[project @ Consumer._verifyDiscoveryResults: fall back to OpenID 1.0 type if 1.1 endpoint cannot be found]

2 files changed, 73 insertions, 24 deletions

diff --git a/Auth/OpenID/Consumer.php b/Auth/OpenID/Consumer.php
index e2ec812..330a5ba 100644
--- a/Auth/OpenID/Consumer.php
+++ b/Auth/OpenID/Consumer.php
@@ -1016,13 +1016,8 @@ class Auth_OpenID_GenericConsumer {
         }
 
         // Endpoint is either bad (failed verification) or None
-        $result = $this->_discoverAndVerify($to_match);
-
-        if (is_a($result, 'Auth_OpenID_TypeURIMismatch')) {
-            return $this->_discoverAndVerify($to_match_1_0);
-        } else {
-            return $result;
-        }
+        return $this->_discoverAndVerify($to_match->claimed_id,
+                                         array($to_match, $to_match_1_0));
     }
 
     /**
@@ -1126,7 +1121,8 @@ class Auth_OpenID_GenericConsumer {
             // identifier endpoints and responses that didn't match
             // the original request.
             // oidutil.log('No pre-discovered information supplied.')
-            return $this->_discoverAndVerify($to_match);
+            return $this->_discoverAndVerify($to_match->claimed_id,
+                                             array($to_match));
         } else {
 
             // The claimed ID matches, so we use the endpoint that we
@@ -1135,8 +1131,8 @@ class Auth_OpenID_GenericConsumer {
             $result = $this->_verifyDiscoverySingle($endpoint, $to_match);
 
             if (Auth_OpenID::isFailure($result)) {
-                $endpoint = $this->_discoverAndVerify($to_match);
-
+                $endpoint = $this->_discoverAndVerify($to_match->claimed_id,
+                                                      array($to_match));
                 if (Auth_OpenID::isFailure($endpoint)) {
                     return $endpoint;
                 }
@@ -1155,43 +1151,48 @@ class Auth_OpenID_GenericConsumer {
     /**
      * @access private
      */
-    function _discoverAndVerify($to_match)
+    function _discoverAndVerify($claimed_id, $to_match_endpoints)
     {
-        // oidutil.log('Performing discovery on %s' % (to_match.claimed_id,))
+        // oidutil.log('Performing discovery on %s' % (claimed_id,))
         list($unused, $services) = call_user_func($this->discoverMethod,
-                                                  $to_match->claimed_id,
+                                                  $claimed_id,
                                                   $this->fetcher);
 
         if (!$services) {
             return new Auth_OpenID_FailureResponse(null,
               sprintf("No OpenID information found at %s",
-                      $to_match->claimed_id));
+                      $claimed_id));
         }
 
-        return $this->_verifyDiscoveryServices($services, $to_match);
+        return $this->_verifyDiscoveryServices($claimed_id, $services,
+                                               $to_match_endpoints);
     }
 
     /**
      * @access private
      */
-    function _verifyDiscoveryServices(&$services, &$to_match)
+    function _verifyDiscoveryServices($claimed_id, 
+                                      &$services, &$to_match_endpoints)
     {
         // Search the services resulting from discovery to find one
         // that matches the information from the assertion
 
         foreach ($services as $endpoint) {
-            $result = $this->_verifyDiscoverySingle($endpoint, $to_match);
+            foreach ($to_match_endpoints as $to_match_endpoint) {
+                $result = $this->_verifyDiscoverySingle($endpoint, 
+                                                        $to_match_endpoint);
 
-            if (!Auth_OpenID::isFailure($result)) {
-                // It matches, so discover verification has
-                // succeeded. Return this endpoint.
-                return $endpoint;
+                if (!Auth_OpenID::isFailure($result)) {
+                    // It matches, so discover verification has
+                    // succeeded. Return this endpoint.
+                    return $endpoint;
+                }
             }
         }
 
         return new Auth_OpenID_FailureResponse(null,
           sprintf('No matching endpoint found after discovering %s',
-                  $to_match->claimed_id));
+                  $claimed_id));
     }
 
     /**
diff --git a/Tests/Auth/OpenID/VerifyDisco.php b/Tests/Auth/OpenID/VerifyDisco.php
index 9d14f7e..f3b63a3 100644
--- a/Tests/Auth/OpenID/VerifyDisco.php
+++ b/Tests/Auth/OpenID/VerifyDisco.php
@@ -8,9 +8,9 @@ require_once "Auth/OpenID/Message.php";
 require_once "Auth/OpenID/Consumer.php";
 
 class Tests_Auth_OpenID_VerifyDisco_1 extends Auth_OpenID_GenericConsumer {
-    function _discoverAndVerify($to_match)
+    function _discoverAndVerify($claimed_id, $to_match_endpoints)
     {
-        $this->test_case->assertEquals($this->endpoint->claimed_id, $to_match->claimed_id);
+        $this->test_case->assertEquals($this->endpoint->claimed_id, $claimed_id);
         return new Auth_OpenID_FailureResponse(null, $this->text);
     }
 }
@@ -52,6 +52,53 @@ class _DiscoverAndVerify extends OpenIDTestMixin {
     }
 }
 
+class _Tests_discoveryOverride {
+    function _Tests_discoveryOverride($endpoint)
+    {
+        $this->endpoint = $endpoint;
+    }
+
+    function discover($unused_url)
+    {
+        return array($this->endpoint->claimed_id, array($this->endpoint));
+    }
+}
+class Tests_openID1Fallback1_0 extends _DiscoverAndVerify {
+    function test_openID1Fallback1_0()
+    {
+        $claimed_id = 'http://claimed.id/';
+        $resp_msg = Auth_OpenID_Message::fromOpenIDArgs(
+            array('ns' => Auth_OpenID_OPENID1_NS,
+                  'identity' => $claimed_id));
+        $resp_msg->setArg(Auth_OpenID_BARE_NS, 'openid1_claimed_id', 
+                          $claimed_id);
+        $expected_endpoint = new Auth_OpenID_ServiceEndpoint();
+        $expected_endpoint->type_uris = array(Auth_OpenID_TYPE_1_0);
+        $expected_endpoint->local_id = null;
+        $expected_endpoint->claimed_id = $claimed_id;
+
+        $discovery_override = new _Tests_discoveryOverride($expected_endpoint);
+        $this->consumer->discoverMethod = array($discovery_override, 'discover');
+
+        $actual_endpoint = $this->consumer->_verifyDiscoveryResults(
+            $resp_msg, null);
+
+        $this->assertTrue(is_a($actual_endpoint, "Auth_OpenID_ServiceEndpoint"));
+        
+        $this->assertEquals($expected_endpoint->local_id, 
+                            $actual_endpoint->local_id);
+        $this->assertEquals($expected_endpoint->server_url,
+                            $actual_endpoint->server_url);
+
+        $this->assertEquals($expected_endpoint->type_uris, 
+                            $actual_endpoint->type_uris);
+
+        $this->assertEquals($expected_endpoint->claimed_id, 
+                            $actual_endpoint->claimed_id);
+        
+    }
+}
+
 class Tests_Auth_OpenID_VerifyDisco extends _DiscoverAndVerify {
     function test_openID1NoLocalID()
     {
@@ -371,6 +418,7 @@ $Tests_Auth_OpenID_VerifyDisco_other = array(
                                              new Tests_openID2NoEndpointDoesDisco(),
                                              new Tests_openID2MismatchedDoesDisco_failure(),
                                              new Tests_openid1UsePreDiscoveredWrongType(),
+                                             new Tests_openID1Fallback1_0(),
                                              );
 
 ?>
\ No newline at end of file