public function initialize($username, $returnTo) { parent::initialize($this->endpoint, $returnTo); }
public function initialize($username, $returnTo) { $identity = sprintf($this->endpoint, $username); parent::initialize($identity, $returnTo); }
public function testInitialize() { $testCase = $this; $http = new Http(new Callback(function ($request) use($testCase) { // association endpoint if ($request->getUrl()->getPath() == '/server') { $data = array(); parse_str($request->getBody(), $data); $testCase->assertEquals('http://specs.openid.net/auth/2.0', $data['openid_ns']); $testCase->assertEquals('associate', $data['openid_mode']); $testCase->assertEquals('HMAC-SHA256', $data['openid_assoc_type']); $testCase->assertEquals('DH-SHA256', $data['openid_session_type']); $dhGen = $data['openid_dh_gen']; $dhModulus = $data['openid_dh_modulus']; $dhConsumerPub = $data['openid_dh_consumer_public']; $dhFunc = 'SHA1'; $secret = ProviderAbstract::randomBytes(20); $res = ProviderAbstract::generateDh($dhGen, $dhModulus, $dhConsumerPub, $dhFunc, $secret); $testCase->assertEquals(true, isset($res['pubKey'])); $testCase->assertEquals(true, isset($res['macKey'])); $body = OpenId::keyValueEncode(array('ns' => 'http://specs.openid.net/auth/2.0', 'assoc_handle' => 'foobar', 'session_type' => 'DH-SHA256', 'assoc_type' => 'HMAC-SHA256', 'expires_in' => 60 * 60, 'dh_server_public' => $res['pubKey'], 'enc_mac_key' => $res['macKey'])); $response = <<<TEXT HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Date: Sat, 04 Jan 2014 18:19:45 GMT {$body} TEXT; } else { if ($request->getUrl()->getPath() == '/identity') { $response = <<<TEXT HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Date: Sat, 04 Jan 2014 18:19:45 GMT <html> \t<head> \t\t<link rel="openid.server" href="http://openid.com/server" /> \t\t<link rel="openid.delegate" href="http://foo.com" /> \t</head> </html> TEXT; } } return Response::convert($response, ResponseParser::MODE_LOOSE)->toString(); })); $store = new Store\Memory(); $openid = new OpenId($http, 'http://localhost.com', $store); $openid->initialize('http://foo.com/identity', 'http://localhost.com/callback'); // check whether the store has the association $assoc = $store->loadByHandle('http://openid.com/server', 'foobar'); $this->assertEquals('foobar', $assoc->getAssocHandle()); $this->assertEquals('HMAC-SHA256', $assoc->getAssocType()); $this->assertEquals('DH-SHA256', $assoc->getSessionType()); $this->assertEquals(3600, $assoc->getExpire()); // check redirect url $url = $openid->getRedirectUrl(); $this->assertEquals('http://specs.openid.net/auth/2.0', $url->getParam('openid.ns')); $this->assertEquals('checkid_setup', $url->getParam('openid.mode')); $this->assertEquals('http://localhost.com/callback', $url->getParam('openid.return_to')); $this->assertEquals('http://localhost.com', $url->getParam('openid.realm')); $this->assertEquals('http://foo.com/identity', $url->getParam('openid.claimed_id')); $this->assertEquals('http://foo.com', $url->getParam('openid.identity')); $this->assertEquals('foobar', $url->getParam('openid.assoc_handle')); // the user gets redirected from the openid provider to our callback now // we verfiy the data $signed = array('ns', 'mode', 'op_endpoint', 'return_to', 'response_nonce', 'assoc_handle'); $data = array('openid_ns' => 'http://specs.openid.net/auth/2.0', 'openid_mode' => 'id_res', 'openid_op_endpoint' => 'http://openid.com/server', 'openid_return_to' => 'http://localhost.com/callback', 'openid_response_nonce' => uniqid(), 'openid_assoc_handle' => $assoc->getAssocHandle(), 'openid_signed' => implode(',', $signed)); // generate signature $sig = OpenId::buildSignature(OpenId::extractParams($data), $signed, $assoc->getSecret(), $assoc->getAssocType()); $data['openid_sig'] = $sig; // verify $result = $openid->verify($data); $this->assertTrue($result); }