diff options
| author | tailor <cygnus@janrain.com> | 2007-12-05 21:43:38 +0000 |
|---|---|---|
| committer | tailor <cygnus@janrain.com> | 2007-12-05 21:43:38 +0000 |
| commit | ee6960fbef50e8dbcc951305d5676d77a2e53f37 (patch) | |
| tree | b451da3223bbcb4f2e12bc5201007efe62255eef /Auth | |
| parent | 350de628a743e433c2abf42c0e4d752e8a587984 (diff) | |
| download | php-openid-ee6960fbef50e8dbcc951305d5676d77a2e53f37.zip php-openid-ee6960fbef50e8dbcc951305d5676d77a2e53f37.tar.gz php-openid-ee6960fbef50e8dbcc951305d5676d77a2e53f37.tar.bz2 | |
[project @ Add PAPE tests and update PAPE extension]
Diffstat (limited to 'Auth')
| -rw-r--r-- | Auth/OpenID/PAPE.php | 42 |
1 files changed, 34 insertions, 8 deletions
diff --git a/Auth/OpenID/PAPE.php b/Auth/OpenID/PAPE.php index 214deb1..ba9f9f6 100644 --- a/Auth/OpenID/PAPE.php +++ b/Auth/OpenID/PAPE.php @@ -84,6 +84,11 @@ class Auth_OpenID_PAPE_Request extends Auth_OpenID_Extension { { $obj = new Auth_OpenID_PAPE_Request(); $args = $request->message->getArgs(Auth_OpenID_PAPE_NS_URI); + + if ($args === null || $args === array()) { + return null; + } + $obj->parseExtensionArgs($args); return $obj; } @@ -112,7 +117,7 @@ class Auth_OpenID_PAPE_Request extends Auth_OpenID_Extension { // max_auth_age is base-10 integer number of seconds $max_auth_age_str = Auth_OpenID::arrayGet($args, 'max_auth_age'); if ($max_auth_age_str) { - $this->max_auth_age = intval($max_auth_age_str); + $this->max_auth_age = Auth_OpenID::intval($max_auth_age_str); } else { $this->max_auth_age = null; } @@ -201,7 +206,13 @@ class Auth_OpenID_PAPE_Response extends Auth_OpenID_Extension { // PAPE requires that the args be signed. $args = $success_response->getSignedNS(Auth_OpenID_PAPE_NS_URI); - if ($obj->parseExtensionArgs($args) === false) { + if ($args === null || $args === array()) { + return null; + } + + $result = $obj->parseExtensionArgs($args); + + if ($result === false) { return null; } else { return $obj; @@ -229,8 +240,17 @@ class Auth_OpenID_PAPE_Response extends Auth_OpenID_Extension { } $nist_level_str = Auth_OpenID::arrayGet($args, 'nist_auth_level'); - if ($nist_level_str) { - $nist_level = intval($nist_level_str); + if ($nist_level_str !== null) { + $nist_level = Auth_OpenID::intval($nist_level_str); + + if ($nist_level === false) { + if ($strict) { + return false; + } else { + $nist_level = null; + } + } + if (0 <= $nist_level && $nist_level < 5) { $this->nist_auth_level = $nist_level; } else if ($strict) { @@ -239,8 +259,8 @@ class Auth_OpenID_PAPE_Response extends Auth_OpenID_Extension { } $auth_age_str = Auth_OpenID::arrayGet($args, 'auth_age'); - if ($auth_age_str) { - $auth_age = intval($auth_age_str); + if ($auth_age_str !== null) { + $auth_age = Auth_OpenID::intval($auth_age_str); if ($auth_age === false) { if ($strict) { return false; @@ -263,7 +283,7 @@ class Auth_OpenID_PAPE_Response extends Auth_OpenID_Extension { ); if ($this->nist_auth_level !== null) { - if (!in_array($this->nist_auth_level, range(0, 4))) { + if (!in_array($this->nist_auth_level, range(0, 4), true)) { return false; } $ns_args['nist_auth_level'] = strval($this->nist_auth_level); @@ -274,8 +294,14 @@ class Auth_OpenID_PAPE_Response extends Auth_OpenID_Extension { return false; } + $result = Auth_OpenID::intval($this->auth_age); + + if ($result === false) { + return false; + } + $ns_args['auth_age'] = - strval(Auth_OpenID::intval($this->auth_age)); + strval($result); } return $ns_args; |