diff options
| -rw-r--r-- | Auth/OpenID/Consumer.php | 3 | ||||
| -rw-r--r-- | Tests/Auth/OpenID/AuthRequest.php | 281 | ||||
| -rw-r--r-- | Tests/Auth/OpenID/Consumer.php | 24 | ||||
| -rw-r--r-- | Tests/Auth/OpenID/TestUtil.php | 34 | ||||
| -rw-r--r-- | Tests/TestDriver.php | 1 |
5 files changed, 318 insertions, 25 deletions
diff --git a/Auth/OpenID/Consumer.php b/Auth/OpenID/Consumer.php index 95a70ac..552084c 100644 --- a/Auth/OpenID/Consumer.php +++ b/Auth/OpenID/Consumer.php @@ -1531,9 +1531,10 @@ class Auth_OpenID_AuthRequest { function setAnonymous($is_anonymous) { if ($is_anonymous && $this->message->isOpenID1()) { - return null; + return false; } else { $this->_anonymous = $is_anonymous; + return true; } } diff --git a/Tests/Auth/OpenID/AuthRequest.php b/Tests/Auth/OpenID/AuthRequest.php new file mode 100644 index 0000000..d65bd03 --- /dev/null +++ b/Tests/Auth/OpenID/AuthRequest.php @@ -0,0 +1,281 @@ +<?php + +require_once 'PHPUnit.php'; + +require_once 'Tests/Auth/OpenID/TestUtil.php'; + +require_once 'Auth/OpenID/Association.php'; +require_once 'Auth/OpenID/Consumer.php'; + +class AuthRequest_DummyEndpoint { + var $preferred_namespace = null; + var $local_id = null; + var $server_url = null; + var $is_op_identifier = false; + + function preferredNamespace() + { + return $this->preferred_namespace; + } + + function getLocalID() + { + return $this->local_id; + } + + function isOPIdentifier() + { + return $this->is_op_identifier; + } +} + +class AuthRequest_DummyAssoc { + var $handle = "assoc-handle"; +} + +/** + * Base for AuthRequest tests for OpenID 1 and 2. + */ +class TestAuthRequestMixin extends OpenIDTestMixin { + + var $preferred_namespace = null; + var $immediate = false; + var $expected_mode = 'checkid_setup'; + + function setUp() + { + $this->endpoint = new AuthRequest_DummyEndpoint(); + $this->endpoint->local_id = 'http://server.unittest/joe'; + $this->endpoint->claimed_id = 'http://joe.vanity.example/'; + $this->endpoint->server_url = 'http://server.unittest/'; + $this->endpoint->preferred_namespace = $this->preferred_namespace; + $this->realm = 'http://example/'; + $this->return_to = 'http://example/return/'; + $this->assoc = new AuthRequest_DummyAssoc(); + $this->authreq = new Auth_OpenID_AuthRequest($this->endpoint, $this->assoc); + } + + function failUnlessAnonymous($msg) + { + foreach (array('claimed_id', 'identity') as $key) { + $this->failIfOpenIDKeyExists($msg, $key); + } + } + + function failUnlessHasRequiredFields($msg) + { + $this->assertEquals($this->preferred_namespace, + $this->authreq->message->getOpenIDNamespace()); + + $this->assertEquals($this->preferred_namespace, + $msg->getOpenIDNamespace()); + + $this->failUnlessOpenIDValueEquals($msg, 'mode', + $this->expected_mode); + + // Implement these in subclasses because they depend on + // protocol differences! + $this->failUnlessHasRealm($msg); + $this->failUnlessIdentifiersPresent($msg); + } + + // TESTS + + function test_checkNoAssocHandle() + { + $this->authreq->assoc = null; + $msg = $this->authreq->getMessage($this->realm, $this->return_to, + $this->immediate); + + $this->failIfOpenIDKeyExists($msg, 'assoc_handle'); + } + + function test_checkWithAssocHandle() + { + $msg = $this->authreq->getMessage($this->realm, $this->return_to, + $this->immediate); + + $this->failUnlessOpenIDValueEquals($msg, 'assoc_handle', + $this->assoc->handle); + } + + function test_addExtensionArg() + { + $this->authreq->addExtensionArg('bag:', 'color', 'brown'); + $this->authreq->addExtensionArg('bag:', 'material', 'paper'); + $this->assertTrue($this->authreq->message->namespaces->contains('bag:')); + $this->assertEquals($this->authreq->message->getArgs('bag:'), + array('color' => 'brown', + 'material' => 'paper')); + $msg = $this->authreq->getMessage($this->realm, $this->return_to, + $this->immediate); + + // XXX: this depends on the way that Message assigns + // namespaces. Really it doesn't care that it has alias "0", + // but that is tested anyway + $post_args = $msg->toPostArgs(); + $this->assertEquals('bag:', $post_args['openid.ns.0']); + $this->assertEquals('brown', $post_args['openid.0.color']); + $this->assertEquals('paper', $post_args['openid.0.material']); + } + + function test_standard() + { + $msg = $this->authreq->getMessage($this->realm, $this->return_to, + $this->immediate); + + $this->failUnlessHasIdentifiers( + $msg, $this->endpoint->local_id, + $this->endpoint->claimed_id); + } +} + +class TestAuthRequestOpenID2 extends TestAuthRequestMixin { + var $preferred_namespace = Auth_OpenID_OPENID2_NS; + + function failUnlessHasRealm($msg) + { + // check presence of proper realm key and absence of the wrong + // one. + $this->failUnlessOpenIDValueEquals($msg, 'realm', $this->realm); + $this->failIfOpenIDKeyExists($msg, 'trust_root'); + } + + function failUnlessIdentifiersPresent($msg) + { + $identity_present = $msg->hasKey(Auth_OpenID_OPENID_NS, 'identity'); + $claimed_present = $msg->hasKey(Auth_OpenID_OPENID_NS, 'claimed_id'); + + $this->assertEquals($claimed_present, $identity_present); + } + + function failUnlessHasIdentifiers($msg, $op_specific_id, $claimed_id) + { + $this->failUnlessOpenIDValueEquals($msg, 'identity', $op_specific_id); + $this->failUnlessOpenIDValueEquals($msg, 'claimed_id', $claimed_id); + } + + // TESTS + + function test_setAnonymousWorksForOpenID2() + { + // OpenID AuthRequests should be able to set 'anonymous' to true. + $this->assertTrue($this->authreq->message->isOpenID2()); + $this->assertTrue($this->authreq->setAnonymous(true)); + $this->assertTrue($this->authreq->setAnonymous(false)); + } + + function test_userAnonymousIgnoresIdentfier() + { + $this->authreq->setAnonymous(true); + $msg = $this->authreq->getMessage($this->realm, $this->return_to, + $this->immediate); + $this->failUnlessHasRequiredFields($msg); + $this->failUnlessAnonymous($msg); + } + + function test_opAnonymousIgnoresIdentifier() + { + $this->endpoint->is_op_identifier = true; + $this->authreq->setAnonymous(true); + $msg = $this->authreq->getMessage($this->realm, $this->return_to, + $this->immediate); + $this->failUnlessHasRequiredFields($msg); + $this->failUnlessAnonymous($msg); + } + + function test_opIdentifierSendsIdentifierSelect() + { + $this->endpoint->is_op_identifier = true; + $msg = $this->authreq->getMessage($this->realm, $this->return_to, + $this->immediate); + $this->failUnlessHasRequiredFields($msg); + $this->failUnlessHasIdentifiers($msg, + Auth_OpenID_IDENTIFIER_SELECT, + Auth_OpenID_IDENTIFIER_SELECT); + } +} + +class TestAuthRequestOpenID1 extends TestAuthRequestMixin { + var $preferred_namespace = Auth_OpenID_OPENID1_NS; + + function setUpEndpoint() + { + parent::setUpEndpoint(); + $this->endpoint->preferred_namespace = Auth_OpenID_OPENID1_NS; + } + + function failUnlessHasIdentifiers($msg, $op_specific_id, $claimed_id) + { + // Make sure claimed_is is *absent* in request. + $this->failUnlessOpenIDValueEquals($msg, 'identity', $op_specific_id); + $this->failIfOpenIDKeyExists($msg, 'claimed_id'); + } + + function failUnlessIdentifiersPresent($msg) + { + $this->failIfOpenIDKeyExists($msg, 'claimed_id'); + $this->assertTrue($msg->hasKey(Auth_OpenID_OPENID_NS, 'identity')); + } + + function failUnlessHasRealm($msg) + { + // check presence of proper realm key and absence of the wrong + // one. + $this->failUnlessOpenIDValueEquals($msg, 'trust_root', $this->realm); + $this->failIfOpenIDKeyExists($msg, 'realm'); + } + + // TESTS + + function test_setAnonymousFailsForOpenID1() + { + // OpenID 1 requests MUST NOT be able to set anonymous to True + $this->assertTrue($this->authreq->message->isOpenID1()); + $this->assertFalse($this->authreq->setAnonymous(true)); + $this->assertTrue($this->authreq->setAnonymous(false)); + } + + function test_identifierSelect() + { + // Identfier select SHOULD NOT be sent, but this pathway is in + // here in case some special discovery stuff is done to + // trigger it with OpenID 1. If it is triggered, it will send + // identifier_select just like OpenID 2. + $this->endpoint->is_op_identifier = true; + $msg = $this->authreq->getMessage($this->realm, $this->return_to, + $this->immediate); + $this->failUnlessHasRequiredFields($msg); + $this->assertEquals(Auth_OpenID_IDENTIFIER_SELECT, + $msg->getArg(Auth_OpenID_OPENID1_NS, + 'identity')); + } +} + +class TestAuthRequestOpenID1Immediate extends TestAuthRequestOpenID1 { + var $immediate = true; + var $expected_mode = 'checkid_immediate'; +} + +class TestAuthRequestOpenID2Immediate extends TestAuthRequestOpenID2 { + var $immediate = true; + var $expected_mode = 'checkid_immediate'; +} + +class Tests_Auth_OpenID_AuthRequest extends PHPUnit_TestSuite { + + function getName() + { + return "Tests_Auth_OpenID_AuthRequest"; + } + + function Tests_Auth_OpenID_AuthRequest() + { + $this->addTestSuite('TestAuthRequestOpenID1'); + $this->addTestSuite('TestAuthRequestOpenID1Immediate'); + $this->addTestSuite('TestAuthRequestOpenID2'); + $this->addTestSuite('TestAuthRequestOpenID2Immediate'); + } +} + +?>
\ No newline at end of file diff --git a/Tests/Auth/OpenID/Consumer.php b/Tests/Auth/OpenID/Consumer.php index bab5f18..9e86547 100644 --- a/Tests/Auth/OpenID/Consumer.php +++ b/Tests/Auth/OpenID/Consumer.php @@ -1428,29 +1428,6 @@ class Tests_Auth_OpenID_Consumer_TestFetchAssoc extends PHPUnit_TestCase { } } -class Tests_Auth_OpenID_AuthRequest extends PHPUnit_TestCase { - function setUp() - { - $this->endpoint = new Auth_OpenID_ServiceEndpoint(); - $this->endpoint->local_id = 'http://server.unittest/joe'; - $this->endpoint->server_url = 'http://server.unittest/'; - $this->assoc =& $this; - $this->assoc->handle = 'assoc@handle'; - $this->authreq = new Auth_OpenID_AuthRequest($this->endpoint, $this->assoc); - } - - function test_addExtensionArg() - { - $this->authreq->addExtensionArg('bag', 'color', 'brown'); - $this->authreq->addExtensionArg('bag', 'material', 'paper'); - - $m = $this->authreq->getMessage('realm', 'return_to'); - - $this->assertTrue($m->hasKey('bag', 'color')); - $this->assertTrue($m->hasKey('bag', 'material')); - } -} - class Tests_Auth_OpenID_SuccessResponse extends PHPUnit_TestCase { function setUp() { @@ -2136,7 +2113,6 @@ $Tests_Auth_OpenID_Consumer_other = array( new Tests_Auth_OpenID_CheckAuthResponse(), new Tests_Auth_OpenID_FetchErrorInIdRes(), new Tests_Auth_OpenID_ConsumerTest2(), - new Tests_Auth_OpenID_AuthRequest(), new Tests_Auth_OpenID_Stateless1(), new Tests_Auth_OpenID_Stateless2(), new TestCompleteMissingSig(), diff --git a/Tests/Auth/OpenID/TestUtil.php b/Tests/Auth/OpenID/TestUtil.php index 8358160..54b110d 100644 --- a/Tests/Auth/OpenID/TestUtil.php +++ b/Tests/Auth/OpenID/TestUtil.php @@ -4,6 +4,8 @@ * Utilites for test functions */ +require_once 'PHPUnit.php'; + function Tests_Auth_OpenID_datafile($name, $reader) { $path = dirname(realpath(__FILE__)); @@ -26,3 +28,35 @@ function Tests_Auth_OpenID_readlines($name) { return Tests_Auth_OpenID_datafile($name, 'file'); } + +class OpenIDTestMixin extends PHPUnit_TestCase { + function failUnlessOpenIDValueEquals($msg, $key, $expected, $ns=null) + { + if ($ns === null) { + $ns = Auth_OpenID_OPENID_NS; + } + + $actual = $msg->getArg($ns, $key); + $error_format = 'Wrong value for openid.%s: expected=%s, actual=%s'; + $error_message = sprintf($error_format, + $key, $expected, $actual); + + $this->assertEquals($expected, $actual, $error_message); + } + + function failIfOpenIDKeyExists($msg, $key, $ns=null) + { + if ($ns === null) { + $ns = Auth_OpenID_OPENID_NS; + } + + $actual = $msg->getArg($ns, $key); + $error_message = sprintf('openid.%s unexpectedly present: %s', + $key, $actual); + + $this->assertFalse($msg->hasKey($ns, $key), + $error_message); + } +} + +?>
\ No newline at end of file diff --git a/Tests/TestDriver.php b/Tests/TestDriver.php index fa3b494..452624e 100644 --- a/Tests/TestDriver.php +++ b/Tests/TestDriver.php @@ -115,6 +115,7 @@ $_tests = array( 'dir' => 'Tests/Auth/OpenID/', 'files' => array( 'Association', + 'AuthRequest', 'BigMath', 'Consumer', 'CryptUtil', |