public function isValid() { try { //check identifier if (isset($this->message[OpenIdSREGExtension::paramNamespace('_')]) && $this->message[OpenIdSREGExtension::paramNamespace('_')] == OpenIdSREGExtension::NamespaceUrl) { //check required fields if (!isset($this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::Required, '_')])) { throw new InvalidOpenIdMessageException("SREG: not set required attributes!"); } //get attributes $attributes = $this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::Required, '_')]; $attributes = explode(",", $attributes); if (count($attributes) <= 0) { throw new InvalidOpenIdMessageException("SREG: not set required attributes!"); } foreach ($attributes as $attr) { $attr = trim($attr); if (!isset(OpenIdSREGExtension::$available_properties[$attr])) { continue; } $this->attributes[$attr] = $attr; } //get attributes if (isset($this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::Optional, '_')])) { $opt_attributes = $this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::Optional, '_')]; $opt_attributes = explode(",", $opt_attributes); foreach ($opt_attributes as $opt_attr) { $opt_attr = trim($opt_attr); if (!isset(OpenIdSREGExtension::$available_properties[$opt_attr])) { continue; } if (isset($this->attributes[$opt_attr])) { throw new InvalidOpenIdMessageException("SREG: optional attribute is already set as required one!"); } $this->optional_attributes[$opt_attr] = $opt_attr; } } //check policy url.. if (isset($this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::PolicyUrl, '_')])) { $this->policy_url = $this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::PolicyUrl, '_')]; } return true; } } catch (Exception $ex) { throw $ex; } return false; }
public function testCheckSetupSREGExtension() { //set login info Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowForever); $sreg_required_params = array('email', 'fullname'); $params = array(OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS) => OpenIdProtocol::OpenID2MessageType, OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Mode) => OpenIdProtocol::SetupMode, OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm) => "https://www.test.com/", OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo) => "https://www.test.com/oauth2", OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Identity) => "http://specs.openid.net/auth/2.0/identifier_select", OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ClaimedId) => "http://specs.openid.net/auth/2.0/identifier_select", OpenIdSREGExtension::paramNamespace() => OpenIdSREGExtension::NamespaceUrl, OpenIdSREGExtension::param(OpenIdSREGExtension::Required) => implode(",", $sreg_required_params)); $response = $this->action("POST", "OpenIdProviderController@endpoint", $params); $this->assertResponseStatus(302); $openid_response = $this->parseOpenIdResponse($response->getTargetUrl()); $this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Mode)])); $this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Mode)])); $this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS)])); $this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS)])); $this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo)])); $this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo)])); $this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Sig)])); $this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Sig)])); $this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Signed)])); $this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Signed)])); $this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm)])); $this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm)])); $this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_OpEndpoint)])); $this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_OpEndpoint)])); $this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Identity)])); $this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Identity)])); $this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ClaimedId)])); $this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ClaimedId)])); //sreg $this->assertTrue(isset($openid_response[OpenIdSREGExtension::paramNamespace()])); $this->assertTrue($openid_response[OpenIdSREGExtension::paramNamespace()] === OpenIdSREGExtension::NamespaceUrl); $this->assertTrue(isset($openid_response[OpenIdSREGExtension::param(OpenIdSREGExtension::FullName)])); $full_name = $openid_response[OpenIdSREGExtension::param(OpenIdSREGExtension::FullName)]; $this->assertTrue(!empty($full_name) && $full_name === 'Sebastian Marcet'); $this->assertTrue(isset($openid_response[OpenIdSREGExtension::param(OpenIdSREGExtension::Email)])); $email = $openid_response[OpenIdSREGExtension::param(OpenIdSREGExtension::Email)]; $this->assertTrue(!empty($email) && $email === '*****@*****.**'); //http://openid.net/specs/openid-authentication-2_0.html#check_auth $response = $this->action("POST", "OpenIdProviderController@endpoint", $this->prepareCheckAuthenticationParams($openid_response)); $openid_response = $this->getOpenIdResponseLineBreak($response->getContent()); $this->assertResponseStatus(200); $this->assertTrue($openid_response['is_valid'] === 'true'); }