[project @ Fixes and test for dumb mode server]

author: Josh Hoyt <josh@janrain.com> 2006-01-25 19:27:59 +0000
committer: Josh Hoyt <josh@janrain.com> 2006-01-25 19:27:59 +0000
commit: a462646c2bc7e5ef2c114040e16f0cf86423100c (patch)
tree: 1bbd6cbf08769bc04f678c14be5a4a0b0eb234da
parent: 531e1ff43648a3bef61e0c9436005141c75a0a6a (diff)
download: php-openid-a462646c2bc7e5ef2c114040e16f0cf86423100c.zip
php-openid-a462646c2bc7e5ef2c114040e16f0cf86423100c.tar.gz
php-openid-a462646c2bc7e5ef2c114040e16f0cf86423100c.tar.bz2
2 files changed, 49 insertions, 11 deletions
diff --git a/Auth/OpenID/Server.php b/Auth/OpenID/Server.php
index 39950c8..82e15d7 100644
--- a/Auth/OpenID/Server.php
+++ b/Auth/OpenID/Server.php
@@ -178,7 +178,7 @@ class Auth_OpenID_Server {
                        );
 
         $assoc = null;
-        $assoc_handle = $args['openid.assoc_handle'];
+        $assoc_handle = @$auth_info->args['openid.assoc_handle'];
         if (isset($assoc_handle)) {
             $key = $this->_normal_key;
             $assoc = $this->store->getAssociation($key, $assoc_handle);
@@ -199,7 +199,8 @@ class Auth_OpenID_Server {
         }
 
         $reply['openid.assoc_handle'] = $assoc->handle;
-        $assoc->addSignature($this->_signed_fields, &$reply);
+        $signed_fields = array('mode', 'identity', 'return_to');
+        $assoc->addSignature($signed_fields, &$reply);
         $redir_url = Auth_OpenID_appendArgs($return_to, $reply);
         return array(Auth_OpenID_REDIRECT, $redir_url);
     }
@@ -278,7 +279,7 @@ class Auth_OpenID_Server {
 
             $to_verify = $args;
             $to_verify['openid.mode'] = 'id_res';
-            $fields = explode(',', trim(signed));
+            $fields = explode(',', trim($signed));
             $tv_sig = $assoc->signDict($signed_fields, $to_verify);
             
             if ($tv_sig == $sig) {
diff --git a/Tests/Auth/OpenID/Server.php b/Tests/Auth/OpenID/Server.php
index 684f908..59675fb 100644
--- a/Tests/Auth/OpenID/Server.php
+++ b/Tests/Auth/OpenID/Server.php
@@ -26,6 +26,22 @@ class Tests_Auth_OpenID_Server extends PHPUnit_TestCase {
         $this->server =& new Auth_OpenID_Server($this->sv_url, &$this->store);
     }
 
+    function _parseRedirResp($ret)
+    {
+        list($status, $redir) = $ret;
+        if ($status != Auth_OpenID_REDIRECT) {
+            $this->fail("Bad status: $status");
+            return false;
+        }
+
+        list($base, $query_str) = explode('?', $redir, 2);
+
+        $query = array();
+        parse_str($query_str, $query);
+        $query = Auth_OpenID_fixArgs($query);
+        return array($base, $query);
+    }
+
     function test_getWithReturnToError()
     {
         $args = array(
@@ -34,15 +50,9 @@ class Tests_Auth_OpenID_Server extends PHPUnit_TestCase {
                       'openid.return_to' => $this->rt_url,
                       );
 
-        list($status, $info) = $this->server->getOpenIDResponse(
-            $this->noauth, 'GET', $args);
-
-        $this->assertEquals(Auth_OpenID_REDIRECT, $status);
-        list($rt_base, $query) = explode('?', $info, 2);
+        $ret = $this->server->getOpenIDResponse($this->noauth, 'GET', $args);
 
-        $resultArgs = array();
-        parse_str($query, $resultArgs);
-        $resultArgs = Auth_OpenID_fixArgs($resultArgs);
+        list($rt_base, $resultArgs) = $this->_parseRedirResp($ret);
 
         $this->assertEquals($this->rt_url, $rt_base);
         $this->assertEquals('error', $resultArgs['openid.mode']);
@@ -181,4 +191,31 @@ class Tests_Auth_OpenID_Server extends PHPUnit_TestCase {
         $expected = $this->_buildURL($this->rt_url, $eargs);
         $this->assertEquals($expected, $info);
     }
+
+    function test_checkIdImmediate()
+    {
+        $args = array(
+                      'openid.mode' => 'checkid_immediate',
+                      'openid.identity' => $this->id_url,
+                      'openid.return_to' => $this->rt_url,
+                      );
+        $ainfo = new Auth_OpenID_AuthorizationInfo($this->sv_url, $args);
+        $ret = $this->server->getAuthResponse(&$ainfo, true);
+        list($base, $query) = $this->_parseRedirResp($ret);
+        $this->assertEquals($base, $this->rt_url);
+        $this->assertEquals($query['openid.mode'], 'id_res');
+        $this->assertEquals($query['openid.identity'], $this->id_url);
+        $this->assertEquals($query['openid.return_to'], $this->rt_url);
+        $this->assertEquals('mode,identity,return_to', $query['openid.signed']);
+        
+        $assoc = $this->store->getAssociation($this->server->_dumb_key,
+                                              $query['openid.assoc_handle']);
+        $this->assertNotNull($assoc);
+        $expected = $assoc->sign(array('mode' => 'id_res',
+                                       'identity' => $this->id_url,
+                                       'return_to' => $this->rt_url,
+                                       ));
+        $expected64 = base64_encode($expected);
+        $this->assertEquals($expected64, $query['openid.sig']);
+    }
 }
author	Josh Hoyt <josh@janrain.com>	2006-01-25 19:27:59 +0000
committer	Josh Hoyt <josh@janrain.com>	2006-01-25 19:27:59 +0000
commit	a462646c2bc7e5ef2c114040e16f0cf86423100c (patch)
tree	1bbd6cbf08769bc04f678c14be5a4a0b0eb234da
parent	531e1ff43648a3bef61e0c9436005141c75a0a6a (diff)
download	php-openid-a462646c2bc7e5ef2c114040e16f0cf86423100c.zip php-openid-a462646c2bc7e5ef2c114040e16f0cf86423100c.tar.gz php-openid-a462646c2bc7e5ef2c114040e16f0cf86423100c.tar.bz2