/**
* testing verify
*
*/
public function testVerifyDumb()
{
$expiresIn = time() + 600;
$_SERVER['SCRIPT_URI'] = "http://www.zf-test.com/test.php";
$storage = new Zend_OpenId_Consumer_Storage_File(dirname(__FILE__)."/_files/consumer");
$consumer = new Zend_OpenId_ConsumerHelper($storage);
$http = new Zend_Http_Client(null,
array(
'maxredirects' => 4,
'timeout' => 15,
'useragent' => 'Zend_OpenId'
));
$test = new Zend_Http_Client_Adapter_Test();
$http->setAdapter($test);
$consumer->SetHttpClient($http);
$storage->delDiscoveryInfo(self::ID);
$this->assertTrue( $storage->addDiscoveryInfo(self::ID, self::REAL_ID, self::SERVER, 1.1, $expiresIn) );
$this->assertTrue( $storage->addDiscoveryInfo(self::REAL_ID, self::REAL_ID, self::SERVER, 1.1, $expiresIn) );
// Wrong arguments (no identity)
$test->setResponse("HTTP/1.1 200 OK\r\n\r\nis_valid:true");
$consumer->clearAssociation();
$storage->delAssociation(self::SERVER);
$params = array(
"openid_return_to" => "http://www.zf-test.com/test.php",
"openid_assoc_handle" => self::HANDLE,
"openid_response_nonce" => "2007-08-14T12:52:33Z46c1a59124ffe",
"openid_mode" => "id_res",
"openid_signed" => "assoc_handle,return_to,response_nonce,mode,signed",
"openid_sig" => "h/5AFD25NpzSok5tzHEGCVUkQSw="
);
$storage->purgeNonces();
$this->assertFalse( $consumer->verify($params) );
$test->setResponse("HTTP/1.1 200 OK\r\n\r\nis_valid:false");
$consumer->clearAssociation();
$storage->delAssociation(self::SERVER);
$params = array(
"openid_return_to" => "http://www.zf-test.com/test.php",
"openid_assoc_handle" => self::HANDLE,
"openid_claimed_id" => self::ID,
"openid_identity" => self::REAL_ID,
"openid_response_nonce" => "2007-08-14T12:52:33Z46c1a59124ffe",
"openid_mode" => "id_res",
"openid_signed" => "assoc_handle,return_to,claimed_id,identity,response_nonce,mode,signed",
"openid_sig" => "h/5AFD25NpzSok5tzHEGCVUkQSw="
);
$storage->purgeNonces();
$this->assertFalse( $consumer->verify($params) );
$this->assertSame( "POST / HTTP/1.1\r\n" .
"Host: www.myopenid.com\r\n" .
"Connection: close\r\n" .
"Accept-encoding: gzip, deflate\r\n" .
"User-agent: Zend_OpenId\r\n" .
"Content-type: application/x-www-form-urlencoded\r\n" .
"Content-length: 445\r\n\r\n" .
"openid.return_to=http%3A%2F%2Fwww.zf-test.com%2Ftest.php&" .
"openid.assoc_handle=d41d8cd98f00b204e9800998ecf8427e&" .
"openid.claimed_id=http%3A%2F%2Fid.myopenid.com%2F&" .
"openid.identity=http%3A%2F%2Freal_id.myopenid.com%2F&" .
"openid.response_nonce=2007-08-14T12%3A52%3A33Z46c1a59124ffe&" .
"openid.mode=check_authentication&" .
"openid.signed=assoc_handle%2Creturn_to%2Cclaimed_id%2Cidentity%2Cresponse_nonce%2Cmode%2Csigned&" .
"openid.sig=h%2F5AFD25NpzSok5tzHEGCVUkQSw%3D",
$http->getLastRequest() );
$test->setResponse("HTTP/1.1 200 OK\r\n\r\nis_valid:true");
$consumer->clearAssociation();
$storage->delAssociation(self::SERVER);
$params = array(
"openid_return_to" => "http://www.zf-test.com/test.php",
"openid_assoc_handle" => self::HANDLE,
"openid_identity" => self::REAL_ID,
"openid_response_nonce" => "2007-08-14T12:52:33Z46c1a59124ffe",
"openid_mode" => "id_res",
"openid_signed" => "assoc_handle,return_to,identity,response_nonce,mode,signed",
"openid_sig" => "h/5AFD25NpzSok5tzHEGCVUkQSw="
);
$storage->purgeNonces();
$this->assertTrue( $consumer->verify($params) );
// SREG
$this->assertTrue( $storage->delDiscoveryInfo(self::ID) );
$this->assertTrue( $storage->addDiscoveryInfo(self::ID, self::REAL_ID, self::SERVER, 2.0, $expiresIn) );
$test->setResponse("HTTP/1.1 200 OK\r\n\r\nis_valid:true");
$consumer->clearAssociation();
$storage->delAssociation(self::SERVER);
$params = array(
"openid_ns" => Zend_OpenId::NS_2_0,
"openid_return_to" => "http://www.zf-test.com/test.php",
"openid_assoc_handle" => self::HANDLE,
"openid_claimed_id" => self::ID,
"openid_identity" => self::REAL_ID,
"openid_response_nonce" => "2007-08-14T12:52:33Z46c1a59124ffe",
"openid_op_endpoint" => self::SERVER,
"openid_mode" => "id_res",
"openid_ns_sreg" => "http://openid.net/extensions/sreg/1.1",
"openid_sreg_nickname" => "test",
"openid_signed" => "ns,assoc_handle,return_to,claimed_id,identity,response_nonce,mode,ns.sreg,sreg.nickname,signed",
"openid_sig" => "h/5AFD25NpzSok5tzHEGCVUkQSw="
);
$storage->purgeNonces();
$this->assertTrue( $consumer->verify($params) );
$this->assertSame( "POST / HTTP/1.1\r\n" .
"Host: www.myopenid.com\r\n" .
"Connection: close\r\n" .
"Accept-encoding: gzip, deflate\r\n" .
"User-agent: Zend_OpenId\r\n" .
"Content-type: application/x-www-form-urlencoded\r\n" .
"Content-length: 672\r\n\r\n" .
"openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&" .
"openid.return_to=http%3A%2F%2Fwww.zf-test.com%2Ftest.php&" .
"openid.assoc_handle=d41d8cd98f00b204e9800998ecf8427e&" .
"openid.claimed_id=http%3A%2F%2Fid.myopenid.com%2F&" .
"openid.identity=http%3A%2F%2Freal_id.myopenid.com%2F&" .
"openid.response_nonce=2007-08-14T12%3A52%3A33Z46c1a59124ffe&" .
"openid.op_endpoint=http%3A%2F%2Fwww.myopenid.com%2F&" .
"openid.mode=check_authentication&" .
"openid.ns.sreg=http%3A%2F%2Fopenid.net%2Fextensions%2Fsreg%2F1.1&" .
"openid.sreg.nickname=test&" .
"openid.signed=ns%2Cassoc_handle%2Creturn_to%2Cclaimed_id%2Cidentity%2Cresponse_nonce%2Cmode%2Cns.sreg%2Csreg.nickname%2Csigned&" .
"openid.sig=h%2F5AFD25NpzSok5tzHEGCVUkQSw%3D",
$http->getLastRequest() );
// invalidate_handle
$test->setResponse("HTTP/1.1 200 OK\r\n\r\nis_valid:false\ninvalidate_handle:".self::HANDLE."1"."\n");
$consumer->clearAssociation();
$params = array(
"openid_ns" => Zend_OpenId::NS_2_0,
"openid_return_to" => "http://www.zf-test.com/test.php",
"openid_assoc_handle" => self::HANDLE,
"openid_claimed_id" => self::ID,
"openid_identity" => self::REAL_ID,
"openid_response_nonce" => "2007-08-14T12:52:33Z46c1a59124ffe",
"openid_op_endpoint" => self::SERVER,
"openid_mode" => "id_res",
"openid_signed" => "assoc_handle,return_to,claimed_id,identity,response_nonce,mode,signed",
"openid_sig" => "h/5AFD25NpzSok5tzHEGCVUkQSw="
);
$storage->delAssociation(self::SERVER."1");
$storage->addAssociation(self::SERVER."1", self::HANDLE."1", "sha1", pack("H*", "8382aea922560ece833ba55fa53b7a975f597370"), $expiresIn);
$storage->purgeNonces();
$this->assertFalse( $consumer->verify($params) );
$this->assertFalse( $storage->getAssociation(self::SERVER."1", $handle, $func, $secret, $expires) );
}
/**
* Test the required parameters for the signature
* @see https://openid.net/specs/openid-authentication-2_0.html#positive_assertions
*/
public function testSignedParams()
{
$expiresIn = time() + 600;
$_SERVER['SCRIPT_URI'] = "http://www.zf-test.com/test.php";
$storage = new Zend_OpenId_Consumer_Storage_File(dirname(__FILE__) . "/_files/consumer");
$consumer = new Zend_OpenId_ConsumerHelper($storage);
$storage->addDiscoveryInfo(self::ID, self::REAL_ID, self::SERVER, 1.1, $expiresIn);
// Wrong arguments
$this->assertFalse($consumer->verify(array()));
// HMAC-SHA1
$consumer->clearAssociation();
$params = array("openid_return_to" => "http://www.zf-test.com/test.php", "openid_assoc_handle" => self::HANDLE, "openid_claimed_id" => self::ID, "openid_identity" => self::REAL_ID, "openid_response_nonce" => "2007-08-14T12:52:33Z46c1a59124ffe", "openid_mode" => "id_res", "openid_signed" => "assoc_handle,return_to,claimed_id,identity,response_nonce,mode,signed", "openid_sig" => "h/5AFD25NpzSok5tzHEGCVUkQSw=");
$storage->delAssociation(self::SERVER);
$storage->addAssociation(self::SERVER, self::HANDLE, "sha1", pack("H*", "8382aea922560ece833ba55fa53b7a975f597370"), $expiresIn);
$storage->purgeNonces();
$this->assertFalse($consumer->verify($params));
$this->assertEquals("The required parameter op_endpoint is missing in the signed", $consumer->getError());
}
