/** * Test the required parameters for the signature * @see https://openid.net/specs/openid-authentication-2_0.html#positive_assertions */ public function testSignedParams() { $expiresIn = time() + 600; $_SERVER['SCRIPT_URI'] = "http://www.zf-test.com/test.php"; $storage = new Zend_OpenId_Consumer_Storage_File(dirname(__FILE__) . "/_files/consumer"); $consumer = new Zend_OpenId_ConsumerHelper($storage); $storage->addDiscoveryInfo(self::ID, self::REAL_ID, self::SERVER, 1.1, $expiresIn); // Wrong arguments $this->assertFalse($consumer->verify(array())); // HMAC-SHA1 $consumer->clearAssociation(); $params = array("openid_return_to" => "http://www.zf-test.com/test.php", "openid_assoc_handle" => self::HANDLE, "openid_claimed_id" => self::ID, "openid_identity" => self::REAL_ID, "openid_response_nonce" => "2007-08-14T12:52:33Z46c1a59124ffe", "openid_mode" => "id_res", "openid_signed" => "assoc_handle,return_to,claimed_id,identity,response_nonce,mode,signed", "openid_sig" => "h/5AFD25NpzSok5tzHEGCVUkQSw="); $storage->delAssociation(self::SERVER); $storage->addAssociation(self::SERVER, self::HANDLE, "sha1", pack("H*", "8382aea922560ece833ba55fa53b7a975f597370"), $expiresIn); $storage->purgeNonces(); $this->assertFalse($consumer->verify($params)); $this->assertEquals("The required parameter op_endpoint is missing in the signed", $consumer->getError()); }