/**
* Performs check of OpenID identity.
*
* This is the first step of OpenID authentication process.
* On success the function does not return (it does HTTP redirection to
* server and exits). On failure it returns false.
*
* @param bool $immediate enables or disables interaction with user
* @param string $id OpenID identity
* @param string $returnTo HTTP URL to redirect response from server to
* @param string $root HTTP URL to identify consumer on server
* @param mixed $extensions extension object or array of extensions objects
* @param Zend\Controller\Response\AbstractResponse $response an optional response
* object to perform HTTP or HTML form redirection
* @return bool
*/
protected function _checkId($immediate, $id, $returnTo = null, $root = null, $extensions = null, Response\AbstractResponse $response = null)
{
$this->_setError('');
if (!OpenID\OpenID::normalize($id)) {
$this->_setError("Normalisation failed");
return false;
}
$claimedId = $id;
if (!$this->_discovery($id, $server, $version)) {
$this->_setError("Discovery failed: " . $this->getError());
return false;
}
if (!$this->_associate($server, $version)) {
$this->_setError("Association failed: " . $this->getError());
return false;
}
if (!$this->_getAssociation($server, $handle, $macFunc, $secret, $expires)) {
/* Use dumb mode */
unset($handle);
unset($macFunc);
unset($secret);
unset($expires);
}
$params = array();
if ($version >= 2.0) {
$params['openid.ns'] = OpenID\OpenID::NS_2_0;
}
$params['openid.mode'] = $immediate ? 'checkid_immediate' : 'checkid_setup';
$params['openid.identity'] = $id;
$params['openid.claimed_id'] = $claimedId;
if ($version <= 2.0) {
if ($this->_session !== null) {
$this->_session->identity = $id;
$this->_session->claimed_id = $claimedId;
} else {
if (defined('SID')) {
$_SESSION["zend_openid"] = array("identity" => $id, "claimed_id" => $claimedId);
} else {
$this->_session = new \Zend\Session\Container("zend_openid");
$this->_session->identity = $id;
$this->_session->claimed_id = $claimedId;
}
}
}
if (isset($handle)) {
$params['openid.assoc_handle'] = $handle;
}
$params['openid.return_to'] = OpenID\OpenID::absoluteUrl($returnTo);
if (empty($root)) {
$root = OpenID\OpenID::selfUrl();
if ($root[strlen($root) - 1] != '/') {
$root = dirname($root);
}
}
if ($version >= 2.0) {
$params['openid.realm'] = $root;
} else {
$params['openid.trust_root'] = $root;
}
if (!Extension\AbstractExtension::forAll($extensions, 'prepareRequest', $params)) {
$this->_setError("Extension::prepareRequest failure");
return false;
}
OpenID\OpenID::redirect($server, $params, $response);
return true;
}
/**
* Perepares information to send back to consumer's authentication request,
* signs it using shared secret and send back through HTTP redirection
*
* @param array $params GET or POST request variables
* @param mixed $extensions extension object or array of extensions objects
* @param Zend\Controller\Response\Abstract $response an optional response
* object to perform HTTP or HTML form redirection
* @return bool
*/
public function respondToConsumer($params, $extensions = null, Response\AbstractResponse $response = null)
{
$version = 1.1;
if (isset($params['openid_ns']) && $params['openid_ns'] == OpenID\OpenID::NS_2_0) {
$version = 2.0;
}
$ret = array();
if ($version >= 2.0) {
$ret['openid.ns'] = OpenID\OpenID::NS_2_0;
}
$ret = $this->_respond($version, $ret, $params, $extensions);
if (!empty($params['openid_return_to'])) {
OpenID\OpenID::redirect($params['openid_return_to'], $ret, $response);
}
return true;
}
/**
* testing testRedirect
*
*/
public function testRedirect()
{
$response = new ResponseHelper(true);
OpenID::redirect("http://www.test.com/", null, $response, 'GET');
$this->assertSame(302, $response->getHttpResponseCode());
$this->assertSame(array(), $response->getRawHeaders());
$headers = $response->getHeaders();
$this->assertTrue(is_array($headers));
$this->assertSame(1, count($headers));
$this->assertTrue(is_array($headers[0]));
$this->assertSame(3, count($headers[0]));
$this->assertSame('Location', $headers[0]['name']);
$this->assertSame('http://www.test.com/', $headers[0]['value']);
$this->assertSame(true, $headers[0]['replace']);
$this->assertSame('', $response->getBody());
$response = new ResponseHelper(true);
OpenID::redirect("http://www.test.com/test.php?a=b", null, $response, 'GET');
$headers = $response->getHeaders();
$this->assertSame('http://www.test.com/test.php?a=b', $headers[0]['value']);
$response = new ResponseHelper(true);
OpenID::redirect("http://www.test.com/test.php", array('a' => 'b'), $response, 'GET');
$headers = $response->getHeaders();
$this->assertSame('http://www.test.com/test.php?a=b', $headers[0]['value']);
$response = new ResponseHelper(true);
OpenID::redirect("http://www.test.com/test.php", array('a' => 'b', 'c' => 'd'), $response, 'GET');
$headers = $response->getHeaders();
$this->assertSame('http://www.test.com/test.php?a=b&c=d', $headers[0]['value']);
$response = new ResponseHelper(true);
OpenID::redirect("http://www.test.com/test.php?a=b", array('c' => 'd'), $response, 'GET');
$headers = $response->getHeaders();
$this->assertSame('http://www.test.com/test.php?a=b&c=d', $headers[0]['value']);
$response = new ResponseHelper(true);
OpenID::redirect("http://www.test.com/test.php", array('a' => 'x y'), $response, 'GET');
$headers = $response->getHeaders();
$this->assertSame('http://www.test.com/test.php?a=x+y', $headers[0]['value']);
$response = new ResponseHelper(false);
OpenID::redirect("http://www.test.com/", null, $response, 'GET');
$this->assertSame(200, $response->getHttpResponseCode());
$this->assertSame(array(), $response->getRawHeaders());
$this->assertSame(array(), $response->getHeaders());
$this->assertSame("<script language=\"JavaScript\" type=\"text/javascript\">window.location='http://www.test.com/';</script>", $response->getBody());
$response = new ResponseHelper(false);
OpenID::redirect("http://www.test.com/test.php?a=b", null, $response, 'GET');
$this->assertSame("<script language=\"JavaScript\" type=\"text/javascript\">window.location='http://www.test.com/test.php?a=b';</script>", $response->getBody());
$response = new ResponseHelper(false);
OpenID::redirect("http://www.test.com/test.php", array('a' => 'b'), $response, 'GET');
$this->assertSame("<script language=\"JavaScript\" type=\"text/javascript\">window.location='http://www.test.com/test.php?a=b';</script>", $response->getBody());
$response = new ResponseHelper(false);
OpenID::redirect("http://www.test.com/test.php", array('a' => 'b', 'c' => 'd'), $response, 'GET');
$this->assertSame("<script language=\"JavaScript\" type=\"text/javascript\">window.location='http://www.test.com/test.php?a=b&c=d';</script>", $response->getBody());
$response = new ResponseHelper(false);
OpenID::redirect("http://www.test.com/test.php?a=b", array('c' => 'd'), $response, 'GET');
$this->assertSame("<script language=\"JavaScript\" type=\"text/javascript\">window.location='http://www.test.com/test.php?a=b&c=d';</script>", $response->getBody());
$response = new ResponseHelper(false);
OpenID::redirect("http://www.test.com/test.php", array('a' => 'x y'), $response, 'GET');
$this->assertSame("<script language=\"JavaScript\" type=\"text/javascript\">window.location='http://www.test.com/test.php?a=x+y';</script>", $response->getBody());
$response = new ResponseHelper(true);
OpenID::redirect("http://www.test.com/", null, $response, 'POST');
$this->assertSame(200, $response->getHttpResponseCode());
$this->assertSame(array(), $response->getRawHeaders());
$this->assertSame(array(), $response->getHeaders());
$this->assertSame("<html><body onLoad=\"document.forms[0].submit();\">\n" . "<form method=\"POST\" action=\"http://www.test.com/\">\n" . "<input type=\"submit\" value=\"Continue OpenID transaction\">\n" . "</form></body></html>\n", $response->getBody());
$response = new ResponseHelper(true);
OpenID::redirect("http://www.test.com/test.php?a=b", array('a' => 'b'), $response, 'POST');
$this->assertSame("<html><body onLoad=\"document.forms[0].submit();\">\n" . "<form method=\"POST\" action=\"http://www.test.com/test.php?a=b\">\n" . "<input type=\"hidden\" name=\"a\" value=\"b\">\n" . "<input type=\"submit\" value=\"Continue OpenID transaction\">\n" . "</form></body></html>\n", $response->getBody());
$response = new ResponseHelper(true);
OpenID::redirect("http://www.test.com/test.php?a=b", array('a' => 'b', 'c' => 'd'), $response, 'POST');
$this->assertSame("<html><body onLoad=\"document.forms[0].submit();\">\n" . "<form method=\"POST\" action=\"http://www.test.com/test.php?a=b\">\n" . "<input type=\"hidden\" name=\"a\" value=\"b\">\n" . "<input type=\"hidden\" name=\"c\" value=\"d\">\n" . "<input type=\"submit\" value=\"Continue OpenID transaction\">\n" . "</form></body></html>\n", $response->getBody());
}
