- Patch #740036 by c960657, Damien Tournoud: OpenID AX: Request nickname + support alternative namespaces.

3 files changed, 105 insertions, 32 deletions

diff --git a/modules/openid/openid.inc b/modules/openid/openid.inc
index 72e931718..a19f483c7 100644
--- a/modules/openid/openid.inc
+++ b/modules/openid/openid.inc
@@ -665,3 +665,35 @@ function openid_extract_namespace($response, $extension_namespace, $fallback_pre
 
   return $output;
 }
+
+/**
+ * Extracts values from an OpenID AX Response.
+ *
+ * The values can be returned in two forms:
+ *   - only openid.ax.value.<alias> (for single-valued answers)
+ *   - both openid.ax.count.<alias> and openid.ax.value.<alias>.<count> (for both
+ *     single and multiple-valued answers)
+ *
+ * @param $values
+ *   An array as returned by openid_extract_namespace(..., OPENID_NS_AX).
+ * @param $aliases
+ *   An array of aliases used in the fetch request.
+ * @return
+ *   An array of values.
+ * @see http://openid.net/specs/openid-attribute-exchange-1_0.html#fetch_response
+ */
+function openid_extract_ax_values($values, $aliases) {
+  $output = array();
+  foreach ($aliases as $alias) {
+    if (isset($values['count.' . $alias])) {
+      for ($i = 1; $i <= $values['count.' . $alias]; $i++) {
+        $output[] = $values['value.' . $alias . '.' . $i];
+      }
+    }
+    elseif (isset($values['value.' . $alias])) {
+      $output[] = $values['value.' . $alias];
+    }
+  }
+  return $output;
+}
+
diff --git a/modules/openid/openid.module b/modules/openid/openid.module
index ecf452a8f..96a74415a 100644
--- a/modules/openid/openid.module
+++ b/modules/openid/openid.module
@@ -173,19 +173,21 @@ function openid_form_user_register_form_alter(&$form, &$form_state) {
       // Use the nickname returned by Simple Registration if available.
       $form['account']['name']['#default_value'] = $sreg_values['nickname'];
     }
-    elseif (!empty($ax_values['value.email'])) {
-      // Else, extract the name part of the email address returned by AX if available.
-      list($name, $domain) = explode('@', $ax_values['value.email'], 2);
-      $form['account']['name']['#default_value'] = $name;
+    elseif ($ax_name_values = openid_extract_ax_values($ax_values, array('name_ao', 'name_son'))) {
+      // Else, use the first nickname returned by AX if available.
+      $form['account']['name']['#default_value'] = current($ax_name_values);
+    }
+    else {
+      $form['account']['name']['#default_value'] = '';
     }
 
     if (!empty($sreg_values['email'])) {
       // Use the email returned by Simple Registration if available.
       $form['account']['mail']['#default_value'] = $sreg_values['email'];
     }
-    elseif (!empty($ax_values['value.email'])) {
-      // Else, use the email returned by AX if available.
-      $form['account']['mail']['#default_value'] = $ax_values['value.email'];
+    elseif ($ax_mail_values = openid_extract_ax_values($ax_values, array('mail_ao', 'mail_son'))) {
+      // Else, use the first nickname returned by AX if available.
+      $form['account']['mail']['#default_value'] = current($ax_mail_values);
     }
 
     // If user_email_verification is off, hide the password field and just fill
@@ -714,8 +716,20 @@ function openid_authentication_request($claimed_id, $identity, $return_to = '',
   if (in_array(OPENID_NS_AX, $service['types'])) {
     $request['openid.ns.ax'] = OPENID_NS_AX;
     $request['openid.ax.mode'] = 'fetch_request';
-    $request['openid.ax.required'] = 'email';
-    $request['openid.ax.type.email'] = 'http://schema.openid.net/contact/email';
+    $request['openid.ax.required'] = 'mail_ao,name_ao,mail_son,name_son';
+
+    // Implementors disagree on which URIs to use, even for simple
+    // attributes like name and email (*sigh*). We ask for both axschema.org
+    // attributes (which are supposed to be newer), and schema.openid.net ones
+    // (which are supposed to be legacy).
+
+    // Attributes as defined by axschema.org.
+    $request['openid.ax.type.mail_ao'] = 'http://axschema.org/contact/email';
+    $request['openid.ax.type.name_ao'] = 'http://axschema.org/namePerson/friendly';
+
+    // Attributes as defined by schema.openid.net.
+    $request['openid.ax.type.mail_son'] = 'http://schema.openid.net/contact/email';
+    $request['openid.ax.type.name_son'] = 'http://schema.openid.net/namePerson/friendly';
   }
 
   $request = array_merge($request, module_invoke_all('openid', 'request', $request));
diff --git a/modules/openid/openid.test b/modules/openid/openid.test
index adf5b97aa..f507fcdae 100644
--- a/modules/openid/openid.test
+++ b/modules/openid/openid.test
@@ -2,15 +2,36 @@
 // $Id$
 
 /**
- * Test login and account registration using OpenID.
+ * Base class for OpenID tests.
  */
-class OpenIDFunctionalTest extends DrupalWebTestCase {
+abstract class OpenIDWebTestCase extends DrupalWebTestCase {
+
+  /**
+   * Initiates the login procedure using the specified User-supplied Identity.
+   */
+  function submitLoginForm($identity) {
+    // Fill out and submit the login form.
+    $edit = array('openid_identifier' => $identity);
+    $this->drupalPost('', $edit, t('Log in'));
+
+    // Check we are on the OpenID redirect form.
+    $this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
+
+    // Submit form to the OpenID Provider Endpoint.
+    $this->drupalPost(NULL, array(), t('Send'));
+  }
+}
+
+/**
+ * Test discovery and login using OpenID
+ */
+class OpenIDFunctionalTestCase extends OpenIDWebTestCase {
   protected $web_user;
 
   public static function getInfo() {
     return array(
-      'name' => 'OpenID login and account registration',
-      'description' => "Adds an identity to a user's profile and uses it to log in, creates a user account using auto-registration.",
+      'name' => 'OpenID discovery and login',
+      'description' => "Adds an identity to a user's profile and uses it to log in.",
       'group' => 'OpenID'
     );
   }
@@ -203,6 +224,23 @@ class OpenIDFunctionalTest extends DrupalWebTestCase {
     }
     $this->assertRaw(t('Successfully added %identity', array('%identity' => $claimed_id)), t('Identity %identity was added.', array('%identity' => $identity)));
   }
+}
+
+/**
+ * Test account registration using Simple Registration and Attribute Exchange.
+ */
+class OpenIDRegistrationTestCase extends OpenIDWebTestCase {
+  public static function getInfo() {
+    return array(
+      'name' => 'OpenID account registration',
+      'description' => 'Creates a user account using auto-registration.',
+      'group' => 'OpenID'
+    );
+  }
+
+  function setUp() {
+    parent::setUp('openid', 'openid_test');
+  }
 
   /**
    * Test OpenID auto-registration with e-mail verification enabled.
@@ -268,14 +306,16 @@ class OpenIDFunctionalTest extends DrupalWebTestCase {
    * information (a username that is already taken, and no e-mail address).
    */
   function testRegisterUserWithInvalidSreg() {
-     // Tell openid_test.module to respond with these SREG fields. 
-     variable_set('openid_test_response', array('openid.sreg.nickname' => $this->web_user->name, 'openid.sreg.email' => 'mail@invalid#'));
+    // Tell openid_test.module to respond with these SREG fields.
+    $web_user = $this->drupalCreateUser(array());
+    variable_set('openid_test_response', array('openid.sreg.nickname' => $web_user->name, 'openid.sreg.email' => 'mail@invalid#'));
 
     // Use a User-supplied Identity that is the URL of an XRDS document.
     $identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
     $this->submitLoginForm($identity);
+
     $this->assertRaw(t('Account registration using the information provided by your OpenID provider failed due to the reasons listed below. Complete the registration by filling out the form below. If you already have an account, you can <a href="@login">log in</a> now and add your OpenID under "My account".', array('@login' => url('user/login'))), t('User was asked to complete the registration process manually.'));
-    $this->assertRaw(t('The name %name is already taken.', array('%name' => $this->web_user->name)), t('Form validation error for username was displayed.'));
+    $this->assertRaw(t('The name %name is already taken.', array('%name' => $web_user->name)), t('Form validation error for username was displayed.'));
     $this->assertRaw(t('The e-mail address %mail is not valid.', array('%mail' => 'mail@invalid#')), t('Form validation error for e-mail address was displayed.'));
 
     // Enter username and e-mail address manually.
@@ -343,7 +383,9 @@ class OpenIDFunctionalTest extends DrupalWebTestCase {
     // Tell openid_test.module to respond with these AX fields.
     variable_set('openid_test_response', array(
       'openid.ns.ext123' => 'http://openid.net/srv/ax/1.0',
-      'openid.ext123.value.email' => 'john@example.com',
+      'openid.ext123.value.mail_ao' => 'john@example.com',
+      'openid.ext123.count.name_son' => '1',
+      'openid.ext123.value.name_son.1' => 'john',
     ));
 
     // Use a User-supplied Identity that is the URL of an XRDS document.
@@ -355,21 +397,6 @@ class OpenIDFunctionalTest extends DrupalWebTestCase {
     $this->assertTrue($user, t('User was registered with right username.'));
     $this->assertEqual($user->mail, 'john@example.com', t('User was registered with right email address.'));
   }
-
-  /**
-   * Initiates the login procedure using the specified User-supplied Identity.
-   */
-  function submitLoginForm($identity) {
-    // Fill out and submit the login form.
-    $edit = array('openid_identifier' => $identity);
-    $this->drupalPost('', $edit, t('Log in'));
-
-    // Check we are on the OpenID redirect form.
-    $this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
-
-    // Submit form to the OpenID Provider Endpoint.
-    $this->drupalPost(NULL, array(), t('Send'));
-  }
 }
 
 /**