diff options
| author | tailor <dag@janrain.com> | 2008-05-27 00:10:24 +0000 |
|---|---|---|
| committer | tailor <dag@janrain.com> | 2008-05-27 00:10:24 +0000 |
| commit | ad00026316d8f5344e5fb206311796739810a6dc (patch) | |
| tree | 138b19530fc4fd873b2260279a7cfc5c93545d5a | |
| parent | cf2b16b8dc2a030751a2bc0e6c39152ef89dd66a (diff) | |
| download | php-openid-ad00026316d8f5344e5fb206311796739810a6dc.zip php-openid-ad00026316d8f5344e5fb206311796739810a6dc.tar.gz php-openid-ad00026316d8f5344e5fb206311796739810a6dc.tar.bz2 | |
[project @ Send all fields in check_authentication, not just signed ones. (OpenID 2 compliance)]
| -rw-r--r-- | Auth/OpenID/Consumer.php | 33 | ||||
| -rw-r--r-- | Tests/Auth/OpenID/Consumer.php | 20 |
2 files changed, 11 insertions, 42 deletions
diff --git a/Auth/OpenID/Consumer.php b/Auth/OpenID/Consumer.php index 3619e5a..0d276f0 100644 --- a/Auth/OpenID/Consumer.php +++ b/Auth/OpenID/Consumer.php @@ -1323,43 +1323,18 @@ class Auth_OpenID_GenericConsumer { function _createCheckAuthRequest($message) { $signed = $message->getArg(Auth_OpenID_OPENID_NS, 'signed'); - if ($signed === null) { - return null; - } - - $whitelist = array('assoc_handle', 'sig', - 'signed', 'invalidate_handle'); - - $check_args = array(); - - foreach ($whitelist as $k) { - $val = $message->getArg(Auth_OpenID_OPENID_NS, $k); - if ($val !== null) { - $check_args[$k] = $val; - } - } - - $signed = $message->getArg(Auth_OpenID_OPENID_NS, - 'signed'); - if ($signed) { foreach (explode(',', $signed) as $k) { - if ($k == 'ns') { - $check_args['ns'] = $message->getOpenIDNamespace(); - continue; - } - $value = $message->getAliasedArg($k); if ($value === null) { return null; } - - $check_args[$k] = $value; } } - - $check_args['mode'] = 'check_authentication'; - return Auth_OpenID_Message::fromOpenIDArgs($check_args); + $ca_message = $message->copy(); + $ca_message->setArg(Auth_OpenID_OPENID_NS, 'mode', + 'check_authentication'); + return $ca_message; } /** diff --git a/Tests/Auth/OpenID/Consumer.php b/Tests/Auth/OpenID/Consumer.php index 148d6f3..0605afc 100644 --- a/Tests/Auth/OpenID/Consumer.php +++ b/Tests/Auth/OpenID/Consumer.php @@ -1533,29 +1533,23 @@ class Tests_Auth_OpenID_Consumer_TestCheckAuth extends _TestIdRes { function test_signedList() { + $signed = 'identity,mode,ns.sreg,sreg.email'; $query = Auth_OpenID_Message::fromOpenIDArgs(array( 'mode'=> 'id_res', - 'ns' => Auth_OpenID_OPENID2_NS, 'sig'=> 'rabbits', 'identity'=> '=example', 'assoc_handle'=> 'munchkins', 'ns.sreg' => 'urn:sreg', 'sreg.email' => 'bogus@example.com', - 'signed'=> 'identity,mode,ns.sreg,sreg.email', + 'signed'=> $signed, 'foo'=> 'bar')); - $expected = Auth_OpenID_Message::fromOpenIDArgs(array( - 'mode'=> 'check_authentication', - 'sig'=> 'rabbits', - 'assoc_handle'=> 'munchkins', - 'ns.sreg' => 'urn:sreg', - 'sreg.email' => 'bogus@example.com', - 'identity'=> '=example', - 'signed'=> 'identity,mode,ns.sreg,sreg.email' - )); - $args = $this->consumer->_createCheckAuthRequest($query); - $this->assertEquals($args->toPostArgs(), $expected->toPostArgs()); + $this->assertTrue($args->isOpenID1()); + $signed_list = explode(',',$signed); + foreach ($signed_list as $k) { + $this->assertTrue($args->getAliasedArg($k)); + } } } |