summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* [ remove closing ?> tag from all files ]Luke Shepard2009-05-27101-172/+111
| | | | | | | | | | Reviewed By: Will Norris Facebook has a policy to not have closing ?> tags at the bottom of PHP files. It can unintentionally introduce newlines which causes ridiculous bugs. This is recommended in the Zend style guide: http://framework.zend.com/manual/en/coding-standard.php-file-formatting.html
* [ Upgrading php-openid test framework to use PHPUnit 3.3 ]Luke Shepard2009-05-2737-250/+215
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Reviewed By: Will Norris The set of tests assumes PHPUnit 2.3, which conflicts with my environment setup. I think PHPUnit 3.3 is pretty widespread now, and under active maintenance (latest rev 4/10/2009). There's a few changes included here. I did a few mostly automated code transformations: replace "PHPUnit_TestCase" "PHPUnit_Framework_TestCase" replace "PHPUnit_TestSuite" "PHPUnit_Framework_TestSuite" removed all require_once "PHPUnit.php" - they are unnecessary. "call by reference" is now deprecated, so changed "&$" to "$" I also made a few changes to admin/testtext.php and Tests/TestDriver.php to accomodate the new syntax. Note that this just upgrades the framework; it does not guarantee that all tests pass. I'll submit future diffs to fix or disable failing unit tests. I wasn't able to get the tests running with the previous version, so I don't know if these have always been failing. I doubt that the github has automatically running unit tests, but if so then we'll have to make sure that the central repo is running the same version of PHPUnit.
* rewordingBrian Ellin2009-02-151-2/+2
|
* Merge branch 'master' of git@github.com:bce/php-openidGrant Monroe2009-02-141-0/+7
|\
| * typoBrian Ellin2009-02-141-1/+2
| |
| * typoBrian Ellin2009-02-141-1/+1
| |
| * added README.gitBrian Ellin2009-02-141-0/+6
|
* [project @ Unify method signatures to reduce E_STRICT warnings]tailor2008-12-122-2/+2
|
* [project @ Move signed assertions code into contrib/]tailor2008-12-082-0/+0
|
* [project @ OpenID Signed Assertions(Implementation of old sxip draft)]tailor2008-11-142-0/+400
| | | | | | | | | | | | | | | | | | | | | | | | | | In our solution, one party, which we call the Attribute Provider (AP), provides a signed certificate that the the user possesses some attribute (e.g. is over 18). This certificate is stored as an attribute at the user's OP, and other RPs can request this certificate when they want to verify attributes of the user. For the implementation, we have followed the OpenID Signed Assertions draft: http://www.mail-archive.com/specs@openid.net/msg00907.html The Signed Assertions Draft did not specify how signed assertions are stored at the OP, so we adopted the following scheme: Attribute: http://X Certificate: http://X/signature This enables RPs that don't care about certificates to completely ignore them. Assertions are SAML documents as specified in the OpenID Signed Assertions old draft. We are developing a demo application in which a university issues certificates verifying students' age, student-hood, and even their photo (also potentially useful to dating sites). So basically the university acts as an attribute provider, signing assertions about user claims. These claims are stored as an attribute in the OpenId provider and we can use the OpenID AX protocol to pass assertions as attributes. The data flow is: User requests assertion --- University(Attribute provider) --- (store request) --- Openid provider Relying Party(Dating site) --- (fetch request) --- OpenID Provider The RP gets the assertion, verifies the signature, and takes actions depending on the result. In some scenarios, the RP may deny the user request if the attribute verification fails (e.g. the dating site may forbid users under 18). In other scenarios the RP may treat them differently (e.g. the dating site could tag certified photos as "Verified Photo"). Note that the RP must have some sort of trust relationship with the AP. We've tried to keep the system as open as possible. Our protocol and implementation do not specify how this trust relationship is created or managed. For example, there could be a PKI specifically set up for verifying claims about student-hood, another trust system set up for verifying claims about age, etc. Santosh Subramanian Shishir Randive Michael Hart Rob Johnson
* [project @ Message: indentation]tailor2008-11-071-2/+2
|
* [project @ getAliasedArg() returns OpenID namespace when $aliased_key is 'ns']tailor2008-11-071-0/+5
| | | | | | | | | | This fixes an rather cryptic error when using stateless mode via the DumbStore. The 'ns' key can not be found in the alias/namespace mapping (its stored as the "Null Namespace"), it must be returned explicitly. The inability to find the key in the mapping results in a "Server Denied check_authentication" error, but the error is caused before any callback to the server is made. This also brings the PHP lib more in line with the ruby and python libs.
* [project @ Don't use Range header for ID page requests]tailor2008-10-312-4/+0
|
* [project @ Update version to 2.1.2]Kevin Turner2008-09-091-1/+1
|
* [project @ If we're generating user_setup_urls, let's at least do it correctly]tailor2008-07-112-6/+15
|
* [project @ Provide the user_setup_url in the Auth_OpenID_SetupNeededResponse ↵tailor2008-07-101-1/+3
| | | | even in OpenID 2]
* [project @ Demo server: remove stale HMACSHA1.php include]Kevin Turner2008-07-081-1/+0
|
* [project @ Update version to 2.1.1]Kevin Turner2008-06-271-1/+1
|
* [project @ Make the detect script work with 206 responses from the fetcher]Kevin Turner2008-06-251-3/+4
|
* [project @ Added a script that helps to update the valid TLD list for trust ↵Kevin Turner2008-06-251-0/+47
| | | | root matching]
* [project @ Updated TLD list in TrustRoot.php]Kevin Turner2008-06-251-13/+18
|
* [project @ remove Auth_OpenID::quoteMInimal. Resolves #262.]Kevin Turner2008-06-251-32/+0
|
* [project @ ↵dAniel hAhler2008-06-221-14/+6
| | | | | | | | | | ParanoidHTTPFetcher-strpos-instead-of-preg_match-and-code-improvements] ParanoidHTTPFetcher: - Fix corner case in get() and post() for headers without any value (e.g. 'Expires:') - Use strpos() instead of preg_match() when looking for ":" (and look for ": " now instead)
* [project @ fix accept header]tailor2008-06-231-1/+1
|
* [project @ Do not attempt HMAC-SHA256 tests if HMAC-SHA256 is not supported]http://j3h.us/2008-06-201-3/+7
|
* [project @ Fix Consumer's OpenID 1 checkid_immediate failure handling ↵http://j3h.us/2008-06-201-1/+2
| | | | (thanks to Evan Prodromou)]
* [project @ Test and fix HMAC-SHA256]http://j3h.us/2008-06-203-11/+46
|
* [project @ Rename files and tests related to HMACSHA1 and HMACSHA256]http://j3h.us/2008-06-2011-31/+36
|
* [project @ etxrd.getCanonicalID: case-insensitive comparsions, patch from =wil]Kevin Turner2008-06-131-8/+8
| | | | | | | 1. There should only be a single CanonicalID in each XRD (in the latest XRI resolution spec), so I made it use the first CID found instead of the last. 2. Use case-insensitive comparison when comparing CanonicalIDs.
* [project @ Accept response code 206 from fetcher results (part 2). Fixes #260]Kevin Turner2008-06-112-3/+3
|
* [project @ Accept response code 206 from fetcher results. Fixes #260]Kevin Turner2008-06-112-5/+7
|
* [project @ Add test cases for trust roots with non-ASCII characters in path ↵tailor2008-06-111-1/+3
| | | | or hostname]
* [project @ Auth_OpenID_urinorm: fail to parse URIs with non-ASCII characters]tailor2008-06-112-0/+26
|
* [project @ examples/discover: import consumer/common.php to set include_path]tailor2008-06-061-0/+3
|
* [project @ Add examples/discover.php tool]tailor2008-06-063-0/+103
|
* [project @ Do not send namespace aliases for extensions with OpenID 1 ↵tailor2008-06-063-2/+53
| | | | | | | | messages that we create] This makes the library compatible with the 1.x series of this library, since it did not handle arbitrary query keys with dots in them (PHP mangles . to _)
* [project @ demo RP: indentation]tailor2008-06-061-25/+25
|
* [project @ demo RP: escape response information prior to output]tailor2008-06-061-10/+21
|
* [project @ message: allow two values for OPENID1_NS]Kevin Turner2008-06-065-36/+213
| | | | | | | message: allow two values for OPENID1_NS Also: * fix op_endpoint bug in Server.php * always treat OpenID 1 namespace as implicit in messages we create
* [project @ Auth_OpenID_AuthRequest: simplify message construction]Kevin Turner2008-06-051-2/+1
|
* [project @ Change Auth_OpenID_VERSION to 2.1.0]tailor2008-06-051-1/+1
|
* [project @ Update CHANGES-2.1.0]tailor2008-06-051-2/+2
|
* [project @ add CHANGES-2.1.0]tailor2008-06-051-0/+50
|
* [project @ Deprecate Auth_OpenID_CheckIDRequest::namespace and stop using == ↵Kevin Turner2008-06-052-23/+37
| | | | Auth_OpenID_OPENID1_NS anywhere in server]
* [project @ add test for Auth_Yadis_getCanonicalId with subsegments]tailor2008-06-052-0/+66
|
* [project @ Plain http fetcher: allow for absent "path" key in parsed URL array]tailor2008-06-051-0/+4
|
* [project @ Auth_Yadis_Yadis::discover: Correctly test for null fetcher ↵tailor2008-06-051-1/+1
| | | | parameter]
* [project @ Auth_OpenID_getAllowedReturnURLs: use fetcher parameter in call ↵tailor2008-06-051-1/+1
| | | | to getServiceEndpoints]
* [project @ Fix Auth_OpenID_getAllowedReturnURLs, ↵tailor2008-06-053-6/+116
| | | | Auth_Yadis_DiscoveryResult::usedYadisLocation, add Auth_Yadis_getServiceEndpoints, tests]
* [project @ TestDriver.php: load "_other" tests regardless of primary test ↵tailor2008-06-051-6/+8
| | | | class type]
* [project @ handle empty string for trustroot the same as missing]tailor2008-06-052-11/+30
|
* [project @ #204 MalformedTrustRoot returned by the library now gets passed ↵tailor2008-06-052-1/+14
| | | | the OpenID Message object instead of null]
* [project @ Silence session_start warnings that are output for older builds ↵tailor2008-06-051-1/+1
| | | | of PHP 4.3 so the build passes]
* [project @ Add an explicit test for doubled-up ports for PHP 4.3 where the ↵tailor2008-06-051-0/+4
| | | | URL parsing is different]
* [project @ #229 Server.php: test hasReturnTo() when message=null]tailor2008-06-042-2/+10
|
* [project @ Add HTTP case to trustroot test cases]Kevin Turner2008-06-041-1/+2
|
* [project @ Auth_OpenID_Decoder::defaultDecoder: Check for ↵Kevin Turner2008-06-041-0/+6
| | | | Auth_OpenID_FailureResponse when getting OpenID message mode]
* [project @ Auth_OpenID_Decoder::decode: Check for ↵Kevin Turner2008-06-041-0/+5
| | | | Auth_OpenID_FailureResponse when getting OpenID message mode]
* [project @ #189 Add optional form_tag_attrs arg to ↵tailor2008-06-041-2/+3
| | | | Auth_OpenID_ServerResponse->toFormMarkup]
* [project @ Add an extra parsehtml testcase - no close script tag]tailor2008-06-041-0/+4
|
* [project @ fix typo in test data]tailor2008-06-041-1/+1
|
* [project @ Fix #220: Use return_to from request when generating form markup ↵tailor2008-06-042-2/+18
| | | | in Server.php]
* [project @ Test Server.php fix the error message if test_nomode fails]tailor2008-06-041-1/+1
|
* [project @ Port the v2 plaintext encryption test from python]tailor2008-06-041-0/+43
|
* [project @ Fix trust root test runner and then all failing tests that were ↵tailor2008-06-044-29/+75
| | | | exposed]
* [project @ Auth_OpenID_CheckIDRequest::fromMessage: return ↵Kevin Turner2008-06-042-15/+46
| | | | Auth_OpenID_ServerError if claimed_id is provided without identity]
* [project @ Auth_OpenID_Decoder::decode: make sure Auth_OpenID_ServerError ↵Kevin Turner2008-06-042-0/+34
| | | | has an Auth_OpenID_Message after encountering invalid OpenID namespace]
* [project @ #224: Tests_Auth_OpenID_CheckID: more test cases for missing ↵Kevin Turner2008-06-041-0/+30
| | | | trust_root/realm]
* [project @ Message->getArg & friends return FailureResponse on error]tailor2008-06-047-60/+94
|
* [project @ Add comment for Consumer::Response describing display_identifier ↵tailor2008-06-031-0/+17
| | | | and identity_url]
* [project @ rename return_to to current_url in Consumer.complete]tailor2008-06-031-4/+12
|
* [project @ server..Decoder.defaultDecoder: more readable error message]Kevin Turner2008-06-031-1/+1
|
* [project @ Add AX FetchResponse tests, fix bugs]tailor2008-06-032-1/+54
|
* [project @ AX::FetchResponse::fromSuccessResponse - return null when there's ↵tailor2008-06-032-1/+29
| | | | no ax args]
* [project @ 'fix' regexp looking for bad constant capitalization to allow ↵tailor2008-06-031-1/+1
| | | | NULL in strings]
* [project @ Add NOT NULL constraints to SQL stores]tailor2008-06-032-14/+20
|
* [project @ Fix PHP tags]tailor2008-06-035-2/+12
|
* [project @ Move MemcachedStore back from contrib, update license and copyright]tailor2008-06-033-44/+55
|
* [project @ normalize return_to before checking]tailor2008-06-032-3/+8
|
* [project @ Consumer._verifyDiscoveryResults: fall back to OpenID 1.0 type if ↵tailor2008-06-022-24/+73
| | | | 1.1 endpoint cannot be found]
* [project @ Add --extra-tests option to texttest.php]tailor2008-06-021-2/+18
|
* [project @ Make the MemcachedStore tests run on record]tailor2008-06-021-2/+4
|
* [project @ Move Memcached store to contrib since it's not owned by JanRain]tailor2008-06-022-39/+48
|
* [project @ TestDriver.php: factor instantiating a test suite from a class ↵tailor2008-06-021-19/+26
| | | | name into its own function]
* [project @ TestDriver.php: make global_include_once tell you about failures]tailor2008-06-021-1/+2
|
* [project @ Fix selectTests in TestDriver.php]tailor2008-06-021-24/+12
|
* [project @ ParanoidHTTPFetcher: check to see if curl_version returns an ↵Kevin Turner2008-05-312-2/+7
| | | | array or not.]
* [project @ Update license strings to say Apache]tailor2008-05-3043-44/+44
|
* [project @ Set User-Agent string in fetchers. include various versions]tailor2008-05-303-1/+6
|
* [project @ Add version string to Auth/OpenID.php]tailor2008-05-301-0/+5
|
* [project @ Don't explicitly set no-encryption session type with OpenID 1 ↵tailor2008-05-301-1/+2
| | | | requests]
* [project @ Remove URL fragment in ServiceEndpoint->getDisplayIdentifier]tailor2008-05-302-1/+46
|
* [project @ extra parsehtml testcase: javascript in head]tailor2008-05-291-0/+4
|
* [project @ "and" -> "&&"]tailor2008-05-291-1/+1
|
* [project @ ParanoidHTTPFetcher: Fix string interpolation of max response size]tailor2008-05-291-1/+1
|
* [project @ PAPE: properly use "none" for empty auth policies list]tailor2008-05-292-6/+8
|
* [project @ PAPE: use auth_time instead of auth_age]tailor2008-05-292-45/+35
|
* [project @ Auth/OpenID/AX: whitespace]tailor2008-05-291-1/+1
|
* [project @ Alter AX fromOpenIDRequest() to accept Auth_OpenID_AuthRequest ↵tailor2008-03-212-14/+19
| | | | object instead of Auth_OpenID_Message object so that it matches it's counterpart methods in SREG and PAPE extensions.]
* [project @ Add fetch response size limiting to libcurl fetcher]tailor2008-05-291-2/+6
|
generated by cgit v1.1 at 2025-05-29 01:28:48 +0000