_tempDir = APP_DIR . '/tests/temp'; } public function setUp() { TestHarness::setUp(); Setup::$front->returnResponse(true); $this->_response = new Zend_Controller_Response_Http(); Setup::$front->setResponse($this->_response); $users = new Users(); $this->_user = $users->createRow(); $this->_user->test = 1; $this->_user->username = 'testuser'; $this->_user->role = User::ROLE_REGISTERED; $this->_user->openid = 'http://localhost/communityid/identity/'.$this->_user->username; $this->_user->accepted_eula = 1; $this->_user->firstname = 'firstnametest'; $this->_user->lastname = 'lastnametest'; $this->_user->email = 'usertest@mailinator.com'; $this->_user->token = ''; $this->_user->save(); Zend_Registry::set('user', $this->_user); } /** * @expectedException Monkeys_BadUrlException */ public function testIndexAction() { Setup::$front->setRequest(new TestRequest('/openid')); Setup::dispatch(); } public function testProviderAssociateAction() { $_POST = array( 'openid_ns' => 'http://specs.openid.net/auth/2.0', 'openid_mode' => 'associate', 'openid_assoc_type' => 'HMAC-SHA256', 'openid_session_type' => 'DH-SHA256', 'openid_dh_modulus' => 'ANz5OguIOXLsDhmYmsWizjEOHTdxfo2Vcbt2I3MYZuYe91ouJ4mLBX+YkcLiemOcPym2CBRYHNOyyjmG0mg3BVd9RcLn5S3IHHoXGHblzqdLFEi/368Ygo79JRnxTkXjgmY0rxlJ5bU1zIKaSDuKdiI+XUkKJX8Fvf8W8vsixYOr', 'openid_dh_gen' => 'Ag==', 'openid_dh_consumer_public' => 'MFzHUMsSa4YSQ3JrcPSqyUaTQ3Z+QWKH6knvrREW7b6zQ2qMdOrpckgnUgo0pILMQpls8Ty/3JDv+IO29qASk2PwwZwxC2kXK/MQC/om5gs/IpjPSw1wK4bz2QTUHTRSxmtTxiq0tHYmIIqadz4TTMfXohMU2VCuYBqDNMHZFpk=', ); // needed by Zend_OpenId_Provider $_SERVER["REQUEST_METHOD"] = 'POST'; Setup::$front->setRequest(new TestRequest('/openid/provider')); Setup::dispatch(); $this->assertEquals( preg_match( "% ns:http://specs\.openid\.net/auth/2\.0\\x0A assoc_type:HMAC-SHA256\\x0A session_type:DH-SHA256\\x0A dh_server_public:.*\\x0A enc_mac_key:.*\\x0A assoc_handle:([a-f0-9]+)\\x0A expires_in:3600\\x0A %x", $this->_response->getBody(), $matches ), 1 ); self::$assocHandle = $matches[1]; } public function testProviderCheckidSetupAction() { // needed by Zend_OpenId_Provider $_SERVER["REQUEST_METHOD"] = 'GET'; Zend_OpenId::$exitOnRedirect = false; Setup::$front->setRequest(new TestRequest('/openid/provider?openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=checkid_setup&openid.identity=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser&openid.claimed_id=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser&openid.assoc_handle='.self::$assocHandle.'&openid.return_to=http%3A%2F%2Fwww%2Eexample%2Ecom&openid.realm=http%3A%2F%2Fwww%2Eexample%2Ecom')); Setup::dispatch(); $this->assertEquals( preg_match( '# window\.location=\'http://.*/communityid/openid/login\? openid\.ns=http%3A%2F%2Fspecs\.openid\.net%2Fauth%2F2\.0 &openid\.mode=checkid_setup &openid\.identity=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser &openid\.claimed_id=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser &openid\.assoc_handle='.self::$assocHandle.' &openid\.return_to=http%3A%2F%2Fwww\.example\.com &openid\.realm=http%3A%2F%2Fwww\.example\.com \'; #x', $this->_response->getBody() ), 1 ); } public function testLoginAction() { $_SERVER['QUERY_STRING'] = sprintf(self::CHECKID_QUERY, self::$assocHandle); Setup::$front->setRequest(new TestRequest('/openid/login?' . $_SERVER['QUERY_STRING'])); Setup::dispatch(); $this->assertContains('

', $this->_response->getBody()); } public function testAuthenticateEmptyUsernameAction() { $_SERVER['QUERY_STRING'] = sprintf(self::CHECKID_QUERY, self::$assocHandle); $_POST = array( 'openIdIdentity' => '', 'password' => 'whateva', ); Setup::$front->setRequest(new TestRequest('/openid/authenticate?' . $_SERVER['QUERY_STRING'])); Setup::dispatch(); $this->assertContains('Value is empty, but a non-empty value is required', $this->_response->getBody()); } public function testAuthenticateBadUsernameAction() { $_SERVER['QUERY_STRING'] = sprintf(self::CHECKID_QUERY, self::$assocHandle); $_POST = array( 'openIdIdentity' => 'whateva', 'password' => 'whatevaagain', ); Zend_OpenId::$exitOnRedirect = false; Setup::$front->setRequest(new TestRequest('/openid/authenticate?' . $_SERVER['QUERY_STRING'])); Setup::dispatch(); $this->assertEquals( preg_match( '# window\.location=\'http://.*/communityid/openid/provider\? openid_ns=http%3A%2F%2Fspecs\.openid\.net%2Fauth%2F2\.0 &openid_mode=checkid_setup &openid_identity=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser &openid_claimed_id=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser &openid_assoc_handle='.self::$assocHandle.' &openid_return_to=http%3A%2F%2Fwww\.example\.com &openid_realm=http%3A%2F%2Fwww\.example\.com \'; #x', $this->_response->getBody() ), 1 ); } public function testAuthenticateBadPasswordAction() { $_SERVER['QUERY_STRING'] = sprintf(self::CHECKID_QUERY, self::$assocHandle); $_POST = array( 'openIdIdentity' => $this->_user->openid, 'password' => 'whateva', ); Zend_OpenId::$exitOnRedirect = false; Setup::$front->setRequest(new TestRequest('/openid/authenticate?' . $_SERVER['QUERY_STRING'])); Setup::dispatch(); $this->assertEquals( preg_match( '# window\.location=\'http://.*/communityid/openid/provider\? openid_ns=http%3A%2F%2Fspecs\.openid\.net%2Fauth%2F2\.0 &openid_mode=checkid_setup &openid_identity=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser &openid_claimed_id=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser &openid_assoc_handle='.self::$assocHandle.' &openid_return_to=http%3A%2F%2Fwww\.example\.com &openid_realm=http%3A%2F%2Fwww\.example\.com \'; #x', $this->_response->getBody() ), 1 ); } public function testAuthenticateSuccessfulAction() { $_SERVER['QUERY_STRING'] = sprintf(self::CHECKID_QUERY, self::$assocHandle); $_POST = array( 'openIdIdentity' => $this->_user->openid, 'password' => 'm', ); Zend_OpenId::$exitOnRedirect = false; Setup::$front->setRequest(new TestRequest('/openid/authenticate?' . $_SERVER['QUERY_STRING'])); Setup::dispatch(); $this->assertEquals( preg_match( '# window\.location=\'http://.*/communityid/openid/provider\? openid_ns=http%3A%2F%2Fspecs\.openid\.net%2Fauth%2F2\.0 &openid_mode=checkid_setup &openid_identity=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser &openid_claimed_id=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser &openid_assoc_handle='.self::$assocHandle.' &openid_return_to=http%3A%2F%2Fwww\.example\.com &openid_realm=http%3A%2F%2Fwww\.example\.com \'; #x', $this->_response->getBody() ), 1 ); } public function testTrustAction1() { $openIdUser = new OpenIdUser(); $openIdUser->setLoggedInUser($this->_user->openid); $_SERVER['QUERY_STRING'] = sprintf(self::CHECKID_QUERY, self::$assocHandle); // needed by Zend_OpenId_Provider $_SERVER["REQUEST_METHOD"] = 'GET'; Zend_OpenId::$exitOnRedirect = false; Setup::$front->setRequest(new TestRequest('/openid/provider?' . $_SERVER['QUERY_STRING'])); Setup::dispatch(); $this->assertEquals( preg_match( '# window\.location=\'http://.*/communityid/openid/trust\? openid.ns=http%3A%2F%2Fspecs\.openid\.net%2Fauth%2F2\.0 &openid.mode=checkid_setup &openid.identity=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser &openid.claimed_id=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser &openid.assoc_handle='.self::$assocHandle.' &openid.return_to=http%3A%2F%2Fwww\.example\.com &openid.realm=http%3A%2F%2Fwww\.example\.com \'; #x', $this->_response->getBody() ), 1 ); } public function testTrustAction2() { $openIdUser = new OpenIdUser(); $openIdUser->setLoggedInUser($this->_user->openid); $_SERVER['QUERY_STRING'] = sprintf(self::CHECKID_QUERY, self::$assocHandle); Setup::$front->setRequest(new TestRequest('/openid/trust?' . $_SERVER['QUERY_STRING'])); Setup::dispatch(); $this->assertContains( 'A site identifying as http://www.example.com/ has asked for confirmation that '.$this->_user->openid.' is your identity URL.', $this->_response->getBody() ); } public function testProviderProceedAction() { $openIdUser = new OpenIdUser(); $openIdUser->setLoggedInUser($this->_user->openid); $_SERVER['QUERY_STRING'] = sprintf(self::CHECKID_QUERY, self::$assocHandle); // required for logging $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; Zend_OpenId::$exitOnRedirect = false; $_POST = array( 'action' => 'proceed', 'allow' => 'Allow', ); Setup::$front->setRequest(new TestRequest('/openid/provider?' . $_SERVER['QUERY_STRING'])); Setup::dispatch(); $this->assertEquals( preg_match( '# window\.location=\'http://www.example.com\? openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0 &openid.assoc_handle='.self::$assocHandle.' &openid.return_to=http%3A%2F%2Fwww.example.com &openid.claimed_id=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser &openid.identity=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser &openid.op_endpoint=http%3A%2F%2F.* &openid.response_nonce='.gmdate('Y-m-d\T').'.* &openid.mode=id_res &openid.signed=ns%2Cassoc_handle%2Creturn_to%2Cclaimed_id%2Cidentity%2Cop_endpoint%2Cresponse_nonce%2Cmode%2Csigned &openid.sig=.* \'; #x', $this->_response->getBody() ), 1 ); } public function testAlreadyTrustedWithSreg() { $sregData = array( 'nickname' => 'nicktest', 'email' => 'test_x@mailinator.com', 'fullname' => 'Michael Jordan', ); $sreg = new Zend_OpenId_Extension_Sreg($sregData); $storage = new Monkeys_OpenId_Provider_Storage_Database(); $storage->addSite($this->_user->openid, 'http://www.example.com', array('Zend_OpenId_Extension_Sreg' => $sregData)); $openIdUser = new OpenIdUser(); $openIdUser->setLoggedInUser($this->_user->openid); $queryString = self::CHECKID_QUERY . "&openid.ns.sreg=http%%3A%%2F%%2Fopenid.net%%2Fextensions%%2Fsreg%%2F1.1&openid.sreg.required=nickname&openid.sreg.optional=email%%2Cfullname"; $_SERVER['QUERY_STRING'] = sprintf($queryString, self::$assocHandle); // required for logging $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; // needed by Zend_OpenId_Provider $_SERVER["REQUEST_METHOD"] = 'GET'; Zend_OpenId::$exitOnRedirect = false; Setup::$front->setRequest(new TestRequest('/openid/provider?' . $_SERVER['QUERY_STRING'])); Setup::dispatch(); $this->assertEquals( preg_match( '# window\.location=\'http://www.example.com\? openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0 &openid.assoc_handle='.self::$assocHandle.' &openid.return_to=http%3A%2F%2Fwww.example.com &openid.claimed_id=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser &openid.identity=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser &openid.op_endpoint=http%3A%2F%2F.* &openid.response_nonce='.gmdate('Y-m-d\T').'.* &openid.mode=id_res &openid.ns.sreg=http%3A%2F%2Fopenid.net%2Fextensions%2Fsreg%2F1.1 &openid.sreg.nickname=nicktest &openid.sreg.email=test_x%40mailinator.com &openid.sreg.fullname=Michael\+Jordan &openid.signed=ns%2Cassoc_handle%2Creturn_to%2Cclaimed_id%2Cidentity%2Cop_endpoint%2Cresponse_nonce%2Cmode%2Cns.sreg%2Csreg.nickname%2Csreg.email%2Csreg.fullname%2Csigned &openid.sig=.* \'; #x', $this->_response->getBody() ), 1 ); } public function tearDown() { $users = new Users(); $this->_user->delete(); } }