function test_toURL() { $base_url = 'http://base.url/'; $actual = $this->msg->toURL($base_url); $actual_base = substr($actual, 0, strlen($base_url)); $this->assertEquals($actual_base, $base_url); $this->assertEquals($actual[strlen($base_url)], '?'); $query = substr($actual, strlen($base_url) + 1); $parsed = Auth_OpenID::parse_str($query); $this->assertEquals($parsed, array('openid.mode' => 'error', 'openid.error' => 'unit test')); }
/** * @access private */ function _verifyReturnToArgs($query) { // Verify that the arguments in the return_to URL are present in this // response. $message = Auth_OpenID_Message::fromPostArgs($query); $return_to = $message->getArg(Auth_OpenID_OPENID_NS, 'return_to'); if (Auth_OpenID::isFailure($return_to)) { return $return_to; } // XXX: this should be checked by _idResCheckForFields if (!$return_to) { return new Auth_OpenID_FailureResponse(null, "Response has no return_to"); } $parsed_url = parse_url($return_to); $q = array(); if (array_key_exists('query', $parsed_url)) { $rt_query = $parsed_url['query']; $q = Auth_OpenID::parse_str($rt_query); } foreach ($q as $rt_key => $rt_value) { if (!array_key_exists($rt_key, $query)) { return new Auth_OpenID_FailureResponse(null, sprintf("return_to parameter %s absent from query", $rt_key)); } else { $value = $query[$rt_key]; if ($rt_value != $value) { return new Auth_OpenID_FailureResponse(null, sprintf("parameter %s value %s does not match " . "return_to value %s", $rt_key, $value, $rt_value)); } } } // Make sure all non-OpenID arguments in the response are also // in the signed return_to. $bare_args = $message->getArgs(Auth_OpenID_BARE_NS); foreach ($bare_args as $key => $value) { if (Auth_OpenID::arrayGet($q, $key) != $value) { return new Auth_OpenID_FailureResponse(null, sprintf("Parameter %s = %s not in return_to URL", $key, $value)); } } return true; }
/** * @access private */ function _idResGetNonceOpenID1($message, $endpoint) { $return_to = $message->getArg(Auth_OpenID_OPENID1_NS, 'return_to'); if ($return_to === null) { return null; } $parsed_url = parse_url($return_to); if (!array_key_exists('query', $parsed_url)) { return null; } $query = $parsed_url['query']; $pairs = Auth_OpenID::parse_str($query); if ($pairs === null) { return null; } foreach ($pairs as $k => $v) { if ($k == $this->openid1_nonce_query_arg_name) { return $v; } } return null; }
function test_id_res() { $request = new Auth_OpenID_CheckIDRequest('http://bombom.unittest/', 'http://burr.unittest/', 'http://burr.unittest/999', false, $this->server); $response = new Auth_OpenID_ServerResponse($request); $response->fields = Auth_OpenID_Message::fromOpenIDArgs(array('mode' => 'id_res', 'identity' => $request->identity, 'return_to' => $request->return_to)); $webresponse = $this->encoder->encode($response); $this->assertEquals($webresponse->code, AUTH_OPENID_HTTP_REDIRECT); $this->assertTrue(array_key_exists('location', $webresponse->headers)); $location = $webresponse->headers['location']; $this->assertTrue(strpos($location, $request->return_to) === 0); // "%s does not start with %s" % ($location, // $request->return_to)); $parsed = parse_url($location); $query = array(); $query = Auth_OpenID::parse_str($parsed['query']); $expected = $response->fields->toPostArgs(); $this->assertEquals($query, $expected); }
/** * @access private */ function _verifyReturnToArgs($query) { // Verify that the arguments in the return_to URL are present in this // response. $message = Auth_OpenID_Message::fromPostArgs($query); $return_to = $message->getArg(Auth_OpenID_OPENID_NS, 'return_to'); // modified by ben brown 2010-01-21 // for some reason the return url being specified is all jacked //$return_to = preg_replace("/(.*?)\?.*/","$1",$return_to); error_log("Looking at return to = {$return_to}"); if (Auth_OpenID::isFailure($return_to)) { error_log("failing 1"); return $return_to; } // XXX: this should be checked by _idResCheckForFields if (!$return_to) { error_log("failing 2"); return new Auth_OpenID_FailureResponse(null, "Response has no return_to"); } $parsed_url = parse_url($return_to); error_log("parsed url: {$parsed_url}"); $q = array(); if (array_key_exists('query', $parsed_url)) { $rt_query = $parsed_url['query']; $q = Auth_OpenID::parse_str($rt_query); } foreach ($q as $rt_key => $rt_value) { if (!array_key_exists($rt_key, $query)) { error_log("failing 3"); return new Auth_OpenID_FailureResponse(null, sprintf("return_to parameter %s absent from query", $rt_key)); } else { $value = $query[$rt_key]; if ($rt_value != $value) { error_log("failing 4"); return new Auth_OpenID_FailureResponse(null, sprintf("parameter %s value %s does not match " . "return_to value %s", $rt_key, $value, $rt_value)); } } } // Make sure all non-OpenID arguments in the response are also // in the signed return_to. $bare_args = $message->getArgs(Auth_OpenID_BARE_NS); foreach ($bare_args as $key => $value) { if (Auth_OpenID::arrayGet($q, $key) != $value) { error_log("failing 5"); return new Auth_OpenID_FailureResponse(null, sprintf("Parameter %s = %s not in return_to URL", $key, $value)); } } return true; }