diff options
| author | Dries Buytaert <dries@buytaert.net> | 2010-01-31 18:39:46 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2010-01-31 18:39:46 +0000 |
| commit | 6c9b682bb61d41e91d209903b9008093b88e056b (patch) | |
| tree | cfe003aed4d4326707784662bd11102b63c70e72 /modules/openid/tests | |
| parent | a3dd7ebad728f3778add41fd0fea1fc3c5fb6254 (diff) | |
| download | brdo-6c9b682bb61d41e91d209903b9008093b88e056b.tar.gz brdo-6c9b682bb61d41e91d209903b9008093b88e056b.tar.bz2 | |
- Patch #579448 by c960657: fixed OpenID specification violation. Search for OP Identifier element to authenticate.
Diffstat (limited to 'modules/openid/tests')
| -rw-r--r-- | modules/openid/tests/openid_test.module | 44 |
1 files changed, 39 insertions, 5 deletions
diff --git a/modules/openid/tests/openid_test.module b/modules/openid/tests/openid_test.module index 4bf839d58..0512555f9 100644 --- a/modules/openid/tests/openid_test.module +++ b/modules/openid/tests/openid_test.module @@ -74,9 +74,33 @@ function openid_test_yadis_xrds() { <xrds:XRDS xmlns:xrds="xri://$xrds" xmlns="xri://$xrd*($v*2.0)"> <XRD> <Service> + <Type>http://example.com/this-is-ignored</Type> + </Service> + <Service priority="10"> <Type>http://specs.openid.net/auth/2.0/signon</Type> <URI>' . url('openid-test/endpoint', array('absolute' => TRUE)) . '</URI> </Service> + <Service priority="15"> + <Type>http://specs.openid.net/auth/2.0/signon</Type> + <URI>http://example.com/this-has-too-low-priority</URI> + </Service> + <Service> + <Type>http://specs.openid.net/auth/2.0/signon</Type> + <URI>http://example.com/this-has-too-low-priority</URI> + </Service> + '; + if (arg(3) == 'server') { + print ' + <Service> + <Type>http://specs.openid.net/auth/2.0/server</Type> + <URI>http://example.com/this-has-too-low-priority</URI> + </Service> + <Service priority="20"> + <Type>http://specs.openid.net/auth/2.0/server</Type> + <URI>' . url('openid-test/endpoint', array('absolute' => TRUE)) . '</URI> + </Service>'; + } + print ' <XRD> </xrds:XRDS>'; } @@ -202,22 +226,32 @@ function _openid_test_endpoint_associate() { * identity. */ function _openid_test_endpoint_authenticate() { - global $base_url; - module_load_include('inc', 'openid'); // Generate unique identifier for this authentication. $nonce = _openid_nonce(); + if (!isset($_REQUEST['openid_claimed_id'])) { + // openid.claimed_id is not used in OpenID 1.x. + $claimed_id = ''; + } + elseif ($_REQUEST['openid_claimed_id'] == 'http://specs.openid.net/auth/2.0/identifier_select') { + // The Relying Party did not specify a Claimed Identifier, so the OpenID + // Provider decides on one. + $claimed_id = url('openid-test/yadis/xrds/dummy-user', array('absolute' => TRUE)); + } + else { + $claimed_id = $_REQUEST['openid_claimed_id']; + } + // Generate response containing the user's identity. The openid.sreg.xxx // entries contain profile data stored by the OpenID Provider (see OpenID // Simple Registration Extension 1.0). $response = variable_get('openid_test_response', array()) + array( 'openid.ns' => OPENID_NS_2_0, 'openid.mode' => 'id_res', - 'openid.op_endpoint' => $base_url . url('openid/provider'), - // openid.claimed_id is not sent by OpenID 1 clients. - 'openid.claimed_id' => isset($_REQUEST['openid_claimed_id']) ? $_REQUEST['openid_claimed_id'] : '', + 'openid.op_endpoint' => url('openid-test/endpoint', array('absolute' => TRUE)), + 'openid.claimed_id' => $claimed_id, 'openid.identity' => $_REQUEST['openid_identity'], 'openid.return_to' => $_REQUEST['openid_return_to'], 'openid.response_nonce' => $nonce, |