public function isValid()
{
try {
//check identifier
if (isset($this->message[OpenIdSREGExtension::paramNamespace('_')]) && $this->message[OpenIdSREGExtension::paramNamespace('_')] == OpenIdSREGExtension::NamespaceUrl) {
//check required fields
if (!isset($this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::Required, '_')])) {
throw new InvalidOpenIdMessageException("SREG: not set required attributes!");
}
//get attributes
$attributes = $this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::Required, '_')];
$attributes = explode(",", $attributes);
if (count($attributes) <= 0) {
throw new InvalidOpenIdMessageException("SREG: not set required attributes!");
}
foreach ($attributes as $attr) {
$attr = trim($attr);
if (!isset(OpenIdSREGExtension::$available_properties[$attr])) {
continue;
}
$this->attributes[$attr] = $attr;
}
//get attributes
if (isset($this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::Optional, '_')])) {
$opt_attributes = $this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::Optional, '_')];
$opt_attributes = explode(",", $opt_attributes);
foreach ($opt_attributes as $opt_attr) {
$opt_attr = trim($opt_attr);
if (!isset(OpenIdSREGExtension::$available_properties[$opt_attr])) {
continue;
}
if (isset($this->attributes[$opt_attr])) {
throw new InvalidOpenIdMessageException("SREG: optional attribute is already set as required one!");
}
$this->optional_attributes[$opt_attr] = $opt_attr;
}
}
//check policy url..
if (isset($this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::PolicyUrl, '_')])) {
$this->policy_url = $this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::PolicyUrl, '_')];
}
return true;
}
} catch (Exception $ex) {
throw $ex;
}
return false;
}
public function testCheckSetupSREGExtension()
{
//set login info
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowForever);
$sreg_required_params = array('email', 'fullname');
$params = array(OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS) => OpenIdProtocol::OpenID2MessageType, OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Mode) => OpenIdProtocol::SetupMode, OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm) => "https://www.test.com/", OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo) => "https://www.test.com/oauth2", OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Identity) => "http://specs.openid.net/auth/2.0/identifier_select", OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ClaimedId) => "http://specs.openid.net/auth/2.0/identifier_select", OpenIdSREGExtension::paramNamespace() => OpenIdSREGExtension::NamespaceUrl, OpenIdSREGExtension::param(OpenIdSREGExtension::Required) => implode(",", $sreg_required_params));
$response = $this->action("POST", "OpenIdProviderController@endpoint", $params);
$this->assertResponseStatus(302);
$openid_response = $this->parseOpenIdResponse($response->getTargetUrl());
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Mode)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Mode)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Sig)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Sig)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Signed)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Signed)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_OpEndpoint)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_OpEndpoint)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Identity)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Identity)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ClaimedId)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ClaimedId)]));
//sreg
$this->assertTrue(isset($openid_response[OpenIdSREGExtension::paramNamespace()]));
$this->assertTrue($openid_response[OpenIdSREGExtension::paramNamespace()] === OpenIdSREGExtension::NamespaceUrl);
$this->assertTrue(isset($openid_response[OpenIdSREGExtension::param(OpenIdSREGExtension::FullName)]));
$full_name = $openid_response[OpenIdSREGExtension::param(OpenIdSREGExtension::FullName)];
$this->assertTrue(!empty($full_name) && $full_name === 'Sebastian Marcet');
$this->assertTrue(isset($openid_response[OpenIdSREGExtension::param(OpenIdSREGExtension::Email)]));
$email = $openid_response[OpenIdSREGExtension::param(OpenIdSREGExtension::Email)];
$this->assertTrue(!empty($email) && $email === '*****@*****.**');
//http://openid.net/specs/openid-authentication-2_0.html#check_auth
$response = $this->action("POST", "OpenIdProviderController@endpoint", $this->prepareCheckAuthenticationParams($openid_response));
$openid_response = $this->getOpenIdResponseLineBreak($response->getContent());
$this->assertResponseStatus(200);
$this->assertTrue($openid_response['is_valid'] === 'true');
}
