404 lines
16 KiB
PHP
Executable File
404 lines
16 KiB
PHP
Executable File
<?php
|
|
|
|
/*
|
|
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
|
|
* @license http://creativecommons.org/licenses/BSD/ BSD License
|
|
* @author Keyboard Monkey Ltd
|
|
* @since CommunityID 0.9
|
|
* @package CommunityID
|
|
* @packager Keyboard Monkeys
|
|
*/
|
|
|
|
require_once dirname(__FILE__) . '/../../../TestHarness.php';
|
|
|
|
class OpenidControllerTests extends PHPUnit_Framework_TestCase
|
|
{
|
|
const CHECKID_QUERY = 'openid.ns=http%%3A%%2F%%2Fspecs.openid.net%%2Fauth%%2F2.0&openid.mode=checkid_setup&openid.identity=http%%3A%%2F%%2Flocalhost%%2Fcommunityid%%2Fidentity%%2Ftestuser&openid.claimed_id=http%%3A%%2F%%2Flocalhost%%2Fcommunityid%%2Fidentity%%2Ftestuser&openid.assoc_handle=%s&openid.return_to=http%%3A%%2F%%2Fwww%%2Eexample%%2Ecom&openid%%2Erealm=http%%3A%%2F%%2Fwww%%2Eexample%%2Ecom';
|
|
|
|
private $_response;
|
|
private $_tempDir;
|
|
private $_user;
|
|
|
|
// state isn't preserved accross test methods, so gotta use a static
|
|
public static $assocHandle;
|
|
|
|
public function __construct($name = NULL, array $data = array(), $dataName = '')
|
|
{
|
|
parent::__construct($name, $data, $dataName);
|
|
$this->_tempDir = APP_DIR . '/tests/temp';
|
|
}
|
|
|
|
public function setUp()
|
|
{
|
|
TestHarness::setUp();
|
|
|
|
Setup::$front->returnResponse(true);
|
|
$this->_response = new Zend_Controller_Response_Http();
|
|
Setup::$front->setResponse($this->_response);
|
|
|
|
$users = new Users();
|
|
$this->_user = $users->createRow();
|
|
$this->_user->test = 1;
|
|
$this->_user->username = 'testuser';
|
|
$this->_user->role = User::ROLE_REGISTERED;
|
|
$this->_user->openid = 'http://localhost/communityid/identity/'.$this->_user->username;
|
|
$this->_user->accepted_eula = 1;
|
|
$this->_user->firstname = 'firstnametest';
|
|
$this->_user->lastname = 'lastnametest';
|
|
$this->_user->email = 'usertest@mailinator.com';
|
|
$this->_user->token = '';
|
|
$this->_user->save();
|
|
Zend_Registry::set('user', $this->_user);
|
|
}
|
|
|
|
/**
|
|
* @expectedException Monkeys_BadUrlException
|
|
*/
|
|
public function testIndexAction()
|
|
{
|
|
Setup::$front->setRequest(new TestRequest('/openid'));
|
|
Setup::dispatch();
|
|
}
|
|
|
|
public function testProviderAssociateAction()
|
|
{
|
|
$_POST = array(
|
|
'openid_ns' => 'http://specs.openid.net/auth/2.0',
|
|
'openid_mode' => 'associate',
|
|
'openid_assoc_type' => 'HMAC-SHA256',
|
|
'openid_session_type' => 'DH-SHA256',
|
|
'openid_dh_modulus' => 'ANz5OguIOXLsDhmYmsWizjEOHTdxfo2Vcbt2I3MYZuYe91ouJ4mLBX+YkcLiemOcPym2CBRYHNOyyjmG0mg3BVd9RcLn5S3IHHoXGHblzqdLFEi/368Ygo79JRnxTkXjgmY0rxlJ5bU1zIKaSDuKdiI+XUkKJX8Fvf8W8vsixYOr',
|
|
'openid_dh_gen' => 'Ag==',
|
|
'openid_dh_consumer_public' => 'MFzHUMsSa4YSQ3JrcPSqyUaTQ3Z+QWKH6knvrREW7b6zQ2qMdOrpckgnUgo0pILMQpls8Ty/3JDv+IO29qASk2PwwZwxC2kXK/MQC/om5gs/IpjPSw1wK4bz2QTUHTRSxmtTxiq0tHYmIIqadz4TTMfXohMU2VCuYBqDNMHZFpk=',
|
|
);
|
|
|
|
// needed by Zend_OpenId_Provider
|
|
$_SERVER["REQUEST_METHOD"] = 'POST';
|
|
|
|
Setup::$front->setRequest(new TestRequest('/openid/provider'));
|
|
Setup::dispatch();
|
|
|
|
$this->assertEquals(
|
|
preg_match(
|
|
"%
|
|
ns:http://specs\.openid\.net/auth/2\.0\\x0A
|
|
assoc_type:HMAC-SHA256\\x0A
|
|
session_type:DH-SHA256\\x0A
|
|
dh_server_public:.*\\x0A
|
|
enc_mac_key:.*\\x0A
|
|
assoc_handle:([a-f0-9]+)\\x0A
|
|
expires_in:3600\\x0A
|
|
%x",
|
|
$this->_response->getBody(),
|
|
$matches
|
|
),
|
|
1
|
|
);
|
|
self::$assocHandle = $matches[1];
|
|
}
|
|
|
|
public function testProviderCheckidSetupAction()
|
|
{
|
|
// needed by Zend_OpenId_Provider
|
|
$_SERVER["REQUEST_METHOD"] = 'GET';
|
|
|
|
Zend_OpenId::$exitOnRedirect = false;
|
|
|
|
Setup::$front->setRequest(new TestRequest('/openid/provider?openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=checkid_setup&openid.identity=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser&openid.claimed_id=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser&openid.assoc_handle='.self::$assocHandle.'&openid.return_to=http%3A%2F%2Fwww%2Eexample%2Ecom&openid.realm=http%3A%2F%2Fwww%2Eexample%2Ecom'));
|
|
Setup::dispatch();
|
|
|
|
$this->assertEquals(
|
|
preg_match(
|
|
'#
|
|
<script\ language="JavaScript"\ type="text/javascript">window\.location=\'http://.*/communityid/openid/login\?
|
|
openid\.ns=http%3A%2F%2Fspecs\.openid\.net%2Fauth%2F2\.0
|
|
&openid\.mode=checkid_setup
|
|
&openid\.identity=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser
|
|
&openid\.claimed_id=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser
|
|
&openid\.assoc_handle='.self::$assocHandle.'
|
|
&openid\.return_to=http%3A%2F%2Fwww\.example\.com
|
|
&openid\.realm=http%3A%2F%2Fwww\.example\.com
|
|
\';</script>
|
|
#x',
|
|
$this->_response->getBody()
|
|
),
|
|
1
|
|
);
|
|
}
|
|
|
|
public function testLoginAction()
|
|
{
|
|
$_SERVER['QUERY_STRING'] = sprintf(self::CHECKID_QUERY, self::$assocHandle);
|
|
|
|
Setup::$front->setRequest(new TestRequest('/openid/login?' . $_SERVER['QUERY_STRING']));
|
|
Setup::dispatch();
|
|
|
|
$this->assertContains('<form action="authenticate?'.$_SERVER['QUERY_STRING'].'" method="post">', $this->_response->getBody());
|
|
}
|
|
|
|
public function testAuthenticateEmptyUsernameAction()
|
|
{
|
|
$_SERVER['QUERY_STRING'] = sprintf(self::CHECKID_QUERY, self::$assocHandle);
|
|
|
|
$_POST = array(
|
|
'openIdIdentity' => '',
|
|
'password' => 'whateva',
|
|
);
|
|
|
|
Setup::$front->setRequest(new TestRequest('/openid/authenticate?' . $_SERVER['QUERY_STRING']));
|
|
Setup::dispatch();
|
|
|
|
$this->assertContains('Value is empty, but a non-empty value is required', $this->_response->getBody());
|
|
}
|
|
|
|
public function testAuthenticateBadUsernameAction()
|
|
{
|
|
$_SERVER['QUERY_STRING'] = sprintf(self::CHECKID_QUERY, self::$assocHandle);
|
|
|
|
$_POST = array(
|
|
'openIdIdentity' => 'whateva',
|
|
'password' => 'whatevaagain',
|
|
);
|
|
|
|
Zend_OpenId::$exitOnRedirect = false;
|
|
|
|
Setup::$front->setRequest(new TestRequest('/openid/authenticate?' . $_SERVER['QUERY_STRING']));
|
|
Setup::dispatch();
|
|
|
|
$this->assertEquals(
|
|
preg_match(
|
|
'#
|
|
<script\ language="JavaScript"\ type="text/javascript">window\.location=\'http://.*/communityid/openid/provider\?
|
|
openid_ns=http%3A%2F%2Fspecs\.openid\.net%2Fauth%2F2\.0
|
|
&openid_mode=checkid_setup
|
|
&openid_identity=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser
|
|
&openid_claimed_id=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser
|
|
&openid_assoc_handle='.self::$assocHandle.'
|
|
&openid_return_to=http%3A%2F%2Fwww\.example\.com
|
|
&openid_realm=http%3A%2F%2Fwww\.example\.com
|
|
\';</script>
|
|
#x',
|
|
$this->_response->getBody()
|
|
),
|
|
1
|
|
);
|
|
}
|
|
|
|
public function testAuthenticateBadPasswordAction()
|
|
{
|
|
$_SERVER['QUERY_STRING'] = sprintf(self::CHECKID_QUERY, self::$assocHandle);
|
|
|
|
$_POST = array(
|
|
'openIdIdentity' => $this->_user->openid,
|
|
'password' => 'whateva',
|
|
);
|
|
|
|
Zend_OpenId::$exitOnRedirect = false;
|
|
|
|
Setup::$front->setRequest(new TestRequest('/openid/authenticate?' . $_SERVER['QUERY_STRING']));
|
|
Setup::dispatch();
|
|
|
|
$this->assertEquals(
|
|
preg_match(
|
|
'#
|
|
<script\ language="JavaScript"\ type="text/javascript">window\.location=\'http://.*/communityid/openid/provider\?
|
|
openid_ns=http%3A%2F%2Fspecs\.openid\.net%2Fauth%2F2\.0
|
|
&openid_mode=checkid_setup
|
|
&openid_identity=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser
|
|
&openid_claimed_id=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser
|
|
&openid_assoc_handle='.self::$assocHandle.'
|
|
&openid_return_to=http%3A%2F%2Fwww\.example\.com
|
|
&openid_realm=http%3A%2F%2Fwww\.example\.com
|
|
\';</script>
|
|
#x',
|
|
$this->_response->getBody()
|
|
),
|
|
1
|
|
);
|
|
}
|
|
|
|
public function testAuthenticateSuccessfulAction()
|
|
{
|
|
$_SERVER['QUERY_STRING'] = sprintf(self::CHECKID_QUERY, self::$assocHandle);
|
|
|
|
$_POST = array(
|
|
'openIdIdentity' => $this->_user->openid,
|
|
'password' => 'm',
|
|
);
|
|
|
|
Zend_OpenId::$exitOnRedirect = false;
|
|
|
|
Setup::$front->setRequest(new TestRequest('/openid/authenticate?' . $_SERVER['QUERY_STRING']));
|
|
Setup::dispatch();
|
|
|
|
$this->assertEquals(
|
|
preg_match(
|
|
'#
|
|
<script\ language="JavaScript"\ type="text/javascript">window\.location=\'http://.*/communityid/openid/provider\?
|
|
openid_ns=http%3A%2F%2Fspecs\.openid\.net%2Fauth%2F2\.0
|
|
&openid_mode=checkid_setup
|
|
&openid_identity=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser
|
|
&openid_claimed_id=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser
|
|
&openid_assoc_handle='.self::$assocHandle.'
|
|
&openid_return_to=http%3A%2F%2Fwww\.example\.com
|
|
&openid_realm=http%3A%2F%2Fwww\.example\.com
|
|
\';</script>
|
|
#x',
|
|
$this->_response->getBody()
|
|
),
|
|
1
|
|
);
|
|
}
|
|
|
|
public function testTrustAction1()
|
|
{
|
|
$openIdUser = new OpenIdUser();
|
|
$openIdUser->setLoggedInUser($this->_user->openid);
|
|
|
|
$_SERVER['QUERY_STRING'] = sprintf(self::CHECKID_QUERY, self::$assocHandle);
|
|
|
|
// needed by Zend_OpenId_Provider
|
|
$_SERVER["REQUEST_METHOD"] = 'GET';
|
|
|
|
Zend_OpenId::$exitOnRedirect = false;
|
|
|
|
Setup::$front->setRequest(new TestRequest('/openid/provider?' . $_SERVER['QUERY_STRING']));
|
|
Setup::dispatch();
|
|
|
|
$this->assertEquals(
|
|
preg_match(
|
|
'#
|
|
<script\ language="JavaScript"\ type="text/javascript">window\.location=\'http://.*/communityid/openid/trust\?
|
|
openid.ns=http%3A%2F%2Fspecs\.openid\.net%2Fauth%2F2\.0
|
|
&openid.mode=checkid_setup
|
|
&openid.identity=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser
|
|
&openid.claimed_id=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser
|
|
&openid.assoc_handle='.self::$assocHandle.'
|
|
&openid.return_to=http%3A%2F%2Fwww\.example\.com
|
|
&openid.realm=http%3A%2F%2Fwww\.example\.com
|
|
\';</script>
|
|
#x',
|
|
$this->_response->getBody()
|
|
),
|
|
1
|
|
);
|
|
}
|
|
|
|
public function testTrustAction2()
|
|
{
|
|
$openIdUser = new OpenIdUser();
|
|
$openIdUser->setLoggedInUser($this->_user->openid);
|
|
|
|
$_SERVER['QUERY_STRING'] = sprintf(self::CHECKID_QUERY, self::$assocHandle);
|
|
|
|
Setup::$front->setRequest(new TestRequest('/openid/trust?' . $_SERVER['QUERY_STRING']));
|
|
Setup::dispatch();
|
|
|
|
$this->assertContains(
|
|
'A site identifying as <a href="http://www.example.com/">http://www.example.com/</a> has asked for confirmation that <a href="'.$this->_user->openid.'">'.$this->_user->openid.'</a> is your identity URL.',
|
|
$this->_response->getBody()
|
|
);
|
|
}
|
|
|
|
public function testProviderProceedAction()
|
|
{
|
|
$openIdUser = new OpenIdUser();
|
|
$openIdUser->setLoggedInUser($this->_user->openid);
|
|
|
|
$_SERVER['QUERY_STRING'] = sprintf(self::CHECKID_QUERY, self::$assocHandle);
|
|
|
|
// required for logging
|
|
$_SERVER['REMOTE_ADDR'] = '127.0.0.1';
|
|
|
|
Zend_OpenId::$exitOnRedirect = false;
|
|
|
|
$_POST = array(
|
|
'action' => 'proceed',
|
|
'allow' => 'Allow',
|
|
);
|
|
Setup::$front->setRequest(new TestRequest('/openid/provider?' . $_SERVER['QUERY_STRING']));
|
|
Setup::dispatch();
|
|
|
|
$this->assertEquals(
|
|
preg_match(
|
|
'#
|
|
<script\ language="JavaScript"\ type="text/javascript">window\.location=\'http://www.example.com\?
|
|
openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
|
|
&openid.assoc_handle='.self::$assocHandle.'
|
|
&openid.return_to=http%3A%2F%2Fwww.example.com
|
|
&openid.claimed_id=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser
|
|
&openid.identity=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser
|
|
&openid.op_endpoint=http%3A%2F%2F.*
|
|
&openid.response_nonce='.gmdate('Y-m-d\T').'.*
|
|
&openid.mode=id_res
|
|
&openid.signed=ns%2Cassoc_handle%2Creturn_to%2Cclaimed_id%2Cidentity%2Cop_endpoint%2Cresponse_nonce%2Cmode%2Csigned
|
|
&openid.sig=.*
|
|
\';</script>
|
|
#x',
|
|
$this->_response->getBody()
|
|
),
|
|
1
|
|
);
|
|
}
|
|
|
|
public function testAlreadyTrustedWithSreg()
|
|
{
|
|
$sregData = array(
|
|
'nickname' => 'nicktest',
|
|
'email' => 'test_x@mailinator.com',
|
|
'fullname' => 'Michael Jordan',
|
|
);
|
|
$sreg = new Zend_OpenId_Extension_Sreg($sregData);
|
|
$storage = new Monkeys_OpenId_Provider_Storage_Database();
|
|
$storage->addSite($this->_user->openid, 'http://www.example.com', array('Zend_OpenId_Extension_Sreg' => $sregData));
|
|
$openIdUser = new OpenIdUser();
|
|
$openIdUser->setLoggedInUser($this->_user->openid);
|
|
|
|
$queryString = self::CHECKID_QUERY . "&openid.ns.sreg=http%%3A%%2F%%2Fopenid.net%%2Fextensions%%2Fsreg%%2F1.1&openid.sreg.required=nickname&openid.sreg.optional=email%%2Cfullname";
|
|
|
|
$_SERVER['QUERY_STRING'] = sprintf($queryString, self::$assocHandle);
|
|
|
|
// required for logging
|
|
$_SERVER['REMOTE_ADDR'] = '127.0.0.1';
|
|
|
|
// needed by Zend_OpenId_Provider
|
|
$_SERVER["REQUEST_METHOD"] = 'GET';
|
|
|
|
Zend_OpenId::$exitOnRedirect = false;
|
|
|
|
Setup::$front->setRequest(new TestRequest('/openid/provider?' . $_SERVER['QUERY_STRING']));
|
|
Setup::dispatch();
|
|
|
|
$this->assertEquals(
|
|
preg_match(
|
|
'#
|
|
<script\ language="JavaScript"\ type="text/javascript">window\.location=\'http://www.example.com\?
|
|
openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
|
|
&openid.assoc_handle='.self::$assocHandle.'
|
|
&openid.return_to=http%3A%2F%2Fwww.example.com
|
|
&openid.claimed_id=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser
|
|
&openid.identity=http%3A%2F%2Flocalhost%2Fcommunityid%2Fidentity%2Ftestuser
|
|
&openid.op_endpoint=http%3A%2F%2F.*
|
|
&openid.response_nonce='.gmdate('Y-m-d\T').'.*
|
|
&openid.mode=id_res
|
|
&openid.ns.sreg=http%3A%2F%2Fopenid.net%2Fextensions%2Fsreg%2F1.1
|
|
&openid.sreg.nickname=nicktest
|
|
&openid.sreg.email=test_x%40mailinator.com
|
|
&openid.sreg.fullname=Michael\+Jordan
|
|
&openid.signed=ns%2Cassoc_handle%2Creturn_to%2Cclaimed_id%2Cidentity%2Cop_endpoint%2Cresponse_nonce%2Cmode%2Cns.sreg%2Csreg.nickname%2Csreg.email%2Csreg.fullname%2Csigned
|
|
&openid.sig=.*
|
|
\';</script>
|
|
#x',
|
|
$this->_response->getBody()
|
|
),
|
|
1
|
|
);
|
|
}
|
|
|
|
public function tearDown()
|
|
{
|
|
$users = new Users();
|
|
$this->_user->delete();
|
|
}
|
|
}
|