/**
* testing forAll
*
*/
public function testForAll()
{
$params = array();
$this->assertTrue(Zend_OpenId_Extension::forAll(null, 'getTrustData', $params));
$this->assertSame(array(), $params);
$params = array();
$this->assertTrue(Zend_OpenId_Extension::forAll(array(), 'getTrustData', $params));
$this->assertSame(array(), $params);
$params = array();
$this->assertFalse(Zend_OpenId_Extension::forAll(array(1), 'getTrustData', $params));
$params = array();
$this->assertFalse(Zend_OpenId_Extension::forAll(new stdClass(), 'getTrustData', $params));
$ext = new Zend_OpenId_Extension_Sreg();
$params = array();
$this->assertTrue(Zend_OpenId_Extension::forAll($ext, 'getTrustData', $params));
$this->assertSame(array('Zend_OpenId_Extension_Sreg' => array()), $params);
$ext = new Zend_OpenId_Extension_Sreg();
$params = array();
$this->assertTrue(Zend_OpenId_Extension::forAll(array($ext), 'getTrustData', $params));
$this->assertSame(array('Zend_OpenId_Extension_Sreg' => array()), $params);
$ext = new Zend_OpenId_Extension_Helper();
$params = array();
$this->assertTrue(Zend_OpenId_Extension::forAll(array($ext), 'getTrustData', $params));
$this->assertSame(array(), $params);
$this->assertFalse(Zend_OpenId_Extension::forAll(array($ext), 'wrong', $params));
$this->assertSame(array(), $params);
}
/**
* Performs check of OpenID identity.
*
* This is the first step of OpenID authentication process.
* On success the function does not return (it does HTTP redirection to
* server and exits). On failure it returns false.
*
* @param bool $immediate enables or disables interaction with user
* @param string $id OpenID identity
* @param string $returnTo HTTP URL to redirect response from server to
* @param string $root HTTP URL to identify consumer on server
* @param mixed $extensions extension object or array of extensions objects
* @param Zend_Controller_Response_Abstract $response an optional response
* object to perform HTTP or HTML form redirection
* @return bool
*/
protected function _checkId($immediate, $id, $returnTo = null, $root = null, $extensions = null, Zend_Controller_Response_Abstract $response = null)
{
$this->_setError('');
if (!Zend_OpenId::normalize($id)) {
$this->_setError("Normalisation failed");
return false;
}
$claimedId = $id;
if (!$this->_discovery($id, $server, $version)) {
$this->_setError("Discovery failed: " . $this->getError());
return false;
}
if (!$this->_associate($server, $version)) {
$this->_setError("Association failed: " . $this->getError());
return false;
}
if (!$this->_getAssociation($server, $handle, $macFunc, $secret, $expires)) {
/* Use dumb mode */
unset($handle);
unset($macFunc);
unset($secret);
unset($expires);
}
$params = array();
if ($version >= 2.0) {
$params['openid.ns'] = Zend_OpenId::NS_2_0;
}
$params['openid.mode'] = $immediate ? 'checkid_immediate' : 'checkid_setup';
$params['openid.identity'] = $id;
$params['openid.claimed_id'] = $claimedId;
if ($version <= 2.0) {
if ($this->_session !== null) {
$this->_session->identity = $id;
$this->_session->claimed_id = $claimedId;
} else {
if (defined('SID')) {
$_SESSION["zend_openid"] = array("identity" => $id, "claimed_id" => $claimedId);
} else {
require_once "Zend/Session/Namespace.php";
$this->_session = new Zend_Session_Namespace("zend_openid");
$this->_session->identity = $id;
$this->_session->claimed_id = $claimedId;
}
}
}
if (isset($handle)) {
$params['openid.assoc_handle'] = $handle;
}
$params['openid.return_to'] = Zend_OpenId::absoluteUrl($returnTo);
if (empty($root)) {
$root = Zend_OpenId::selfUrl();
if ($root[strlen($root) - 1] != '/') {
$root = dirname($root);
}
}
if ($version >= 2.0) {
$params['openid.realm'] = $root;
} else {
$params['openid.trust_root'] = $root;
}
if (!Zend_OpenId_Extension::forAll($extensions, 'prepareRequest', $params)) {
$this->_setError("Extension::prepareRequest failure");
return false;
}
Zend_OpenId::redirect($server, $params, $response);
return true;
}
/**
* Perepares information to send back to consumer's authentication request
* and signs it using shared secret.
*
* @param float $version OpenID protcol version
* @param array $ret arguments to be send back to consumer
* @param array $params GET or POST request variables
* @param mixed $extensions extension object or array of extensions objects
* @return array
*/
protected function _respond($version, $ret, $params, $extensions = null)
{
if (empty($params['openid_assoc_handle']) || !$this->_storage->getAssociation($params['openid_assoc_handle'], $macFunc, $secret, $expires)) {
/* Use dumb mode */
if (!empty($params['openid_assoc_handle'])) {
$ret['openid.invalidate_handle'] = $params['openid_assoc_handle'];
}
$macFunc = $version >= 2.0 ? 'sha256' : 'sha1';
$secret = $this->_genSecret($macFunc);
$handle = uniqid();
$expiresIn = $this->_sessionTtl;
$this->_storage->addAssociation($handle, $macFunc, $secret, time() + $expiresIn);
$ret['openid.assoc_handle'] = $handle;
} else {
$ret['openid.assoc_handle'] = $params['openid_assoc_handle'];
}
if (isset($params['openid_return_to'])) {
$ret['openid.return_to'] = $params['openid_return_to'];
}
if (isset($params['openid_claimed_id'])) {
$ret['openid.claimed_id'] = $params['openid_claimed_id'];
}
if (isset($params['openid_identity'])) {
$ret['openid.identity'] = $params['openid_identity'];
}
if ($version >= 2.0) {
if (!empty($this->_opEndpoint)) {
$ret['openid.op_endpoint'] = $this->_opEndpoint;
} else {
$ret['openid.op_endpoint'] = Zend_OpenId::selfUrl();
}
}
$ret['openid.response_nonce'] = gmdate('Y-m-d\\TH:i:s\\Z') . uniqid();
$ret['openid.mode'] = 'id_res';
Zend_OpenId_Extension::forAll($extensions, 'prepareResponse', $ret);
$signed = '';
$data = '';
foreach ($ret as $key => $val) {
if (strpos($key, 'openid.') === 0) {
$key = substr($key, strlen('openid.'));
if (!empty($signed)) {
$signed .= ',';
}
$signed .= $key;
$data .= $key . ':' . $val . "\n";
}
}
$signed .= ',signed';
$data .= 'signed:' . $signed . "\n";
$ret['openid.signed'] = $signed;
$ret['openid.sig'] = base64_encode(Zend_OpenId::hashHmac($macFunc, $data, $secret));
return $ret;
}
/**
* Performs check of OpenID identity.
*
* This is the first step of OpenID authentication process.
* On success the function does not return (it does HTTP redirection to
* server and exits). On failure it returns false.
*
* @param bool $immediate enables or disables interaction with user
* @param string $id OpenID identity
* @param string $returnTo HTTP URL to redirect response from server to
* @param string $root HTTP URL to identify consumer on server
* @param mixed $extensions extension object or array of extensions objects
* @param Zend_Controller_Response_Abstract $response an optional response
* object to perform HTTP or HTML form redirection
* @return bool
*/
protected function _checkId($immediate, $id, $returnTo = null, $root = null, $extensions = null, Zend_Controller_Response_Abstract $response = null)
{
if (!Zend_OpenId::normalize($id)) {
return false;
}
$claimedId = $id;
if (!$this->_discovery($id, $server, $version)) {
return false;
}
if (!$this->_associate($server, $version)) {
return false;
}
if (!$this->_getAssociation($server, $handle, $macFunc, $secret, $expires)) {
/* Use dumb mode */
unset($handle);
unset($macFunc);
unset($secret);
unset($expires);
}
$params = array();
if ($version >= 2.0) {
$params['openid.ns'] = Zend_OpenId::NS_2_0;
}
$params['openid.mode'] = $immediate ? 'checkid_immediate' : 'checkid_setup';
$params['openid.identity'] = $id;
$params['openid.claimed_id'] = $claimedId;
if (isset($handle)) {
$params['openid.assoc_handle'] = $handle;
}
$params['openid.return_to'] = Zend_OpenId::absoluteUrl($returnTo);
if (empty($root)) {
$root = dirname(Zend_OpenId::selfUrl());
}
if ($version >= 2.0) {
$params['openid.realm'] = $root;
} else {
$params['openid.trust_root'] = $root;
}
if (!Zend_OpenId_Extension::forAll($extensions, 'prepareRequest', $params)) {
return false;
}
Zend_OpenId::redirect($server, $params, $response);
return true;
}
/**
* Performs check of OpenID identity.
*
* This is the first step of OpenID authentication process.
* On success the function does not return (it does HTTP redirection to
* server and exits). On failure it returns false.
*
* @param bool $immediate enables or disables interaction with user
* @param string $id OpenID identity
* @param string $returnTo HTTP URL to redirect response from server to
* @param string $root HTTP URL to identify consumer on server
* @param mixed $extensions extension object or array of extensions objects
* @param Zend_Controller_Response_Abstract $response an optional response
* object to perform HTTP or HTML form redirection
* @return bool
*/
protected function _checkId($immediate, $id, $returnTo = null, $root = null, $extensions = null, Zend_Controller_Response_Abstract $response = null)
{
$this->_setError('');
if (!Zend_OpenId::normalize($id)) {
$this->_setError("Normalisation failed");
return false;
}
$claimedId = $id;
if (!$this->_discovery($id, $server, $version)) {
$this->_setError("Discovery failed: " . $this->getError());
return false;
}
if (!$this->_associate($server, $version)) {
$this->_setError("Association failed: " . $this->getError());
return false;
}
if (!$this->_getAssociation($server, $handle, $macFunc, $secret, $expires)) {
/* Use dumb mode */
unset($handle);
unset($macFunc);
unset($secret);
unset($expires);
}
$params = array();
if ($version >= 2.0) {
$params['openid.ns'] = Zend_OpenId::NS_2_0;
}
$params['openid.mode'] = $immediate ? 'checkid_immediate' : 'checkid_setup';
$params['openid.identity'] = $id;
$params['openid.claimed_id'] = $claimedId;
if ($version <= 2.0) {
if ($this->_session !== null) {
$this->_session->identity = $id;
$this->_session->claimed_id = $claimedId;
if ($server == 'https://www.google.com/accounts/o8/ud') {
$params['openid.identity'] = 'http://specs.openid.net/auth/2.0/identifier_select';
$params['openid.claimed_id'] = 'http://specs.openid.net/auth/2.0/identifier_select';
$params['openid.ns.ax'] = 'http://openid.net/srv/ax/1.0';
$params['openid.ax.mode'] = 'fetch_request';
$params['openid.ax.type.email'] = 'http://axschema.org/contact/email';
$params['openid.ax.type.country'] = 'http://axschema.org/contact/country/home';
$params['openid.ax.type.firstname'] = 'http://axschema.org/namePerson/first';
$params['openid.ax.type.lastname'] = 'http://axschema.org/namePerson/last';
$params['openid.ax.type.language'] = 'http://axschema.org/pref/language';
$params['openid.ax.required'] = 'country,firstname,email,language,lastname';
}
} else {
if (defined('SID')) {
$_SESSION["zend_openid"] = array("identity" => $id, "claimed_id" => $claimedId);
} else {
require_once "Zend/Session/Namespace.php";
$this->_session = new Zend_Session_Namespace("zend_openid");
$this->_session->identity = $id;
$this->_session->claimed_id = $claimedId;
}
}
}
if (isset($handle)) {
$params['openid.assoc_handle'] = $handle;
}
$params['openid.return_to'] = Zend_OpenId::absoluteUrl($returnTo);
if (empty($root)) {
$root = Zend_OpenId::selfUrl();
if ($root[strlen($root) - 1] != '/') {
$root = dirname($root);
}
}
if ($version >= 2.0) {
$params['openid.realm'] = $root;
} else {
$params['openid.trust_root'] = $root;
}
if (!Zend_OpenId_Extension::forAll($extensions, 'prepareRequest', $params)) {
$this->_setError("Extension::prepareRequest failure");
return false;
}
Zend_OpenId::redirect($server, $params, $response);
return true;
}
