diff --git a/app/libs/OpenId/Extensions/Implementations/OpenIdSREGExtension.php b/app/libs/OpenId/Extensions/Implementations/OpenIdSREGExtension.php index 2b701c50..791b786e 100644 --- a/app/libs/OpenId/Extensions/Implementations/OpenIdSREGExtension.php +++ b/app/libs/OpenId/Extensions/Implementations/OpenIdSREGExtension.php @@ -11,51 +11,20 @@ * See the License for the specific language governing permissions and * limitations under the License. **/ -use OpenId\Extensions\OpenIdExtension; -use OpenId\OpenIdProtocol; -use OpenId\Requests\Contexts\PartialView; -use OpenId\Requests\Contexts\RequestContext; -use OpenId\Responses\Contexts\ResponseContext; + use OpenId\Requests\OpenIdRequest; -use OpenId\Responses\OpenIdResponse; use Utils\Services\IAuthService; use Utils\Services\ILogService; -use Exception; + /** * Class OpenIdSREGExtension - * Implements @see http://openid.net/specs/openid-simple-registration-extension-1_0.html + * Implements @see http://openid.net/specs/openid-simple-registration-extension-1_1-01.html * @package OpenId\Extensions\Implementations */ -class OpenIdSREGExtension extends OpenIdExtension +class OpenIdSREGExtension extends OpenIdSREGExtension_1_0 { - const Prefix = 'sreg'; const NamespaceUrl = 'http://openid.net/extensions/sreg/1.1'; - const NamespaceType = 'ns'; - const Required = 'required'; - const Optional = 'optional'; - const PolicyUrl = 'policy_url'; - - //properties - const Nickname = 'nickname'; - const Email = 'email'; - const FullName = 'fullname'; - const DateOfBirthday = 'dob'; - const Gender = 'gender'; - const Postcode = 'postcode'; - const Country = 'country'; - const Language = 'language'; - const Timezone = 'timezone'; - - /** - * @var array - */ - public static $available_properties = array(); - - /** - * @var IAuthService - */ - private $auth_service; /** * @param $name @@ -69,129 +38,14 @@ class OpenIdSREGExtension extends OpenIdExtension IAuthService $auth_service, ILogService $log_service) { - parent::__construct($name, $namespace, $view_name, $description,$log_service); - - $this->auth_service = $auth_service; - - self::$available_properties[OpenIdSREGExtension::Nickname] = OpenIdSREGExtension::Nickname; - self::$available_properties[OpenIdSREGExtension::Email] = OpenIdSREGExtension::Email; - self::$available_properties[OpenIdSREGExtension::FullName] = OpenIdSREGExtension::FullName; - self::$available_properties[OpenIdSREGExtension::Country] = OpenIdSREGExtension::Country; - self::$available_properties[OpenIdSREGExtension::Language] = OpenIdSREGExtension::Language; - self::$available_properties[OpenIdSREGExtension::Gender] = OpenIdSREGExtension::Gender; - self::$available_properties[OpenIdSREGExtension::DateOfBirthday] = OpenIdSREGExtension::DateOfBirthday; - self::$available_properties[OpenIdSREGExtension::Postcode] = OpenIdSREGExtension::Postcode; - self::$available_properties[OpenIdSREGExtension::Timezone] = OpenIdSREGExtension::Timezone; - } - - public function parseRequest(OpenIdRequest $request, RequestContext $context) - { - try { - - $simple_reg_request = new OpenIdSREGRequest($request->getMessage()); - - if (!$simple_reg_request->isValid()) return; - $attributes = $simple_reg_request->getRequiredAttributes(); - $opt_attributes = $simple_reg_request->getOptionalAttributes(); - $policy_url = $simple_reg_request->getPolicyUrl(); - $attributes = array_merge($attributes, $opt_attributes); - - $view_data = array('attributes' => array_keys($attributes)); - - if (!empty($policy_url)) { - $view_data['policy_url'] = $policy_url; - } - - $partial_view = new PartialView($this->view, $view_data); - $context->addPartialView($partial_view); - } catch (Exception $ex) { - $this->log_service->error($ex); - } + parent::__construct($name, $namespace, $view_name, $description, $auth_service, $log_service); } /** * @param OpenIdRequest $request - * @param OpenIdResponse $response - * @param ResponseContext $context - * @return void + * @return OpenIdSREGRequest_1_0 */ - public function prepareResponse(OpenIdRequest $request, OpenIdResponse $response, ResponseContext $context) - { - try { - $simple_reg_request = new OpenIdSREGRequest($request->getMessage()); - if (!$simple_reg_request->isValid()) return; - - $response->addParam(self::paramNamespace(), self::NamespaceUrl); - $attributes = $simple_reg_request->getRequiredAttributes(); - $opt_attributes = $simple_reg_request->getOptionalAttributes(); - $attributes = array_merge($attributes, $opt_attributes); - - $user = $this->auth_service->getCurrentUser(); - - foreach ($attributes as $attr => $value) { - $context->addSignParam(self::param($attr)); - - if ($attr == self::Email) { - $response->addParam(self::param($attr), $user->getEmail()); - } - if ($attr == self::Country) { - $response->addParam(self::param($attr), $user->getCountry()); - } - if ($attr == self::Nickname || $attr == self::FullName) { - $response->addParam(self::param($attr), $user->getFullName()); - } - if ($attr == self::Language) { - $response->addParam(self::param($attr), $user->getLanguage()); - } - } - } catch (Exception $ex) { - $this->log_service->error($ex); - } - } - - /** - * @param string $separator - * @return string - */ - public static function paramNamespace($separator = '.') - { - return OpenIdProtocol::OpenIdPrefix . $separator . OpenIdProtocol::OpenIDProtocol_NS . $separator . self::Prefix; - } - - /** - * @param $param - * @param string $separator - * @return string - */ - public static function param($param, $separator = '.') - { - return OpenIdProtocol::OpenIdPrefix . $separator . self::Prefix . $separator . $param; - } - - /** - * @param OpenIdRequest $request - * @return array - */ - public function getTrustedData(OpenIdRequest $request) - { - $data = array(); - try { - $simple_reg_request = new OpenIdSREGRequest($request->getMessage()); - - if ($simple_reg_request->isValid()) { - - $attributes = $simple_reg_request->getRequiredAttributes(); - $opt_attributes = $simple_reg_request->getOptionalAttributes(); - $attributes = array_merge($attributes, $opt_attributes); - - foreach ($attributes as $key => $value) { - array_push($data, $key); - } - } - } catch (Exception $ex) { - $this->log_service->debug_msg($request->__toString()); - $this->log_service->error($ex); - } - return $data; + protected function buildRequest(OpenIdRequest $request){ + return new OpenIdSREGRequest($request->getMessage()); } } \ No newline at end of file diff --git a/app/libs/OpenId/Extensions/Implementations/OpenIdSREGExtension_1_0.php b/app/libs/OpenId/Extensions/Implementations/OpenIdSREGExtension_1_0.php new file mode 100644 index 00000000..29d2b5e6 --- /dev/null +++ b/app/libs/OpenId/Extensions/Implementations/OpenIdSREGExtension_1_0.php @@ -0,0 +1,209 @@ +auth_service = $auth_service; + + self::$available_properties[OpenIdSREGExtension::Nickname] = OpenIdSREGExtension::Nickname; + self::$available_properties[OpenIdSREGExtension::Email] = OpenIdSREGExtension::Email; + self::$available_properties[OpenIdSREGExtension::FullName] = OpenIdSREGExtension::FullName; + self::$available_properties[OpenIdSREGExtension::Country] = OpenIdSREGExtension::Country; + self::$available_properties[OpenIdSREGExtension::Language] = OpenIdSREGExtension::Language; + self::$available_properties[OpenIdSREGExtension::Gender] = OpenIdSREGExtension::Gender; + self::$available_properties[OpenIdSREGExtension::DateOfBirthday] = OpenIdSREGExtension::DateOfBirthday; + self::$available_properties[OpenIdSREGExtension::Postcode] = OpenIdSREGExtension::Postcode; + self::$available_properties[OpenIdSREGExtension::Timezone] = OpenIdSREGExtension::Timezone; + } + + /** + * @param OpenIdRequest $request + * @return OpenIdSREGRequest_1_0 + */ + protected function buildRequest(OpenIdRequest $request){ + return new OpenIdSREGRequest_1_0($request->getMessage()); + } + + public function parseRequest(OpenIdRequest $request, RequestContext $context) + { + try { + + $simple_reg_request = $this->buildRequest($request); + + if (!$simple_reg_request->isValid()) return; + $attributes = $simple_reg_request->getRequiredAttributes(); + $opt_attributes = $simple_reg_request->getOptionalAttributes(); + $policy_url = $simple_reg_request->getPolicyUrl(); + $attributes = array_merge($attributes, $opt_attributes); + + $view_data = array('attributes' => array_keys($attributes)); + + if (!empty($policy_url)) { + $view_data['policy_url'] = $policy_url; + } + + $partial_view = new PartialView($this->view, $view_data); + $context->addPartialView($partial_view); + + } catch (Exception $ex) { + $this->log_service->error($ex); + } + } + + /** + * @param OpenIdRequest $request + * @param OpenIdResponse $response + * @param ResponseContext $context + * @return void + */ + public function prepareResponse(OpenIdRequest $request, OpenIdResponse $response, ResponseContext $context) + { + try { + $simple_reg_request = $this->buildRequest($request); + if (!$simple_reg_request->isValid()) return; + + $response->addParam(self::paramNamespace(), $this->getNamespace()); + $attributes = $simple_reg_request->getRequiredAttributes(); + $opt_attributes = $simple_reg_request->getOptionalAttributes(); + $attributes = array_merge($attributes, $opt_attributes); + + $user = $this->auth_service->getCurrentUser(); + + foreach ($attributes as $attr => $value) { + $context->addSignParam(self::param($attr)); + + if ($attr == self::Email) { + $response->addParam(self::param($attr), $user->getEmail()); + } + if ($attr == self::Country) { + $response->addParam(self::param($attr), $user->getCountry()); + } + if ($attr == self::Nickname || $attr == self::FullName) { + $response->addParam(self::param($attr), $user->getFullName()); + } + if ($attr == self::Language) { + $response->addParam(self::param($attr), $user->getLanguage()); + } + } + } catch (Exception $ex) { + $this->log_service->error($ex); + } + } + + /** + * @param string $separator + * @return string + */ + public static function paramNamespace($separator = '.') + { + return OpenIdProtocol::OpenIdPrefix . $separator . OpenIdProtocol::OpenIDProtocol_NS . $separator . self::Prefix; + } + + /** + * @param $param + * @param string $separator + * @return string + */ + public static function param($param, $separator = '.') + { + return OpenIdProtocol::OpenIdPrefix . $separator . self::Prefix . $separator . $param; + } + + /** + * @param OpenIdRequest $request + * @return array + */ + public function getTrustedData(OpenIdRequest $request) + { + $data = array(); + try { + $simple_reg_request = $this->buildRequest($request); + + if ($simple_reg_request->isValid()) { + + $attributes = $simple_reg_request->getRequiredAttributes(); + $opt_attributes = $simple_reg_request->getOptionalAttributes(); + $attributes = array_merge($attributes, $opt_attributes); + + foreach ($attributes as $key => $value) { + array_push($data, $key); + } + } + } catch (Exception $ex) { + $this->log_service->debug_msg($request->__toString()); + $this->log_service->error($ex); + } + return $data; + } +} \ No newline at end of file diff --git a/app/libs/OpenId/Extensions/Implementations/OpenIdSREGRequest.php b/app/libs/OpenId/Extensions/Implementations/OpenIdSREGRequest.php index ebfb1e34..b273c977 100644 --- a/app/libs/OpenId/Extensions/Implementations/OpenIdSREGRequest.php +++ b/app/libs/OpenId/Extensions/Implementations/OpenIdSREGRequest.php @@ -11,138 +11,29 @@ * See the License for the specific language governing permissions and * limitations under the License. **/ -use Exception; + use OpenId\OpenIdMessage; -use OpenId\Requests\OpenIdRequest; -use OpenId\Exceptions\InvalidOpenIdMessageException; -use Utils\Http\HttpMessage; + /** * Class OpenIdSREGRequest - * Implements @see http://openid.net/specs/openid-simple-registration-extension-1_0.html + * Implements @see http://openid.net/specs/openid-simple-registration-extension-1_1-01.html * @package OpenId\Extensions\Implementations */ -class OpenIdSREGRequest extends OpenIdRequest -{ - /** - * @var array - */ - private $attributes; - /** - * @var array - */ - private $optional_attributes; - /** - * @var string - */ - private $policy_url; - - /** +class OpenIdSREGRequest extends OpenIdSREGRequest_1_0 +{ /** * OpenIdSREGRequest constructor. * @param OpenIdMessage $message */ public function __construct(OpenIdMessage $message) { parent::__construct($message); - $this->attributes = array(); - $this->optional_attributes = array(); - } - - /** - * @return bool - * @throws Exception - */ - public function isValid() - { - try { - //check identifier - if (isset($this->message[OpenIdSREGExtension::paramNamespace(HttpMessage::PHP_REQUEST_VAR_SEPARATOR)]) - && $this->message[OpenIdSREGExtension::paramNamespace(HttpMessage::PHP_REQUEST_VAR_SEPARATOR)] == OpenIdSREGExtension::NamespaceUrl - ) { - - /* - * All of the following request fields are OPTIONAL, though at least one of "openid.sreg.required" - * or "openid.sreg.optional" MUST be specified in the request. - * openid.sreg.required: - * Comma-separated list of field names which, if absent from the response, will prevent the Consumer f - * rom completing the registration without End User interation. The field names are those that are - * specified in the Response Format, with the "openid.sreg." prefix removed. - * openid.sreg.optional: - * Comma-separated list of field names Fields that will be used by the Consumer, but whose absence will - * not prevent the registration from completing. The field names are those that are specified in the - * Response Format, with the "openid.sreg." prefix removed. - * openid.sreg.policy_url: - * A URL which the Consumer provides to give the End User a place to read about the how the profile data - * will be used. The Identity Provider SHOULD display this URL to the End User if it is given. - */ - - //check required fields - - if ( - !isset($this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::Required, HttpMessage::PHP_REQUEST_VAR_SEPARATOR)]) && - !isset($this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::Optional, HttpMessage::PHP_REQUEST_VAR_SEPARATOR)]) - ) - throw new InvalidOpenIdMessageException("SREG: at least one of \"openid.sreg.required\" or \"openid.sreg.optional\" MUST be specified in the request."); - - //get required attributes - if (isset($this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::Required, HttpMessage::PHP_REQUEST_VAR_SEPARATOR)])) { - $attributes = $this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::Required, HttpMessage::PHP_REQUEST_VAR_SEPARATOR)]; - $attributes = explode(",", $attributes); - - foreach ($attributes as $attr) { - $attr = trim($attr); - if (!isset(OpenIdSREGExtension::$available_properties[$attr])) - continue; - $this->attributes[$attr] = $attr; - } - } - - //get optional attributes - if (isset($this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::Optional, HttpMessage::PHP_REQUEST_VAR_SEPARATOR)])) { - $opt_attributes = $this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::Optional, HttpMessage::PHP_REQUEST_VAR_SEPARATOR)]; - $opt_attributes = explode(",", $opt_attributes); - foreach ($opt_attributes as $opt_attr) { - $opt_attr = trim($opt_attr); - if (!isset(OpenIdSREGExtension::$available_properties[$opt_attr])) - continue; - if (isset($this->attributes[$opt_attr])) - throw new InvalidOpenIdMessageException(sprintf("SREG: optional attribute %s is already set as required one!", $opt_attr)); - $this->optional_attributes[$opt_attr] = $opt_attr; - } - } - - //check policy url.. - if (isset($this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::PolicyUrl, HttpMessage::PHP_REQUEST_VAR_SEPARATOR)])) { - $this->policy_url = $this->message[OpenIdSREGExtension::param(OpenIdSREGExtension::PolicyUrl, HttpMessage::PHP_REQUEST_VAR_SEPARATOR)]; - } - return true; - } - } catch (Exception $ex) { - throw $ex; - } - return false; - } - - /** - * @return array - */ - public function getRequiredAttributes() - { - return $this->attributes; - } - - /** - * @return array - */ - public function getOptionalAttributes() - { - return $this->optional_attributes; } /** * @return string */ - public function getPolicyUrl() - { - return $this->policy_url; + protected function getNameSpace(){ + return OpenIdSREGExtension::NamespaceUrl; } + } \ No newline at end of file diff --git a/app/libs/OpenId/Extensions/Implementations/OpenIdSREGRequest_1_0.php b/app/libs/OpenId/Extensions/Implementations/OpenIdSREGRequest_1_0.php new file mode 100644 index 00000000..7bdec5f9 --- /dev/null +++ b/app/libs/OpenId/Extensions/Implementations/OpenIdSREGRequest_1_0.php @@ -0,0 +1,157 @@ +attributes = array(); + $this->optional_attributes = array(); + } + + /** + * @return string + */ + protected function getNameSpace(){ + return OpenIdSREGExtension_1_0::NamespaceUrl; + } + + /** + * @return bool + * @throws Exception + */ + public function isValid() + { + try { + //check identifier + if (isset($this->message[OpenIdSREGExtension_1_0::paramNamespace(HttpMessage::PHP_REQUEST_VAR_SEPARATOR)]) + && $this->message[OpenIdSREGExtension_1_0::paramNamespace(HttpMessage::PHP_REQUEST_VAR_SEPARATOR)] == $this->getNameSpace()) + { + + /* + * All of the following request fields are OPTIONAL, though at least one of "openid.sreg.required" + * or "openid.sreg.optional" MUST be specified in the request. + * openid.sreg.required: + * Comma-separated list of field names which, if absent from the response, will prevent the Consumer f + * rom completing the registration without End User interation. The field names are those that are + * specified in the Response Format, with the "openid.sreg." prefix removed. + * openid.sreg.optional: + * Comma-separated list of field names Fields that will be used by the Consumer, but whose absence will + * not prevent the registration from completing. The field names are those that are specified in the + * Response Format, with the "openid.sreg." prefix removed. + * openid.sreg.policy_url: + * A URL which the Consumer provides to give the End User a place to read about the how the profile data + * will be used. The Identity Provider SHOULD display this URL to the End User if it is given. + */ + + //check required fields + + if ( + !isset($this->message[OpenIdSREGExtension_1_0::param(OpenIdSREGExtension_1_0::Required, HttpMessage::PHP_REQUEST_VAR_SEPARATOR)]) && + !isset($this->message[OpenIdSREGExtension_1_0::param(OpenIdSREGExtension_1_0::Optional, HttpMessage::PHP_REQUEST_VAR_SEPARATOR)]) + ) + throw new InvalidOpenIdMessageException("SREG: at least one of \"openid.sreg.required\" or \"openid.sreg.optional\" MUST be specified in the request."); + + //get required attributes + if (isset($this->message[OpenIdSREGExtension_1_0::param(OpenIdSREGExtension_1_0::Required, HttpMessage::PHP_REQUEST_VAR_SEPARATOR)])) { + $attributes = $this->message[OpenIdSREGExtension_1_0::param(OpenIdSREGExtension_1_0::Required, HttpMessage::PHP_REQUEST_VAR_SEPARATOR)]; + $attributes = explode(",", $attributes); + + foreach ($attributes as $attr) { + $attr = trim($attr); + if (!isset(OpenIdSREGExtension_1_0::$available_properties[$attr])) + continue; + $this->attributes[$attr] = $attr; + } + } + + //get optional attributes + if (isset($this->message[OpenIdSREGExtension_1_0::param(OpenIdSREGExtension_1_0::Optional, HttpMessage::PHP_REQUEST_VAR_SEPARATOR)])) { + $opt_attributes = $this->message[OpenIdSREGExtension_1_0::param(OpenIdSREGExtension_1_0::Optional, HttpMessage::PHP_REQUEST_VAR_SEPARATOR)]; + $opt_attributes = explode(",", $opt_attributes); + foreach ($opt_attributes as $opt_attr) { + $opt_attr = trim($opt_attr); + if (!isset(OpenIdSREGExtension_1_0::$available_properties[$opt_attr])) + continue; + if (isset($this->attributes[$opt_attr])) + throw new InvalidOpenIdMessageException(sprintf("SREG: optional attribute %s is already set as required one!", $opt_attr)); + $this->optional_attributes[$opt_attr] = $opt_attr; + } + } + + //check policy url.. + if (isset($this->message[OpenIdSREGExtension_1_0::param(OpenIdSREGExtension_1_0::PolicyUrl, HttpMessage::PHP_REQUEST_VAR_SEPARATOR)])) { + $this->policy_url = $this->message[OpenIdSREGExtension_1_0::param(OpenIdSREGExtension_1_0::PolicyUrl, HttpMessage::PHP_REQUEST_VAR_SEPARATOR)]; + } + return true; + } + } catch (Exception $ex) { + throw $ex; + } + return false; + } + + /** + * @return array + */ + public function getRequiredAttributes() + { + return $this->attributes; + } + + /** + * @return array + */ + public function getOptionalAttributes() + { + return $this->optional_attributes; + } + + /** + * @return string + */ + public function getPolicyUrl() + { + return $this->policy_url; + } +} \ No newline at end of file diff --git a/database/migrations/2016_09_26_133648_update_server_extensions.php b/database/migrations/2016_09_26_133648_update_server_extensions.php index 8c08b1e7..e4ec19b6 100644 --- a/database/migrations/2016_09_26_133648_update_server_extensions.php +++ b/database/migrations/2016_09_26_133648_update_server_extensions.php @@ -38,7 +38,6 @@ class UpdateServerExtensions extends Migration ) ); - ServerExtension::create( array( 'name' => 'OAUTH2', diff --git a/database/migrations/2017_04_10_213503_update_server_ext_openid_sreg_1_0.php b/database/migrations/2017_04_10_213503_update_server_ext_openid_sreg_1_0.php new file mode 100644 index 00000000..bd12b608 --- /dev/null +++ b/database/migrations/2017_04_10_213503_update_server_ext_openid_sreg_1_0.php @@ -0,0 +1,42 @@ + 'SREG_1_0', + 'namespace' => 'http://openid.net/sreg/1.0', + 'active' => true, + 'extension_class' => OpenIdSREGExtension_1_0::class, + 'description' => 'OpenID Simple Registration 1.0 is an extension to the OpenID Authentication protocol that allows for very light-weight profile exchange.', + 'view_name' => 'extensions.sreg', + ) + ); + + } + + /** + * Reverse the migrations. + * + * @return void + */ + public function down() + { + // + } +} diff --git a/database/seeds/OpenIdExtensionsSeeder.php b/database/seeds/OpenIdExtensionsSeeder.php index 8ef34d54..a4889f92 100644 --- a/database/seeds/OpenIdExtensionsSeeder.php +++ b/database/seeds/OpenIdExtensionsSeeder.php @@ -5,6 +5,7 @@ use Illuminate\Database\Seeder; use OpenId\Extensions\Implementations\OpenIdAXExtension; use OpenId\Extensions\Implementations\OpenIdSREGExtension; use OpenId\Extensions\Implementations\OpenIdOAuth2Extension; +use OpenId\Extensions\Implementations\OpenIdSREGExtension_1_0; /** * Class OpenIdExtensionsSeeder @@ -28,15 +29,25 @@ class OpenIdExtensionsSeeder extends Seeder { ServerExtension::create( array( - 'name' => 'SREG', - 'namespace' => 'http://openid.net/extensions/sreg/1.1', + 'name' => 'SREG_1_0', + 'namespace' => 'http://openid.net/sreg/1.0', 'active' => true, - 'extension_class' => OpenIdSREGExtension::class, - 'description' => 'OpenID Simple Registration is an extension to the OpenID Authentication protocol that allows for very light-weight profile exchange.', + 'extension_class' => OpenIdSREGExtension_1_0::class, + 'description' => 'OpenID Simple Registration 1.0 is an extension to the OpenID Authentication protocol that allows for very light-weight profile exchange.', 'view_name' => 'extensions.sreg', ) ); + ServerExtension::create( + array( + 'name' => 'SREG', + 'namespace' => 'http://openid.net/extensions/sreg/1.1', + 'active' => true, + 'extension_class' => OpenIdSREGExtension::class, + 'description' => 'OpenID Simple Registration 1.1 is an extension to the OpenID Authentication protocol that allows for very light-weight profile exchange.', + 'view_name' => 'extensions.sreg', + ) + ); ServerExtension::create( array( diff --git a/database/seeds/TestSeeder.php b/database/seeds/TestSeeder.php index 80e53dc8..077987ff 100644 --- a/database/seeds/TestSeeder.php +++ b/database/seeds/TestSeeder.php @@ -23,6 +23,7 @@ use OpenId\Extensions\Implementations\OpenIdAXExtension; use OpenId\Extensions\Implementations\OpenIdSREGExtension; use OpenId\Extensions\Implementations\OpenIdOAuth2Extension; use Models\Group; +use OpenId\Extensions\Implementations\OpenIdSREGExtension_1_0; /** * Class OAuth2ApplicationSeeder * This seeder is only for testing purposes @@ -743,6 +744,18 @@ SQL; } private function seedServerExtensions(){ + + ServerExtension::create( + array( + 'name' => 'SREG_1_0', + 'namespace' => 'http://openid.net/sreg/1.0', + 'active' => true, + 'extension_class' => OpenIdSREGExtension_1_0::class, + 'description' => 'OpenID Simple Registration 1.0 is an extension to the OpenID Authentication protocol that allows for very light-weight profile exchange.', + 'view_name' => 'extensions.sreg', + ) + ); + ServerExtension::create( array( 'name' => 'AX', diff --git a/tests/OpenIdProtocolTest.php b/tests/OpenIdProtocolTest.php index 78170d32..93b8dccc 100644 --- a/tests/OpenIdProtocolTest.php +++ b/tests/OpenIdProtocolTest.php @@ -10,6 +10,7 @@ use Zend\Crypt\PublicKey\DiffieHellman; use Illuminate\Support\Facades\Session; use Illuminate\Support\Facades\Config; use Models\OpenId\OpenIdTrustedSite; +use OpenId\Extensions\Implementations\OpenIdSREGExtension_1_0; /** * Class OpenIdProtocolTest * Test Suite for OpenId Protocol @@ -629,8 +630,81 @@ class OpenIdProtocolTest extends OpenStackIDBaseTest //extension tests + public function testCheckSetupSREGExtension1_0() + { - public function testCheckSetupSREGExtension() + //set login info + Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowForever); + $sreg_required_params = array('email', 'fullname'); + + $params = array( + OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS) => OpenIdProtocol::OpenID2MessageType, + OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Mode) => OpenIdProtocol::SetupMode, + OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm) => "https://www.test.com/", + OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo) => "https://www.test.com/oauth2", + OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Identity) => "http://specs.openid.net/auth/2.0/identifier_select", + OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ClaimedId) => "http://specs.openid.net/auth/2.0/identifier_select", + //sreg + OpenIdSREGExtension::paramNamespace() => OpenIdSREGExtension_1_0::NamespaceUrl, + OpenIdSREGExtension::param(OpenIdSREGExtension::Required) => implode(",", $sreg_required_params), + + ); + + $response = $this->action("POST", "OpenId\OpenIdProviderController@endpoint", $params); + + $this->assertResponseStatus(302); + + $openid_response = $this->parseOpenIdResponse($response->getTargetUrl()); + + $this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Mode)])); + $this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Mode)])); + + $this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS)])); + $this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS)])); + + $this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo)])); + $this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo)])); + + $this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Sig)])); + $this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Sig)])); + + $this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Signed)])); + $this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Signed)])); + + $this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm)])); + $this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm)])); + + $this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_OpEndpoint)])); + $this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_OpEndpoint)])); + + $this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Identity)])); + $this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Identity)])); + + $this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ClaimedId)])); + $this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ClaimedId)])); + + //sreg + + $this->assertTrue(isset($openid_response[OpenIdSREGExtension::paramNamespace()])); + $this->assertTrue($openid_response[OpenIdSREGExtension::paramNamespace()] === OpenIdSREGExtension_1_0::NamespaceUrl); + + $this->assertTrue(isset($openid_response[OpenIdSREGExtension::param(OpenIdSREGExtension::FullName)])); + $full_name = $openid_response[OpenIdSREGExtension::param(OpenIdSREGExtension::FullName)]; + $this->assertTrue(!empty($full_name) && $full_name === 'Sebastian Marcet'); + + $this->assertTrue(isset($openid_response[OpenIdSREGExtension::param(OpenIdSREGExtension::Email)])); + $email = $openid_response[OpenIdSREGExtension::param(OpenIdSREGExtension::Email)]; + $this->assertTrue(!empty($email) && $email === 'sebastian@tipit.net'); + + //http://openid.net/specs/openid-authentication-2_0.html#check_auth + $response = $this->action("POST", "OpenId\OpenIdProviderController@endpoint", + $this->prepareCheckAuthenticationParams($openid_response)); + $openid_response = $this->getOpenIdResponseLineBreak($response->getContent()); + $this->assertResponseStatus(200); + $this->assertTrue($openid_response['is_valid'] === 'true'); + } + + public function testCheckSetupSREGExtension1_1() { //set login info