diff options
| -rw-r--r-- | Auth/OpenID/Server.php | 17 | ||||
| -rw-r--r-- | Tests/Auth/OpenID/Server.php | 17 |
2 files changed, 34 insertions, 0 deletions
diff --git a/Auth/OpenID/Server.php b/Auth/OpenID/Server.php index 1c87758..7c56805 100644 --- a/Auth/OpenID/Server.php +++ b/Auth/OpenID/Server.php @@ -1522,6 +1522,23 @@ class Auth_OpenID_Decoder { $message = Auth_OpenID_Message::fromPostArgs($query); + if ($message === null) { + /* + * It's useful to have a Message attached to a + * ProtocolError, so we override the bad ns value to build + * a Message out of it. Kinda kludgy, since it's made of + * lies, but the parts that aren't lies are more useful + * than a 'None'. + */ + $old_ns = $query['openid.ns']; + + $query['openid.ns'] = Auth_OpenID_OPENID2_NS; + $message = Auth_OpenID_Message::fromPostArgs($query); + return new Auth_OpenID_ServerError( + $message, + sprintf("Invalid OpenID namespace URI: %s", $old_ns)); + } + $mode = $message->getArg(Auth_OpenID_OPENID_NS, 'mode'); if (!$mode) { return new Auth_OpenID_ServerError($message, diff --git a/Tests/Auth/OpenID/Server.php b/Tests/Auth/OpenID/Server.php index b50be6a..c9efd94 100644 --- a/Tests/Auth/OpenID/Server.php +++ b/Tests/Auth/OpenID/Server.php @@ -610,6 +610,23 @@ class Tests_Auth_OpenID_Test_Decode extends PHPUnit_TestCase { gettype($result))); } } + + function test_invalidns() + { + $args = array('openid.ns' => 'Tuesday', + 'openid.mode' => 'associate'); + + $result = $this->decoder->decode($args); + + $this->assertTrue(is_a($result, 'Auth_OpenID_ServerError')); + + // Assert that the ProtocolError does have a Message attached + // to it, even though the request wasn't a well-formed Message. + $this->assertTrue($result->message); + + // The error message contains the bad openid.ns. + $this->assertTrue(strpos($result->text, 'Tuesday') != -1); + } } class Tests_Auth_OpenID_Test_Encode extends PHPUnit_TestCase { |