public function testTypeKeyFetchExtraDataWithEmail() { if (!ezcBaseFeatures::hasExtensionSupport('gmp')) { $this->markTestSkipped('PHP must be compiled with --with-gmp.'); } $_GET = self::$responseWithEmail; $credentials = new ezcAuthenticationIdCredentials(self::$token); $authentication = new ezcAuthentication($credentials); $filter = new ezcAuthenticationTypekeyFilter(); $filter->lib = ezcAuthenticationMath::createBignumLibrary('gmp'); $authentication->addFilter($filter); $this->assertEquals(true, $authentication->run()); $expected = array('name' => array('ezc'), 'nick' => array('ezctest'), 'email' => array('*****@*****.**')); $this->assertEquals($expected, $filter->fetchData()); }
/** * Creates a new object of this class. * * @throws ezcBaseExtensionNotFoundException * if neither of the PHP gmp and bcmath extensions are installed * @param ezcAuthenticationTypekeyOptions $options Options for this class */ public function __construct(ezcAuthenticationTypekeyOptions $options = null) { $this->options = $options === null ? new ezcAuthenticationTypekeyOptions() : $options; $this->lib = ezcAuthenticationMath::createBignumLibrary(); }
public function testOpenidWrapperAssociateDhSha1Gmp() { if (!ezcBaseFeatures::hasExtensionSupport('openssl')) { $this->markTestSkipped('PHP must be compiled with --with-openssl.'); } if (!ezcBaseFeatures::hasExtensionSupport('gmp')) { $this->markTestSkipped('PHP must be compiled with --with-gmp.'); } $lib = ezcAuthenticationMath::createBignumLibrary('gmp'); $private = $lib->rand(self::$p); $private = $lib->add($private, 1); $public = $lib->powmod(self::$q, $private, self::$p); $params = array('openid.mode' => 'associate', 'openid.assoc_type' => 'HMAC-SHA1', 'openid.dh_modulus' => urlencode(base64_encode($lib->btwoc(self::$p))), 'openid.dh_gen' => 2, urlencode(base64_encode($lib->btwoc(self::$q))), 'openid.dh_consumer_public' => urlencode(base64_encode($lib->btwoc($public)))); $filter = new ezcAuthenticationOpenidWrapper(); $result = $filter->associate(self::$provider, $params); $this->assertNotEquals(false, $result); $this->assertEquals(true, isset($result['assoc_handle'])); $this->assertEquals(true, isset($result['mac_key'])); }
/** * Runs the filter and returns a status code when finished. * * @param ezcAuthenticationPasswordCredentials $credentials Authentication credentials * @return int */ public function run($credentials) { $fh = fopen($this->file, 'r'); $found = false; while ($line = fgets($fh)) { if (substr($line, 0, strlen($credentials->id) + 1) === $credentials->id . ':') { $found = true; break; } } fclose($fh); if ($found) { $parts = explode(':', $line); $hashFromFile = trim($parts[1]); if (substr($hashFromFile, 0, 6) === '$apr1$') { $password = $this->options->plain ? ezcAuthenticationMath::apr1($credentials->password, $hashFromFile) : '$apr1$' . $credentials->password; } elseif (substr($hashFromFile, 0, 5) === '{SHA}') { $password = $this->options->plain ? '{SHA}' . base64_encode(pack('H40', sha1($credentials->password))) : '{SHA}' . $credentials->password; } else { $password = $this->options->plain ? crypt($credentials->password, $hashFromFile) : $credentials->password; } if ($password === $hashFromFile) { return self::STATUS_OK; } else { return self::STATUS_PASSWORD_INCORRECT; } } return self::STATUS_USERNAME_INCORRECT; }
public function testBcmathBtwocZero() { if (!ezcBaseFeatures::hasExtensionSupport('bcmath')) { $this->markTestSkipped('PHP must be compiled with --enable-bcmath.'); } $lib = ezcAuthenticationMath::createBignumLibrary('bcmath'); $n = $lib->btwoc(0); $this->assertEquals("", $n); }
/** * Checks if $params are correct by signing with $association->secret. * * The format of the $params array is: * <code> * array( * 'openid.assoc_handle' => HANDLE, * 'openid.signed' => SIGNED, * 'openid.sig' => SIG, * 'openid.mode' => 'id_res' * ); * </code> * where HANDLE, SIGNED and SIG are parameters returned from the provider in * the id_res step of OpenID authentication. In addition, the $params array * must contain the values present in SIG. * * @param ezcAuthenticationOpenidAssociation $association The OpenID association used for signing $params * @param array(string=>string) $params OpenID parameters for id_res mode * @return bool */ protected function checkSignatureSmart(ezcAuthenticationOpenidAssociation $association, array $params) { $sig = $params['openid.sig']; $signed = explode(',', $params['openid.signed']); ksort($signed); for ($i = 0; $i < count($signed); $i++) { $data[$signed[$i]] = isset($params['openid.' . $signed[$i]]) ? $params['openid.' . $signed[$i]] : null; } $serialized = ''; foreach ($data as $key => $value) { $serialized .= "{$key}:{$value}\n"; } $key = base64_decode($association->secret); if (strlen($key) > 64) { $key = ezcAuthenticationMath::sha1($key); } $key = str_pad($key, 64, chr(0x0)); $hashed = ezcAuthenticationMath::sha1(($key ^ str_repeat(chr(0x36), 64)) . $serialized); $hashed = ezcAuthenticationMath::sha1(($key ^ str_repeat(chr(0x5c), 64)) . $hashed); $hashed = base64_encode($hashed); return $sig === $hashed; }