/** * testing forAll * */ public function testForAll() { $params = array(); $this->assertTrue(Extension\AbstractExtension::forAll(null, 'getTrustData', $params)); $this->assertSame(array(), $params); $params = array(); $this->assertTrue(Extension\AbstractExtension::forAll(array(), 'getTrustData', $params)); $this->assertSame(array(), $params); $params = array(); $this->assertFalse(Extension\AbstractExtension::forAll(array(1), 'getTrustData', $params)); $params = array(); $this->assertFalse(Extension\AbstractExtension::forAll(new \stdClass(), 'getTrustData', $params)); $ext = new Extension\Sreg(); $params = array(); $this->assertTrue(Extension\AbstractExtension::forAll($ext, 'getTrustData', $params)); $this->assertSame(array('ZendOpenId\\Extension\\Sreg' => array()), $params); $ext = new Extension\Sreg(); $params = array(); $this->assertTrue(Extension\AbstractExtension::forAll(array($ext), 'getTrustData', $params)); $this->assertSame(array('ZendOpenId\\Extension\\Sreg' => array()), $params); $ext = new ExtensionHelper(); $params = array(); $this->assertTrue(Extension\AbstractExtension::forAll(array($ext), 'getTrustData', $params)); $this->assertSame(array(), $params); $this->assertFalse(Extension\AbstractExtension::forAll(array($ext), 'wrong', $params)); $this->assertSame(array(), $params); }
/** * Perepares information to send back to consumer's authentication request * and signs it using shared secret. * * @param float $version OpenID protcol version * @param array $ret arguments to be send back to consumer * @param array $params GET or POST request variables * @param mixed $extensions extension object or array of extensions objects * @return array */ protected function _respond($version, $ret, $params, $extensions = null) { if (empty($params['openid_assoc_handle']) || !$this->_storage->getAssociation($params['openid_assoc_handle'], $macFunc, $secret, $expires)) { /* Use dumb mode */ if (!empty($params['openid_assoc_handle'])) { $ret['openid.invalidate_handle'] = $params['openid_assoc_handle']; } $macFunc = $version >= 2.0 ? 'sha256' : 'sha1'; $secret = $this->_genSecret($macFunc); $handle = uniqid(); $expiresIn = $this->_sessionTtl; $this->_storage->addAssociation($handle, $macFunc, $secret, time() + $expiresIn); $ret['openid.assoc_handle'] = $handle; } else { $ret['openid.assoc_handle'] = $params['openid_assoc_handle']; } if (isset($params['openid_return_to'])) { $ret['openid.return_to'] = $params['openid_return_to']; } if (isset($params['openid_claimed_id'])) { $ret['openid.claimed_id'] = $params['openid_claimed_id']; } if (isset($params['openid_identity'])) { $ret['openid.identity'] = $params['openid_identity']; } if ($version >= 2.0) { if (!empty($this->_opEndpoint)) { $ret['openid.op_endpoint'] = $this->_opEndpoint; } else { $ret['openid.op_endpoint'] = OpenId::selfUrl(); } } $ret['openid.response_nonce'] = gmdate('Y-m-d\\TH:i:s\\Z') . uniqid(); $ret['openid.mode'] = 'id_res'; Extension\AbstractExtension::forAll($extensions, 'prepareResponse', $ret); $signed = ''; $data = ''; foreach ($ret as $key => $val) { if (strpos($key, 'openid.') === 0) { $key = substr($key, strlen('openid.')); if (!empty($signed)) { $signed .= ','; } $signed .= $key; $data .= $key . ':' . $val . "\n"; } } $signed .= ',signed'; $data .= 'signed:' . $signed . "\n"; $ret['openid.signed'] = $signed; $ret['openid.sig'] = base64_encode(OpenId::hashHmac($macFunc, $data, $secret)); return $ret; }
/** * Performs check of OpenID identity. * * This is the first step of OpenID authentication process. * On success the function does not return (it does HTTP redirection to * server and exits). On failure it returns false. * * @param bool $immediate enables or disables interaction with user * @param string $id OpenID identity * @param string $returnTo HTTP URL to redirect response from server to * @param string $root HTTP URL to identify consumer on server * @param mixed $extensions extension object or array of extensions objects * @param Response $response an optional response object to perform HTTP or HTML form redirection * @return bool */ protected function _checkId($immediate, $id, $returnTo = null, $root = null, $extensions = null, Response $response = null) { $this->_setError(''); if (!OpenId::normalize($id)) { $this->_setError("Normalisation failed"); return false; } $claimedId = $id; if (!$this->_discovery($id, $server, $version)) { $this->_setError("Discovery failed: " . $this->getError()); return false; } if (!$this->_associate($server, $version)) { $this->_setError("Association failed: " . $this->getError()); return false; } if (!$this->_getAssociation($server, $handle, $macFunc, $secret, $expires)) { /* Use dumb mode */ unset($handle); unset($macFunc); unset($secret); unset($expires); } $params = array(); if ($version >= 2.0) { $params['openid.ns'] = OpenId::NS_2_0; } $params['openid.mode'] = $immediate ? 'checkid_immediate' : 'checkid_setup'; $params['openid.identity'] = $id; $params['openid.claimed_id'] = $claimedId; if ($version <= 2.0) { if ($this->_session !== null) { $this->_session->identity = $id; $this->_session->claimed_id = $claimedId; } elseif (defined('SID')) { $_SESSION["zend_openid"] = array("identity" => $id, "claimed_id" => $claimedId); } elseif (!headers_sent()) { $this->_session = new SessionContainer("zend_openid"); $this->_session->identity = $id; $this->_session->claimed_id = $claimedId; } } if (isset($handle)) { $params['openid.assoc_handle'] = $handle; } $params['openid.return_to'] = OpenId::absoluteUrl($returnTo); if (empty($root)) { $root = OpenId::selfUrl(); if ($root[strlen($root) - 1] != '/') { $root = dirname($root); } } if ($version >= 2.0) { $params['openid.realm'] = $root; } else { $params['openid.trust_root'] = $root; } if (!Extension\AbstractExtension::forAll($extensions, 'prepareRequest', $params)) { $this->_setError("Extension::prepareRequest failure"); return false; } OpenId::redirect($server, $params, $response); return true; }