/** * Performs login of user with given $id and $password * Returns true in case of success and false otherwise * * @param string $id user identity URL * @param string $password user password * @return bool */ public function login($id, $password) { if (!OpenId\OpenId::normalize($id)) { return false; } if (!$this->_storage->checkUser($id, md5($id . $password))) { return false; } $this->_user->setLoggedInUser($id); return true; }
/** * testing testNormalize * */ public function testNormalize() { $url = ''; $this->assertTrue( OpenId::normalize($url) ); $this->assertSame( '', $url ); $url = ' localhost '; $this->assertTrue( OpenId::normalize($url) ); $this->assertSame( 'http://localhost/', $url ); $url = 'xri://$ip*127.0.0.1'; $this->assertTrue( OpenId::normalize($url) ); $this->assertSame( 'http://127.0.0.1/', $url ); $url = 'xri://$dns*localhost'; $this->assertTrue( OpenId::normalize($url) ); $this->assertSame( 'http://localhost/', $url ); $url = 'xri://localhost'; $this->assertTrue( OpenId::normalize($url) ); $this->assertSame( 'http://localhost/', $url ); $url = '=name'; $this->assertTrue( OpenId::normalize($url) ); $this->assertSame( '=name', $url ); $url = '@name'; $this->assertTrue( OpenId::normalize($url) ); $this->assertSame( '@name', $url ); $url = '+name'; $this->assertTrue( OpenId::normalize($url) ); $this->assertSame( '+name', $url ); $url = '$name'; $this->assertTrue( OpenId::normalize($url) ); $this->assertSame( '$name', $url ); $url = '!name'; $this->assertTrue( OpenId::normalize($url) ); $this->assertSame( '!name', $url ); $url = 'localhost'; $this->assertTrue( OpenId::normalize($url) ); $this->assertSame( 'http://localhost/', $url ); $url = 'http://localhost'; $this->assertTrue( OpenId::normalize($url) ); $this->assertSame( 'http://localhost/', $url ); $url = 'https://localhost'; $this->assertTrue( OpenId::normalize($url) ); $this->assertSame( 'https://localhost/', $url ); }
/** * Performs check of OpenID identity. * * This is the first step of OpenID authentication process. * On success the function does not return (it does HTTP redirection to * server and exits). On failure it returns false. * * @param bool $immediate enables or disables interaction with user * @param string $id OpenID identity * @param string $returnTo HTTP URL to redirect response from server to * @param string $root HTTP URL to identify consumer on server * @param mixed $extensions extension object or array of extensions objects * @param Zend\Controller\Response\AbstractResponse $response an optional response * object to perform HTTP or HTML form redirection * @return bool */ protected function _checkId($immediate, $id, $returnTo = null, $root = null, $extensions = null, Response\AbstractResponse $response = null) { $this->_setError(''); if (!OpenId\OpenId::normalize($id)) { $this->_setError("Normalisation failed"); return false; } $claimedId = $id; if (!$this->_discovery($id, $server, $version)) { $this->_setError("Discovery failed: " . $this->getError()); return false; } if (!$this->_associate($server, $version)) { $this->_setError("Association failed: " . $this->getError()); return false; } if (!$this->_getAssociation($server, $handle, $macFunc, $secret, $expires)) { /* Use dumb mode */ unset($handle); unset($macFunc); unset($secret); unset($expires); } $params = array(); if ($version >= 2.0) { $params['openid.ns'] = OpenId\OpenId::NS_2_0; } $params['openid.mode'] = $immediate ? 'checkid_immediate' : 'checkid_setup'; $params['openid.identity'] = $id; $params['openid.claimed_id'] = $claimedId; if ($version <= 2.0) { if ($this->_session !== null) { $this->_session->identity = $id; $this->_session->claimed_id = $claimedId; } else { if (defined('SID')) { $_SESSION["zend_openid"] = array("identity" => $id, "claimed_id" => $claimedId); } else { $this->_session = new \Zend\Session\Container("zend_openid"); $this->_session->identity = $id; $this->_session->claimed_id = $claimedId; } } } if (isset($handle)) { $params['openid.assoc_handle'] = $handle; } $params['openid.return_to'] = OpenId\OpenId::absoluteUrl($returnTo); if (empty($root)) { $root = OpenId\OpenId::selfUrl(); if ($root[strlen($root) - 1] != '/') { $root = dirname($root); } } if ($version >= 2.0) { $params['openid.realm'] = $root; } else { $params['openid.trust_root'] = $root; } if (!Extension\AbstractExtension::forAll($extensions, 'prepareRequest', $params)) { $this->_setError("Extension::prepareRequest failure"); return false; } OpenId\OpenId::redirect($server, $params, $response); return true; }