/** * Initialize the diffie-hellman parameters for the association request. * * @return void */ public function init() { if ($this->cdh === null) { $this->cdh = new Crypt_DiffieHellman(self::DH_DEFAULT_MODULUS, self::DH_DEFAULT_GENERATOR); $this->cdh->generateKeys(); } // Set public key $this->message->set('openid.dh_consumer_public', base64_encode($this->cdh->getPublicKey(Crypt_DiffieHellman::BTWOC))); // Set modulus $prime = $this->cdh->getPrime(Crypt_DiffieHellman::BTWOC); $this->message->set('openid.dh_modulus', base64_encode($prime)); // Set prime $gen = $this->cdh->getGenerator(Crypt_DiffieHellman::BTWOC); $this->message->set('openid.dh_gen', base64_encode($gen)); }
/** * Performs a check_authentication request. * * @param array $options Options to pass to HTTP_Request * * @return OpenID_Message Reponse to the check_authentication request */ public function checkAuthentication(array $options = array()) { $this->message->set('openid.mode', OpenID::MODE_CHECK_AUTHENTICATION); $opURL = $this->message->get('openid.op_endpoint'); $response = $this->directRequest($opURL, $this->message, $options); return new OpenID_Message($response->getBody(), OpenID_Message::FORMAT_KV); }
/** * testGetArrayFormat * * @return void */ public function testGetArrayFormat() { $http = array('openid.foo' => 'foo bar', 'openid.bar' => 'foo bar'); $this->object->set('openid.foo', 'foo bar'); $this->object->set('openid.bar', 'foo bar'); $this->assertSame($http, $this->object->getArrayFormat()); }
/** * testSetAndGetCheckAuthResponse * * @return void */ public function testSetAndGetCheckAuthResponse() { $message = new OpenID_Message(); $message->set('openid.id_res', 'true'); $this->result->setCheckAuthResponse($message); $this->assertSame($message, $this->result->getCheckAuthResponse()); }
/** * Adds a nonce to the openid.return_to URL parameter. Only used in OpenID 1.1 * * @return void */ protected function addNonce() { $nonce = $this->getNonce()->createNonceAndStore(); $returnToURL = new Net_URL2($this->message->get('openid.return_to')); $returnToURL->setQueryVariable(OpenID_Nonce::RETURN_TO_NONCE, urlencode($nonce)); $this->message->set('openid.return_to', $returnToURL->getURL()); // Observing $logMessage = "Nonce: {$nonce}\n"; $logMessage = 'New ReturnTo: ' . $returnToURL->getURL() . "\n"; $logMessage .= 'OP URIs: ' . print_r($this->serviceEndpoint->getURIs(), true); OpenID::setLastEvent(__METHOD__, $logMessage); }
/** * Sets the session type. Can be sha1, sha256, or no-encryption * * @param string $type sha1, sha256, or no-encryption * * @throws OpenID_Association_Exception on invalid type, or if you set * no-encryption for an OP URL that doesn't support HTTPS * @return void */ public function setSessionType($type) { switch ($type) { case self::SESSION_TYPE_NO_ENCRYPTION: // Make sure we're using SSL if (!preg_match('@^https://@i', $this->opEndpointURL)) { throw new OpenID_Association_Exception('Un-encrypted sessions require HTTPS'); } $this->message->set('openid.session_type', self::SESSION_TYPE_NO_ENCRYPTION); break; case self::SESSION_TYPE_DH_SHA1: case self::SESSION_TYPE_DH_SHA256: $this->message->set('openid.session_type', $type); break; default: throw new OpenID_Association_Exception("Invalid session_type: {$type}"); } }
/** * testDirectRequest * * @return void */ public function testDirectRequest() { $this->setExpectedException('OpenID_Exception', 'foobar'); $request = $this->getMock('HTTP_Request2', array('send')); $request->expects($this->once())->method('send')->will($this->throwException(new HTTP_Request2_Exception('foobar'))); $openid = $this->getMock('OpenID', array('getHTTPRequest2Instance')); $openid->expects($this->once())->method('getHTTPRequest2Instance')->will($this->returnValue($request)); $message = new OpenID_Message(); $message->set('foo', 'bar'); $openid->directRequest('http://example.com', $message); }
/** * Signs an OpenID_Message instance * * @param OpenID_Message $message Message to be signed * * @throws OpenID_Association_Exception if the message is already signed, or the association handles do not match * @return void */ public function signMessage(OpenID_Message $message) { if ($message->get('openid.sig') !== null || $message->get('openid.signed') !== null) { throw new OpenID_Association_Exception('This message appears to be already signed'); } // Make sure the handles match for this OP and response if ($this->assocHandle != $message->get('openid.assoc_handle')) { throw new OpenID_Association_Exception('Association handles do not match'); } $keys = array('signed'); foreach ($message->getArrayFormat() as $key => $val) { if (strncmp('openid.', $key, 7) == 0) { $keys[] = substr($key, 7); } } sort($keys); $message->set('openid.signed', implode(',', $keys)); $signedMessage = new OpenID_Message(); foreach ($keys as $key) { $signedMessage->set($key, $message->get('openid.' . $key)); } $rawSignature = $this->hashHMAC($signedMessage->getKVFormat()); $message->set('openid.sig', base64_encode($rawSignature)); }
/** * testNoSignedKeys * * @return void */ public function testNoSignedKeys() { $message = new OpenID_Message(); $message->set('openid.assoc_handle', $this->object->assocHandle); $message->set('openid.op_endpoint', 'http://example.com'); $this->assertFalse($this->object->checkMessageSignature($message)); }
/** * Adds the extension contents to an OpenID_Message * * @param OpenID_Message $message Message to add the extension contents to * * @throws OpenID_Extension_Exception on error * @return void */ public function toMessage(OpenID_Message $message) { // Make sure we have a valid alias name if (empty($this->alias) || in_array($this->alias, self::$reserved)) { throw new OpenID_Extension_Exception('Invalid extension alias' . $this->alias); } $namespaceAlias = 'openid.ns.' . $this->alias; // Make sure the alias doesn't collide if ($message->get($namespaceAlias) !== null) { throw new OpenID_Extension_Exception('Extension alias ' . $this->alias . ' is already set'); } // Add alias assignment? (SREG 1.0 Doesn't use one) if ($this->useNamespaceAlias) { $message->set($namespaceAlias, $this->namespace); } foreach ($this->values as $key => $value) { $message->set('openid.' . $this->alias . '.' . $key, $value); } }
/** * testFromMessageReponseNoResponseKeys * * @return void */ public function testFromMessageReponseNoResponseKeys() { $extension = new OpenID_Extension_MockNoResponseKeys(OpenID_Extension::RESPONSE); $message = new OpenID_Message(); // Make sure we iterate over the message at least once $message->set('openid.ns.mock', 'http://example.com/mock'); $message->set('openid.mock.foo', 'bar'); $response = $extension->fromMessageResponse($message); $this->assertSame(1, count($response)); }
/** * testValidateReturnToOneOneImmediateNegative * * @return void */ public function testValidateReturnToOneOneImmediateNegative() { $opEndpoint = new OpenID_ServiceEndpoint(); $opEndpoint->setURIs(array($this->opEndpointURL)); $opEndpoints = new OpenID_ServiceEndpoints($this->claimedID, $opEndpoint); $nonce = new OpenID_Nonce($this->opEndpointURL); $nonceValue = $nonce->createNonce(); $rt = new Net_URL2('http://examplerp.com'); $rt->setQueryVariable(OpenID_Nonce::RETURN_TO_NONCE, $nonceValue); $setupMessage = new OpenID_Message(); $setupMessage->set('openid.identity', $this->claimedID); $setupMessage->set('openid.return_to', $rt->getURL()); $setupMessage->set(OpenID_Nonce::RETURN_TO_NONCE, $nonceValue); $this->message = new OpenID_Message(); $this->message->set('openid.mode', OpenID::MODE_ID_RES); $this->message->set(OpenID_Nonce::RETURN_TO_NONCE, $nonceValue); $this->message->set('openid.user_setup_url', 'http://examplerp.com/?' . $setupMessage->getHTTPFormat()); $this->discover = $this->getMock('OpenID_Discover', array('__get'), array($this->claimedID)); $this->discover->expects($this->once())->method('__get')->will($this->returnValue($opEndpoints)); $this->store->expects($this->once())->method('getDiscover')->will($this->returnValue($this->discover)); $this->store->expects($this->any())->method('getNonce')->will($this->returnValue($nonceValue)); $this->createObjects(); }
/** * testGetAssertionObject * * @return void */ public function testGetAssertionObject() { $this->store->expects($this->any())->method('getDiscover')->will($this->returnValue($this->discover)); $this->store->expects($this->once())->method('getNonce')->will($this->returnValue(false)); $nonceObj = new OpenID_Nonce($this->opEndpointURL); $nonce = $nonceObj->createNonce(); $message = new OpenID_Message(); $message->set('openid.mode', 'id_res'); $message->set('openid.ns', OpenID::NS_2_0); $message->set('openid.return_to', $this->returnTo); $message->set('openid.claimed_id', $this->id); $message->set('openid.identity', $this->id); $message->set('openid.op_endpoint', $this->opEndpointURL); $message->set('openid.invalidate_handle', '12345qwerty'); $message->set('openid.response_nonce', $nonce); $rp = new OpenID_RelyingParty_Mock($this->id, $this->returnTo, $this->realm); $this->assertInstanceOf('OpenID_Assertion', $rp->returnGetAssertionObject($message, new Net_URL2($this->returnTo))); }