- Patch #251245 by c960657: moving the test files to their rightful place.

1 files changed, 232 insertions, 0 deletions

diff --git a/modules/openid/tests/openid_test.module b/modules/openid/tests/openid_test.module
new file mode 100644
index 000000000..baaf07ce4
--- /dev/null
+++ b/modules/openid/tests/openid_test.module
@@ -0,0 +1,232 @@
+<?php
+// $Id$
+
+/**
+ * @file
+ * Dummy OpenID Provider used with SimpleTest.
+ *
+ * The provider simply responds positively to all authentication requests. In
+ * addition to a Provider Endpoint (a URL used for Drupal to communicate with
+ * the provider using the OpenID Authentication protocol) the module provides
+ * URLs used by the various discovery mechanisms.
+ *
+ * When a user enters an OpenID identity, the Relying Party (in the testing
+ * scenario, this is the OpenID module) looks up the URL of the Provider
+ * Endpoint using one of several discovery mechanisms. The Relying Party then
+ * redirects the user to Provider Endpoint. The provider verifies the user's
+ * identity and redirects the user back to the Relying Party accompanied by a
+ * signed message confirming the identity. Before redirecting to a provider for
+ * the first time, the Relying Party fetches a secret MAC key from the provider
+ * by doing a direct "associate" HTTP request to the Provider Endpoint. This
+ * key is used for verifying the signed messages from the provider.
+ */
+
+/**
+ * Implementation of hook_menu().
+ */
+function openid_test_menu() {
+  $items['openid-test/yadis/xrds'] = array(
+    'title' => 'XRDS service document',
+    'page callback' => 'openid_test_yadis_xrds',
+    'access callback' => TRUE,
+    'type' => MENU_CALLBACK,
+  );
+  $items['openid-test/yadis/x-xrds-location'] = array(
+    'title' => 'Yadis discovery using X-XRDS-Location header',
+    'page callback' => 'openid_test_yadis_x_xrds_location',
+    'access callback' => TRUE,
+    'type' => MENU_CALLBACK,
+  );
+  $items['openid-test/yadis/http-equiv'] = array(
+    'title' => 'Yadis discovery using <meta http-equiv="X-XRDS-Location" ...>',
+    'page callback' => 'openid_test_yadis_http_equiv',
+    'access callback' => TRUE,
+    'type' => MENU_CALLBACK,
+  );
+  $items['openid-test/html/openid1'] = array(
+    'title' => 'HTML-based discovery using <link rel="openid.server" ...>',
+    'page callback' => 'openid_test_html_openid1',
+    'access callback' => TRUE,
+    'type' => MENU_CALLBACK,
+  );
+  $items['openid-test/html/openid2'] = array(
+    'title' => 'HTML-based discovery using <link rel="openid2.provider" ...>',
+    'page callback' => 'openid_test_html_openid2',
+    'access callback' => TRUE,
+    'type' => MENU_CALLBACK,
+  );
+  $items['openid-test/endpoint'] = array(
+    'title' => 'OpenID Provider Endpoint',
+    'page callback' => 'openid_test_endpoint',
+    'access callback' => TRUE,
+    'type' => MENU_CALLBACK,
+  );
+  return $items;
+}
+
+/**
+ * Menu callback; XRDS document that references the OP Endpoint URL.
+ */
+function openid_test_yadis_xrds() {
+  if ($_SERVER['HTTP_ACCEPT'] == 'application/xrds+xml') {
+    drupal_set_header('Content-Type', 'application/xrds+xml');
+    print '<?xml version="1.0" encoding="UTF-8"?>
+      <xrds:XRDS xmlns:xrds="xri://$xrds" xmlns="xri://$xrd*($v*2.0)">
+        <XRD>
+          <Service>
+            <Type>http://specs.openid.net/auth/2.0/signon</Type>
+            <URI>' . url('openid-test/endpoint', array('absolute' => TRUE)) . '</URI>
+          </Service>
+        <XRD>
+      </xrds:XRDS>';
+  }
+  else {
+    return t('This is a regular HTML page. If the client sends an Accept: application/xrds+xml header when requesting this URL, an XRDS document is returned.');
+  }
+}
+
+/**
+ * Menu callback; regular HTML page with an X-XRDS-Location HTTP header.
+ */
+function openid_test_yadis_x_xrds_location() {
+  drupal_set_header('X-XRDS-Location', url('openid-test/yadis/xrds', array('absolute' => TRUE)));
+  return t('This page includes an X-RDS-Location HTTP header containing the URL of an XRDS document.');
+}
+
+/**
+ * Menu callback; regular HTML page with <meta> element.
+ */
+function openid_test_yadis_http_equiv() {
+  drupal_add_html_head('<meta http-equiv="X-XRDS-Location" content="' . url('openid-test/yadis/xrds', array('absolute' => TRUE)) . '" />');
+  return t('This page includes a &lt;meta equiv=...&gt; element containing the URL of an XRDS document.');
+}
+
+/**
+ * Menu callback; regular HTML page with OpenID 1.0 <link> element.
+ */
+function openid_test_html_openid1() {
+  drupal_add_html_head('<link rel="openid.server" href="' . url('openid-test/endpoint', array('absolute' => TRUE)) . '" />');
+  return t('This page includes a &lt;link rel=...&gt; element containing the URL of an OpenID Provider Endpoint.');
+}
+
+/**
+ * Menu callback; regular HTML page with OpenID 2.0 <link> element.
+ */
+function openid_test_html_openid2() {
+  drupal_add_html_head('<link rel="openid2.provider" href="' . url('openid-test/endpoint', array('absolute' => TRUE)) . '" />');
+  return t('This page includes a &lt;link rel=...&gt; element containing the URL of an OpenID Provider Endpoint.');
+}
+
+/**
+ * Menu callback; OpenID Provider Endpoint.
+ *
+ * It accepts "associate" requests directly from the Relying Party, and
+ * "checkid_setup" requests made by the user's browser based on HTTP redirects
+ * (in OpenID 1) or HTML forms (in OpenID 2) generated by the Relying Party.
+ */
+function openid_test_endpoint() {
+  switch ($_REQUEST['openid_mode']) {
+    case 'associate';
+      _openid_test_endpoint_associate();
+      break;
+    case 'checkid_setup';
+      _openid_test_endpoint_authenticate();
+      break;
+  }
+}
+
+/**
+ * OpenID endpoint; handle "associate" requests (see OpenID Authentication 2.0,
+ * section 8).
+ *
+ * The purpose of association is to send the secret MAC key to the Relying Party
+ * using Diffie-Hellman key exchange. The MAC key is used in subsequent
+ * "authenticate" requests. The "associate" request is made by the Relying Party
+ * (in the testing scenario, this is the OpenID module that communicates with
+ * the endpoint using drupal_http_request()).
+ */
+function _openid_test_endpoint_associate() {
+  module_load_include('inc', 'openid');
+
+  // Use default parameters for Diffie-Helmann key exchange.
+  $mod = OPENID_DH_DEFAULT_MOD;
+  $gen = OPENID_DH_DEFAULT_GEN;
+
+  // Generate private Diffie-Helmann key.
+  $r = _openid_dh_rand($mod);
+  $private = bcadd($r, 1);
+
+  // Calculate public Diffie-Helmann key.
+  $public = bcpowmod($gen, $private, $mod);
+
+  // Calculate shared secret based on Relying Party's public key.
+  $cpub = _openid_dh_base64_to_long($_REQUEST['openid_dh_consumer_public']);
+  $shared = bcpowmod($cpub, $private, $mod);
+
+  // Encrypt the MAC key using the shared secret.
+  $enc_mac_key = base64_encode(_openid_dh_xorsecret($shared, base64_decode(variable_get('mac_key'))));
+
+  // Generate response including our public key and the MAC key. Using our
+  // public key and its own private key, the Relying Party can calculate the
+  // shared secret, and with this it can decrypt the encrypted MAC key.
+  $response = array(
+    'ns' => 'http://specs.openid.net/auth/2.0',
+    'assoc_handle' => 'openid-test',
+    'session_type' => $_REQUEST['openid_session_type'],
+    'assoc_type' => $_REQUEST['openid_assoc_type'],
+    'expires_in' => '3600',
+    'dh_server_public' => _openid_dh_long_to_base64($public),
+    'enc_mac_key' => $enc_mac_key,
+  );
+
+  // Respond to Relying Party in the special Key-Value Form Encoding (see OpenID
+  // Authentication 1.0, section 4.1.1).
+  drupal_set_header('Content-Type', 'text/plain');
+  print _openid_create_message($response);
+}
+
+/**
+ * OpenID endpoint; handle "authenticate" requests.
+ *
+ * All requests result in a successful response. The request is a GET or POST
+ * made by the user's browser based on an HTML form or HTTP redirect generated
+ * by the Relying Party. The user is redirected back to the Relying Party using
+ * a URL containing a signed message in the query string confirming the user's
+ * identity.
+ */
+function _openid_test_endpoint_authenticate() {
+  global $base_url;
+
+  module_load_include('inc', 'openid');
+
+  // Generate unique identifier for this authentication.
+  $nonce = _openid_nonce();
+
+  // Generate response containing the user's identity. The openid.sreg.xxx
+  // entries contain profile data stored by the OpenID Provider (see OpenID
+  // Simple Registration Extension 1.0).
+  $response = array(
+    'openid.ns' => 'http://specs.openid.net/auth/2.0',
+    'openid.mode' => 'id_res',
+    'openid.op_endpoint' => $base_url . url('openid/provider'),
+    'openid.claimed_id' => $_REQUEST['openid_claimed_id'],
+    'openid.identity' => $_REQUEST['openid_identity'],
+    'openid.return_to' => $_REQUEST['openid_return_to'],
+    'openid.response_nonce' => $nonce,
+    'openid.assoc_handle' => 'openid-test',
+    'openid.sreg.email' => 'johndoe@example.com',
+    'openid.sreg.nickname' => 'johndoe',
+    'openid.signed' => 'op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle',
+  );
+
+  // Sign the message using the MAC key that was exchanged during association.
+  $association = new stdClass;
+  $association->mac_key = variable_get('mac_key');
+  $keys_to_sign = explode(',', $response['openid.signed']);
+  $response['openid.sig'] = _openid_signature($association, $response, $keys_to_sign);
+
+  // Put the signed message into the query string of a URL supplied by the
+  // Relying Party, and redirect the user.
+  drupal_set_header('Content-Type', 'text/plain');
+  header('Location: ' . url($_REQUEST['openid_return_to'], array('query' => http_build_query($response, '', '&'), 'external' => TRUE)));
+}