public function testDefaultDHParams()
{
$g = OpenIdDHAssociationSessionRequest::DH_G;
$p = OpenIdDHAssociationSessionRequest::DH_P;
$g_bin = pack('H*', $g);
$p_bin = pack('H*', $p);
$g_number = OpenIdCryptoHelper::convert($g_bin, DiffieHellman::FORMAT_BINARY, DiffieHellman::FORMAT_NUMBER);
$p_number = OpenIdCryptoHelper::convert($p_bin, DiffieHellman::FORMAT_BINARY, DiffieHellman::FORMAT_NUMBER);
$this->assertTrue($g_number == '2');
$this->assertTrue($p_number == '155172898181473697471232257763715539915724801966915404479707795314057629378541917580651227423698188993727816152646631438561595825688188889951272158842675419950341258706556549803580104870537681476726513255747040765857479291291572334510643245094715007229621094194349783925984760375594985848253359305585439638443');
}
public function testAuthenticationSetupModeSessionAssociationDHSha256()
{
$b64_public = base64_encode(OpenIdCryptoHelper::convert($this->public, DiffieHellman::FORMAT_NUMBER, DiffieHellman::FORMAT_BTWOC));
$this->assertTrue($b64_public === 'AIUmVPMheb/hEupD5m6veEEstnBVteyZPy+mlYX7ygxygLG/XuHFa8q4lZERJ9u1DNFOpXHRDq5RbjsaUYRDOtyrbkGbeKo5tPqjsynjXtoMAItxkxCU4jpQLvH85P+u7DeA0h3kKNHFa90ijZTIGSSDRF5wW9N+QPCUCt4G4xWZ');
$params = array(OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS) => OpenIdProtocol::OpenID2MessageType, OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Mode) => OpenIdProtocol::AssociateMode, OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_AssocType) => OpenIdProtocol::SignatureAlgorithmHMAC_SHA256, OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_SessionType) => OpenIdProtocol::AssociationSessionTypeDHSHA256, OpenIdProtocol::param(OpenIdProtocol::OpenIdProtocol_DHConsumerPublic) => $b64_public);
$response = $this->action("POST", "OpenIdProviderController@endpoint", $params);
$this->assertResponseStatus(200);
$openid_response = $this->getOpenIdResponseLineBreak($response->getContent());
$this->assertTrue(isset($openid_response['ns']));
$this->assertTrue($openid_response['ns'] === OpenIdProtocol::OpenID2MessageType);
$this->assertTrue(isset($openid_response['assoc_type']));
$this->assertTrue($openid_response['assoc_type'] === OpenIdProtocol::SignatureAlgorithmHMAC_SHA256);
$this->assertTrue(isset($openid_response['session_type']));
$this->assertTrue($openid_response['session_type'] === OpenIdProtocol::AssociationSessionTypeDHSHA256);
$this->assertTrue(isset($openid_response['assoc_handle']));
$this->assertTrue(isset($openid_response['dh_server_public']));
$this->assertTrue(isset($openid_response['enc_mac_key']));
$this->assertTrue(isset($openid_response['expires_in']));
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
$params = array(OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS) => OpenIdProtocol::OpenID2MessageType, OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Mode) => OpenIdProtocol::SetupMode, OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm) => "https://www.test.com/", OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo) => "https://www.test.com/oauth2", OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Identity) => "http://specs.openid.net/auth/2.0/identifier_select", OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ClaimedId) => "http://specs.openid.net/auth/2.0/identifier_select", OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_AssocHandle) => $openid_response['assoc_handle']);
$response = $this->action("POST", "OpenIdProviderController@endpoint", $params);
$this->assertResponseStatus(302);
$openid_response = $this->parseOpenIdResponse($response->getTargetUrl());
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Mode)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Mode)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Sig)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Sig)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Signed)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Signed)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_OpEndpoint)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_OpEndpoint)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Identity)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Identity)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ClaimedId)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ClaimedId)]));
}
/**
* @return null|string
* @throws \openid\exceptions\InvalidDHParam
*/
public function getDHConsumerPublic()
{
if (is_null($this->rp_pub_key)) {
$rp_pub_key_param = $this->getParam(OpenIdProtocol::OpenIdProtocol_DHConsumerPublic);
if (empty($rp_pub_key_param)) {
throw new InvalidDHParam(sprintf(OpenIdErrorMessages::InvalidDHParamMessage, OpenIdProtocol::OpenIdProtocol_DHConsumerPublic));
}
$rp_pub_key_bin = base64_decode($rp_pub_key_param);
if (!$rp_pub_key_bin) {
throw new InvalidDHParam(sprintf(OpenIdErrorMessages::InvalidDHParamMessage, OpenIdProtocol::OpenIdProtocol_DHConsumerPublic));
}
$this->rp_pub_key = OpenIdCryptoHelper::convert($rp_pub_key_bin, DiffieHellman::FORMAT_BINARY, DiffieHellman::FORMAT_NUMBER);
}
return $this->rp_pub_key;
}
