/**
* Add user attributes to the response.
*
* @param CAS\Ticket $ticket Validated ticket.
*
* @uses \apply_filters()
*/
protected function setUserAttributes(CAS\Ticket $ticket)
{
$attributeKeys = Options::get('attributes');
$attributes = array();
foreach ($attributeKeys as $key) {
$attributes[$key] = implode(',', (array) $ticket->user->get($key));
}
/**
* Allows developers to change the list of (key, value) pairs before they're included
* in a `/serviceValidate` response.
*
* @param array $attributes List of attributes to output.
* @param WP_User $user Authenticated user.
*/
$attributes = \apply_filters('cas_server_validation_user_attributes', $attributes, $ticket->user);
if (!is_array($attributes) || empty($attributes)) {
return;
}
$xmlAttributes = $this->createElement('attributes');
foreach ($attributes as $key => $value) {
$xmlAttribute = $this->createElement($key, $value);
$xmlAttributes->appendChild($xmlAttribute);
}
$this->response->appendChild($xmlAttributes);
}
/**
* Perform an HTTP redirect.
*
* If the 'allowed_services' contains at least one host, it will always perform a safe
* redirect.
*
* Calling Server::redirect() will _always_ end the request.
*
* @param string $location URI to redirect to.
* @param integer $status HTTP status code (default 302).
*
* @uses \wp_redirect()
* @uses \wp_safe_redirect()
*/
public function redirect($location, $status = 302)
{
$allowedServices = Options::get('allowed_services');
if (is_array($allowedServices) && count($allowedServices) > 0) {
\wp_safe_redirect($location, $status);
}
\wp_redirect($location, $status);
exit;
}
/**
* Test plugin settings setter.
*
* @covers \Cassava\Options::get
* @covers \Cassava\Options::set
*/
function test_set()
{
\Cassava\Options::set('zero', 0);
$this->assertSame(0, \Cassava\Options::get('zero'), 'Set 0 integer.');
\Cassava\Options::set('integer', 99);
$this->assertSame(99, \Cassava\Options::get('integer'), 'Set non-zero integer.');
\Cassava\Options::set('float', 99.98999999999999);
$this->assertSame(99.98999999999999, \Cassava\Options::get('float'), 'Set float.');
\Cassava\Options::set('string', 'test');
$this->assertSame('test', \Cassava\Options::get('string'), 'Set string.');
\Cassava\Options::set('array', array(1, 2, 3));
$this->assertSame(array(1, 2, 3), \Cassava\Options::get('array'), 'Set array.');
\Cassava\Options::set('object', (object) array(1, 2, 3));
$this->assertEquals((object) array(1, 2, 3), \Cassava\Options::get('object'), 'Set object.');
}
/**
* @covers ::prepare
* @covers ::setTicket
* @covers ::setUserAttributes
*
* @dataProvider data_setUserAttributes
*/
function test_setUserAttributes($attributes)
{
Options::set('attributes', $attributes);
$this->response->setTicket($this->ticket);
$xml = $this->response->prepare();
$this->assertXPathMatch(count($attributes), 'count(//cas:attributes/*)', $xml, 'Response contains the expected number of attributes.');
foreach ($attributes as $attribute) {
$expected = $this->user->get($attribute);
$this->assertXPathMatch($expected, "string(//cas:attributes/cas:{$attribute}/text())", $xml, 'Response contains the expected attribute value.');
}
}
/**
* Test the rewrite rules set by the plugin.
*
* @todo Test rewrite rules.
* @todo Test that the endpoint_slug reverts to the default when empty.
*/
function test_rewrite_rules()
{
$path = \Cassava\Options::get('endpoint_slug');
$this->assertNotEmpty($path, 'Plugin sets default URI path root.');
$rule = '^' . $path . '/(.*)?';
// TODO: Look for endpoints
// - Force SSL option OFF --> OK
// - Force SSL option ON and...
// - SSL ON --> OK
// - SSL OFF --> Error
// Plugin forces default endpoint slug
\Cassava\Options::set('endpoint_slug', '');
$this->markTestIncomplete();
}
/**
* Checks whether a ticket has been used using WordPress's Transients API.
*
* @return boolean Whether the ticket has been used.
*
* @uses \get_transient()
*/
public function isUsed()
{
if (Options::get('allow_ticket_reuse')) {
return false;
}
$key = $this->generateKey();
return !\get_transient(Plugin::TRANSIENT_PREFIX . $key);
}