cacert-testmgr/external/ZendFramework-1.9.5/tests/Zend/OpenId/ProviderTest.php
Markus Warg 8398c9048d initially import ZendFramework-1.9.5 into repository
code was modified slightly, so the code differs from the original downloadable 1.9.5 version
2010-03-31 10:12:32 +02:00

1647 lines
76 KiB
PHP

<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_OpenId
* @subpackage UnitTests
* @copyright Copyright (c) 2005-2009 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
* @version $Id: ProviderTest.php 17363 2009-08-03 07:40:18Z bkarwin $
*/
/**
* Zend_OpenId
*/
require_once 'Zend/OpenId/Provider.php';
/**
* PHPUnit test case
*/
require_once 'PHPUnit/Framework.php';
/**
* Zend_OpenId_ResponseHelper
*/
require_once 'Zend/OpenId/ResponseHelper.php';
/**
* @category Zend
* @package Zend_OpenId
* @subpackage UnitTests
* @copyright Copyright (c) 2005-2009 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
* @group Zend_OpenId
*/
class Zend_OpenId_ProviderTest extends PHPUnit_Framework_TestCase
{
const USER = "http://test_user.myopenid.com/";
const PASSWORD = "01234567890abcdef";
const HANDLE = "01234567890abcdef";
private $_user;
public function __construct($name = NULL, array $data = array(), $dataName = '')
{
parent::__construct($name, $data, $dataName);
$this->_user = new Zend_OpenId_Provider_User_Session();
}
/**
* testing register
*
*/
public function testRegister()
{
$storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
$storage->delUser(self::USER);
$provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
$this->assertFalse( $storage->checkUser(self::USER, self::PASSWORD) );
// wrong ID
$this->assertFalse( $provider->register("", self::PASSWORD) );
// registration of new user
$this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
// registration of existent user
$this->assertFalse( $provider->register(self::USER, self::PASSWORD) );
$this->assertTrue( $storage->checkUser(self::USER, md5(self::USER . self::PASSWORD)) );
$storage->delUser(self::USER);
}
/**
* testing hasUser
*
*/
public function testHasUser()
{
$storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
$storage->delUser(self::USER);
$provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
// wrong ID
$this->assertFalse( $provider->hasUser("") );
$this->assertFalse( $provider->hasUser("http://:80/test") );
// check for non existent
$this->assertFalse( $provider->hasUser(self::USER) );
// check for existent user
$this->assertTrue( $storage->addUser(self::USER, self::PASSWORD) );
$this->assertTrue( $provider->hasUser(self::USER) );
$storage->delUser(self::USER);
}
/**
* testing login
*
*/
public function testLogin()
{
$storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
$storage->delUser(self::USER);
$this->_user->delLoggedInUser();
$provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
// wrong ID
$this->assertFalse( $provider->login("", self::PASSWORD) );
$this->assertFalse( $this->_user->getLoggedInUser() );
$this->assertFalse( $provider->login("http://:80/test", self::PASSWORD) );
$this->assertFalse( $this->_user->getLoggedInUser() );
// login as non existent user
$this->assertFalse( $provider->login(self::USER, self::PASSWORD) );
$this->assertFalse( $this->_user->getLoggedInUser() );
// login as existent user with wrong password
$this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
$this->assertFalse( $provider->login(self::USER, self::PASSWORD . "x") );
$this->assertFalse( $this->_user->getLoggedInUser() );
// login as existent user with proper password
$this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
$this->assertSame( self::USER, $this->_user->getLoggedInUser() );
$storage->delUser(self::USER);
$this->_user->delLoggedInUser();
}
/**
* testing logout
*
*/
public function testLogout()
{
$storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
$storage->delUser(self::USER);
$this->_user->delLoggedInUser();
$provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
$this->assertFalse( $this->_user->getLoggedInUser() );
$this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
$this->assertFalse( $this->_user->getLoggedInUser() );
$this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
$this->assertSame( self::USER, $this->_user->getLoggedInUser() );
$this->assertTrue( $provider->logout() );
$this->assertFalse( $this->_user->getLoggedInUser() );
$storage->delUser(self::USER);
$this->_user->delLoggedInUser();
}
/**
* testing logout
*
*/
public function testLoggedInUser()
{
$storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
$storage->delUser(self::USER);
$this->_user->delLoggedInUser();
$provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
$this->assertFalse( $provider->getLoggedInUser() );
$this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
$this->assertFalse( $provider->getLoggedInUser() );
$this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
$this->assertSame( self::USER, $this->_user->getLoggedInUser() );
$this->assertTrue( $provider->logout() );
$this->assertFalse( $provider->getLoggedInUser() );
$storage->delUser(self::USER);
$this->_user->delLoggedInUser();
}
/**
* testing getSiteRoot
*
*/
public function testGetSiteRoot()
{
$storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
$provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
$params = array(
'openid_realm' => "http://wrong/",
'openid_trust_root' => "http://root/",
'openid_return_to' => "http://wrong/",
);
$this->assertSame( "http://root/", $provider->getSiteRoot($params) );
$params = array(
'openid_realm' => "http://wrong/",
'openid_return_to' => "http://root/",
);
$this->assertSame( "http://root/", $provider->getSiteRoot($params) );
$params = array(
'openid_realm' => "http://wrong/",
);
$this->assertFalse( $provider->getSiteRoot($params) );
$params = array(
'openid_ns' => Zend_OpenId::NS_2_0,
'openid_realm' => "http://root/",
'openid_trust_root' => "http://wrong/",
'openid_return_to' => "http://wrong/",
);
$this->assertSame( "http://root/", $provider->getSiteRoot($params) );
$params = array(
'openid_ns' => Zend_OpenId::NS_2_0,
'openid_trust_root' => "http://wrong/",
'openid_return_to' => "http://root/",
);
$this->assertSame( "http://root/", $provider->getSiteRoot($params) );
$params = array(
'openid_ns' => Zend_OpenId::NS_2_0,
'openid_return_to' => "http://root/",
);
$this->assertSame( "http://root/", $provider->getSiteRoot($params) );
$params = array(
'openid_ns' => Zend_OpenId::NS_2_0,
);
$this->assertFalse( $provider->getSiteRoot($params) );
$params = array(
'openid_trust_root' => "",
);
$this->assertFalse( $provider->getSiteRoot($params) );
}
/**
* testing allowSite
*
*/
public function testAllowSite()
{
$storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
$storage->delUser(self::USER);
$this->_user->delLoggedInUser();
$provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
// not logged in
$this->assertFalse( $provider->allowSite("http://www.test.com/") );
// logged in
$this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
$this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
$this->assertTrue( $provider->allowSite("http://www.test.com/") );
$trusted = $storage->getTrustedSites(self::USER);
$this->assertTrue( is_array($trusted) );
$this->assertSame( 1, count($trusted) );
reset($trusted);
$this->assertSame( "http://www.test.com/", key($trusted) );
$this->assertSame( true, current($trusted) );
// duplicate
$this->assertTrue( $provider->allowSite("http://www.test.com/") );
$trusted = $storage->getTrustedSites(self::USER);
$this->assertTrue( is_array($trusted) );
$this->assertSame( 1, count($trusted) );
reset($trusted);
$this->assertSame( "http://www.test.com/", key($trusted) );
$this->assertSame( true, current($trusted) );
// extensions
$sreg = new Zend_OpenId_Extension_Sreg(array("nickname"=>"test_id"));
$this->assertTrue( $provider->allowSite("http://www.test.com/", $sreg) );
$trusted = $storage->getTrustedSites(self::USER);
$this->assertTrue( is_array($trusted) );
$this->assertSame( 1, count($trusted) );
reset($trusted);
$this->assertSame( "http://www.test.com/", key($trusted) );
$this->assertSame( array('Zend_OpenId_Extension_Sreg'=>array('nickname'=>'test_id')), current($trusted) );
$this->_user->delLoggedInUser();
$storage->delUser(self::USER);
}
/**
* testing denySite
*
*/
public function testDenySite()
{
$storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
$storage->delUser(self::USER);
$this->_user->delLoggedInUser();
$provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
$sreg = new Zend_OpenId_Extension_Sreg(array("nickname"=>"test_id"));
// not logged in
$this->assertFalse( $provider->denySite("http://www.test.com/") );
$this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
$this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
$this->assertTrue( $provider->allowSite("http://www.test1.com/") );
$this->assertTrue( $provider->allowSite("http://www.test2.com/", $sreg) );
$this->AssertSame( array(
'http://www.test1.com/' => true,
'http://www.test2.com/' => array(
'Zend_OpenId_Extension_Sreg' => array(
'nickname' => 'test_id'
)
)
),
$storage->getTrustedSites(self::USER) );
$this->assertTrue( $provider->denySite("http://www.test3.com/") );
$this->AssertSame( array(
'http://www.test1.com/' => true,
'http://www.test2.com/' => array(
'Zend_OpenId_Extension_Sreg' => array(
'nickname' => 'test_id'
)
),
'http://www.test3.com/' => false
),
$storage->getTrustedSites(self::USER) );
$this->assertTrue( $provider->denySite("http://www.test1.com/") );
$this->AssertSame( array(
'http://www.test1.com/' => false,
'http://www.test2.com/' => array(
'Zend_OpenId_Extension_Sreg' => array(
'nickname' => 'test_id'
)
),
'http://www.test3.com/' => false
),
$storage->getTrustedSites(self::USER) );
$this->assertTrue( $provider->denySite("http://www.test2.com/") );
$this->AssertSame( array(
'http://www.test1.com/' => false,
'http://www.test2.com/' => false,
'http://www.test3.com/' => false
),
$storage->getTrustedSites(self::USER) );
$this->_user->delLoggedInUser();
$storage->delUser(self::USER);
}
/**
* testing delSite
*
*/
public function testDelSite()
{
$storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
$storage->delUser(self::USER);
$this->_user->delLoggedInUser();
$provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
$sreg = new Zend_OpenId_Extension_Sreg(array("nickname"=>"test_id"));
// not logged in
$this->assertFalse( $provider->delSite("http://www.test.com/") );
$this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
$this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
$this->assertTrue( $provider->allowSite("http://www.test1.com/") );
$this->assertTrue( $provider->allowSite("http://www.test2.com/", $sreg) );
$this->AssertSame( array(
'http://www.test1.com/' => true,
'http://www.test2.com/' => array(
'Zend_OpenId_Extension_Sreg' => array(
'nickname' => 'test_id'
)
)
),
$storage->getTrustedSites(self::USER) );
$this->assertTrue( $provider->delSite("http://www.test3.com/") );
$this->AssertSame( array(
'http://www.test1.com/' => true,
'http://www.test2.com/' => array(
'Zend_OpenId_Extension_Sreg' => array(
'nickname' => 'test_id'
)
)
),
$storage->getTrustedSites(self::USER) );
$this->assertTrue( $provider->delSite("http://www.test1.com/") );
$this->AssertSame( array(
'http://www.test2.com/' => array(
'Zend_OpenId_Extension_Sreg' => array(
'nickname' => 'test_id'
)
)
),
$storage->getTrustedSites(self::USER) );
$this->assertTrue( $provider->delSite("http://www.test2.com/") );
$this->AssertSame( array(
),
$storage->getTrustedSites(self::USER) );
$this->_user->delLoggedInUser();
$storage->delUser(self::USER);
}
/**
* testing getTrustedSites
*
*/
public function testGetTrustedSites()
{
$storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
$storage->delUser(self::USER);
$this->_user->delLoggedInUser();
$provider = new Zend_OpenId_Provider(null, null, $this->_user, $storage);
$sreg = new Zend_OpenId_Extension_Sreg(array("nickname"=>"test_id"));
$this->assertTrue( $provider->register(self::USER, self::PASSWORD) );
$this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
$this->assertTrue( $provider->allowSite("http://www.test1.com/") );
$this->assertTrue( $provider->allowSite("http://www.test2.com/", $sreg) );
$this->AssertSame( array(
'http://www.test1.com/' => true,
'http://www.test2.com/' => array(
'Zend_OpenId_Extension_Sreg' => array(
'nickname' => 'test_id'
)
)
),
$provider->getTrustedSites() );
$this->_user->delLoggedInUser();
$this->AssertFalse( $provider->getTrustedSites() );
$storage->delUser(self::USER);
}
/**
* testing genSecret
*
*/
public function testGenSecret()
{
$provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider"));
// SHA1
$x = $provider->genSecret("sha1");
$this->assertTrue( is_string($x) );
$this->assertSame( 20, strlen($x) );
// SHA256
$x = $provider->genSecret("sha256");
$this->assertTrue( is_string($x) );
$this->assertSame( 32, strlen($x) );
// invalid function
$this->assertFalse( $provider->genSecret("md5") );
}
/**
* testing _associate
*
*/
public function testAssociate()
{
try {
$storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
$provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, $storage);
// Wrong assoc_type
$ret = $provider->handle(array('openid_mode'=>'associate'));
$res = array();
foreach (explode("\n", $ret) as $line) {
if (!empty($line)) {
list($key, $val) = explode(":", $line, 2);
$res[$key] = $val;
}
}
$this->assertSame( 'unsupported-type', $res['error-code'] );
// Wrong assoc_type (OpenID 2.0)
$ret = $provider->handle(array('openid_ns'=>Zend_OpenId::NS_2_0,
'openid_mode'=>'associate'));
$res = array();
foreach (explode("\n", $ret) as $line) {
if (!empty($line)) {
list($key, $val) = explode(":", $line, 2);
$res[$key] = $val;
}
}
$this->assertSame( Zend_OpenId::NS_2_0, $res['ns'] );
$this->assertSame( 'unsupported-type', $res['error-code'] );
// Wrong session_type
$ret = $provider->handle(array('openid_mode'=>'associate',
'openid_assoc_type'=>'HMAC-SHA1',
'openid_session_type'=>'DH-SHA257'));
$res = array();
foreach (explode("\n", $ret) as $line) {
if (!empty($line)) {
list($key, $val) = explode(":", $line, 2);
$res[$key] = $val;
}
}
$this->assertSame( 'unsupported-type', $res['error-code'] );
// Associaation without encryption
$ret = $provider->handle(array('openid_assoc_type'=>'HMAC-SHA1',
'openid_mode'=>'associate'));
$res = array();
foreach (explode("\n", $ret) as $line) {
if (!empty($line)) {
list($key, $val) = explode(":", $line, 2);
$res[$key] = $val;
}
}
$this->assertSame( 'HMAC-SHA1', $res['assoc_type'] );
$this->assertTrue( isset($res['mac_key']) );
$this->assertSame( 20, strlen(base64_decode($res['mac_key'])) );
$this->assertTrue( isset($res['assoc_handle']) );
$this->assertSame( '3600', $res['expires_in'] );
$this->assertFalse( isset($res['session_type']) );
$this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
$this->assertSame( 'sha1', $macFunc );
$this->assertSame( bin2hex(base64_decode($res['mac_key'])), bin2hex($secret) );
// Associaation without encryption (OpenID 2.0)
$ret = $provider->handle(array('openid_ns'=>Zend_OpenId::NS_2_0,
'openid_assoc_type'=>'HMAC-SHA256',
'openid_mode'=>'associate'));
$res = array();
foreach (explode("\n", $ret) as $line) {
if (!empty($line)) {
list($key, $val) = explode(":", $line, 2);
$res[$key] = $val;
}
}
$this->assertSame( Zend_OpenId::NS_2_0, $res['ns'] );
$this->assertSame( 'HMAC-SHA256', $res['assoc_type'] );
$this->assertTrue( isset($res['mac_key']) );
$this->assertSame( 32, strlen(base64_decode($res['mac_key'])) );
$this->assertTrue( isset($res['assoc_handle']) );
$this->assertSame( '3600', $res['expires_in'] );
$this->assertFalse( isset($res['session_type']) );
$this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
$this->assertSame( 'sha256', $macFunc );
$this->assertSame( bin2hex(base64_decode($res['mac_key'])), bin2hex($secret) );
// Associaation without encryption (OpenID 2.0)
$ret = $provider->handle(array('openid_ns'=>Zend_OpenId::NS_2_0,
'openid_assoc_type'=>'HMAC-SHA256',
'openid_mode'=>'associate',
'openid_session_type'=>'no-encryption'));
$res = array();
foreach (explode("\n", $ret) as $line) {
if (!empty($line)) {
list($key, $val) = explode(":", $line, 2);
$res[$key] = $val;
}
}
$this->assertSame( Zend_OpenId::NS_2_0, $res['ns'] );
$this->assertSame( 'HMAC-SHA256', $res['assoc_type'] );
$this->assertTrue( isset($res['mac_key']) );
$this->assertSame( 32, strlen(base64_decode($res['mac_key'])) );
$this->assertTrue( isset($res['assoc_handle']) );
$this->assertSame( '3600', $res['expires_in'] );
$this->assertSame( 'no-encryption', $res['session_type'] );
$this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
$this->assertSame( 'sha256', $macFunc );
$this->assertSame( bin2hex(base64_decode($res['mac_key'])), bin2hex($secret) );
// Associaation with DH-SHA1 encryption
$ret = $provider->handle(array('openid_assoc_type'=>'HMAC-SHA1',
'openid_mode'=>'associate',
'openid_session_type'=>'DH-SHA1',
'openid_dh_modulus'=>'ANz5OguIOXLsDhmYmsWizjEOHTdxfo2Vcbt2I3MYZuYe91ouJ4mLBX+YkcLiemOcPym2CBRYHNOyyjmG0mg3BVd9RcLn5S3IHHoXGHblzqdLFEi/368Ygo79JRnxTkXjgmY0rxlJ5bU1zIKaSDuKdiI+XUkKJX8Fvf8W8vsixYOr',
'openid_dh_gen'=>'Ag==',
'openid_dh_consumer_public'=>'RqexRm+Zn5s3sXxFBjI9WfCOBwBDDQBKPzX4fjMGl3YEJh5tx8SVo7awgwuqsliR+nvjmRh5kSFIGv8YSCsy88v1CcAfWUGfjehO9euxQcXOYJnNGbl6GQrE2FYe2RCvML4Yi8eYCYtCQi0wlDE7BJXGSVPXFzj/ru0lR/voPpk=',
));
$res = array();
foreach (explode("\n", $ret) as $line) {
if (!empty($line)) {
list($key, $val) = explode(":", $line, 2);
$res[$key] = $val;
}
}
$this->assertSame( 'HMAC-SHA1', $res['assoc_type'] );
$this->assertSame( 'DH-SHA1', $res['session_type'] );
$this->assertTrue( isset($res['dh_server_public']) );
$this->assertTrue( isset($res['enc_mac_key']) );
$this->assertSame( 20, strlen(base64_decode($res['enc_mac_key'])) );
$this->assertTrue( isset($res['assoc_handle']) );
$this->assertSame( '3600', $res['expires_in'] );
$this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
$this->assertSame( 'sha1', $macFunc );
// Associaation with DH-SHA256 encryption (OpenID 2.0)
$ret = $provider->handle(array('openid_ns'=>Zend_OpenId::NS_2_0,
'openid_assoc_type'=>'HMAC-SHA256',
'openid_mode'=>'associate',
'openid_session_type'=>'DH-SHA256',
'openid_dh_modulus'=>'ANz5OguIOXLsDhmYmsWizjEOHTdxfo2Vcbt2I3MYZuYe91ouJ4mLBX+YkcLiemOcPym2CBRYHNOyyjmG0mg3BVd9RcLn5S3IHHoXGHblzqdLFEi/368Ygo79JRnxTkXjgmY0rxlJ5bU1zIKaSDuKdiI+XUkKJX8Fvf8W8vsixYOr',
'openid_dh_gen'=>'Ag==',
'openid_dh_consumer_public'=>'RqexRm+Zn5s3sXxFBjI9WfCOBwBDDQBKPzX4fjMGl3YEJh5tx8SVo7awgwuqsliR+nvjmRh5kSFIGv8YSCsy88v1CcAfWUGfjehO9euxQcXOYJnNGbl6GQrE2FYe2RCvML4Yi8eYCYtCQi0wlDE7BJXGSVPXFzj/ru0lR/voPpk=',
));
$res = array();
foreach (explode("\n", $ret) as $line) {
if (!empty($line)) {
list($key, $val) = explode(":", $line, 2);
$res[$key] = $val;
}
}
$this->assertSame( 'HMAC-SHA256', $res['assoc_type'] );
$this->assertSame( 'DH-SHA256', $res['session_type'] );
$this->assertTrue( isset($res['dh_server_public']) );
$this->assertTrue( isset($res['enc_mac_key']) );
$this->assertSame( 32, strlen(base64_decode($res['enc_mac_key'])) );
$this->assertTrue( isset($res['assoc_handle']) );
$this->assertSame( '3600', $res['expires_in'] );
$this->assertTrue( $storage->getAssociation($res['assoc_handle'], $macFunc, $secret, $expires) );
$this->assertSame( 'sha256', $macFunc );
} catch (Zend_OpenId_Exception $e) {
$this->markTestSkipped($e->getMessage());
}
}
/**
* testing _checkAuthentication
*
*/
public function testCheckAuthentication()
{
$storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
$provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, $storage);
// Wrong arguments
$ret = $provider->handle(array('openid_mode'=>'check_authentication'));
$res = array();
foreach (explode("\n", $ret) as $line) {
if (!empty($line)) {
list($key, $val) = explode(":", $line, 2);
$res[$key] = $val;
}
}
$this->assertSame( 'id_res', $res['openid.mode'] );
$this->assertSame( 'false', $res['is_valid'] );
// Wrong arguments (OpenID 2.0)
$ret = $provider->handle(array('openid_ns'=>Zend_OpenId::NS_2_0,
'openid_mode'=>'check_authentication'));
$res = array();
foreach (explode("\n", $ret) as $line) {
if (!empty($line)) {
list($key, $val) = explode(":", $line, 2);
$res[$key] = $val;
}
}
$this->assertSame( Zend_OpenId::NS_2_0, $res['ns'] );
$this->assertSame( 'id_res', $res['openid.mode'] );
$this->assertSame( 'false', $res['is_valid'] );
// Wrong session id
$storage->delAssociation(self::HANDLE);
$ret = $provider->handle(array('openid_mode'=>'check_authentication',
'openid_assoc_handle'=>self::HANDLE));
$res = array();
foreach (explode("\n", $ret) as $line) {
if (!empty($line)) {
list($key, $val) = explode(":", $line, 2);
$res[$key] = $val;
}
}
$this->assertSame( 'id_res', $res['openid.mode'] );
$this->assertSame( 'false', $res['is_valid'] );
// Proper session signed with HAMC-SHA256
$storage->addAssociation(self::HANDLE, "sha1", pack("H*", '0102030405060708091011121314151617181920'), time() + 3660);
$ret = $provider->handle(array('openid_mode'=>'check_authentication',
'openid_assoc_handle'=>self::HANDLE,
'openid_signed'=>'mode,assoc_handle,signed',
'openid_sig'=>'IgLZCOXmEPowYl6yyFZjYL4ZTtQ='));
$res = array();
foreach (explode("\n", $ret) as $line) {
if (!empty($line)) {
list($key, $val) = explode(":", $line, 2);
$res[$key] = $val;
}
}
$this->assertSame( 'id_res', $res['openid.mode'] );
$this->assertSame( 'true', $res['is_valid'] );
// Proper session signed with HAMC-SHA256
$storage->delAssociation(self::HANDLE);
$storage->addAssociation(self::HANDLE, "sha256", pack("H*", '0102030405060708091011121314151617181920212223242526272829303132'), time() + 3660);
$ret = $provider->handle(array('openid_mode'=>'check_authentication',
'openid_assoc_handle'=>self::HANDLE,
'openid_signed'=>'mode,assoc_handle,signed',
'openid_sig'=>'xoJcXj30L1N7QRir7I2ovop1SaijXnAI97X/yH+kvck='));
$res = array();
foreach (explode("\n", $ret) as $line) {
if (!empty($line)) {
list($key, $val) = explode(":", $line, 2);
$res[$key] = $val;
}
}
$this->assertSame( 'id_res', $res['openid.mode'] );
$this->assertSame( 'true', $res['is_valid'] );
// Wrong signature
$storage->delAssociation(self::HANDLE);
$storage->addAssociation(self::HANDLE, "sha256", pack("H*", '0102030405060708091011121314151617181920212223242526272829303132'), time() + 3660);
$ret = $provider->handle(array('openid_ns'=>Zend_OpenId::NS_2_0,
'openid_mode'=>'check_authentication',
'openid_assoc_handle'=>self::HANDLE,
'openid_signed'=>'ns,mode,assoc_handle,signed',
'openid_sig'=>'xoJcXj30L1N7QRir7I2ovop1SaijXnAI97X/yH+kvck='));
$res = array();
foreach (explode("\n", $ret) as $line) {
if (!empty($line)) {
list($key, $val) = explode(":", $line, 2);
$res[$key] = $val;
}
}
$this->assertSame( 'id_res', $res['openid.mode'] );
$this->assertSame( 'false', $res['is_valid'] );
$storage->delAssociation(self::HANDLE);
}
/**
* testing respondToConsumer
*
*/
public function testRespondToConsumer()
{
$storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
$provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, $storage);
// dumb mode
$response = new Zend_OpenId_ResponseHelper(true);
$storage->delAssociation(self::HANDLE);
$this->assertTrue( $provider->respondToConsumer(array(
'openid_assoc_handle' => self::HANDLE,
'openid_return_to' => 'http://www.test.com/test.php'
), null, $response) );
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$ret = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$ret[$key] = urldecode($val);
}
$this->assertSame( 'id_res', $ret['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $ret['openid.return_to'] );
$this->assertTrue( isset($ret['openid.assoc_handle']) );
$this->assertTrue( isset($ret['openid.response_nonce']) );
$this->assertTrue( isset($ret['openid.signed']) );
$this->assertTrue( isset($ret['openid.sig']) );
$this->assertTrue( $storage->getAssociation($ret['openid.assoc_handle'], $macFunc, $secret, $expires) );
$this->assertSame( 'sha1', $macFunc );
// OpenID 2.0 with SHA256
$_SERVER['SCRIPT_URI'] = "http://www.test.com/endpoint.php";
$response = new Zend_OpenId_ResponseHelper(true);
$storage->addAssociation(self::HANDLE, "sha256", pack("H*", '0102030405060708091011121314151617181920212223242526272829303132'), time() + 3660);
$this->assertTrue( $provider->respondToConsumer(array(
'openid_ns' => Zend_OpenId::NS_2_0,
'openid_assoc_handle' => self::HANDLE,
'openid_return_to' => 'http://www.test.com/test.php'
), null, $response) );
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$ret = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$ret[$key] = urldecode($val);
}
$this->assertSame( 'id_res', $ret['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $ret['openid.return_to'] );
$this->assertSame( self::HANDLE, $ret['openid.assoc_handle'] );
$this->assertTrue( isset($ret['openid.response_nonce']) );
$this->assertTrue( isset($ret['openid.signed']) );
$this->assertTrue( isset($ret['openid.sig']) );
$this->assertSame( Zend_OpenId::NS_2_0, $ret['openid.ns'] );
$this->assertSame( "http://www.test.com/endpoint.php", $ret['openid.op_endpoint'] );
$this->assertTrue( $storage->getAssociation(self::HANDLE, $macFunc, $secret, $expires) );
$this->assertSame( 'sha256', $macFunc );
$storage->delAssociation(self::HANDLE);
// OpenID 1.1 with SHA1
$storage->addAssociation(self::HANDLE, "sha1", pack("H*", '0102030405060708091011121314151617181920'), time() + 3660);
$response = new Zend_OpenId_ResponseHelper(true);
$ret = $provider->respondToConsumer(array(
'openid_assoc_handle' => self::HANDLE,
'openid_return_to' => 'http://www.test.com/test.php',
'openid_claimed_id' => 'http://claimed_id/',
'openid_identity' => 'http://identity/',
'openid_unknown' => 'http://www.test.com/test.php',
), null, $response);
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$ret = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$ret[$key] = urldecode($val);
}
$this->assertSame( 'id_res', $ret['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $ret['openid.return_to'] );
$this->assertSame( self::HANDLE, $ret['openid.assoc_handle'] );
$this->assertTrue( isset($ret['openid.response_nonce']) );
$this->assertTrue( isset($ret['openid.signed']) );
$this->assertTrue( isset($ret['openid.sig']) );
$this->assertFalse( isset($ret['openid.ns']) );
$this->assertFalse( isset($ret['openid.op_endpoint']) );
$this->assertSame( 'http://claimed_id/', $ret['openid.claimed_id'] );
$this->assertSame( 'http://identity/', $ret['openid.identity'] );
$this->assertFalse( isset($ret['openid.unknown']) );
$this->assertTrue( $storage->getAssociation(self::HANDLE, $macFunc, $secret, $expires) );
$this->assertSame( 'sha1', $macFunc );
$storage->delAssociation(self::HANDLE);
// extensions
$sreg = new Zend_OpenId_Extension_Sreg(array("nickname"=>"test_id"));
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue( $provider->respondToConsumer(array(
'openid_return_to' => 'http://www.test.com/test.php',
), $sreg, $response) );
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$ret = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$ret[$key] = urldecode($val);
}
$this->assertSame( 'test_id', $ret['openid.sreg.nickname'] );
}
/**
* testing _checkId
*
*/
public function testCheckIdImmediate()
{
$_SERVER['SCRIPT_URI'] = "http://www.test.com/server.php";
$storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
$provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, $storage);
$provider->logout();
// Wrong arguments (no openid.return_to and openid.trust_root)
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertFalse( $provider->handle(array(
'openid_mode'=>'checkid_immediate'),
null, $response) );
// Unexistent user
$storage->delUser(self::USER);
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_immediate',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$this->assertSame( 'http://www.test.com/test.php?openid.mode=cancel', $headers[0]['value'] );
// No openid_identity
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_immediate',
'openid_return_to'=>'http://www.test.com/test.php'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$query = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query[$key] = urldecode($val);
}
$this->assertSame( 'id_res', $query['openid.mode'] );
$url2 = parse_url($query['openid.user_setup_url']);
$this->assertSame( 'www.test.com', $url2['host'] );
$this->assertSame( '/server.php', $url2['path'] );
$query2 = array();
foreach (explode('&', $url2['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query2[$key] = urldecode($val);
}
$this->assertSame( 'login', $query2['openid.action'] );
$this->assertSame( 'checkid_setup', $query2['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
// Non logged in user
$provider->register(self::USER, self::PASSWORD);
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_immediate',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$query = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query[$key] = urldecode($val);
}
$this->assertSame( 'id_res', $query['openid.mode'] );
$url2 = parse_url($query['openid.user_setup_url']);
$this->assertSame( 'www.test.com', $url2['host'] );
$this->assertSame( '/server.php', $url2['path'] );
$query2 = array();
foreach (explode('&', $url2['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query2[$key] = urldecode($val);
}
$this->assertSame( 'login', $query2['openid.action'] );
$this->assertSame( 'checkid_setup', $query2['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
$this->assertSame( self::USER, $query2['openid.identity'] );
// Non logged in user with SREG
$provider->register(self::USER, self::PASSWORD);
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_immediate',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php',
'openid_ns_sreg'=>Zend_OpenId_Extension_Sreg::NAMESPACE_1_1,
'openid_sreg_required'=>'nickname'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$query = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query[$key] = urldecode($val);
}
$this->assertSame( 'id_res', $query['openid.mode'] );
$url2 = parse_url($query['openid.user_setup_url']);
$this->assertSame( 'www.test.com', $url2['host'] );
$this->assertSame( '/server.php', $url2['path'] );
$query2 = array();
foreach (explode('&', $url2['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query2[$key] = urldecode($val);
}
$this->assertSame( 'login', $query2['openid.action'] );
$this->assertSame( 'checkid_setup', $query2['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
$this->assertSame( self::USER, $query2['openid.identity'] );
$this->assertSame( Zend_OpenId_Extension_Sreg::NAMESPACE_1_1, $query2['openid.ns.sreg'] );
$this->assertSame( "nickname", $query2['openid.sreg.required'] );
// Logged in user (unknown site)
$this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_immediate',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$query = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query[$key] = urldecode($val);
}
$this->assertSame( 'id_res', $query['openid.mode'] );
$url2 = parse_url($query['openid.user_setup_url']);
$this->assertSame( 'www.test.com', $url2['host'] );
$this->assertSame( '/server.php', $url2['path'] );
$query2 = array();
foreach (explode('&', $url2['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query2[$key] = urldecode($val);
}
$this->assertSame( 'trust', $query2['openid.action'] );
$this->assertSame( 'checkid_setup', $query2['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
$this->assertSame( self::USER, $query2['openid.identity'] );
// Logged in user (unknown site 2)
$this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
$this->assertTrue( $provider->allowSite('http://www.test.com/test1.php') );
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_immediate',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$query = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query[$key] = urldecode($val);
}
$this->assertSame( 'id_res', $query['openid.mode'] );
$url2 = parse_url($query['openid.user_setup_url']);
$this->assertSame( 'www.test.com', $url2['host'] );
$this->assertSame( '/server.php', $url2['path'] );
$query2 = array();
foreach (explode('&', $url2['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query2[$key] = urldecode($val);
}
$this->assertSame( 'trust', $query2['openid.action'] );
$this->assertSame( 'checkid_setup', $query2['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
$this->assertSame( self::USER, $query2['openid.identity'] );
// Logged in user (unknown site + SREG)
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue( $provider->delSite('http://www.test.com/test1.php') );
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_immediate',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php',
'openid_ns_sreg'=>Zend_OpenId_Extension_Sreg::NAMESPACE_1_1,
'openid_sreg_required'=>'nickname'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$query = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query[$key] = urldecode($val);
}
$this->assertSame( 'id_res', $query['openid.mode'] );
$url2 = parse_url($query['openid.user_setup_url']);
$this->assertSame( 'www.test.com', $url2['host'] );
$this->assertSame( '/server.php', $url2['path'] );
$query2 = array();
foreach (explode('&', $url2['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query2[$key] = urldecode($val);
}
$this->assertSame( 'trust', $query2['openid.action'] );
$this->assertSame( 'checkid_setup', $query2['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
$this->assertSame( self::USER, $query2['openid.identity'] );
$this->assertSame( Zend_OpenId_Extension_Sreg::NAMESPACE_1_1, $query2['openid.ns.sreg'] );
$this->assertSame( "nickname", $query2['openid.sreg.required'] );
// Logged in user (untrusted site)
$this->assertTrue( $provider->denySite('http://www.test.com') );
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_immediate',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$this->assertSame( 'http://www.test.com/test.php?openid.mode=cancel', $headers[0]['value'] );
// Logged in user (untrusted site with wildcard)
$this->assertTrue( $provider->delSite('http://www.test.com') );
$this->assertTrue( $provider->denySite('http://*.test.com') );
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_immediate',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$this->assertSame( 'http://www.test.com/test.php?openid.mode=cancel', $headers[0]['value'] );
// Logged in user (trusted site)
$this->assertTrue( $provider->delSite('http://*.test.com') );
$this->assertTrue( $provider->allowSite('http://www.test.com/') );
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_immediate',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$query = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query[$key] = urldecode($val);
}
$this->assertSame( 'id_res', $query['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
$this->assertSame( self::USER, $query['openid.identity'] );
$this->assertTrue( isset($query['openid.assoc_handle']) );
$this->assertTrue( isset($query['openid.response_nonce']) );
$this->assertTrue( isset($query['openid.signed']) );
$this->assertTrue( isset($query['openid.sig']) );
$this->assertSame( 20, strlen(base64_decode($query['openid.sig'])) );
// Logged in user (trusted site without openid.return_to)
$this->assertTrue( $provider->allowSite('http://www.test.com/') );
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_immediate',
'openid_identity'=>self::USER,
'openid_trust_root'=>'http://www.test.com/test.php'),
null, $response));
$this->assertSame( array(), $response->getHeaders() );
$this->assertSame( '', $response->getBody() );
// Logged in user (trusted site) & OpenID 2.0 & established session
$storage->delAssociation(self::HANDLE);
$storage->addAssociation(self::HANDLE, "sha1", pack("H*", '0102030405060708091011121314151617181920'), time() + 3660);
$this->assertTrue( $provider->allowSite('http://www.test.com/') );
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_ns'=>Zend_OpenId::NS_2_0,
'openid_assoc_handle'=>self::HANDLE,
'openid_mode'=>'checkid_immediate',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$query = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query[$key] = urldecode($val);
}
$this->assertSame( Zend_OpenId::NS_2_0, $query['openid.ns'] );
$this->assertSame( "http://www.test.com/server.php", $query['openid.op_endpoint'] );
$this->assertSame( 'id_res', $query['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
$this->assertSame( self::USER, $query['openid.identity'] );
$this->assertSame( self::HANDLE, $query['openid.assoc_handle'] );
$this->assertTrue( isset($query['openid.response_nonce']) );
$this->assertTrue( isset($query['openid.signed']) );
$this->assertTrue( isset($query['openid.sig']) );
$this->assertSame( 20, strlen(base64_decode($query['openid.sig'])) );
// Logged in user (trusted site) & invalid association handle
$storage->delAssociation(self::HANDLE);
$this->assertTrue( $provider->allowSite('http://www.test.com/') );
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_ns'=>Zend_OpenId::NS_2_0,
'openid_assoc_handle'=>self::HANDLE,
'openid_mode'=>'checkid_immediate',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$query = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query[$key] = urldecode($val);
}
$this->assertSame( Zend_OpenId::NS_2_0, $query['openid.ns'] );
$this->assertSame( "http://www.test.com/server.php", $query['openid.op_endpoint'] );
$this->assertSame( 'id_res', $query['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
$this->assertSame( self::USER, $query['openid.identity'] );
$this->assertSame( self::HANDLE, $query['openid.invalidate_handle'] );
$this->assertTrue( isset($query['openid.assoc_handle']) );
$this->assertTrue( isset($query['openid.response_nonce']) );
$this->assertTrue( isset($query['openid.signed']) );
$this->assertTrue( isset($query['openid.sig']) );
$this->assertSame( 32, strlen(base64_decode($query['openid.sig'])) );
// SREG success
$sreg = new Zend_OpenId_Extension_Sreg(array('nickname'=>'test','email'=>'test@test.com'));
$this->assertTrue( $provider->allowSite('http://www.test.com/', $sreg) );
$sreg = new Zend_OpenId_Extension_Sreg();
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_ns'=>Zend_OpenId::NS_2_0,
'openid_mode'=>'checkid_immediate',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php',
'openid_ns_sreg'=>Zend_OpenId_Extension_Sreg::NAMESPACE_1_1,
'openid_sreg_required'=>'nickname',
'openid_sreg_optional'=>'email',
),
$sreg, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$query = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query[$key] = urldecode($val);
}
$this->assertSame( Zend_OpenId::NS_2_0, $query['openid.ns'] );
$this->assertSame( "http://www.test.com/server.php", $query['openid.op_endpoint'] );
$this->assertSame( 'id_res', $query['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
$this->assertSame( self::USER, $query['openid.identity'] );
$this->assertTrue( isset($query['openid.assoc_handle']) );
$this->assertTrue( isset($query['openid.response_nonce']) );
$this->assertTrue( isset($query['openid.signed']) );
$this->assertTrue( isset($query['openid.sig']) );
$this->assertSame( 32, strlen(base64_decode($query['openid.sig'])) );
$this->assertSame( Zend_OpenId_Extension_Sreg::NAMESPACE_1_1, $query['openid.ns.sreg'] );
$this->assertSame( 'test', $query['openid.sreg.nickname'] );
$this->assertSame( 'test@test.com', $query['openid.sreg.email'] );
// SREG failed
$sreg = new Zend_OpenId_Extension_Sreg(array('nickname'=>'test'));
$this->assertTrue( $provider->allowSite('http://www.test.com/', $sreg) );
$sreg = new Zend_OpenId_Extension_Sreg();
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_immediate',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php',
'openid_sreg_required'=>'nickname,email',
),
$sreg, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$query = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query[$key] = urldecode($val);
}
$this->assertSame( 'id_res', $query['openid.mode'] );
$url2 = parse_url($query['openid.user_setup_url']);
$this->assertSame( 'www.test.com', $url2['host'] );
$this->assertSame( '/server.php', $url2['path'] );
$query2 = array();
foreach (explode('&', $url2['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query2[$key] = urldecode($val);
}
$this->assertSame( 'trust', $query2['openid.action'] );
$this->assertSame( 'checkid_setup', $query2['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $query2['openid.return_to'] );
$this->assertSame( self::USER, $query2['openid.identity'] );
$this->assertSame( "nickname,email", $query2['openid.sreg.required'] );
$provider->logout();
$storage->delUser(self::USER);
}
/**
* testing handle
*
*/
public function testCheckIdSetup()
{
$_SERVER['SCRIPT_URI'] = "http://www.test.com/server.php";
$storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
$provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, $storage);
$provider->logout();
// Wrong arguments (no openid.return_to and openid.trust_root)
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertFalse( $provider->handle(array(
'openid_mode'=>'checkid_setup'),
null, $response) );
// Unexistent user
$storage->delUser(self::USER);
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_setup',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$this->assertSame( 'http://www.test.com/test.php?openid.mode=cancel', $headers[0]['value'] );
// No openid_identity
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_setup',
'openid_return_to'=>'http://www.test.com/test.php'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/server.php', $url['path'] );
$query = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query[$key] = urldecode($val);
}
$this->assertSame( 'login', $query['openid.action'] );
$this->assertSame( 'checkid_setup', $query['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
// Non logged in user
$provider->register(self::USER, self::PASSWORD);
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_setup',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/server.php', $url['path'] );
$query = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query[$key] = urldecode($val);
}
$this->assertSame( 'login', $query['openid.action'] );
$this->assertSame( 'checkid_setup', $query['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
$this->assertSame( self::USER, $query['openid.identity'] );
// Logged in user (unknown site)
$this->assertTrue( $provider->login(self::USER, self::PASSWORD) );
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_setup',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/server.php', $url['path'] );
$query = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query[$key] = urldecode($val);
}
$this->assertSame( 'trust', $query['openid.action'] );
$this->assertSame( 'checkid_setup', $query['openid.mode'] );
$this->assertSame( self::USER, $query['openid.identity'] );
$this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
// Logged in user (untrusted site)
$this->assertTrue( $provider->denySite('http://www.test.com/') );
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_setup',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$this->assertSame( 'http://www.test.com/test.php?openid.mode=cancel', $headers[0]['value'] );
// Logged in user (trusted site)
$this->assertTrue( $provider->allowSite('http://www.test.com/') );
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_setup',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$query = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query[$key] = urldecode($val);
}
$this->assertSame( 'id_res', $query['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
$this->assertSame( self::USER, $query['openid.identity'] );
$this->assertTrue( isset($query['openid.assoc_handle']) );
$this->assertTrue( isset($query['openid.response_nonce']) );
$this->assertTrue( isset($query['openid.signed']) );
$this->assertTrue( isset($query['openid.sig']) );
$this->assertSame( 20, strlen(base64_decode($query['openid.sig'])) );
// Logged in user (trusted site without openid.return_to)
$this->assertTrue( $provider->allowSite('http://www.test.com/') );
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_setup',
'openid_identity'=>self::USER,
'openid_trust_root'=>'http://www.test.com/test.php'),
null, $response));
$this->assertSame( array(), $response->getHeaders() );
$this->assertSame( '', $response->getBody() );
// Logged in user (trusted site) & OpenID 2.0 & established session
$storage->delAssociation(self::HANDLE);
$storage->addAssociation(self::HANDLE, "sha1", pack("H*", '0102030405060708091011121314151617181920'), time() + 3660);
$this->assertTrue( $provider->allowSite('http://www.test.com/') );
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_ns'=>Zend_OpenId::NS_2_0,
'openid_assoc_handle'=>self::HANDLE,
'openid_mode'=>'checkid_setup',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$query = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query[$key] = urldecode($val);
}
$this->assertSame( Zend_OpenId::NS_2_0, $query['openid.ns'] );
$this->assertSame( "http://www.test.com/server.php", $query['openid.op_endpoint'] );
$this->assertSame( 'id_res', $query['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
$this->assertSame( self::USER, $query['openid.identity'] );
$this->assertSame( self::HANDLE, $query['openid.assoc_handle'] );
$this->assertTrue( isset($query['openid.response_nonce']) );
$this->assertTrue( isset($query['openid.signed']) );
$this->assertTrue( isset($query['openid.sig']) );
$this->assertSame( 20, strlen(base64_decode($query['openid.sig'])) );
// Logged in user (trusted site) & invalid association handle
$storage->delAssociation(self::HANDLE);
$this->assertTrue( $provider->allowSite('http://www.test.com/') );
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_ns'=>Zend_OpenId::NS_2_0,
'openid_assoc_handle'=>self::HANDLE,
'openid_mode'=>'checkid_setup',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php'),
null, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$query = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query[$key] = urldecode($val);
}
$this->assertSame( Zend_OpenId::NS_2_0, $query['openid.ns'] );
$this->assertSame( "http://www.test.com/server.php", $query['openid.op_endpoint'] );
$this->assertSame( 'id_res', $query['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
$this->assertSame( self::USER, $query['openid.identity'] );
$this->assertSame( self::HANDLE, $query['openid.invalidate_handle'] );
$this->assertTrue( isset($query['openid.assoc_handle']) );
$this->assertTrue( isset($query['openid.response_nonce']) );
$this->assertTrue( isset($query['openid.signed']) );
$this->assertTrue( isset($query['openid.sig']) );
$this->assertSame( 32, strlen(base64_decode($query['openid.sig'])) );
// SREG success
$sreg = new Zend_OpenId_Extension_Sreg(array('nickname'=>'test','email'=>'test@test.com'));
$this->assertTrue( $provider->allowSite('http://www.test.com/', $sreg) );
$sreg = new Zend_OpenId_Extension_Sreg();
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_ns'=>Zend_OpenId::NS_2_0,
'openid_mode'=>'checkid_setup',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php',
'openid_ns_sreg'=>Zend_OpenId_Extension_Sreg::NAMESPACE_1_1,
'openid_sreg_required'=>'nickname',
'openid_sreg_optional'=>'email',
),
$sreg, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$query = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query[$key] = urldecode($val);
}
$this->assertSame( Zend_OpenId::NS_2_0, $query['openid.ns'] );
$this->assertSame( "http://www.test.com/server.php", $query['openid.op_endpoint'] );
$this->assertSame( 'id_res', $query['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
$this->assertSame( self::USER, $query['openid.identity'] );
$this->assertTrue( isset($query['openid.assoc_handle']) );
$this->assertTrue( isset($query['openid.response_nonce']) );
$this->assertTrue( isset($query['openid.signed']) );
$this->assertTrue( isset($query['openid.sig']) );
$this->assertSame( 32, strlen(base64_decode($query['openid.sig'])) );
$this->assertSame( Zend_OpenId_Extension_Sreg::NAMESPACE_1_1, $query['openid.ns.sreg'] );
$this->assertSame( 'test', $query['openid.sreg.nickname'] );
$this->assertSame( 'test@test.com', $query['openid.sreg.email'] );
// SREG failed
$sreg = new Zend_OpenId_Extension_Sreg(array('nickname'=>'test'));
$this->assertTrue( $provider->allowSite('http://www.test.com/', $sreg) );
$sreg = new Zend_OpenId_Extension_Sreg();
$response = new Zend_OpenId_ResponseHelper(true);
$this->assertTrue($provider->handle(array(
'openid_mode'=>'checkid_setup',
'openid_identity'=>self::USER,
'openid_return_to'=>'http://www.test.com/test.php',
'openid_sreg_required'=>'nickname,email',
),
$sreg, $response));
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/server.php', $url['path'] );
$query = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$query[$key] = urldecode($val);
}
$this->assertSame( 'trust', $query['openid.action'] );
$this->assertSame( 'checkid_setup', $query['openid.mode'] );
$this->assertSame( self::USER, $query['openid.identity'] );
$this->assertSame( 'http://www.test.com/test.php', $query['openid.return_to'] );
$this->assertSame( 'nickname,email', $query['openid.sreg.required'] );
$provider->logout();
$storage->delUser(self::USER);
}
/**
* testing handle
*
*/
public function testHandle()
{
$provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider"));
// no openid_mode
$this->assertFalse( $provider->handle(array()) );
// wrong openid_mode
$this->assertFalse( $provider->handle(array('openid_mode'=>'wrong')) );
}
/**
* testing setOpEndpoint
*
*/
public function testSetOpEndpoint()
{
$storage = new Zend_OpenId_Provider_Storage_File(dirname(__FILE__)."/_files/provider");
$provider = new Zend_OpenId_ProviderHelper(null, null, $this->_user, $storage);
$provider->setOpEndpoint("http://www.test.com/real_endpoint.php");
// OpenID 2.0 with SHA256
$_SERVER['SCRIPT_URI'] = "http://www.test.com/endpoint.php";
$response = new Zend_OpenId_ResponseHelper(true);
$storage->addAssociation(self::HANDLE, "sha256", pack("H*", '0102030405060708091011121314151617181920212223242526272829303132'), time() + 3660);
$this->assertTrue( $provider->respondToConsumer(array(
'openid_ns' => Zend_OpenId::NS_2_0,
'openid_assoc_handle' => self::HANDLE,
'openid_return_to' => 'http://www.test.com/test.php'
), null, $response) );
$headers = $response->getHeaders();
$this->assertSame( 'Location', $headers[0]['name'] );
$url = parse_url($headers[0]['value']);
$this->assertSame( 'www.test.com', $url['host'] );
$this->assertSame( '/test.php', $url['path'] );
$ret = array();
foreach (explode('&', $url['query']) as $line) {
list($key,$val) = explode('=', $line, 2);
$ret[$key] = urldecode($val);
}
$this->assertSame( 'id_res', $ret['openid.mode'] );
$this->assertSame( 'http://www.test.com/test.php', $ret['openid.return_to'] );
$this->assertSame( self::HANDLE, $ret['openid.assoc_handle'] );
$this->assertTrue( isset($ret['openid.response_nonce']) );
$this->assertTrue( isset($ret['openid.signed']) );
$this->assertTrue( isset($ret['openid.sig']) );
$this->assertSame( Zend_OpenId::NS_2_0, $ret['openid.ns'] );
$this->assertSame( "http://www.test.com/real_endpoint.php", $ret['openid.op_endpoint'] );
$this->assertTrue( $storage->getAssociation(self::HANDLE, $macFunc, $secret, $expires) );
$this->assertSame( 'sha256', $macFunc );
$storage->delAssociation(self::HANDLE);
}
}
class Zend_OpenId_ProviderHelper extends Zend_OpenId_Provider
{
public function genSecret($func)
{
return $this->_genSecret($func);
}
}