function pugpig_subs_test_form($title, $urls, $params, $test_users, $helptext = "")
{
if (isset($urls["base"])) {
$urls["sign_in"] = $urls["base"] . "sign_in";
$urls["verify_subscription"] = $urls["base"] . "verify_subscription";
$urls["edition_credentials"] = $urls["base"] . "edition_credentials";
}
$vals = array();
$params[] = "product_id";
foreach ($params as $param) {
if (isset($_REQUEST[$param])) {
$vals[$param] = $_REQUEST[$param];
}
}
if (empty($vals['product_id'])) {
$vals['product_id'] = "com.pugpig.test.issue12345";
}
$product_id = $vals['product_id'];
$authToken = null;
$error = '';
$issues = array();
echo <<<EOT
<style>
form {border: 1px solid grey; padding: 2px; margin: 2px;}
.pugpig_active { color: green;}
.pugpig_inactive { color: orange;}
.pugpig_stale { color: gray;}
.pugpig_unknown { color: red;}
.testusers { -webkit-column-count: 4; }
</style>
EOT;
echo "<h2>Pugpig Authentication Test Console - {$title}</h2>\n";
if (!empty($helptext)) {
echo "<p><em>{$helptext}</em></p>";
}
echo "Supplied test users:\n<ul class='testusers'>\n";
foreach ($test_users as $test_user) {
$state = strtolower($test_user['state']);
unset($test_user['state']);
$p = array();
$p["product_id"] = $product_id;
// We need this to retain the position on WordPress
if (isset($_REQUEST["page"])) {
$p["page"] = $_REQUEST["page"];
}
$query_params = http_build_query(array_merge($test_user, $p));
$description = implode(", ", $test_user);
echo "<li><b class='pugpig_{$state}'>{$description}</b> - <a href='?{$query_params}'>Test</a></li>\n";
}
echo "</ul>\n";
echo "<form method='GET'>\n";
// Need to WordPress settings pages
if (isset($_REQUEST["page"])) {
echo "<input type='hidden' name='page' value='" . $_REQUEST["page"] . "' />\n";
}
echo "Enter test values:<br />\n";
foreach ($params as $param) {
if (isset($vals[$param])) {
$val = $vals[$param];
} else {
$val = '';
}
echo "{$param}: <input id='{$param}' name='{$param}' type='text' value='{$val}' /> \n";
}
echo "<br /><input type='submit' />\n";
echo "</form>\n";
// We will always have product_id. Need at least one more.
echo "<p>Using <em><a href='" . $urls["sign_in"] . "'>" . $urls["sign_in"] . "</a></em><br />\n";
echo "Using <em><a href='" . $urls["verify_subscription"] . "'>" . $urls["verify_subscription"] . "</a></em><br />\n";
echo "Using <em><a href='" . $urls["edition_credentials"] . "'>" . $urls["edition_credentials"] . "</a></em></p>\n";
if (count($vals) > 1) {
unset($vals['product_id']);
$sep = strpos($urls["sign_in"], "?") ? "&" : "?";
$sign_in_req = $urls["sign_in"] . $sep . http_build_query($vals);
$http_status = pugpig_subs_http_request($sign_in_req, $sign_in_response);
$status = "unknown";
if ($http_status != 200) {
echo "<b class='pugpig_unknown'>SIGN IN ERROR: Status {$http_status}</b><br />\n";
} else {
$token = pugpig_subs_get_single_xpath_value("/token", $sign_in_response);
// Backup format to support the Dovetail response format
if (empty($token)) {
$token = pugpig_subs_get_single_xpath_value("/result_response/authToken", $sign_in_response);
}
if (!empty($token)) {
echo "Auth Token: <b class='pugpig_active'>{$token}</b><br />\n";
$query_vars = array("token" => $token);
$sep = strpos($urls["verify_subscription"], "?") ? "&" : "?";
$verify_subscription_req = $urls["verify_subscription"] . $sep . http_build_query($query_vars);
$query_vars['product_id'] = $product_id;
$sep = strpos($urls["edition_credentials"], "?") ? "&" : "?";
$edition_creds_req = $urls["edition_credentials"] . $sep . http_build_query($query_vars);
$http_status = pugpig_subs_http_request($verify_subscription_req, $verify_subscription_response);
if ($http_status != 200) {
echo "<b class='pugpig_unknown'>VERIFY SUBSCRIPTION ERROR: Status {$http_status}</b><br />\n";
} else {
$message = pugpig_subs_get_single_xpath_value("/subscription/@message", $verify_subscription_response);
$status = pugpig_subs_get_single_xpath_value("/subscription/@state", $verify_subscription_response);
$issues_exists = pugpug_subs_get_xpath_value("/subscription/issues", $verify_subscription_response);
$issues = pugpug_subs_get_xpath_value("/subscription/issues/issue", $verify_subscription_response);
if (empty($status)) {
echo "Status: <b class='pugpig_unknown'>Got a 200, but did not get back the expected response</b><br />\n";
} else {
echo "Status: <b class='pugpig_{$status}'>{$status}</b><br />\n";
if (!empty($message)) {
echo "Message: <b class='pugpig_{$status}'>{$message}</b><br />\n";
}
if ($issues_exists == '' || $issues_exists->length == 0) {
echo "<b>You have access to all issues</b><br />\n";
} else {
if ($issues->length == 0) {
echo "<b>You do not have access to any issues</b><br />\n";
} else {
echo "<b>You have access to " . $issues->length . " issues</b><br />\n";
echo "<ul>\n";
foreach ($issues as $issue) {
echo "<li>" . $issue->textContent . "</li>\n";
}
echo "</ul>\n";
}
}
}
}
$http_status = pugpig_subs_http_request($edition_creds_req, $edition_creds_response);
if ($http_status != 200) {
echo "<b class='pugpig_unknown'>EDITION CREDENTIALS ERROR: Status {$http_status}</b>\n";
} else {
$userid = pugpig_subs_get_single_xpath_value("/credentials/userid", $edition_creds_response);
$password = pugpig_subs_get_single_xpath_value("/credentials/password", $edition_creds_response);
if (!empty($userid) && !empty($password)) {
echo "Got credentials for <b class='pugpig_active'>{$product_id}</b>\n";
} else {
$status = pugpig_subs_get_single_xpath_value("/credentials/error/@status", $edition_creds_response);
$message = pugpig_subs_get_single_xpath_value("/credentials/error/@message", $edition_creds_response);
echo "Denied credentials for <b class='pugpig_unknown'>{$product_id}</b> (status: <b class='unknown'>{$status}</b>)<br />\n";
if (!empty($message)) {
echo "Message: <b class='pugpig_unknown'>{$message}</b><br />\n";
}
}
}
} else {
echo "Credentials not recognised - did not get a token<br />\n";
}
}
echo "<h3 class='pugpig_{$status}'>All done</h3><br />\n";
if (!empty($sign_in_req)) {
echo "<a href='{$sign_in_req}'>Raw Sign In</a><br />\n";
echo "<hr />" . htmlspecialchars($sign_in_response) . "<hr />\n";
}
if (!empty($verify_subscription_req)) {
echo "<a href='{$verify_subscription_req}'>Verify Subscription</a><br />\n";
echo "<hr />" . htmlspecialchars($verify_subscription_response) . "<hr />\n";
}
if (!empty($edition_creds_req)) {
echo "<a href='{$edition_creds_req}'>Edition Credentials</a><br />\n";
echo "<hr />" . htmlspecialchars($edition_creds_response) . "<hr />\n";
}
}
print_r("<br /><em style='font-size:small'>Test Form Version: " . pugpig_get_standalone_version() . " </em><br />");
}
function pugpig_subs_test_form($title, $urls, $params, $test_users, $helptext = "", $use_http_post = false, $default_product_id = 'com.pugpig.edition0100')
{
if (!headers_sent()) {
header('Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0');
}
if (isset($urls["base"])) {
$urls["sign_in"] = $urls["base"] . "sign_in";
$urls["verify_subscription"] = $urls["base"] . "verify_subscription";
$urls["edition_credentials"] = $urls["base"] . "edition_credentials";
// sign_out needs to be set explicitly to be enabled
}
$vals = array();
$user_format = '';
foreach ($params as $param) {
if (!empty($user_format)) {
$user_format .= ', ';
}
$user_format .= '<strong>' . $param . '</strong>';
}
$params[] = "product_id";
foreach ($params as $param) {
if (isset($_REQUEST[$param])) {
$vals[$param] = htmlspecialchars($_REQUEST[$param]);
}
}
if (empty($vals['product_id'])) {
$vals['product_id'] = $default_product_id;
}
$product_id = $vals['product_id'];
$authToken = null;
$error = '';
$issues = array();
echo <<<EOT
<style>
form {border: 1px solid grey; padding: 2px; margin: 2px;}
.pugpig_active { color: green;}
.pugpig_inactive { color: orange;}
.pugpig_stale { color: gray;}
.pugpig_unknown { color: red;}
.testusers { -webkit-column-count: 4; }
</style>
EOT;
echo "<h2>Pugpig Authentication Test Console - {$title}</h2>\n";
$host = $_SERVER['HTTP_HOST'];
if (!pugpig_test_ping($host)) {
echo "<p><b><font color='red'>{$host}: Ping Failed. Maybe you need a local host entry?<br />127.0.0.1 {$host}</b></p>";
}
if (!empty($helptext)) {
echo "<p><em>{$helptext}</em></p>";
}
echo "Supplied test users:\n<ul class='testusers'>\n";
foreach ($test_users as $test_user) {
$state = strtolower($test_user['state']);
unset($test_user['state']);
$p = array();
$p["product_id"] = $product_id;
// We need this to retain the position on WordPress
if (isset($_REQUEST["page"])) {
$p["page"] = $_REQUEST["page"];
}
$query_params = http_build_query(array_merge($test_user, $p));
$description = implode(", ", $test_user);
echo "<li><b class='pugpig_{$state}'>{$description}</b> - <a href='?{$query_params}'>Test</a></li>\n";
}
echo "</ul>\n";
echo "<form method='GET'>\n";
// Need to WordPress settings pages
if (isset($_REQUEST["page"])) {
echo "<input type='hidden' name='page' value='" . $_REQUEST["page"] . "' />\n";
}
echo "Enter test values:<br />\n";
foreach ($params as $param) {
if (isset($vals[$param])) {
$val = $vals[$param];
} else {
$val = '';
}
echo "{$param}: <input id='{$param}' name='{$param}' type='text' value='{$val}' /> \n";
}
echo "<br /><input type='submit' />\n";
echo "</form>\n";
echo "<small>Note that the authorisation parameters for sign in are : {$user_format}. Make sure your client config matches.</small>\n\n";
// We will always have product_id. Need at least one more.
echo "<p>Using <em><a href='" . $urls["sign_in"] . "'>" . $urls["sign_in"] . "</a></em><br />\n";
echo "Using <em><a href='" . $urls["verify_subscription"] . "'>" . $urls["verify_subscription"] . "</a></em><br />\n";
echo "Using <em><a href='" . $urls["edition_credentials"] . "'>" . $urls["edition_credentials"] . "</a></em><br />\n";
if (array_key_exists("renew_token", $urls)) {
echo "Using <em><a href='" . $urls["renew_token"] . "'>" . $urls["renew_token"] . "</a></em><br />\n";
}
if (!empty($urls["sign_out"])) {
echo "Using <em><a href='" . $urls["sign_out"] . "'>" . $urls["sign_out"] . "</a></em><br />\n";
}
echo "</p>";
if (count($vals) > 1) {
unset($vals['product_id']);
$sep = strpos($urls["sign_in"], "?") ? "&" : "?";
if ($use_http_post) {
$sign_in_req = $urls["sign_in"];
$http_status = pugpig_subs_http_request($sign_in_req, $sign_in_response, $vals);
} else {
$sign_in_req = $urls["sign_in"] . $sep . http_build_query($vals);
$http_status = pugpig_subs_http_request($sign_in_req, $sign_in_response);
}
$status = "unknown";
if ($http_status != 200) {
echo "<b class='pugpig_unknown'>SIGN IN ERROR: Status {$http_status}</b><br />\n";
} else {
$token = pugpig_subs_get_single_xpath_value("/token", $sign_in_response);
// Backup format to support the Dovetail response format
if (empty($token)) {
$token = pugpig_subs_get_single_xpath_value("/result_response/authToken", $sign_in_response);
}
if (empty($token)) {
echo "Credentials not recognised - did not get a token<br />\n";
} else {
echo "Auth Token: <b class='pugpig_active'>{$token}</b>";
if (array_key_exists("renew_token", $urls)) {
$query_vars = array("token" => $token);
$sep = strpos($urls["renew_token"], "?") ? "&" : "?";
$renew_url = $urls["renew_token"] . $sep . http_build_query($query_vars);
echo " [<a href='{$renew_url}'>renew</a>]";
}
$global_auth_password = pugpig_subs_get_single_xpath_value("/token/@global_auth_password", $sign_in_response);
if (!empty($global_auth_password)) {
echo " (global auth password: <b class='pugpig_active'>{$global_auth_password}</b>)<br/>";
echo "Authorization: Basic " . base64_encode($token . ":" . $global_auth_password);
}
echo "<br />\n";
$query_vars = array("token" => $token);
$verify_subscription_req = $urls["verify_subscription"];
if ($use_http_post) {
$http_status = pugpig_subs_http_request($verify_subscription_req, $verify_subscription_response, $query_vars);
} else {
$sep = strpos($verify_subscription_req, "?") ? "&" : "?";
$verify_subscription_req .= $sep . http_build_query($query_vars);
$http_status = pugpig_subs_http_request($verify_subscription_req, $verify_subscription_response);
}
$query_vars['product_id'] = $product_id;
$edition_creds_req = $urls["edition_credentials"];
if ($http_status != 200) {
echo "<b class='pugpig_unknown'>VERIFY SUBSCRIPTION ERROR: Status {$http_status}</b><br />\n";
} else {
$message = pugpig_subs_get_single_xpath_value("/subscription/@message", $verify_subscription_response);
$status = pugpig_subs_get_single_xpath_value("/subscription/@state", $verify_subscription_response);
$issues_exists = pugpug_subs_get_xpath_value("/subscription/issues", $verify_subscription_response);
$issues = pugpug_subs_get_xpath_value("/subscription/issues/issue", $verify_subscription_response);
if (empty($status)) {
echo "Status: <b class='pugpig_unknown'>Got a 200, but did not get back the expected response</b><br />\n";
} elseif (!in_array($status, array('unknown', 'active', 'inactive', 'stale', 'suspended'))) {
echo "Status: <b class='pugpig_unknown'>Did not recognise status '{$status}'</b><br />";
} else {
echo "Status: <b class='pugpig_{$status}'>{$status}</b><br />\n";
if (!empty($message)) {
echo "Message: <b class='pugpig_{$status}'>{$message}</b><br />\n";
}
if ($issues_exists == '' || $issues_exists->length == 0) {
if (strtolower($status) == "active") {
echo "<b>Access based: As an active user, you have access to all issues</b><br />\n";
} else {
echo "<b>Access based: As an inactive user, you get nothing</b><br />\n";
}
} elseif ($issues->length == 0) {
echo "<b>Issue based: You do not have access to any issues</b><br />\n";
} else {
echo "<b>Issue based: You have access to " . $issues->length . " issues</b><br />\n";
echo "<ul>\n";
foreach ($issues as $issue) {
echo "<li>" . $issue->textContent . "</li>\n";
}
echo "</ul>\n";
}
}
}
if ($use_http_post) {
$http_status = pugpig_subs_http_request($edition_creds_req, $edition_creds_response, $query_vars);
} else {
$sep = strpos($edition_creds_req, "?") ? "&" : "?";
$edition_creds_req .= $sep . http_build_query($query_vars);
$http_status = pugpig_subs_http_request($edition_creds_req, $edition_creds_response);
}
if ($http_status != 200) {
echo "<b class='pugpig_unknown'>EDITION CREDENTIALS ERROR: Status {$http_status}</b>\n";
} else {
$userid = pugpig_subs_get_single_xpath_value("/credentials/userid", $edition_creds_response);
$password = pugpig_subs_get_single_xpath_value("/credentials/password", $edition_creds_response);
if (!empty($userid) && !empty($password)) {
echo "Got credentials for <b class='pugpig_active'>{$product_id}</b><br />\n";
} else {
$status = pugpig_subs_get_single_xpath_value("/credentials/error/@status", $edition_creds_response);
$message = pugpig_subs_get_single_xpath_value("/credentials/error/@message", $edition_creds_response);
echo "Denied credentials for <b class='pugpig_unknown'>{$product_id}</b> (status: <b class='unknown'>{$status}</b>)<br />\n";
if (!empty($message)) {
echo "Message: <b class='pugpig_unknown'>{$message}</b><br />\n";
}
}
}
if (!empty($urls["sign_out"])) {
$query_vars = array("token" => $token);
$sign_out_req = $urls["sign_out"];
if ($use_http_post) {
$http_status = pugpig_subs_http_request($sign_out_req, $sign_out_response, $query_vars);
} else {
$sep = strpos($sign_out_req, "?") ? "&" : "?";
$sign_out_req .= $sep . http_build_query($query_vars);
$http_status = pugpig_subs_http_request($sign_out_req, $sign_out_response);
}
if ($http_status == 501) {
echo "<b class='pugpig_unknown'>SIGN OUT: Not implemented</b>\n";
} else {
if ($http_status != 200) {
echo "<b class='pugpig_unknown'>SIGN OUT ERROR: Status {$http_status}</b>\n";
} else {
// todo: check response content
echo "Signed out OK\n";
}
}
}
}
}
echo "<h3 class='pugpig_{$status}'>All done</h3><br />\n";
if (!empty($sign_in_req)) {
echo "<a href='{$sign_in_req}'>Raw Sign In</a> (HTTP " . ($use_http_post ? "POST" : "GET") . ")<br />\n";
echo "<hr />" . htmlspecialchars($sign_in_response) . "<hr />\n";
}
if (!empty($verify_subscription_req)) {
echo "<a href='{$verify_subscription_req}'>Verify Subscription</a> (HTTP " . ($use_http_post ? "POST" : "GET") . ")<br />\n";
echo "<hr />" . htmlspecialchars($verify_subscription_response) . "<hr />\n";
}
if (!empty($edition_creds_req)) {
echo "<a href='{$edition_creds_req}'>Edition Credentials</a> (HTTP " . ($use_http_post ? "POST" : "GET") . ")<br />\n";
echo "<hr />" . htmlspecialchars($edition_creds_response) . "<hr />\n";
}
if (!empty($sign_out_req)) {
echo "<a href='{$sign_out_req}'>Sign Out</a> (HTTP " . ($use_http_post ? "POST" : "GET") . ")<br />\n";
echo "<hr />" . htmlspecialchars($sign_out_response) . "<hr />\n";
}
}
print_r("<br /><em style='font-size:small'>Test Form Version: " . pugpig_get_standalone_version() . " </em><br />");
}
