
  958. // Logged in user (unknown site + SREG)
  959. $response = new Zend_OpenId_ResponseHelper(true);
  960. $this->assertTrue( $provider->delSite('http://www.test.com/test1.php') );
  961. $this->assertTrue($provider->handle(array(
  962. 'openid_mode'=>'checkid_immediate',
  963. 'openid_identity'=>self::USER,
  964. 'openid_return_to'=>'http://www.test.com/test.php',
  965. 'openid_ns_sreg'=>Zend_OpenId_Extension_Sreg::NAMESPACE_1_1,
  966. 'openid_sreg_required'=>'nickname'),
  967. null, $response));
  968. $headers = $response->getHeaders();
  969. $this->assertSame( 'Location', $headers[0]['name'] );
  970. $url = parse_url($headers[0]['value']);
  971. $this->assertSame( 'www.test.com', $url['host'] );
  972. $this->assertSame( '/test.php', $url['path'] );
  973. $query = array();
  974. foreach (explode('&', $url['query']) as $line) {
  975. list($key,$val) = explode('=', $line, 2);
  976. $query[$key] = urldecode($val);
  977. }
  978. $this->assertSame( 'id_res', $query['openid.mode'] );
  979. $url2 = parse_url($query['openid.user_setup_url']);
  980. $this->assertSame( 'www.test.com', $url2['host'] );
  981. $this->assertSame( '/server.php', $url2['path'] );
  982. $query2 = array();
  983. foreach (explode('&', $url2['query']) as $line) {
  984. list($key,$val) = explode('=', $line, 2);
  985. $query2[$key] = urldecode($val);
  986. }
  987. $this->assertSame( 'trust', $query2['openid.action'] );
  988. $this->assertSame( 'checkid_setup', $query2['openid.mode'] );
  989. $this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
  990. $this->assertSame( self::USER, $query2['openid.identity'] );
  991. $this->assertSame( Zend_OpenId_Extension_Sreg::NAMESPACE_1_1, $query2['openid.ns.sreg'] );
  992. $this->assertSame( "nickname", $query2['openid.sreg.required'] );
  993. // Logged in user (untrusted site)
  994. $this->assertTrue( $provider->denySite('http://www.test.com') );
  995. $response = new Zend_OpenId_ResponseHelper(true);
  996. $this->assertTrue($provider->handle(array(
  997. 'openid_mode'=>'checkid_immediate',
  998. 'openid_identity'=>self::USER,
  999. 'openid_return_to'=>'http://www.test.com/test.php'),
  1000. null, $response));
  1001. $headers = $response->getHeaders();
  1002. $this->assertSame( 'Location', $headers[0]['name'] );
  1003. $this->assertSame( 'http://www.test.com/test.php?openid.mode=cancel', $headers[0]['value'] );
  1004. // Logged in user (untrusted site with wildcard)
  1005. $this->assertTrue( $provider->delSite('http://www.test.com') );
  1006. $this->assertTrue( $provider->denySite('http://*.test.com') );
  1007. $response = new Zend_OpenId_ResponseHelper(true);
  1008. $this->assertTrue($provider->handle(array(
  1009. 'openid_mode'=>'checkid_immediate',
  1010. 'openid_identity'=>self::USER,
  1011. 'openid_return_to'=>'http://www.test.com/test.php'),
  1012. null, $response));
  1013. $headers = $response->getHeaders();
  1014. $this->assertSame( 'Location', $headers[0]['name'] );
  1015. $this->assertSame( 'http://www.test.com/test.php?openid.mode=cancel', $headers[0]['value'] );
  1016. // Logged in user (trusted site)
  1017. $this->assertTrue( $provider->delSite('http://*.test.com') );
  1018. $this->assertTrue( $provider->allowSite('http://www.test.com/') );
  1019. $response = new Zend_OpenId_ResponseHelper(true);
  1020. $this->assertTrue($provider->handle(array(
  1021. 'openid_mode'=>'checkid_immediate',
  1022. 'openid_identity'=>self::USER,
  1023. 'openid_return_to'=>'http://www.test.com/test.php'),
  1024. null, $response));
  1025. $headers = $response->getHeaders();
  1026. $this->assertSame( 'Location', $headers[0]['name'] );
  1027. $url = parse_url($headers[0]['value']);
  1028. $this->assertSame( 'www.test.com', $url['host'] );
  1029. $this->assertSame( '/test.php', $url['path'] );
  1030. $query = array();
  1031. foreach (explode('&', $url['query']) as $line) {
  1032. list($key,$val) = explode('=', $line, 2);
  1033. $query[$key] = urldecode($val);
  1034. }
  1035. $this->assertSame( 'id_res', $query['openid.mode'] );
  1036. $this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
  1037. $this->assertSame( self::USER, $query['openid.identity'] );
  1038. $this->assertTrue( isset($query['openid.assoc_handle']) );
  1039. $this->assertTrue( isset($query['openid.response_nonce']) );
  1040. $this->assertTrue( isset($query['openid.signed']) );
  1041. $this->assertTrue( isset($query['openid.sig']) );
  1042. $this->assertSame( 20, strlen(base64_decode($query['openid.sig'])) );
  1043. // Logged in user (trusted site without openid.return_to)
  1044. $this->assertTrue( $provider->allowSite('http://www.test.com/') );
  1045. $response = new Zend_OpenId_ResponseHelper(true);
  1046. $this->assertTrue($provider->handle(array(
  1047. 'openid_mode'=>'checkid_immediate',
  1048. 'openid_identity'=>self::USER,
  1049. 'openid_trust_root'=>'http://www.test.com/test.php'),
  1050. null, $response));
  1051. $this->assertSame( array(), $response->getHeaders() );
  1052. $this->assertSame( '', $response->getBody() );
  1053. // Logged in user (trusted site) & OpenID 2.0 & established session
  1054. $storage->delAssociation(self::HANDLE);
  1055. $storage->addAssociation(self::HANDLE, "sha1", pack("H*", '0102030405060708091011121314151617181920'), time() + 3660);
  1056. $this->assertTrue( $provider->allowSite('http://www.test.com/') );
  1057. $response = new Zend_OpenId_ResponseHelper(true);
  1058. $this->assertTrue($provider->handle(array(
  1059. 'openid_ns'=>Zend_OpenId::NS_2_0,
  1060. 'openid_assoc_handle'=>self::HANDLE,
  1061. 'openid_mode'=>'checkid_immediate',
  1062. 'openid_identity'=>self::USER,
  1063. 'openid_return_to'=>'http://www.test.com/test.php'),
  1064. null, $response));
  1065. $headers = $response->getHeaders();
  1066. $this->assertSame( 'Location', $headers[0]['name'] );
  1067. $url = parse_url($headers[0]['value']);
  1068. $this->assertSame( 'www.test.com', $url['host'] );
  1069. $this->assertSame( '/test.php', $url['path'] );
  1070. $query = array();
  1071. foreach (explode('&', $url['query']) as $line) {
  1072. list($key,$val) = explode('=', $line, 2);
  1073. $query[$key] = urldecode($val);
  1074. }
  1075. $this->assertSame( Zend_OpenId::NS_2_0, $query['openid.ns'] );
  1076. $this->assertSame( "http://www.test.com/server.php", $query['openid.op_endpoint'] );
  1077. $this->assertSame( 'id_res', $query['openid.mode'] );
  1078. $this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
  1079. $this->assertSame( self::USER, $query['openid.identity'] );
  1080. $this->assertSame( self::HANDLE, $query['openid.assoc_handle'] );
  1081. $this->assertTrue( isset($query['openid.response_nonce']) );
  1082. $this->assertTrue( isset($query['openid.signed']) );
  1083. $this->assertTrue( isset($query['openid.sig']) );
  1084. $this->assertSame( 20, strlen(base64_decode($query['openid.sig'])) );
  1085. // Logged in user (trusted site) & invalid association handle
  1086. $storage->delAssociation(self::HANDLE);
  1087. $this->assertTrue( $provider->allowSite('http://www.test.com/') );
  1088. $response = new Zend_OpenId_ResponseHelper(true);
  1089. $this->assertTrue($provider->handle(array(
  1090. 'openid_ns'=>Zend_OpenId::NS_2_0,
  1091. 'openid_assoc_handle'=>self::HANDLE,
  1092. 'openid_mode'=>'checkid_immediate',
  1093. 'openid_identity'=>self::USER,
  1094. 'openid_return_to'=>'http://www.test.com/test.php'),
  1095. null, $response));
  1096. $headers = $response->getHeaders();
  1097. $this->assertSame( 'Location', $headers[0]['name'] );
  1098. $url = parse_url($headers[0]['value']);
  1099. $this->assertSame( 'www.test.com', $url['host'] );
  1100. $this->assertSame( '/test.php', $url['path'] );
  1101. $query = array();
  1102. foreach (explode('&', $url['query']) as $line) {
  1103. list($key,$val) = explode('=', $line, 2);
  1104. $query[$key] = urldecode($val);
  1105. }
  1106. $this->assertSame( Zend_OpenId::NS_2_0, $query['openid.ns'] );
  1107. $this->assertSame( "http://www.test.com/server.php", $query['openid.op_endpoint'] );
  1108. $this->assertSame( 'id_res', $query['openid.mode'] );
  1109. $this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
  1110. $this->assertSame( self::USER, $query['openid.identity'] );
  1111. $this->assertSame( self::HANDLE, $query['openid.invalidate_handle'] );
  1112. $this->assertTrue( isset($query['openid.assoc_handle']) );
  1113. $this->assertTrue( isset($query['openid.response_nonce']) );
  1114. $this->assertTrue( isset($query['openid.signed']) );
  1115. $this->assertTrue( isset($query['openid.sig']) );
  1116. $this->assertSame( 32, strlen(base64_decode($query['openid.sig'])) );
  1117. // SREG success
  1118. $sreg = new Zend_OpenId_Extension_Sreg(array('nickname'=>'test','email'=>'test@test.com'));
  1119. $this->assertTrue( $provider->allowSite('http://www.test.com/', $sreg) );
  1120. $sreg = new Zend_OpenId_Extension_Sreg();
  1121. $response = new Zend_OpenId_ResponseHelper(true);
  1122. $this->assertTrue($provider->handle(array(
  1123. 'openid_ns'=>Zend_OpenId::NS_2_0,
  1124. 'openid_mode'=>'checkid_immediate',
  1125. 'openid_identity'=>self::USER,
  1126. 'openid_return_to'=>'http://www.test.com/test.php',
  1127. 'openid_ns_sreg'=>Zend_OpenId_Extension_Sreg::NAMESPACE_1_1,
  1128. 'openid_sreg_required'=>'nickname',
  1129. 'openid_sreg_optional'=>'email',
  1130. ),
  1131. $sreg, $response));
  1132. $headers = $response->getHeaders();
  1133. $this->assertSame( 'Location', $headers[0]['name'] );
  1134. $url = parse_url($headers[0]['value']);
  1135. $this->assertSame( 'www.test.com', $url['host'] );
  1136. $this->assertSame( '/test.php', $url['path'] );
  1137. $query = array();
  1138. foreach (explode('&', $url['query']) as $line) {
  1139. list($key,$val) = explode('=', $line, 2);
  1140. $query[$key] = urldecode($val);
  1141. }
  1142. $this->assertSame( Zend_OpenId::NS_2_0, $query['openid.ns'] );
  1143. $this->assertSame( "http://www.test.com/server.php", $query['openid.op_endpoint'] );
  1144. $this->assertSame( 'id_res', $query['openid.mode'] );
  1145. $this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
  1146. $this->assertSame( self::USER, $query['openid.identity'] );
  1147. $this->assertTrue( isset($query['openid.assoc_handle']) );
  1148. $this->assertTrue( isset($query['openid.response_nonce']) );
  1149. $this->assertTrue( isset($query['openid.signed']) );
  1150. $this->assertTrue( isset($query['openid.sig']) );
  1151. $this->assertSame( 32, strlen(base64_decode($query['openid.sig'])) );
  1152. $this->assertSame( Zend_OpenId_Extension_Sreg::NAMESPACE_1_1, $query['openid.ns.sreg'] );
  1153. $this->assertSame( 'test', $query['openid.sreg.nickname'] );
  1154. $this->assertSame( 'test@test.com', $query['openid.sreg.email'] );
  1155. // SREG failed
  1156. $sreg = new Zend_OpenId_Extension_Sreg(array('nickname'=>'test'));
  1157. $this->assertTrue( $provider->allowSite('http://www.test.com/', $sreg) );
  1158. $sreg = new Zend_OpenId_Extension_Sreg();
  1159. $response = new Zend_OpenId_ResponseHelper(true);
  1160. $this->assertTrue($provider->handle(array(
  1161. 'openid_mode'=>'checkid_immediate',
  1162. 'openid_identity'=>self::USER,
  1163. 'openid_return_to'=>'http://www.test.com/test.php',
  1164. 'openid_sreg_required'=>'nickname,email',
  1165. ),
  1166. $sreg, $response));
  1167. $headers = $response->getHeaders();
  1168. $this->assertSame( 'Location', $headers[0]['name'] );
  1169. $url = parse_url($headers[0]['value']);
  1170. $this->assertSame( 'www.test.com', $url['host'] );
  1171. $this->assertSame( '/test.php', $url['path'] );
  1172. $query = array();
  1173. foreach (explode('&', $url['query']) as $line) {
  1174. list($key,$val) = explode('=', $line, 2);
  1175. $query[$key] = urldecode($val);
  1176. }
  1177. $this->assertSame( 'id_res', $query['openid.mode'] );
  1178. $url2 = parse_url($query['openid.user_setup_url']);
  1179. $this->assertSame( 'www.test.com', $url2['host'] );
  1180. $this->assertSame( '/server.php', $url2['path'] );
  1181. $query2 = array();
  1182. foreach (explode('&', $url2['query']) as $line) {
  1183. list($key,$val) = explode('=', $line, 2);
  1184. $query2[$key] = urldecode($val);
  1185. }
  1186. $this->assertSame( 'trust', $query2['openid.action'] );
  1187. $this->assertSame( 'checkid_setup', $query2['openid.mode'] );
  1188. $this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
  1189. $this->assertSame( self::USER, $query2['openid.identity'] );
  1190. $this->assertSame( "nickname,email", $query2['openid.sreg.required'] );
  1191. $provider->logout();
  1192. $storage->delUser(self::USER);
  1193. }
  1194. /**
  1195. * testing handle
  1196. *
  1197. */
  1198. public function testCheckIdSetup()
  1199. {
  1200. $_SERVER['SCRIPT_URI'] = "http://www.test.com/server.php";
  1201. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  1202. $provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, $storage);
  1203. $provider->logout();
  1204. // Wrong arguments (no openid.return_to and openid.trust_root)
  1205. $response = new Zend_OpenId_ResponseHelper(true);
  1206. $this->assertFalse( $provider->handle(array(
  1207. 'openid_mode'=>'checkid_setup'),
  1208. null, $response) );
  1209. // Unexistent user
  1210. $storage->delUser(self::USER);
  1211. $response = new Zend_OpenId_ResponseHelper(true);
  1212. $this->assertTrue($provider->handle(array(
  1213. 'openid_mode'=>'checkid_setup',
  1214. 'openid_identity'=>self::USER,
  1215. 'openid_return_to'=>'http://www.test.com/test.php'),
  1216. null, $response));
  1217. $headers = $response->getHeaders();
  1218. $this->assertSame( 'Location', $headers[0]['name'] );
  1219. $this->assertSame( 'http://www.test.com/test.php?openid.mode=cancel', $headers[0]['value'] );
  1220. // No openid_identity
  1221. $response = new Zend_OpenId_ResponseHelper(true);
  1222. $this->assertTrue($provider->handle(array(
  1223. 'openid_mode'=>'checkid_setup',
  1224. 'openid_return_to'=>'http://www.test.com/test.php'),
  1225. null, $response));
  1226. $headers = $response->getHeaders();
  1227. $this->assertSame( 'Location', $headers[0]['name'] );
  1228. $url = parse_url($headers[0]['value']);
  1229. $this->assertSame( 'www.test.com', $url['host'] );
  1230. $this->assertSame( '/server.php', $url['path'] );
  1231. $query = array();
  1232. foreach (explode('&', $url['query']) as $line) {
  1233. list($key,$val) = explode('=', $line, 2);
  1234. $query[$key] = urldecode($val);
  1235. }
  1236. $this->assertSame( 'login', $query['openid.action'] );
  1237. $this->assertSame( 'checkid_setup', $query['openid.mode'] );
  1238. $this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
  1239. // Non logged in user
  1240. $provider->register(self::USER, self::PASSWORD);
  1241. $response = new Zend_OpenId_ResponseHelper(true);
  1242. $this->assertTrue($provider->handle(array(
  1243. 'openid_mode'=>'checkid_setup',
  1244. 'openid_identity'=>self::USER,
  1245. 'openid_return_to'=>'http://www.test.com/test.php'),
  1246. null, $response));
  1247. $headers = $response->getHeaders();
  1248. $this->assertSame( 'Location', $headers[0]['name'] );
  1249. $url = parse_url($headers[0]['value']);
  1250. $this->assertSame( 'www.test.com', $url['host'] );
  1251. $this->assertSame( '/server.php', $url['path'] );
  1252. $query = array();
  1253. foreach (explode('&', $url['query']) as $line) {
  1254. list($key,$val) = explode('=', $line, 2);
  1255. $query[$key] = urldecode($val);
  1256. }
  1257. $this->assertSame( 'login', $query['openid.action'] );
  1258. $this->assertSame( 'checkid_setup', $query['openid.mode'] );
  1259. $this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
  1260. $this->assertSame( self::USER, $query['openid.identity'] );
  1261. // Logged in user (unknown site)
  1262. $this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
  1263. $response = new Zend_OpenId_ResponseHelper(true);
  1264. $this->assertTrue($provider->handle(array(
  1265. 'openid_mode'=>'checkid_setup',
  1266. 'openid_identity'=>self::USER,
  1267. 'openid_return_to'=>'http://www.test.com/test.php'),
  1268. null, $response));
  1269. $headers = $response->getHeaders();
  1270. $this->assertSame( 'Location', $headers[0]['name'] );
  1271. $url = parse_url($headers[0]['value']);
  1272. $this->assertSame( 'www.test.com', $url['host'] );
  1273. $this->assertSame( '/server.php', $url['path'] );
  1274. $query = array();
  1275. foreach (explode('&', $url['query']) as $line) {
  1276. list($key,$val) = explode('=', $line, 2);
  1277. $query[$key] = urldecode($val);
  1278. }
  1279. $this->assertSame( 'trust', $query['openid.action'] );
  1280. $this->assertSame( 'checkid_setup', $query['openid.mode'] );
  1281. $this->assertSame( self::USER, $query['openid.identity'] );
  1282. $this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
  1283. // Logged in user (untrusted site)
  1284. $this->assertTrue( $provider->denySite('http://www.test.com/') );
  1285. $response = new Zend_OpenId_ResponseHelper(true);
  1286. $this->assertTrue($provider->handle(array(
  1287. 'openid_mode'=>'checkid_setup',
  1288. 'openid_identity'=>self::USER,
  1289. 'openid_return_to'=>'http://www.test.com/test.php'),
  1290. null, $response));
  1291. $headers = $response->getHeaders();
  1292. $this->assertSame( 'Location', $headers[0]['name'] );
  1293. $this->assertSame( 'http://www.test.com/test.php?openid.mode=cancel', $headers[0]['value'] );
  1294. // Logged in user (trusted site)
  1295. $this->assertTrue( $provider->allowSite('http://www.test.com/') );
  1296. $response = new Zend_OpenId_ResponseHelper(true);
  1297. $this->assertTrue($provider->handle(array(
  1298. 'openid_mode'=>'checkid_setup',
  1299. 'openid_identity'=>self::USER,
  1300. 'openid_return_to'=>'http://www.test.com/test.php'),
  1301. null, $response));
  1302. $headers = $response->getHeaders();
  1303. $this->assertSame( 'Location', $headers[0]['name'] );
  1304. $url = parse_url($headers[0]['value']);
  1305. $this->assertSame( 'www.test.com', $url['host'] );
  1306. $this->assertSame( '/test.php', $url['path'] );
  1307. $query = array();
  1308. foreach (explode('&', $url['query']) as $line) {
  1309. list($key,$val) = explode('=', $line, 2);
  1310. $query[$key] = urldecode($val);
  1311. }
  1312. $this->assertSame( 'id_res', $query['openid.mode'] );
  1313. $this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
  1314. $this->assertSame( self::USER, $query['openid.identity'] );
  1315. $this->assertTrue( isset($query['openid.assoc_handle']) );
  1316. $this->assertTrue( isset($query['openid.response_nonce']) );
  1317. $this->assertTrue( isset($query['openid.signed']) );
  1318. $this->assertTrue( isset($query['openid.sig']) );
  1319. $this->assertSame( 20, strlen(base64_decode($query['openid.sig'])) );
  1320. // Logged in user (trusted site without openid.return_to)
  1321. $this->assertTrue( $provider->allowSite('http://www.test.com/') );
  1322. $response = new Zend_OpenId_ResponseHelper(true);
  1323. $this->assertTrue($provider->handle(array(
  1324. 'openid_mode'=>'checkid_setup',
  1325. 'openid_identity'=>self::USER,
  1326. 'openid_trust_root'=>'http://www.test.com/test.php'),
  1327. null, $response));
  1328. $this->assertSame( array(), $response->getHeaders() );
  1329. $this->assertSame( '', $response->getBody() );
  1330. // Logged in user (trusted site) & OpenID 2.0 & established session
  1331. $storage->delAssociation(self::HANDLE);
  1332. $storage->addAssociation(self::HANDLE, "sha1", pack("H*", '0102030405060708091011121314151617181920'), time() + 3660);
  1333. $this->assertTrue( $provider->allowSite('http://www.test.com/') );
  1334. $response = new Zend_OpenId_ResponseHelper(true);
  1335. $this->assertTrue($provider->handle(array(
  1336. 'openid_ns'=>Zend_OpenId::NS_2_0,
  1337. 'openid_assoc_handle'=>self::HANDLE,
  1338. 'openid_mode'=>'checkid_setup',
  1339. 'openid_identity'=>self::USER,
  1340. 'openid_return_to'=>'http://www.test.com/test.php'),
  1341. null, $response));
  1342. $headers = $response->getHeaders();
  1343. $this->assertSame( 'Location', $headers[0]['name'] );
  1344. $url = parse_url($headers[0]['value']);
  1345. $this->assertSame( 'www.test.com', $url['host'] );
  1346. $this->assertSame( '/test.php', $url['path'] );
  1347. $query = array();
  1348. foreach (explode('&', $url['query']) as $line) {
  1349. list($key,$val) = explode('=', $line, 2);
  1350. $query[$key] = urldecode($val);
  1351. }
  1352. $this->assertSame( Zend_OpenId::NS_2_0, $query['openid.ns'] );
  1353. $this->assertSame( "http://www.test.com/server.php", $query['openid.op_endpoint'] );
  1354. $this->assertSame( 'id_res', $query['openid.mode'] );
  1355. $this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
  1356. $this->assertSame( self::USER, $query['openid.identity'] );
  1357. $this->assertSame( self::HANDLE, $query['openid.assoc_handle'] );
  1358. $this->assertTrue( isset($query['openid.response_nonce']) );
  1359. $this->assertTrue( isset($query['openid.signed']) );
  1360. $this->assertTrue( isset($query['openid.sig']) );
  1361. $this->assertSame( 20, strlen(base64_decode($query['openid.sig'])) );
  1362. // Logged in user (trusted site) & invalid association handle
  1363. $storage->delAssociation(self::HANDLE);
  1364. $this->assertTrue( $provider->allowSite('http://www.test.com/') );
  1365. $response = new Zend_OpenId_ResponseHelper(true);
  1366. $this->assertTrue($provider->handle(array(
  1367. 'openid_ns'=>Zend_OpenId::NS_2_0,
  1368. 'openid_assoc_handle'=>self::HANDLE,
  1369. 'openid_mode'=>'checkid_setup',
  1370. 'openid_identity'=>self::USER,
  1371. 'openid_return_to'=>'http://www.test.com/test.php'),
  1372. null, $response));
  1373. $headers = $response->getHeaders();
  1374. $this->assertSame( 'Location', $headers[0]['name'] );
  1375. $url = parse_url($headers[0]['value']);
  1376. $this->assertSame( 'www.test.com', $url['host'] );
  1377. $this->assertSame( '/test.php', $url['path'] );
  1378. $query = array();
  1379. foreach (explode('&', $url['query']) as $line) {
  1380. list($key,$val) = explode('=', $line, 2);
  1381. $query[$key] = urldecode($val);
  1382. }
  1383. $this->assertSame( Zend_OpenId::NS_2_0, $query['openid.ns'] );
  1384. $this->assertSame( "http://www.test.com/server.php", $query['openid.op_endpoint'] );
  1385. $this->assertSame( 'id_res', $query['openid.mode'] );
  1386. $this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
  1387. $this->assertSame( self::USER, $query['openid.identity'] );
  1388. $this->assertSame( self::HANDLE, $query['openid.invalidate_handle'] );
  1389. $this->assertTrue( isset($query['openid.assoc_handle']) );
  1390. $this->assertTrue( isset($query['openid.response_nonce']) );
  1391. $this->assertTrue( isset($query['openid.signed']) );
  1392. $this->assertTrue( isset($query['openid.sig']) );
  1393. $this->assertSame( 32, strlen(base64_decode($query['openid.sig'])) );
  1394. // SREG success
  1395. $sreg = new Zend_OpenId_Extension_Sreg(array('nickname'=>'test','email'=>'test@test.com'));
  1396. $this->assertTrue( $provider->allowSite('http://www.test.com/', $sreg) );
  1397. $sreg = new Zend_OpenId_Extension_Sreg();
  1398. $response = new Zend_OpenId_ResponseHelper(true);
  1399. $this->assertTrue($provider->handle(array(
  1400. 'openid_ns'=>Zend_OpenId::NS_2_0,
  1401. 'openid_mode'=>'checkid_setup',
  1402. 'openid_identity'=>self::USER,
  1403. 'openid_return_to'=>'http://www.test.com/test.php',
  1404. 'openid_ns_sreg'=>Zend_OpenId_Extension_Sreg::NAMESPACE_1_1,
  1405. 'openid_sreg_required'=>'nickname',
  1406. 'openid_sreg_optional'=>'email',
  1407. ),
  1408. $sreg, $response));
  1409. $headers = $response->getHeaders();
  1410. $this->assertSame( 'Location', $headers[0]['name'] );
  1411. $url = parse_url($headers[0]['value']);
  1412. $this->assertSame( 'www.test.com', $url['host'] );
  1413. $this->assertSame( '/test.php', $url['path'] );
  1414. $query = array();
  1415. foreach (explode('&', $url['query']) as $line) {
  1416. list($key,$val) = explode('=', $line, 2);
  1417. $query[$key] = urldecode($val);
  1418. }
  1419. $this->assertSame( Zend_OpenId::NS_2_0, $query['openid.ns'] );
  1420. $this->assertSame( "http://www.test.com/server.php", $query['openid.op_endpoint'] );
  1421. $this->assertSame( 'id_res', $query['openid.mode'] );
  1422. $this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
  1423. $this->assertSame( self::USER, $query['openid.identity'] );
  1424. $this->assertTrue( isset($query['openid.assoc_handle']) );
  1425. $this->assertTrue( isset($query['openid.response_nonce']) );
  1426. $this->assertTrue( isset($query['openid.signed']) );
  1427. $this->assertTrue( isset($query['openid.sig']) );
  1428. $this->assertSame( 32, strlen(base64_decode($query['openid.sig'])) );
  1429. $this->assertSame( Zend_OpenId_Extension_Sreg::NAMESPACE_1_1, $query['openid.ns.sreg'] );
  1430. $this->assertSame( 'test', $query['openid.sreg.nickname'] );
  1431. $this->assertSame( 'test@test.com', $query['openid.sreg.email'] );
  1432. // SREG failed
  1433. $sreg = new Zend_OpenId_Extension_Sreg(array('nickname'=>'test'));
  1434. $this->assertTrue( $provider->allowSite('http://www.test.com/', $sreg) );
  1435. $sreg = new Zend_OpenId_Extension_Sreg();
  1436. $response = new Zend_OpenId_ResponseHelper(true);
  1437. $this->assertTrue($provider->handle(array(
  1438. 'openid_mode'=>'checkid_setup',
  1439. 'openid_identity'=>self::USER,
  1440. 'openid_return_to'=>'http://www.test.com/test.php',
  1441. 'openid_sreg_required'=>'nickname,email',
  1442. ),
  1443. $sreg, $response));
  1444. $headers = $response->getHeaders();
  1445. $this->assertSame( 'Location', $headers[0]['name'] );
  1446. $url = parse_url($headers[0]['value']);
  1447. $this->assertSame( 'www.test.com', $url['host'] );
  1448. $this->assertSame( '/server.php', $url['path'] );
  1449. $query = array();
  1450. foreach (explode('&', $url['query']) as $line) {
  1451. list($key,$val) = explode('=', $line, 2);
  1452. $query[$key] = urldecode($val);
  1453. }
  1454. $this->assertSame( 'trust', $query['openid.action'] );
  1455. $this->assertSame( 'checkid_setup', $query['openid.mode'] );
  1456. $this->assertSame( self::USER, $query['openid.identity'] );
  1457. $this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
  1458. $this->assertSame( 'nickname,email', $query['openid.sreg.required'] );
  1459. $provider->logout();
  1460. $storage->delUser(self::USER);
  1461. }
  1462. /**
  1463. * testing handle
  1464. *
  1465. */
  1466. public function testHandle()
  1467. {
  1468. $provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider"));
  1469. // no openid_mode
  1470. $this->assertFalse( $provider->handle(array()) );
  1471. // wrong openid_mode
  1472. $this->assertFalse( $provider->handle(array('openid_mode'=>'wrong')) );
  1473. }
  1474. /**
  1475. * testing setOpEndpoint
  1476. *
  1477. */
  1478. public function testSetOpEndpoint()
  1479. {
  1480. $storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
  1481. $provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, $storage);
  1482. $provider->setOpEndpoint("http://www.test.com/real_endpoint.php");
  1483. // OpenID 2.0 with SHA256
  1484. $_SERVER['SCRIPT_URI'] = "http://www.test.com/endpoint.php";
  1485. $response = new Zend_OpenId_ResponseHelper(true);
  1486. $storage->addAssociation(self::HANDLE, "sha256", pack("H*", '0102030405060708091011121314151617181920212223242526272829303132'), time() + 3660);
  1487. $this->assertTrue( $provider->respondToConsumer(array(
  1488. 'openid_ns' => Zend_OpenId::NS_2_0,
  1489. 'openid_assoc_handle' => self::HANDLE,
  1490. 'openid_return_to' => 'http://www.test.com/test.php'
  1491. ), null, $response) );
  1492. $headers = $response->getHeaders();
  1493. $this->assertSame( 'Location', $headers[0]['name'] );
  1494. $url = parse_url($headers[0]['value']);
  1495. $this->assertSame( 'www.test.com', $url['host'] );
  1496. $this->assertSame( '/test.php', $url['path'] );
  1497. $ret = array();
  1498. foreach (explode('&', $url['query']) as $line) {
  1499. list($key,$val) = explode('=', $line, 2);
  1500. $ret[$key] = urldecode($val);
  1501. }
  1502. $this->assertSame( 'id_res', $ret['openid.mode'] );
  1503. $this->assertSame( 'http://www.test.com/test.php', $ret['openid.return_to'] );
  1504. $this->assertSame( self::HANDLE, $ret['openid.assoc_handle'] );
  1505. $this->assertTrue( isset($ret['openid.response_nonce']) );
  1506. $this->assertTrue( isset($ret['openid.signed']) );
  1507. $this->assertTrue( isset($ret['openid.sig']) );
  1508. $this->assertSame( Zend_OpenId::NS_2_0, $ret['openid.ns'] );
  1509. $this->assertSame( "http://www.test.com/real_endpoint.php", $ret['openid.op_endpoint'] );
  1510. $this->assertTrue( $storage->getAssociation(self::HANDLE, $macFunc, $secret, $expires) );
  1511. $this->assertSame( 'sha256', $macFunc );
  1512. $storage->delAssociation(self::HANDLE);
  1513. }
  1514. }
  1515. class Zend_OpenId_ProviderHelper extends Zend_OpenId_Provider
  1516. {
  1517. public function genSecret($func)
  1518. {
  1519. return $this->_genSecret($func);
  1520. }
  1521. }