diff options
| -rw-r--r-- | Auth/OpenID/Consumer.php | 17 | ||||
| -rw-r--r-- | Tests/Auth/OpenID/Consumer.php | 29 |
2 files changed, 29 insertions, 17 deletions
diff --git a/Auth/OpenID/Consumer.php b/Auth/OpenID/Consumer.php index 99a30db..9cf86f0 100644 --- a/Auth/OpenID/Consumer.php +++ b/Auth/OpenID/Consumer.php @@ -209,6 +209,11 @@ define('Auth_OpenID_SETUP_NEEDED', 'setup needed'); define('Auth_OpenID_PARSE_ERROR', 'parse error'); /** + * Nonce name for OpenID 1. + */ +define('Auth_OpenID_NONCE_NAME', 'janrain_nonce'); + +/** * An OpenID consumer implementation that performs discovery and does * session management. See the Consumer.php file documentation for * more information. @@ -516,10 +521,9 @@ class Auth_OpenID_GenericConsumer { function begin($service_endpoint) { - $nonce = Auth_OpenID_mkNonce(); $assoc = $this->_getAssociation($service_endpoint->server_url); - $r = new Auth_OpenID_AuthRequest($assoc, $service_endpoint); - $r->return_to_args['nonce'] = $nonce; + $r = new Auth_OpenID_AuthRequest($service_endpoint, $assoc); + $r->return_to_args[Auth_OpenID_NONCE_NAME] = Auth_OpenID_mkNonce(); return $r; } @@ -755,7 +759,7 @@ class Auth_OpenID_GenericConsumer { $found = false; foreach ($query as $k => $v) { - if ($k == 'nonce') { + if ($k == Auth_OpenID_NONCE_NAME) { $server_url = ''; $nonce = $v; $found = true; @@ -931,7 +935,7 @@ class Auth_OpenID_AuthRequest { * class. Instances of this class are created by the library when * needed. */ - function Auth_OpenID_AuthRequest($assoc, $endpoint) + function Auth_OpenID_AuthRequest($endpoint, $assoc) { $this->assoc = $assoc; $this->endpoint = $endpoint; @@ -1118,7 +1122,8 @@ class Auth_OpenID_SuccessResponse extends Auth_OpenID_ConsumerResponse { function getNonce() { - return $this->getSigned(Auth_OpenID_OPENID_NS, 'nonce'); + return $this->getSigned(Auth_OpenID_OPENID_NS, + Auth_OpenID_NONCE_NAME); } } diff --git a/Tests/Auth/OpenID/Consumer.php b/Tests/Auth/OpenID/Consumer.php index 9ee0ce8..3858d8d 100644 --- a/Tests/Auth/OpenID/Consumer.php +++ b/Tests/Auth/OpenID/Consumer.php @@ -202,7 +202,8 @@ class Tests_Auth_OpenID_Consumer extends PHPUnit_TestCase { $this->assertEquals(0, strpos($new_return_to, $return_to)); $query = array( - 'nonce' => $result->return_to_args['nonce'], + Auth_OpenID_NONCE_NAME => + $result->return_to_args[Auth_OpenID_NONCE_NAME], 'openid.mode'=> 'id_res', 'openid.return_to'=> $new_return_to, 'openid.identity'=> $delegate_url, @@ -361,7 +362,8 @@ class _CheckAuthDetectingConsumer extends Auth_OpenID_GenericConsumer { class Tests_Auth_OpenID_Consumer_CheckNonceTest extends _TestIdRes { function test_consumerNonce() { - $this->return_to = sprintf('http://rt.unittest/?nonce=%s', + $this->return_to = sprintf('http://rt.unittest/?%s=%s', + Auth_OpenID_NONCE_NAME, Auth_OpenID_mkNonce()); $query = array('openid.return_to' => $this->return_to); @@ -376,11 +378,13 @@ class Tests_Auth_OpenID_Consumer_CheckNonceTest extends _TestIdRes { function test_serverNonce() { - $query = array('openid.nonce' => Auth_OpenID_mkNonce()); + $query = array('openid.' . Auth_OpenID_NONCE_NAME => + Auth_OpenID_mkNonce()); $message = Auth_OpenID_Message::fromPostArgs($query); $this->response = new Auth_OpenID_SuccessResponse($this->endpoint, $message, - array('openid.nonce')); + array('openid.' . + Auth_OpenID_NONCE_NAME)); $ret = $this->consumer->_checkNonce($this->server_url, $this->response); $this->assertEquals($ret->status, Auth_OpenID_SUCCESS); $this->assertEquals($ret->claimed_id, $this->consumer_id); @@ -394,11 +398,12 @@ class Tests_Auth_OpenID_Consumer_CheckNonceTest extends _TestIdRes { $this->store->useNonce($this->server_url, $timestamp, $salt); - $query = array('openid.nonce' => $nonce); + $query = array('openid.' . Auth_OpenID_NONCE_NAME => $nonce); $message = Auth_OpenID_Message::fromPostArgs($query); $this->response = new Auth_OpenID_SuccessResponse($this->endpoint, $message, - array('openid.nonce')); + array('openid.' . + Auth_OpenID_NONCE_NAME)); $ret = $this->consumer->_checkNonce($this->server_url, $this->response); $this->assertEquals($ret->status, Auth_OpenID_FAILURE); @@ -409,11 +414,12 @@ class Tests_Auth_OpenID_Consumer_CheckNonceTest extends _TestIdRes { function test_tamperedNonce() { // Malformed nonce - $query = array('openid.nonce' => 'malformed'); + $query = array('openid.' . Auth_OpenID_NONCE_NAME => 'malformed'); $message = Auth_OpenID_Message::fromPostArgs($query); $this->response = new Auth_OpenID_SuccessResponse($this->endpoint, $message, - array('openid.nonce')); + array('openid.' . + Auth_OpenID_NONCE_NAME)); $ret = $this->consumer->_checkNonce($this->server_url, $this->response); $this->assertEquals($ret->status, Auth_OpenID_FAILURE); @@ -428,7 +434,8 @@ class Tests_Auth_OpenID_Consumer_CheckNonceTest extends _TestIdRes { $message = Auth_OpenID_Message::fromPostArgs($query); $this->response = new Auth_OpenID_SuccessResponse($this->endpoint, $message, - array('openid.nonce')); + array('openid.' . + Auth_OpenID_NONCE_NAME)); $ret = $this->consumer->_checkNonce($this->server_url, $this->response); $this->assertEquals($ret->status, Auth_OpenID_FAILURE); @@ -861,7 +868,7 @@ class Tests_Auth_OpenID_AuthRequest extends PHPUnit_TestCase { $this->endpoint->server_url = 'http://server.unittest/'; $this->assoc =& $this; $this->assoc->handle = 'assoc@handle'; - $this->authreq = new Auth_OpenID_AuthRequest($this->assoc, $this->endpoint); + $this->authreq = new Auth_OpenID_AuthRequest($this->endpoint, $this->assoc); } function test_addExtensionArg() @@ -1129,7 +1136,7 @@ class _StubConsumer { function begin($service) { - $auth_req = new Auth_OpenID_AuthRequest($this->assoc, $service); + $auth_req = new Auth_OpenID_AuthRequest($service, $this->assoc); $this->endpoint = $service; return $auth_req; } |