function test_urldefrag()
{
$cases = array(array('http://foo.com', 'http://foo.com'), array('http://foo.com/', 'http://foo.com/'), array('http://foo.com/path', 'http://foo.com/path'), array('http://foo.com/path?query', 'http://foo.com/path?query'), array('http://foo.com/path?query=v', 'http://foo.com/path?query=v'), array('http://foo.com/?query=v', 'http://foo.com/?query=v'));
foreach ($cases as $pair) {
list($orig, $after) = $pair;
list($base, $frag) = Auth_OpenID::urldefrag($orig);
$this->assertEquals($after, $base);
$this->assertEquals($frag, '');
list($base, $frag) = Auth_OpenID::urldefrag($orig . "#fragment");
$this->assertEquals($after, $base);
$this->assertEquals('fragment', $frag);
}
}
/**
* @access private
*/
function _verifyDiscoverySingle($endpoint, $to_match)
{
// Every type URI that's in the to_match endpoint has to be
// present in the discovered endpoint.
foreach ($to_match->type_uris as $type_uri) {
if (!$endpoint->usesExtension($type_uri)) {
return new Auth_OpenID_TypeURIMismatch($endpoint, "Required type " . $type_uri . " not present");
}
}
// Fragments do not influence discovery, so we can't compare a
// claimed identifier with a fragment to discovered
// information.
list($defragged_claimed_id, $_) = Auth_OpenID::urldefrag($to_match->claimed_id);
if ($defragged_claimed_id != $endpoint->claimed_id) {
return new Auth_OpenID_FailureResponse($endpoint, sprintf('Claimed ID does not match (different subjects!), ' . 'Expected %s, got %s', $defragged_claimed_id, $endpoint->claimed_id));
}
if ($to_match->getLocalID() != $endpoint->getLocalID()) {
return new Auth_OpenID_FailureResponse($endpoint, sprintf('local_id mismatch. Expected %s, got %s', $to_match->getLocalID(), $endpoint->getLocalID()));
}
// If the server URL is None, this must be an OpenID 1
// response, because op_endpoint is a required parameter in
// OpenID 2. In that case, we don't actually care what the
// discovered server_url is, because signature checking or
// check_auth should take care of that check for us.
if ($to_match->server_url === null) {
if ($to_match->preferredNamespace() != Auth_OpenID_OPENID1_NS) {
return new Auth_OpenID_FailureResponse($endpoint, "Preferred namespace mismatch (bug)");
}
} else {
if ($to_match->server_url != $endpoint->server_url) {
return new Auth_OpenID_FailureResponse($endpoint, sprintf('OP Endpoint mismatch. Expected %s, got %s', $to_match->server_url, $endpoint->server_url));
}
}
return null;
}
/**
* Given a URL, this "normalizes" it by adding a trailing slash
* and / or a leading http:// scheme where necessary. Returns
* null if the original URL is malformed and cannot be normalized.
*
* @access private
* @param string $url The URL to be normalized.
* @return mixed $new_url The URL after normalization, or null if
* $url was malformed.
*/
static function normalizeUrl($url)
{
@($parsed = parse_url($url));
if (!$parsed) {
return null;
}
if (isset($parsed['scheme']) && isset($parsed['host'])) {
$scheme = strtolower($parsed['scheme']);
if (!in_array($scheme, array('http', 'https'))) {
return null;
}
} else {
$url = 'http://' . $url;
}
$normalized = Auth_OpenID_urinorm($url);
if ($normalized === null) {
return null;
}
list($defragged, $frag) = Auth_OpenID::urldefrag($normalized);
return $defragged;
}
