Discover_OpenID.php 24 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783
  1. <?php
  2. require_once 'PHPUnit.php';
  3. require_once 'TestUtil.php';
  4. require_once 'Auth/OpenID.php';
  5. require_once 'Auth/OpenID/Discover.php';
  6. require_once 'Auth/Yadis/Manager.php';
  7. require_once 'Auth/Yadis/Misc.php';
  8. require_once 'Auth/Yadis/XRI.php';
  9. /**
  10. * Tests for the core of the PHP Yadis library discovery logic.
  11. */
  12. class _SimpleMockFetcher {
  13. function _SimpleMockFetcher($responses)
  14. {
  15. $this->responses = $responses;
  16. }
  17. function get($url)
  18. {
  19. $response = array_pop($this->responses);
  20. assert($response[1] == $url);
  21. return $response;
  22. }
  23. }
  24. class Tests_Auth_OpenID_ServiceEndpoint extends PHPUnit_TestCase {
  25. function setUp() {
  26. $this->endpoint = new Auth_OpenID_ServiceEndpoint();
  27. }
  28. function test_getDisplayIdentifier_noFragment() {
  29. $urls = array("http://foo.bar.com/something",
  30. "http://foo.bar.com/something?else=what&nothing=0",
  31. "https://smoker.myopenid.com/"
  32. );
  33. foreach ($urls as $url) {
  34. $this->endpoint->claimed_id = $url;
  35. $this->assertEquals($url, $this->endpoint->getDisplayIdentifier());
  36. }
  37. }
  38. function test_getDisplayIdentifier_withFragment() {
  39. $urls = array("http://foo.bar.com/something#fragged",
  40. "http://foo.bar.com/something?else=what&nothing=0#ow",
  41. "https://smoker.myopenid.com/#myentirelife"
  42. );
  43. foreach ($urls as $url) {
  44. $this->endpoint->claimed_id = $url;
  45. $split = explode('#', $url);
  46. $this->assertEquals($split[0],
  47. $this->endpoint->getDisplayIdentifier());
  48. }
  49. }
  50. }
  51. class Tests_Auth_OpenID_DiscoveryFailure extends PHPUnit_TestCase {
  52. function Tests_Auth_OpenID_DiscoveryFailure($responses)
  53. {
  54. // Response is ($code, $url, $body).
  55. $this->cases = array(
  56. array(null, 'http://network.error/', ''),
  57. array(404, 'http://not.found/', ''),
  58. array(400, 'http://bad.request/', ''),
  59. array(500, 'http://server.error/', ''),
  60. array(200, 'http://header.found/', 200,
  61. array('x-xrds-location' => 'http://xrds.missing/')),
  62. array(404, 'http://xrds.missing/', ''));
  63. $this->url = $responses[0]->final_url;
  64. $this->responses = $responses;
  65. $this->fetcher = new _SimpleMockFetcher($this->responses);
  66. }
  67. function runTest()
  68. {
  69. foreach ($this->cases as $case) {
  70. list($status, $url, $body) = $case;
  71. $expected_status = $status;
  72. $result = Auth_OpenID_discover($this->url, $this->fetcher);
  73. list($id_url, $svclist) = $result;
  74. $this->assertEquals($svclist, array());
  75. }
  76. }
  77. }
  78. ### Tests for raising/catching exceptions from the fetcher through the
  79. ### discover function
  80. class _ErrorRaisingFetcher {
  81. // Just raise an exception when fetch is called
  82. function _ErrorRaisingFetcher($thing_to_raise)
  83. {
  84. $this->thing_to_raise = $thing_to_raise;
  85. }
  86. function post($body = null)
  87. {
  88. __raiseError($this->thing_to_raise);
  89. }
  90. function get($url)
  91. {
  92. __raiseError($this->thing_to_raise);
  93. }
  94. }
  95. define('E_AUTH_OPENID_EXCEPTION', 'e_exception');
  96. define('E_AUTH_OPENID_DIDFETCH', 'e_didfetch');
  97. define('E_AUTH_OPENID_VALUE_ERROR', 'e_valueerror');
  98. define('E_AUTH_OPENID_RUNTIME_ERROR', 'e_runtimeerror');
  99. define('E_AUTH_OPENID_OI', 'e_oi');
  100. class Tests_Auth_OpenID_Discover_FetchException extends PHPUnit_TestCase {
  101. // Make sure exceptions get passed through discover function from
  102. // fetcher.
  103. function Tests_Auth_OpenID_Discover_FetchException($exc)
  104. {
  105. $this->cases = array(E_AUTH_OPENID_EXCEPTION,
  106. E_AUTH_OPENID_DIDFETCH,
  107. E_AUTH_OPENID_VALUE_ERROR,
  108. E_AUTH_OPENID_RUNTIME_ERROR,
  109. E_AUTH_OPENID_OI);
  110. }
  111. function runTest()
  112. {
  113. foreach ($this->cases as $thing_to_raise) {
  114. $fetcher = ErrorRaisingFetcher($thing_to_raise);
  115. Auth_OpenID_discover('http://doesnt.matter/', $fetcher);
  116. $exc = __getError();
  117. if ($exc !== $thing_to_raise) {
  118. $this->fail('FetchException expected %s to be raised',
  119. $thing_to_raise);
  120. }
  121. }
  122. }
  123. }
  124. // Tests for openid.consumer.discover.discover
  125. class _DiscoveryMockFetcher extends Auth_Yadis_HTTPFetcher {
  126. function _DiscoveryMockFetcher(&$documents)
  127. {
  128. $this->redirect = null;
  129. $this->documents = &$documents;
  130. $this->fetchlog = array();
  131. }
  132. function supportsSSL()
  133. {
  134. return true;
  135. }
  136. function post($url, $body = null, $headers = null)
  137. {
  138. return $this->get($url, $headers, $body);
  139. }
  140. function get($url, $headers = null, $body = null)
  141. {
  142. $this->fetchlog[] = array($url, $body, $headers);
  143. if ($this->redirect) {
  144. $final_url = $this->redirect;
  145. } else {
  146. $final_url = $url;
  147. }
  148. if (array_key_exists($url, $this->documents)) {
  149. list($ctype, $body) = $this->documents[$url];
  150. $status = 200;
  151. } else {
  152. $status = 404;
  153. $ctype = 'text/plain';
  154. $body = '';
  155. }
  156. return new Auth_Yadis_HTTPResponse($final_url, $status,
  157. array('content-type' => $ctype), $body);
  158. }
  159. }
  160. class _DiscoveryBase extends PHPUnit_TestCase {
  161. var $id_url = "http://someuser.unittest/";
  162. var $fetcherClass = '_DiscoveryMockFetcher';
  163. function _checkService($s,
  164. $server_url,
  165. $claimed_id=null,
  166. $local_id=null,
  167. $canonical_id=null,
  168. $types=null,
  169. $used_yadis=false,
  170. $display_identifier=null)
  171. {
  172. $this->assertEquals($server_url, $s->server_url);
  173. if ($types == array('2.0 OP')) {
  174. $this->assertFalse($claimed_id);
  175. $this->assertFalse($local_id);
  176. $this->assertFalse($s->claimed_id);
  177. $this->assertFalse($s->local_id);
  178. $this->assertFalse($s->getLocalID());
  179. $this->assertFalse($s->compatibilityMode());
  180. $this->assertTrue($s->isOPIdentifier());
  181. $this->assertEquals($s->preferredNamespace(),
  182. Auth_OpenID_OPENID2_NS);
  183. } else {
  184. $this->assertEquals($claimed_id, $s->claimed_id);
  185. $this->assertEquals($local_id, $s->getLocalID());
  186. }
  187. if ($used_yadis) {
  188. $this->assertTrue($s->used_yadis, "Expected to use Yadis");
  189. } else {
  190. $this->assertFalse($s->used_yadis,
  191. "Expected to use old-style discovery");
  192. }
  193. $openid_types = array(
  194. '1.1' => Auth_OpenID_TYPE_1_1,
  195. '1.0' => Auth_OpenID_TYPE_1_0,
  196. '2.0' => Auth_OpenID_TYPE_2_0,
  197. '2.0 OP' => Auth_OpenID_TYPE_2_0_IDP);
  198. $type_uris = array();
  199. foreach ($types as $t) {
  200. $type_uris[] = $openid_types[$t];
  201. }
  202. $this->assertEquals($type_uris, $s->type_uris);
  203. $this->assertEquals($canonical_id, $s->canonicalID);
  204. if ($s->canonicalID) {
  205. $this->assertTrue($s->getDisplayIdentifier() != $claimed_id);
  206. $this->assertTrue($s->getDisplayIdentifier() !== null);
  207. $this->assertEquals($display_identifier, $s->getDisplayIdentifier());
  208. $this->assertEquals($s->claimed_id, $s->canonicalID);
  209. }
  210. $this->assertEquals($s->display_identifier ? $s->display_identifier : $s->claimed_id,
  211. $s->getDisplayIdentifier());
  212. }
  213. function setUp()
  214. {
  215. $cls = $this->fetcherClass;
  216. // D is for Dumb.
  217. $d = array();
  218. $this->fetcher = new $cls($d);
  219. }
  220. }
  221. class Tests_Auth_OpenID_Discover_OpenID extends _DiscoveryBase {
  222. function _discover($content_type, $data,
  223. $expected_services, $expected_id=null)
  224. {
  225. if ($expected_id === null) {
  226. $expected_id = $this->id_url;
  227. }
  228. $this->fetcher->documents[$this->id_url] = array($content_type, $data);
  229. list($id_url, $services) = Auth_OpenID_discover($this->id_url,
  230. $this->fetcher);
  231. $this->assertEquals($expected_services, count($services));
  232. $this->assertEquals($expected_id, $id_url);
  233. return $services;
  234. }
  235. function test_404()
  236. {
  237. list($url, $services) = Auth_OpenID_discover($this->id_url . '/404',
  238. $this->fetcher);
  239. $this->assertTrue($services == array());
  240. }
  241. function test_noOpenID()
  242. {
  243. $services = $this->_discover('text/plain',
  244. "junk",
  245. 0);
  246. $services = $this->_discover(
  247. 'text/html',
  248. Tests_Auth_OpenID_readdata('test_discover_openid_no_delegate.html'),
  249. 1);
  250. $this->_checkService($services[0],
  251. "http://www.myopenid.com/server",
  252. $this->id_url,
  253. $this->id_url,
  254. null,
  255. array('1.1'),
  256. false);
  257. }
  258. function test_html1()
  259. {
  260. $services = $this->_discover('text/html',
  261. Tests_Auth_OpenID_readdata('test_discover_openid.html'),
  262. 1);
  263. $this->_checkService($services[0],
  264. "http://www.myopenid.com/server",
  265. $this->id_url,
  266. 'http://smoker.myopenid.com/',
  267. null,
  268. array('1.1'),
  269. false,
  270. $this->id_url);
  271. }
  272. /*
  273. * Ensure that the Claimed Identifier does not have a fragment if
  274. * one is supplied in the User Input.
  275. */
  276. function test_html1Fragment()
  277. {
  278. $data = Tests_Auth_OpenID_readdata('openid.html');
  279. $content_type = 'text/html';
  280. $expected_services = 1;
  281. $this->fetcher->documents[$this->id_url] = array($content_type, $data);
  282. $expected_id = $this->id_url;
  283. $this->id_url = $this->id_url . '#fragment';
  284. list($id_url, $services) = Auth_OpenID_discover($this->id_url, $this->fetcher);
  285. $this->assertEquals($expected_services, count($services));
  286. $this->assertEquals($expected_id, $id_url);
  287. $this->_checkService(
  288. $services[0],
  289. "http://www.myopenid.com/server",
  290. $expected_id,
  291. 'http://smoker.myopenid.com/',
  292. null,
  293. array('1.1'),
  294. false,
  295. $this->id_url);
  296. }
  297. function test_html2()
  298. {
  299. $services = $this->_discover('text/html',
  300. Tests_Auth_OpenID_readdata('test_discover_openid2.html'),
  301. 1);
  302. $this->_checkService($services[0],
  303. "http://www.myopenid.com/server",
  304. $this->id_url,
  305. 'http://smoker.myopenid.com/',
  306. null,
  307. array('2.0'),
  308. false,
  309. $this->id_url);
  310. }
  311. function test_html1And2()
  312. {
  313. $services = $this->_discover('text/html',
  314. Tests_Auth_OpenID_readdata('test_discover_openid_1_and_2.html'),
  315. 2);
  316. $types = array('2.0', '1.1');
  317. for ($i = 0; $i < count($types); $i++) {
  318. $t = $types[$i];
  319. $s = $services[$i];
  320. $this->_checkService(
  321. $s,
  322. "http://www.myopenid.com/server",
  323. $this->id_url,
  324. 'http://smoker.myopenid.com/',
  325. null,
  326. array($t),
  327. false,
  328. $this->id_url);
  329. }
  330. }
  331. function test_yadisEmpty()
  332. {
  333. $services = $this->_discover('application/xrds+xml',
  334. Tests_Auth_OpenID_readdata('test_discover_yadis_0entries.xml'),
  335. 0);
  336. }
  337. function test_htmlEmptyYadis()
  338. {
  339. // HTML document has discovery information, but points to an
  340. // empty Yadis document.
  341. // The XRDS document pointed to by "openid_and_yadis.html"
  342. $this->fetcher->documents[$this->id_url . 'xrds'] =
  343. array('application/xrds+xml',
  344. Tests_Auth_OpenID_readdata('test_discover_yadis_0entries.xml'));
  345. $services = $this->_discover('text/html',
  346. Tests_Auth_OpenID_readdata('test_discover_openid_and_yadis.html'),
  347. 1);
  348. $this->_checkService($services[0],
  349. "http://www.myopenid.com/server",
  350. $this->id_url,
  351. 'http://smoker.myopenid.com/',
  352. null,
  353. array('1.1'),
  354. false,
  355. $this->id_url);
  356. }
  357. function test_yadis1NoDelegate()
  358. {
  359. $services = $this->_discover('application/xrds+xml',
  360. Tests_Auth_OpenID_readdata('test_discover_yadis_no_delegate.xml'),
  361. 1);
  362. $this->_checkService(
  363. $services[0],
  364. "http://www.myopenid.com/server",
  365. $this->id_url,
  366. $this->id_url,
  367. null,
  368. array('1.0'),
  369. true,
  370. $this->id_url);
  371. }
  372. function test_yadis2NoLocalID()
  373. {
  374. $services = $this->_discover('application/xrds+xml',
  375. Tests_Auth_OpenID_readdata('test_discover_openid2_xrds_no_local_id.xml'),
  376. 1);
  377. $this->_checkService(
  378. $services[0],
  379. "http://www.myopenid.com/server",
  380. $this->id_url,
  381. $this->id_url,
  382. null,
  383. array('2.0'),
  384. true,
  385. $this->id_url);
  386. }
  387. function test_yadis2()
  388. {
  389. $services = $this->_discover('application/xrds+xml',
  390. Tests_Auth_OpenID_readdata('test_discover_openid2_xrds.xml'),
  391. 1);
  392. $this->_checkService($services[0],
  393. "http://www.myopenid.com/server",
  394. $this->id_url,
  395. 'http://smoker.myopenid.com/',
  396. null,
  397. array('2.0'),
  398. true,
  399. $this->id_url);
  400. }
  401. function test_yadis2OP()
  402. {
  403. $services = $this->_discover('application/xrds+xml',
  404. Tests_Auth_OpenID_readdata('test_discover_yadis_idp.xml'),
  405. 1);
  406. $this->_checkService($services[0],
  407. "http://www.myopenid.com/server",
  408. null,
  409. null,
  410. null,
  411. array('2.0 OP'),
  412. true,
  413. $this->id_url);
  414. }
  415. function test_yadis2OPDelegate()
  416. {
  417. // The delegate tag isn't meaningful for OP entries.
  418. $services = $this->_discover('application/xrds+xml',
  419. Tests_Auth_OpenID_readdata('test_discover_yadis_idp_delegate.xml'),
  420. 1);
  421. $this->_checkService(
  422. $services[0],
  423. "http://www.myopenid.com/server",
  424. null, null, null,
  425. array('2.0 OP'),
  426. true,
  427. $this->id_url);
  428. }
  429. function test_yadis2BadLocalID()
  430. {
  431. $services = $this->_discover('application/xrds+xml',
  432. Tests_Auth_OpenID_readdata('test_discover_yadis_2_bad_local_id.xml'),
  433. 0);
  434. }
  435. function test_yadis1And2()
  436. {
  437. $services = $this->_discover('application/xrds+xml',
  438. Tests_Auth_OpenID_readdata('test_discover_openid_1_and_2_xrds.xml'),
  439. 1);
  440. $this->_checkService(
  441. $services[0],
  442. "http://www.myopenid.com/server",
  443. $this->id_url,
  444. 'http://smoker.myopenid.com/',
  445. null,
  446. array('2.0', '1.1'),
  447. true);
  448. }
  449. function test_yadis1And2BadLocalID()
  450. {
  451. $services = $this->_discover('application/xrds+xml',
  452. Tests_Auth_OpenID_readdata('test_discover_openid_1_and_2_xrds_bad_delegate.xml'),
  453. 0);
  454. }
  455. }
  456. class _MockFetcherForXRIProxy extends Auth_Yadis_HTTPFetcher {
  457. function _MockFetcherForXRIProxy($documents)
  458. {
  459. $this->documents = $documents;
  460. $this->fetchlog = array();
  461. }
  462. function get($url, $headers=null)
  463. {
  464. return $this->fetch($url, $headers);
  465. }
  466. function post($url, $body)
  467. {
  468. return $this->fetch($url, $body);
  469. }
  470. function fetch($url, $body=null, $headers=null)
  471. {
  472. $this->fetchlog[] = array($url, $body, $headers);
  473. $u = parse_url($url);
  474. $proxy_host = $u['host'];
  475. $xri = $u['path'];
  476. $query = Auth_OpenID::arrayGet($u, 'query');
  477. if ((!$headers) && (!$query)) {
  478. trigger_error('Error in mock XRI fetcher: no headers or query');
  479. }
  480. if (Auth_Yadis_startswith($xri, '/')) {
  481. $xri = substr($xri, 1);
  482. }
  483. if (array_key_exists($xri, $this->documents)) {
  484. list($ctype, $body) = $this->documents[$xri];
  485. $status = 200;
  486. } else {
  487. $status = 404;
  488. $ctype = 'text/plain';
  489. $body = '';
  490. }
  491. return new Auth_Yadis_HTTPResponse($url, $status,
  492. array('content-type' => $ctype),
  493. $body);
  494. }
  495. }
  496. class TestXRIDiscovery extends _DiscoveryBase {
  497. var $fetcherClass = '_MockFetcherForXRIProxy';
  498. function setUp() {
  499. parent::setUp();
  500. $this->fetcher->documents = array('=smoker' => array('application/xrds+xml',
  501. Tests_Auth_OpenID_readdata('yadis_2entries_delegate.xml')),
  502. '=smoker*bad' => array('application/xrds+xml',
  503. Tests_Auth_OpenID_readdata('yadis_another_delegate.xml')));
  504. }
  505. function test_xri() {
  506. list($user_xri, $services) = Auth_OpenID_discoverXRI('=smoker');
  507. $this->_checkService(
  508. $services[0],
  509. "http://www.myopenid.com/server",
  510. Auth_Yadis_XRI("=!1000"),
  511. 'http://smoker.myopenid.com/',
  512. Auth_Yadis_XRI("=!1000"),
  513. array('1.0'),
  514. true,
  515. '=smoker');
  516. $this->_checkService(
  517. $services[1],
  518. "http://www.livejournal.com/openid/server.bml",
  519. Auth_Yadis_XRI("=!1000"),
  520. 'http://frank.livejournal.com/',
  521. Auth_Yadis_XRI("=!1000"),
  522. array('1.0'),
  523. true,
  524. '=smoker');
  525. }
  526. function test_xriNoCanonicalID() {
  527. list($user_xri, $services) = Auth_OpenID_discoverXRI('=smoker*bad');
  528. $this->assertFalse($services);
  529. }
  530. function test_useCanonicalID() {
  531. $endpoint = new Auth_OpenID_ServiceEndpoint();
  532. $endpoint->claimed_id = Auth_Yadis_XRI("=!1000");
  533. $endpoint->canonicalID = Auth_Yadis_XRI("=!1000");
  534. $htis->assertEquals($endpoint->getLocalID(), Auth_Yadis_XRI("=!1000"));
  535. }
  536. }
  537. class Tests_Auth_OpenID_DiscoverSession {
  538. function Tests_Auth_OpenID_DiscoverSession()
  539. {
  540. $this->data = array();
  541. }
  542. function set($name, $value)
  543. {
  544. $this->data[$name] = $value;
  545. }
  546. function get($name, $default=null)
  547. {
  548. if (array_key_exists($name, $this->data)) {
  549. return $this->data[$name];
  550. } else {
  551. return $default;
  552. }
  553. }
  554. function del($name)
  555. {
  556. unset($this->data[$name]);
  557. }
  558. }
  559. global $__Tests_BOGUS_SERVICE;
  560. $__Tests_BOGUS_SERVICE = new Auth_OpenID_ServiceEndpoint();
  561. $__Tests_BOGUS_SERVICE->claimed_id = "=really.bogus.endpoint";
  562. function __serviceCheck_discover_cb($url, $fetcher)
  563. {
  564. global $__Tests_BOGUS_SERVICE;
  565. return array($url, array($__Tests_BOGUS_SERVICE));
  566. }
  567. class _FetcherWithSSL extends _DiscoveryMockFetcher {
  568. function supportsSSL()
  569. {
  570. return true;
  571. }
  572. }
  573. class _FetcherWithoutSSL extends _DiscoveryMockFetcher {
  574. function supportsSSL()
  575. {
  576. return false;
  577. }
  578. }
  579. class _NonFetcher extends _DiscoveryMockFetcher {
  580. var $used = false;
  581. function _NonFetcher()
  582. {
  583. $a = array();
  584. parent::_DiscoveryMockFetcher($a);
  585. }
  586. function supportsSSL()
  587. {
  588. return false;
  589. }
  590. function get($url, $headers)
  591. {
  592. $this->used = true;
  593. }
  594. }
  595. class Tests_Auth_OpenID_SSLSupport extends PHPUnit_TestCase {
  596. function test_discoverDropSSL()
  597. {
  598. // In the absence of SSL support, the discovery process should
  599. // drop endpoints whose server URLs are HTTPS.
  600. $id_url = 'http://bogus/';
  601. $d = array(
  602. $id_url => array('application/xrds+xml',
  603. Tests_Auth_OpenID_readdata('test_discover_openid_ssl.xml'))
  604. );
  605. $f =& new _FetcherWithoutSSL($d);
  606. $result = Auth_OpenID_discover($id_url, $f);
  607. list($url, $services) = $result;
  608. $this->assertTrue($url == $id_url);
  609. $this->assertTrue(count($services) == 1);
  610. $e = $services[0];
  611. $this->assertTrue($e->server_url == 'http://nossl.vroom.unittest/server');
  612. }
  613. function test_discoverRetainSSL()
  614. {
  615. // In the presence of SSL support, the discovery process
  616. // should NOT drop endpoints whose server URLs are HTTPS.
  617. // In the absence of SSL support, the discovery process should
  618. // drop endpoints whose server URLs are HTTPS.
  619. $id_url = 'http://bogus/';
  620. $d = array(
  621. $id_url => array('application/xrds+xml',
  622. Tests_Auth_OpenID_readdata('test_discover_openid_ssl.xml'))
  623. );
  624. $f =& new _FetcherWithSSL($d);
  625. $result = Auth_OpenID_discover($id_url, $f);
  626. list($url, $services) = $result;
  627. $this->assertTrue($url == $id_url);
  628. $this->assertTrue(count($services) == 2);
  629. $e = $services[0];
  630. $this->assertTrue($e->server_url == 'http://nossl.vroom.unittest/server');
  631. $e = $services[1];
  632. $this->assertTrue($e->server_url == 'https://ssl.vroom.unittest/server');
  633. }
  634. function test_discoverSSL()
  635. {
  636. // The consumer code should not attempt to perform discovery
  637. // on an HTTPS identity URL in the absence of SSL support.
  638. $id_url = 'https://unsupported/';
  639. $f =& new _NonFetcher();
  640. $result = Auth_OpenID_discover($id_url, $f);
  641. $this->assertTrue($result == array($id_url, array()));
  642. $this->assertFalse($f->used);
  643. }
  644. }
  645. global $Tests_Auth_OpenID_Discover_OpenID_other;
  646. $Tests_Auth_OpenID_Discover_OpenID_other = array(
  647. new Tests_Auth_OpenID_SSLSupport()
  648. );
  649. ?>