/** * Performs check of OpenID identity. * * This is the first step of OpenID authentication process. * On success the function does not return (it does HTTP redirection to * server and exits). On failure it returns false. * * @param bool $immediate enables or disables interaction with user * @param string $id OpenID identity * @param string $returnTo HTTP URL to redirect response from server to * @param string $root HTTP URL to identify consumer on server * @param mixed $extensions extension object or array of extensions objects * @param Zend\Controller\Response\AbstractResponse $response an optional response * object to perform HTTP or HTML form redirection * @return bool */ protected function _checkId($immediate, $id, $returnTo = null, $root = null, $extensions = null, Response\AbstractResponse $response = null) { $this->_setError(''); if (!OpenID\OpenID::normalize($id)) { $this->_setError("Normalisation failed"); return false; } $claimedId = $id; if (!$this->_discovery($id, $server, $version)) { $this->_setError("Discovery failed: " . $this->getError()); return false; } if (!$this->_associate($server, $version)) { $this->_setError("Association failed: " . $this->getError()); return false; } if (!$this->_getAssociation($server, $handle, $macFunc, $secret, $expires)) { /* Use dumb mode */ unset($handle); unset($macFunc); unset($secret); unset($expires); } $params = array(); if ($version >= 2.0) { $params['openid.ns'] = OpenID\OpenID::NS_2_0; } $params['openid.mode'] = $immediate ? 'checkid_immediate' : 'checkid_setup'; $params['openid.identity'] = $id; $params['openid.claimed_id'] = $claimedId; if ($version <= 2.0) { if ($this->_session !== null) { $this->_session->identity = $id; $this->_session->claimed_id = $claimedId; } else { if (defined('SID')) { $_SESSION["zend_openid"] = array("identity" => $id, "claimed_id" => $claimedId); } else { $this->_session = new \Zend\Session\Container("zend_openid"); $this->_session->identity = $id; $this->_session->claimed_id = $claimedId; } } } if (isset($handle)) { $params['openid.assoc_handle'] = $handle; } $params['openid.return_to'] = OpenID\OpenID::absoluteUrl($returnTo); if (empty($root)) { $root = OpenID\OpenID::selfUrl(); if ($root[strlen($root) - 1] != '/') { $root = dirname($root); } } if ($version >= 2.0) { $params['openid.realm'] = $root; } else { $params['openid.trust_root'] = $root; } if (!Extension\AbstractExtension::forAll($extensions, 'prepareRequest', $params)) { $this->_setError("Extension::prepareRequest failure"); return false; } OpenID\OpenID::redirect($server, $params, $response); return true; }
/** * Perepares information to send back to consumer's authentication request, * signs it using shared secret and send back through HTTP redirection * * @param array $params GET or POST request variables * @param mixed $extensions extension object or array of extensions objects * @param Zend\Controller\Response\Abstract $response an optional response * object to perform HTTP or HTML form redirection * @return bool */ public function respondToConsumer($params, $extensions = null, Response\AbstractResponse $response = null) { $version = 1.1; if (isset($params['openid_ns']) && $params['openid_ns'] == OpenID\OpenID::NS_2_0) { $version = 2.0; } $ret = array(); if ($version >= 2.0) { $ret['openid.ns'] = OpenID\OpenID::NS_2_0; } $ret = $this->_respond($version, $ret, $params, $extensions); if (!empty($params['openid_return_to'])) { OpenID\OpenID::redirect($params['openid_return_to'], $ret, $response); } return true; }
/** * testing testRedirect * */ public function testRedirect() { $response = new ResponseHelper(true); OpenID::redirect("http://www.test.com/", null, $response, 'GET'); $this->assertSame(302, $response->getHttpResponseCode()); $this->assertSame(array(), $response->getRawHeaders()); $headers = $response->getHeaders(); $this->assertTrue(is_array($headers)); $this->assertSame(1, count($headers)); $this->assertTrue(is_array($headers[0])); $this->assertSame(3, count($headers[0])); $this->assertSame('Location', $headers[0]['name']); $this->assertSame('http://www.test.com/', $headers[0]['value']); $this->assertSame(true, $headers[0]['replace']); $this->assertSame('', $response->getBody()); $response = new ResponseHelper(true); OpenID::redirect("http://www.test.com/test.php?a=b", null, $response, 'GET'); $headers = $response->getHeaders(); $this->assertSame('http://www.test.com/test.php?a=b', $headers[0]['value']); $response = new ResponseHelper(true); OpenID::redirect("http://www.test.com/test.php", array('a' => 'b'), $response, 'GET'); $headers = $response->getHeaders(); $this->assertSame('http://www.test.com/test.php?a=b', $headers[0]['value']); $response = new ResponseHelper(true); OpenID::redirect("http://www.test.com/test.php", array('a' => 'b', 'c' => 'd'), $response, 'GET'); $headers = $response->getHeaders(); $this->assertSame('http://www.test.com/test.php?a=b&c=d', $headers[0]['value']); $response = new ResponseHelper(true); OpenID::redirect("http://www.test.com/test.php?a=b", array('c' => 'd'), $response, 'GET'); $headers = $response->getHeaders(); $this->assertSame('http://www.test.com/test.php?a=b&c=d', $headers[0]['value']); $response = new ResponseHelper(true); OpenID::redirect("http://www.test.com/test.php", array('a' => 'x y'), $response, 'GET'); $headers = $response->getHeaders(); $this->assertSame('http://www.test.com/test.php?a=x+y', $headers[0]['value']); $response = new ResponseHelper(false); OpenID::redirect("http://www.test.com/", null, $response, 'GET'); $this->assertSame(200, $response->getHttpResponseCode()); $this->assertSame(array(), $response->getRawHeaders()); $this->assertSame(array(), $response->getHeaders()); $this->assertSame("<script language=\"JavaScript\" type=\"text/javascript\">window.location='http://www.test.com/';</script>", $response->getBody()); $response = new ResponseHelper(false); OpenID::redirect("http://www.test.com/test.php?a=b", null, $response, 'GET'); $this->assertSame("<script language=\"JavaScript\" type=\"text/javascript\">window.location='http://www.test.com/test.php?a=b';</script>", $response->getBody()); $response = new ResponseHelper(false); OpenID::redirect("http://www.test.com/test.php", array('a' => 'b'), $response, 'GET'); $this->assertSame("<script language=\"JavaScript\" type=\"text/javascript\">window.location='http://www.test.com/test.php?a=b';</script>", $response->getBody()); $response = new ResponseHelper(false); OpenID::redirect("http://www.test.com/test.php", array('a' => 'b', 'c' => 'd'), $response, 'GET'); $this->assertSame("<script language=\"JavaScript\" type=\"text/javascript\">window.location='http://www.test.com/test.php?a=b&c=d';</script>", $response->getBody()); $response = new ResponseHelper(false); OpenID::redirect("http://www.test.com/test.php?a=b", array('c' => 'd'), $response, 'GET'); $this->assertSame("<script language=\"JavaScript\" type=\"text/javascript\">window.location='http://www.test.com/test.php?a=b&c=d';</script>", $response->getBody()); $response = new ResponseHelper(false); OpenID::redirect("http://www.test.com/test.php", array('a' => 'x y'), $response, 'GET'); $this->assertSame("<script language=\"JavaScript\" type=\"text/javascript\">window.location='http://www.test.com/test.php?a=x+y';</script>", $response->getBody()); $response = new ResponseHelper(true); OpenID::redirect("http://www.test.com/", null, $response, 'POST'); $this->assertSame(200, $response->getHttpResponseCode()); $this->assertSame(array(), $response->getRawHeaders()); $this->assertSame(array(), $response->getHeaders()); $this->assertSame("<html><body onLoad=\"document.forms[0].submit();\">\n" . "<form method=\"POST\" action=\"http://www.test.com/\">\n" . "<input type=\"submit\" value=\"Continue OpenID transaction\">\n" . "</form></body></html>\n", $response->getBody()); $response = new ResponseHelper(true); OpenID::redirect("http://www.test.com/test.php?a=b", array('a' => 'b'), $response, 'POST'); $this->assertSame("<html><body onLoad=\"document.forms[0].submit();\">\n" . "<form method=\"POST\" action=\"http://www.test.com/test.php?a=b\">\n" . "<input type=\"hidden\" name=\"a\" value=\"b\">\n" . "<input type=\"submit\" value=\"Continue OpenID transaction\">\n" . "</form></body></html>\n", $response->getBody()); $response = new ResponseHelper(true); OpenID::redirect("http://www.test.com/test.php?a=b", array('a' => 'b', 'c' => 'd'), $response, 'POST'); $this->assertSame("<html><body onLoad=\"document.forms[0].submit();\">\n" . "<form method=\"POST\" action=\"http://www.test.com/test.php?a=b\">\n" . "<input type=\"hidden\" name=\"a\" value=\"b\">\n" . "<input type=\"hidden\" name=\"c\" value=\"d\">\n" . "<input type=\"submit\" value=\"Continue OpenID transaction\">\n" . "</form></body></html>\n", $response->getBody()); }