* @package Zend_OpenId
* @subpackage UnitTests
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
* @version $Id$
*/
namespace ZendTest\OpenId;
use Zend\OpenId\OpenId;
/**
* Zend_OpenId
*/
/**
* @todo code should be moved into test class
*/
OpenId::$exitOnRedirect = false;
/**
* @category Zend
* @package Zend_OpenId
* @subpackage UnitTests
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
class ResponseHelper extends \Zend\Controller\Response\AbstractResponse
{
private $_canSendHeaders;
public function __construct($canSendHeaders)
{
$this->_canSendHeaders = $canSendHeaders;
}
public function canSendHeaders($throw = false)
/**
* Performs authentication validation for dumb consumers
* Returns array of variables to push back to consumer.
* It MUST contain 'is_valid' variable with value 'true' or 'false'.
*
* @param float $version OpenID version
* @param array $params GET or POST request variables
* @return array
*/
protected function _checkAuthentication($version, $params)
{
$ret = array();
if ($version >= 2.0) {
$ret['ns'] = OpenId\OpenId::NS_2_0;
}
$ret['openid.mode'] = 'id_res';
if (empty($params['openid_assoc_handle']) || empty($params['openid_signed']) || empty($params['openid_sig']) || !$this->_storage->getAssociation($params['openid_assoc_handle'], $macFunc, $secret, $expires)) {
$ret['is_valid'] = 'false';
return $ret;
}
$signed = explode(',', $params['openid_signed']);
$data = '';
foreach ($signed as $key) {
$data .= $key . ':';
if ($key == 'mode') {
$data .= "id_res\n";
} else {
$data .= $params['openid_' . strtr($key, '.', '_')] . "\n";
}
}
if ($this->_secureStringCompare(base64_decode($params['openid_sig']), OpenId\OpenId::hashHmac($macFunc, $data, $secret))) {
$ret['is_valid'] = 'true';
} else {
$ret['is_valid'] = 'false';
}
return $ret;
}
/**
* testing setSelfUrl
*
*/
public function testSetSelfUrl()
{
unset($_SERVER['SCRIPT_URI']);
unset($_SERVER['HTTPS']);
unset($_SERVER['HTTP_HOST']);
unset($_SERVER['SERVER_NAME']);
unset($_SERVER['SERVER_PORT']);
unset($_SERVER['SCRIPT_URL']);
unset($_SERVER['REDIRECT_URL']);
unset($_SERVER['PHP_SELF']);
unset($_SERVER['SCRIPT_NAME']);
unset($_SERVER['PATH_INFO']);
$_SERVER['SCRIPT_URI'] = "http://www.test.com/";
$this->assertSame( 'http://www.test.com/', OpenId::selfUrl() );
$this->assertSame( null, OpenId::setSelfUrl("http://localhost/test") );
$this->assertSame( "http://localhost/test", OpenId::selfUrl() );
$this->assertSame( "http://localhost/test", OpenId::setSelfUrl() );
$this->assertSame( 'http://www.test.com/', OpenId::selfUrl() );
$this->assertSame( null, OpenId::setSelfUrl() );
$this->assertSame( 'http://www.test.com/', OpenId::selfUrl() );
}
/**
* Performs check of OpenID identity.
*
* This is the first step of OpenID authentication process.
* On success the function does not return (it does HTTP redirection to
* server and exits). On failure it returns false.
*
* @param bool $immediate enables or disables interaction with user
* @param string $id OpenID identity
* @param string $returnTo HTTP URL to redirect response from server to
* @param string $root HTTP URL to identify consumer on server
* @param mixed $extensions extension object or array of extensions objects
* @param Zend\Controller\Response\AbstractResponse $response an optional response
* object to perform HTTP or HTML form redirection
* @return bool
*/
protected function _checkId($immediate, $id, $returnTo = null, $root = null, $extensions = null, Response\AbstractResponse $response = null)
{
$this->_setError('');
if (!OpenId\OpenId::normalize($id)) {
$this->_setError("Normalisation failed");
return false;
}
$claimedId = $id;
if (!$this->_discovery($id, $server, $version)) {
$this->_setError("Discovery failed: " . $this->getError());
return false;
}
if (!$this->_associate($server, $version)) {
$this->_setError("Association failed: " . $this->getError());
return false;
}
if (!$this->_getAssociation($server, $handle, $macFunc, $secret, $expires)) {
/* Use dumb mode */
unset($handle);
unset($macFunc);
unset($secret);
unset($expires);
}
$params = array();
if ($version >= 2.0) {
$params['openid.ns'] = OpenId\OpenId::NS_2_0;
}
$params['openid.mode'] = $immediate ? 'checkid_immediate' : 'checkid_setup';
$params['openid.identity'] = $id;
$params['openid.claimed_id'] = $claimedId;
if ($version <= 2.0) {
if ($this->_session !== null) {
$this->_session->identity = $id;
$this->_session->claimed_id = $claimedId;
} else {
if (defined('SID')) {
$_SESSION["zend_openid"] = array("identity" => $id, "claimed_id" => $claimedId);
} else {
$this->_session = new \Zend\Session\Container("zend_openid");
$this->_session->identity = $id;
$this->_session->claimed_id = $claimedId;
}
}
}
if (isset($handle)) {
$params['openid.assoc_handle'] = $handle;
}
$params['openid.return_to'] = OpenId\OpenId::absoluteUrl($returnTo);
if (empty($root)) {
$root = OpenId\OpenId::selfUrl();
if ($root[strlen($root) - 1] != '/') {
$root = dirname($root);
}
}
if ($version >= 2.0) {
$params['openid.realm'] = $root;
} else {
$params['openid.trust_root'] = $root;
}
if (!Extension\AbstractExtension::forAll($extensions, 'prepareRequest', $params)) {
$this->_setError("Extension::prepareRequest failure");
return false;
}
OpenId\OpenId::redirect($server, $params, $response);
return true;
}
