aboutsummaryrefslogtreecommitdiff
path: root/models/openid-php-openid-782224d/Tests/Auth
diff options
context:
space:
mode:
Diffstat (limited to 'models/openid-php-openid-782224d/Tests/Auth')
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/AX.php792
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/Association.php54
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/AssociationResponse.php377
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/AuthRequest.php299
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/BigMath.php234
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/Consumer.php2553
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/CryptUtil.php54
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/DiffieHellman.php159
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/Discover_OpenID.php781
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/Extension.php44
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/HMAC.php165
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/KVForm.php260
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/MemStore.php176
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/Message.php1251
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/Negotiation.php346
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/Nonce.php166
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/OpenID_Yadis.php228
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/PAPE.php244
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/Parse.php185
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/RPVerify.php293
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/SReg.php672
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/Server.php2463
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/StoreTest.php755
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/TestUtil.php60
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/TrustRoot.php172
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/URINorm.php66
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/Util.php319
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/VerifyDisco.php422
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/dhexch25
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/dhpriv29
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/hmac-sha1.txt49
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/hmac-sha256.txt29
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/linkparse.txt594
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/n2b64650
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/openid.html11
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid.html11
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid2.html11
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid2_xrds.xml12
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid2_xrds_no_local_id.xml11
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_1_and_2.html11
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_1_and_2_xrds.xml16
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_1_and_2_xrds_bad_delegate.xml17
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_and_yadis.html12
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_no_delegate.html10
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_ssl.xml19
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_0entries.xml12
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_2_bad_local_id.xml15
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_2entries_delegate.xml22
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_2entries_idp.xml21
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_another_delegate.xml14
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_idp.xml12
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_idp_delegate.xml13
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_no_delegate.xml11
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/trustroot.txt149
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/OpenID/data/urinorm.txt87
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/DiscoverData.php152
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/Discover_Yadis.php230
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/ParseHTML.php86
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/TestUtil.php30
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/XRDS.php247
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/XRI.php142
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/Yadis.php88
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/README12
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/accept.txt118
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/brian.multi.xrds38
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/brian.multi_uri.xrds16
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/brian.xrds16
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/brian_priority.xrds22
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/delegated-20060809-r1.xrds34
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/delegated-20060809-r2.xrds34
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/delegated-20060809.xrds34
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/example-xrds.xml14
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/no-xrd.xml7
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/not-xrds.xml2
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/pip.xrds22
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/prefixsometimes.xrds34
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/ref.xrds109
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/sometimesprefix.xrds34
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/spoof1.xrds25
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/spoof2.xrds25
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/spoof3.xrds37
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/subsegments.xrds58
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/test1-discover.txt137
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/test1-parsehtml.txt149
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/test1-xrd.xml39
-rw-r--r--models/openid-php-openid-782224d/Tests/Auth/Yadis/data/uri_priority.xrds16
86 files changed, 17470 insertions, 0 deletions
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/AX.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/AX.php
new file mode 100644
index 000000000..0a85ed2f1
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/AX.php
@@ -0,0 +1,792 @@
+<?php
+
+/*
+ * Tests for the attribute exchange extension module
+ */
+
+require_once "Auth/OpenID/AX.php";
+require_once "Auth/OpenID/Message.php";
+require_once "Auth/OpenID/Consumer.php";
+require_once "Auth/OpenID/Server.php";
+
+class BogusAXMessage extends Auth_OpenID_AX_Message {
+ var $mode = 'bogus';
+
+ function getExtensionArgs()
+ {
+ return $this->_newArgs();
+ }
+}
+
+class AXMessageTest extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->bax = new BogusAXMessage();
+ }
+
+ function test_checkMode()
+ {
+ $result = $this->bax->_checkMode(array());
+ $this->assertTrue(Auth_OpenID_AX::isError($result));
+
+ $result = $this->bax->_checkMode(array('mode' => 'fetch_request'));
+ $this->assertTrue(Auth_OpenID_AX::isError($result));
+
+ // does not raise an exception when the mode is right
+ $result = $this->bax->_checkMode(array('mode' => $this->bax->mode));
+ $this->assertTrue($result === true);
+ }
+
+ /*
+ * _newArgs generates something that has the correct mode
+ */
+ function test_checkMode_newArgs()
+ {
+ $result = $this->bax->_checkMode($this->bax->_newArgs());
+ $this->assertTrue($result === true);
+ }
+}
+
+class AttrInfoTest extends PHPUnit_Framework_TestCase {
+ function test_construct()
+ {
+ $type_uri = 'a uri';
+ $ainfo = Auth_OpenID_AX_AttrInfo::make($type_uri);
+
+ $this->assertEquals($type_uri, $ainfo->type_uri);
+ $this->assertEquals(1, $ainfo->count);
+ $this->assertFalse($ainfo->required);
+ $this->assertTrue($ainfo->alias === null);
+ }
+}
+
+class ToTypeURIsTest extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->aliases = new Auth_OpenID_NamespaceMap();
+ }
+
+ function test_empty()
+ {
+ foreach (array(null, '') as $empty) {
+ $uris = Auth_OpenID_AX_toTypeURIs($this->aliases, $empty);
+ $this->assertEquals(array(), $uris);
+ }
+ }
+
+ function test_undefined()
+ {
+ $result = Auth_OpenID_AX_toTypeURIs($this->aliases,
+ 'http://janrain.com/');
+ $this->assertTrue(Auth_OpenID_AX::isError($result));
+ }
+
+ function test_one()
+ {
+ $uri = 'http://janrain.com/';
+ $alias = 'openid_hackers';
+ $this->aliases->addAlias($uri, $alias);
+ $uris = Auth_OpenID_AX_toTypeURIs($this->aliases, $alias);
+ $this->assertEquals(array($uri), $uris);
+ }
+
+ function test_two()
+ {
+ $uri1 = 'http://janrain.com/';
+ $alias1 = 'openid_hackers';
+ $this->aliases->addAlias($uri1, $alias1);
+
+ $uri2 = 'http://jyte.com/';
+ $alias2 = 'openid_hack';
+ $this->aliases->addAlias($uri2, $alias2);
+
+ $uris = Auth_OpenID_AX_toTypeURIs($this->aliases,
+ implode(',', array($alias1, $alias2)));
+ $this->assertEquals(array($uri1, $uri2), $uris);
+ }
+}
+
+class ParseAXValuesTest extends PHPUnit_Framework_TestCase {
+ function failUnlessAXKeyError($ax_args)
+ {
+ $msg = new Auth_OpenID_AX_KeyValueMessage();
+ $result = $msg->parseExtensionArgs($ax_args);
+ $this->assertTrue(Auth_OpenID_AX::isError($result));
+ $this->assertTrue($result->message);
+ }
+
+ function failUnlessAXValues($ax_args, $expected_args)
+ {
+ $msg = new Auth_OpenID_AX_KeyValueMessage();
+ $msg->parseExtensionArgs($ax_args);
+ $this->assertEquals($expected_args, $msg->data);
+ }
+
+ function test_emptyIsValid()
+ {
+ $this->failUnlessAXValues(array(), array());
+ }
+
+ function test_invalidAlias()
+ {
+ $types = array(
+ 'Auth_OpenID_AX_KeyValueMessage',
+ 'Auth_OpenID_AX_FetchRequest'
+ );
+
+ $inputs = array(
+ array('type.a.b' => 'urn:foo',
+ 'count.a.b' => '1'),
+ array('type.a,b' => 'urn:foo',
+ 'count.a,b' => '1'),
+ );
+
+ foreach ($types as $typ) {
+ foreach ($inputs as $input) {
+ $msg = new $typ();
+ $result = $msg->parseExtensionArgs($input);
+ $this->assertTrue(Auth_OpenID_AX::isError($result));
+ }
+ }
+ }
+
+ function test_missingValueForAliasExplodes()
+ {
+ $this->failUnlessAXKeyError(array('type.foo' => 'urn:foo'));
+ }
+
+ function test_countPresentButNotValue()
+ {
+ $this->failUnlessAXKeyError(array('type.foo' => 'urn:foo',
+ 'count.foo' => '1'));
+ }
+
+ function test_invalidCountValue()
+ {
+ $msg = new Auth_OpenID_AX_FetchRequest();
+
+ $result = $msg->parseExtensionArgs(
+ array('type.foo' => 'urn:foo',
+ 'count.foo' => 'bogus'));
+
+ $this->assertTrue(Auth_OpenID_AX::isError($result));
+ }
+
+ function test_requestUnlimitedValues()
+ {
+ $msg = new Auth_OpenID_AX_FetchRequest();
+
+ $result = $msg->parseExtensionArgs(
+ array('mode' => 'fetch_request',
+ 'required' => 'foo',
+ 'type.foo' => 'urn:foo',
+ 'count.foo' => Auth_OpenID_AX_UNLIMITED_VALUES));
+
+ $attrs = $msg->iterAttrs();
+ $foo = $attrs[0];
+
+ $this->assertTrue($foo->count == Auth_OpenID_AX_UNLIMITED_VALUES);
+ $this->assertTrue($foo->wantsUnlimitedValues());
+ }
+
+ function test_longAlias()
+ {
+ // Spec minimum length is 32 characters. This is a silly test
+ // for this library, but it's here for completeness.
+ $alias = str_repeat('x', Auth_OpenID_AX_MINIMUM_SUPPORTED_ALIAS_LENGTH);
+
+ $msg = new Auth_OpenID_AX_KeyValueMessage();
+ $result = $msg->parseExtensionArgs(
+ array('type.' . $alias => 'urn:foo',
+ 'count.' . $alias => '1',
+ 'value.'.$alias.'.1' => 'first')
+ );
+ $this->assertFalse(Auth_OpenID_AX::isError($result));
+ }
+
+ function test_countPresentAndIsZero()
+ {
+ $this->failUnlessAXValues(
+ array('type.foo' => 'urn:foo',
+ 'count.foo' => '0',
+ ), array('urn:foo' => array()));
+ }
+
+ function test_singletonEmpty()
+ {
+ $this->failUnlessAXValues(
+ array('type.foo' => 'urn:foo',
+ 'value.foo' => '',
+ ), array('urn:foo' => array()));
+ }
+
+ function test_doubleAlias()
+ {
+ $this->failUnlessAXKeyError(
+ array('type.foo' => 'urn:foo',
+ 'value.foo' => '',
+ 'type.bar' => 'urn:foo',
+ 'value.bar' => '',
+ ));
+ }
+
+ function test_doubleSingleton()
+ {
+ $this->failUnlessAXValues(
+ array('type.foo' => 'urn:foo',
+ 'value.foo' => '',
+ 'type.bar' => 'urn:bar',
+ 'value.bar' => '',
+ ), array('urn:foo' => array(), 'urn:bar' => array()));
+ }
+
+ function test_singletonValue()
+ {
+ $this->failUnlessAXValues(
+ array('type.foo' => 'urn:foo',
+ 'value.foo' => 'Westfall',
+ ), array('urn:foo' => array('Westfall')));
+ }
+}
+
+class FetchRequestTest extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->msg = new Auth_OpenID_AX_FetchRequest();
+ $this->type_a = 'http://janrain.example.com/a';
+ $this->alias_a = 'a';
+ }
+
+ function test_mode()
+ {
+ $this->assertEquals($this->msg->mode, 'fetch_request');
+ }
+
+ function test_construct()
+ {
+ $this->assertEquals(array(), $this->msg->requested_attributes);
+ $this->assertEquals(null, $this->msg->update_url);
+
+ $msg = new Auth_OpenID_AX_FetchRequest('hailstorm');
+ $this->assertEquals(array(), $msg->requested_attributes);
+ $this->assertEquals('hailstorm', $msg->update_url);
+ }
+
+ function test_add()
+ {
+ $uri = 'mud://puddle';
+
+ // Not yet added:
+ $this->assertFalse(in_array($uri, $this->msg->iterTypes()));
+
+ $attr = Auth_OpenID_AX_AttrInfo::make($uri);
+ $this->msg->add($attr);
+
+ // Present after adding
+ $this->assertTrue(in_array($uri, $this->msg->iterTypes()));
+ }
+
+ function test_addTwice()
+ {
+ $uri = 'lightning://storm';
+
+ $attr = Auth_OpenID_AX_AttrInfo::make($uri);
+ $this->msg->add($attr);
+ $this->assertTrue(Auth_OpenID_AX::isError($this->msg->add($attr)));
+ }
+
+ function test_getExtensionArgs_empty()
+ {
+ $expected_args = array(
+ 'mode' =>'fetch_request',
+ );
+ $this->assertEquals($expected_args, $this->msg->getExtensionArgs());
+ }
+
+ function test_getExtensionArgs_noAlias()
+ {
+ $attr = Auth_OpenID_AX_AttrInfo::make('type://of.transportation');
+
+ $this->msg->add($attr);
+ $ax_args = $this->msg->getExtensionArgs();
+ $found = false;
+ $alias = null;
+
+ foreach ($ax_args as $k => $v) {
+ if (($v == $attr->type_uri) && (strpos($k, 'type.') === 0)) {
+ $alias = substr($k, 5);
+ $found = true;
+ break;
+ }
+ }
+
+ if (!$found) {
+ $this->fail("Didn't find the type definition");
+ return;
+ }
+
+ $this->failUnlessExtensionArgs(array(
+ 'type.' . $alias => $attr->type_uri,
+ 'if_available' => $alias));
+ }
+
+ function test_getExtensionArgs_alias_if_available()
+ {
+ $attr = Auth_OpenID_AX_AttrInfo::make(
+ 'type://of.transportation', 1, false,
+ 'transport');
+
+ $this->msg->add($attr);
+ $this->failUnlessExtensionArgs(array(
+ 'type.' . $attr->alias => $attr->type_uri,
+ 'if_available' => $attr->alias));
+ }
+
+ function test_getExtensionArgs_alias_req()
+ {
+ $attr = Auth_OpenID_AX_AttrInfo::make(
+ 'type://of.transportation',
+ 1, true, 'transport');
+
+ $this->msg->add($attr);
+ $this->failUnlessExtensionArgs(array(
+ 'type.' . $attr->alias => $attr->type_uri,
+ 'required' => $attr->alias));
+ }
+
+ /*
+ * Make sure that getExtensionArgs has the expected result
+ *
+ * This method will fill in the mode.
+ */
+ function failUnlessExtensionArgs($expected_args)
+ {
+ $expected_args['mode'] = $this->msg->mode;
+ $this->assertEquals($expected_args, $this->msg->getExtensionArgs());
+ }
+
+ function test_isIterable()
+ {
+ $this->assertEquals(array(), $this->msg->iterAttrs());
+ $this->assertEquals(array(), $this->msg->iterTypes());
+ }
+
+ function test_getRequiredAttrs_empty()
+ {
+ $this->assertEquals(array(), $this->msg->getRequiredAttrs());
+ }
+
+ function test_parseExtensionArgs_extraType()
+ {
+ $extension_args = array(
+ 'mode' => 'fetch_request',
+ 'type.' . $this->alias_a => $this->type_a);
+
+ $this->assertTrue(Auth_OpenID_AX::isError(
+ $this->msg->parseExtensionArgs($extension_args)));
+ }
+
+ function test_parseExtensionArgs()
+ {
+ $extension_args = array(
+ 'mode' => 'fetch_request',
+ 'type.' . $this->alias_a => $this->type_a,
+ 'if_available' => $this->alias_a);
+
+ $this->msg->parseExtensionArgs($extension_args);
+ $this->assertEquals(array($this->type_a), $this->msg->iterTypes());
+ $attr_info = Auth_OpenID::arrayGet($this->msg->requested_attributes,
+ $this->type_a);
+ $this->assertTrue($attr_info);
+ $this->assertFalse($attr_info->required);
+ $this->assertEquals($this->type_a, $attr_info->type_uri);
+ $this->assertEquals($this->alias_a, $attr_info->alias);
+ $this->assertEquals(array($attr_info),
+ $this->msg->iterAttrs());
+ }
+
+ function test_extensionArgs_idempotent()
+ {
+ $extension_args = array(
+ 'mode' => 'fetch_request',
+ 'type.' . $this->alias_a => $this->type_a,
+ 'if_available' => $this->alias_a);
+
+ $this->msg->parseExtensionArgs($extension_args);
+ $this->assertEquals($extension_args, $this->msg->getExtensionArgs());
+
+ $attr = $this->msg->requested_attributes[$this->type_a];
+ $this->assertFalse($attr->required);
+ }
+
+ function test_extensionArgs_idempotent_count_required()
+ {
+ $extension_args = array(
+ 'mode' => 'fetch_request',
+ 'type.' . $this->alias_a => $this->type_a,
+ 'count.' . $this->alias_a => '2',
+ 'required' => $this->alias_a);
+
+ $this->msg->parseExtensionArgs($extension_args);
+ $this->assertEquals($extension_args, $this->msg->getExtensionArgs());
+
+ $attr = $this->msg->requested_attributes[$this->type_a];
+ $this->assertTrue($attr->required);
+ }
+
+ function test_extensionArgs_count1()
+ {
+ $extension_args = array(
+ 'mode' => 'fetch_request',
+ 'type.' . $this->alias_a => $this->type_a,
+ 'count.' . $this->alias_a => '1',
+ 'if_available' => $this->alias_a);
+
+ $extension_args_norm = array(
+ 'mode' => 'fetch_request',
+ 'type.' . $this->alias_a => $this->type_a,
+ 'if_available' => $this->alias_a);
+
+ $this->msg->parseExtensionArgs($extension_args);
+ $this->assertEquals($extension_args_norm, $this->msg->getExtensionArgs());
+ }
+
+ function test_openidNoRealm()
+ {
+ $openid_req_msg = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'mode' => 'checkid_setup',
+ 'ns' => Auth_OpenID_OPENID2_NS,
+ 'ns.ax' => Auth_OpenID_AX_NS_URI,
+ 'ax.update_url' => 'http://different.site/path',
+ 'ax.mode' => 'fetch_request',
+ ));
+ $openid_req = new Auth_OpenID_Request();
+ $openid_req->message =& $openid_req_msg;
+ $result = Auth_OpenID_AX_FetchRequest::fromOpenIDRequest(
+ $openid_req);
+ $this->assertTrue(Auth_OpenID_AX::isError($result));
+ }
+
+ function test_openidUpdateURLVerificationError()
+ {
+ $openid_req_msg = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'mode' => 'checkid_setup',
+ 'ns' => Auth_OpenID_OPENID2_NS,
+ 'realm' => 'http://example.com/realm',
+ 'ns.ax' => Auth_OpenID_AX_NS_URI,
+ 'ax.update_url' => 'http://different.site/path',
+ 'ax.mode' => 'fetch_request',
+ ));
+ $openid_req = new Auth_OpenID_Request();
+ $openid_req->message =& $openid_req_msg;
+ $result = Auth_OpenID_AX_FetchRequest::fromOpenIDRequest($openid_req);
+ $this->assertTrue(Auth_OpenID_AX::isError($result));
+ }
+
+ function test_openidUpdateURLVerificationSuccess()
+ {
+ $openid_req_msg = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'mode' => 'checkid_setup',
+ 'ns' => Auth_OpenID_OPENID2_NS,
+ 'realm' => 'http://example.com/realm',
+ 'ns.ax' => Auth_OpenID_AX_NS_URI,
+ 'ax.update_url' => 'http://example.com/realm/update_path',
+ 'ax.mode' => 'fetch_request',
+ ));
+ $openid_req = new Auth_OpenID_Request();
+ $openid_req->message =& $openid_req_msg;
+ $fr = Auth_OpenID_AX_FetchRequest::fromOpenIDRequest($openid_req);
+ $this->assertFalse(Auth_OpenID_AX::isError($fr));
+ }
+
+ function test_openidUpdateURLVerificationSuccessReturnTo()
+ {
+ $openid_req_msg = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'mode' => 'checkid_setup',
+ 'ns' => Auth_OpenID_OPENID2_NS,
+ 'return_to' => 'http://example.com/realm',
+ 'ns.ax' => Auth_OpenID_AX_NS_URI,
+ 'ax.update_url' => 'http://example.com/realm/update_path',
+ 'ax.mode' => 'fetch_request',
+ ));
+ $openid_req = new Auth_OpenID_Request();
+ $openid_req->message =& $openid_req_msg;
+ $fr = Auth_OpenID_AX_FetchRequest::fromOpenIDRequest($openid_req);
+ $this->assertFalse(Auth_OpenID_AX::isError($fr));
+ }
+}
+
+class FauxEndpoint {
+ function FauxEndpoint() {
+ $this->claimed_id = 'http://some.url/';
+ }
+}
+
+class FetchResponseTest extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->msg = new Auth_OpenID_AX_FetchResponse();
+ $this->value_a = 'monkeys';
+ $this->type_a = 'http://phone.home/';
+ $this->alias_a = 'robocop';
+ $this->request_update_url = 'http://update.bogus/';
+ }
+
+ function test_construct()
+ {
+ $this->assertTrue($this->msg->update_url === null);
+ $this->assertEquals(array(), $this->msg->data);
+ }
+
+ function test_getExtensionArgs_empty()
+ {
+ $expected_args = array(
+ 'mode' => 'fetch_response',
+ );
+ $req = null;
+ $this->assertEquals($expected_args, $this->msg->getExtensionArgs($req));
+ }
+
+ function test_getExtensionArgs_empty_request()
+ {
+ $expected_args = array(
+ 'mode' => 'fetch_response',
+ );
+ $req = new Auth_OpenID_AX_FetchRequest();
+ $this->assertEquals($expected_args, $this->msg->getExtensionArgs($req));
+ }
+
+ function test_getExtensionArgs_empty_request_some()
+ {
+ $uri = 'http://not.found/';
+ $alias = 'ext0';
+
+ $expected_args = array(
+ 'mode' => 'fetch_response',
+ 'type.' . $alias => $uri,
+ 'count.' . $alias => '0'
+ );
+ $req = new Auth_OpenID_AX_FetchRequest();
+ $req->add(Auth_OpenID_AX_AttrInfo::make('http://not.found/'));
+ $this->assertEquals($expected_args, $this->msg->getExtensionArgs($req));
+ }
+
+ function test_updateUrlInResponse()
+ {
+ $uri = 'http://not.found/';
+ $alias = 'ext0';
+
+ $expected_args = array(
+ 'mode' => 'fetch_response',
+ 'update_url' => $this->request_update_url,
+ 'type.' . $alias => $uri,
+ 'count.' . $alias => '0'
+ );
+ $req = new Auth_OpenID_AX_FetchRequest($this->request_update_url);
+ $req->add(Auth_OpenID_AX_AttrInfo::make($uri));
+ $this->assertEquals($expected_args, $this->msg->getExtensionArgs($req));
+ }
+
+ function test_getExtensionArgs_some_request()
+ {
+ $expected_args = array(
+ 'mode' => 'fetch_response',
+ 'type.' . $this->alias_a => $this->type_a,
+ 'value.' . $this->alias_a . '.1' => $this->value_a,
+ 'count.' . $this->alias_a => '1'
+ );
+
+ $req = new Auth_OpenID_AX_FetchRequest();
+ $req->add(Auth_OpenID_AX_AttrInfo::make($this->type_a, 1, false, $this->alias_a));
+ $this->msg->addValue($this->type_a, $this->value_a);
+
+ $result = $this->msg->getExtensionArgs($req);
+ $this->assertEquals($expected_args, $result);
+ }
+
+ function test_getExtensionArgs_some_not_request()
+ {
+ $req = new Auth_OpenID_AX_FetchRequest();
+ $this->msg->addValue($this->type_a, $this->value_a);
+ $this->assertTrue(Auth_OpenID_AX::isError($this->msg->getExtensionArgs($req)));
+ }
+
+ function test_getSingle_success()
+ {
+ $req = new Auth_OpenID_AX_FetchRequest();
+ $this->msg->addValue($this->type_a, $this->value_a);
+ $this->assertEquals($this->value_a, $this->msg->getSingle($this->type_a));
+ }
+
+ function test_getSingle_none()
+ {
+ $this->assertEquals(null, $this->msg->getSingle($this->type_a));
+ }
+
+ function test_getSingle_extra()
+ {
+ $data = array('x', 'y');
+ $this->msg->setValues($this->type_a, $data);
+ $this->assertTrue(Auth_OpenID_AX::isError($this->msg->getSingle($this->type_a)));
+ }
+
+ function test_get()
+ {
+ $this->assertTrue(Auth_OpenID_AX::isError($this->msg->get($this->type_a)));
+ }
+
+ function test_fromSuccessResponseWithoutExtension()
+ {
+ $args = array(
+ 'mode' => 'id_res',
+ 'ns' => Auth_OpenID_OPENID2_NS
+ );
+ $sf = array();
+ foreach (array_keys($args) as $k) {
+ array_push($sf, $k);
+ }
+ $msg = Auth_OpenID_Message::fromOpenIDArgs($args);
+ $e = new FauxEndpoint();
+ $resp = new Auth_OpenID_SuccessResponse($e, $msg, $sf);
+ $ax_resp = Auth_OpenID_AX_FetchResponse::fromSuccessResponse($resp);
+ $this->assertTrue($ax_resp === null);
+ }
+
+ function test_fromSuccessResponseWithoutData()
+ {
+ $args = array(
+ 'mode' => 'id_res',
+ 'ns' => Auth_OpenID_OPENID2_NS,
+ 'ns.ax' => Auth_OpenID_AX_NS_URI,
+ 'ax.mode' => 'fetch_response',
+ );
+ $sf = array();
+ foreach (array_keys($args) as $k) {
+ array_push($sf, $k);
+ }
+ $msg = Auth_OpenID_Message::fromOpenIDArgs($args);
+ $e = new FauxEndpoint();
+ $resp = new Auth_OpenID_SuccessResponse($e, $msg, $sf);
+ $ax_resp = Auth_OpenID_AX_FetchResponse::fromSuccessResponse($resp);
+ $this->assertTrue($ax_resp === null);
+ }
+
+ function test_fromSuccessResponse()
+ {
+ $name = "ziggy";
+ $value = "stardust";
+ $uri = "http://david.bowie.name/";
+ $args = array(
+ 'mode' => 'id_res',
+ 'ns' => Auth_OpenID_OPENID2_NS,
+ 'ns.ax' => Auth_OpenID_AX_NS_URI,
+ 'ax.mode' => 'fetch_response',
+ 'ax.update_url' => 'http://example.com/realm/update_path',
+ 'ax.type.'.$name => $uri,
+ 'ax.count.'.$name => '1',
+ 'ax.value.'.$name.'.1' => $value,
+ );
+ $sf = array();
+ foreach (array_keys($args) as $k) {
+ array_push($sf, $k);
+ }
+ $msg = Auth_OpenID_Message::fromOpenIDArgs($args);
+ $e = new FauxEndpoint();
+ $resp = new Auth_OpenID_SuccessResponse($e, $msg, $sf);
+ $ax_resp = Auth_OpenID_AX_FetchResponse::fromSuccessResponse($resp, false);
+ $this->assertFalse($ax_resp === null);
+ $this->assertTrue(is_a($ax_resp, 'Auth_OpenID_AX_FetchResponse'));
+ $values = $ax_resp->get($uri);
+ $this->assertEquals(array($value), $values);
+ }
+}
+
+class StoreRequestTest extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->msg = new Auth_OpenID_AX_StoreRequest();
+ $this->type_a = 'http://three.count/';
+ $this->alias_a = 'juggling';
+ }
+
+ function test_construct()
+ {
+ $this->assertEquals(array(), $this->msg->data);
+ }
+
+ function test_getExtensionArgs_empty()
+ {
+ $args = $this->msg->getExtensionArgs();
+ $expected_args = array(
+ 'mode' => 'store_request',
+ );
+ $this->assertEquals($expected_args, $args);
+ }
+
+ function test_getExtensionArgs_nonempty()
+ {
+ $data = array('foo', 'bar');
+ $this->msg->setValues($this->type_a, $data);
+ $aliases = new Auth_OpenID_NamespaceMap();
+ $aliases->addAlias($this->type_a, $this->alias_a);
+ $args = $this->msg->getExtensionArgs($aliases);
+ $expected_args = array(
+ 'mode' => 'store_request',
+ 'type.' . $this->alias_a => $this->type_a,
+ 'count.' . $this->alias_a => '2',
+ sprintf('value.%s.1', $this->alias_a) => 'foo',
+ sprintf('value.%s.2', $this->alias_a) => 'bar',
+ );
+ $this->assertEquals($expected_args, $args);
+ }
+}
+
+class StoreResponseTest extends PHPUnit_Framework_TestCase {
+ function test_success()
+ {
+ $msg = new Auth_OpenID_AX_StoreResponse();
+ $this->assertTrue($msg->succeeded());
+ $this->assertFalse($msg->error_message);
+ $this->assertEquals(array('mode' => 'store_response_success'),
+ $msg->getExtensionArgs());
+ }
+
+ function test_fail_nomsg()
+ {
+ $msg = new Auth_OpenID_AX_StoreResponse(false);
+ $this->assertFalse($msg->succeeded());
+ $this->assertFalse($msg->error_message);
+ $this->assertEquals(array('mode' => 'store_response_failure'),
+ $msg->getExtensionArgs());
+ }
+
+ function test_fail_msg()
+ {
+ $reason = 'no reason, really';
+ $msg = new Auth_OpenID_AX_StoreResponse(false, $reason);
+ $this->assertFalse($msg->succeeded());
+ $this->assertEquals($reason, $msg->error_message);
+ $this->assertEquals(array('mode' => 'store_response_failure',
+ 'error' => $reason), $msg->getExtensionArgs());
+ }
+}
+
+class Tests_Auth_OpenID_AX extends PHPUnit_Framework_TestSuite {
+ function getName()
+ {
+ return "Tests_Auth_OpenID_AX";
+ }
+
+ function Tests_Auth_OpenID_AX()
+ {
+ $this->addTestSuite('StoreResponseTest');
+ $this->addTestSuite('StoreRequestTest');
+ $this->addTestSuite('FetchResponseTest');
+ $this->addTestSuite('FetchRequestTest');
+ $this->addTestSuite('ParseAXValuesTest');
+ $this->addTestSuite('ToTypeURIsTest');
+ $this->addTestSuite('AttrInfoTest');
+ $this->addTestSuite('AXMessageTest');
+ }
+}
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/Association.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Association.php
new file mode 100644
index 000000000..d65829682
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Association.php
@@ -0,0 +1,54 @@
+<?php
+
+/**
+ * Tests for the Association implementation.
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2005-2008 Janrain, Inc.
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+require_once 'Auth/OpenID/Association.php';
+
+class Tests_Auth_OpenID_Association extends PHPUnit_Framework_TestCase {
+ function test_me()
+ {
+ $issued = time();
+ $lifetime = 600;
+ $assoc = new Auth_OpenID_Association('handle', 'secret', $issued,
+ $lifetime, 'HMAC-SHA1');
+ $s = $assoc->serialize();
+ $assoc2 = Auth_OpenID_Association::deserialize(
+ 'Auth_OpenID_Association', $s);
+
+ if ($assoc2 === null) {
+ $this->fail('deserialize returned null');
+ } else {
+ $this->assertTrue($assoc2->equal($assoc));
+ }
+ }
+ function test_me256()
+ {
+ if(!Auth_OpenID_HMACSHA256_SUPPORTED) return;
+ $issued = time();
+ $lifetime = 600;
+ $assoc = new Auth_OpenID_Association('handle', 'secret', $issued,
+ $lifetime, 'HMAC-SHA256');
+ $s = $assoc->serialize();
+ $assoc2 = Auth_OpenID_Association::deserialize(
+ 'Auth_OpenID_Association', $s);
+
+ if ($assoc2 === null) {
+ $this->fail('deserialize returned null');
+ } else {
+ $this->assertTrue($assoc2->equal($assoc));
+ }
+ }
+}
+
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/AssociationResponse.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/AssociationResponse.php
new file mode 100644
index 000000000..6902f95a8
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/AssociationResponse.php
@@ -0,0 +1,377 @@
+<?php
+
+require_once "Tests/Auth/OpenID/TestUtil.php";
+require_once "Tests/Auth/OpenID/MemStore.php";
+
+require_once "Auth/OpenID/Message.php";
+require_once "Auth/OpenID/Server.php";
+require_once "Auth/OpenID/Consumer.php";
+require_once "Auth/OpenID/Association.php";
+
+// Some values we can use for convenience (see mkAssocResponse)
+global $association_response_values;
+$association_response_values = array(
+ 'expires_in' => '1000',
+ 'assoc_handle' => 'a handle',
+ 'assoc_type' => 'a type',
+ 'session_type' => 'a session type',
+ 'ns' => Auth_OpenID_OPENID2_NS
+ );
+
+/**
+ * Build an association response message that contains the specified
+ * subset of keys. The values come from association_response_values.
+ *
+ * This is useful for testing for missing keys and other times that we
+ * don't care what the values are.
+ */
+function mkAssocResponse($keys)
+{
+ global $association_response_values;
+
+ $args = array();
+
+ foreach ($keys as $key) {
+ $args[$key] = $association_response_values[$key];
+ }
+
+ return Auth_OpenID_Message::fromOpenIDArgs($args);
+}
+
+class Tests_Auth_OpenID_AssociationResponse extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->store = new Tests_Auth_OpenID_MemStore();
+ $this->consumer = new Auth_OpenID_GenericConsumer($this->store);
+ $this->endpoint = new Auth_OpenID_ServiceEndpoint();
+ }
+
+ function failUnlessProtocolError($thing)
+ {
+ $this->assertTrue(Auth_OpenID::isFailure($thing));
+ }
+
+ function _run($keys)
+ {
+ $msg = mkAssocResponse($keys);
+ $dumb = null;
+ $this->assertTrue(Auth_OpenID::isFailure($this->consumer->_extractAssociation($msg, $dumb)));
+ }
+}
+
+/**
+ * Test for returning an error upon missing fields in association
+ * responses for OpenID 2
+ */
+class TestExtractAssociationMissingFieldsOpenID2 extends Tests_Auth_OpenID_AssociationResponse {
+
+ function test_noFields_openid2()
+ {
+ $this->_run(array('ns'));
+ }
+
+ function test_missingExpires_openid2()
+ {
+ $this->_run(array('assoc_handle', 'assoc_type', 'session_type', 'ns'));
+ }
+
+ function test_missingHandle_openid2()
+ {
+ $this->_run(array('expires_in', 'assoc_type', 'session_type', 'ns'));
+ }
+
+ function test_missingAssocType_openid2()
+ {
+ $this->_run(array('expires_in', 'assoc_handle', 'session_type', 'ns'));
+ }
+
+ function test_missingSessionType_openid2()
+ {
+ $this->_run(array('expires_in', 'assoc_handle', 'assoc_type', 'ns'));
+ }
+}
+
+/**
+ * Test for returning an error upon missing fields in association
+ * responses for OpenID 2
+ */
+class TestExtractAssociationMissingFieldsOpenID1 extends Tests_Auth_OpenID_AssociationResponse {
+ function test_noFields_openid1()
+ {
+ $this->_run(array());
+ }
+
+ function test_missingExpires_openid1()
+ {
+ $this->_run(array('assoc_handle', 'assoc_type'));
+ }
+
+ function test_missingHandle_openid1()
+ {
+ $this->_run(array('expires_in', 'assoc_type'));
+ }
+
+ function test_missingAssocType_openid1()
+ {
+ $this->_run(array('expires_in', 'assoc_handle'));
+ }
+}
+
+class DummyAssocationSession {
+ function DummyAssocationSession($session_type, $allowed_assoc_types=array())
+ {
+ $this->session_type = $session_type;
+ $this->allowed_assoc_types = $allowed_assoc_types;
+ }
+}
+
+class ExtractAssociationSessionTypeMismatch extends Tests_Auth_OpenID_AssociationResponse {
+ function _run($requested_session_type, $response_session_type, $openid1=false)
+ {
+ global $association_response_values;
+
+ $assoc_session = new DummyAssocationSession($requested_session_type);
+ $keys = array_keys($association_response_values);
+ if ($openid1) {
+ if (in_array('ns', $keys)) {
+ unset($keys[array_search('ns', $keys)]);
+ }
+ }
+
+ $msg = mkAssocResponse($keys);
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'session_type',
+ $response_session_type);
+ $this->assertTrue(
+ $this->consumer->_extractAssociation($msg, $assoc_session) === null);
+ }
+
+ function test_typeMismatchNoEncBlank_openid2()
+ {
+ $this->_run('no-encryption', '');
+ }
+
+ function test_typeMismatchDHSHA1NoEnc_openid2()
+ {
+ $this->_run('DH-SHA1', 'no-encryption');
+ }
+
+ function test_typeMismatchDHSHA256NoEnc_openid2()
+ {
+ $this->_run('DH-SHA256', 'no-encryption');
+ }
+
+ function test_typeMismatchNoEncDHSHA1_openid2()
+ {
+ $this->_run('no-encryption', 'DH-SHA1');
+ }
+
+ function test_typeMismatchDHSHA1NoEnc_openid1()
+ {
+ $this->_run('DH-SHA1', 'DH-SHA256', true);
+ }
+
+ function test_typeMismatchDHSHA256NoEnc_openid1()
+ {
+ $this->_run('DH-SHA256', 'DH-SHA1', true);
+ }
+
+ function test_typeMismatchNoEncDHSHA1_openid1()
+ {
+ $this->_run('no-encryption', 'DH-SHA1', true);
+ }
+}
+
+class TestOpenID1AssociationResponseSessionType extends Tests_Auth_OpenID_AssociationResponse {
+ function _run($expected_session_type, $session_type_value)
+ {
+ // Create a Message with just 'session_type' in it, since
+ // that's all this function will use. 'session_type' may be
+ // absent if it's set to None.
+ $args = array();
+ if ($session_type_value !== null) {
+ $args['session_type'] = $session_type_value;
+ }
+ $message = Auth_OpenID_Message::fromOpenIDArgs($args);
+ $this->assertTrue($message->isOpenID1());
+
+ $actual_session_type = $this->consumer->_getOpenID1SessionType($message);
+ $error_message = sprintf('Returned sesion type parameter %s was expected ' .
+ 'to yield session type %s, but yielded %s',
+ $session_type_value, $expected_session_type,
+ $actual_session_type);
+ $this->assertEquals(
+ $expected_session_type,
+ $actual_session_type,
+ $error_message);
+ }
+
+ function test_none()
+ {
+ $this->_run('no-encryption', null);
+ }
+
+ function test_empty()
+ {
+ $this->_run('no-encryption', '');
+ }
+
+ function test_explicitNoEncryption()
+ {
+ $this->_run('no-encryption', 'no-encryption');
+ }
+
+ function test_dhSHA1()
+ {
+ $this->_run('DH-SHA1', 'DH-SHA1');
+ }
+
+ // DH-SHA256 is not a valid session type for OpenID1, but this
+ // function does not test that. This is mostly just to make sure
+ // that it will pass-through stuff that is not explicitly handled,
+ // so it will get handled the same way as it is handled for OpenID
+ // 2
+ function test_dhSHA256()
+ {
+ $this->_run('DH-SHA256', 'DH-SHA256');
+ }
+}
+
+class DummyAssociationSession {
+ var $secret = "shh! don't tell!";
+ var $extract_secret_called = false;
+ var $session_type = null;
+ var $allowed_assoc_types = null;
+
+ function extractSecret($message)
+ {
+ $this->extract_secret_called = true;
+ return $this->secret;
+ }
+}
+
+class TestInvalidFields extends Tests_Auth_OpenID_AssociationResponse {
+ function setUp()
+ {
+ parent::setUp();
+ $this->session_type = 'testing-session';
+
+ // This must something that works for Association.fromExpiresIn
+ $this->assoc_type = 'HMAC-SHA1';
+
+ $this->assoc_handle = 'testing-assoc-handle';
+
+ // These arguments should all be valid
+ $this->assoc_response = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'expires_in' => '1000',
+ 'assoc_handle' => $this->assoc_handle,
+ 'assoc_type' => $this->assoc_type,
+ 'session_type' => $this->session_type,
+ 'ns' => Auth_OpenID_OPENID2_NS,
+ ));
+
+ $this->assoc_session = new DummyAssociationSession();
+
+ // Make the session for the response's session type
+ $this->assoc_session->session_type = $this->session_type;
+ $this->assoc_session->allowed_assoc_types = array($this->assoc_type);
+ }
+
+ function test_worksWithGoodFields()
+ {
+ // Handle a full successful association response
+ $assoc = $this->consumer->_extractAssociation(
+ $this->assoc_response, $this->assoc_session);
+ $this->assertTrue($this->assoc_session->extract_secret_called);
+ $this->assertEquals($this->assoc_session->secret, $assoc->secret);
+ $this->assertEquals(1000, $assoc->lifetime);
+ $this->assertEquals($this->assoc_handle, $assoc->handle);
+ $this->assertEquals($this->assoc_type, $assoc->assoc_type);
+ }
+
+ function test_badAssocType()
+ {
+ // Make sure that the assoc type in the response is not valid
+ // for the given session.
+ $this->assoc_session->allowed_assoc_types = array();
+ $this->assertTrue(
+ $this->consumer->_extractAssociation($this->assoc_response,
+ $this->assoc_session) === null);
+ }
+
+ function test_badExpiresIn()
+ {
+ // Invalid value for expires_in should cause failure
+ $this->assoc_response->setArg(Auth_OpenID_OPENID_NS, 'expires_in', 'forever');
+ $assoc = $this->consumer->_extractAssociation($this->assoc_response,
+ $this->assoc_session);
+ $this->assertTrue(Auth_OpenID::isFailure($assoc));
+ }
+}
+
+class TestExtractAssociationDiffieHellman extends Tests_Auth_OpenID_AssociationResponse {
+ var $secret = 'xxxxxxxxxxxxxxxxxxxx';
+
+ function _setUpDH()
+ {
+ list($sess, $message) = $this->consumer->_createAssociateRequest(
+ $this->endpoint, 'HMAC-SHA1', 'DH-SHA1');
+
+ // XXX: this is testing _createAssociateRequest
+ $this->assertEquals($this->endpoint->compatibilityMode(),
+ $message->isOpenID1());
+
+ $server_sess = Auth_OpenID_DiffieHellmanSHA1ServerSession::fromMessage($message);
+ $server_resp = $server_sess->answer($this->secret);
+ $server_resp['assoc_type'] = 'HMAC-SHA1';
+ $server_resp['assoc_handle'] = 'handle';
+ $server_resp['expires_in'] = '1000';
+ $server_resp['session_type'] = 'DH-SHA1';
+ return array($sess, Auth_OpenID_Message::fromOpenIDArgs($server_resp));
+ }
+
+ function test_success()
+ {
+ list($sess, $server_resp) = $this->_setUpDH();
+ $ret = $this->consumer->_extractAssociation($server_resp, $sess);
+ $this->assertTrue($ret !== null);
+ $this->assertEquals($ret->assoc_type, 'HMAC-SHA1');
+ $this->assertEquals($ret->secret, $this->secret);
+ $this->assertEquals($ret->handle, 'handle');
+ $this->assertEquals($ret->lifetime, 1000);
+ }
+
+ function test_openid2success()
+ {
+ // Use openid 2 type in endpoint so _setUpDH checks
+ // compatibility mode state properly
+ $this->endpoint->type_uris = array(Auth_OpenID_TYPE_2_0,
+ Auth_OpenID_TYPE_1_1);
+ $this->test_success();
+ }
+
+ /**
+ * Can't run this test because the base64 decoder is broken.
+ */
+ /*
+ function test_badDHValues()
+ {
+ list($sess, $server_resp) = $this->_setUpDH();
+ $server_resp->setArg(Auth_OpenID_OPENID_NS, 'enc_mac_key', "\x00\x00\x00");
+ $this->assertTrue($this->consumer->_extractAssociation($server_resp, $sess) === null);
+ }
+ */
+}
+
+global $Tests_Auth_OpenID_AssociationResponse_other;
+$Tests_Auth_OpenID_AssociationResponse_other = array(
+ new TestInvalidFields(),
+ new TestOpenID1AssociationResponseSessionType(),
+ new ExtractAssociationSessionTypeMismatch(),
+ new TestExtractAssociationMissingFieldsOpenID1(),
+ new TestExtractAssociationMissingFieldsOpenID2()
+ );
+
+if (!defined('Auth_OpenID_NO_MATH_SUPPORT')) {
+ $Tests_Auth_OpenID_AssociationResponse_other[] = new TestExtractAssociationDiffieHellman();
+}
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/AuthRequest.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/AuthRequest.php
new file mode 100644
index 000000000..02ab75dd7
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/AuthRequest.php
@@ -0,0 +1,299 @@
+<?php
+
+require_once 'Tests/Auth/OpenID/TestUtil.php';
+
+require_once 'Auth/OpenID/Association.php';
+require_once 'Auth/OpenID/Consumer.php';
+
+class AuthRequest_DummyEndpoint {
+ var $preferred_namespace = null;
+ var $local_id = null;
+ var $server_url = null;
+ var $is_op_identifier = false;
+
+ function preferredNamespace()
+ {
+ return $this->preferred_namespace;
+ }
+
+ function getLocalID()
+ {
+ return $this->local_id;
+ }
+
+ function isOPIdentifier()
+ {
+ return $this->is_op_identifier;
+ }
+}
+
+class AuthRequest_DummyAssoc {
+ var $handle = "assoc-handle";
+}
+
+/**
+ * Base for AuthRequest tests for OpenID 1 and 2.
+ */
+class TestAuthRequestMixin extends OpenIDTestMixin {
+
+ var $preferred_namespace = null;
+ var $immediate = false;
+ var $expected_mode = 'checkid_setup';
+
+ function setUp()
+ {
+ $this->endpoint = new AuthRequest_DummyEndpoint();
+ $this->endpoint->local_id = 'http://server.unittest/joe';
+ $this->endpoint->claimed_id = 'http://joe.vanity.example/';
+ $this->endpoint->server_url = 'http://server.unittest/';
+ $this->endpoint->preferred_namespace = $this->preferred_namespace;
+ $this->realm = 'http://example/';
+ $this->return_to = 'http://example/return/';
+ $this->assoc = new AuthRequest_DummyAssoc();
+ $this->authreq = new Auth_OpenID_AuthRequest($this->endpoint, $this->assoc);
+ }
+
+ function failUnlessAnonymous($msg)
+ {
+ foreach (array('claimed_id', 'identity') as $key) {
+ $this->failIfOpenIDKeyExists($msg, $key);
+ }
+ }
+
+ function failUnlessHasRequiredFields($msg)
+ {
+ $this->assertEquals($this->preferred_namespace,
+ $this->authreq->message->getOpenIDNamespace());
+
+ $this->assertEquals($this->preferred_namespace,
+ $msg->getOpenIDNamespace());
+
+ $this->failUnlessOpenIDValueEquals($msg, 'mode',
+ $this->expected_mode);
+
+ // Implement these in subclasses because they depend on
+ // protocol differences!
+ $this->failUnlessHasRealm($msg);
+ $this->failUnlessIdentifiersPresent($msg);
+ }
+
+ // TESTS
+
+ function test_checkNoAssocHandle()
+ {
+ $this->authreq->assoc = null;
+ $msg = $this->authreq->getMessage($this->realm, $this->return_to,
+ $this->immediate);
+
+ $this->failIfOpenIDKeyExists($msg, 'assoc_handle');
+ }
+
+ function test_checkWithAssocHandle()
+ {
+ $msg = $this->authreq->getMessage($this->realm, $this->return_to,
+ $this->immediate);
+
+ $this->failUnlessOpenIDValueEquals($msg, 'assoc_handle',
+ $this->assoc->handle);
+ }
+
+ function test_addExtensionArg()
+ {
+ $this->authreq->addExtensionArg('bag:', 'color', 'brown');
+ $this->authreq->addExtensionArg('bag:', 'material', 'paper');
+ $this->assertTrue($this->authreq->message->namespaces->contains('bag:'));
+ $this->assertEquals($this->authreq->message->getArgs('bag:'),
+ array('color' => 'brown',
+ 'material' => 'paper'));
+ $msg = $this->authreq->getMessage($this->realm, $this->return_to,
+ $this->immediate);
+
+ // XXX: this depends on the way that Message assigns
+ // namespaces. Really it doesn't care that it has alias "0",
+ // but that is tested anyway
+ $post_args = $msg->toPostArgs();
+ $this->assertEquals('brown', $post_args['openid.ext0.color']);
+ $this->assertEquals('paper', $post_args['openid.ext0.material']);
+ }
+
+ function test_standard()
+ {
+ $msg = $this->authreq->getMessage($this->realm, $this->return_to,
+ $this->immediate);
+
+ $this->failUnlessHasIdentifiers(
+ $msg, $this->endpoint->local_id,
+ $this->endpoint->claimed_id);
+ }
+}
+
+class TestAuthRequestOpenID2 extends TestAuthRequestMixin {
+ var $preferred_namespace = Auth_OpenID_OPENID2_NS;
+
+ function failUnlessHasRealm($msg)
+ {
+ // check presence of proper realm key and absence of the wrong
+ // one.
+ $this->failUnlessOpenIDValueEquals($msg, 'realm', $this->realm);
+ $this->failIfOpenIDKeyExists($msg, 'trust_root');
+ }
+
+ function failUnlessIdentifiersPresent($msg)
+ {
+ $identity_present = $msg->hasKey(Auth_OpenID_OPENID_NS, 'identity');
+ $claimed_present = $msg->hasKey(Auth_OpenID_OPENID_NS, 'claimed_id');
+
+ $this->assertEquals($claimed_present, $identity_present);
+ }
+
+ function failUnlessHasIdentifiers($msg, $op_specific_id, $claimed_id)
+ {
+ $this->failUnlessOpenIDValueEquals($msg, 'identity', $op_specific_id);
+ $this->failUnlessOpenIDValueEquals($msg, 'claimed_id', $claimed_id);
+ }
+
+ // TESTS
+
+ function test_markup_checkidImmediate()
+ {
+ $result = $this->authreq->formMarkup($this->realm,
+ null, true);
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+
+ function test_markup_returnToArgs()
+ {
+ $this->authreq->return_to_args = array('extra' => 'args');
+ $result = $this->authreq->formMarkup($this->realm,
+ null, false);
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+
+ function test_setAnonymousWorksForOpenID2()
+ {
+ // OpenID AuthRequests should be able to set 'anonymous' to true.
+ $this->assertTrue($this->authreq->message->isOpenID2());
+ $this->assertTrue($this->authreq->setAnonymous(true));
+ $this->assertTrue($this->authreq->setAnonymous(false));
+ }
+
+ function test_userAnonymousIgnoresIdentfier()
+ {
+ $this->authreq->setAnonymous(true);
+ $msg = $this->authreq->getMessage($this->realm, $this->return_to,
+ $this->immediate);
+ $this->failUnlessHasRequiredFields($msg);
+ $this->failUnlessAnonymous($msg);
+ }
+
+ function test_opAnonymousIgnoresIdentifier()
+ {
+ $this->endpoint->is_op_identifier = true;
+ $this->authreq->setAnonymous(true);
+ $msg = $this->authreq->getMessage($this->realm, $this->return_to,
+ $this->immediate);
+ $this->failUnlessHasRequiredFields($msg);
+ $this->failUnlessAnonymous($msg);
+ }
+
+ function test_opIdentifierSendsIdentifierSelect()
+ {
+ $this->endpoint->is_op_identifier = true;
+ $msg = $this->authreq->getMessage($this->realm, $this->return_to,
+ $this->immediate);
+ $this->failUnlessHasRequiredFields($msg);
+ $this->failUnlessHasIdentifiers($msg,
+ Auth_OpenID_IDENTIFIER_SELECT,
+ Auth_OpenID_IDENTIFIER_SELECT);
+ }
+}
+
+class TestAuthRequestOpenID1 extends TestAuthRequestMixin {
+ var $preferred_namespace = Auth_OpenID_OPENID1_NS;
+
+ function setUpEndpoint()
+ {
+ parent::setUpEndpoint();
+ $this->endpoint->preferred_namespace = Auth_OpenID_OPENID1_NS;
+ }
+
+ function failUnlessHasIdentifiers($msg, $op_specific_id, $claimed_id)
+ {
+ // Make sure claimed_is is *absent* in request.
+ $this->failUnlessOpenIDValueEquals($msg, 'identity', $op_specific_id);
+ $this->failIfOpenIDKeyExists($msg, 'claimed_id');
+ }
+
+ function failUnlessIdentifiersPresent($msg)
+ {
+ $this->failIfOpenIDKeyExists($msg, 'claimed_id');
+ $this->assertTrue($msg->hasKey(Auth_OpenID_OPENID_NS, 'identity'));
+ }
+
+ function failUnlessHasRealm($msg)
+ {
+ // check presence of proper realm key and absence of the wrong
+ // one.
+ $this->failUnlessOpenIDValueEquals($msg, 'trust_root', $this->realm);
+ $this->failIfOpenIDKeyExists($msg, 'realm');
+ }
+
+ // TESTS
+
+ function test_markup_missingReturnTo()
+ {
+ $result = $this->authreq->formMarkup($this->realm,
+ null, false);
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+
+ function test_setAnonymousFailsForOpenID1()
+ {
+ // OpenID 1 requests MUST NOT be able to set anonymous to True
+ $this->assertTrue($this->authreq->message->isOpenID1());
+ $this->assertFalse($this->authreq->setAnonymous(true));
+ $this->assertTrue($this->authreq->setAnonymous(false));
+ }
+
+ function test_identifierSelect()
+ {
+ // Identfier select SHOULD NOT be sent, but this pathway is in
+ // here in case some special discovery stuff is done to
+ // trigger it with OpenID 1. If it is triggered, it will send
+ // identifier_select just like OpenID 2.
+ $this->endpoint->is_op_identifier = true;
+ $msg = $this->authreq->getMessage($this->realm, $this->return_to,
+ $this->immediate);
+ $this->failUnlessHasRequiredFields($msg);
+ $this->assertEquals(Auth_OpenID_IDENTIFIER_SELECT,
+ $msg->getArg(Auth_OpenID_OPENID1_NS,
+ 'identity'));
+ }
+}
+
+class TestAuthRequestOpenID1Immediate extends TestAuthRequestOpenID1 {
+ var $immediate = true;
+ var $expected_mode = 'checkid_immediate';
+}
+
+class TestAuthRequestOpenID2Immediate extends TestAuthRequestOpenID2 {
+ var $immediate = true;
+ var $expected_mode = 'checkid_immediate';
+}
+
+class Tests_Auth_OpenID_AuthRequest extends PHPUnit_Framework_TestSuite {
+
+ function getName()
+ {
+ return "Tests_Auth_OpenID_AuthRequest";
+ }
+
+ function Tests_Auth_OpenID_AuthRequest()
+ {
+ $this->addTestSuite('TestAuthRequestOpenID1');
+ $this->addTestSuite('TestAuthRequestOpenID1Immediate');
+ $this->addTestSuite('TestAuthRequestOpenID2');
+ $this->addTestSuite('TestAuthRequestOpenID2Immediate');
+ }
+}
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/BigMath.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/BigMath.php
new file mode 100644
index 000000000..acab4d918
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/BigMath.php
@@ -0,0 +1,234 @@
+<?php
+
+/**
+ * Tests for the BigMath functions.
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2005-2008 Janrain, Inc.
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+require_once 'Auth/OpenID/BigMath.php';
+require_once 'Tests/Auth/OpenID/TestUtil.php';
+
+class Tests_Auth_OpenID_BinLongConvertRnd extends PHPUnit_Framework_TestCase {
+ var $lib;
+ var $max;
+
+ function Tests_Auth_OpenID_BinLongConvertRnd($lib, $max)
+ {
+ $this->lib =& $lib;
+ $this->max = $max;
+ }
+
+ function runTest()
+ {
+ $n = $this->lib->init(0);
+ foreach (range(0, 9) as $i) {
+ $rnd = $this->lib->rand($this->max);
+ $n = $this->lib->add($n, $rnd);
+ }
+ $s = $this->lib->longToBinary($n);
+ $this->assertTrue(is_string($s));
+ $n_prime = $this->lib->binaryToLong($s);
+ $this->assertEquals($this->lib->cmp($n, $n_prime), 0);
+ }
+}
+
+class Tests_Auth_OpenID_BinLongConvert extends PHPUnit_Framework_TestCase {
+ var $lib;
+ var $bin;
+ var $lng;
+
+ function Tests_Auth_OpenID_BinLongConvert($lib, $bin, $lng)
+ {
+ $this->lib =& $lib;
+ $this->bin = $bin;
+ $this->lng = $lng;
+ }
+
+ function runTest()
+ {
+ $n_prime = $this->lib->binaryToLong($this->bin);
+ $s_prime = $this->lib->longToBinary($this->lng);
+ $this->assertEquals($this->lib->cmp($this->lng, $n_prime), 0);
+ $this->assertTrue($this->bin == $s_prime);
+ }
+}
+
+class Tests_Auth_OpenID_Base64ToLong extends PHPUnit_Framework_TestCase {
+ var $num;
+ var $b64;
+ var $lib;
+
+ function Tests_Auth_OpenID_Base64ToLong($lib, $b64, $num)
+ {
+ $this->lib = $lib;
+ $this->b64 = $b64;
+ $this->num = $num;
+ }
+
+ function runTest()
+ {
+ $actual = $this->lib->base64ToLong($this->b64);
+ $this->assertTrue($this->lib->cmp($this->num, $actual) == 0);
+ }
+}
+
+class Tests_Auth_OpenID_LongToBase64 extends Tests_Auth_OpenID_Base64ToLong {
+ function Tests_Auth_OpenID_LongToBase64($lib, $b64, $num)
+ {
+ $this->lib = $lib;
+ $this->b64 = $b64;
+ $this->num = $num;
+ }
+
+ function runTest()
+ {
+ $actual = $this->lib->longToBase64($this->num);
+ $this->assertEquals($this->b64, $actual);
+ }
+}
+
+class Tests_Auth_OpenID_Rand extends PHPUnit_Framework_TestCase {
+ function Tests_Auth_OpenID_Rand($lib)
+ {
+ $this->lib =& $lib;
+ }
+
+ function runTest()
+ {
+ $stop = $this->lib->pow(2, 128);
+ $a = $this->lib->rand($stop);
+ $b = $this->lib->rand($stop);
+
+ $this->assertFalse($this->lib->cmp($b, $a) == 0, "Same: $a $b");
+
+ $n = $this->lib->init(Tests_Auth_OpenID_maxint());
+ $n = $this->lib->add($n, 1);
+
+ // Make sure that we can generate random numbers that are
+ // larger than platform int size
+ $result = $this->lib->rand($n);
+
+ // What can we say about the result?
+ }
+}
+
+/**
+ * Computes the maximum integer value for this PHP installation.
+ *
+ * @return int $max_int_value The maximum integer value for this
+ * PHP installation
+ */
+function Tests_Auth_OpenID_maxint()
+{
+ /* assumes largest integer is of form 2^n - 1 */
+ $to_test = pow(2, 16);
+ while (1) {
+ $last = $to_test;
+ $to_test = 2 * $to_test;
+ if (($to_test < $last) || (!is_int($to_test))) {
+ return($last + ($last - 1));
+ }
+ }
+}
+
+
+class Tests_Auth_OpenID_BigMath extends PHPUnit_Framework_TestSuite {
+ function _parseBase64Data()
+ {
+ $lines = Tests_Auth_OpenID_readlines('n2b64');
+
+ $data = array();
+ foreach ($lines as $line) {
+ $line = trim($line);
+ if (!$line) {
+ continue;
+ }
+ list($b64, $ascii) = explode(' ', $line);
+ $data[$b64] = $ascii;
+ }
+ return $data;
+ }
+
+ function _addB64Tests()
+ {
+ $lib = Auth_OpenID_getMathLib();
+ $count = defined('Tests_Auth_OpenID_thorough') ? -1 : 2;
+ $data = $this->_parseBase64Data();
+ foreach ($data as $b64 => $num_s) {
+ // Only test the first few unless thorough is defined
+ if (strlen($num_s) > 5) {
+ if ($count == 0) {
+ break;
+ } else {
+ $count -= 1;
+ }
+ }
+ $num = $lib->init($num_s);
+ $test = new Tests_Auth_OpenID_Base64ToLong($lib, $b64, $num);
+ $test->setName("B64->Long $num_s");
+ $this->addTest($test);
+
+ $test = new Tests_Auth_OpenID_LongToBase64($lib, $b64, $num);
+ $test->setName("Long->B64 $num_s");
+ $this->addTest($test);
+ }
+ }
+
+ function _addBinLongTests()
+ {
+ $lib =& Auth_OpenID_getMathLib();
+ $max = Tests_Auth_OpenID_maxint();
+ $upper = defined('Tests_Auth_OpenID_thorough') ? 499 : 3;
+
+ foreach (range(0, $upper) as $iteration) {
+ $test = new Tests_Auth_OpenID_BinLongConvertRnd($lib, $max);
+ $test->setName("BinLongConvertRnd " . strval($iteration));
+ $this->addTest($test);
+ }
+
+ $cases = array(
+ array("\x00", 0),
+ array("\x01", 1),
+ array("\x7F", 127),
+ array("\x00\x80", 128),
+ array("\x00\x81", 129),
+ array("\x00\xFF", 255),
+ array("\x00\x80\x00", 32768),
+ array("OpenID is cool",
+ "1611215304203901150134421257416556")
+ );
+
+ foreach ($cases as $case) {
+ list($bin, $lng_m) = $case;
+ $lng = $lib->init($lng_m);
+ $test = new Tests_Auth_OpenID_BinLongConvert($lib, $bin, $lng);
+ $test->setName('BinLongConvert ' . bin2hex($bin));
+ $this->addTest($test);
+ }
+
+ }
+
+ function Tests_Auth_OpenID_BigMath($name)
+ {
+ $this->setName($name);
+
+ if (defined('Auth_OpenID_NO_MATH_SUPPORT')) {
+ return;
+ }
+
+ $this->_addB64Tests();
+ $this->_addBinLongTests();
+ $test = new Tests_Auth_OpenID_Rand(Auth_OpenID_getMathLib());
+ $test->setName('Big number rand');
+ $this->addTest($test);
+ }
+}
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/Consumer.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Consumer.php
new file mode 100644
index 000000000..761f9f2a6
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Consumer.php
@@ -0,0 +1,2553 @@
+<?php
+
+/**
+ * Tests for the OpenID consumer.
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2005-2008 Janrain, Inc.
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+require_once 'Auth/OpenID/CryptUtil.php';
+require_once 'Auth/Yadis/HTTPFetcher.php';
+require_once 'Auth/OpenID/DiffieHellman.php';
+require_once 'Auth/OpenID/FileStore.php';
+require_once 'Auth/OpenID/KVForm.php';
+require_once 'Auth/OpenID/Consumer.php';
+require_once 'Auth/OpenID/Server.php';
+require_once 'Auth/OpenID/Nonce.php';
+require_once 'Auth/OpenID/SReg.php';
+require_once 'Auth/OpenID/Message.php';
+require_once 'Tests/Auth/OpenID/MemStore.php';
+
+/*
+ * Convenience function to create a SuccessResponse with the given
+ * arguments, all signed.
+ */
+function mkSuccess($endpoint, $q)
+{
+ $signed_list = array();
+ foreach (array_keys($q) as $k) {
+ $signed_list[] = 'openid.' . $k;
+ }
+ return new Auth_OpenID_SuccessResponse($endpoint,
+ Auth_OpenID_Message::fromOpenIDArgs($q),
+ $signed_list);
+}
+
+class FastConsumerSession extends Auth_OpenID_DiffieHellmanSHA1ConsumerSession {
+ function FastConsumerSession($dh = null)
+ {
+ if ($dh === null) {
+ $dh = new Auth_OpenID_DiffieHellman(100389557, 2);
+ }
+
+ $this->dh = $dh;
+ }
+}
+
+function setConsumerSession($con)
+{
+ $con->session_types = array('DH-SHA1' => 'FastConsumerSession');
+}
+
+global $_Auth_OpenID_assocs;
+$_Auth_OpenID_assocs = array(
+ array('another 20-byte key.', 'Snarky'),
+ array(str_repeat("\x00", 20), 'Zeros'),
+ );
+
+function Auth_OpenID_parse($qs)
+{
+ $result = array();
+ $parts = explode("&", $qs);
+ foreach ($parts as $pair) {
+ list($key, $value) = explode("=", $pair, 2);
+ assert(!array_key_exists($key, $result));
+ $result[urldecode($key)] = urldecode($value);
+ }
+ return $result;
+}
+
+function Auth_OpenID_associate($qs, $assoc_secret, $assoc_handle)
+{
+ $query_data = Auth_OpenID_parse($qs);
+
+ assert($query_data['openid.mode'] == 'associate');
+ assert($query_data['openid.assoc_type'] == 'HMAC-SHA1');
+
+ $reply_dict = array(
+ 'assoc_type' => 'HMAC-SHA1',
+ 'assoc_handle' => $assoc_handle,
+ 'expires_in' => '600',
+ );
+
+ if (defined('Auth_OpenID_NO_MATH_SUPPORT')) {
+ assert(count($query_data) == 2);
+ $message = Auth_OpenID_Message::fromPostArgs($query_data);
+ $session = Auth_OpenID_PlainTextServerSession::fromMessage($message);
+ } else {
+ assert((count($query_data) == 6) || (count($query_data) == 4));
+ assert($query_data['openid.mode'] == 'associate');
+ assert($query_data['openid.session_type'] == 'DH-SHA1');
+
+ $message = Auth_OpenID_Message::fromPostArgs($query_data);
+
+ $session = Auth_OpenID_DiffieHellmanSHA1ServerSession::fromMessage($message);
+ $reply_dict['session_type'] = 'DH-SHA1';
+
+ }
+
+ $reply_dict = array_merge($reply_dict, $session->answer($assoc_secret));
+ return Auth_OpenID_KVForm::fromArray($reply_dict);
+}
+
+class Auth_OpenID_TestFetcher extends Auth_Yadis_HTTPFetcher {
+ function Auth_OpenID_TestFetcher($user_url, $user_page,
+ $assoc_secret, $assoc_handle)
+ {
+ $this->get_responses = array($user_url =>
+ new Auth_Yadis_HTTPResponse($user_url,
+ 200,
+ array(),
+ $user_page));
+ $this->assoc_secret = $assoc_secret;
+ $this->assoc_handle = $assoc_handle;
+ $this->num_assocs = 0;
+ }
+
+ function response($url, $body)
+ {
+ if ($body === null) {
+ return new Auth_Yadis_HTTPResponse($url, 404, array(), 'Not found');
+ } else {
+ return new Auth_Yadis_HTTPResponse($url, 200, array(), $body);
+ }
+ }
+
+ function get($url)
+ {
+ if (array_key_exists($url, $this->get_responses)) {
+ return $this->get_responses[$url];
+ } else {
+ return $this->response($url, null);
+ }
+ }
+
+ function _checkAuth($url, $body)
+ {
+ $query_data = Auth_OpenID_parse($body);
+ $expected = array(
+ 'openid.mode' => 'check_authentication',
+ 'openid.signed' => 'assoc_handle,sig,signed',
+ 'openid.sig' => 'fake',
+ 'openid.assoc_handle' => $this->assoc_handle,
+ );
+
+ if ($query_data == $expected) {
+ return new Auth_Yadis_HTTPResponse($url, 200, array(), "is_valid:true\n");
+ } else {
+ return new Auth_Yadis_HTTPResponse($url, 400, array(),
+ "error:bad check_authentication query\n");
+ }
+ }
+
+ function post($url, $body)
+ {
+ if (strpos($body, 'openid.mode=associate') !== false) {
+ $response = Auth_OpenID_associate($body, $this->assoc_secret,
+ $this->assoc_handle);
+ $this->num_assocs++;
+ return $this->response($url, $response);
+ } elseif (strpos($body, 'openid.mode=check_authentication') !== false) {
+ return $this->_checkAuth($url, $body);
+ }
+
+ return $this->response($url, null);
+ }
+}
+
+global $_Auth_OpenID_user_page_pat;
+$_Auth_OpenID_user_page_pat = "<html>
+ <head>
+ <title>A user page</title>
+ %s
+ </head>
+ <body>
+ blah blah
+ </body>
+</html>";
+
+global $_Auth_OpenID_server_url;
+$_Auth_OpenID_server_url = "http://server.example.com/";
+
+global $_Auth_OpenID_consumer_url;
+$_Auth_OpenID_consumer_url = "http://consumer.example.com/";
+
+class Tests_Auth_OpenID_Consumer extends PHPUnit_Framework_TestCase {
+
+ function _run($consumer, $user_url, $mode, $delegate_url,
+ $fetcher, $store, $immediate)
+ {
+ global $_Auth_OpenID_consumer_url,
+ $_Auth_OpenID_server_url;
+
+ if (!defined('Auth_OpenID_NO_MATH_SUPPORT')) {
+ setConsumerSession($consumer);
+ }
+
+ $endpoint = new Auth_OpenID_ServiceEndpoint();
+ $endpoint->claimed_id = $user_url;
+ $endpoint->server_url = $_Auth_OpenID_server_url;
+ $endpoint->local_id = $delegate_url;
+ $endpoint->type_uris = array(Auth_OpenID_TYPE_1_1);
+
+ $result = $consumer->begin($endpoint);
+
+ $return_to = $_Auth_OpenID_consumer_url;
+ $trust_root = $_Auth_OpenID_consumer_url;
+ $redirect_url = $result->redirectURL($trust_root, $return_to,
+ $immediate);
+
+ $parsed = parse_url($redirect_url);
+ $qs = $parsed['query'];
+ $q = Auth_OpenID_parse($qs);
+ $new_return_to = $q['openid.return_to'];
+ unset($q['openid.return_to']);
+
+ $expected = array(
+ 'openid.mode' => $mode,
+ 'openid.identity' => $delegate_url,
+ 'openid.trust_root' => $trust_root,
+ );
+
+ if ($consumer->_use_assocs) {
+ $expected['openid.assoc_handle'] = $fetcher->assoc_handle;
+ }
+
+ $this->assertEquals($expected, $q);
+ $this->assertEquals(0, strpos($redirect_url, $_Auth_OpenID_server_url));
+ $this->assertEquals(0, strpos($new_return_to, $return_to));
+
+ $parsed = parse_url($new_return_to);
+ $query = Auth_OpenID_parse($parsed['query']);
+
+ $query = array_merge($query, array(
+ 'openid.mode'=> 'id_res',
+ 'openid.return_to'=> $new_return_to,
+ 'openid.identity'=> $delegate_url,
+ 'openid.assoc_handle'=> $fetcher->assoc_handle,
+ ));
+
+ if (!$consumer->_use_assocs) {
+ $query['openid.signed'] =
+ 'assoc_handle,mode,signed,identity';
+ $query['openid.assoc_handle'] = $fetcher->assoc_handle;
+ $query['openid.sig'] = 'fake';
+ }
+
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+
+ if ($consumer->_use_assocs) {
+ $assoc = $store->getAssociation($_Auth_OpenID_server_url,
+ $fetcher->assoc_handle);
+ $message = $assoc->signMessage($message);
+ }
+
+ $result = $consumer->complete($message, $result->endpoint, $new_return_to);
+
+ $this->assertEquals(Auth_OpenID_SUCCESS, $result->status);
+ $this->assertEquals($result->identity_url, $user_url);
+ }
+
+ function _test_success($user_url, $delegate_url, $links, $immediate = false)
+ {
+ global $_Auth_OpenID_filestore_base_dir,
+ $_Auth_OpenID_server_url,
+ $_Auth_OpenID_user_page_pat,
+ $_Auth_OpenID_assocs;
+
+ $store = new Tests_Auth_OpenID_MemStore();
+
+ if ($immediate) {
+ $mode = 'checkid_immediate';
+ } else {
+ $mode = 'checkid_setup';
+ }
+
+ $user_page = sprintf($_Auth_OpenID_user_page_pat, $links);
+ $fetcher = new Auth_OpenID_TestFetcher($user_url, $user_page,
+ $_Auth_OpenID_assocs[0][0],
+ $_Auth_OpenID_assocs[0][1]);
+
+ $consumer = new Auth_OpenID_GenericConsumer($store);
+ $consumer->fetcher =& $fetcher;
+
+ $expected_num_assocs = 0;
+ $this->assertEquals($expected_num_assocs, $fetcher->num_assocs);
+ $this->_run($consumer, $user_url, $mode, $delegate_url,
+ $fetcher, $store, $immediate);
+
+ if ($consumer->_use_assocs) {
+ $expected_num_assocs += 1;
+ }
+
+ $this->assertEquals($expected_num_assocs, $fetcher->num_assocs);
+
+ // Test that doing it again uses the existing association
+ $this->_run($consumer, $user_url, $mode, $delegate_url,
+ $fetcher, $store, $immediate);
+
+ $this->assertEquals($expected_num_assocs, $fetcher->num_assocs);
+
+ // Another association is created if we remove the existing one
+ $store->removeAssociation($_Auth_OpenID_server_url,
+ $fetcher->assoc_handle);
+
+ $this->_run($consumer, $user_url, $mode, $delegate_url,
+ $fetcher, $store, $immediate);
+
+ if ($consumer->_use_assocs) {
+ $expected_num_assocs += 1;
+ }
+
+ $this->assertEquals($expected_num_assocs, $fetcher->num_assocs);
+
+ // Test that doing it again uses the existing association
+ $this->_run($consumer, $user_url, $mode, $delegate_url,
+ $fetcher, $store, $immediate);
+
+ $this->assertEquals($expected_num_assocs, $fetcher->num_assocs);
+ }
+
+ function test_success()
+ {
+ global $_Auth_OpenID_server_url;
+
+ $user_url = 'http://www.example.com/user.html';
+ $links = sprintf('<link rel="openid.server" href="%s" />',
+ $_Auth_OpenID_server_url);
+
+ $delegate_url = 'http://consumer.example.com/user';
+ $delegate_links = sprintf('<link rel="openid.server" href="%s" />'.
+ '<link rel="openid.delegate" href="%s" />',
+ $_Auth_OpenID_server_url, $delegate_url);
+
+ $this->_test_success($user_url, $user_url, $links);
+ $this->_test_success($user_url, $user_url, $links, true);
+ $this->_test_success($user_url, $delegate_url, $delegate_links);
+ $this->_test_success($user_url, $delegate_url, $delegate_links, true);
+ }
+}
+
+class ConfigurableConsumer extends Auth_OpenID_GenericConsumer {
+ var $return_to_check_disabled = false;
+
+ function disableReturnToChecking() {
+ $this->return_to_check_disabled = true;
+ }
+
+ function complete($message, $endpoint, $return_to) {
+ if ($this->return_to_check_disabled) {
+ $return_to = null;
+ }
+
+ return parent::complete($message, $endpoint, $return_to);
+ }
+
+ function _checkReturnTo($unused, $unused2) {
+ if ($this->return_to_check_disabled) {
+ return true;
+ } else {
+ return parent::_checkReturnTo($unused, $unused2);
+ }
+ }
+}
+
+class _TestIdRes extends PHPUnit_Framework_TestCase {
+ var $consumer_class = 'ConfigurableConsumer';
+
+ function setUp()
+ {
+ $this->store = new Tests_Auth_OpenID_MemStore();
+ $cl = $this->consumer_class;
+ $this->consumer = new $cl($this->store);
+ $this->return_to = "http://some.host/path";
+ $this->endpoint = new Auth_OpenID_ServiceEndpoint();
+
+ $this->server_id = "sirod";
+ $this->server_url = "serlie";
+ $this->consumer_id = "consu";
+
+ $this->endpoint->claimed_id = $this->consumer_id;
+ $this->endpoint->server_url = $this->server_url;
+ $this->endpoint->local_id = $this->server_id;
+ $this->endpoint->type_uris = array(Auth_OpenID_TYPE_1_1);
+ }
+}
+
+class Tests_Auth_OpenID_Consumer_TestSetupNeeded extends _TestIdRes {
+ function failUnlessSetupNeeded($expected_setup_url, $message)
+ {
+ if ($this->consumer._checkSetupNeeded($message)) {
+ $this->assertEquals($expected_setup_url,
+ $message->getArg(Auth_OpenID_OPENID_NS,
+ 'user_setup_url'));
+ } else {
+ $this->fail("Expected to find an immediate-mode response");
+ }
+ }
+
+ function test_setupNeededOpenID1()
+ {
+ // The minimum conditions necessary to trigger Setup Needed
+ $setup_url = 'http://unittest/setup-here';
+ $message = Auth_OpenID_Message::fromPostArgs(array(
+ 'opaenid.mode' => 'id_res',
+ 'openid.user_setup_url' => $setup_url
+ ));
+ $this->assertTrue($message->isOpenID1());
+ $this->failUnlessSetupNeeded($setup_url, $message);
+ }
+
+ function test_setupNeededOpenID1_extra()
+ {
+ // Extra stuff along with setup_url still trigger Setup Needed
+ $setup_url = 'http://unittest/setup-here';
+ $message = Auth_OpenID_Message::fromPostArgs(array(
+ 'openid.mode' => 'id_res',
+ 'openid.user_setup_url' => $setup_url,
+ 'openid.identity' => 'bogus'
+ ));
+ $this->assertTrue($message->isOpenID1());
+ $this->failUnlessSetupNeeded($setup_url, $message);
+ }
+
+ function test_noSetupNeededOpenID1()
+ {
+ // When the user_setup_url is missing on an OpenID 1 message,
+ // we assume that it's not a cancel response to
+ // checkid_immediate
+ $message = Auth_OpenID_Message::fromOpenIDArgs(array('mode' => 'id_res'));
+ $this->assertTrue($message->isOpenID1());
+
+ // No SetupNeededError raised
+ $this->consumer->_checkSetupNeeded($message);
+ }
+
+ function test_setupNeededOpenID2()
+ {
+ $message = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'mode' => 'setup_needed',
+ 'ns' => Auth_OpenID_OPENID2_NS
+ ));
+ $this->assertTrue($message->isOpenID2());
+ $response = $this->consumer->complete($message, null, null);
+ $this->assertEquals('setup_needed', $response->status);
+ $this->assertEquals(null, $response->setup_url);
+ }
+
+ function test_setupNeededDoesntWorkForOpenID1()
+ {
+ $message = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'mode' => 'setup_needed'));
+
+ $this->assertFalse($this->consumer._checkSetupNeeded($message));
+
+ $response = $this->consumer->complete($message, null, null);
+ $this->assertEquals('failure', $response->status);
+ $this->assertTrue(strpos($response->message, 'Invalid openid.mode') === 0);
+ }
+
+ function test_noSetupNeededOpenID2()
+ {
+ $message = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'mode' => 'id_res',
+ 'game' => 'puerto_rico',
+ 'ns' => Auth_OpenID_OPENID2_NS
+ ));
+ $this->assertTrue($message->isOpenID2());
+
+ $this->assertFalse($this->consumer._checkSetupNeeded($message));
+ }
+}
+
+class IdResCheckForFieldsTest extends _TestIdRes {
+ function setUp() {
+ # Argh.
+ $v = null;
+ $this->consumer = new Auth_OpenID_GenericConsumer($v);
+ }
+
+ function successTest($openid_args, $signed_list) {
+ $message = Auth_OpenID_Message::fromOpenIDArgs($openid_args);
+ $message->setArg(Auth_OpenID_OPENID_NS, 'signed', implode(',', $signed_list));
+ $result = $this->consumer->_idResCheckForFields($message);
+ $this->assertFalse(Auth_OpenID::isFailure($result));
+ }
+
+ function test_openid1Success() {
+ $this->successTest(
+ array('return_to' =>'return',
+ 'assoc_handle' =>'assoc handle',
+ 'sig' =>'a signature',
+ 'identity' =>'someone',
+ ),
+ array('return_to', 'identity'));
+ }
+
+ function test_openid2Success() {
+ $this->successTest(
+ array('ns' => Auth_OpenID_OPENID2_NS,
+ 'return_to' =>'return',
+ 'assoc_handle' =>'assoc handle',
+ 'sig' =>'a signature',
+ 'op_endpoint' =>'my favourite server',
+ 'response_nonce' =>'use only once',
+ ),
+ array('return_to', 'response_nonce', 'assoc_handle', 'op_endpoint'));
+ }
+
+ function test_openid2Success_identifiers() {
+ $this->successTest(
+ array('ns' =>Auth_OpenID_OPENID2_NS,
+ 'return_to' =>'return',
+ 'assoc_handle' =>'assoc handle',
+ 'sig' =>'a signature',
+ 'claimed_id' =>'i claim to be me',
+ 'identity' =>'my server knows me as me',
+ 'op_endpoint' =>'my favourite server',
+ 'response_nonce' =>'use only once',
+ ),
+ array('return_to', 'response_nonce', 'identity',
+ 'claimed_id', 'assoc_handle', 'op_endpoint'));
+ }
+
+ function endswith($str, $it) {
+ $it_len = strlen($it);
+ $total = strlen($str);
+ return (strpos($str, $it) === $total - $it_len);
+ }
+
+ function missingFieldTest($openid_args) {
+ $message = Auth_OpenID_Message::fromOpenIDArgs($openid_args);
+ $result = $this->consumer->_idResCheckForFields($message);
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ $this->assertTrue(strpos($result->message, 'Missing required') === 0);
+ }
+
+ function missingSignedTest($openid_args) {
+ $message = Auth_OpenID_Message::fromOpenIDArgs($openid_args);
+ $result = $this->consumer->_idResCheckForFields($message);
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ if (Auth_OpenID::isFailure($result)) {
+ $this->assertTrue($this->endswith($result->message, 'not signed'),
+ $result->message);
+ }
+ }
+
+ function test_openid1Missing_returnToSig() {
+ $this->missingSignedTest(
+ array('return_to' =>'return',
+ 'assoc_handle' =>'assoc handle',
+ 'sig' =>'a signature',
+ 'identity' =>'someone',
+ 'signed' => 'identity,assoc_handle'));
+ }
+
+ function test_openid2Missing_opEndpointSig() {
+ $this->missingSignedTest(
+ array('ns' => Auth_OpenID_OPENID2_NS,
+ 'return_to' =>'return',
+ 'assoc_handle' =>'assoc handle',
+ 'sig' =>'a signature',
+ 'identity' =>'someone',
+ 'op_endpoint' => 'the endpoint',
+ 'signed' => 'identity,return_to,assoc_handle'));
+ }
+
+ function test_openid1Missing_identitySig() {
+ $this->missingSignedTest(
+ array('return_to' =>'return',
+ 'assoc_handle' =>'assoc handle',
+ 'sig' =>'a signature',
+ 'identity' =>'someone',
+ 'signed' => 'eturn_to'));
+ }
+
+ function test_openid1MissingReturnTo() {
+ $this->missingFieldTest(
+ array('assoc_handle' =>'assoc handle',
+ 'sig' =>'a signature',
+ 'identity' =>'someone',
+ 'signed' => 'return_to,identity'));
+ }
+
+ function test_openid1MissingAssocHandle() {
+ $this->missingFieldTest(
+ array('return_to' =>'return',
+ 'sig' =>'a signature',
+ 'identity' =>'someone',
+ 'signed' => 'return_to,identity'
+ ));
+ }
+}
+
+define('E_CHECK_AUTH_HAPPENED', 'checkauth occurred');
+define('E_MOCK_FETCHER_EXCEPTION', 'mock fetcher exception');
+define('E_ASSERTION_ERROR', 'assertion error');
+
+class _CheckAuthDetectingConsumer extends ConfigurableConsumer {
+ function _verifyDiscoveryResults($message, $endpoint)
+ {
+ return $endpoint;
+ }
+
+ function _idResCheckNonce($message, $endpoint)
+ {
+ return true;
+ }
+
+ function _checkAuth($query, $server_url)
+ {
+ __raiseError(E_CHECK_AUTH_HAPPENED);
+ }
+}
+
+global $GOODSIG;
+$GOODSIG = "[A Good Signature]";
+
+class GoodAssociation {
+ var $expiresIn = 3600;
+ var $handle = "-blah-";
+
+ function getExpiresIn()
+ {
+ return $this->expiresIn;
+ }
+
+ function checkMessageSignature($message)
+ {
+ global $GOODSIG;
+ return $message->getArg(Auth_OpenID_OPENID_NS, 'sig') == $GOODSIG;
+ }
+}
+
+class GoodAssocStore extends Tests_Auth_OpenID_MemStore {
+ function getAssociation($server_url, $handle = null)
+ {
+ return new GoodAssociation();
+ }
+}
+
+class TestIdResCheckSignature extends _TestIdRes {
+ function setUp()
+ {
+ global $GOODSIG;
+
+ parent::setUp();
+ $this->assoc = new GoodAssociation();
+ $this->assoc->handle = "{not_dumb}";
+ $this->store->storeAssociation($this->endpoint->server_url, $this->assoc);
+
+ $this->message = Auth_OpenID_Message::fromPostArgs(array(
+ 'openid.mode'=> 'id_res',
+ 'openid.identity'=> '=example',
+ 'openid.sig'=> $GOODSIG,
+ 'openid.assoc_handle'=> $this->assoc->handle,
+ 'openid.signed'=> 'mode,identity,assoc_handle,signed',
+ 'frobboz'=> 'banzit'));
+ }
+
+ function test_sign()
+ {
+ // assoc_handle to assoc with good sig
+ $this->consumer->_idResCheckSignature($this->message,
+ $this->endpoint->server_url);
+ }
+
+ function test_signFailsWithBadSig()
+ {
+ $this->message.setArg(Auth_OpenID_OPENID_NS, 'sig', 'BAD SIGNATURE');
+ $result = $this->consumer->_idResCheckSignature($this->message, $this->endpoint->server_url);
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+}
+
+class StatelessConsumer1 extends ConfigurableConsumer {
+ function _processCheckAuthResponse($response, $server_url)
+ {
+ return true;
+ }
+
+ function _makeKVPost($args, $server_url)
+ {
+ return array();
+ }
+}
+
+class Tests_Auth_OpenID_Stateless1 extends _TestIdRes {
+ var $consumer_class = "StatelessConsumer1";
+
+ function setUp()
+ {
+ global $GOODSIG;
+
+ parent::setUp();
+ $this->assoc = new GoodAssociation();
+ $this->assoc->handle = "{not_dumb}";
+ $this->store->storeAssociation($this->endpoint->server_url, $this->assoc);
+
+ $this->message = Auth_OpenID_Message::fromPostArgs(array(
+ 'openid.mode'=> 'id_res',
+ 'openid.identity'=> '=example',
+ 'openid.sig'=> $GOODSIG,
+ 'openid.assoc_handle'=> $this->assoc->handle,
+ 'openid.signed'=> 'mode,identity,assoc_handle,signed',
+ 'frobboz'=> 'banzit'));
+ }
+
+ function test_stateless()
+ {
+ // assoc_handle missing assoc, consumer._checkAuth returns
+ // goodthings
+ $this->message->setArg(Auth_OpenID_OPENID_NS, "assoc_handle", "dumbHandle");
+ $this->consumer->_idResCheckSignature($this->message,
+ $this->endpoint->server_url);
+ }
+}
+
+class StatelessConsumer2 extends ConfigurableConsumer {
+ function _checkAuth($_, $__)
+ {
+ return false;
+ }
+}
+
+class Tests_Auth_OpenID_Stateless2 extends _TestIdRes {
+ var $consumer_class = "StatelessConsumer2";
+
+ function setUp()
+ {
+ global $GOODSIG;
+
+ parent::setUp();
+ $this->assoc = new GoodAssociation();
+ $this->assoc->handle = "{not_dumb}";
+ $this->store->storeAssociation($this->endpoint->server_url, $this->assoc);
+
+ $this->message = Auth_OpenID_Message::fromPostArgs(array(
+ 'openid.mode'=> 'id_res',
+ 'openid.identity'=> '=example',
+ 'openid.sig'=> $GOODSIG,
+ 'openid.assoc_handle'=> $this->assoc->handle,
+ 'openid.signed'=> 'mode,identity,assoc_handle,signed',
+ 'frobboz'=> 'banzit'));
+ }
+
+ function test_statelessRaisesError()
+ {
+ // assoc_handle missing assoc, consumer._checkAuth returns
+ // goodthings
+ $this->message->setArg(Auth_OpenID_OPENID_NS, "assoc_handle",
+ "dumbHandle");
+ $result = $this->consumer->_idResCheckSignature($this->message,
+ $this->endpoint->server_url);
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+}
+
+class Tests_Auth_OpenID_Consumer_CheckNonceTest extends _TestIdRes {
+ function setUp()
+ {
+ parent::setUp();
+ $this->consumer->openid1_nonce_query_arg_name = 'nonce';
+ }
+
+ function test_openid1Success()
+ {
+ // use consumer-generated nonce
+ $nonce_value = Auth_OpenID_mkNonce();
+ $this->return_to = sprintf('http://rt.unittest/?nonce=%s',
+ $nonce_value);
+ $this->response = Auth_OpenID_Message::fromOpenIDArgs(
+ array('return_to' => $this->return_to));
+ $this->response->setArg(Auth_OpenID_BARE_NS, 'nonce', $nonce_value);
+
+ $result = $this->consumer->_idResCheckNonce($this->response, $this->endpoint);
+ $this->assertFalse(Auth_OpenID::isFailure($result));
+ }
+
+ function test_openid1Missing()
+ {
+ // use consumer-generated nonce
+ $this->response = Auth_OpenID_Message::fromOpenIDArgs(array());
+ $n = $this->consumer->_idResGetNonceOpenID1($this->response, $this->endpoint);
+ $this->assertTrue($n === null);
+ }
+
+ function test_consumerNonceOpenID2()
+ {
+ // OpenID 2 does not use consumer-generated nonce
+ $this->return_to = sprintf('http://rt.unittest/?nonce=%s',
+ Auth_OpenID_mkNonce());
+ $this->response = Auth_OpenID_Message::fromOpenIDArgs(
+ array('return_to' => $this->return_to,
+ 'ns' => Auth_OpenID_OPENID2_NS));
+ $result = $this->consumer->_idResCheckNonce($this->response, $this->endpoint);
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+
+ function test_serverNonce()
+ {
+ // use server-generated nonce
+ $this->response = Auth_OpenID_Message::fromOpenIDArgs(
+ array('ns' => Auth_OpenID_OPENID2_NS,
+ 'response_nonce' => Auth_OpenID_mkNonce()));
+ $this->consumer->_idResCheckNonce($this->response, $this->endpoint);
+ }
+
+ function test_serverNonceOpenID1()
+ {
+ // OpenID 1 does not use server-generated nonce
+ $this->response = Auth_OpenID_Message::fromOpenIDArgs(
+ array('ns' => Auth_OpenID_OPENID1_NS,
+ 'return_to'=> 'http://return.to/',
+ 'response_nonce'=> Auth_OpenID_mkNonce()));
+ $result = $this->consumer->_idResCheckNonce($this->response, $this->endpoint);
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+
+ function test_badNonce()
+ {
+ // remove the nonce from the store
+ $nonce = Auth_OpenID_mkNonce();
+ list($timestamp, $salt) = Auth_OpenID_splitNonce($nonce);
+
+ $this->store->useNonce($this->server_url, $timestamp, $salt);
+
+ $response = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'response_nonce' => $nonce,
+ 'ns' => Auth_OpenID_OPENID2_NS
+ ));
+
+ $result = $this->consumer->_idResCheckNonce($response,
+ $this->endpoint);
+
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+
+ function test_tamperedNonce()
+ {
+ // Malformed nonce
+ $query = array('response_nonce' => 'malformed',
+ 'ns' => Auth_OpenID_OPENID2_NS);
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+
+ $result = $this->consumer->_idResCheckNonce($message,
+ $this->endpoint);
+
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+
+ function test_missingNonce()
+ {
+ // no nonce parameter on the return_to
+ $query = array('openid.return_to' => $this->return_to);
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+
+ $result = $this->consumer->_idResCheckNonce($message,
+ $this->endpoint);
+
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+}
+
+class Tests_Auth_OpenID_Consumer_TestCheckAuthTriggered extends _TestIdRes {
+ var $consumer_class = '_CheckAuthDetectingConsumer';
+
+ function _doIdRes($message, $endpoint, $return_to)
+ {
+ return $this->consumer->_doIdRes($message, $endpoint, $return_to);
+ }
+
+ function test_checkAuthTriggered()
+ {
+ $query = array('openid.return_to' => $this->return_to,
+ 'openid.identity' => $this->server_id,
+ 'openid.assoc_handle' =>'not_found',
+ 'openid.sig' => 'bogus',
+ 'openid.signed' => 'identity,return_to');
+
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+
+ $this->consumer->disableReturnToChecking();
+
+ $result = $this->_doIdRes($message, $this->endpoint, null);
+
+ $error = __getError();
+
+ if ($error === null) {
+ $this->fail('_checkAuth did not happen.');
+ }
+ }
+
+ function test_checkAuthTriggeredWithAssoc()
+ {
+ // Store an association for this server that does not match
+ // the handle that is in the query
+ $issued = time();
+ $lifetime = 1000;
+ $assoc = new Auth_OpenID_Association(
+ 'handle', 'secret', $issued, $lifetime, 'HMAC-SHA1');
+ $this->store->storeAssociation($this->server_url, $assoc);
+
+ $query = array(
+ 'openid.return_to' => $this->return_to,
+ 'openid.identity' => $this->server_id,
+ 'openid.assoc_handle' => 'not_found',
+ 'openid.sig' => 'bogus',
+ 'openid.signed' => 'return_to,identity');
+
+ $this->consumer->disableReturnToChecking();
+
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+
+ $result = $this->_doIdRes($message, $this->endpoint, null);
+ $error = __getError();
+
+ if ($error === null) {
+ $this->fail('_checkAuth did not happen.');
+ }
+ }
+
+ function test_expiredAssoc()
+ {
+ // Store an expired association for the server with the handle
+ // that is in the query
+ $issued = time() - 10;
+ $lifetime = 0;
+ $handle = 'handle';
+ $assoc = new Auth_OpenID_Association(
+ $handle, 'secret', $issued, $lifetime, 'HMAC-SHA1');
+ $this->assertTrue($assoc->getExpiresIn() <= 0);
+ $this->store->storeAssociation($this->server_url, $assoc);
+
+ $query = array(
+ 'openid.return_to' => $this->return_to,
+ 'openid.identity' => $this->server_id,
+ 'openid.sig' => 'bogus',
+ 'openid.signed' => 'identity,return_to',
+ 'openid.assoc_handle' => $handle);
+
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+
+ $this->consumer->disableReturnToChecking();
+
+ $info = $this->_doIdRes($message, $this->endpoint, null);
+
+ $this->assertEquals('failure', $info->status);
+
+ $this->assertTrue(strpos($info->message, 'expired') !== false);
+ }
+
+ function test_newerAssoc()
+ {
+ // Store an expired association for the server with the handle
+ // that is in the query
+ $lifetime = 1000;
+
+ $good_issued = time() - 10;
+ $good_handle = 'handle';
+ $good_assoc = new Auth_OpenID_Association(
+ $good_handle, 'secret', $good_issued, $lifetime, 'HMAC-SHA1');
+ $this->store->storeAssociation($this->server_url, $good_assoc);
+
+ $bad_issued = time() - 5;
+ $bad_handle = 'handle2';
+ $bad_assoc = new Auth_OpenID_Association(
+ $bad_handle, 'secret', $bad_issued, $lifetime, 'HMAC-SHA1');
+ $this->store->storeAssociation($this->server_url, $bad_assoc);
+
+ $query = array(
+ 'openid.return_to' => $this->return_to,
+ 'openid.identity' => $this->server_id,
+ 'openid.assoc_handle' => $good_handle);
+
+ $this->consumer->disableReturnToChecking();
+
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+ $message = $good_assoc->signMessage($message);
+
+ $info = $this->_doIdRes($message, $this->endpoint, null);
+
+ $this->assertEquals($info->status, 'success');
+ $this->assertEquals($this->consumer_id, $info->identity_url);
+ }
+}
+
+class _MockFetcher {
+ function _MockFetcher($response = null)
+ {
+ // response is (code, url, body)
+ $this->response = $response;
+ $this->fetches = array();
+ }
+
+ function post($url, $body)
+ {
+ $this->fetches[] = array($url, $body, array());
+ return $this->response;
+ }
+
+ function get($url)
+ {
+ $this->fetches[] = array($url, null, array());
+ return $this->response;
+ }
+}
+
+class Tests_Auth_OpenID_Complete extends _TestIdRes {
+ function test_cancel()
+ {
+ $query = array('openid.mode' => 'cancel');
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+
+ $this->consumer->disableReturnToChecking();
+
+ $r = $this->consumer->complete($message, $this->endpoint, null);
+ $this->assertEquals($r->status, Auth_OpenID_CANCEL);
+ $this->assertTrue($r->identity_url == $this->endpoint->claimed_id);
+ }
+
+ function test_cancel_with_return_to() {
+ $message = Auth_OpenID_Message::fromPostArgs(array('openid.mode' => 'cancel'));
+ $r = $this->consumer->complete($message, $this->endpoint, $this->return_to);
+ $this->assertEquals($r->status, Auth_OpenID_CANCEL);
+ $this->assertTrue($r->identity_url == $this->endpoint->claimed_id);
+ }
+
+ function test_errorWithNoOptionalKeys()
+ {
+ $msg = 'an error message';
+ $contact = 'some contact info here';
+ $message = Auth_OpenID_Message::fromPostArgs(array('openid.mode'=> 'error',
+ 'openid.error'=> $msg,
+ 'openid.contact'=> $contact));
+
+ $this->consumer->disableReturnToChecking();
+
+ $r = $this->consumer->complete($message, $this->endpoint, null);
+ $this->assertEquals($r->status, Auth_OpenID_FAILURE);
+ $this->assertTrue($r->identity_url == $this->endpoint->claimed_id);
+ $this->assertTrue($r->contact == $contact);
+ $this->assertTrue($r->reference === null);
+ $this->assertEquals($r->message, $msg);
+ }
+
+ function test_errorWithOptionalKeys()
+ {
+ $msg = 'an error message';
+ $contact = 'me';
+ $reference = 'support ticket';
+ $message = Auth_OpenID_Message::fromPostArgs(array('openid.mode'=> 'error',
+ 'openid.error'=> $msg, 'openid.reference'=> $reference,
+ 'openid.contact'=> $contact, 'openid.ns'=> Auth_OpenID_OPENID2_NS
+ ));
+ $r = $this->consumer->complete($message, $this->endpoint, null);
+ $this->assertEquals($r->status, Auth_OpenID_FAILURE);
+ $this->assertTrue($r->identity_url == $this->endpoint->claimed_id);
+ $this->assertTrue($r->contact == $contact);
+ $this->assertTrue($r->reference == $reference);
+ $this->assertEquals($r->message, $msg);
+ }
+
+ function test_error()
+ {
+ $msg = 'an error message';
+ $query = array('openid.mode' =>'error',
+ 'openid.error' => $msg);
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+
+ $this->consumer->disableReturnToChecking();
+
+ $r = $this->consumer->complete($message, $this->endpoint, null);
+ $this->assertEquals($r->status, Auth_OpenID_FAILURE);
+ $this->assertTrue($r->identity_url == $this->endpoint->claimed_id);
+ $this->assertEquals($r->message, $msg);
+ }
+
+ function test_noMode()
+ {
+ $query = array();
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+ $r = $this->consumer->complete($message, $this->endpoint, null);
+ $this->assertEquals($r->status, Auth_OpenID_FAILURE);
+ $this->assertTrue($r->identity_url == $this->endpoint->claimed_id);
+ }
+
+ function test_idResMissingField()
+ {
+ $query = array('openid.mode' => 'id_res');
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+ $r = $this->consumer->complete($message, $this->endpoint, null);
+ $this->assertTrue(Auth_openID::isFailure($r));
+ }
+}
+
+class _VerifiedError extends Auth_OpenID_FailureResponse {
+}
+
+class Consumer_idResURLMismatch extends ConfigurableConsumer {
+ function _discoverAndVerify($to_match)
+ {
+ return new _VerifiedError(null, 'verified error');
+ }
+}
+
+class Tests_idResURLMismatch extends _TestIdRes {
+ var $consumer_class = 'Consumer_idResURLMismatch';
+
+ function test_idResURLMismatch()
+ {
+ $query = array('openid.mode' => 'id_res',
+ 'openid.return_to' => 'return_to (just anything)',
+ 'openid.identity' => 'something wrong (not this->consumer_id)',
+ 'openid.assoc_handle' => 'does not matter',
+ 'openid.signed' => 'identity,return_to',
+ 'openid.sig' => 'bogus');
+
+ $this->consumer->disableReturnToChecking();
+
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+ $r = $this->consumer->complete($message, $this->endpoint, null);
+ $this->assertTrue(is_a($r, '_VerifiedError'));
+ }
+}
+
+class SetupNeededConsumer extends Auth_OpenID_GenericConsumer {
+ function _checkSetupNeeded($message)
+ {
+ return true;
+ }
+}
+
+class Tests_Auth_OpenID_SetupNeeded extends _TestIdRes {
+ function test_setupNeededIdRes()
+ {
+ $message = Auth_OpenID_Message::fromOpenIDArgs(array('mode'=> 'id_res'));
+ $response = $this->consumer->complete($message, null, null);
+ $this->assertEquals(Auth_OpenID_SETUP_NEEDED,
+ $response->status);
+ }
+}
+
+class TempConsumer extends ConfigurableConsumer {
+ function _verifyDiscoveryResults($message, $endpoint)
+ {
+ return $endpoint;
+ }
+}
+
+class TestCompleteMissingSig extends PHPUnit_Framework_TestCase {
+
+ function setUp()
+ {
+ global $GOODSIG;
+
+ $this->store = new GoodAssocStore();
+ $this->consumer = new ConfigurableConsumer($this->store);
+ $this->server_url = "http://idp.unittest/";
+
+ $claimed_id = 'bogus.claimed';
+
+ $this->message = Auth_OpenID_Message::fromOpenIDArgs(
+ array('mode'=> 'id_res',
+ 'return_to'=> 'return_to (just anything)',
+ 'identity'=> $claimed_id,
+ 'assoc_handle'=> 'does not matter',
+ 'sig'=> $GOODSIG,
+ 'response_nonce'=> Auth_OpenID_mkNonce(),
+ 'signed'=> 'identity,return_to,response_nonce,assoc_handle,claimed_id,op_endpoint',
+ 'claimed_id'=> $claimed_id,
+ 'op_endpoint'=> $this->server_url,
+ 'ns' => Auth_OpenID_OPENID2_NS));
+
+ $this->endpoint = new Auth_OpenID_ServiceEndpoint();
+ $this->endpoint->server_url = $this->server_url;
+ $this->endpoint->claimed_id = $claimed_id;
+ $this->consumer->disableReturnToChecking();
+ }
+
+ function test_idResMissingNoSigs()
+ {
+ $c = new TempConsumer($this->store);
+ $c->disableReturnToChecking();
+ $r = $c->complete($this->message, $this->endpoint, null);
+ $this->failUnlessSuccess($r);
+ }
+
+ function test_idResNoIdentity()
+ {
+ $this->message->delArg(Auth_OpenID_OPENID_NS, 'identity');
+ $this->message->delArg(Auth_OpenID_OPENID_NS, 'claimed_id');
+ $this->endpoint->claimed_id = null;
+ $this->message->setArg(Auth_OpenID_OPENID_NS,
+ 'signed', 'return_to,response_nonce,assoc_handle,op_endpoint');
+ $r = $this->consumer->complete($this->message, $this->endpoint, null);
+ $this->failUnlessSuccess($r);
+ }
+
+ function test_idResMissingIdentitySig()
+ {
+ $this->message->setArg(Auth_OpenID_OPENID_NS,
+ 'signed',
+ 'return_to,response_nonce,assoc_handle,claimed_id,op_endpoint');
+ $r = $this->consumer->complete($this->message, $this->endpoint, null);
+ $this->assertEquals($r->status, Auth_OpenID_FAILURE);
+ }
+
+ function test_idResMissingReturnToSig()
+ {
+ $this->message->setArg(Auth_OpenID_OPENID_NS,
+ 'signed',
+ 'identity,response_nonce,assoc_handle,claimed_id');
+ $r = $this->consumer->complete($this->message, $this->endpoint, null);
+ $this->assertEquals($r->status, Auth_OpenID_FAILURE);
+ }
+
+ function test_idResMissingAssocHandleSig()
+ {
+ $this->message->setArg(Auth_OpenID_OPENID_NS, 'signed',
+ 'identity,response_nonce,return_to,claimed_id');
+ $r = $this->consumer->complete($this->message, $this->endpoint, null);
+ $this->assertEquals($r->status, Auth_OpenID_FAILURE);
+ }
+
+ function test_idResMissingClaimedIDSig()
+ {
+ $this->message->setArg(Auth_OpenID_OPENID_NS, 'signed',
+ 'identity,response_nonce,return_to,assoc_handle');
+ $r = $this->consumer->complete($this->message, $this->endpoint, null);
+ $this->assertEquals($r->status, Auth_OpenID_FAILURE);
+ }
+
+ function failUnlessSuccess($response)
+ {
+ if ($response->status != Auth_OpenID_SUCCESS) {
+ $this->fail(sprintf("Non-successful response: %s", $response->status));
+ }
+ }
+}
+
+class TestReturnToArgs extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $store = null;
+ $this->consumer = new Auth_OpenID_GenericConsumer($store);
+ }
+
+ function test_returnToArgsUnexpectedArg()
+ {
+ $query = array(
+ 'openid.mode' => 'id_res',
+ 'openid.return_to' => 'http://example.com/',
+ 'foo' => 'bar');
+
+ // no return value, success is assumed if there are no
+ // exceptions.
+ $this->assertTrue(Auth_OpenID::isFailure(
+ $this->consumer->_verifyReturnToArgs($query)));
+ }
+
+ function test_returnToArgsOkay()
+ {
+ $query = array(
+ 'openid.mode'=> 'id_res',
+ 'openid.return_to'=> 'http://example.com/?foo=bar',
+ 'foo'=> 'bar'
+ );
+ // no return value, success is assumed if there are no exceptions.
+ $result = $this->consumer->_verifyReturnToArgs($query);
+
+ $this->assertFalse(Auth_OpenID::isFailure($result));
+ $this->assertTrue($result);
+ }
+
+ function test_returnToMismatch()
+ {
+ $query = array(
+ 'openid.mode' => 'id_res',
+ 'openid.return_to' => 'http://example.com/?foo=bar');
+
+ // fail, query has no key 'foo'.
+ $result = $this->consumer->_verifyReturnToArgs($query);
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+
+ $query['foo'] = 'baz';
+ // fail, values for 'foo' do not match.
+ $result = $this->consumer->_verifyReturnToArgs($query);
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+
+ function test_noReturnTo()
+ {
+ $query = array('openid.mode'=> 'id_res');
+ $result = $this->consumer->_verifyReturnToArgs($query);
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+
+ function test_completeBadReturnTo()
+ {
+ // Test GenericConsumer.complete()'s handling of bad return_to
+ // values.
+ $return_to = "http://some.url/path?foo=bar";
+
+ // Scheme, authority, and path differences are checked by
+ // GenericConsumer._checkReturnTo. Query args checked by
+ // GenericConsumer._verifyReturnToArgs.
+ $bad_return_tos = array(
+ // Scheme only
+ "https://some.url/path?foo=bar",
+ // Authority only
+ "http://some.url.invalid/path?foo=bar",
+ // Path only
+ "http://some.url/path_extra?foo=bar",
+ // Query args differ
+ "http://some.url/path?foo=bar2",
+ "http://some.url/path?foo2=bar"
+ );
+
+ $m = new Auth_OpenID_Message(Auth_OpenID_OPENID1_NS);
+ $m->setArg(Auth_OpenID_OPENID_NS, 'mode', 'cancel');
+ $m->setArg(Auth_OpenID_BARE_NS, 'foo', 'bar');
+ $endpoint = null;
+
+ foreach ($bad_return_tos as $bad) {
+ $m->setArg(Auth_OpenID_OPENID_NS, 'return_to', $bad);
+ $this->assertFalse($this->consumer->_checkReturnTo($m, $return_to));
+ }
+ }
+
+ function test_completeGoodReturnTo()
+ {
+ // Test GenericConsumer.complete()'s handling of good
+ // return_to values.
+ $return_to = "http://some.url/path";
+
+ $good_return_tos = array(
+ array($return_to,
+ array()),
+ array($return_to . "?another=arg",
+ array(array(
+ array(Auth_OpenID_BARE_NS, 'another'),
+ 'arg'))),
+ array($return_to . "?another=arg#fragment",
+ array(array(
+ array(Auth_OpenID_BARE_NS, 'another'),
+ 'arg'))),
+ array("HTTP://some.url/path",array()),
+ array("http://some.URL/path",array()),
+ array("http://some.url:80/path",array()),
+ array("http://some.url/./path",array())
+ );
+
+ $endpoint = null;
+
+ foreach ($good_return_tos as $pair) {
+ list($good_return_to, $extra) = $pair;
+ $m = new Auth_OpenID_Message(Auth_OpenID_OPENID1_NS);
+ $m->setArg(Auth_OpenID_OPENID_NS, 'mode', 'cancel');
+
+ for ($i = 0; $i < count($extra); $i++) {
+ list($ckey, $value) = $extra[$i];
+ $ns = $ckey[0];
+ $key = $ckey[1];
+ $m->setArg($ns, $key, $value);
+ }
+
+ $m->setArg(Auth_OpenID_OPENID_NS, 'return_to', $good_return_to);
+ $result = $this->consumer->complete($m, $endpoint, $return_to);
+ $this->assertTrue(is_a($result, 'Auth_OpenID_CancelResponse'));
+ }
+ }
+}
+
+class Tests_Auth_OpenID_CheckAuthResponse extends _TestIdRes {
+ function _createAssoc()
+ {
+ $issued = time();
+ $lifetime = 1000;
+ $assoc = new Auth_OpenID_Association(
+ 'handle', 'secret', $issued, $lifetime, 'HMAC-SHA1');
+ $store =& $this->consumer->store;
+ $store->storeAssociation($this->server_url, $assoc);
+ $assoc2 = $store->getAssociation($this->server_url);
+ $this->assertEquals($assoc, $assoc2);
+ }
+
+ function test_goodResponse()
+ {
+ // successful response to check_authentication
+ $response = array('is_valid' => 'true');
+ $message = Auth_OpenID_Message::fromOpenIDArgs($response);
+ $r = $this->consumer->_processCheckAuthResponse($message, $this->server_url);
+ $this->assertTrue($r);
+ }
+
+ function test_missingAnswer()
+ {
+ // check_authentication returns false when the server sends no
+ // answer
+ $response = array();
+ $message = Auth_OpenID_Message::fromPostArgs($response);
+ $r = $this->consumer->_processCheckAuthResponse($message, $this->server_url);
+ $this->assertFalse($r);
+ }
+
+ function test_badResponse()
+ {
+ // check_authentication returns false when is_valid is false
+ $response = array('is_valid' => 'false');
+ $message = Auth_OpenID_Message::fromOpenIDArgs($response);
+
+ $r = $this->consumer->_processCheckAuthResponse($message, $this->server_url);
+ $this->assertFalse($r);
+ }
+
+ function test_badResponseInvalidate()
+ {
+ // Make sure that the handle is invalidated when is_valid is
+ // false
+ $this->_createAssoc();
+ $response = array('is_valid' => 'false',
+ 'invalidate_handle' => 'handle');
+
+ $message = Auth_OpenID_Message::fromOpenIDArgs($response);
+
+ $r = $this->consumer->_processCheckAuthResponse($message,
+ $this->server_url);
+ $this->assertFalse($r);
+ $this->assertTrue(
+ $this->consumer->store->getAssociation($this->server_url) === null);
+ }
+
+ function test_invalidateMissing()
+ {
+ // invalidate_handle with a handle that is not present
+ $response = array('is_valid' => 'true',
+ 'invalidate_handle' => 'missing');
+
+ $message = Auth_OpenID_Message::fromOpenIDArgs($response);
+
+ $r = $this->consumer->_processCheckAuthResponse($message, $this->server_url);
+ $this->assertTrue($r);
+ }
+
+ function test_invalidatePresent()
+ {
+ // invalidate_handle with a handle that exists"""
+ $this->_createAssoc();
+ $response = array('is_valid' => 'true',
+ 'invalidate_handle' => 'handle');
+
+ $message = Auth_OpenID_Message::fromOpenIDArgs($response);
+
+ $r = $this->consumer->_processCheckAuthResponse($message, $this->server_url);
+ $this->assertTrue($r);
+ $this->assertTrue(
+ $this->consumer->store->getAssociation($this->server_url) === null);
+ }
+}
+
+class _IdResFetchFailingConsumer extends Auth_OpenID_GenericConsumer {
+ var $message = 'fetch failed';
+
+ function _doIdRes($message, $endpoint)
+ {
+ return new Auth_OpenID_FailureResponse($endpoint,
+ $this->message);
+ }
+}
+
+class Tests_Auth_OpenID_FetchErrorInIdRes extends _TestIdRes {
+ var $consumer_class = '_IdResFetchFailingConsumer';
+
+ function test_idResFailure()
+ {
+ $query = array('openid.mode' => 'id_res');
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+ $r = $this->consumer->complete($message, $this->endpoint, null);
+ $this->assertEquals($r->status, Auth_OpenID_FAILURE);
+ $this->assertEquals($r->identity_url, $this->consumer_id);
+ $this->assertEquals($this->consumer->message, $r->message);
+ }
+}
+
+class _ExceptionRaisingMockFetcher {
+ function get($url)
+ {
+ __raiseError(E_MOCK_FETCHER_EXCEPTION);
+ }
+
+ function post($url, $body)
+ {
+ __raiseError(E_MOCK_FETCHER_EXCEPTION);
+
+ return new Auth_Yadis_HTTPResponse($url, 400,
+ array(), '');
+ }
+}
+
+class _BadArgCheckingConsumer extends Auth_OpenID_GenericConsumer {
+ function _makeKVPost($message, $tmp)
+ {
+ $args = $message->toPostArgs();
+
+ if ($args != array(
+ 'openid.mode' => 'check_authentication',
+ 'openid.signed' => 'foo')) {
+ __raiseError(E_ASSERTION_ERROR);
+ }
+ return null;
+ }
+}
+
+class Tests_Auth_OpenID_Consumer_TestCheckAuth extends _TestIdRes {
+ function setUp()
+ {
+ $this->store = new Tests_Auth_OpenID_MemStore();
+ $this->consumer = new Auth_OpenID_GenericConsumer($this->store);
+ $this->fetcher = new _MockFetcher();
+ $this->consumer->fetcher =& $this->fetcher;
+ }
+
+ function test_checkauth_error()
+ {
+ global $_Auth_OpenID_server_url;
+ $this->fetcher->response = new Auth_Yadis_HTTPResponse("http://some_url",
+ 404,
+ array(),
+ "blah:blah\n");
+ $query = array('openid.signed' => 'stuff, things');
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+
+ $r = $this->consumer->_checkAuth($message, $_Auth_OpenID_server_url);
+ if ($r !== false) {
+ $this->fail("Expected _checkAuth result to be false");
+ }
+ }
+
+ function test_bad_args()
+ {
+ $query = array('openid.signed' => 'foo',
+ 'closid.foo' => 'something');
+
+ $consumer = new _BadArgCheckingConsumer($this->store);
+
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+
+ $this->assertFalse($consumer->_checkAuth($message, 'does://not.matter'));
+ }
+
+ function test_signedList()
+ {
+ $signed = 'identity,mode,ns.sreg,sreg.email';
+ $query = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'mode'=> 'id_res',
+ 'sig'=> 'rabbits',
+ 'identity'=> '=example',
+ 'assoc_handle'=> 'munchkins',
+ 'ns.sreg' => 'urn:sreg',
+ 'sreg.email' => 'bogus@example.com',
+ 'signed'=> $signed,
+ 'foo'=> 'bar'));
+
+ $args = $this->consumer->_createCheckAuthRequest($query);
+ $this->assertTrue($args->isOpenID1());
+ $signed_list = explode(',',$signed);
+ foreach ($signed_list as $k) {
+ $this->assertTrue($args->getAliasedArg($k));
+ }
+ }
+
+
+ function test_112()
+ {
+ $args = array('openid.assoc_handle' => 'fa1f5ff0-cde4-11dc-a183-3714bfd55ca8',
+ 'openid.claimed_id' => 'http://binkley.lan/user/test01',
+ 'openid.identity' => 'http://test01.binkley.lan/',
+ 'openid.mode' => 'id_res',
+ 'openid.ns' => 'http://specs.openid.net/auth/2.0',
+ 'openid.ns.pape' => 'http://specs.openid.net/extensions/pape/1.0',
+ 'openid.op_endpoint' => 'http://binkley.lan/server',
+ 'openid.pape.auth_policies' => 'none',
+ 'openid.pape.auth_time' => '2008-01-28T20 =>42 =>36Z',
+ 'openid.pape.nist_auth_level' => '0',
+ 'openid.response_nonce' => '2008-01-28T21 =>07 =>04Z99Q=',
+ 'openid.return_to' => 'http://binkley.lan =>8001/process?janrain_nonce=2008-01-28T21%3A07%3A02Z0tMIKx',
+ 'openid.sig' => 'YJlWH4U6SroB1HoPkmEKx9AyGGg=',
+ 'openid.signed' => 'assoc_handle,identity,response_nonce,return_to,claimed_id,op_endpoint,pape.auth_time,ns.pape,pape.nist_auth_level,pape.auth_policies'
+ );
+ $this->assertEquals(Auth_OpenID_OPENID2_NS, $args['openid.ns']);
+ $incoming = Auth_OpenID_Message::fromPostArgs($args);
+ $this->assertTrue($incoming->isOpenID2());
+ $car = $this->consumer->_createCheckAuthRequest($incoming);
+ $expected_args = $args;
+ $expected_args['openid.mode'] = 'check_authentication';
+ $expected = Auth_OpenID_Message::fromPostArgs($expected_args);
+ $this->assertTrue($expected->isOpenID2());
+ $this->assertEquals($expected, $car);
+ $this->assertEquals($expected_args, $car->toPostArgs());
+ }
+}
+
+class Tests_Auth_OpenID_Consumer_TestFetchAssoc extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->store = new Tests_Auth_OpenID_MemStore();
+ $this->fetcher = new _MockFetcher();
+ $this->consumer = new Auth_OpenID_GenericConsumer($this->store);
+ $this->consumer->fetcher =& $this->fetcher;
+ }
+
+ function test_kvpost_error()
+ {
+ $this->fetcher->response = new Auth_Yadis_HTTPResponse("http://some_url",
+ 404,
+ array(),
+ "blah:blah\n");
+ $query = array('openid.mode' => 'associate');
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+
+ $r = $this->consumer->_makeKVPost($message,
+ "http://server_url");
+ if ($r !== null) {
+ $this->fail("Expected _makeKVPost result to be null");
+ }
+ }
+
+ function test_error_404()
+ {
+ // 404 from a kv post raises HTTPFetchingError
+ $this->fetcher->response = new Auth_Yadis_HTTPResponse(
+ "http://some_url", 404, array('Hea'=> 'der'), 'blah:blah\n');
+
+ $result = $this->consumer->_makeKVPost(
+ Auth_OpenID_Message::fromPostArgs(array('mode'=>'associate')),
+ "http://server_url");
+
+ $this->assertTrue($result === null);
+ }
+
+ function test_error_exception()
+ {
+ $this->consumer->fetcher = new _ExceptionRaisingMockFetcher();
+
+ $query = array('openid.mode' => 'associate');
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+
+ $this->consumer->_makeKVPost($message,
+ "http://server_url");
+
+ if (__getError() !== E_MOCK_FETCHER_EXCEPTION) {
+ $this->fail("Expected ExceptionRaisingMockFetcher to " .
+ "raise E_MOCK_FETCHER_EXCEPTION");
+ }
+
+ $endpoint = new Auth_OpenID_ServiceEndpoint();
+ $endpoint->server_url = 'some://url';
+
+ // exception fetching returns no association
+ $this->assertEquals($this->consumer->_getAssociation($endpoint),
+ null);
+
+ $query = array('openid.signed' => '');
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+
+ $this->consumer->_checkAuth($message,
+ 'some://url');
+
+ if (__getError() !== E_MOCK_FETCHER_EXCEPTION) {
+ $this->fail("Expected ExceptionRaisingMockFetcher to " .
+ "raise E_MOCK_FETCHER_EXCEPTION (_checkAuth)");
+ }
+ }
+}
+
+class Tests_Auth_OpenID_AuthRequestHTMLMarkup extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->endpoint = new Auth_OpenID_ServiceEndpoint();
+ $this->endpoint->claimed_id = 'identity_url';
+
+ $this->request = new Auth_OpenID_AuthRequest($this->endpoint, null);
+ }
+
+ function test_htmlMarkup()
+ {
+ $html = $this->request->htmlMarkup('http://realm.com/',
+ 'http://realm.com/return_to');
+ $this->assertTrue(strpos($html,"<html>") !== false);
+ $this->assertTrue(strpos($html,"</html>") !== false);
+ $this->assertTrue(strpos($html,"<body onload") !== false);
+ $this->assertTrue(strpos($html,"</body>") !== false);
+ $this->assertTrue(strpos($html,"<form") !== false);
+ $this->assertTrue(strpos($html,"</form>") !== false);
+ }
+}
+
+class Tests_Auth_OpenID_SuccessResponse extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->endpoint = new Auth_OpenID_ServiceEndpoint();
+ $this->endpoint->claimed_id = 'identity_url';
+ }
+
+ function test_extensionResponse()
+ {
+ $uri = "http://bogus.unittest/1.0";
+
+ $query = array(
+ 'openid.ns.unittest' => $uri,
+ 'openid.unittest.one' => '1',
+ 'openid.unittest.two' =>'2',
+ 'openid.sreg.nickname' => 'j3h',
+ 'openid.return_to' => 'return_to');
+
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+ $resp = new Auth_OpenID_SuccessResponse($this->endpoint, $message);
+
+ $utargs = $resp->extensionResponse($uri, false);
+ $this->assertEquals($utargs, array('one' => '1', 'two' => '2'));
+ $sregargs = $resp->extensionResponse(Auth_OpenID_SREG_NS_URI, false);
+ $this->assertEquals($sregargs, array('nickname' => 'j3h'));
+ }
+
+ function test_extensionResponseSigned()
+ {
+ $args = array(
+ 'ns.sreg' => 'urn:sreg',
+ 'ns.unittest' => 'urn:unittest',
+ 'unittest.one' => '1',
+ 'unittest.two' => '2',
+ 'sreg.nickname' => 'j3h',
+ 'sreg.dob' => 'yesterday',
+ 'return_to' => 'return_to',
+ 'signed' => 'sreg.nickname,unittest.one,sreg.dob');
+
+ $signed_list = array('openid.sreg.nickname',
+ 'openid.unittest.one',
+ 'openid.sreg.dob',
+ 'openid.ns.sreg');
+
+ $msg = Auth_OpenID_Message::fromOpenIDArgs($args);
+ $resp = new Auth_OpenID_SuccessResponse($this->endpoint, $msg, $signed_list);
+
+ // All args in this NS are signed, so expect all.
+ $sregargs = $resp->extensionResponse('urn:sreg', true);
+ $this->assertEquals($sregargs,
+ array('nickname' => 'j3h',
+ 'dob' => 'yesterday'));
+
+ // Not all args in this NS are signed, so expect null when
+ // asking for them.
+ $utargs = $resp->extensionResponse('urn:unittest', true);
+ $this->assertEquals($utargs, null);
+ }
+
+ function test_noReturnTo()
+ {
+ $message = Auth_OpenID_Message::fromPostArgs(array());
+ $resp = new Auth_OpenID_SuccessResponse($this->endpoint, $message);
+ $this->assertTrue($resp->getReturnTo() === null);
+ }
+
+ function test_returnTo()
+ {
+ $query = array('openid.return_to' => 'return_to');
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+
+ $resp = new Auth_OpenID_SuccessResponse($this->endpoint,
+ $message, array('openid.return_to'));
+
+ $this->assertEquals($resp->getReturnTo(), 'return_to');
+ }
+}
+
+class _StubConsumer {
+ function _StubConsumer()
+ {
+ $this->assoc = null;
+ $this->response = null;
+ $this->endpoint = null;
+ $this->fetcher = new _MockFetcher();
+ }
+
+ function begin($service)
+ {
+ $auth_req = new Auth_OpenID_AuthRequest($service, $this->assoc);
+ $this->endpoint = $service;
+ return $auth_req;
+ }
+
+ function complete($message, $endpoint, $return_to)
+ {
+ return $this->response;
+ }
+}
+
+class Tests_Auth_OpenID_DiscoFailure extends PHPUnit_Framework_TestCase {
+ var $consumerClass = null;
+
+ function setUp()
+ {
+ foreach ($_SESSION as $k => $v) {
+ unset($_SESSION[$k]);
+ }
+
+ $this->endpoint = new Auth_OpenID_ServiceEndpoint();
+ $this->claimed_id = 'http://identity.url/';
+ $this->endpoint->claimed_id = $this->claimed_id;
+ $this->store = null;
+ $this->session = new Auth_Yadis_PHPSession();
+ $cls = $this->consumerClass;
+ $this->consumer = new $cls($this->store, $this->session);
+ $this->consumer->consumer = new _StubConsumer();
+ $this->discovery = new Auth_Yadis_Discovery($this->session,
+ $this->claimed_id,
+ $this->consumer->session_key_prefix);
+ }
+}
+
+class Consumer_completeEmptySession extends Auth_OpenID_GenericConsumer {
+ var $test_case = null;
+ var $text = "failed complete";
+
+ function complete($message, $endpoint, $return_to)
+ {
+ $this->test_case->assertTrue($endpoint === null);
+ return new Auth_OpenID_FailureResponse($endpoint, $this->text);
+ }
+}
+
+class Tests_Auth_OpenID_ConsumerTest2 extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ foreach ($_SESSION as $k => $v) {
+ unset($_SESSION[$k]);
+ }
+
+ $this->endpoint = new Auth_OpenID_ServiceEndpoint();
+ $this->claimed_id = 'http://identity.url/';
+ $this->endpoint->claimed_id = $this->claimed_id;
+ $this->store = null;
+ $this->session = new Auth_Yadis_PHPSession();
+ $this->consumer = new Auth_OpenID_Consumer($this->store, $this->session);
+ $this->consumer->consumer = new _StubConsumer();
+ $this->discovery = new Auth_Yadis_Discovery($this->session,
+ $this->claimed_id,
+ $this->consumer->session_key_prefix);
+ }
+
+ function test_beginWithoutDiscovery()
+ {
+ // Does this really test anything non-trivial?
+ $result = $this->consumer->beginWithoutDiscovery($this->endpoint);
+
+ // The result is an auth request
+ $this->assertTrue(strtolower(get_class($result)) ==
+ 'auth_openid_authrequest');
+
+ $loader = new Auth_OpenID_ServiceEndpointLoader();
+
+ // Side-effect of calling beginWithoutDiscovery is setting the
+ // session value to the endpoint attribute of the result
+ $this->assertTrue(
+ $loader->fromSession(
+ $this->session->get($this->consumer->_token_key)) ==
+ $result->endpoint);
+
+ // The endpoint that we passed in is the endpoint on the
+ // auth_request
+ $this->assertTrue($result->endpoint == $this->endpoint);
+ }
+
+ function test_completeEmptySession()
+ {
+ $this->consumer->consumer = new Consumer_completeEmptySession($this->store);
+ $this->consumer->consumer->test_case =& $this;
+
+ $response = $this->consumer->complete(null);
+ $this->assertTrue(Auth_OpenID::isFailure($response));
+ $this->assertEquals($this->consumer->consumer->text, $response->message);
+ $this->assertTrue($response->identity_url === null);
+ }
+
+ function _doResp($auth_req, $exp_resp)
+ {
+ // complete a transaction, using the expected response from
+ // the generic consumer.
+ $this->consumer->consumer->response = $exp_resp;
+
+ // endpoint is stored in the session
+ // $this->assertTrue($this->session->data);
+ $this->assertTrue($_SESSION);
+ $resp = $this->consumer->complete(null);
+
+ // All responses should have the same identity URL, and the
+ // session should be cleaned out
+ if ($this->endpoint->claimed_id != Auth_OpenID_IDENTIFIER_SELECT) {
+ $this->assertTrue($resp->identity_url == $this->claimed_id);
+ }
+
+ $this->assertFalse(in_array($this->consumer->_token_key,
+ $_SESSION)); // this->session->data));
+
+ // Expected status response
+ $this->assertEquals($resp->status, $exp_resp->status);
+
+ return $resp;
+ }
+
+ function _doRespNoDisco($exp_resp)
+ {
+ // Set up a transaction without discovery
+ $auth_req = $this->consumer->beginWithoutDiscovery($this->endpoint);
+ $resp = $this->_doResp($auth_req, $exp_resp);
+ // There should be nothing left in the session once we have
+ // completed.
+ $this->assertFalse($this->session->contents());
+ return $resp;
+ }
+
+ /*
+ * Be sure that the session gets cleaned up when the response is
+ * successful and has a different URL than the one in the request.
+ */
+ function test_successDifferentURL()
+ {
+ // Set up a request endpoint describing an IDP URL
+ $this->identity_url = 'http://idp.url/';
+ $this->endpoint->claimed_id = $this->endpoint->local_id = Auth_OpenID_IDENTIFIER_SELECT;
+
+ // Use a response endpoint with a different URL (asserted by
+ // the IDP)
+ $resp_endpoint = new Auth_OpenID_ServiceEndpoint();
+ $resp_endpoint->claimed_id = "http://user.url/";
+
+ $resp = $this->_doRespDisco(
+ true,
+ mkSuccess($resp_endpoint, array()));
+ $this->assertTrue($this->discovery->getManager(true) === null);
+ }
+
+ function test_noDiscoCompleteSuccessWithToken()
+ {
+ $message = Auth_OpenID_Message::fromPostArgs(array());
+ $this->_doRespNoDisco(new Auth_OpenID_SuccessResponse($this->endpoint,
+ $message));
+ }
+
+ function test_noDiscoCompleteCancelWithToken()
+ {
+ $this->_doRespNoDisco(new Auth_OpenID_CancelResponse($this->endpoint));
+ }
+
+ function test_noDiscoCompleteFailure()
+ {
+ $msg = 'failed!';
+ $resp = $this->_doRespNoDisco(new Auth_OpenID_FailureResponse($this->endpoint, $msg));
+ $this->assertTrue($resp->message == $msg);
+ }
+
+ function test_noDiscoCompleteSetupNeeded()
+ {
+ $setup_url = 'http://setup.url/';
+ $resp = $this->_doRespNoDisco(
+ new Auth_OpenID_SetupNeededResponse($this->endpoint, $setup_url));
+ $this->assertTrue($resp->setup_url == $setup_url);
+ }
+
+ // To test that discovery is cleaned up, we need to initialize a
+ // Yadis manager, and have it put its values in the session.
+ function _doRespDisco($is_clean, $exp_resp)
+ {
+ // Set up and execute a transaction, with discovery
+ $this->discovery->createManager(array($this->endpoint),
+ $this->claimed_id);
+ $auth_req = $this->consumer->begin($this->claimed_id);
+ $resp = $this->_doResp($auth_req, $exp_resp);
+
+ $manager = $this->discovery->getManager();
+ if ($is_clean) {
+ $this->assertTrue($this->discovery->getManager() === null);
+ } else {
+ $this->assertFalse($this->discovery->getManager() === null);
+ }
+
+ return $resp;
+ }
+
+ // Cancel and success DO clean up the discovery process
+ function test_completeSuccess()
+ {
+ $message = Auth_OpenID_Message::fromPostArgs(array());
+ $this->_doRespDisco(true,
+ new Auth_OpenID_SuccessResponse($this->endpoint,
+ $message));
+ }
+
+ function test_completeCancel()
+ {
+ $this->_doRespDisco(true,
+ new Auth_OpenID_CancelResponse($this->endpoint));
+ }
+
+ // Failure and setup_needed don't clean up the discovery process
+ function test_completeFailure()
+ {
+ $msg = 'failed!';
+ $resp = $this->_doRespDisco(false,
+ new Auth_OpenID_FailureResponse($this->endpoint, $msg));
+ $this->assertTrue($resp->message == $msg);
+ }
+
+ function test_completeSetupNeeded()
+ {
+ $setup_url = 'http://setup.url/';
+ $resp = $this->_doRespDisco(false,
+ new Auth_OpenID_SetupNeededResponse($this->endpoint, $setup_url));
+ $this->assertTrue($resp->status == Auth_OpenID_SETUP_NEEDED);
+ $this->assertTrue($resp->setup_url == $setup_url);
+ }
+
+ function test_begin()
+ {
+ $this->discovery->createManager(array($this->endpoint),
+ $this->claimed_id);
+ // Should not raise an exception
+ $auth_req = $this->consumer->begin($this->claimed_id);
+ $this->assertTrue(strtolower(get_class($auth_req)) === 'auth_openid_authrequest');
+ $this->assertTrue($auth_req->endpoint == $this->endpoint);
+ $this->assertTrue($auth_req->endpoint == $this->consumer->consumer->endpoint);
+ $this->assertTrue($auth_req->assoc == $this->consumer->consumer->assoc);
+ }
+}
+
+class IDPDrivenTest_Consumer1 extends ConfigurableConsumer {
+ var $iverified = array();
+ var $endpoint = null;
+ var $failure_cb = null;
+ var $check_endpoint = null;
+
+ function _idResCheckNonce($message, $endpoint)
+ {
+ return true;
+ }
+
+ function _verifyDiscoveryResults($identifier, $endpoint)
+ {
+ call_user_func($this->failure_cb,
+ $endpoint === $this->check_endpoint);
+ $this->iverified[] = $this->endpoint;
+ return $this->endpoint;
+ }
+}
+
+class IDPDrivenTest_Consumer2 extends ConfigurableConsumer {
+ function verifyDiscoveryResults($identifier, $endp)
+ {
+ return new Auth_OpenID_FailureResponse(null,
+ "Bogus");
+ }
+}
+
+class IDPDrivenTest extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->store = new GoodAssocStore();
+ $this->consumer = new ConfigurableConsumer($this->store);
+ $this->endpoint = new Auth_OpenID_ServiceEndpoint();
+ $this->endpoint->server_url = "http://idp.unittest/";
+ }
+
+ function test_idpDrivenBegin()
+ {
+ // Testing here that the token-handling doesn't explode...
+ $this->assertTrue($this->consumer->begin($this->endpoint) !== null);
+ }
+
+ function test_idpDrivenComplete()
+ {
+ global $GOODSIG;
+
+ $this->consumer = new IDPDrivenTest_Consumer1($this->store);
+ $this->consumer->failure_cb = array($this, "assertTrue");
+ $this->consumer->check_endpoint =& $this->endpoint;
+
+ $identifier = '=directed_identifier';
+ $message = Auth_OpenID_Message::fromPostArgs(array(
+ 'openid.identity'=> '=directed_identifier',
+ 'openid.return_to'=> 'x',
+ 'openid.assoc_handle'=> 'z',
+ 'openid.signed'=> 'identity,return_to',
+ 'openid.sig'=> $GOODSIG));
+
+ $endpoint = new Auth_OpenID_ServiceEndpoint();
+ $endpoint->claimed_id = $identifier;
+ $endpoint->server_url = $this->endpoint->server_url;
+ $endpoint->local_id = $identifier;
+
+ $this->consumer->disableReturnToChecking();
+
+ $this->consumer->endpoint =& $endpoint;
+ $response = $this->consumer->_doIdRes($message, $this->endpoint, null);
+
+ $this->failUnlessSuccess($response);
+
+ $this->assertEquals($response->identity_url, "=directed_identifier");
+
+ // assert that discovery attempt happens and returns good
+ $this->assertEquals($this->consumer->iverified, array($endpoint));
+ }
+
+ function test_idpDrivenCompleteFraud()
+ {
+ global $GOODSIG;
+
+ $this->consumer = new IDPDrivenTest_Consumer2($this->store);
+
+ // crap with an identifier that doesn't match discovery info
+ $message = Auth_OpenID_Message::fromPostArgs(array(
+ 'openid.identity'=> '=directed_identifier',
+ 'openid.return_to'=> 'x',
+ 'openid.assoc_handle'=> 'z',
+ 'openid.signed'=> 'identity,return_to',
+ 'openid.sig'=> $GOODSIG));
+
+ $this->consumer->disableReturnToChecking();
+
+ $result = $this->consumer->_doIdRes($message, $this->endpoint, null);
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+
+ function failUnlessSuccess($response)
+ {
+ if ($response->status != Auth_OpenID_SUCCESS) {
+ $this->fail("Non-successful response (status is ".$response->status.")");
+ }
+ }
+}
+
+global $__test_otherServer_text;
+$__test_otherServer_text = "__test_otherServer";
+class TestDiscoveryVerification_test_otherServer extends Auth_OpenID_GenericConsumer {
+ function _discoverAndVerify($to_match)
+ {
+ global $__test_otherServer_text;
+ return new Auth_OpenID_FailureResponse(null, $__test_otherServer_text);
+ }
+}
+
+class TestDiscoveryVerification extends PHPUnit_Framework_TestCase {
+ var $services = array();
+
+ function discoveryFunc($identifier)
+ {
+ return array($identifier, $this->services);
+ }
+
+ function setUp()
+ {
+ $this->store = new GoodAssocStore();
+ $this->consumer = new Auth_OpenID_GenericConsumer($this->store);
+ $this->consumer->discoverMethod = array($this,
+ 'discoveryFunc');
+
+ $this->identifier = "http://idp.unittest/1337";
+ $this->server_url = "http://endpoint.unittest/";
+
+ $this->message = Auth_OpenID_Message::fromPostArgs(array(
+ 'openid.ns'=> Auth_OpenID_OPENID2_NS,
+ 'openid.identity'=> $this->identifier,
+ 'openid.claimed_id'=> $this->identifier,
+ 'openid.op_endpoint'=> $this->server_url));
+
+ $this->endpoint = new Auth_OpenID_ServiceEndpoint();
+ $this->endpoint->server_url = $this->server_url;
+ }
+
+ function test_theGoodStuff()
+ {
+ $endpoint = new Auth_OpenID_ServiceEndpoint();
+ $endpoint->type_uris = array(Auth_OpenID_TYPE_2_0);
+ $endpoint->claimed_id = $this->identifier;
+ $endpoint->server_url = $this->server_url;
+ $endpoint->local_id = $this->identifier;
+ $this->services = array($endpoint);
+ $r = $this->consumer->_verifyDiscoveryResults($this->message, $endpoint);
+
+ $this->assertEquals($r, $endpoint);
+ }
+
+ function test_otherServer()
+ {
+ global $__test_otherServer_text;
+
+ // setup
+ $this->consumer = new TestDiscoveryVerification_test_otherServer($this->store);
+ $this->consumer->discoverMethod = array($this,
+ 'discoveryFunc');
+
+ // a set of things without the stuff
+ $endpoint = new Auth_OpenID_ServiceEndpoint();
+ $endpoint->type_uris = array(Auth_OpenID_TYPE_2_0);
+ $endpoint->claimed_id = $this->identifier;
+ $endpoint->server_url = "http://the-MOON.unittest/";
+ $endpoint->local_id = $this->identifier;
+ $this->services = array($endpoint);
+
+ $result = $this->consumer->_verifyDiscoveryResults(
+ $this->message, $endpoint);
+
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ $this->assertTrue(strpos($result->message, $__test_otherServer_text) !== false);
+ }
+
+ function test_foreignDelegate()
+ {
+ global $__test_otherServer_text;
+
+ // setup
+ $this->consumer = new TestDiscoveryVerification_test_otherServer($this->store);
+ $this->consumer->discoverMethod = array($this,
+ 'discoveryFunc');
+
+ // a set of things with the server stuff but other delegate
+ $endpoint = new Auth_OpenID_ServiceEndpoint();
+ $endpoint->type_uris = array(Auth_OpenID_TYPE_2_0);
+ $endpoint->claimed_id = $this->identifier;
+ $endpoint->server_url = $this->server_url;
+ $endpoint->local_id = "http://unittest/juan-carlos";
+
+ $result = $this->consumer->_verifyDiscoveryResults(
+ $this->message, $endpoint);
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ $this->assertTrue(strpos($result->message, $__test_otherServer_text) !== false);
+ }
+
+ function test_nothingDiscovered()
+ {
+ // a set of no things.
+ $this->services = array();
+ $result = $this->consumer->_verifyDiscoveryResults(
+ $this->message, $this->endpoint);
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+}
+
+class DummyEndpoint {
+ var $use_compatibility = false;
+
+ function compatibilityMode()
+ {
+ return $this->use_compatibility;
+ }
+}
+
+class TestCreateAssociationRequest extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->endpoint = new DummyEndpoint();
+ $s = null;
+ $this->consumer = new Auth_OpenID_GenericConsumer($s);
+ $this->assoc_type = 'HMAC-SHA1';
+ }
+
+ function test_noEncryptionSendsType()
+ {
+ $session_type = 'no-encryption';
+ list($session, $args) = $this->consumer->_createAssociateRequest(
+ $this->endpoint, $this->assoc_type, $session_type);
+
+ $this->assertTrue(is_a($session, 'Auth_OpenID_PlainTextConsumerSession'));
+
+ $expected = Auth_OpenID_Message::fromOpenIDArgs(
+ array('ns' => Auth_OpenID_OPENID2_NS,
+ 'session_type'=>$session_type,
+ 'mode'=>'associate',
+ 'assoc_type'=>$this->assoc_type));
+
+ $this->assertEquals($expected->toPostArgs(),
+ $args->toPostArgs());
+ }
+
+ function test_noEncryptionSendsTypeHMACSHA256()
+ {
+ if (!Auth_OpenID_HMACSHA256_SUPPORTED) {
+ $this->pass();
+ return;
+ }
+
+ $session_type = 'no-encryption';
+ $this->assoc_type = 'HMAC-SHA256';
+
+ list($session, $args) = $this->consumer->_createAssociateRequest(
+ $this->endpoint, $this->assoc_type, $session_type);
+
+ $this->assertTrue(is_a($session, 'Auth_OpenID_PlainTextConsumerSession'));
+
+ $expected = Auth_OpenID_Message::fromOpenIDArgs(
+ array('ns' => Auth_OpenID_OPENID2_NS,
+ 'session_type'=>$session_type,
+ 'mode'=>'associate',
+ 'assoc_type'=>$this->assoc_type));
+
+ $this->assertEquals($expected->toPostArgs(),
+ $args->toPostArgs());
+
+ $response = Auth_OpenID_Message::fromOpenIDArgs(
+ array('ns' => Auth_OpenID_OPENID2_NS,
+ 'session_type'=>$session_type,
+ 'assoc_type'=>$this->assoc_type,
+ 'expires_in' => '10000000000',
+ 'mac_key' => 'ZM9v',
+ 'assoc_handle' => 'turnme'
+ )
+ );
+
+ $assoc = $this->consumer->_extractAssociation($response, $session);
+
+ $this->assertTrue($assoc !== null);
+ $this->assertTrue(is_a($assoc, 'Auth_OpenID_Association'));
+ $this->assertTrue($assoc->assoc_type = $this->assoc_type);
+ $this->assertTrue($assoc->session_type = $session_type);
+ }
+
+ function test_noEncryptionCompatibility()
+ {
+ $this->endpoint->use_compatibility = true;
+ $session_type = 'no-encryption';
+ list($session, $args) = $this->consumer->_createAssociateRequest(
+ $this->endpoint, $this->assoc_type, $session_type);
+
+ $this->assertTrue(is_a($session, 'Auth_OpenID_PlainTextConsumerSession'));
+ $this->assertEquals(Auth_OpenID_Message::fromOpenIDArgs(array('mode'=>'associate',
+ 'assoc_type'=>$this->assoc_type)),
+ $args);
+ }
+
+ function test_dhSHA1Compatibility()
+ {
+ // Set the consumer's session type to a fast session since we
+ // need it here.
+ setConsumerSession($this->consumer);
+
+ $this->endpoint->use_compatibility = true;
+ $session_type = 'DH-SHA1';
+ list($session, $args) = $this->consumer->_createAssociateRequest(
+ $this->endpoint, $this->assoc_type, $session_type);
+
+ $this->assertTrue(is_a($session,
+ 'Auth_OpenID_DiffieHellmanSHA1ConsumerSession'));
+
+ // This is a random base-64 value, so just check that it's
+ // present.
+ $this->assertTrue($args->hasKey(Auth_OpenID_OPENID1_NS, 'dh_consumer_public'));
+ $args->delArg(Auth_OpenID_OPENID1_NS, 'dh_consumer_public');
+
+ // OK, session_type is set here and not for no-encryption
+ // compatibility
+ $expected = Auth_OpenID_Message::fromOpenIDArgs(array('mode'=>'associate',
+ 'session_type'=>'DH-SHA1',
+ 'assoc_type'=>$this->assoc_type,
+ 'dh_modulus'=> 'BfvStQ==',
+ 'dh_gen'=> 'Ag=='));
+
+ $this->assertEquals($expected->toPostArgs(),
+ $args->toPostArgs());
+ }
+}
+
+class TestDiffieHellmanResponseParameters extends PHPUnit_Framework_TestCase {
+ var $session_cls = null;
+ var $message_namespace = null;
+
+ function setUp()
+ {
+ // Pre-compute DH with small prime so tests run quickly.
+ $this->server_dh = new Auth_OpenID_DiffieHellman(100389557, 2);
+ $this->consumer_dh = new Auth_OpenID_DiffieHellman(100389557, 2);
+
+ $lib = Auth_OpenID_getMathLib();
+
+ $cls = $this->session_cls;
+ $this->consumer_session = new $cls($this->consumer_dh);
+
+ // base64(btwoc(g ^ xb mod p))
+ $this->dh_server_public = $lib->longToBase64($this->server_dh->public);
+
+ $this->secret = Auth_OpenID_CryptUtil::randomString(
+ $this->consumer_session->secret_size);
+
+ $this->enc_mac_key = base64_encode(
+ $this->server_dh->xorSecret($this->consumer_dh->public,
+ $this->secret,
+ $this->consumer_session->hash_func));
+
+ $this->msg = new Auth_OpenID_Message($this->message_namespace);
+ }
+
+ function testExtractSecret()
+ {
+ $this->msg->setArg(Auth_OpenID_OPENID_NS, 'dh_server_public',
+ $this->dh_server_public);
+
+ $this->msg->setArg(Auth_OpenID_OPENID_NS, 'enc_mac_key',
+ $this->enc_mac_key);
+
+ $extracted = $this->consumer_session->extractSecret($this->msg);
+ $this->assertEquals($extracted, $this->secret);
+ }
+
+ function testAbsentServerPublic()
+ {
+ $this->msg->setArg(Auth_OpenID_OPENID_NS, 'enc_mac_key',
+ $this->enc_mac_key);
+
+ $this->assertTrue($this->consumer_session->extractSecret($this->msg) === null);
+ }
+
+ function testAbsentMacKey()
+ {
+ $this->msg->setArg(Auth_OpenID_OPENID_NS, 'dh_server_public',
+ $this->dh_server_public);
+
+ $this->assertTrue($this->consumer_session->extractSecret($this->msg) === null);
+ }
+
+ /*
+ function testInvalidBase64Public()
+ {
+ $this->msg->setArg(Auth_OpenID_OPENID_NS, 'dh_server_public',
+ 'n o t b a s e 6 4.');
+
+ $this->msg->setArg(Auth_OpenID_OPENID_NS, 'enc_mac_key',
+ $this->enc_mac_key);
+
+ $this->assertTrue($this->consumer_session->extractSecret($this->msg) === null);
+ }
+
+ function testInvalidBase64MacKey()
+ {
+ $this->msg->setArg(Auth_OpenID_OPENID_NS, 'dh_server_public',
+ $this->dh_server_public);
+
+ $this->msg->setArg(Auth_OpenID_OPENID_NS, 'enc_mac_key',
+ 'n o t base 64');
+
+ $this->assertTrue($this->consumer_session->extractSecret($this->msg) === null);
+ }
+ */
+}
+
+class TestOpenID1SHA1 extends TestDiffieHellmanResponseParameters {
+ var $session_cls = 'Auth_OpenID_DiffieHellmanSHA1ConsumerSession';
+ var $message_namespace = Auth_OpenID_OPENID1_NS;
+}
+
+class TestOpenID2SHA1 extends TestDiffieHellmanResponseParameters {
+ var $session_cls = 'Auth_OpenID_DiffieHellmanSHA1ConsumerSession';
+ var $message_namespace = Auth_OpenID_OPENID2_NS;
+}
+
+if (!defined('Auth_OpenID_NO_MATH_SUPPORT') &&
+ Auth_OpenID_SHA256_SUPPORTED) {
+ class TestOpenID2SHA256 extends TestDiffieHellmanResponseParameters {
+ var $session_cls = 'Auth_OpenID_DiffieHellmanSHA256ConsumerSession';
+ var $message_namespace = Auth_OpenID_OPENID2_NS;
+ }
+}
+
+class Tests_Auth_OpenID_KVPost extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->server_url = 'http://unittest/bogus';
+ }
+
+ function test_200()
+ {
+ $response = new Auth_Yadis_HTTPResponse();
+ $response->status = 200;
+ $response->body = "foo:bar\nbaz:quux\n";
+ $r = Auth_OpenID_GenericConsumer::_httpResponseToMessage($response, $this->server_url);
+ $expected_msg = Auth_OpenID_Message::fromOpenIDArgs(array('foo' => 'bar', 'baz' => 'quux'));
+ $this->assertEquals($expected_msg, $r);
+ }
+
+ function test_400()
+ {
+ $response = new Auth_Yadis_HTTPResponse();
+ $response->status = 400;
+ $response->body = "error:bonk\nerror_code:7\n";
+ $result = Auth_OpenID_GenericConsumer::_httpResponseToMessage($response, $this->server_url);
+
+ $this->assertTrue(is_a($result, 'Auth_OpenID_ServerErrorContainer'));
+ $this->assertEquals($result->error_text, 'bonk');
+ $this->assertEquals($result->error_code, '7');
+ }
+
+ function test_500()
+ {
+ // 500 as an example of any non-200, non-400 code.
+ $response = new Auth_Yadis_HTTPResponse();
+ $response->status = 500;
+ $response->body = "foo:bar\nbaz:quux\n";
+ $result = Auth_OpenID_GenericConsumer::_httpResponseToMessage($response, $this->server_url);
+ $this->assertTrue($result === null);
+ }
+}
+
+// Add other test cases to be run.
+global $Tests_Auth_OpenID_Consumer_other;
+$Tests_Auth_OpenID_Consumer_other = array(
+ // new Tests_Auth_OpenID_Consumer_TestSetupNeeded(),
+ new Tests_Auth_OpenID_AuthRequestHTMLMarkup(),
+ new Tests_Auth_OpenID_Consumer_TestCheckAuth(),
+ new Tests_Auth_OpenID_Consumer_TestCheckAuthTriggered(),
+ new Tests_Auth_OpenID_Consumer_TestFetchAssoc(),
+ new Tests_Auth_OpenID_Consumer_CheckNonceTest(),
+ new Tests_Auth_OpenID_Complete(),
+ new Tests_Auth_OpenID_SuccessResponse(),
+ new Tests_Auth_OpenID_CheckAuthResponse(),
+ new Tests_Auth_OpenID_FetchErrorInIdRes(),
+ new Tests_Auth_OpenID_ConsumerTest2(),
+ new Tests_Auth_OpenID_Stateless1(),
+ new Tests_Auth_OpenID_Stateless2(),
+ new TestCompleteMissingSig(),
+ new TestReturnToArgs(),
+ new IDPDrivenTest(),
+ new TestDiscoveryVerification(),
+ new Tests_Auth_OpenID_KVPost(),
+ new Tests_idResURLMismatch(),
+ new IdResCheckForFieldsTest(),
+ );
+
+if (!defined('Auth_OpenID_NO_MATH_SUPPORT')) {
+ $Tests_Auth_OpenID_Consumer_other[] = new TestCreateAssociationRequest();
+ $Tests_Auth_OpenID_Consumer_other[] = new TestOpenID1SHA1();
+ $Tests_Auth_OpenID_Consumer_other[] = new TestOpenID2SHA1();
+}
+
+if (!defined('Auth_OpenID_NO_MATH_SUPPORT') &&
+ Auth_OpenID_SHA256_SUPPORTED) {
+ $Tests_Auth_OpenID_Consumer_other[] = new TestOpenID2SHA256();
+}
+
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/CryptUtil.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/CryptUtil.php
new file mode 100644
index 000000000..29022d2e1
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/CryptUtil.php
@@ -0,0 +1,54 @@
+<?php
+
+/**
+ * Tests for the CryptUtil functions.
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2005-2008 Janrain, Inc.
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+require_once 'Auth/OpenID.php';
+require_once 'Auth/OpenID/CryptUtil.php';
+
+class Tests_Auth_OpenID_CryptUtil extends PHPUnit_Framework_TestCase {
+ function test_length()
+ {
+ $cases = array(1, 10, 255);
+ foreach ($cases as $length) {
+ $data = Auth_OpenID_CryptUtil::getBytes($length);
+ $this->assertEquals(Auth_OpenID::bytes($data), $length);
+ }
+ }
+
+ function test_different()
+ {
+ $num_iterations = 100;
+ $data_length = 20;
+
+ $data = Auth_OpenID_CryptUtil::getBytes($num_iterations);
+ for ($i = 0; $i < $num_iterations; $i++) {
+ $last = $data;
+ $data = Auth_OpenID_CryptUtil::getBytes($data_length);
+ $this->assertFalse($data == $last);
+ }
+ }
+
+ function test_cryptrand()
+ {
+ // It's possible, but HIGHLY unlikely that a correct
+ // implementation will fail by returning the same number twice
+
+ $s = Auth_OpenID_CryptUtil::getBytes(32);
+ $t = Auth_OpenID_CryptUtil::getBytes(32);
+ $this->assertEquals(Auth_OpenID::bytes($s), 32);
+ $this->assertEquals(Auth_OpenID::bytes($t), 32);
+ $this->assertFalse($s == $t);
+ }
+}
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/DiffieHellman.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/DiffieHellman.php
new file mode 100644
index 000000000..524c011b7
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/DiffieHellman.php
@@ -0,0 +1,159 @@
+<?php
+
+/**
+ * Tests for the Diffie-Hellman key exchange implementation in the
+ * OpenID library.
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2005-2008 Janrain, Inc.
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+require_once 'Auth/OpenID/DiffieHellman.php';
+require_once 'Tests/Auth/OpenID/TestUtil.php';
+
+class Tests_Auth_OpenID_DiffieHellman_CheckCases extends PHPUnit_Framework_TestCase {
+ function Tests_Auth_OpenID_DiffieHellman_CheckCases($cases, $n)
+ {
+ $this->cases = $cases;
+ $this->n = $n;
+ }
+
+ function runTest()
+ {
+ $this->assertEquals($this->n, count($this->cases));
+ }
+}
+
+class Tests_Auth_OpenID_DiffieHellman_Private extends PHPUnit_Framework_TestCase {
+ function Tests_Auth_OpenID_DiffieHellman_Private($name, $input, $expected)
+ {
+ $this->setName("$name");
+ $this->input = $input;
+ $this->expected = $expected;
+ }
+
+ function runTest()
+ {
+ $lib =& Auth_OpenID_getMathLib();
+ $dh = new Auth_OpenID_DiffieHellman(null, null, $this->input);
+ $this->assertEquals($lib->cmp($this->expected, $dh->getPublicKey()), 0);
+ }
+}
+
+class Tests_Auth_OpenID_DiffieHellman_Exch extends PHPUnit_Framework_TestCase {
+ function Tests_Auth_OpenID_DiffieHellman_Exch($name, $p1, $p2, $shared)
+ {
+ $this->setName("$name");
+ $this->p1 = $p1;
+ $this->p2 = $p2;
+ $this->shared = $shared;
+ }
+
+ function runTest()
+ {
+ $lib = Auth_OpenID_getMathLib();
+ $shared = $lib->init($this->shared);
+ $dh1 = new Auth_OpenID_DiffieHellman(null, null, $this->p1);
+ $dh2 = new Auth_OpenID_DiffieHellman(null, null, $this->p2);
+ $sh1 = $dh1->getSharedSecret($dh2->getPublicKey());
+ $sh2 = $dh2->getSharedSecret($dh1->getPublicKey());
+ $this->assertEquals($lib->cmp($shared, $sh1), 0);
+ $this->assertEquals($lib->cmp($shared, $sh2), 0);
+ }
+}
+
+class Tests_Auth_OpenID_DiffieHellman extends PHPUnit_Framework_TestSuite {
+ function _readPrivateTestCases()
+ {
+ $lines = Tests_Auth_OpenID_readlines('dhpriv');
+ $cases = array();
+ foreach ($lines as $line) {
+ $case = array();
+ if (!preg_match('/^(\d+) (\d+)\n$/', $line, $case)) {
+ trigger_error("Bad test input: $line", E_USER_ERROR);
+ }
+
+ $c = count($case);
+ if ($c != 3) {
+ trigger_error("Wrong number of elements in parsed case: $c",
+ E_USER_ERROR);
+ }
+
+ array_shift($case);
+ $cases[] = $case;
+ }
+
+ return $cases;
+ }
+
+ function _readExchTestCases()
+ {
+ $lines = Tests_Auth_OpenID_readlines('dhexch');
+ $cases = array();
+ foreach ($lines as $line) {
+ $case = array();
+ if (!preg_match('/^(\d+) (\d+) (\d+)\n$/', $line, $case)) {
+ trigger_error("Bad test input: $line", E_USER_ERROR);
+ }
+
+ $c = count($case);
+ if ($c != 4) {
+ trigger_error("Wrong number of elements in parsed case: $c",
+ E_USER_ERROR);
+ }
+
+ array_shift($case);
+ $cases[] = $case;
+ }
+ return $cases;
+ }
+
+ function Tests_Auth_OpenID_DiffieHellman($name)
+ {
+ $this->setName($name);
+
+ $priv_cases = Tests_Auth_OpenID_DiffieHellman::_readPrivateTestCases();
+ $sanity = new Tests_Auth_OpenID_DiffieHellman_CheckCases(
+ $priv_cases, 29);
+ $sanity->setName('Check parsing of priv test data');
+ $this->addTest($sanity);
+
+ $exch_cases = Tests_Auth_OpenID_DiffieHellman::_readExchTestCases();
+ $sanity = new Tests_Auth_OpenID_DiffieHellman_CheckCases(
+ $exch_cases, 25);
+ $sanity->setName('Check parsing of exch test data');
+ $this->addTest($sanity);
+
+ if (!defined('Auth_OpenID_NO_MATH_SUPPORT')) {
+ if (defined('Tests_Auth_OpenID_thorough')) {
+ $npriv = count($priv_cases);
+ $nexch = count($exch_cases);
+ } else {
+ $npriv = 1;
+ $nexch = 3;
+ }
+
+ for ($i = 0; $i < $npriv; $i++) {
+ list($input, $expected) = $priv_cases[$i];
+ $one = new Tests_Auth_OpenID_DiffieHellman_Private(
+ "DHPriv $i", $input, $expected);
+ $this->addTest($one);
+ }
+
+ for ($i = 0; $i < $nexch; $i++) {
+ $case = $exch_cases[$i];
+ $one = new Tests_Auth_OpenID_DiffieHellman_Exch(
+ $i, $case[0], $case[1], $case[2]);
+ $this->addTest($one);
+ }
+ }
+ }
+}
+
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/Discover_OpenID.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Discover_OpenID.php
new file mode 100644
index 000000000..740548d10
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Discover_OpenID.php
@@ -0,0 +1,781 @@
+<?php
+
+require_once 'TestUtil.php';
+
+require_once 'Auth/OpenID.php';
+require_once 'Auth/OpenID/Discover.php';
+require_once 'Auth/Yadis/Manager.php';
+require_once 'Auth/Yadis/Misc.php';
+require_once 'Auth/Yadis/XRI.php';
+
+/**
+ * Tests for the core of the PHP Yadis library discovery logic.
+ */
+
+class _SimpleMockFetcher {
+ function _SimpleMockFetcher($responses)
+ {
+ $this->responses = $responses;
+ }
+
+ function get($url)
+ {
+ $response = array_pop($this->responses);
+ assert($response[1] == $url);
+ return $response;
+ }
+}
+
+class Tests_Auth_OpenID_ServiceEndpoint extends PHPUnit_Framework_TestCase {
+ function setUp() {
+ $this->endpoint = new Auth_OpenID_ServiceEndpoint();
+ }
+
+ function test_getDisplayIdentifier_noFragment() {
+ $urls = array("http://foo.bar.com/something",
+ "http://foo.bar.com/something?else=what&nothing=0",
+ "https://smoker.myopenid.com/"
+ );
+
+ foreach ($urls as $url) {
+ $this->endpoint->claimed_id = $url;
+ $this->assertEquals($url, $this->endpoint->getDisplayIdentifier());
+ }
+ }
+
+ function test_getDisplayIdentifier_withFragment() {
+ $urls = array("http://foo.bar.com/something#fragged",
+ "http://foo.bar.com/something?else=what&nothing=0#ow",
+ "https://smoker.myopenid.com/#myentirelife"
+ );
+
+ foreach ($urls as $url) {
+ $this->endpoint->claimed_id = $url;
+ $split = explode('#', $url);
+ $this->assertEquals($split[0],
+ $this->endpoint->getDisplayIdentifier());
+ }
+ }
+}
+
+class Tests_Auth_OpenID_DiscoveryFailure extends PHPUnit_Framework_TestCase {
+
+ function Tests_Auth_OpenID_DiscoveryFailure($responses)
+ {
+ // Response is ($code, $url, $body).
+ $this->cases = array(
+ array(null, 'http://network.error/', ''),
+ array(404, 'http://not.found/', ''),
+ array(400, 'http://bad.request/', ''),
+ array(500, 'http://server.error/', ''),
+ array(200, 'http://header.found/', 200,
+ array('x-xrds-location' => 'http://xrds.missing/')),
+ array(404, 'http://xrds.missing/', ''));
+
+ $this->url = $responses[0]->final_url;
+ $this->responses = $responses;
+ $this->fetcher = new _SimpleMockFetcher($this->responses);
+ }
+
+ function runTest()
+ {
+ foreach ($this->cases as $case) {
+ list($status, $url, $body) = $case;
+ $expected_status = $status;
+
+ $result = Auth_OpenID_discover($this->url, $this->fetcher);
+ list($id_url, $svclist) = $result;
+
+ $this->assertEquals($svclist, array());
+ }
+ }
+}
+
+### Tests for raising/catching exceptions from the fetcher through the
+### discover function
+
+class _ErrorRaisingFetcher {
+ // Just raise an exception when fetch is called
+
+ function _ErrorRaisingFetcher($thing_to_raise)
+ {
+ $this->thing_to_raise = $thing_to_raise;
+ }
+
+ function post($body = null)
+ {
+ __raiseError($this->thing_to_raise);
+ }
+
+ function get($url)
+ {
+ __raiseError($this->thing_to_raise);
+ }
+}
+
+define('E_AUTH_OPENID_EXCEPTION', 'e_exception');
+define('E_AUTH_OPENID_DIDFETCH', 'e_didfetch');
+define('E_AUTH_OPENID_VALUE_ERROR', 'e_valueerror');
+define('E_AUTH_OPENID_RUNTIME_ERROR', 'e_runtimeerror');
+define('E_AUTH_OPENID_OI', 'e_oi');
+
+class Tests_Auth_OpenID_Discover_FetchException extends PHPUnit_Framework_TestCase {
+ // Make sure exceptions get passed through discover function from
+ // fetcher.
+
+ function Tests_Auth_OpenID_Discover_FetchException($exc)
+ {
+ $this->cases = array(E_AUTH_OPENID_EXCEPTION,
+ E_AUTH_OPENID_DIDFETCH,
+ E_AUTH_OPENID_VALUE_ERROR,
+ E_AUTH_OPENID_RUNTIME_ERROR,
+ E_AUTH_OPENID_OI);
+ }
+
+ function runTest()
+ {
+ foreach ($this->cases as $thing_to_raise) {
+ $fetcher = ErrorRaisingFetcher($thing_to_raise);
+ Auth_OpenID_discover('http://doesnt.matter/', $fetcher);
+ $exc = __getError();
+
+ if ($exc !== $thing_to_raise) {
+ $this->fail('FetchException expected %s to be raised',
+ $thing_to_raise);
+ }
+ }
+ }
+}
+
+
+// Tests for openid.consumer.discover.discover
+
+class _DiscoveryMockFetcher extends Auth_Yadis_HTTPFetcher {
+ function _DiscoveryMockFetcher($documents)
+ {
+ $this->redirect = null;
+ $this->documents = $documents;
+ $this->fetchlog = array();
+ }
+
+ function supportsSSL()
+ {
+ return true;
+ }
+
+ function post($url, $body = null, $headers = null)
+ {
+ return $this->get($url, $headers, $body);
+ }
+
+ function get($url, $headers = null, $body = null)
+ {
+ $this->fetchlog[] = array($url, $body, $headers);
+
+ if ($this->redirect) {
+ $final_url = $this->redirect;
+ } else {
+ $final_url = $url;
+ }
+
+ if (array_key_exists($url, $this->documents)) {
+ list($ctype, $body) = $this->documents[$url];
+ $status = 200;
+ } else {
+ $status = 404;
+ $ctype = 'text/plain';
+ $body = '';
+ }
+
+ return new Auth_Yadis_HTTPResponse($final_url, $status,
+ array('content-type' => $ctype), $body);
+ }
+}
+
+class _DiscoveryBase extends PHPUnit_Framework_TestCase {
+ var $id_url = "http://someuser.unittest/";
+ var $fetcherClass = '_DiscoveryMockFetcher';
+
+ function _checkService($s,
+ $server_url,
+ $claimed_id=null,
+ $local_id=null,
+ $canonical_id=null,
+ $types=null,
+ $used_yadis=false,
+ $display_identifier=null)
+ {
+ $this->assertEquals($server_url, $s->server_url);
+ if ($types == array('2.0 OP')) {
+ $this->assertFalse($claimed_id);
+ $this->assertFalse($local_id);
+ $this->assertFalse($s->claimed_id);
+ $this->assertFalse($s->local_id);
+ $this->assertFalse($s->getLocalID());
+ $this->assertFalse($s->compatibilityMode());
+ $this->assertTrue($s->isOPIdentifier());
+ $this->assertEquals($s->preferredNamespace(),
+ Auth_OpenID_OPENID2_NS);
+ } else {
+ $this->assertEquals($claimed_id, $s->claimed_id);
+ $this->assertEquals($local_id, $s->getLocalID());
+ }
+
+ if ($used_yadis) {
+ $this->assertTrue($s->used_yadis, "Expected to use Yadis");
+ } else {
+ $this->assertFalse($s->used_yadis,
+ "Expected to use old-style discovery");
+ }
+
+ $openid_types = array(
+ '1.1' => Auth_OpenID_TYPE_1_1,
+ '1.0' => Auth_OpenID_TYPE_1_0,
+ '2.0' => Auth_OpenID_TYPE_2_0,
+ '2.0 OP' => Auth_OpenID_TYPE_2_0_IDP);
+
+ $type_uris = array();
+ foreach ($types as $t) {
+ $type_uris[] = $openid_types[$t];
+ }
+
+ $this->assertEquals($type_uris, $s->type_uris);
+ $this->assertEquals($canonical_id, $s->canonicalID);
+
+ if ($s->canonicalID) {
+ $this->assertTrue($s->getDisplayIdentifier() != $claimed_id);
+ $this->assertTrue($s->getDisplayIdentifier() !== null);
+ $this->assertEquals($display_identifier, $s->getDisplayIdentifier());
+ $this->assertEquals($s->claimed_id, $s->canonicalID);
+ }
+
+ $this->assertEquals($s->display_identifier ? $s->display_identifier : $s->claimed_id,
+ $s->getDisplayIdentifier());
+ }
+
+ function setUp()
+ {
+ $cls = $this->fetcherClass;
+ // D is for Dumb.
+ $d = array();
+ $this->fetcher = new $cls($d);
+ }
+}
+
+class Tests_Auth_OpenID_Discover_OpenID extends _DiscoveryBase {
+ function _discover($content_type, $data,
+ $expected_services, $expected_id=null)
+ {
+ if ($expected_id === null) {
+ $expected_id = $this->id_url;
+ }
+
+ $this->fetcher->documents[$this->id_url] = array($content_type, $data);
+ list($id_url, $services) = Auth_OpenID_discover($this->id_url,
+ $this->fetcher);
+ $this->assertEquals($expected_services, count($services));
+ $this->assertEquals($expected_id, $id_url);
+ return $services;
+ }
+
+ function test_404()
+ {
+ list($url, $services) = Auth_OpenID_discover($this->id_url . '/404',
+ $this->fetcher);
+ $this->assertTrue($services == array());
+ }
+
+ function test_noOpenID()
+ {
+ $services = $this->_discover('text/plain',
+ "junk",
+ 0);
+
+ $services = $this->_discover(
+ 'text/html',
+ Tests_Auth_OpenID_readdata('test_discover_openid_no_delegate.html'),
+ 1);
+
+ $this->_checkService($services[0],
+ "http://www.myopenid.com/server",
+ $this->id_url,
+ $this->id_url,
+ null,
+ array('1.1'),
+ false);
+ }
+
+ function test_html1()
+ {
+ $services = $this->_discover('text/html',
+ Tests_Auth_OpenID_readdata('test_discover_openid.html'),
+ 1);
+
+
+ $this->_checkService($services[0],
+ "http://www.myopenid.com/server",
+ $this->id_url,
+ 'http://smoker.myopenid.com/',
+ null,
+ array('1.1'),
+ false,
+ $this->id_url);
+ }
+
+ /*
+ * Ensure that the Claimed Identifier does not have a fragment if
+ * one is supplied in the User Input.
+ */
+ function test_html1Fragment()
+ {
+ $data = Tests_Auth_OpenID_readdata('openid.html');
+ $content_type = 'text/html';
+ $expected_services = 1;
+
+ $this->fetcher->documents[$this->id_url] = array($content_type, $data);
+ $expected_id = $this->id_url;
+ $this->id_url = $this->id_url . '#fragment';
+ list($id_url, $services) = Auth_OpenID_discover($this->id_url, $this->fetcher);
+ $this->assertEquals($expected_services, count($services));
+ $this->assertEquals($expected_id, $id_url);
+
+ $this->_checkService(
+ $services[0],
+ "http://www.myopenid.com/server",
+ $expected_id,
+ 'http://smoker.myopenid.com/',
+ null,
+ array('1.1'),
+ false,
+ $this->id_url);
+ }
+
+ function test_html2()
+ {
+ $services = $this->_discover('text/html',
+ Tests_Auth_OpenID_readdata('test_discover_openid2.html'),
+ 1);
+
+ $this->_checkService($services[0],
+ "http://www.myopenid.com/server",
+ $this->id_url,
+ 'http://smoker.myopenid.com/',
+ null,
+ array('2.0'),
+ false,
+ $this->id_url);
+ }
+
+ function test_html1And2()
+ {
+ $services = $this->_discover('text/html',
+ Tests_Auth_OpenID_readdata('test_discover_openid_1_and_2.html'),
+ 2);
+
+ $types = array('2.0', '1.1');
+
+ for ($i = 0; $i < count($types); $i++) {
+ $t = $types[$i];
+ $s = $services[$i];
+
+ $this->_checkService(
+ $s,
+ "http://www.myopenid.com/server",
+ $this->id_url,
+ 'http://smoker.myopenid.com/',
+ null,
+ array($t),
+ false,
+ $this->id_url);
+ }
+ }
+
+ function test_yadisEmpty()
+ {
+ $services = $this->_discover('application/xrds+xml',
+ Tests_Auth_OpenID_readdata('test_discover_yadis_0entries.xml'),
+ 0);
+ }
+
+ function test_htmlEmptyYadis()
+ {
+ // HTML document has discovery information, but points to an
+ // empty Yadis document.
+
+ // The XRDS document pointed to by "openid_and_yadis.html"
+ $this->fetcher->documents[$this->id_url . 'xrds'] =
+ array('application/xrds+xml',
+ Tests_Auth_OpenID_readdata('test_discover_yadis_0entries.xml'));
+
+ $services = $this->_discover('text/html',
+ Tests_Auth_OpenID_readdata('test_discover_openid_and_yadis.html'),
+ 1);
+
+ $this->_checkService($services[0],
+ "http://www.myopenid.com/server",
+ $this->id_url,
+ 'http://smoker.myopenid.com/',
+ null,
+ array('1.1'),
+ false,
+ $this->id_url);
+ }
+
+ function test_yadis1NoDelegate()
+ {
+ $services = $this->_discover('application/xrds+xml',
+ Tests_Auth_OpenID_readdata('test_discover_yadis_no_delegate.xml'),
+ 1);
+
+ $this->_checkService(
+ $services[0],
+ "http://www.myopenid.com/server",
+ $this->id_url,
+ $this->id_url,
+ null,
+ array('1.0'),
+ true,
+ $this->id_url);
+ }
+
+ function test_yadis2NoLocalID()
+ {
+ $services = $this->_discover('application/xrds+xml',
+ Tests_Auth_OpenID_readdata('test_discover_openid2_xrds_no_local_id.xml'),
+ 1);
+
+ $this->_checkService(
+ $services[0],
+ "http://www.myopenid.com/server",
+ $this->id_url,
+ $this->id_url,
+ null,
+ array('2.0'),
+ true,
+ $this->id_url);
+ }
+
+ function test_yadis2()
+ {
+ $services = $this->_discover('application/xrds+xml',
+ Tests_Auth_OpenID_readdata('test_discover_openid2_xrds.xml'),
+ 1);
+
+ $this->_checkService($services[0],
+ "http://www.myopenid.com/server",
+ $this->id_url,
+ 'http://smoker.myopenid.com/',
+ null,
+ array('2.0'),
+ true,
+ $this->id_url);
+ }
+
+ function test_yadis2OP()
+ {
+ $services = $this->_discover('application/xrds+xml',
+ Tests_Auth_OpenID_readdata('test_discover_yadis_idp.xml'),
+ 1);
+
+ $this->_checkService($services[0],
+ "http://www.myopenid.com/server",
+ null,
+ null,
+ null,
+ array('2.0 OP'),
+ true,
+ $this->id_url);
+ }
+
+ function test_yadis2OPDelegate()
+ {
+ // The delegate tag isn't meaningful for OP entries.
+ $services = $this->_discover('application/xrds+xml',
+ Tests_Auth_OpenID_readdata('test_discover_yadis_idp_delegate.xml'),
+ 1);
+
+ $this->_checkService(
+ $services[0],
+ "http://www.myopenid.com/server",
+ null, null, null,
+ array('2.0 OP'),
+ true,
+ $this->id_url);
+ }
+
+ function test_yadis2BadLocalID()
+ {
+ $services = $this->_discover('application/xrds+xml',
+ Tests_Auth_OpenID_readdata('test_discover_yadis_2_bad_local_id.xml'),
+ 0);
+ }
+
+ function test_yadis1And2()
+ {
+ $services = $this->_discover('application/xrds+xml',
+ Tests_Auth_OpenID_readdata('test_discover_openid_1_and_2_xrds.xml'),
+ 1);
+
+ $this->_checkService(
+ $services[0],
+ "http://www.myopenid.com/server",
+ $this->id_url,
+ 'http://smoker.myopenid.com/',
+ null,
+ array('2.0', '1.1'),
+ true);
+ }
+
+ function test_yadis1And2BadLocalID()
+ {
+ $services = $this->_discover('application/xrds+xml',
+ Tests_Auth_OpenID_readdata('test_discover_openid_1_and_2_xrds_bad_delegate.xml'),
+ 0);
+ }
+}
+
+class _MockFetcherForXRIProxy extends Auth_Yadis_HTTPFetcher {
+
+ function _MockFetcherForXRIProxy($documents)
+ {
+ $this->documents = $documents;
+ $this->fetchlog = array();
+ }
+
+ function get($url, $headers=null)
+ {
+ return $this->fetch($url, $headers);
+ }
+
+ function post($url, $body)
+ {
+ return $this->fetch($url, $body);
+ }
+
+ function fetch($url, $body=null, $headers=null)
+ {
+ $this->fetchlog[] = array($url, $body, $headers);
+
+ $u = parse_url($url);
+ $proxy_host = $u['host'];
+ $xri = $u['path'];
+ $query = Auth_OpenID::arrayGet($u, 'query');
+
+ if ((!$headers) && (!$query)) {
+ trigger_error('Error in mock XRI fetcher: no headers or query');
+ }
+
+ if (Auth_Yadis_startswith($xri, '/')) {
+ $xri = substr($xri, 1);
+ }
+
+ if (array_key_exists($xri, $this->documents)) {
+ list($ctype, $body) = $this->documents[$xri];
+ $status = 200;
+ } else {
+ $status = 404;
+ $ctype = 'text/plain';
+ $body = '';
+ }
+
+ return new Auth_Yadis_HTTPResponse($url, $status,
+ array('content-type' => $ctype),
+ $body);
+ }
+}
+
+class TestXRIDiscovery extends _DiscoveryBase {
+ var $fetcherClass = '_MockFetcherForXRIProxy';
+
+ function setUp() {
+ parent::setUp();
+
+ $this->fetcher->documents = array('=smoker' => array('application/xrds+xml',
+ Tests_Auth_OpenID_readdata('yadis_2entries_delegate.xml')),
+ '=smoker*bad' => array('application/xrds+xml',
+ Tests_Auth_OpenID_readdata('yadis_another_delegate.xml')));
+ }
+
+ function test_xri() {
+ list($user_xri, $services) = Auth_OpenID_discoverXRI('=smoker');
+
+ $this->_checkService(
+ $services[0],
+ "http://www.myopenid.com/server",
+ Auth_Yadis_XRI("=!1000"),
+ 'http://smoker.myopenid.com/',
+ Auth_Yadis_XRI("=!1000"),
+ array('1.0'),
+ true,
+ '=smoker');
+
+ $this->_checkService(
+ $services[1],
+ "http://www.livejournal.com/openid/server.bml",
+ Auth_Yadis_XRI("=!1000"),
+ 'http://frank.livejournal.com/',
+ Auth_Yadis_XRI("=!1000"),
+ array('1.0'),
+ true,
+ '=smoker');
+ }
+
+ function test_xriNoCanonicalID() {
+ list($user_xri, $services) = Auth_OpenID_discoverXRI('=smoker*bad');
+ $this->assertFalse($services);
+ }
+
+ function test_useCanonicalID() {
+ $endpoint = new Auth_OpenID_ServiceEndpoint();
+ $endpoint->claimed_id = Auth_Yadis_XRI("=!1000");
+ $endpoint->canonicalID = Auth_Yadis_XRI("=!1000");
+ $htis->assertEquals($endpoint->getLocalID(), Auth_Yadis_XRI("=!1000"));
+ }
+}
+
+class Tests_Auth_OpenID_DiscoverSession {
+ function Tests_Auth_OpenID_DiscoverSession()
+ {
+ $this->data = array();
+ }
+
+ function set($name, $value)
+ {
+ $this->data[$name] = $value;
+ }
+
+ function get($name, $default=null)
+ {
+ if (array_key_exists($name, $this->data)) {
+ return $this->data[$name];
+ } else {
+ return $default;
+ }
+ }
+
+ function del($name)
+ {
+ unset($this->data[$name]);
+ }
+}
+
+global $__Tests_BOGUS_SERVICE;
+$__Tests_BOGUS_SERVICE = new Auth_OpenID_ServiceEndpoint();
+$__Tests_BOGUS_SERVICE->claimed_id = "=really.bogus.endpoint";
+
+function __serviceCheck_discover_cb($url, $fetcher)
+{
+ global $__Tests_BOGUS_SERVICE;
+ return array($url, array($__Tests_BOGUS_SERVICE));
+}
+
+class _FetcherWithSSL extends _DiscoveryMockFetcher {
+ function supportsSSL()
+ {
+ return true;
+ }
+}
+
+class _FetcherWithoutSSL extends _DiscoveryMockFetcher {
+ function supportsSSL()
+ {
+ return false;
+ }
+}
+
+class _NonFetcher extends _DiscoveryMockFetcher {
+ var $used = false;
+
+ function _NonFetcher()
+ {
+ $a = array();
+ parent::_DiscoveryMockFetcher($a);
+ }
+
+ function supportsSSL()
+ {
+ return false;
+ }
+
+ function get($url, $headers)
+ {
+ $this->used = true;
+ }
+}
+
+class Tests_Auth_OpenID_SSLSupport extends PHPUnit_Framework_TestCase {
+ function test_discoverDropSSL()
+ {
+ // In the absence of SSL support, the discovery process should
+ // drop endpoints whose server URLs are HTTPS.
+ $id_url = 'http://bogus/';
+
+ $d = array(
+ $id_url => array('application/xrds+xml',
+ Tests_Auth_OpenID_readdata('test_discover_openid_ssl.xml'))
+ );
+
+ $f = new _FetcherWithoutSSL($d);
+
+ $result = Auth_OpenID_discover($id_url, $f);
+
+ list($url, $services) = $result;
+
+ $this->assertTrue($url == $id_url);
+ $this->assertTrue(count($services) == 1);
+
+ $e = $services[0];
+ $this->assertTrue($e->server_url == 'http://nossl.vroom.unittest/server');
+ }
+
+ function test_discoverRetainSSL()
+ {
+ // In the presence of SSL support, the discovery process
+ // should NOT drop endpoints whose server URLs are HTTPS.
+
+ // In the absence of SSL support, the discovery process should
+ // drop endpoints whose server URLs are HTTPS.
+ $id_url = 'http://bogus/';
+
+ $d = array(
+ $id_url => array('application/xrds+xml',
+ Tests_Auth_OpenID_readdata('test_discover_openid_ssl.xml'))
+ );
+
+ $f = new _FetcherWithSSL($d);
+
+ $result = Auth_OpenID_discover($id_url, $f);
+
+ list($url, $services) = $result;
+
+ $this->assertTrue($url == $id_url);
+ $this->assertTrue(count($services) == 2);
+
+ $e = $services[0];
+ $this->assertTrue($e->server_url == 'http://nossl.vroom.unittest/server');
+
+ $e = $services[1];
+ $this->assertTrue($e->server_url == 'https://ssl.vroom.unittest/server');
+ }
+
+ function test_discoverSSL()
+ {
+ // The consumer code should not attempt to perform discovery
+ // on an HTTPS identity URL in the absence of SSL support.
+
+ $id_url = 'https://unsupported/';
+
+ $f = new _NonFetcher();
+
+ $result = Auth_OpenID_discover($id_url, $f);
+
+ $this->assertTrue($result == array($id_url, array()));
+ $this->assertFalse($f->used);
+ }
+}
+
+global $Tests_Auth_OpenID_Discover_OpenID_other;
+$Tests_Auth_OpenID_Discover_OpenID_other = array(
+ new Tests_Auth_OpenID_SSLSupport()
+ );
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/Extension.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Extension.php
new file mode 100644
index 000000000..35eb2f274
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Extension.php
@@ -0,0 +1,44 @@
+<?php
+
+require_once 'Auth/OpenID/Message.php';
+require_once 'Auth/OpenID/Extension.php';
+
+class _ExtensionTest_DummyExtension extends Auth_OpenID_Extension {
+ var $ns_uri = 'http://an.extension/';
+ var $ns_alias = 'dummy';
+
+ function getExtensionArgs()
+ {
+ return array();
+ }
+}
+
+class Tests_Auth_OpenID_Extension extends PHPUnit_Framework_TestCase {
+ function test_OpenID1()
+ {
+ $oid1_msg = new Auth_OpenID_Message(Auth_OpenID_OPENID1_NS);
+ $ext = new _ExtensionTest_DummyExtension();
+ $ext->toMessage($oid1_msg);
+ $namespaces = $oid1_msg->namespaces;
+
+ $this->assertTrue($namespaces->isImplicit($ext->ns_uri));
+ $this->assertEquals($ext->ns_uri,
+ $namespaces->getNamespaceURI($ext->ns_alias));
+ $this->assertEquals($ext->ns_alias,
+ $namespaces->getAlias($ext->ns_uri));
+ }
+
+ function test_OpenID2()
+ {
+ $oid2_msg = new Auth_OpenID_Message(Auth_OpenID_OPENID2_NS);
+ $ext = new _ExtensionTest_DummyExtension();
+ $ext->toMessage($oid2_msg);
+ $namespaces = $oid2_msg->namespaces;
+ $this->assertFalse($namespaces->isImplicit($ext->ns_uri));
+ $this->assertEquals($ext->ns_uri,
+ $namespaces->getNamespaceURI($ext->ns_alias));
+ $this->assertEquals($ext->ns_alias,
+ $namespaces->getAlias($ext->ns_uri));
+ }
+}
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/HMAC.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/HMAC.php
new file mode 100644
index 000000000..742396666
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/HMAC.php
@@ -0,0 +1,165 @@
+<?php
+
+/**
+ * Tests for the HMAC-SHA1 utility functions used by the OpenID
+ * library.
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2005-2008 Janrain, Inc.
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+require_once 'Auth/OpenID/HMAC.php';
+require_once 'Tests/Auth/OpenID/TestUtil.php';
+
+class Tests_Auth_OpenID_HMAC_TestCase extends PHPUnit_Framework_TestCase {
+ function Tests_Auth_OpenID_HMAC_TestCase(
+ $name, $key, $data, $expected, $hmac_func)
+ {
+
+ $this->setName($name);
+ $this->key = $key;
+ $this->data = $data;
+ $this->expected = $expected;
+ $this->hmac_func = $hmac_func;
+ }
+
+ function runTest()
+ {
+ $actual = call_user_func($this->hmac_func, $this->key, $this->data);
+ $this->assertEquals(bin2hex($this->expected), bin2hex($actual));
+ }
+}
+
+class Tests_Auth_OpenID_HMAC extends PHPUnit_Framework_TestSuite {
+ function _strConvert($s)
+ {
+ $repeat_pat = '/^0x([a-f0-9]{2}) repeated (\d+) times$/';
+ if (preg_match($repeat_pat, $s, $match)) {
+ $c = chr(hexdec($match[1]));
+ $n = $match[2];
+ $data = '';
+ for ($i = 0; $i < $n; $i++) {
+ $data .= $c;
+ }
+ } elseif (substr($s, 0, 2) == "0x") {
+ $data = pack('H*', substr($s, 2, strlen($s) - 1));
+ } elseif (preg_match('/^"(.*)"$/', $s, $match)) {
+ $data = $match[1];
+ } else {
+ trigger_error("Bad data format: $s", E_USER_ERROR);
+ }
+ return $data;
+ }
+
+ function _readTestCases($test_file_name, $digest_len)
+ {
+ $lines = Tests_Auth_OpenID_readlines($test_file_name);
+ $cases = array();
+ $case = array();
+ foreach ($lines as $line) {
+ if ($line{0} == "#") {
+ continue;
+ }
+
+ // Blank line separates test cases
+ if ($line == "\n") {
+ $cases[] = $case;
+ $case = array();
+ } else {
+ $match = array();
+ $pat = '/^([a-z0-9_-]+) =\s+(.*?)\n$/';
+ if (!preg_match($pat, $line, $match)) {
+ trigger_error("Bad test input: $line", E_USER_ERROR);
+ }
+
+ $c = count($match);
+ if ($c != 3) {
+ trigger_error(
+ "Wrong number of elements in parsed case: $c",
+ E_USER_ERROR);
+ return false;
+ }
+
+ $key = $match[1];
+ $value = $match[2];
+ $case[$key] = $value;
+ }
+ }
+
+ if (count($case)) {
+ $cases[] = $case;
+ }
+
+ $final = array();
+
+ // Normalize strings and check data integrity
+ foreach ($cases as $case) {
+ $clean = array();
+ $clean["key"] =
+ Tests_Auth_OpenID_HMAC::_strConvert($case["key"]);
+ if (defined(@$case["key_len"])) {
+ if (Auth_OpenID::bytes($clean["key"]) != $case["key_len"]) {
+ trigger_error("Bad key length", E_USER_ERROR);
+ }
+ }
+
+ $clean["data"] =
+ Tests_Auth_OpenID_HMAC::_strConvert($case["data"]);
+ if (defined(@$case["data_len"])) {
+ if (Auth_OpenID::bytes($clean["data"]) != $case["data_len"]) {
+ trigger_error("Bad data length", E_USER_ERROR);
+ }
+ }
+
+ $clean["digest"] =
+ Tests_Auth_OpenID_HMAC::_strConvert($case["digest"]);
+ if (Auth_OpenID::bytes($clean["digest"]) != $digest_len) {
+ $l = Auth_OpenID::bytes($clean["digest"]);
+ trigger_error("Bad digest length: $l", E_USER_ERROR);
+ }
+
+ $clean['test_case'] = $case['test_case'];
+
+ $final[] = $clean;
+ }
+ return $final;
+ }
+
+ function Tests_Auth_OpenID_HMAC($name)
+ {
+ $this->setName($name);
+ $hash_test_defs = array(array(
+ 'Auth_OpenID_HMACSHA1', 'hmac-sha1.txt', 20));
+ if (Auth_OpenID_HMACSHA256_SUPPORTED) {
+ $hash_test_defs[] =
+ array('Auth_OpenID_HMACSHA256', 'hmac-sha256.txt', 32);
+ }
+ foreach ($hash_test_defs as $params) {
+ list($hash_func, $filename, $hash_len) = $params;
+ $cases = $this->_readTestCases($filename, $hash_len);
+ foreach ($cases as $case) {
+ $test = new Tests_Auth_OpenID_HMAC_TestCase(
+ $case['test_case'],
+ $case['key'],
+ $case['data'],
+ $case['digest'],
+ $hash_func);
+
+ $digest = $case['digest'];
+ $this->_addTestByValue($test);
+ }
+ }
+ }
+
+ function _addTestByValue($test) {
+ $this->addTest($test);
+ }
+}
+
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/KVForm.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/KVForm.php
new file mode 100644
index 000000000..904f2c8ee
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/KVForm.php
@@ -0,0 +1,260 @@
+<?php
+
+/**
+ * Tests for the KVForm module.
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2005-2008 Janrain, Inc.
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+require_once 'Auth/OpenID/KVForm.php';
+
+global $_Tests_Auth_OpenID_kverrors;
+$_Tests_Auth_OpenID_kverrors = null;
+
+/**
+ * Keep a list of the logged errors
+ */
+function Tests_Auth_OpenID_kvHandleError($errno, $errmsg)
+{
+ global $_Tests_Auth_OpenID_kverrors;
+ $_Tests_Auth_OpenID_kverrors[] = $errmsg;
+}
+
+
+class Tests_Auth_OpenID_KVForm_TestCase extends PHPUnit_Framework_TestCase {
+ var $errs;
+
+ function runTest()
+ {
+ // Re-set the number of logged errors
+ global $_Tests_Auth_OpenID_kverrors;
+ $_Tests_Auth_OpenID_kverrors = array();
+
+ set_error_handler("Tests_Auth_OpenID_kvHandleError");
+
+ $this->_runTest();
+
+ // Check to make sure we have the expected number of logged errors
+ //$this->assertEquals($this->errs, count($_Tests_Auth_OpenID_kverrors));
+
+ restore_error_handler();
+ }
+
+ function _runTest()
+ {
+ trigger_error('Must be overridden', E_USER_ERROR);
+ }
+}
+
+class Tests_Auth_OpenID_KVForm_TestCase_Parse
+extends Tests_Auth_OpenID_KVForm_TestCase {
+ function Tests_Auth_OpenID_KVForm_TestCase_Parse(
+ $arr, $str, $lossy, $errs)
+ {
+
+ $this->arr = $arr;
+ $this->str = $str;
+ $this->lossy = $lossy;
+ $this->errs = $errs;
+ }
+
+ function _runTest()
+ {
+ // Do one parse, after which arrayToKV and kvToArray should be
+ // inverses.
+ $parsed1 = Auth_OpenID_KVForm::toArray($this->str);
+ $serial1 = Auth_OpenID_KVForm::fromArray($this->arr);
+
+ if ($this->lossy == "neither" || $this->lossy == "str") {
+ $this->assertEquals($this->arr, $parsed1, "str was lossy");
+ }
+
+ if ($this->lossy == "neither" || $this->lossy == "arr") {
+ $this->assertEquals($this->str, $serial1, "array was lossy");
+ }
+
+ $parsed2 = Auth_OpenID_KVForm::toArray($serial1);
+ $serial2 = Auth_OpenID_KVForm::fromArray($parsed1);
+
+ // Round-trip both
+ $parsed3 = Auth_OpenID_KVForm::toArray($serial2);
+ $serial3 = Auth_OpenID_KVForm::fromArray($parsed2);
+
+ $this->assertEquals($serial2, $serial3, "serialized forms differ");
+
+ // Check to make sure that they're inverses.
+ $this->assertEquals($parsed2, $parsed3, "parsed forms differ");
+
+ }
+}
+
+class Tests_Auth_OpenID_KVForm_TestCase_Null
+extends Tests_Auth_OpenID_KVForm_TestCase {
+ function Tests_Auth_OpenID_KVForm_TestCase_Null($arr, $errs)
+ {
+ $this->arr = $arr;
+ $this->errs = $errs;
+ }
+
+ function _runTest()
+ {
+ $serialized = Auth_OpenID_KVForm::fromArray($this->arr);
+ $this->assertTrue($serialized === null,
+ 'serialization unexpectedly succeeded');
+ }
+}
+
+class Tests_Auth_OpenID_KVForm extends PHPUnit_Framework_TestSuite {
+ function Tests_Auth_OpenID_KVForm($name)
+ {
+ $this->setName($name);
+ $testdata_list = array(
+ array("name" => "simple",
+ "str" => "college:harvey mudd\n",
+ "arr" => array("college" => "harvey mudd"),
+ ),
+ array("name" => "empty",
+ "str" => "",
+ "arr" => array(),
+ ),
+ array("name" => "empty (just newline)",
+ "str" => "\n",
+ "arr" => array(),
+ "lossy" => "str",
+ "errors" => 1,
+ ),
+ array("name" => "empty (double newline)",
+ "str" => "\n\n",
+ "arr" => array(),
+ "lossy" => "str",
+ "errors" => 2,
+ ),
+ array("name" => "empty (no colon)",
+ "str" => "East is least\n",
+ "arr" => array(),
+ "lossy" => "str",
+ "errors" => 1,
+ ),
+ array("name" => "two keys",
+ "str" => "city:claremont\nstate:CA\n",
+ "arr" => array('city' => 'claremont',
+ 'state' => 'CA'),
+ ),
+ array("name" => "real life",
+ "str" => "is_valid:true\ninvalidate_handle:" .
+ "{HMAC-SHA1:2398410938412093}\n",
+ "arr" => array('is_valid' => 'true',
+ 'invalidate_handle' =>
+ '{HMAC-SHA1:2398410938412093}'),
+ ),
+ array("name" => "empty key and value",
+ "str" => ":\n",
+ "arr" => array(''=>''),
+ ),
+ array("name" => "empty key, not value",
+ "str" => ":missing key\n",
+ "arr" => array(''=>'missing key'),
+ ),
+ array("name" => "whitespace at front of key",
+ "str" => " street:foothill blvd\n",
+ "arr" => array('street'=>'foothill blvd'),
+ "lossy" => "str",
+ "errors" => 1,
+ ),
+ array("name" => "whitespace at front of value",
+ "str" => "major: computer science\n",
+ "arr" => array('major'=>'computer science'),
+ "lossy" => "str",
+ "errors" => 1,
+ ),
+ array("name" => "whitespace around key and value",
+ "str" => " dorm : east \n",
+ "arr" => array('dorm'=>'east'),
+ "lossy" => "str",
+ "errors" => 2,
+ ),
+ array("name" => "missing trailing newline",
+ "str" => "e^(i*pi)+1:0",
+ "arr" => array('e^(i*pi)+1'=>'0'),
+ "lossy" => "str",
+ "errors" => 1,
+ ),
+ array("name" => "missing trailing newline (two key)",
+ "str" => "east:west\nnorth:south",
+ "arr" => array('east'=>'west',
+ 'north'=>'south'),
+ "lossy" => "str",
+ "errors" => 1,
+ ),
+ array("name" => "colon in key",
+ "arr" => array("k:k" => 'v'),
+ "errors" => 1,
+ ),
+ array("name" => "newline in key",
+ "arr" => array("k\nk" => 'v'),
+ "errors" => 1,
+ ),
+ array("name" => "newline in value",
+ "arr" => array('k' => "v\nv"),
+ "errors" => 1,
+ ),
+ array("name" => "array whitespace",
+ "arr" => array(" k " => "v"),
+ "lossy" => "both",
+ "str" => " k :v\n",
+ "errors" => 2,
+ ),
+ array("name" => "array ordering 1",
+ "arr" => array("a" => "x",
+ "b" => "x",
+ "c" => "x"),
+ "str" => "a:x\nb:x\nc:x\n",
+ ),
+ array("name" => "array ordering 2",
+ "arr" => array("a" => "x",
+ "c" => "x",
+ "b" => "x"),
+ "str" => "a:x\nc:x\nb:x\n",
+ ),
+ );
+
+ foreach ($testdata_list as $testdata) {
+ if (isset($testdata['str'])) {
+ $str = $testdata['str'];
+ } else {
+ $str = null;
+ }
+
+ $arr = $testdata["arr"];
+
+ if (isset($testdata['errors'])) {
+ $errs = $testdata["errors"];
+ } else {
+ $errs = 0;
+ }
+
+ if (is_null($str)) {
+ $test = new Tests_Auth_OpenID_KVForm_TestCase_Null($arr, $errs);
+ } else {
+ if (isset($testdata['lossy'])) {
+ $lossy = $testdata["lossy"];
+ } else {
+ $lossy = 'neither';
+ }
+ $test = new Tests_Auth_OpenID_KVForm_TestCase_Parse(
+ $arr, $str, $lossy, $errs);
+ }
+ $test->setName($testdata["name"]);
+ $this->addTest($test);
+ }
+ }
+}
+
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/MemStore.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/MemStore.php
new file mode 100644
index 000000000..772471963
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/MemStore.php
@@ -0,0 +1,176 @@
+<?php
+
+/**
+ * In-memory OpenID store implementation for testing only
+ */
+require_once "Auth/OpenID/Interface.php";
+require_once 'Auth/OpenID/Nonce.php';
+
+class ServerAssocs {
+ function ServerAssocs()
+ {
+ $this->assocs = array();
+ }
+
+ function set($assoc)
+ {
+ $this->assocs[$assoc->handle] = $assoc;
+ }
+
+ function get($handle)
+ {
+ return Auth_OpenID::arrayGet($this->assocs, $handle);
+ }
+
+ function remove($handle)
+ {
+ if (array_key_exists($handle, $this->assocs)) {
+ unset($this->assocs[$handle]);
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ /*
+ * Returns association with the oldest issued date.
+ *
+ * or null if there are no associations.
+ */
+ function best()
+ {
+ $best = null;
+ foreach ($this->assocs as $handle => $assoc) {
+ if (($best === null) || ($best->issued < $assoc->issued)) {
+ $best = $assoc;
+ }
+ }
+ return $best;
+ }
+
+ /*
+ * Remove expired associations.
+ *
+ * @return (removed associations, remaining associations)
+ */
+ function cleanup()
+ {
+ $remove = array();
+ foreach ($this->assocs as $handle => $assoc) {
+ if ($assoc->getExpiresIn() == 0) {
+ $remove[] = $handle;
+ }
+ }
+
+ foreach ($remove as $handle) {
+ unset($this->assocs[$handle]);
+ }
+
+ return array(count($remove), count($this->assocs));
+ }
+}
+
+/*
+ * In-process memory store.
+ *
+ * Use for single long-running processes. No persistence supplied.
+ */
+class Tests_Auth_OpenID_MemStore extends Auth_OpenID_OpenIDStore {
+ function Tests_Auth_OpenID_MemStore()
+ {
+ $this->server_assocs = array();
+ $this->nonces = array();
+ }
+
+ function &_getServerAssocs($server_url)
+ {
+ if (!array_key_exists($server_url, $this->server_assocs)) {
+ $this->server_assocs[$server_url] = new ServerAssocs();
+ }
+
+ return $this->server_assocs[$server_url];
+ }
+
+ function storeAssociation($server_url, $assoc)
+ {
+ $assocs =& $this->_getServerAssocs($server_url);
+ $assocs->set($assoc);
+ }
+
+ function getAssociation($server_url, $handle=null)
+ {
+ $assocs =& $this->_getServerAssocs($server_url);
+ if ($handle === null) {
+ return $assocs->best();
+ } else {
+ return $assocs->get($handle);
+ }
+ }
+
+ function removeAssociation($server_url, $handle)
+ {
+ $assocs =& $this->_getServerAssocs($server_url);
+ return $assocs->remove($handle);
+ }
+
+ function useNonce($server_url, $timestamp, $salt)
+ {
+ global $Auth_OpenID_SKEW;
+
+ if (abs($timestamp - time()) > $Auth_OpenID_SKEW) {
+ return false;
+ }
+
+ $anonce = array($server_url, intval($timestamp), $salt);
+
+ if (in_array($anonce, $this->nonces)) {
+ return false;
+ } else {
+ array_push($this->nonces, $anonce);
+ return true;
+ }
+ }
+
+ function cleanupNonces()
+ {
+ global $Auth_OpenID_SKEW;
+
+ $now = time();
+ $expired = array();
+ foreach ($this->nonces as $anonce) {
+ if (abs($anonce[1] - $now) > $Auth_OpenID_SKEW) {
+ // removing items while iterating over the set could
+ // be bad.
+ $expired[] = $anonce;
+ }
+ }
+
+ foreach ($expired as $anonce) {
+ unset($this->nonces[array_search($anonce, $this->nonces)]);
+ }
+
+ return count($expired);
+ }
+
+ function cleanupAssociations()
+ {
+ $remove_urls = array();
+ $removed_assocs = 0;
+ foreach ($this->server_assocs as $server_url => $assocs) {
+ list($removed, $remaining) = $assocs->cleanup();
+ $removed_assocs += $removed;
+ if (!$remaining) {
+ $remove_urls[] = $server_url;
+ }
+ }
+
+ // Remove entries from server_assocs that had none remaining.
+ foreach ($remove_urls as $server_url) {
+ unset($this->server_assocs[$server_url]);
+ }
+
+ return $removed_assocs;
+ }
+}
+
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/Message.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Message.php
new file mode 100644
index 000000000..0205fc45f
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Message.php
@@ -0,0 +1,1251 @@
+<?php
+
+/**
+ * Unit tests for the Auth_OpenID_Message implementation.
+ */
+
+require_once "Auth/OpenID/Message.php";
+require_once "Auth/OpenID.php";
+
+class MessageTest extends PHPUnit_Framework_TestCase {
+ function _argTest($ns, $key, $expected = null)
+ {
+ $a_default = 'a bogus default value';
+
+ $this->assertEquals($this->msg->getArg($ns, $key), $expected);
+ if ($expected === null) {
+ $this->assertEquals(
+ $this->msg->getArg($ns, $key, $a_default), $a_default);
+ $result = $this->msg->getArg($ns, $key, Auth_OpenID_NO_DEFAULT);
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ } else {
+ $this->assertEquals(
+ $this->msg->getArg($ns, $key, $a_default), $expected);
+ $this->assertEquals(
+ $this->msg->getArg($ns, $key, Auth_OpenID_NO_DEFAULT),
+ $expected);
+ }
+ }
+}
+
+class Tests_Auth_OpenID_EmptyMessage extends MessageTest {
+ function setUp()
+ {
+ $this->msg = new Auth_OpenID_Message();
+ }
+
+ function test_toPostArgs()
+ {
+ $this->assertEquals($this->msg->toPostArgs(), array());
+ }
+
+ function test_toArgs()
+ {
+ $this->assertEquals($this->msg->toArgs(), array());
+ }
+
+ function test_toKVForm()
+ {
+ $this->assertEquals($this->msg->toKVForm(), '');
+ }
+
+ function test_toURLEncoded()
+ {
+ $this->assertEquals($this->msg->toURLEncoded(), '');
+ }
+
+ function test_toURL()
+ {
+ $base_url = 'http://base.url/';
+ $this->assertEquals($this->msg->toURL($base_url), $base_url);
+ }
+
+ function test_getOpenID()
+ {
+ $this->assertEquals($this->msg->getOpenIDNamespace(), null);
+ }
+
+ function test_getKeyOpenID()
+ {
+ $key = $this->msg->getKey(Auth_OpenID_OPENID_NS, 'foo');
+ $this->assertTrue(Auth_OpenID::isFailure($key));
+
+ $this->msg->setOpenIDNamespace(Auth_OpenID_OPENID1_NS, false);
+ $key = $this->msg->getKey(Auth_OpenID_OPENID_NS, 'foo');
+ $this->assertEquals('openid.foo', $key);
+ }
+
+ function test_getKeyBARE()
+ {
+ $this->assertEquals($this->msg->getKey(Auth_OpenID_BARE_NS, 'foo'), 'foo');
+ }
+
+ function test_getKeyNS1()
+ {
+ $this->assertEquals($this->msg->getKey(Auth_OpenID_OPENID1_NS, 'foo'), null);
+ }
+
+ function test_getKeyNS2()
+ {
+ $this->assertEquals($this->msg->getKey(Auth_OpenID_OPENID2_NS, 'foo'), null);
+ }
+
+ function test_getKeyNS3()
+ {
+ $this->assertEquals($this->msg->getKey('urn:nothing-significant', 'foo'),
+ null);
+ }
+
+ function test_hasKey()
+ {
+ $this->assertEquals($this->msg->hasKey(Auth_OpenID_OPENID_NS, 'foo'), false);
+ }
+
+ function test_hasKeyBARE()
+ {
+ $this->assertEquals($this->msg->hasKey(Auth_OpenID_BARE_NS, 'foo'), false);
+ }
+
+ function test_hasKeyNS1()
+ {
+ $this->assertEquals($this->msg->hasKey(Auth_OpenID_OPENID1_NS, 'foo'), false);
+ }
+
+ function test_hasKeyNS2()
+ {
+ $this->assertEquals($this->msg->hasKey(Auth_OpenID_OPENID2_NS, 'foo'), false);
+ }
+
+ function test_hasKeyNS3()
+ {
+ $this->assertEquals($this->msg->hasKey('urn:nothing-significant', 'foo'),
+ false);
+ }
+
+ function test_getArg()
+ {
+ $result = $this->msg->getArg(Auth_OpenID_OPENID_NS, 'foo');
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+
+ function test_getArgs()
+ {
+ $result = $this->msg->getArgs(Auth_OpenID_OPENID_NS);
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+
+ function test_getArgsBARE()
+ {
+ $this->assertEquals($this->msg->getArgs(Auth_OpenID_BARE_NS), array());
+ }
+
+ function test_getArgsNS1()
+ {
+ $this->assertEquals($this->msg->getArgs(Auth_OpenID_OPENID1_NS), array());
+ }
+
+ function test_getArgsNS2()
+ {
+ $this->assertEquals($this->msg->getArgs(Auth_OpenID_OPENID2_NS), array());
+ }
+
+ function test_getArgsNS3()
+ {
+ $this->assertEquals($this->msg->getArgs('urn:nothing-significant'), array());
+ }
+
+ function test_updateArgs()
+ {
+ $result= $this->msg->updateArgs(Auth_OpenID_OPENID_NS,
+ array('does not' => 'matter'));
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+
+ function _test_updateArgsNS($ns)
+ {
+ $update_args = array(
+ 'Camper van Beethoven' => 'David Lowery',
+ 'Magnolia Electric Co.' => 'Jason Molina');
+
+ $this->assertEquals($this->msg->getArgs($ns), array());
+ $this->msg->updateArgs($ns, $update_args);
+ $this->assertEquals($this->msg->getArgs($ns), $update_args);
+ }
+
+ function test_updateArgsBARE()
+ {
+ $this->_test_updateArgsNS(Auth_OpenID_BARE_NS);
+ }
+
+ function test_updateArgsNS1()
+ {
+ $this->_test_updateArgsNS(Auth_OpenID_OPENID1_NS);
+ }
+
+ function test_updateArgsNS2()
+ {
+ $this->_test_updateArgsNS(Auth_OpenID_OPENID2_NS);
+ }
+
+ function test_updateArgsNS3()
+ {
+ $this->_test_updateArgsNS('urn:nothing-significant');
+ }
+
+ function test_setArg()
+ {
+ $result = $this->msg->setArg(Auth_OpenID_OPENID_NS,
+ 'does not', 'matter');
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+
+ function _test_setArgNS($ns)
+ {
+ $key = 'Camper van Beethoven';
+ $value = 'David Lowery';
+ $this->assertEquals($this->msg->getArg($ns, $key), null);
+ $this->msg->setArg($ns, $key, $value);
+ $this->assertEquals($this->msg->getArg($ns, $key), $value);
+ }
+
+ function test_setArgBARE()
+ {
+ $this->_test_setArgNS(Auth_OpenID_BARE_NS);
+ }
+
+ function test_setArgNS1()
+ {
+ $this->_test_setArgNS(Auth_OpenID_OPENID1_NS);
+ }
+
+ function test_setArgNS2()
+ {
+ $this->_test_setArgNS(Auth_OpenID_OPENID2_NS);
+ }
+
+ function test_setArgNS3()
+ {
+ $this->_test_setArgNS('urn:nothing-significant');
+ }
+
+ function test_delArg()
+ {
+ $result = $this->msg->delArg(Auth_OpenID_OPENID_NS, 'does not');
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+
+ function _test_delArgNS($ns)
+ {
+ $key = 'Camper van Beethoven';
+ $this->assertEquals($this->msg->delArg($ns, $key), false);
+ }
+
+ function test_delArgBARE()
+ {
+ $this->_test_delArgNS(Auth_OpenID_BARE_NS);
+ }
+
+ function test_delArgNS1()
+ {
+ $this->_test_delArgNS(Auth_OpenID_OPENID1_NS);
+ }
+
+ function test_delArgNS2()
+ {
+ $this->_test_delArgNS(Auth_OpenID_OPENID2_NS);
+ }
+
+ function test_delArgNS3()
+ {
+ $this->_test_delArgNS('urn:nothing-significant');
+ }
+
+ function test_isOpenID1()
+ {
+ $this->assertFalse($this->msg->isOpenID1());
+ }
+
+ function test_isOpenID2()
+ {
+ $this->assertFalse($this->msg->isOpenID2());
+ }
+
+ function test_args()
+ {
+ $this->_argTest(Auth_OpenID_BARE_NS, 'foo');
+ $this->_argTest(Auth_OpenID_OPENID1_NS, 'foo');
+ $this->_argTest(Auth_OpenID_OPENID2_NS, 'foo');
+ $this->_argTest('urn:nothing-significant', 'foo');
+ }
+}
+
+class Tests_Auth_OpenID_OpenID1Message extends MessageTest {
+ function setUp()
+ {
+ $this->msg = Auth_OpenID_Message::fromPostArgs(array('openid.mode' => 'error',
+ 'openid.error' => 'unit test'));
+ }
+
+ function test_toPostArgs()
+ {
+ $this->assertEquals($this->msg->toPostArgs(),
+ array('openid.mode' => 'error',
+ 'openid.error' => 'unit test'));
+ }
+
+ function test_toArgs()
+ {
+ $this->assertEquals($this->msg->toArgs(),
+ array('mode' => 'error',
+ 'error' => 'unit test'));
+ }
+
+ function test_toKVForm()
+ {
+ $this->assertEquals($this->msg->toKVForm(),
+ "error:unit test\nmode:error\n");
+ }
+
+ function test_toURLEncoded()
+ {
+ $this->assertEquals($this->msg->toURLEncoded(),
+ 'openid.error=unit+test&openid.mode=error');
+ }
+
+ function test_toURL()
+ {
+ $base_url = 'http://base.url/';
+ $actual = $this->msg->toURL($base_url);
+ $actual_base = substr($actual, 0, strlen($base_url));
+ $this->assertEquals($actual_base, $base_url);
+ $this->assertEquals($actual[strlen($base_url)], '?');
+ $query = substr($actual, strlen($base_url) + 1);
+
+ $parsed = Auth_OpenID::parse_str($query);
+
+ $this->assertEquals($parsed, array('openid.mode' => 'error',
+ 'openid.error' => 'unit test'));
+ }
+
+ function test_getOpenID()
+ {
+ $this->assertEquals($this->msg->getOpenIDNamespace(),
+ Auth_OpenID_OPENID1_NS);
+ $this->assertTrue($this->msg->namespaces->isImplicit(Auth_OpenID_OPENID1_NS));
+ }
+
+ function test_getKeyOpenID()
+ {
+ $this->assertEquals($this->msg->getKey(Auth_OpenID_OPENID_NS, 'mode'),
+ 'openid.mode');
+ }
+
+ function test_getKeyBARE()
+ {
+ $this->assertEquals($this->msg->getKey(Auth_OpenID_BARE_NS, 'mode'), 'mode');
+ }
+
+ function test_getKeyNS1()
+ {
+ $this->assertEquals(
+ $this->msg->getKey(Auth_OpenID_OPENID1_NS, 'mode'), 'openid.mode');
+ }
+
+ function test_getKeyNS2()
+ {
+ $this->assertEquals($this->msg->getKey(Auth_OpenID_OPENID2_NS, 'mode'), null);
+ }
+
+ function test_getKeyNS3()
+ {
+ $this->assertEquals(
+ $this->msg->getKey('urn:nothing-significant', 'mode'), null);
+ }
+
+ function test_hasKey()
+ {
+ $this->assertEquals($this->msg->hasKey(Auth_OpenID_OPENID_NS, 'mode'), true);
+ }
+
+ function test_hasKeyBARE()
+ {
+ $this->assertEquals($this->msg->hasKey(Auth_OpenID_BARE_NS, 'mode'), false);
+ }
+
+ function test_hasKeyNS1()
+ {
+ $this->assertEquals($this->msg->hasKey(Auth_OpenID_OPENID1_NS, 'mode'), true);
+ }
+
+ function test_hasKeyNS2()
+ {
+ $this->assertEquals(
+ $this->msg->hasKey(Auth_OpenID_OPENID2_NS, 'mode'), false);
+ }
+
+ function test_hasKeyNS3()
+ {
+ $this->assertEquals(
+ $this->msg->hasKey('urn:nothing-significant', 'mode'), false);
+ }
+
+ function test_getArgs()
+ {
+ $this->assertEquals($this->msg->getArgs(Auth_OpenID_OPENID_NS),
+ array('mode' => 'error',
+ 'error' => 'unit test'));
+ }
+
+ function test_getArgsBARE()
+ {
+ $this->assertEquals($this->msg->getArgs(Auth_OpenID_BARE_NS), array());
+ }
+
+ function test_getArgsNS1()
+ {
+ $this->assertEquals($this->msg->getArgs(Auth_OpenID_OPENID1_NS),
+ array('mode' => 'error',
+ 'error' => 'unit test'));
+ }
+
+ function test_getArgsNS2()
+ {
+ $this->assertEquals($this->msg->getArgs(Auth_OpenID_OPENID2_NS), array());
+ }
+
+ function test_getArgsNS3()
+ {
+ $this->assertEquals($this->msg->getArgs('urn:nothing-significant'), array());
+ }
+
+ function _test_updateArgsNS($ns, $before=null)
+ {
+ if ($before === null) {
+ $before = array();
+ }
+
+ $update_args = array(
+ 'Camper van Beethoven' => 'David Lowery',
+ 'Magnolia Electric Co.' => 'Jason Molina');
+
+ $this->assertEquals($this->msg->getArgs($ns), $before);
+ $this->msg->updateArgs($ns, $update_args);
+ $after = $before;
+ $after = array_merge($after, $update_args);
+ $this->assertEquals($this->msg->getArgs($ns), $after);
+ }
+
+ function test_updateArgs()
+ {
+ $this->_test_updateArgsNS(Auth_OpenID_OPENID_NS,
+ array('mode' => 'error', 'error' => 'unit test'));
+ }
+
+ function test_updateArgsBARE()
+ {
+ $this->_test_updateArgsNS(Auth_OpenID_BARE_NS);
+ }
+
+ function test_updateArgsNS1()
+ {
+ $this->_test_updateArgsNS(Auth_OpenID_OPENID1_NS,
+ array('mode' => 'error', 'error' => 'unit test'));
+ }
+
+ function test_updateArgsNS2()
+ {
+ $this->_test_updateArgsNS(Auth_OpenID_OPENID2_NS);
+ }
+
+ function test_updateArgsNS3()
+ {
+ $this->_test_updateArgsNS('urn:nothing-significant');
+ }
+
+ function _test_setArgNS($ns)
+ {
+ $key = 'Camper van Beethoven';
+ $value = 'David Lowery';
+ $this->assertEquals($this->msg->getArg($ns, $key), null);
+ $this->msg->setArg($ns, $key, $value);
+ $this->assertEquals($this->msg->getArg($ns, $key), $value);
+ }
+
+ function test_setArg()
+ {
+ $this->_test_setArgNS(Auth_OpenID_OPENID_NS);
+ }
+
+ function test_setArgBARE()
+ {
+ $this->_test_setArgNS(Auth_OpenID_BARE_NS);
+ }
+
+ function test_setArgNS1()
+ {
+ $this->_test_setArgNS(Auth_OpenID_OPENID1_NS);
+ }
+
+ function test_setArgNS2()
+ {
+ $this->_test_setArgNS(Auth_OpenID_OPENID2_NS);
+ }
+
+ function test_setArgNS3()
+ {
+ $this->_test_setArgNS('urn:nothing-significant');
+ }
+
+ function _test_delArgNS($ns)
+ {
+ $key = 'Camper van Beethoven';
+ $value = 'David Lowery';
+
+ $this->assertEquals($this->msg->delArg($ns, $key), false);
+ $this->msg->setArg($ns, $key, $value);
+ $this->assertEquals($this->msg->getArg($ns, $key), $value);
+ $this->msg->delArg($ns, $key);
+ $this->assertEquals($this->msg->getArg($ns, $key), null);
+ }
+
+ function test_delArg()
+ {
+ $this->_test_delArgNS(Auth_OpenID_OPENID_NS);
+ }
+
+ function test_delArgBARE()
+ {
+ $this->_test_delArgNS(Auth_OpenID_BARE_NS);
+ }
+
+ function test_delArgNS1()
+ {
+ $this->_test_delArgNS(Auth_OpenID_OPENID1_NS);
+ }
+
+ function test_delArgNS2()
+ {
+ $this->_test_delArgNS(Auth_OpenID_OPENID2_NS);
+ }
+
+ function test_delArgNS3()
+ {
+ $this->_test_delArgNS('urn:nothing-significant');
+ }
+
+ function test_isOpenID1()
+ {
+ $this->assertTrue($this->msg->isOpenID1());
+ }
+
+ function test_isOpenID2()
+ {
+ $this->assertFalse($this->msg->isOpenID2());
+ }
+
+ function test_args()
+ {
+ $this->_argTest(Auth_OpenID_BARE_NS, 'mode');
+ $this->_argTest(Auth_OpenID_OPENID_NS, 'mode', 'error');
+ $this->_argTest(Auth_OpenID_OPENID1_NS, 'mode', 'error');
+ $this->_argTest(Auth_OpenID_OPENID2_NS, 'mode');
+ $this->_argTest('urn:nothing-significant', 'mode');
+ }
+}
+
+class Tests_Auth_OpenID_OpenID1ExplicitMessage extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->msg = Auth_OpenID_Message::fromPostArgs(array('openid.mode' => 'error',
+ 'openid.error' => 'unit test',
+ 'openid.ns' => Auth_OpenID_OPENID1_NS));
+ }
+
+ function test_isOpenID1()
+ {
+ $this->assertTrue($this->msg->isOpenID1());
+ $this->assertFalse(
+ $this->msg->namespaces->isImplicit(Auth_OpenID_OPENID1_NS));
+ }
+
+ function test_isOpenID2()
+ {
+ $this->assertFalse($this->msg->isOpenID2());
+ }
+
+ function test_toPostArgs()
+ {
+ $this->assertEquals($this->msg->toPostArgs(),
+ array('openid.mode' => 'error',
+ 'openid.error' => 'unit test',
+ 'openid.ns' => Auth_OpenID_OPENID1_NS));
+ }
+
+ function test_toArgs()
+ {
+ $this->assertEquals($this->msg->toArgs(),
+ array('mode' => 'error',
+ 'error' => 'unit test',
+ 'ns' => Auth_OpenID_OPENID1_NS));
+ }
+
+ function test_toKVForm()
+ {
+ $this->assertEquals($this->msg->toKVForm(),
+ "error:unit test\nmode:error\nns:".
+ Auth_OpenID_OPENID1_NS."\n");
+ }
+
+ function test_toURLEncoded()
+ {
+ $this->assertEquals($this->msg->toURLEncoded(),
+ 'openid.error=unit+test&openid.mode=error&openid.ns=http%3A%2F%2Fopenid.net%2Fsignon%2F1.0');
+ }
+
+ function test_toURL()
+ {
+ $base_url = 'http://base.url/';
+ $actual = $this->msg->toURL($base_url);
+ $actual_base = substr($actual, 0, strlen($base_url));
+ $this->assertEquals($actual_base, $base_url);
+ $this->assertEquals($actual[strlen($base_url)], '?');
+ $query = substr($actual, strlen($base_url) + 1);
+
+ $parsed = Auth_OpenID::parse_str($query);
+
+ $this->assertEquals($parsed, array('openid.mode' => 'error',
+ 'openid.error' => 'unit test',
+ 'openid.ns' => Auth_OpenID_OPENID1_NS));
+ }
+}
+
+class Tests_Auth_OpenID_OpenID2Message extends MessageTest {
+ function setUp()
+ {
+ $this->msg = Auth_OpenID_Message::fromPostArgs(array('openid.mode' => 'error',
+ 'openid.error' => 'unit test',
+ 'openid.ns' => Auth_OpenID_OPENID2_NS));
+ $this->msg->setArg(Auth_OpenID_BARE_NS, "xey", "value");
+ }
+
+ function test_toPostArgs()
+ {
+ $this->assertEquals($this->msg->toPostArgs(),
+ array('openid.mode' => 'error',
+ 'openid.error' => 'unit test',
+ 'openid.ns' => Auth_OpenID_OPENID2_NS,
+ 'xey' => 'value'));
+ }
+
+ function test_toArgs()
+ {
+ // This method can't tolerate BARE_NS.
+ $this->msg->delArg(Auth_OpenID_BARE_NS, "xey");
+ $this->assertEquals($this->msg->toArgs(),
+ array('mode' => 'error',
+ 'error' => 'unit test',
+ 'ns' => Auth_OpenID_OPENID2_NS));
+ }
+
+ function test_toKVForm()
+ {
+ // Can't tolerate BARE_NS in kvform
+ $this->msg->delArg(Auth_OpenID_BARE_NS, "xey");
+ $this->assertEquals($this->msg->toKVForm(),
+ sprintf("error:unit test\nmode:error\nns:%s\n",
+ Auth_OpenID_OPENID2_NS));
+ }
+
+ function _test_urlencoded($s)
+ {
+ $expected = 'openid.error=unit+test&openid.mode=error&' .
+ 'openid.ns=%s&xey=value';
+
+ $expected = sprintf($expected, urlencode(Auth_OpenID_OPENID2_NS));
+ $this->assertEquals($s, $expected);
+ }
+
+ function test_toURLEncoded()
+ {
+ $this->_test_urlencoded($this->msg->toURLEncoded());
+ }
+
+ function test_toURL()
+ {
+ $base_url = 'http://base.url/';
+ $actual = $this->msg->toURL($base_url);
+ $actual_base = substr($actual, 0, strlen($base_url));
+
+ $this->assertEquals($actual_base, $base_url);
+ $this->assertEquals($actual[strlen($base_url)], '?');
+ $query = substr($actual, strlen($base_url) + 1);
+ $this->_test_urlencoded($query);
+ }
+
+ function test_getOpenID()
+ {
+ $this->assertEquals($this->msg->getOpenIDNamespace(),
+ Auth_OpenID_OPENID2_NS);
+ }
+
+ function test_getKeyOpenID()
+ {
+ $this->assertEquals($this->msg->getKey(Auth_OpenID_OPENID_NS, 'mode'),
+ 'openid.mode');
+ }
+
+ function test_getKeyBARE()
+ {
+ $this->assertEquals($this->msg->getKey(Auth_OpenID_BARE_NS, 'mode'), 'mode');
+ }
+
+ function test_getKeyNS1()
+ {
+ $this->assertEquals(
+ $this->msg->getKey(Auth_OpenID_OPENID1_NS, 'mode'), null);
+ }
+
+ function test_getKeyNS2()
+ {
+ $this->assertEquals(
+ $this->msg->getKey(Auth_OpenID_OPENID2_NS, 'mode'), 'openid.mode');
+ }
+
+ function test_getKeyNS3()
+ {
+ $this->assertEquals(
+ $this->msg->getKey('urn:nothing-significant', 'mode'), null);
+ }
+
+ function test_hasKeyOpenID()
+ {
+ $this->assertEquals($this->msg->hasKey(Auth_OpenID_OPENID_NS, 'mode'), true);
+ }
+
+ function test_hasKeyBARE()
+ {
+ $this->assertEquals($this->msg->hasKey(Auth_OpenID_BARE_NS, 'mode'), false);
+ }
+
+ function test_hasKeyNS1()
+ {
+ $this->assertEquals(
+ $this->msg->hasKey(Auth_OpenID_OPENID1_NS, 'mode'), false);
+ }
+
+ function test_hasKeyNS2()
+ {
+ $this->assertEquals(
+ $this->msg->hasKey(Auth_OpenID_OPENID2_NS, 'mode'), true);
+ }
+
+ function test_hasKeyNS3()
+ {
+ $this->assertEquals(
+ $this->msg->hasKey('urn:nothing-significant', 'mode'), false);
+ }
+
+ function test_getArgsOpenID()
+ {
+ $this->assertEquals($this->msg->getArgs(Auth_OpenID_OPENID_NS),
+ array('mode' => 'error',
+ 'error' => 'unit test'));
+ }
+
+ function test_getArgsBARE()
+ {
+ $this->assertEquals($this->msg->getArgs(Auth_OpenID_BARE_NS),
+ array('xey' => 'value'));
+ }
+
+ function test_getArgsNS1()
+ {
+ $this->assertEquals($this->msg->getArgs(Auth_OpenID_OPENID1_NS), array());
+ }
+
+ function test_getArgsNS2()
+ {
+ $this->assertEquals($this->msg->getArgs(Auth_OpenID_OPENID2_NS),
+ array('mode' => 'error',
+ 'error' => 'unit test'));
+ }
+
+ function test_getArgsNS3()
+ {
+ $this->assertEquals($this->msg->getArgs('urn:nothing-significant'), array());
+ }
+
+ function _test_updateArgsNS($ns, $before=null)
+ {
+ if ($before === null) {
+ $before = array();
+ }
+
+ $update_args = array(
+ 'Camper van Beethoven' => 'David Lowery',
+ 'Magnolia Electric Co.' => 'Jason Molina');
+
+ $this->assertEquals($this->msg->getArgs($ns), $before);
+ $this->msg->updateArgs($ns, $update_args);
+ $after = $before;
+ $after = array_merge($after, $update_args);
+ $this->assertEquals($this->msg->getArgs($ns), $after);
+ }
+
+ function test_updateArgsOpenID()
+ {
+ $this->_test_updateArgsNS(Auth_OpenID_OPENID_NS,
+ array('mode' => 'error', 'error' => 'unit test'));
+ }
+
+ function test_updateArgsBARE()
+ {
+ $this->_test_updateArgsNS(Auth_OpenID_BARE_NS,
+ array('xey' => 'value'));
+ }
+
+ function test_updateArgsNS1()
+ {
+ $this->_test_updateArgsNS(Auth_OpenID_OPENID1_NS);
+ }
+
+ function test_updateArgsNS2()
+ {
+ $this->_test_updateArgsNS(Auth_OpenID_OPENID2_NS,
+ array('mode' => 'error', 'error' => 'unit test'));
+ }
+
+ function test_updateArgsNS3()
+ {
+ $this->_test_updateArgsNS('urn:nothing-significant');
+ }
+
+ function _test_setArgNS($ns)
+ {
+ $key = 'Camper van Beethoven';
+ $value = 'David Lowery';
+ $this->assertEquals($this->msg->getArg($ns, $key), null);
+ $this->msg->setArg($ns, $key, $value);
+ $this->assertEquals($this->msg->getArg($ns, $key), $value);
+ }
+
+ function test_setArgOpenID()
+ {
+ $this->_test_setArgNS(Auth_OpenID_OPENID_NS);
+ }
+
+ function test_setArgBARE()
+ {
+ $this->_test_setArgNS(Auth_OpenID_BARE_NS);
+ }
+
+ function test_setArgNS1()
+ {
+ $this->_test_setArgNS(Auth_OpenID_OPENID1_NS);
+ }
+
+ function test_setArgNS2()
+ {
+ $this->_test_setArgNS(Auth_OpenID_OPENID2_NS);
+ }
+
+ function test_setArgNS3()
+ {
+ $this->_test_setArgNS('urn:nothing-significant');
+ }
+
+ function test_badAlias()
+ {
+ // Make sure dotted aliases and OpenID protocol fields are not
+ // allowed as namespace aliases.
+
+ global $Auth_OpenID_OPENID_PROTOCOL_FIELDS;
+
+ $all = array_merge($Auth_OpenID_OPENID_PROTOCOL_FIELDS, array('dotted.alias'));
+
+ foreach ($all as $f) {
+ $args = array(sprintf('openid.ns.%s', $f) => 'blah',
+ sprintf('openid.%s.foo', $f) => 'test');
+
+ // .fromPostArgs covers .fromPostArgs, .fromOpenIDArgs,
+ // ._fromOpenIDArgs, and .fromOpenIDArgs (since it calls
+ // .fromPostArgs). Python code raises AssertionError, but
+ // we usually return null for bad things in PHP.
+ $this->assertEquals($this->msg->fromPostArgs($args), null);
+ }
+ }
+
+ function _test_delArgNS($ns)
+ {
+ $key = 'Camper van Beethoven';
+ $value = 'David Lowery';
+
+ $this->assertEquals($this->msg->delArg($ns, $key), false);
+ $this->msg->setArg($ns, $key, $value);
+ $this->assertEquals($this->msg->getArg($ns, $key), $value);
+ $this->msg->delArg($ns, $key);
+ $this->assertEquals($this->msg->getArg($ns, $key), null);
+ }
+
+ function test_delArgOpenID()
+ {
+ $this->_test_delArgNS(Auth_OpenID_OPENID_NS);
+ }
+
+ function test_delArgBARE()
+ {
+ $this->_test_delArgNS(Auth_OpenID_BARE_NS);
+ }
+
+ function test_delArgNS1()
+ {
+ $this->_test_delArgNS(Auth_OpenID_OPENID1_NS);
+ }
+
+ function test_delArgNS2()
+ {
+ $this->_test_delArgNS(Auth_OpenID_OPENID2_NS);
+ }
+
+ function test_delArgNS3()
+ {
+ $this->_test_delArgNS('urn:nothing-significant');
+ }
+
+ function test_overwriteExtensionArg()
+ {
+ $ns = 'urn:unittest_extension';
+ $key = 'mykey';
+ $value_1 = 'value_1';
+ $value_2 = 'value_2';
+
+ $this->msg->setArg($ns, $key, $value_1);
+ $this->assertTrue($this->msg->getArg($ns, $key) == $value_1);
+ $this->msg->setArg($ns, $key, $value_2);
+ $this->assertTrue($this->msg->getArg($ns, $key) == $value_2);
+ }
+
+ function test_argList()
+ {
+ $this->assertEquals($this->msg->fromPostArgs(array('arg' => array(1, 2, 3))),
+ null);
+ }
+
+ function test_isOpenID1()
+ {
+ $this->assertFalse($this->msg->isOpenID1());
+ }
+
+ function test_isOpenID2()
+ {
+ $this->assertTrue($this->msg->isOpenID2());
+ }
+
+ function test_args()
+ {
+ $this->_argTest(Auth_OpenID_BARE_NS, 'mode');
+ $this->_argTest(Auth_OpenID_OPENID_NS, 'mode', 'error');
+ $this->_argTest(Auth_OpenID_OPENID1_NS, 'mode');
+ $this->_argTest(Auth_OpenID_OPENID2_NS, 'mode', 'error');
+ $this->_argTest('urn:nothing-significant', 'mode');
+ }
+}
+
+class Tests_Auth_OpenID_GeneralMessageTest extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->postargs = array(
+ 'openid.ns' => Auth_OpenID_OPENID2_NS,
+ 'openid.mode' => 'checkid_setup',
+ 'openid.identity' => 'http://bogus.example.invalid:port/',
+ 'openid.assoc_handle' => 'FLUB',
+ 'openid.return_to' => 'Neverland');
+
+ $this->action_url = 'scheme://host:port/path?query';
+
+ $this->form_tag_attrs = array(
+ 'company' => 'janrain',
+ 'class' => 'fancyCSS');
+
+ $this->submit_text = 'GO!';
+
+ // Expected data regardless of input
+
+ $this->required_form_attrs = array(
+ 'accept-charset' => 'UTF-8',
+ 'enctype' => 'application/x-www-form-urlencoded',
+ 'method' => 'post');
+ }
+
+ function _checkForm($html, $message_, $action_url,
+ $form_tag_attrs, $submit_text)
+ {
+ $parser = Auth_Yadis_getXMLParser();
+
+ // Parse HTML source
+ $this->assertTrue($parser->init($html, array()));
+
+ // Get root element
+ $form = $parser->evalXPath('/form[1]');
+ $this->assertTrue(count($form) == 1);
+ $form = $form[0];
+
+ // Check required form attributes
+ $form_attrs = $parser->attributes($form);
+ foreach ($this->required_form_attrs as $k => $v) {
+ $this->assertTrue($form_attrs[$k] == $v);
+ }
+
+ // Check extra form attributes
+ foreach ($form_tag_attrs as $k => $v) {
+ // Skip attributes that already passed the required
+ // attribute check, since they should be ignored by the
+ // form generation code.
+ if (in_array($k, array_keys($this->required_form_attrs))) {
+ continue;
+ }
+
+ $this->assertTrue($form_attrs[$k] == $v,
+ "Form attr $k is ".$form_attrs[$k]." (expected $v)");
+ }
+
+ // Check hidden fields against post args
+ $hiddens = array();
+ $input_elements = $parser->evalXPath('input', $form);
+ foreach ($input_elements as $e) {
+ $attrs = $parser->attributes($e);
+ if (strtoupper($attrs['type']) == 'HIDDEN') {
+ $hiddens[] = $e;
+ }
+ }
+
+ // For each post arg, make sure there is a hidden with that
+ // value. Make sure there are no other hiddens.
+ $postargs = $message_->toPostArgs();
+ foreach ($postargs as $name => $value) {
+ $found = false;
+
+ foreach ($hiddens as $e) {
+ $attrs = $parser->attributes($e);
+ if ($attrs['name'] == $name) {
+ $this->assertTrue($attrs['value'] == $value);
+ $found = true;
+ break;
+ }
+ }
+
+ if (!$found) {
+ $this->fail("Post arg $name not found in form");
+ }
+ }
+
+ $keys = array_keys($postargs);
+ foreach ($hiddens as $e) {
+ $attrs = $parser->attributes($e);
+ $this->assertTrue(in_array($attrs['name'], $keys));
+ }
+
+ // Check action URL
+ $this->assertTrue($form_attrs['action'] == $action_url);
+
+ // Check submit text
+ $submits = array();
+ foreach ($input_elements as $e) {
+ $attrs = $parser->attributes($e);
+ if (strtoupper($attrs['type']) == 'SUBMIT') {
+ $submits[] = $e;
+ }
+ }
+
+ $this->assertTrue(count($submits) == 1);
+
+ $attrs = $parser->attributes($submits[0]);
+ $this->assertTrue($attrs['value'] == $submit_text);
+ }
+
+ function test_toFormMarkup()
+ {
+ $m = Auth_OpenID_Message::fromPostArgs($this->postargs);
+ $html = $m->toFormMarkup($this->action_url, $this->form_tag_attrs,
+ $this->submit_text);
+ $this->_checkForm($html, $m, $this->action_url,
+ $this->form_tag_attrs, $this->submit_text);
+ }
+
+ function test_overrideMethod()
+ {
+ // Be sure that caller cannot change form method to GET.
+ $m = Auth_OpenID_Message::fromPostArgs($this->postargs);
+
+ $tag_attrs = $this->form_tag_attrs;
+ $tag_attrs['method'] = 'GET';
+
+ $html = $m->toFormMarkup($this->action_url, $this->form_tag_attrs,
+ $this->submit_text);
+ $this->_checkForm($html, $m, $this->action_url,
+ $this->form_tag_attrs, $this->submit_text);
+ }
+
+ function test_overrideRequired()
+ {
+ // Be sure that caller CANNOT change the form charset for
+ // encoding type.
+ $m = Auth_OpenID_Message::fromPostArgs($this->postargs);
+
+ $tag_attrs = $this->form_tag_attrs;
+ $tag_attrs['accept-charset'] = 'UCS4';
+ $tag_attrs['enctype'] = 'invalid/x-broken';
+
+ $html = $m->toFormMarkup($this->action_url, $tag_attrs,
+ $this->submit_text);
+ $this->_checkForm($html, $m, $this->action_url,
+ $tag_attrs, $this->submit_text);
+ }
+
+ function test_setOpenIDNamespace_invalid()
+ {
+ $m = new Auth_OpenID_Message();
+ $invalid_things = array(
+ // Empty string is not okay here.
+ '',
+ // Good guess! But wrong.
+ 'http://openid.net/signon/2.0',
+ // What?
+ 'http://specs%\\\r2Eopenid.net/auth/2.0',
+ // Too much escapings!
+ 'http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0',
+ // This is a Type URI, not a openid.ns value.
+ 'http://specs.openid.net/auth/2.0/signon',
+ );
+
+ foreach ($invalid_things as $x) {
+ $this->assertTrue($m->setOpenIDNamespace($x, true) === false);
+ }
+ }
+
+ function test_isOpenID1()
+ {
+ $v1_namespaces = array(
+ // Yes, there are two of them.
+ 'http://openid.net/signon/1.1',
+ 'http://openid.net/signon/1.0',
+ );
+
+ foreach ($v1_namespaces as $ns) {
+ $m = new Auth_OpenID_Message($ns);
+ $this->assertTrue($m->isOpenID1(),
+ "$ns not recognized as OpenID 1");
+ $this->assertEquals($ns, $m->getOpenIDNamespace());
+ $this->assertTrue($m->namespaces->isImplicit($ns));
+ }
+ }
+
+ function test_isOpenID2()
+ {
+ $ns = 'http://specs.openid.net/auth/2.0';
+ $m = new Auth_OpenID_Message($ns);
+ $this->assertTrue($m->isOpenID2());
+ $this->assertFalse(
+ $m->namespaces->isImplicit(Auth_OpenID_NULL_NAMESPACE));
+ $this->assertEquals($ns, $m->getOpenIDNamespace());
+ }
+
+ function test_setOpenIDNamespace_explicit()
+ {
+ $m = new Auth_OpenID_Message();
+ $m->setOpenIDNamespace(Auth_OpenID_THE_OTHER_OPENID1_NS, false);
+ $this->assertFalse($m->namespaces->isImplicit(
+ Auth_OpenID_THE_OTHER_OPENID1_NS));
+ }
+
+ function test_setOpenIDNamespace_implicit()
+ {
+ $m = new Auth_OpenID_Message();
+ $m->setOpenIDNamespace(Auth_OpenID_THE_OTHER_OPENID1_NS, true);
+ $this->assertTrue(
+ $m->namespaces->isImplicit(Auth_OpenID_THE_OTHER_OPENID1_NS));
+ }
+
+
+ function test_explicitOpenID11NSSerialzation()
+ {
+ $m = new Auth_OpenID_Message();
+ $m->setOpenIDNamespace(Auth_OpenID_THE_OTHER_OPENID1_NS, false);
+
+ $post_args = $m->toPostArgs();
+ $this->assertEquals($post_args,
+ array('openid.ns' =>
+ Auth_OpenID_THE_OTHER_OPENID1_NS));
+ }
+
+ function test_fromPostArgs_ns11()
+ {
+ // An example of the stuff that some Drupal installations send us,
+ // which includes openid.ns but is 1.1.
+ $query = array(
+ 'openid.assoc_handle' => '',
+ 'openid.claimed_id' => 'http://foobar.invalid/',
+ 'openid.identity' => 'http://foobar.myopenid.com',
+ 'openid.mode' => 'checkid_setup',
+ 'openid.ns' => 'http://openid.net/signon/1.1',
+ 'openid.ns.sreg' => 'http://openid.net/extensions/sreg/1.1',
+ 'openid.return_to' => 'http://drupal.invalid/return_to',
+ 'openid.sreg.required' => 'nickname,email',
+ 'openid.trust_root' => 'http://drupal.invalid',
+ );
+ $m = Auth_OpenID_Message::fromPostArgs($query);
+ $this->assertTrue($m->isOpenID1());
+ }
+}
+
+class Tests_Auth_OpenID_NamespaceMap extends PHPUnit_Framework_TestCase {
+ function test_onealias()
+ {
+ $nsm = new Auth_OpenID_NamespaceMap();
+ $uri = 'http://example.com/foo';
+ $alias = "foo";
+ $nsm->addAlias($uri, $alias);
+ $this->assertTrue($nsm->getNamespaceURI($alias) == $uri);
+ $this->assertTrue($nsm->getAlias($uri) == $alias);
+ }
+
+ function test_iteration()
+ {
+ $nsm = new Auth_OpenID_NamespaceMap();
+ $uripat = 'http://example.com/foo%d';
+
+ $nsm->add(sprintf($uripat, 0));
+
+ for ($n = 1; $n < 23; $n++) {
+ $this->assertTrue($nsm->contains(sprintf($uripat, $n - 1)));
+ $this->assertTrue($nsm->isDefined(sprintf($uripat, $n - 1)));
+ $nsm->add(sprintf($uripat, $n));
+ }
+
+ foreach ($nsm->iteritems() as $pair) {
+ list($uri, $alias) = $pair;
+ $this->assertTrue('ext'.substr($uri, 22) == $alias);
+ }
+
+ $it = $nsm->iterAliases();
+ $this->assertTrue(count($it) == 23);
+
+ $it = $nsm->iterNamespaceURIs();
+ $this->assertTrue(count($it) == 23);
+ }
+}
+
+class Tests_Auth_OpenID_Message extends PHPUnit_Framework_TestCase {
+}
+
+global $Tests_Auth_OpenID_Message_other;
+$Tests_Auth_OpenID_Message_other = array(
+ new Tests_Auth_OpenID_EmptyMessage(),
+ new Tests_Auth_OpenID_OpenID1Message(),
+ new Tests_Auth_OpenID_OpenID2Message(),
+ new Tests_Auth_OpenID_NamespaceMap(),
+ new Tests_Auth_OpenID_OpenID1ExplicitMessage(),
+ new Tests_Auth_OpenID_GeneralMessageTest()
+ );
+
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/Negotiation.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Negotiation.php
new file mode 100644
index 000000000..02628fc2b
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Negotiation.php
@@ -0,0 +1,346 @@
+<?php
+
+require_once "Tests/Auth/OpenID/TestUtil.php";
+require_once "Tests/Auth/OpenID/MemStore.php";
+
+require_once "Auth/OpenID/Message.php";
+require_once "Auth/OpenID/Consumer.php";
+
+/**
+ * A consumer whose _requestAssocation will return predefined results
+ * instead of trying to actually perform association requests.
+ */
+class ErrorRaisingConsumer extends Auth_OpenID_GenericConsumer {
+ // The list of objects to be returned by successive calls to
+ // _requestAssocation. Each call will pop the first element from
+ // this list and return it to _negotiateAssociation. If the
+ // element is a Message object, it will be wrapped in a
+ // ServerErrorContainer exception. Otherwise it will be returned
+ // as-is.
+ var $return_messages = array();
+
+ function _requestAssociation($endpoint, $assoc_type, $session_type)
+ {
+ $m = array_pop($this->return_messages);
+ if (is_a($m, 'Auth_OpenID_Message')) {
+ return Auth_OpenID_ServerErrorContainer::fromMessage($m);
+ } else if (Auth_OpenID::isFailure($m)) {
+ return $m;
+ } else {
+ return $m;
+ }
+ }
+}
+
+/**
+ * Test the session type negotiation behavior of an OpenID 2 consumer.
+ */
+class TestOpenID2SessionNegotiation extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $dumb = null;
+ $this->consumer = new ErrorRaisingConsumer($dumb);
+ $this->endpoint = new Auth_OpenID_ServiceEndpoint();
+ $this->endpoint->type_uris = array(Auth_OpenID_TYPE_2_0);
+ $this->endpoint->server_url = 'bogus';
+ }
+
+ /**
+ * Test the case where the response to an associate request is a
+ * server error or is otherwise undecipherable.
+ */
+ function testBadResponse()
+ {
+ $this->consumer->return_messages = array(
+ new Auth_OpenID_Message($this->endpoint->preferredNamespace()));
+ $this->assertEquals($this->consumer->_negotiateAssociation($this->endpoint), null);
+ // $this->failUnlessLogMatches('Server error when requesting an association')
+ }
+
+ /**
+ * Test the case where the response to an associate request is a
+ * a failure response object.
+ */
+ function testBadResponseWithFailure()
+ {
+ $this->consumer->return_messages = array(
+ new Auth_OpenID_FailureResponse($this->endpoint));
+ $this->assertEquals($this->consumer->_negotiateAssociation($this->endpoint), null);
+ // $this->failUnlessLogMatches('Server error when requesting an association')
+ }
+
+ /**
+ * Test the case where the association type (assoc_type) returned
+ * in an unsupported-type response is absent.
+ */
+ function testEmptyAssocType()
+ {
+ $msg = new Auth_OpenID_Message($this->endpoint->preferredNamespace());
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'error', 'Unsupported type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'error_code', 'unsupported-type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'assoc_type', null);
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'session_type', 'new-session-type');
+
+ $this->consumer->return_messages = array($msg);
+ $this->assertEquals($this->consumer->_negotiateAssociation($this->endpoint), null);
+
+ // $this->failUnlessLogMatches('Unsupported association type',
+ // 'Server responded with unsupported association ' +
+ // 'session but did not supply a fallback.')
+ }
+
+ /**
+ * Test the case where the session type (session_type) returned in
+ * an unsupported-type response is absent.
+ */
+ function testEmptySessionType()
+ {
+ $msg = new Auth_OpenID_Message($this->endpoint->preferredNamespace());
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'error', 'Unsupported type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'error_code', 'unsupported-type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'assoc_type', 'new-assoc-type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'session_type', null);
+
+ $this->consumer->return_messages = array($msg);
+ $this->assertEquals($this->consumer->_negotiateAssociation($this->endpoint), null);
+
+ // $this->failUnlessLogMatches('Unsupported association type',
+ // 'Server responded with unsupported association ' +
+ // 'session but did not supply a fallback.')
+ }
+
+ /**
+ * Test the case where an unsupported-type response specifies a
+ * preferred (assoc_type, session_type) combination that is not
+ * allowed by the consumer's SessionNegotiator.
+ */
+ function testNotAllowed()
+ {
+ $allowed_types = array();
+
+ $negotiator = new Auth_OpenID_SessionNegotiator($allowed_types);
+ $this->consumer->negotiator = $negotiator;
+
+ $msg = new Auth_OpenID_Message($this->endpoint->preferredNamespace());
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'error', 'Unsupported type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'error_code', 'unsupported-type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'assoc_type', 'not-allowed');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'session_type', 'not-allowed');
+
+ $this->consumer->return_messages = array($msg);
+ $this->assertEquals($this->consumer->_negotiateAssociation($this->endpoint), null);
+
+ // $this->failUnlessLogMatches('Unsupported association type',
+ // 'Server sent unsupported session/association type:')
+ }
+
+ /**
+ * Test the case where an unsupported-type response triggers a
+ * retry to get an association with the new preferred type.
+ */
+ function testUnsupportedWithRetry()
+ {
+ $msg = new Auth_OpenID_Message($this->endpoint->preferredNamespace());
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'error', 'Unsupported type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'error_code', 'unsupported-type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'assoc_type', 'HMAC-SHA1');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'session_type', 'DH-SHA1');
+
+ $assoc = new Auth_OpenID_Association(
+ 'handle', 'secret', 'issued', 10000, 'HMAC-SHA1');
+
+ $this->consumer->return_messages = array($msg, $assoc);
+ $this->assertTrue($this->consumer->_negotiateAssociation($this->endpoint) === $assoc);
+
+ // $this->failUnlessLogMatches('Unsupported association type');
+ }
+
+ /**
+ * Test the case where an unsupported-typ response triggers a
+ * retry, but the retry fails and None is returned instead.
+ */
+ function testUnsupportedWithRetryAndFail()
+ {
+ $msg = new Auth_OpenID_Message($this->endpoint->preferredNamespace());
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'error', 'Unsupported type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'error_code', 'unsupported-type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'assoc_type', 'HMAC-SHA1');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'session_type', 'DH-SHA1');
+
+ $this->consumer->return_messages = array($msg,
+ new Auth_OpenID_Message($this->endpoint->preferredNamespace()));
+
+ $this->assertEquals($this->consumer->_negotiateAssociation($this->endpoint), null);
+
+ // $this->failUnlessLogMatches('Unsupported association type',
+ // 'Server %s refused' % ($this->endpoint.server_url))
+ }
+
+ /**
+ * Test the valid case, wherein an association is returned on the
+ * first attempt to get one.
+ */
+ function testValid()
+ {
+ $assoc = new Auth_OpenID_Association(
+ 'handle', 'secret', 'issued', 10000, 'HMAC-SHA1');
+
+ $this->consumer->return_messages = array($assoc);
+ $this->assertTrue($this->consumer->_negotiateAssociation($this->endpoint) === $assoc);
+ // $this->failUnlessLogEmpty()
+ }
+}
+
+/**
+ * Tests for the OpenID 1 consumer association session behavior. See
+ * the docs for TestOpenID2SessionNegotiation. Notice that this class
+ * is not a subclass of the OpenID 2 tests. Instead, it uses many of
+ * the same inputs but inspects the log messages logged with
+ * oidutil.log. See the calls to $this->failUnlessLogMatches. Some
+ * of these tests pass openid2-style messages to the openid 1
+ * association processing logic to be sure it ignores the extra data.
+ */
+class TestOpenID1SessionNegotiation extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $dumb = null;
+ $this->consumer = new ErrorRaisingConsumer($dumb);
+
+ $this->endpoint = new Auth_OpenID_ServiceEndpoint();
+ $this->endpoint->type_uris = array(Auth_OpenID_OPENID1_NS);
+ $this->endpoint->server_url = 'bogus';
+ }
+
+ function testBadResponse()
+ {
+ $this->consumer->return_messages =
+ array(new Auth_OpenID_Message($this->endpoint->preferredNamespace()));
+ $this->assertEquals($this->consumer->_negotiateAssociation($this->endpoint), null);
+ // $this->failUnlessLogMatches('Server error when requesting an association')
+ }
+
+ function testEmptyAssocType()
+ {
+ $msg = new Auth_OpenID_Message($this->endpoint->preferredNamespace());
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'error', 'Unsupported type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'error_code', 'unsupported-type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'assoc_type', null);
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'session_type', 'new-session-type');
+
+ $this->consumer->return_messages = array($msg);
+ $this->assertEquals($this->consumer->_negotiateAssociation($this->endpoint), null);
+
+ // $this->failUnlessLogMatches('Server error when requesting an association')
+ }
+
+ function testEmptySessionType()
+ {
+ $msg = new Auth_OpenID_Message($this->endpoint->preferredNamespace());
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'error', 'Unsupported type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'error_code', 'unsupported-type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'assoc_type', 'new-assoc-type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'session_type', null);
+
+ $this->consumer->return_messages = array($msg);
+ $this->assertEquals($this->consumer->_negotiateAssociation($this->endpoint), null);
+
+ // $this->failUnlessLogMatches('Server error when requesting an association');
+ }
+
+ function testNotAllowed()
+ {
+ $allowed_types = array();
+
+ $negotiator = new Auth_OpenID_SessionNegotiator($allowed_types);
+ $this->consumer->negotiator = $negotiator;
+
+ $msg = new Auth_OpenID_Message($this->endpoint->preferredNamespace());
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'error', 'Unsupported type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'error_code', 'unsupported-type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'assoc_type', 'not-allowed');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'session_type', 'not-allowed');
+
+ $this->consumer->return_messages = array($msg);
+ $this->assertEquals($this->consumer->_negotiateAssociation($this->endpoint), null);
+
+ // $this->failUnlessLogMatches('Server error when requesting an association')
+ }
+
+ function testUnsupportedWithRetry()
+ {
+ $msg = new Auth_OpenID_Message($this->endpoint->preferredNamespace());
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'error', 'Unsupported type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'error_code', 'unsupported-type');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'assoc_type', 'HMAC-SHA1');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'session_type', 'DH-SHA1');
+
+ $assoc = new Auth_OpenID_Association(
+ 'handle', 'secretxx', 'issued', 10000, 'HMAC-SHA1');
+
+ $this->consumer->return_messages = array($assoc, $msg);
+
+ $result = $this->consumer->_negotiateAssociation($this->endpoint);
+ $this->assertTrue($result === null);
+
+ // $this->failUnlessLogMatches('Server error when requesting an association')
+ }
+
+ function testValid()
+ {
+ $assoc = new Auth_OpenID_Association(
+ 'handle', 'secret', 'issued', 10000, 'HMAC-SHA1');
+
+ $this->consumer->return_messages = array($assoc);
+ $this->assertTrue($this->consumer->_negotiateAssociation($this->endpoint) === $assoc);
+ // $this->failUnlessLogEmpty()
+ }
+}
+
+class TestNegotiatorBehaviors extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->allowed_types = array(
+ array('HMAC-SHA1', 'no-encryption'),
+ array('HMAC-SHA256', 'no-encryption')
+ );
+
+ $this->n = new Auth_OpenID_SessionNegotiator($this->allowed_types);
+ }
+
+ function testAddAllowedTypeNoSessionTypes()
+ {
+ $this->assertFalse($this->n->addAllowedType('invalid'));
+ }
+
+ function testAddAllowedTypeBadSessionType()
+ {
+ $this->assertFalse($this->n->addAllowedType('assoc1', 'invalid'));
+ }
+
+ function testAddAllowedTypeContents()
+ {
+ $assoc_type = 'HMAC-SHA1';
+ $this->assertTrue($this->n->addAllowedType($assoc_type));
+
+ foreach (Auth_OpenID_getSessionTypes($assoc_type) as $typ) {
+ $this->assertTrue(in_array(array($assoc_type, $typ),
+ $this->n->allowed_types));
+ }
+ }
+}
+
+class Tests_Auth_OpenID_Negotiation extends PHPUnit_Framework_TestSuite {
+
+ function getName()
+ {
+ return 'Tests_Auth_OpenID_Negotiation';
+ }
+
+ function Tests_Auth_OpenID_Negotiation()
+ {
+ $this->addTestSuite('TestNegotiatorBehaviors');
+ $this->addTestSuite('TestOpenID1SessionNegotiation');
+ $this->addTestSuite('TestOpenID2SessionNegotiation');
+ }
+}
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/Nonce.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Nonce.php
new file mode 100644
index 000000000..1f64948ff
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Nonce.php
@@ -0,0 +1,166 @@
+<?php
+
+/**
+ * Tests for the Nonce implementation.
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2006 Janrain, Inc.
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+require_once 'Auth/OpenID/Nonce.php';
+
+define('Tests_Auth_OpenID_nonce_re',
+ '/\A\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ/');
+
+class Tests_Auth_OpenID_Nonce extends PHPUnit_Framework_TestSuite {
+ function Tests_Auth_OpenID_Nonce()
+ {
+ $this->addTestSuite('Tests_Auth_OpenID_NonceTests');
+ $this->makeSplitTests();
+ $this->makeCheckTimestampTests();
+ $this->setName('Tests_Auth_OpenID_Nonce');
+ }
+
+ function makeSplitTests()
+ {
+ $cases = array(
+ '',
+ '1970-01-01T00:00:00+1:00',
+ '1969-01-01T00:00:00Z',
+ '1970-00-01T00:00:00Z',
+ '1970.01-01T00:00:00Z',
+ 'Thu Sep 7 13:29:31 PDT 2006',
+ 'monkeys',
+ );
+
+ foreach ($cases as $nonce_str) {
+ $this->_mkSplitTest($nonce_str);
+ }
+ }
+
+ function _mkSplitTest($nonce_str)
+ {
+ $test = new Tests_Auth_OpenID_Nonce_BadSplitCase($nonce_str);
+ $test->setName('BadNonceSplit ' . var_export($nonce_str, true));
+ $this->addTest($test);
+ }
+
+ function makeCheckTimestampTests()
+ {
+ $cases = array(
+ // exact, no allowed skew
+ array('1970-01-01T00:00:00Z', 0, 0, true),
+
+ // exact, large skew
+ array('1970-01-01T00:00:00Z', 1000, 0, true),
+
+ // no allowed skew, one second old
+ array('1970-01-01T00:00:00Z', 0, 1, false),
+
+ // many seconds old, outside of skew
+ array('1970-01-01T00:00:00Z', 10, 50, false),
+
+ // one second old, one second skew allowed
+ array('1970-01-01T00:00:00Z', 1, 1, true),
+
+ // One second in the future, one second skew allowed
+ array('1970-01-01T00:00:02Z', 1, 1, true),
+
+ // two seconds in the future, one second skew allowed
+ array('1970-01-01T00:00:02Z', 1, 0, false),
+
+ // malformed nonce string
+ array('monkeys', 0, 0, false)
+ );
+
+ foreach ($cases as $case) {
+ $this->_mkCheckTest($case);
+ }
+ }
+
+ function _mkCheckTest($case)
+ {
+ list($nonce_str, $skew, $now, $expected) = $case;
+ $test = new Tests_Auth_OpenID_Nonce_TimestampCase(
+ $nonce_str, $skew, $now, $expected);
+ $test->setName('CheckTimestamp ' . var_export($nonce_str, true));
+ $this->addTest($test);
+ }
+}
+
+class Tests_Auth_OpenID_Nonce_TimestampCase extends PHPUnit_Framework_TestCase {
+ function Tests_Auth_OpenID_Nonce_TimestampCase(
+ $nonce_str, $skew, $now, $expected)
+ {
+ $this->nonce_string = $nonce_str;
+ $this->allowed_skew = $skew;
+ $this->now = $now;
+ $this->expected = $expected;
+ }
+
+ function runTest()
+ {
+ $actual = Auth_OpenID_checkTimestamp($this->nonce_string,
+ $this->allowed_skew,
+ $this->now);
+ $this->assertEquals($this->expected, $actual);
+ }
+}
+
+class Tests_Auth_OpenID_NonceTests extends PHPUnit_Framework_TestCase {
+ function test_mkNonce()
+ {
+ $nonce_str = Auth_OpenID_mkNonce();
+ $this->assertTrue(preg_match(Tests_Auth_OpenID_nonce_re, $nonce_str));
+ }
+
+ function test_mkNonce_when()
+ {
+ $nonce_str = Auth_OpenID_mkNonce(0);
+ $this->assertTrue(preg_match(Tests_Auth_OpenID_nonce_re, $nonce_str));
+ $tpart = substr($nonce_str, 0, 20);
+ $this->assertEquals('1970-01-01T00:00:00Z', $tpart);
+ }
+
+ function test_splitNonce()
+ {
+ $s = '1970-01-01T00:00:00Z';
+ $expected_t = 0;
+ $expected_salt = '';
+ list($actual_t, $actual_salt) = Auth_OpenID_splitNonce($s);
+ $this->assertEquals($expected_t, $actual_t);
+ $this->assertEquals($expected_salt, $actual_salt);
+ }
+
+
+ function test_mkSplit()
+ {
+ $t = 42;;
+ $nonce_str = Auth_OpenID_mkNonce($t);
+ $this->assertTrue(preg_match(Tests_Auth_OpenID_nonce_re, $nonce_str));
+ list($et, $salt) = Auth_OpenID_splitNonce($nonce_str);
+ $this->assertEquals(6, strlen($salt));
+ $this->assertEquals($et, $t);
+ }
+}
+
+class Tests_Auth_OpenID_Nonce_BadSplitCase extends PHPUnit_Framework_TestCase {
+ function Tests_Auth_OpenID_Nonce_BadSplitCase($nonce_str)
+ {
+ $this->nonce_str = $nonce_str;
+ }
+
+ function runTest()
+ {
+ $result = Auth_OpenID_splitNonce($this->nonce_str);
+ $this->assertNull($result);
+ }
+}
+
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/OpenID_Yadis.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/OpenID_Yadis.php
new file mode 100644
index 000000000..f013d967e
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/OpenID_Yadis.php
@@ -0,0 +1,228 @@
+<?php
+
+/**
+ * Tests for the combination of Yadis discovery and the OpenID
+ * protocol.
+ */
+
+require_once "Auth/Yadis/XRDS.php";
+require_once "Auth/OpenID/Discover.php";
+
+global $__XRDS_BOILERPLATE;
+$__XRDS_BOILERPLATE = '<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)"
+ xmlns:openid="http://openid.net/xmlns/1.0">
+ <XRD>
+%s
+ </XRD>
+</xrds:XRDS>
+';
+
+// Different sets of server URLs for use in the URI tag
+global $__server_url_options;
+$__server_url_options = array(
+ array(), // This case should not generate an endpoint object
+ array('http://server.url/'),
+ array('https://server.url/'),
+ array('https://server.url/', 'http://server.url/'),
+ array('https://server.url/',
+ 'http://server.url/',
+ 'http://example.server.url/'),
+ );
+
+// A couple of example extension type URIs. These are not at all
+// official, but are just here for testing.
+global $__ext_types;
+$__ext_types = array(
+ 'http://janrain.com/extension/blah',
+ 'http://openid.net/sreg/1.0');
+
+// All valid combinations of Type tags that should produce an OpenID
+// endpoint
+global $__openid_types;
+$__openid_types = array(
+ Auth_OpenID_TYPE_1_0,
+ Auth_OpenID_TYPE_1_1);
+
+$temp = array();
+foreach (__subsets($__ext_types) as $exts) {
+ foreach (__subsets($__openid_types) as $ts) {
+ if ($ts) {
+ $temp[] = array_merge($exts, $ts);
+ }
+ }
+}
+
+global $__type_uri_options;
+$__type_uri_options = $temp;
+
+// Range of valid Delegate tag values for generating test data
+global $__delegate_options;
+$__delegate_options = array(
+ null,
+ 'http://vanity.domain/',
+ 'https://somewhere/yadis/');
+
+$temp = array();
+foreach ($__delegate_options as $delegate) {
+ foreach ($__type_uri_options as $type_uris) {
+ foreach ($__server_url_options as $uris) {
+ $temp[] = array($uris, $type_uris, $delegate);
+ }
+ }
+}
+
+// All combinations of valid URIs, Type URIs and Delegate tags
+global $__data;
+$__data = $temp;
+
+function _mkXRDS($services_str)
+{
+ global $__XRDS_BOILERPLATE;
+ return sprintf($__XRDS_BOILERPLATE, $services_str);
+}
+
+function _mkService($uris = null, $type_uris = null,
+ $delegate = null, $dent = ' ')
+{
+ $chunks = array($dent, "<Service>\n");
+ $dent2 = $dent . ' ';
+ if ($type_uris) {
+ foreach ($type_uris as $type_uri) {
+ $chunks = array_merge($chunks,
+ array($dent2 . '<Type>',
+ $type_uri, "</Type>\n"));
+ }
+ }
+
+ if ($uris) {
+ foreach ($uris as $uri) {
+ if (is_array($uri)) {
+ list($uri, $prio) = $uri;
+ } else {
+ $prio = null;
+ }
+ $chunks = array_merge($chunks, array($dent2, '<URI'));
+ if ($prio !== null) {
+ $chunks = array_merge($chunks, array(' priority="', strval($prio), '"'));
+ }
+ $chunks = array_merge($chunks, array('>', $uri, "</URI>\n"));
+ }
+ }
+
+ if ($delegate) {
+ $chunks = array_merge($chunks,
+ array($dent2, '<openid:Delegate>',
+ $delegate, "</openid:Delegate>\n"));
+ }
+
+ $chunks = array_merge($chunks, array($dent, "</Service>\n"));
+
+ return implode("", $chunks);
+}
+
+// Used for generating test data
+function __subsets($list)
+{
+ // Generate all non-empty sublists of a list
+ $subsets_list = array(array());
+ foreach ($list as $elem) {
+
+ $temp = array();
+ foreach ($subsets_list as $t) {
+ $temp[] = array_merge(array($elem), $t);
+ }
+
+ $subsets_list = array_merge($subsets_list, $temp);
+ }
+
+ return $subsets_list;
+}
+
+class Tests_Auth_OpenID_Tester extends PHPUnit_Framework_TestCase {
+ function Tests_Auth_OpenID_Tester($uris, $type_uris, $delegate)
+ {
+ parent::__construct();
+ $this->uris = $uris;
+ $this->type_uris = $type_uris;
+ $this->local_id = $delegate;
+ }
+
+ function setUp()
+ {
+ $this->yadis_url = 'http://unit.test/';
+
+ // Create an XRDS document to parse
+ $services = _mkService($this->uris,
+ $this->type_uris,
+ $this->local_id);
+ $this->xrds = _mkXRDS($services);
+ }
+
+ function runTest()
+ {
+ // Parse into endpoint objects that we will check
+ $xrds_object = Auth_Yadis_XRDS::parseXRDS($this->xrds);
+
+ $endpoints = array();
+
+ if ($xrds_object) {
+ $endpoints = $xrds_object->services(array('filter_MatchesAnyOpenIDType'));
+ $endpoints = Auth_OpenID_makeOpenIDEndpoints($this->yadis_url, $endpoints);
+ }
+
+ // make sure there are the same number of endpoints as
+ // URIs. This assumes that the type_uris contains at least one
+ // OpenID type.
+ $this->assertEquals(count($this->uris), count($endpoints),
+ "URI <-> Endpoint count");
+
+ // So that we can check equality on the endpoint types
+ $type_uris = $this->type_uris;
+ sort($type_uris);
+
+
+ $seen_uris = array();
+ foreach ($endpoints as $endpoint) {
+ $seen_uris[] = $endpoint->server_url;
+
+ // All endpoints will have same yadis_url
+ $this->assertEquals($this->yadis_url, $endpoint->claimed_id);
+
+ // and delegate
+ $this->assertEquals($this->local_id, $endpoint->local_id);
+
+ // and types
+ $actual_types = $endpoint->type_uris;
+ sort($actual_types);
+ $this->assertEquals($actual_types, $type_uris);
+ }
+
+ // So that they will compare equal, because we don't care what
+ // order they are in
+ sort($seen_uris);
+ $uris = $this->uris;
+ sort($uris);
+
+ // Make sure we saw all URIs, and saw each one once
+ $this->assertEquals($uris, $seen_uris);
+ }
+}
+
+class Tests_Auth_OpenID_OpenID_Yadis extends PHPUnit_Framework_TestSuite {
+ function Tests_Auth_OpenID_OpenID_Yadis()
+ {
+ global $__data;
+ foreach ($__data as $case) {
+ $this->addTest(new Tests_Auth_OpenID_Tester($case[0], $case[1], $case[2]));
+ }
+ }
+
+ function getName()
+ {
+ return 'Tests_Auth_OpenID_OpenID_Yadis';
+ }
+
+}
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/PAPE.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/PAPE.php
new file mode 100644
index 000000000..d71036d19
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/PAPE.php
@@ -0,0 +1,244 @@
+<?php
+
+require_once "Auth/OpenID/PAPE.php";
+require_once "Auth/OpenID/Message.php";
+require_once "Auth/OpenID/Server.php";
+
+class PapeRequestTestCase extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->req = new Auth_OpenID_PAPE_Request();
+ }
+
+ function test_construct()
+ {
+ $this->assertEquals(array(), $this->req->preferred_auth_policies);
+ $this->assertEquals(null, $this->req->max_auth_age);
+ $this->assertEquals('pape', $this->req->ns_alias);
+
+ $req2 = new Auth_OpenID_PAPE_Request(array(PAPE_AUTH_MULTI_FACTOR), 1000);
+ $this->assertEquals(array(PAPE_AUTH_MULTI_FACTOR), $req2->preferred_auth_policies);
+ $this->assertEquals(1000, $req2->max_auth_age);
+ }
+
+ function test_add_policy_uri()
+ {
+ $this->assertEquals(array(), $this->req->preferred_auth_policies);
+ $this->req->addPolicyURI(PAPE_AUTH_MULTI_FACTOR);
+ $this->assertEquals(array(PAPE_AUTH_MULTI_FACTOR), $this->req->preferred_auth_policies);
+ $this->req->addPolicyURI(PAPE_AUTH_MULTI_FACTOR);
+ $this->assertEquals(array(PAPE_AUTH_MULTI_FACTOR), $this->req->preferred_auth_policies);
+ $this->req->addPolicyURI(PAPE_AUTH_PHISHING_RESISTANT);
+ $this->assertEquals(array(PAPE_AUTH_MULTI_FACTOR, PAPE_AUTH_PHISHING_RESISTANT),
+ $this->req->preferred_auth_policies);
+ $this->req->addPolicyURI(PAPE_AUTH_MULTI_FACTOR);
+ $this->assertEquals(array(PAPE_AUTH_MULTI_FACTOR, PAPE_AUTH_PHISHING_RESISTANT),
+ $this->req->preferred_auth_policies);
+ }
+
+ function test_getExtensionArgs() {
+ $this->assertEquals(array('preferred_auth_policies' => ''), $this->req->getExtensionArgs());
+ $this->req->addPolicyURI('http://uri');
+ $this->assertEquals(array('preferred_auth_policies' => 'http://uri'), $this->req->getExtensionArgs());
+ $this->req->addPolicyURI('http://zig');
+ $this->assertEquals(array('preferred_auth_policies' => 'http://uri http://zig'), $this->req->getExtensionArgs());
+ $this->req->max_auth_age = 789;
+ $this->assertEquals(array('preferred_auth_policies' => 'http://uri http://zig', 'max_auth_age' => '789'), $this->req->getExtensionArgs());
+ }
+
+ function test_parseExtensionArgs() {
+ $args = array('preferred_auth_policies' => 'http://foo http://bar',
+ 'max_auth_age' => '9');
+ $this->req->parseExtensionArgs($args);
+ $this->assertEquals(9, $this->req->max_auth_age);
+ $this->assertEquals(array('http://foo','http://bar'), $this->req->preferred_auth_policies);
+ }
+
+ function test_parseExtensionArgs_empty() {
+ $this->req->parseExtensionArgs(array());
+ $this->assertEquals(null, $this->req->max_auth_age);
+ $this->assertEquals(array(), $this->req->preferred_auth_policies);
+ }
+
+ function test_fromOpenIDRequest() {
+ $openid_req_msg = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'mode' => 'checkid_setup',
+ 'ns' => Auth_OpenID_OPENID2_NS,
+ 'ns.pape' => Auth_OpenID_PAPE_NS_URI,
+ 'pape.preferred_auth_policies' => implode(' ', array(PAPE_AUTH_MULTI_FACTOR, PAPE_AUTH_PHISHING_RESISTANT)),
+ 'pape.max_auth_age' => '5476'
+ ));
+ $oid_req = new Auth_OpenID_Request();
+ $oid_req->message = $openid_req_msg;
+ $req = Auth_OpenID_PAPE_Request::fromOpenIDRequest($oid_req);
+ $this->assertEquals(array(PAPE_AUTH_MULTI_FACTOR, PAPE_AUTH_PHISHING_RESISTANT), $req->preferred_auth_policies);
+ $this->assertEquals(5476, $req->max_auth_age);
+ }
+
+ function test_fromOpenIDRequest_no_pape() {
+ $message = new Auth_OpenID_Message();
+ $openid_req = new Auth_OpenID_Request();
+ $openid_req->message = $message;
+ $pape_req = Auth_OpenID_PAPE_Request::fromOpenIDRequest($openid_req);
+ $this->assertTrue($pape_req === null);
+ }
+
+ function test_preferred_types() {
+ $this->req->addPolicyURI(PAPE_AUTH_PHISHING_RESISTANT);
+ $this->req->addPolicyURI(PAPE_AUTH_MULTI_FACTOR);
+ $pt = $this->req->preferredTypes(array(PAPE_AUTH_MULTI_FACTOR,
+ PAPE_AUTH_MULTI_FACTOR_PHYSICAL));
+ $this->assertEquals(array(PAPE_AUTH_MULTI_FACTOR), $pt);
+ }
+}
+
+class PAPE_DummySuccessResponse {
+ function PAPE_DummySuccessResponse($message, $signed_stuff)
+ {
+ $this->message = $message;
+ $this->signed_stuff = $signed_stuff;
+ }
+
+ function getSignedNS($ns_uri)
+ {
+ return $this->signed_stuff;
+ }
+}
+
+class PapeResponseTestCase extends PHPUnit_Framework_TestCase {
+ function setUp() {
+ $this->req = new Auth_OpenID_PAPE_Response();
+ }
+
+ function test_construct() {
+ $this->assertEquals(array(), $this->req->auth_policies);
+ $this->assertEquals(null, $this->req->auth_time);
+ $this->assertEquals('pape', $this->req->ns_alias);
+ $this->assertEquals(null, $this->req->nist_auth_level);
+
+ $req2 = new Auth_OpenID_PAPE_Response(array(PAPE_AUTH_MULTI_FACTOR),
+ '2001-01-01T04:05:23Z',
+ 3);
+ $this->assertEquals(array(PAPE_AUTH_MULTI_FACTOR), $req2->auth_policies);
+ $this->assertEquals('2001-01-01T04:05:23Z', $req2->auth_time);
+ $this->assertEquals(3, $req2->nist_auth_level);
+ }
+
+ function test_add_policy_uri() {
+ $this->assertEquals(array(), $this->req->auth_policies);
+ $this->req->addPolicyURI(PAPE_AUTH_MULTI_FACTOR);
+ $this->assertEquals(array(PAPE_AUTH_MULTI_FACTOR), $this->req->auth_policies);
+ $this->req->addPolicyURI(PAPE_AUTH_MULTI_FACTOR);
+ $this->assertEquals(array(PAPE_AUTH_MULTI_FACTOR), $this->req->auth_policies);
+ $this->req->addPolicyURI(PAPE_AUTH_PHISHING_RESISTANT);
+ $this->assertEquals(array(PAPE_AUTH_MULTI_FACTOR, PAPE_AUTH_PHISHING_RESISTANT), $this->req->auth_policies);
+ $this->req->addPolicyURI(PAPE_AUTH_MULTI_FACTOR);
+ $this->assertEquals(array(PAPE_AUTH_MULTI_FACTOR, PAPE_AUTH_PHISHING_RESISTANT), $this->req->auth_policies);
+ }
+
+ function test_getExtensionArgs() {
+ $this->assertEquals(array('auth_policies' => 'none'), $this->req->getExtensionArgs());
+ $this->req->addPolicyURI('http://uri');
+ $this->assertEquals(array('auth_policies' => 'http://uri'), $this->req->getExtensionArgs());
+ $this->req->addPolicyURI('http://zig');
+ $this->assertEquals(array('auth_policies' => 'http://uri http://zig'), $this->req->getExtensionArgs());
+ $this->req->auth_time = '2008-03-02T12:34:56Z';
+ $this->assertEquals(array('auth_policies' => 'http://uri http://zig', 'auth_time' => '2008-03-02T12:34:56Z'), $this->req->getExtensionArgs());
+ $this->req->nist_auth_level = 3;
+ $this->assertEquals(array('auth_policies' => 'http://uri http://zig', 'auth_time' => '2008-03-02T12:34:56Z', 'nist_auth_level' => '3'), $this->req->getExtensionArgs());
+ }
+
+ function test_getExtensionArgs_error_auth_age() {
+ $this->req->auth_time = "foo2008-03-02T12:34:56Z";
+ $this->assertEquals(false, $this->req->getExtensionArgs());
+ $this->req->auth_time = "2008-03-02T12:34:56Zbar";
+ $this->assertEquals(false, $this->req->getExtensionArgs());
+ }
+
+ function test_getExtensionArgs_error_nist_auth_level() {
+ $this->req->nist_auth_level = "high as a kite";
+ $this->assertEquals(false, $this->req->getExtensionArgs());
+ $this->req->nist_auth_level = 5;
+ $this->assertEquals(false, $this->req->getExtensionArgs());
+ $this->req->nist_auth_level = -1;
+ $this->assertEquals(false, $this->req->getExtensionArgs());
+ }
+
+ function test_parseExtensionArgs() {
+ $args = array('auth_policies' => 'http://foo http://bar',
+ 'auth_time' => '2008-03-02T12:34:56Z');
+ $this->req->parseExtensionArgs($args);
+ $this->assertEquals('2008-03-02T12:34:56Z', $this->req->auth_time);
+ $this->assertEquals(array('http://foo','http://bar'), $this->req->auth_policies);
+ }
+
+ function test_parseExtensionArgs_empty() {
+ $this->req->parseExtensionArgs(array());
+ $this->assertEquals(null, $this->req->auth_time);
+ $this->assertEquals(array(), $this->req->auth_policies);
+ }
+
+ function test_parseExtensionArgs_strict_bogus1() {
+ $args = array('auth_policies' => 'http://foo http://bar',
+ 'auth_time' => 'yesterday');
+ $this->assertEquals(false, $this->req->parseExtensionArgs($args, true));
+ }
+
+ function test_parseExtensionArgs_strict_bogus2() {
+ $args = array('auth_policies' => 'http://foo http://bar',
+ 'auth_time' => '63',
+ 'nist_auth_level' => 'some');
+ $this->assertEquals(false, $this->req->parseExtensionArgs($args, true));
+ }
+
+ function test_parseExtensionArgs_strict_good() {
+ $args = array('auth_policies' => 'http://foo http://bar',
+ 'auth_time' => '2008-03-02T12:34:56Z',
+ 'nist_auth_level' => '0');
+ $this->req->parseExtensionArgs($args, true);
+ $this->assertEquals(array('http://foo','http://bar'), $this->req->auth_policies);
+ $this->assertEquals('2008-03-02T12:34:56Z', $this->req->auth_time);
+ $this->assertEquals(0, $this->req->nist_auth_level);
+ }
+
+ function test_parseExtensionArgs_nostrict_bogus() {
+ $args = array('auth_policies' => 'http://foo http://bar',
+ 'auth_time' => 'the other day',
+ 'nist_auth_level' => 'some');
+ $this->req->parseExtensionArgs($args);
+ $this->assertEquals(array('http://foo','http://bar'), $this->req->auth_policies);
+ $this->assertEquals(null, $this->req->auth_time);
+ $this->assertEquals(null, $this->req->nist_auth_level);
+ }
+
+ function test_fromSuccessResponse() {
+ $openid_req_msg = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'mode' => 'id_res',
+ 'ns' => Auth_OpenID_OPENID2_NS,
+ 'ns.pape' => Auth_OpenID_PAPE_NS_URI,
+ 'auth_policies' => implode(' ', array(PAPE_AUTH_MULTI_FACTOR, PAPE_AUTH_PHISHING_RESISTANT)),
+ 'auth_time' => '2008-03-02T12:34:56Z'
+ ));
+ $signed_stuff = array(
+ 'auth_policies' => implode(' ', array(PAPE_AUTH_MULTI_FACTOR, PAPE_AUTH_PHISHING_RESISTANT)),
+ 'auth_time' => '2008-03-02T12:34:56Z'
+ );
+ $oid_req = new PAPE_DummySuccessResponse($openid_req_msg, $signed_stuff);
+ $req = Auth_OpenID_PAPE_Response::fromSuccessResponse($oid_req);
+ $this->assertEquals(array(PAPE_AUTH_MULTI_FACTOR, PAPE_AUTH_PHISHING_RESISTANT), $req->auth_policies);
+ $this->assertEquals('2008-03-02T12:34:56Z', $req->auth_time);
+ }
+}
+
+class Tests_Auth_OpenID_PAPE extends PHPUnit_Framework_TestSuite {
+ function getName() {
+ return "Tests_Auth_OpenID_PAPE";
+ }
+
+ function Tests_Auth_OpenID_PAPE() {
+ $this->addTestSuite('PapeRequestTestCase');
+ $this->addTestSuite('PapeResponseTestCase');
+ }
+}
+
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/Parse.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Parse.php
new file mode 100644
index 000000000..b0e03508e
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Parse.php
@@ -0,0 +1,185 @@
+<?php
+
+/**
+ * Tests for the Consumer parsing functions.
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2005-2008 Janrain, Inc.
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+require_once 'Tests/Auth/OpenID/TestUtil.php';
+require_once 'Auth/OpenID/Parse.php';
+
+class Tests_Auth_OpenID_Link extends PHPUnit_Framework_TestCase {
+ function Tests_Auth_OpenID_Link($case)
+ {
+ list($desc, $markup, $links, $case_text) = $case;
+ $this->desc = $desc;
+ $this->markup = $markup;
+ $this->expected_links = $links;
+ $this->case_text = $case_text;
+ $this->parser = new Auth_OpenID_Parse();
+ }
+
+ function getName()
+ {
+ return $this->desc;
+ }
+
+ function runTest()
+ {
+ $parsed = $this->parser->parseLinkAttrs($this->markup);
+ $i = 0;
+
+ foreach ($this->expected_links as $expected) {
+ list($is_optional_link, $expected_link) = $expected;
+ if ($is_optional_link &&
+ ($i >= count($parsed))) {
+ continue;
+ }
+
+ if (count($parsed) <= $i) {
+ $i++;
+ continue;
+ }
+
+ $act_link = $parsed[$i];
+
+ $increment = true;
+ foreach ($expected_link as $attr => $data) {
+ list($is_optional_attr, $value) = $data;
+
+ if ($is_optional_attr) {
+ $actual_value = null;
+ if (array_key_exists($attr, $act_link)) {
+ $actual_value = $act_link[$attr];
+ } else {
+ continue;
+ }
+ } else {
+ $actual_value = $act_link[$attr];
+ }
+
+ if ($is_optional_link &&
+ ($value != $actual_value)) {
+ $increment = false;
+ break;
+ }
+
+ $this->assertEquals($value, $actual_value);
+ }
+
+ if ($increment) {
+ $i++;
+ }
+ }
+
+ $this->assertEquals($i, count($parsed));
+ }
+}
+
+class NumTestCases extends PHPUnit_Framework_TestCase {
+ function NumTestCases($test_cases, $num_tests)
+ {
+ $this->test_cases = $test_cases;
+ $this->num_tests = $num_tests;
+ }
+
+ function runTest()
+ {
+ $this->assertEquals(count($this->test_cases),
+ $this->num_tests);
+ }
+}
+
+class Tests_Auth_OpenID_Parse extends PHPUnit_Framework_TestSuite {
+
+ function getName()
+ {
+ return "Tests_Auth_OpenID_Parse";
+ }
+
+ function _parseCheck($cond, $where)
+ {
+ if (!$cond) {
+ trigger_error('Parse error in ' . $where, E_USER_ERROR);
+ }
+ }
+
+ function parseLink($line)
+ {
+ $parts = explode(" ", $line);
+ $optional = intval($parts[0] == 'Link*:');
+ $this->_parseCheck($optional || ($parts[0] == 'Link:'), __FUNCTION__);
+
+ $attrs = array();
+ foreach (array_slice($parts, 1) as $attr) {
+ list($k, $v) = explode("=", $attr, 2);
+ if ($k[strlen($k) - 1] == '*') {
+ $attr_optional = 1;
+ $k = substr($k, 0, strlen($k) - 1);
+ } else {
+ $attr_optional = 0;
+ }
+
+ $attrs[$k] = array($attr_optional, $v);
+ }
+
+ return array($optional, $attrs);
+ }
+
+ function parseCase($s)
+ {
+ list($header, $markup) = explode("\n\n", $s, 2);
+ $lines = explode("\n", $header);
+ $name = array_shift($lines);
+ $this->_parseCheck(strpos($name, 'Name: ') == 0, __FUNCTION__);
+ $desc = substr($name, 6);
+ $parsed = array();
+ foreach ($lines as $line) {
+ $parsed[] = $this->parseLink($line);
+ }
+
+ return array($desc, $markup, $parsed);
+ }
+
+ function parseTests($s)
+ {
+ $tests = array();
+
+ $cases = explode("\n\n\n", $s);
+ $header = array_shift($cases);
+ list($tests_line, $unused) = explode("\n", $header, 2);
+ list($k, $v) = explode(": ", $tests_line);
+ $this->_parseCheck(('Num Tests' == $k), __FUNCTION__);
+ $num_tests = intval($v);
+
+ foreach (array_slice($cases, 0, count($cases) - 1) as $case) {
+ list($desc, $markup, $links) = $this->parseCase($case);
+ $tests[] = array($desc, $markup, $links, $case);
+ }
+
+ return array($num_tests, $tests);
+ }
+
+ function Tests_Auth_OpenID_Parse()
+ {
+ $test_data = Tests_Auth_OpenID_readdata('linkparse.txt');
+
+ list($num_tests, $test_cases) = $this->parseTests($test_data);
+
+ $this->addTest(new NumTestCases($test_cases, $num_tests));
+
+ foreach ($test_cases as $case) {
+ $this->addTest(new Tests_Auth_OpenID_Link($case));
+ }
+ }
+}
+
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/RPVerify.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/RPVerify.php
new file mode 100644
index 000000000..1482af4c4
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/RPVerify.php
@@ -0,0 +1,293 @@
+<?php
+
+/*
+ * Unit tests for verification of return_to URLs for a realm.
+ */
+
+require_once 'Auth/OpenID/Discover.php';
+require_once 'Auth/OpenID/TrustRoot.php';
+
+require_once 'Auth/Yadis/Yadis.php';
+
+/*
+ * Tests for building the discovery URL from a realm and a return_to
+ * URL
+ */
+class Tests_Auth_OpenID_BuildDiscoveryURL extends PHPUnit_Framework_TestCase {
+ /*
+ * Build a discovery URL out of the realm and a return_to and make
+ * sure that it matches the expected discovery URL
+ */
+ function failUnlessDiscoURL($realm, $expected_discovery_url)
+ {
+ $actual_discovery_url = Auth_OpenID_TrustRoot::buildDiscoveryURL($realm);
+ $this->assertEquals($expected_discovery_url, $actual_discovery_url);
+ }
+
+ /*
+ * There is no wildcard and the realm is the same as the return_to
+ * URL
+ */
+ function test_trivial()
+ {
+ $this->failUnlessDiscoURL('http://example.com/foo',
+ 'http://example.com/foo');
+ }
+
+ /*
+ * There is a wildcard
+ */
+ function test_wildcard()
+ {
+ $this->failUnlessDiscoURL('http://*.example.com/foo',
+ 'http://www.example.com/foo');
+ }
+}
+
+class _MockDiscover {
+ function _MockDiscover($data) {
+ $this->data =& $data;
+ }
+
+ function mockDiscover($uri, $fetcher, $discover_function=null)
+ {
+ $result = new Auth_Yadis_DiscoveryResult($uri);
+ $result->response_text = $this->data;
+ $result->normalized_uri = $uri;
+ return $result;
+ }
+}
+
+class Tests_Auth_OpenID_ExtractReturnToURLs extends PHPUnit_Framework_TestCase {
+ var $disco_url = 'http://example.com/';
+
+ function failUnlessXRDSHasReturnURLs($data, $expected_return_urls)
+ {
+ $discover_object = new _MockDiscover($data);
+ $actual_return_urls = Auth_OpenID_getAllowedReturnURLs($this->disco_url, null, array($discover_object, 'mockDiscover'));
+
+ $this->assertEquals($expected_return_urls, $actual_return_urls);
+ }
+
+ function failUnlessDiscoveryFailure($text)
+ {
+ $discover_object = new _MockDiscover($text);
+ $this->assertFalse(Auth_OpenID_getAllowedReturnURLs($this->disco_url, null, array($discover_object, 'mockDiscover')));
+ }
+
+ function test_empty()
+ {
+ $this->failUnlessDiscoveryFailure('');
+ }
+
+ function test_badXML()
+ {
+ $this->failUnlessDiscoveryFailure('>');
+ }
+
+ function test_noEntries()
+ {
+ $this->failUnlessXRDSHasReturnURLs('<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)"
+ >
+ <XRD>
+ </XRD>
+</xrds:XRDS>
+', array());
+ }
+
+ function test_noReturnToEntries()
+ {
+ $this->failUnlessXRDSHasReturnURLs('<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)"
+ >
+ <XRD>
+ <Service priority="10">
+ <Type>http://specs.openid.net/auth/2.0/server</Type>
+ <URI>http://www.myopenid.com/server</URI>
+ </Service>
+ </XRD>
+</xrds:XRDS>
+', array());
+ }
+
+ function test_oneEntry()
+ {
+ $this->failUnlessXRDSHasReturnURLs('<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)"
+ >
+ <XRD>
+ <Service>
+ <Type>http://specs.openid.net/auth/2.0/return_to</Type>
+ <URI>http://rp.example.com/return</URI>
+ </Service>
+ </XRD>
+</xrds:XRDS>
+', array('http://rp.example.com/return'));
+ }
+
+ function test_twoEntries()
+ {
+ $this->failUnlessXRDSHasReturnURLs('<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)"
+ >
+ <XRD>
+ <Service priority="0">
+ <Type>http://specs.openid.net/auth/2.0/return_to</Type>
+ <URI>http://rp.example.com/return</URI>
+ </Service>
+ <Service priority="1">
+ <Type>http://specs.openid.net/auth/2.0/return_to</Type>
+ <URI>http://other.rp.example.com/return</URI>
+ </Service>
+ </XRD>
+</xrds:XRDS>
+', array('http://rp.example.com/return',
+ 'http://other.rp.example.com/return'));
+ }
+
+ function test_twoEntries_withOther()
+ {
+ $this->failUnlessXRDSHasReturnURLs('<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)"
+ >
+ <XRD>
+ <Service priority="0">
+ <Type>http://specs.openid.net/auth/2.0/return_to</Type>
+ <URI>http://rp.example.com/return</URI>
+ </Service>
+ <Service priority="1">
+ <Type>http://specs.openid.net/auth/2.0/return_to</Type>
+ <URI>http://other.rp.example.com/return</URI>
+ </Service>
+ <Service priority="0">
+ <Type>http://example.com/LOLCATS</Type>
+ <URI>http://example.com/invisible+uri</URI>
+ </Service>
+ </XRD>
+</xrds:XRDS>
+', array('http://rp.example.com/return',
+ 'http://other.rp.example.com/return'));
+ }
+}
+
+class Tests_Auth_OpenID_ReturnToMatches extends PHPUnit_Framework_TestCase {
+ function test_noEntries()
+ {
+ $this->assertFalse(Auth_OpenID_returnToMatches(array(), 'anything'));
+ }
+
+ function test_exactMatch()
+ {
+ $r = 'http://example.com/return.to';
+ $this->assertTrue(Auth_OpenID_returnToMatches(array($r), $r));
+ }
+
+ function test_garbageMatch()
+ {
+ $r = 'http://example.com/return.to';
+ $this->assertTrue(Auth_OpenID_returnToMatches(
+ array('This is not a URL at all. In fact, it has characters, ' .
+ 'like "<" that are not allowed in URLs', $r), $r));
+ }
+
+ function test_descendant()
+ {
+ $r = 'http://example.com/return.to';
+ $this->assertTrue(Auth_OpenID_returnToMatches(array($r),
+ 'http://example.com/return.to/user:joe'));
+ }
+
+ function test_wildcard()
+ {
+ $this->assertFalse(Auth_OpenID_returnToMatches(
+ array('http://*.example.com/return.to'),
+ 'http://example.com/return.to'));
+ }
+
+ function test_noMatch()
+ {
+ $r = 'http://example.com/return.to';
+ $this->assertFalse(Auth_OpenID_returnToMatches(array($r),
+ 'http://example.com/xss_exploit'));
+ }
+}
+
+class Verifier {
+ function Verifier($test_case, $return_to)
+ {
+ $this->tc =& $test_case;
+ $this->return_to = $return_to;
+ }
+
+ function verify($disco_url)
+ {
+ $this->tc->assertEquals('http://www.example.com/', $disco_url);
+
+ if ($this->return_to === false) {
+ return false;
+ } else {
+ return array($this->return_to);
+ }
+ }
+}
+
+class Tests_Auth_OpenID_VerifyReturnTo extends PHPUnit_Framework_TestCase {
+
+ function test_bogusRealm()
+ {
+ $this->assertFalse(Auth_OpenID_verifyReturnTo('', 'http://example.com/', null));
+ }
+
+ function test_verifyWithDiscoveryCalled()
+ {
+ $realm = 'http://*.example.com/';
+ $return_to = 'http://www.example.com/foo';
+
+ $v = new Verifier($this, $return_to);
+
+ $this->assertTrue(Auth_OpenID_verifyReturnTo($realm, $return_to, null, array($v, 'verify')));
+ }
+
+ function test_verifyFailWithDiscoveryCalled()
+ {
+ $realm = 'http://*.example.com/';
+ $return_to = 'http://www.example.com/foo';
+
+ $v = new Verifier($this, 'http://something-else.invalid/');
+
+ $this->assertFalse(Auth_OpenID_verifyReturnTo($realm, $return_to, null, array($v, 'verify')));
+ }
+
+ function test_verifyFailIfDiscoveryRedirects()
+ {
+ $realm = 'http://*.example.com/';
+ $return_to = 'http://www.example.com/foo';
+
+ $v = new Verifier($this, false);
+
+ $this->assertFalse(Auth_OpenID_verifyReturnTo($realm, $return_to, null, array($v, 'verify')));
+ }
+}
+
+class Tests_Auth_OpenID_RPVerify extends PHPUnit_Framework_TestSuite {
+ function getName()
+ {
+ return "Tests_Auth_OpenID_RPVerify";
+ }
+
+ function Tests_Auth_OpenID_RPVerify()
+ {
+ $this->addTestSuite('Tests_Auth_OpenID_VerifyReturnTo');
+ $this->addTestSuite('Tests_Auth_OpenID_ReturnToMatches');
+ $this->addTestSuite('Tests_Auth_OpenID_ExtractReturnToURLs');
+ $this->addTestSuite('Tests_Auth_OpenID_BuildDiscoveryURL');
+ }
+}
+
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/SReg.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/SReg.php
new file mode 100644
index 000000000..db5cd5183
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/SReg.php
@@ -0,0 +1,672 @@
+<?php
+
+/**
+ * SReg.php testing code.
+ */
+
+require_once 'Auth/OpenID/SReg.php';
+require_once 'Auth/OpenID/Message.php';
+require_once 'Auth/OpenID/Server.php';
+
+class SRegURITest extends PHPUnit_Framework_TestCase {
+ function test_is11()
+ {
+ $this->assertEquals(Auth_OpenID_SREG_NS_URI_1_1,
+ Auth_OpenID_SREG_NS_URI);
+ }
+}
+
+class CheckFieldNameTest extends PHPUnit_Framework_TestCase {
+ function test_goodNamePasses()
+ {
+ global $Auth_OpenID_sreg_data_fields;
+
+ foreach ($Auth_OpenID_sreg_data_fields as $field_name => $desc) {
+ $this->assertTrue(Auth_OpenID_checkFieldName($field_name));
+ }
+ }
+
+ function test_badNameFails()
+ {
+ $this->assertfalse(Auth_OpenID_checkFieldName('INVALID'));
+ }
+
+ function test_badTypeFails()
+ {
+ $this->assertfalse(Auth_OpenID_checkFieldName(null));
+ }
+}
+
+// For supportsSReg test
+class FakeEndpoint {
+ function FakeEndpoint($supported)
+ {
+ $this->supported = $supported;
+ $this->checked_uris = array();
+ }
+
+ function usesExtension($namespace_uri)
+ {
+ $this->checked_uris[] = $namespace_uri;
+ return in_array($namespace_uri, $this->supported);
+ }
+}
+
+class SupportsSRegTest extends PHPUnit_Framework_TestCase {
+ function test_unsupported()
+ {
+ $endpoint = new FakeEndpoint(array());
+ $this->assertfalse(Auth_OpenID_supportsSReg($endpoint));
+ $this->assertEquals(array(Auth_OpenID_SREG_NS_URI_1_1,
+ Auth_OpenID_SREG_NS_URI_1_0),
+ $endpoint->checked_uris);
+ }
+
+ function test_supported_1_1()
+ {
+ $endpoint = new FakeEndpoint(array(Auth_OpenID_SREG_NS_URI_1_1));
+ $this->assertTrue(Auth_OpenID_supportsSReg($endpoint));
+ $this->assertEquals(array(Auth_OpenID_SREG_NS_URI_1_1),
+ $endpoint->checked_uris);
+ }
+
+ function test_supported_1_0()
+ {
+ $endpoint = new FakeEndpoint(array(Auth_OpenID_SREG_NS_URI_1_0));
+ $this->assertTrue(Auth_OpenID_supportsSReg($endpoint));
+ $this->assertEquals(array(Auth_OpenID_SREG_NS_URI_1_1,
+ Auth_OpenID_SREG_NS_URI_1_0),
+ $endpoint->checked_uris);
+ }
+}
+
+class FakeMessage {
+ function FakeMessage()
+ {
+ $this->openid1 = false;
+ $this->namespaces = new Auth_OpenID_NamespaceMap();
+ }
+
+ function isOpenID1()
+ {
+ return $this->openid1;
+ }
+}
+
+class GetNSTest extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->msg = new FakeMessage();
+ }
+
+ function test_openID2Empty()
+ {
+ $ns_uri = Auth_OpenID_SRegBase::_getSRegNS($this->msg);
+ $this->assertEquals($this->msg->namespaces->getAlias($ns_uri), 'sreg');
+ $this->assertEquals(Auth_OpenID_SREG_NS_URI, $ns_uri);
+ }
+
+ function test_openID1Empty()
+ {
+ $this->msg->openid1 = true;
+ $ns_uri = Auth_OpenID_SRegBase::_getSRegNS($this->msg);
+ $this->assertEquals($this->msg->namespaces->getAlias($ns_uri), 'sreg');
+ $this->assertEquals(Auth_OpenID_SREG_NS_URI, $ns_uri);
+ }
+
+ function test_openID1Defined_1_0()
+ {
+ $this->msg->openid1 = true;
+ $this->msg->namespaces->add(Auth_OpenID_SREG_NS_URI_1_0);
+ $ns_uri = Auth_OpenID_SRegBase::_getSRegNS($this->msg);
+ $this->assertEquals(Auth_OpenID_SREG_NS_URI_1_0, $ns_uri);
+ }
+
+ function test_openID1Defined_1_0_overrideAlias()
+ {
+ foreach (array(true, false) as $openid_version) {
+ foreach (array(Auth_OpenID_SREG_NS_URI_1_0,
+ Auth_OpenID_SREG_NS_URI_1_1) as $sreg_version) {
+ foreach (array('sreg', 'bogus') as $alias) {
+ $this->setUp();
+
+ $this->msg->openid1 = $openid_version;
+ $this->assertTrue($this->msg->namespaces->addAlias($sreg_version, $alias) !== null);
+ $ns_uri = Auth_OpenID_SRegBase::_getSRegNS($this->msg);
+ $this->assertEquals($this->msg->namespaces->getAlias($ns_uri), $alias);
+ $this->assertEquals($sreg_version, $ns_uri);
+ }
+ }
+ }
+ }
+
+ function test_openID1DefinedBadly()
+ {
+ $this->msg->openid1 = true;
+ $this->msg->namespaces->addAlias('http://invalid/', 'sreg');
+ $this->assertTrue(Auth_OpenID_SRegBase::_getSRegNS($this->msg) === null);
+ }
+
+ function test_openID2DefinedBadly()
+ {
+ $this->msg->openid1 = false;
+ $this->msg->namespaces->addAlias('http://invalid/', 'sreg');
+ $this->assertTrue(Auth_OpenID_SRegBase::_getSRegNS($this->msg) === null);
+ }
+
+ function test_openID2Defined_1_0()
+ {
+ $this->msg->namespaces->add(Auth_OpenID_SREG_NS_URI_1_0);
+ $ns_uri = Auth_OpenID_SRegBase::_getSRegNS($this->msg);
+ $this->assertEquals(Auth_OpenID_SREG_NS_URI_1_0, $ns_uri);
+ }
+
+ function test_openID1_sregNSfromArgs()
+ {
+ $args = array(
+ 'sreg.optional' => 'nickname',
+ 'sreg.required' => 'dob');
+
+ $m = Auth_OpenID_Message::fromOpenIDArgs($args);
+
+ $this->assertTrue($m->getArg(Auth_OpenID_SREG_NS_URI_1_1, 'optional') == 'nickname');
+ $this->assertTrue($m->getArg(Auth_OpenID_SREG_NS_URI_1_1, 'required') == 'dob');
+ }
+}
+
+global $__args_sentinel;
+global $__ns_sentinel;
+$__args_sentinel = 'args_sentinel';
+$__ns_sentinel = 'ns_sentinel';
+
+class SentinelFakeMessage {
+ function SentinelFakeMessage($test_case)
+ {
+ $this->test_case =& $test_case;
+ $this->message = new Auth_OpenID_Message();
+ }
+
+ function getArgs($ns_uri)
+ {
+ global $__ns_sentinel, $__args_sentinel;
+ $this->test_case->assertEquals($__ns_sentinel, $ns_uri);
+ return $__args_sentinel;
+ }
+}
+
+// XXX Ugly hack. Thanks, PHP.
+global $__TestingReq_TEST_CASE;
+$__TestingReq_TEST_CASE = "FLUB";
+
+function __setTestCase($thing) {
+ global $__TestingReq_TEST_CASE;
+ $__TestingReq_TEST_CASE = $thing;
+}
+
+function &__getTestCase() {
+ global $__TestingReq_TEST_CASE;
+ return $__TestingReq_TEST_CASE;
+}
+
+class TestingReq extends Auth_OpenID_SRegRequest {
+ static function fromOpenIDRequest($thing, $test_case)
+ {
+ __setTestCase($test_case);
+ $obj = parent::fromOpenIDRequest($thing, 'TestingReq');
+ return $obj;
+ }
+
+ static function _getSRegNS($unused)
+ {
+ global $__ns_sentinel;
+ return $__ns_sentinel;
+ }
+
+ function parseExtensionArgs($args)
+ {
+ global $__args_sentinel;
+ $tc =& __getTestCase();
+ $tc->assertEquals($__args_sentinel, $args);
+ }
+}
+
+class SRegRequestTest extends PHPUnit_Framework_TestCase {
+ function test_constructEmpty()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertEquals(array(), $req->optional);
+ $this->assertEquals(array(), $req->required);
+ $this->assertEquals(null, $req->policy_url);
+ $this->assertEquals(Auth_OpenID_SREG_NS_URI, $req->ns_uri);
+ }
+
+ function test_constructFields()
+ {
+ $req = Auth_OpenID_SRegRequest::build(
+ array('nickname'),
+ array('gender'),
+ 'http://policy',
+ 'http://sreg.ns_uri');
+ $this->assertEquals(array('gender'), $req->optional);
+ $this->assertEquals(array('nickname'), $req->required);
+ $this->assertEquals('http://policy', $req->policy_url);
+ $this->assertEquals('http://sreg.ns_uri', $req->ns_uri);
+ }
+
+ function test_constructBadFields()
+ {
+ $this->assertTrue(Auth_OpenID_SRegRequest::build(array('elvis')) === null);
+ }
+
+ function test_fromOpenIDResponse()
+ {
+ $openid_req = new Auth_OpenID_Request();
+
+ $msg = new SentinelFakeMessage($this);
+ $openid_req->message =& $msg;
+
+ $req = TestingReq::fromOpenIDRequest($openid_req, $this);
+ $this->assertTrue(is_a($req, 'TestingReq'));
+ }
+
+ function test_parseExtensionArgs_empty()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertTrue($req->parseExtensionArgs(array()));
+ }
+
+ function test_parseExtensionArgs_extraIgnored()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertTrue($req->parseExtensionArgs(array('janrain' => 'inc')));
+ }
+
+ function test_parseExtensionArgs_nonStrict()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertTrue($req->parseExtensionArgs(array('required' => 'beans')));
+ $this->assertEquals(array(), $req->required);
+ }
+
+ function test_parseExtensionArgs_strict()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertFalse($req->parseExtensionArgs(array('required' => 'beans'),
+ true));
+ }
+
+ function test_parseExtensionArgs_policy()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertTrue($req->parseExtensionArgs(
+ array('policy_url' => 'http://policy'), true));
+ $this->assertEquals('http://policy', $req->policy_url);
+ }
+
+ function test_parseExtensionArgs_requiredEmpty()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertTrue($req->parseExtensionArgs(array('required' => ''), true));
+ $this->assertEquals(array(), $req->required);
+ }
+
+ function test_parseExtensionArgs_optionalEmpty()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertTrue($req->parseExtensionArgs(array('optional' => ''), true));
+ $this->assertEquals(array(), $req->optional);
+ }
+
+ function test_parseExtensionArgs_optionalSingle()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertTrue($req->parseExtensionArgs(array('optional' => 'nickname'), true));
+ $this->assertEquals(array('nickname'), $req->optional);
+ }
+
+ function test_parseExtensionArgs_optionalList()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertTrue($req->parseExtensionArgs(array('optional' => 'nickname,email'), true));
+ $this->assertEquals(array('nickname','email'), $req->optional);
+ }
+
+ function test_parseExtensionArgs_optionalListBadNonStrict()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertTrue($req->parseExtensionArgs(array('optional' => 'nickname,email,beer')));
+ $this->assertEquals(array('nickname','email'), $req->optional);
+ }
+
+ function test_parseExtensionArgs_optionalListBadStrict()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertFalse($req->parseExtensionArgs(array('optional' => 'nickname,email,beer'),
+ true));
+ }
+
+ function test_parseExtensionArgs_bothNonStrict()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertTrue($req->parseExtensionArgs(array('optional' => 'nickname',
+ 'required' => 'nickname')));
+ $this->assertEquals(array(), $req->optional);
+ $this->assertEquals(array('nickname'), $req->required);
+ }
+
+ function test_parseExtensionArgs_bothStrict()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertFalse($req->parseExtensionArgs(
+ array('optional' => 'nickname',
+ 'required' => 'nickname'),
+ true));
+ }
+
+ function test_parseExtensionArgs_bothList()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertTrue($req->parseExtensionArgs(array('optional' => 'nickname,email',
+ 'required' => 'country,postcode'),
+ true));
+ $this->assertEquals(array('nickname','email'), $req->optional);
+ $this->assertEquals(array('country','postcode'), $req->required);
+ }
+
+ function test_allRequestedFields()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertEquals(array(), $req->allRequestedFields());
+ $req->requestField('nickname');
+ $this->assertEquals(array('nickname'), $req->allRequestedFields());
+ $req->requestField('gender', true);
+ $requested = $req->allRequestedFields();
+ sort($requested);
+ $this->assertEquals(array('gender', 'nickname'), $requested);
+ }
+
+ function test_wereFieldsRequested()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertFalse($req->wereFieldsRequested());
+ $req->requestField('gender');
+ $this->assertTrue($req->wereFieldsRequested());
+ }
+
+ function test_contains()
+ {
+ global $Auth_OpenID_sreg_data_fields;
+
+ $req = Auth_OpenID_SRegRequest::build();
+ foreach ($Auth_OpenID_sreg_data_fields as $field_name => $desc) {
+ $this->assertFalse($req->contains($field_name));
+ }
+
+ $this->assertFalse($req->contains('something else'));
+
+ $req->requestField('nickname');
+ foreach ($Auth_OpenID_sreg_data_fields as $field_name => $desc) {
+ if ($field_name == 'nickname') {
+ $this->assertTrue($req->contains($field_name));
+ } else {
+ $this->assertFalse($req->contains($field_name));
+ }
+ }
+ }
+
+ function test_requestField_bogus()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertFalse($req->requestField('something else'));
+ $this->assertFalse($req->requestField('something else', true));
+ }
+
+ function test_requestField()
+ {
+ global $Auth_OpenID_sreg_data_fields;
+
+ // Add all of the fields, one at a time
+ $req = Auth_OpenID_SRegRequest::build();
+ $fields = array_keys($Auth_OpenID_sreg_data_fields);
+ foreach ($fields as $field_name) {
+ $req->requestField($field_name);
+ }
+
+ $this->assertEquals($fields, $req->optional);
+ $this->assertEquals(array(), $req->required);
+
+ // By default, adding the same fields over again has no effect
+ foreach ($fields as $field_name) {
+ $req->requestField($field_name);
+ }
+
+ $this->assertEquals($fields, $req->optional);
+ $this->assertEquals(array(), $req->required);
+
+ // Requesting a field as required overrides requesting it as
+ // optional
+ $expected = $fields;
+ $overridden = array_pop($expected);
+
+ $this->assertTrue($req->requestField($overridden, true));
+
+ $this->assertEquals($expected, $req->optional);
+ $this->assertEquals(array($overridden), $req->required);
+
+ // Requesting a field as required overrides requesting it as
+ // optional
+ foreach ($fields as $field_name) {
+ $this->assertTrue($req->requestField($field_name, true));
+ }
+
+ $this->assertEquals(array(), $req->optional);
+ foreach ($fields as $f) {
+ $this->assertTrue(in_array($f, $req->required));
+ }
+
+ // Requesting it as optional does not downgrade it to optional
+ foreach ($fields as $field_name) {
+ $req->requestField($field_name);
+ }
+
+ $this->assertEquals(array(), $req->optional);
+
+ foreach ($fields as $f) {
+ $this->assertTrue(in_array($f, $req->required));
+ }
+ }
+
+ function test_requestFields_type()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertFalse($req->requestFields('nickname'));
+ }
+
+ function test_requestFields()
+ {
+ global $Auth_OpenID_sreg_data_fields;
+
+ // Add all of the fields
+ $req = Auth_OpenID_SRegRequest::build();
+
+ $fields = array_keys($Auth_OpenID_sreg_data_fields);
+ $req->requestFields($fields);
+
+ $this->assertEquals($fields, $req->optional);
+ $this->assertEquals(array(), $req->required);
+
+ // By default, adding the same fields over again has no effect
+ $req->requestFields($fields);
+
+ $this->assertEquals($fields, $req->optional);
+ $this->assertEquals(array(), $req->required);
+
+ // Requesting a field as required overrides requesting it as
+ // optional
+ $expected = $fields;
+ $overridden = array_shift($expected);
+ $req->requestFields(array($overridden), true);
+
+ foreach ($expected as $f) {
+ $this->assertTrue(in_array($f, $req->optional));
+ }
+
+ $this->assertEquals(array($overridden), $req->required);
+
+ // Requesting a field as required overrides requesting it as
+ // optional
+ $req->requestFields($fields, true);
+
+ $this->assertEquals(array(), $req->optional);
+ $this->assertEquals($fields, $req->required);
+
+ // Requesting it as optional does not downgrade it to optional
+ $req->requestFields($fields);
+
+ $this->assertEquals(array(), $req->optional);
+ $this->assertEquals($fields, $req->required);
+ }
+
+ function test_getExtensionArgs()
+ {
+ $req = Auth_OpenID_SRegRequest::build();
+ $this->assertEquals(array(), $req->getExtensionArgs());
+
+ $this->assertTrue($req->requestField('nickname'));
+ $this->assertEquals(array('optional' => 'nickname'),
+ $req->getExtensionArgs());
+
+ $this->assertTrue($req->requestField('email'));
+ $this->assertEquals(array('optional' => 'nickname,email'),
+ $req->getExtensionArgs());
+
+ $this->assertTrue($req->requestField('gender', true));
+ $this->assertEquals(array('optional' => 'nickname,email',
+ 'required' => 'gender'),
+ $req->getExtensionArgs());
+
+ $this->assertTrue($req->requestField('postcode', true));
+ $this->assertEquals(array('optional' => 'nickname,email',
+ 'required' => 'gender,postcode'),
+ $req->getExtensionArgs());
+
+ $req->policy_url = 'http://policy.invalid/';
+ $this->assertEquals(array('optional' => 'nickname,email',
+ 'required' => 'gender,postcode',
+ 'policy_url' => 'http://policy.invalid/'),
+ $req->getExtensionArgs());
+ }
+}
+
+class DummySuccessResponse {
+ function DummySuccessResponse($message, $signed_stuff)
+ {
+ $this->message = $message;
+ $this->signed_stuff = $signed_stuff;
+ }
+
+ function getSignedNS($ns_uri)
+ {
+ return $this->signed_stuff;
+ }
+}
+
+class SRegResponseTest extends PHPUnit_Framework_TestCase {
+ function test_fromSuccessResponse_signed()
+ {
+ $message = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'sreg.nickname' => 'The Mad Stork',
+ ));
+ $success_resp = new DummySuccessResponse($message, array());
+ $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($success_resp);
+ $this->assertTrue(count($sreg_resp->contents()) === 0);
+ }
+
+ function test_fromSuccessResponse_unsigned()
+ {
+ $message = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'sreg.nickname' => 'The Mad Stork',
+ ));
+
+ $success_resp = new DummySuccessResponse($message, array());
+ $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($success_resp,
+ false);
+
+ $this->assertEquals(array('nickname' => 'The Mad Stork'),
+ $sreg_resp->contents());
+ }
+}
+
+class SendFieldsTest extends PHPUnit_Framework_TestCase {
+ function _test($uri)
+ {
+ // Create a request message with simple registration fields
+ $sreg_req = Auth_OpenID_SRegRequest::build(array('nickname', 'email'),
+ array('fullname'));
+ $req_msg = new Auth_OpenID_Message($uri);
+ $req_msg->updateArgs(Auth_OpenID_SREG_NS_URI,
+ $sreg_req->getExtensionArgs());
+
+ $req = new Auth_OpenID_Request();
+ $req->message =& $req_msg;
+ $req->namespace = $req_msg->getOpenIDNamespace();
+
+ // -> send checkid_* request
+
+ // Create an empty response message
+ $resp_msg = new Auth_OpenID_Message($uri);
+ $resp = new Auth_OpenID_ServerResponse($req);
+ $resp->fields = $resp_msg;
+
+ $data = array(
+ 'nickname' => 'linusaur',
+ 'postcode' => '12345',
+ 'country' => 'US',
+ 'gender' => 'M',
+ 'fullname' => 'Leonhard Euler',
+ 'email' => 'president@whitehouse.gov',
+ 'dob' => '0000-00-00',
+ 'language' => 'en-us');
+
+ // Put the requested data fields in the response message
+ $sreg_resp = Auth_OpenID_SRegResponse::extractResponse($sreg_req, $data);
+ $resp->addExtension($sreg_resp);
+
+ // <- send id_res response
+
+ // Extract the fields that were sent
+ $sreg_data_resp = $resp->fields->getArgs(Auth_OpenID_SREG_NS_URI);
+ $this->assertEquals(
+ array('nickname' => 'linusaur',
+ 'email' => 'president@whitehouse.gov',
+ 'fullname' => 'Leonhard Euler'),
+ $sreg_data_resp);
+ }
+
+ function test()
+ {
+ foreach (array(Auth_OpenID_OPENID1_NS,
+ Auth_OpenID_OPENID2_NS) as $uri) {
+ $this->_test($uri);
+ }
+ }
+}
+
+class Tests_Auth_OpenID_SReg extends PHPUnit_Framework_TestSuite {
+ function getName()
+ {
+ return "Tests_Auth_OpenID_SReg";
+ }
+
+ function Tests_Auth_OpenID_SReg()
+ {
+ $this->addTestSuite('SRegURITest');
+ $this->addTestSuite('CheckFieldNameTest');
+ $this->addTestSuite('SupportsSRegTest');
+ $this->addTestSuite('GetNSTest');
+ $this->addTestSuite('SRegRequestTest');
+ $this->addTestSuite('SRegResponseTest');
+ $this->addTestSuite('SendFieldsTest');
+ }
+}
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/Server.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Server.php
new file mode 100644
index 000000000..d5dea91a5
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Server.php
@@ -0,0 +1,2463 @@
+<?php
+
+/**
+ * Tests for Auth_OpenID_Server
+ */
+
+require_once "Tests/Auth/OpenID/MemStore.php";
+require_once "Auth/OpenID.php";
+require_once "Auth/OpenID/DiffieHellman.php";
+require_once "Auth/OpenID/Server.php";
+require_once "Auth/OpenID/Consumer.php";
+
+function altModulus()
+{
+ $lib = Auth_OpenID_getMathLib();
+ static $num = null;
+
+ if (!$num) {
+ $num = $lib->init("1423261515703355186607439952816216983770".
+ "5735494988446894302176757360889904836136".
+ "0422513557553514790045512299468953431585".
+ "3008125488594198571710943663581589034331".
+ "6791551733211386105974742540867014420109".
+ "9811846875730766487278261498262568348338".
+ "4764372005569983660877797099908075182915".
+ "81860338635288400119293970087"
+ );
+ }
+
+ return $num;
+}
+
+global $ALT_GEN;
+$ALT_GEN = 5;
+
+function arrayToString($arr)
+{
+ $s = "Array(";
+
+ $parts = array();
+ foreach ($arr as $k => $v) {
+ if (is_array($v)) {
+ $v = arrayToString($v);
+ }
+ $parts[] = sprintf("%s => %s", $k, $v);
+ }
+
+ $s .= implode(", ", $parts);
+ $s .= ")";
+
+ return $s;
+}
+
+function _Auth_OpenID_NotAuthorized()
+{
+ return false;
+}
+
+class Tests_Auth_OpenID_Test_ServerError extends PHPUnit_Framework_TestCase {
+ function test_browserWithReturnTo()
+ {
+ $return_to = "http://rp.unittest/consumer";
+ // will be a ProtocolError raised by Decode or CheckIDRequest.answer
+ $args = array(
+ 'openid.mode' => 'monkeydance',
+ 'openid.identity' => 'http://wagu.unittest/',
+ 'openid.return_to' => $return_to);
+
+ $e = new Auth_OpenID_ServerError(
+ Auth_OpenID_Message::fromPostArgs($args),
+ "plucky");
+
+ $this->assertTrue($e->hasReturnTo());
+ $expected_args = array(
+ 'openid.mode' => 'error',
+ 'openid.error' => 'plucky');
+
+ $encoded = $e->encodeToURL();
+ if (Auth_OpenID_isError($encoded)) {
+ $this->fail($encoded->toString());
+ return;
+ }
+
+ list($rt_base, $_result_args) = explode("?", $e->encodeToURL(), 2);
+ $result_args = Auth_OpenID::getQuery($_result_args);
+
+ $this->assertEquals($result_args, $expected_args);
+ }
+
+ function test_browserWithReturnTo_OpenID2_GET()
+ {
+ $return_to = "http://rp.unittest/consumer";
+ // will be a ProtocolError raised by Decode or
+ // CheckIDRequest.answer
+ $args = Auth_OpenID_Message::fromPostArgs(array(
+ 'openid.ns' => Auth_OpenID_OPENID2_NS,
+ 'openid.mode' => 'monkeydance',
+ 'openid.identity' => 'http://wagu.unittest/',
+ 'openid.claimed_id' => 'http://wagu.unittest/',
+ 'openid.return_to' => $return_to));
+
+ $e = new Auth_OpenID_ServerError($args, "plucky");
+ $this->assertTrue($e->hasReturnTo());
+ $expected_args = array('openid.ns' => Auth_OpenID_OPENID2_NS,
+ 'openid.mode' => 'error',
+ 'openid.error' => 'plucky');
+
+ list($rt_base, $result_args_s) = explode('?', $e->encodeToURL(), 2);
+ $result_args = Auth_OpenID::parse_str($result_args_s);
+
+ $this->assertEquals($result_args, $expected_args);
+ }
+
+ function test_browserWithReturnTo_OpenID2_POST()
+ {
+ $return_to = "http://rp.unittest/consumer" . str_repeat('x', Auth_OpenID_OPENID1_URL_LIMIT);
+ // will be a ProtocolError raised by Decode or
+ // CheckIDRequest.answer
+ $args = Auth_OpenID_Message::fromPostArgs(array(
+ 'openid.ns' => Auth_OpenID_OPENID2_NS,
+ 'openid.mode' => 'monkeydance',
+ 'openid.identity' => 'http://wagu.unittest/',
+ 'openid.claimed_id' => 'http://wagu.unittest/',
+ 'openid.return_to' => $return_to));
+
+ $e = new Auth_OpenID_ServerError($args, "plucky");
+ $this->assertTrue($e->hasReturnTo());
+ $expected_args = array('openid.ns' => Auth_OpenID_OPENID2_NS,
+ 'openid.mode' => 'error',
+ 'openid.error' => 'plucky');
+
+ $this->assertTrue($e->whichEncoding() == Auth_OpenID_ENCODE_HTML_FORM);
+
+ $msg = $e->toMessage();
+
+ $this->assertTrue($e->toFormMarkup() ==
+ $msg->toFormMarkup($args->getArg(Auth_OpenID_OPENID_NS, 'return_to')));
+ }
+
+ function test_browserWithReturnTo_OpenID1_exceeds_limit()
+ {
+ $return_to = "http://rp.unittest/consumer" . str_repeat('x', Auth_OpenID_OPENID1_URL_LIMIT);
+ // will be a ProtocolError raised by Decode or
+ // CheckIDRequest.answer
+ $args = Auth_OpenID_Message::fromPostArgs(array(
+ 'openid.mode' => 'monkeydance',
+ 'openid.identity' => 'http://wagu.unittest/',
+ 'openid.return_to' => $return_to));
+
+ $this->assertTrue($args->isOpenID1());
+
+ $e = new Auth_OpenID_ServerError($args, "plucky");
+ $this->assertTrue($e->hasReturnTo());
+ $expected_args = array('openid.mode' => 'error',
+ 'openid.error' => 'plucky');
+
+ $this->assertTrue($e->whichEncoding() == Auth_OpenID_ENCODE_URL);
+
+ list($rt_base, $result_args_s) = explode('?', $e->encodeToURL(), 2);
+ $result_args = Auth_OpenID::parse_str($result_args_s);
+ $this->assertEquals($result_args, $expected_args);
+ }
+
+ function test_noReturnTo()
+ {
+ // will be a ProtocolError raised by Decode or CheckIDRequest.answer
+ $args = array(
+ 'openid.mode' => 'zebradance',
+ 'openid.identity' => 'http://wagu.unittest/');
+
+ $e = new Auth_OpenID_ServerError(
+ Auth_OpenID_Message::fromPostArgs($args),
+ "waffles");
+
+ $this->assertFalse($e->hasReturnTo());
+ $expected = "error:waffles\nmode:error\n";
+ $this->assertEquals($e->encodeToKVForm(), $expected);
+ }
+
+ function test_noMessage()
+ {
+ $e = new Auth_OpenID_ServerError();
+ $this->assertFalse($e->hasReturnTo());
+ $this->assertEquals($e->whichEncoding(), null);
+ $this->assertEquals($e->getReturnTo(), null);
+ }
+}
+
+class Tests_Auth_OpenID_Test_Decode extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->id_url = "http://decoder.am.unittest/";
+ $this->rt_url = "http://rp.unittest/foobot/?qux=zam";
+ $this->tr_url = "http://rp.unittest/";
+ $this->assoc_handle = "{assoc}{handle}";
+
+ $this->claimed_id = 'http://de.legating.de.coder.unittest/';
+ $this->op_endpoint = 'http://endpoint.unittest/encode';
+
+ $this->store = new Tests_Auth_OpenID_MemStore();
+ $this->server = new Auth_OpenID_Server($this->store,
+ $this->op_endpoint);
+ $this->decoder = new Auth_OpenID_Decoder($this->server);
+ }
+
+ function test_none()
+ {
+ $args = array();
+ $r = $this->decoder->decode($args);
+ $this->assertEquals($r, null);
+ }
+
+ function test_irrelevant()
+ {
+ $args = array(
+ 'pony' => 'spotted',
+ 'sreg.mutant_power' => 'decaffinator');
+
+ $r = $this->decoder->decode($args);
+
+ $this->assertTrue(is_a($r, 'Auth_OpenID_ServerError'));
+ }
+
+ function test_bad()
+ {
+ $args = array(
+ 'openid.mode' => 'twos-compliment',
+ 'openid.pants' => 'zippered');
+
+ // Be sure that decoding the args returns an error.
+ $result = $this->decoder->decode($args);
+
+ $this->assertTrue(Auth_OpenID_isError($result));
+ }
+
+ function test_checkidImmediate()
+ {
+ $args = array(
+ 'openid.mode' => 'checkid_immediate',
+ 'openid.identity' => $this->id_url,
+ 'openid.assoc_handle' => $this->assoc_handle,
+ 'openid.return_to' => $this->rt_url,
+ 'openid.trust_root' => $this->tr_url,
+ # should be ignored
+ 'openid.some.extension' => 'junk');
+
+ $r = $this->decoder->decode($args);
+ $this->assertTrue(is_a($r, 'Auth_OpenID_CheckIDRequest'));
+ $this->assertEquals($r->mode, "checkid_immediate");
+ $this->assertEquals($r->immediate, true);
+ $this->assertEquals($r->identity, $this->id_url);
+ $this->assertEquals($r->trust_root, $this->tr_url);
+ $this->assertEquals($r->return_to, $this->rt_url);
+ $this->assertEquals($r->assoc_handle, $this->assoc_handle);
+ }
+
+ function test_checkidSetup()
+ {
+ $args = array(
+ 'openid.mode' => 'checkid_setup',
+ 'openid.identity' => $this->id_url,
+ 'openid.assoc_handle' => $this->assoc_handle,
+ 'openid.return_to' => $this->rt_url,
+ 'openid.trust_root' => $this->tr_url);
+
+ $r = $this->decoder->decode($args);
+ $this->assertTrue(is_a($r, 'Auth_OpenID_CheckIDRequest'));
+ $this->assertEquals($r->mode, "checkid_setup");
+ $this->assertEquals($r->immediate, false);
+ $this->assertEquals($r->identity, $this->id_url);
+ $this->assertEquals($r->trust_root, $this->tr_url);
+ $this->assertEquals($r->return_to, $this->rt_url);
+ }
+
+ function test_checkidSetupOpenID2()
+ {
+ $args = array(
+ 'openid.ns' => Auth_OpenID_OPENID2_NS,
+ 'openid.mode' => 'checkid_setup',
+ 'openid.identity' => $this->id_url,
+ 'openid.claimed_id' => $this->claimed_id,
+ 'openid.assoc_handle' => $this->assoc_handle,
+ 'openid.return_to' => $this->rt_url,
+ 'openid.realm' => $this->tr_url
+ );
+
+ $r = $this->decoder->decode($args);
+ $this->assertTrue(is_a($r, 'Auth_OpenID_CheckIDRequest'));
+ $this->assertEquals($r->mode, "checkid_setup");
+ $this->assertEquals($r->immediate, False);
+ $this->assertEquals($r->identity, $this->id_url);
+ $this->assertEquals($r->claimed_id, $this->claimed_id);
+ $this->assertEquals($r->trust_root, $this->tr_url);
+ $this->assertEquals($r->return_to, $this->rt_url);
+ }
+
+ function test_checkidSetupNoClaimedIDOpenID2()
+ {
+ $args = array(
+ 'openid.ns' => Auth_OpenID_OPENID2_NS,
+ 'openid.mode' => 'checkid_setup',
+ 'openid.identity' => $this->id_url,
+ 'openid.assoc_handle' => $this->assoc_handle,
+ 'openid.return_to' => $this->rt_url,
+ 'openid.realm' => $this->tr_url
+ );
+
+ $result = $this->decoder->decode($args);
+ $this->assertTrue(is_a($result, "Auth_OpenID_ServerError"));
+ }
+
+ function test_checkidSetupNoIdentityOpenID2()
+ {
+ $args = array(
+ 'openid.ns' => Auth_OpenID_OPENID2_NS,
+ 'openid.mode' => 'checkid_setup',
+ 'openid.assoc_handle' => $this->assoc_handle,
+ 'openid.return_to' => $this->rt_url,
+ 'openid.realm' => $this->tr_url);
+
+ $r = $this->decoder->decode($args);
+ $this->assertTrue(is_a($r, 'Auth_OpenID_CheckIDRequest'));
+ $this->assertEquals($r->mode, "checkid_setup");
+ $this->assertEquals($r->immediate, false);
+ $this->assertEquals($r->identity, null);
+ $this->assertEquals($r->trust_root, $this->tr_url);
+ $this->assertEquals($r->return_to, $this->rt_url);
+ }
+
+ function test_checkidSetupNoReturnOpenID1()
+ {
+ $args = array(
+ 'openid.mode' => 'checkid_setup',
+ 'openid.identity' => $this->id_url,
+ 'openid.assoc_handle' => $this->assoc_handle,
+ 'openid.trust_root' => $this->tr_url);
+
+ $result = $this->decoder->decode($args);
+ if (!Auth_OpenID_isError($result)) {
+ $this->fail("Expected Auth_OpenID_ServerError");
+ }
+ }
+
+ function test_checkidSetupNoReturnOpenID2()
+ {
+ // Make sure an OpenID 2 request with no return_to can be
+ // decoded, and make sure a response to such a request raises
+ // NoReturnToError.
+ $args = array(
+ 'openid.ns' => Auth_OpenID_OPENID2_NS,
+ 'openid.mode' => 'checkid_setup',
+ 'openid.identity' => $this->id_url,
+ 'openid.claimed_id' => $this->id_url,
+ 'openid.assoc_handle' => $this->assoc_handle,
+ 'openid.realm' => $this->tr_url);
+
+ $req = $this->decoder->decode($args);
+
+ $this->assertTrue(is_a($req,
+ 'Auth_OpenID_CheckIDRequest'));
+
+ $this->assertTrue(is_a($req->answer(false), 'Auth_OpenID_NoReturnToError'));
+ $this->assertTrue(is_a($req->encodeToURL('bogus'), 'Auth_OpenID_NoReturnToError'));
+ $this->assertTrue(is_a($req->getCancelURL(), 'Auth_OpenID_NoReturnToError'));
+ }
+
+ function test_checkidSetupRealmRequiredOpenID2()
+ {
+ // Make sure that an OpenID 2 request which lacks return_to
+ // cannot be decoded if it lacks a realm. Spec: This value
+ // (openid.realm) MUST be sent if openid.return_to is omitted.
+
+ $args = array(
+ 'openid.ns' => Auth_OpenID_OPENID2_NS,
+ 'openid.mode' => 'checkid_setup',
+ 'openid.identity' => $this->id_url,
+ 'openid.assoc_handle' => $this->assoc_handle);
+
+ $this->assertTrue(is_a($this->decoder->decode($args),
+ 'Auth_OpenID_ServerError'));
+ }
+
+ function test_checkidSetupBadReturn()
+ {
+ $args = array(
+ 'openid.mode' => 'checkid_setup',
+ 'openid.identity' => $this->id_url,
+ 'openid.assoc_handle' => $this->assoc_handle,
+ 'openid.return_to' => 'not a url');
+
+ $result = $this->decoder->decode($args);;
+ if (Auth_OpenID_isError($result)) {
+ $this->assertTrue($result->message);
+ } else {
+ $this->fail(sprintf("Expected ProtocolError, instead " .
+ "returned with %s", gettype($result)));
+ }
+ }
+
+ function test_checkidSetupUntrustedReturn()
+ {
+ $args = array(
+ 'openid.mode' => 'checkid_setup',
+ 'openid.identity' => $this->id_url,
+ 'openid.assoc_handle' => $this->assoc_handle,
+ 'openid.return_to' => $this->rt_url,
+ 'openid.trust_root' => 'http://not-the-return-place.unittest/');
+
+ $result = $this->decoder->decode($args);
+ $this->assertTrue(is_a($result, 'Auth_OpenID_UntrustedReturnURL'));
+ }
+
+ function test_checkAuth()
+ {
+ $args = array(
+ 'openid.mode' => 'check_authentication',
+ 'openid.assoc_handle' => '{dumb}{handle}',
+ 'openid.sig' => 'sigblob',
+ 'openid.signed' => 'foo,bar,mode',
+ 'openid.foo' => 'signedval1',
+ 'openid.bar' => 'signedval2',
+ 'openid.baz' => 'unsigned');
+
+ $r = $this->decoder->decode($args);
+ $this->assertTrue(is_a($r, 'Auth_OpenID_CheckAuthRequest'));
+ $this->assertEquals($r->mode, 'check_authentication');
+ $this->assertEquals($r->sig, 'sigblob');
+ }
+
+ function test_checkAuthMissingSignature()
+ {
+ $args = array(
+ 'openid.mode' => 'check_authentication',
+ 'openid.assoc_handle' => '{dumb}{handle}',
+ 'openid.signed' => 'foo,bar,mode',
+ 'openid.foo' => 'signedval1',
+ 'openid.bar' => 'signedval2',
+ 'openid.baz' => 'unsigned');
+
+ $r = $this->decoder->decode($args);
+ $this->assertTrue(is_a($r, 'Auth_OpenID_ServerError'));
+ }
+
+ function test_checkAuthAndInvalidate()
+ {
+ $args = array(
+ 'openid.mode' => 'check_authentication',
+ 'openid.assoc_handle' => '{dumb}{handle}',
+ 'openid.invalidate_handle' => '[[SMART_handle]]',
+ 'openid.sig' => 'sigblob',
+ 'openid.signed' => 'foo,bar,mode',
+ 'openid.foo' => 'signedval1',
+ 'openid.bar' => 'signedval2',
+ 'openid.baz' => 'unsigned');
+
+ $r = $this->decoder->decode($args);
+ $this->assertTrue(is_a($r, 'Auth_OpenID_CheckAuthRequest'));
+ $this->assertEquals($r->invalidate_handle, '[[SMART_handle]]');
+ }
+
+ function test_associateDH()
+ {
+ if (defined('Auth_OpenID_NO_MATH_SUPPORT')) {
+ print "(Skipping test_associateDH)";
+ return;
+ }
+ $args = array(
+ 'openid.mode' => 'associate',
+ 'openid.session_type' => 'DH-SHA1',
+ 'openid.dh_consumer_public' => "Rzup9265tw==");
+
+ $r = $this->decoder->decode($args);
+ $this->assertTrue(is_a($r, 'Auth_OpenID_AssociateRequest'));
+ $this->assertEquals($r->mode, "associate");
+ $this->assertEquals($r->session->session_type, "DH-SHA1");
+ $this->assertEquals($r->assoc_type, "HMAC-SHA1");
+ $this->assertTrue($r->session->consumer_pubkey);
+ }
+
+ function test_associateDHMissingKey()
+ {
+ if (defined('Auth_OpenID_NO_MATH_SUPPORT')) {
+ print "(Skipping test_associateDHMissingKey)";
+ return;
+ }
+ $args = array(
+ 'openid.mode' => 'associate',
+ 'openid.session_type' => 'DH-SHA1');
+
+ // Using DH-SHA1 without supplying dh_consumer_public is an error.
+ $result = $this->decoder->decode($args);
+ if (!Auth_OpenID_isError($result)) {
+ $this->fail(sprintf("Expected Auth_OpenID_ServerError, got %s",
+ gettype($result)));
+ }
+ }
+
+ /**
+ * XXX: Cannot produce a value to break base64_decode
+ function test_associateDHpubKeyNotB64()
+ {
+ $args = array(
+ 'openid.mode' => 'associate',
+ 'openid.session_type' => 'DH-SHA1',
+ 'openid.dh_consumer_public' => "donkeydonkeydonkey");
+
+ $r = $this->decoder->decode($args);
+ $this->assertTrue(is_a($r, 'Auth_OpenID_ServerError'));
+ }
+ */
+
+ function test_associateDHModGen()
+ {
+ if (defined('Auth_OpenID_NO_MATH_SUPPORT')) {
+ print "(Skipping test_associateDHModGen)";
+ return;
+ }
+
+ global $ALT_GEN;
+
+ // test dh with non-default but valid values for dh_modulus
+ // and dh_gen
+ $lib = Auth_OpenID_getMathLib();
+
+ $args = array(
+ 'openid.mode' => 'associate',
+ 'openid.session_type' => 'DH-SHA1',
+ 'openid.dh_consumer_public' => "Rzup9265tw==",
+ 'openid.dh_modulus' => $lib->longToBase64(altModulus()),
+ 'openid.dh_gen' => $lib->longToBase64($ALT_GEN));
+
+ $r = $this->decoder->decode($args);
+ $this->assertTrue(is_a($r, 'Auth_OpenID_AssociateRequest'));
+ $this->assertEquals($r->mode, "associate");
+ $this->assertEquals($r->session->session_type, "DH-SHA1");
+ $this->assertEquals($r->assoc_type, "HMAC-SHA1");
+ $this->assertTrue($lib->cmp($r->session->dh->mod, altModulus()) === 0);
+ $this->assertTrue($lib->cmp($r->session->dh->gen, $ALT_GEN) === 0);
+ $this->assertTrue($r->session->consumer_pubkey);
+ }
+
+ /**
+ * XXX: Can't test invalid base64 values for mod and gen because
+ * PHP's base64 decoder is much too forgiving or just plain
+ * broken.
+ function test_associateDHCorruptModGen()
+ {
+ // test dh with non-default but valid values for dh_modulus
+ // and dh_gen
+ $args = array(
+ 'openid.mode' => 'associate',
+ 'openid.session_type' => 'DH-SHA1',
+ 'openid.dh_consumer_public' => "Rzup9265tw==",
+ 'openid.dh_modulus' => 'pizza',
+ 'openid.dh_gen' => 'gnocchi');
+
+ $r = $this->decoder->decode($args);
+ print_r($r);
+
+ $this->assertTrue(is_a($r, 'Auth_OpenID_ServerError'));
+ }
+ */
+
+ function test_associateDHMissingModGen()
+ {
+ if (defined('Auth_OpenID_NO_MATH_SUPPORT')) {
+ print "(Skipping test_associateDHMissingModGen)";
+ return;
+ }
+
+ // test dh with non-default but valid values for dh_modulus
+ // and dh_gen
+ $args = array(
+ 'openid.mode' => 'associate',
+ 'openid.session_type' => 'DH-SHA1',
+ 'openid.dh_consumer_public' => "Rzup9265tw==",
+ 'openid.dh_modulus' => 'pizza');
+
+ $r = $this->decoder->decode($args);
+ $this->assertTrue(is_a($r, 'Auth_OpenID_ServerError'));
+ }
+
+ function test_associateWeirdSession()
+ {
+ $args = array(
+ 'openid.mode' => 'associate',
+ 'openid.session_type' => 'FLCL6',
+ 'openid.dh_consumer_public' => "YQ==\n");
+
+ $r = $this->decoder->decode($args);
+ $this->assertTrue(is_a($r, 'Auth_OpenID_ServerError'));
+ }
+
+ function test_associatePlain()
+ {
+ $args = array('openid.mode' => 'associate');
+
+ $r = $this->decoder->decode($args);
+ $this->assertTrue(is_a($r, 'Auth_OpenID_AssociateRequest'));
+ $this->assertEquals($r->mode, "associate");
+ $this->assertEquals($r->session->session_type, "no-encryption");
+ $this->assertEquals($r->assoc_type, "HMAC-SHA1");
+ }
+
+ function test_nomode()
+ {
+ $args = array(
+ 'openid.session_type' => 'DH-SHA1',
+ 'openid.dh_consumer_public' => "my public keeey");
+
+ $result = $this->decoder->decode($args);
+ if (!Auth_OpenID_isError($result)) {
+ $this->fail(sprintf("Expected Auth_OpenID_Error. Got %s",
+ gettype($result)));
+ }
+ }
+
+ function test_invalidns()
+ {
+ $args = array('openid.ns' => 'Tuesday',
+ 'openid.mode' => 'associate');
+
+ $result = $this->decoder->decode($args);
+
+ $this->assertTrue(is_a($result, 'Auth_OpenID_ServerError'));
+
+ // Assert that the ProtocolError does have a Message attached
+ // to it, even though the request wasn't a well-formed Message.
+ $this->assertTrue($result->message);
+
+ // The error message contains the bad openid.ns.
+ $this->assertTrue(strpos($result->text, 'Tuesday') != -1);
+ }
+}
+
+class Tests_Auth_OpenID_Test_Encode extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->encoder = new Auth_OpenID_Encoder();
+ $this->encode = $this->encoder;
+ $this->op_endpoint = 'http://endpoint.unittest/encode';
+ $this->store = new Tests_Auth_OpenID_MemStore();
+ $this->server = new Auth_OpenID_Server($this->store,
+ $this->op_endpoint);
+ }
+
+ function encode($thing) {
+ return $this->encoder->encode($thing);
+ }
+
+ function test_id_res_OpenID2_GET()
+ {
+ /* Check that when an OpenID 2 response does not exceed the
+ OpenID 1 message size, a GET response (i.e., redirect) is
+ issued. */
+ $request = new Auth_OpenID_CheckIDRequest(
+ 'http://bombom.unittest/',
+ 'http://burr.unittest/999',
+ 'http://burr.unittest/',
+ false,
+ $this->server->op_endpoint);
+
+ $response = new Auth_OpenID_ServerResponse($request);
+ $response->fields = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'ns' => Auth_OpenID_OPENID2_NS,
+ 'mode' => 'id_res',
+ 'identity' => $request->identity,
+ 'claimed_id' => $request->identity,
+ 'return_to' => $request->return_to));
+
+ $this->assertFalse($response->renderAsForm());
+ $this->assertTrue($response->whichEncoding() == Auth_OpenID_ENCODE_URL);
+ $webresponse = $this->encode($response);
+ $this->assertTrue(array_key_exists('location', $webresponse->headers));
+ }
+
+ function test_id_res_OpenID2_POST()
+ {
+ /* Check that when an OpenID 2 response exceeds the OpenID 1
+ message size, a POST response (i.e., an HTML form) is
+ returned. */
+ $request = new Auth_OpenID_CheckIDRequest(
+ 'http://bombom.unittest/',
+ 'http://burr.unittest/999',
+ 'http://burr.unittest/',
+ false,
+ $this->server->op_endpoint);
+
+ $response = new Auth_OpenID_ServerResponse($request);
+ $response->fields = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'ns' => Auth_OpenID_OPENID2_NS,
+ 'mode' => 'id_res',
+ 'identity' => $request->identity,
+ 'claimed_id' => $request->identity,
+ 'return_to' => str_repeat('x', Auth_OpenID_OPENID1_URL_LIMIT)));
+
+ $this->assertTrue($response->renderAsForm());
+ $this->assertTrue(strlen($response->encodeToURL()) > Auth_OpenID_OPENID1_URL_LIMIT);
+ $this->assertTrue($response->whichEncoding() == Auth_OpenID_ENCODE_HTML_FORM);
+ $webresponse = $this->encode($response);
+ $this->assertEquals($webresponse->body, $response->toFormMarkup());
+ }
+
+ function test_id_res_OpenID1_exceeds_limit()
+ {
+ /* Check that when an OpenID 1 response exceeds the OpenID 1
+ message size, a GET response is issued. Technically, this
+ shouldn't be permitted by the library, but this test is in
+ place to preserve the status quo for OpenID 1. */
+ $request = new Auth_OpenID_CheckIDRequest(
+ 'http://bombom.unittest/',
+ 'http://burr.unittest/999',
+ 'http://burr.unittest/',
+ false,
+ $this->server->op_endpoint);
+
+ $response = new Auth_OpenID_ServerResponse($request);
+ $response->fields = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'mode' => 'id_res',
+ 'identity' => $request->identity,
+ 'return_to' => str_repeat('x', Auth_OpenID_OPENID1_URL_LIMIT)));
+
+ $this->assertFalse($response->renderAsForm());
+ $this->assertTrue(strlen($response->encodeToURL()) > Auth_OpenID_OPENID1_URL_LIMIT);
+ $this->assertTrue($response->whichEncoding() == Auth_OpenID_ENCODE_URL);
+ $webresponse = $this->encode($response);
+ $this->assertEquals($webresponse->headers['location'], $response->encodeToURL());
+ }
+
+ function test_id_res()
+ {
+ $request = new Auth_OpenID_CheckIDRequest(
+ 'http://bombom.unittest/',
+ 'http://burr.unittest/',
+ 'http://burr.unittest/999',
+ false,
+ $this->server);
+
+ $response = new Auth_OpenID_ServerResponse($request);
+ $response->fields = Auth_OpenID_Message::fromOpenIDArgs(
+ array(
+ 'mode' => 'id_res',
+ 'identity' => $request->identity,
+ 'return_to' => $request->return_to));
+
+ $webresponse = $this->encoder->encode($response);
+ $this->assertEquals($webresponse->code, AUTH_OPENID_HTTP_REDIRECT);
+ $this->assertTrue(array_key_exists('location',
+ $webresponse->headers));
+
+ $location = $webresponse->headers['location'];
+ $this->assertTrue(strpos($location, $request->return_to) === 0);
+ // "%s does not start with %s" % ($location,
+ // $request->return_to));
+
+ $parsed = parse_url($location);
+ $query = array();
+ $query = Auth_OpenID::parse_str($parsed['query']);
+
+ $expected = $response->fields->toPostArgs();
+ $this->assertEquals($query, $expected);
+ }
+
+ function test_cancel()
+ {
+ $request = new Auth_OpenID_CheckIDRequest(
+ 'http://bombom.unittest/',
+ 'http://burr.unittest/',
+ 'http://burr.unittest/999',
+ false, null,
+ $this->server);
+
+ $response = new Auth_OpenID_ServerResponse($request);
+ $response->fields = Auth_OpenID_Message::fromOpenIDArgs(array('mode' => 'cancel'));
+
+ $webresponse = $this->encoder->encode($response);
+ $this->assertEquals($webresponse->code, AUTH_OPENID_HTTP_REDIRECT);
+ $this->assertTrue(array_key_exists('location', $webresponse->headers));
+ }
+
+ function test_cancelToForm()
+ {
+ $request = new Auth_OpenID_CheckIDRequest(
+ 'http://bombom.unittest/',
+ 'http://burr.unittest/999',
+ 'http://burr.unittest/',
+ false, null,
+ $this->server);
+
+ $response = new Auth_OpenID_ServerResponse($request);
+ $response->fields = Auth_OpenID_Message::fromOpenIDArgs(array('mode' => 'cancel'));
+
+ $form = $response->toFormMarkup();
+ $pos = strpos($form, 'http://burr.unittest/999');
+ $this->assertTrue($pos !== false, var_export($pos, true));
+ }
+
+ function test_assocReply()
+ {
+ if (!defined('Auth_OpenID_NO_MATH_SUPPORT')) {
+ $message = new Auth_OpenID_Message(Auth_OpenID_OPENID2_NS);
+ $message->setArg(Auth_OpenID_OPENID2_NS, 'session_type',
+ 'no-encryption');
+ $request = Auth_OpenID_AssociateRequest::fromMessage($message,
+ $this->server);
+ $response = new Auth_OpenID_ServerResponse($request);
+ $response->fields = Auth_OpenID_Message::fromOpenIDArgs(
+ array('assoc_handle' => "every-zig"));
+ $webresponse = $this->encoder->encode($response);
+ $body = "assoc_handle:every-zig\n";
+ $this->assertEquals($webresponse->code, AUTH_OPENID_HTTP_OK);
+ $this->assertEquals($webresponse->headers, array());
+ $this->assertEquals($webresponse->body, $body);
+ }
+ }
+
+ function test_checkauthReply()
+ {
+ $request = new Auth_OpenID_CheckAuthRequest('a_sock_monkey',
+ 'siggggg',
+ array());
+ $response = new Auth_OpenID_ServerResponse($request);
+ $response->fields = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'is_valid' => 'true',
+ 'invalidate_handle' => 'xXxX:xXXx'));
+
+ $body = "invalidate_handle:xXxX:xXXx\nis_valid:true\n";
+ $webresponse = $this->encoder->encode($response);
+ $this->assertEquals($webresponse->code, AUTH_OPENID_HTTP_OK);
+ $this->assertEquals($webresponse->headers, array());
+ $this->assertEquals($webresponse->body, $body);
+ }
+
+ function test_unencodableError()
+ {
+ $args = array('openid.identity' => 'http://limu.unittest/');
+
+ $e = new Auth_OpenID_ServerError(Auth_OpenID_Message::fromPostArgs($args),
+ "wet paint");
+
+ $result = $this->encoder->encode($e);
+ if (!Auth_OpenID_isError($result, 'Auth_OpenID_EncodingError')) {
+ $this->fail(sprintf("Expected Auth_OpenID_ServerError, got %s",
+ gettype($result)));
+ }
+ }
+
+ function test_encodableError()
+ {
+ $args = array(
+ 'openid.mode' => 'associate',
+ 'openid.identity' => 'http://limu.unittest/');
+
+ $body="error:snoot\nmode:error\n";
+ $err = new Auth_OpenID_ServerError(Auth_OpenID_Message::fromPostArgs($args),
+ "snoot");
+
+ $webresponse = $this->encoder->encode($err);
+ $this->assertEquals($webresponse->code, AUTH_OPENID_HTTP_ERROR);
+ $this->assertEquals($webresponse->headers, array());
+ $this->assertEquals($webresponse->body, $body);
+ }
+}
+
+class Tests_Auth_OpenID_SigningEncode extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ // Use filestore here instead of memstore
+ $this->store = new Tests_Auth_OpenID_MemStore();
+
+ $this->op_endpoint = 'http://endpoint.unittest/encode';
+
+ $this->server = new Auth_OpenID_Server($this->store,
+ $this->op_endpoint);
+
+ $this->request = new Auth_OpenID_CheckIDRequest(
+ 'http://bombom.unittest/',
+ 'http://burr.unittest/',
+ 'http://burr.unittest/999',
+ false,
+ null,
+ $this->server);
+
+ $this->response = new Auth_OpenID_ServerResponse($this->request);
+ $this->response->fields = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'mode' => 'id_res',
+ 'identity' => $this->request->identity,
+ 'return_to' => $this->request->return_to));
+
+ $this->signatory = new Auth_OpenID_Signatory($this->store);
+ $this->dumb_key = $this->signatory->dumb_key;
+ $this->normal_key = $this->signatory->normal_key;
+
+ $this->encoder = new Auth_OpenID_SigningEncoder($this->signatory);
+ }
+
+ function test_idres()
+ {
+ $assoc_handle = '{bicycle}{shed}';
+ $assoc = Auth_OpenID_Association::fromExpiresIn(60, $assoc_handle,
+ 'sekrit', 'HMAC-SHA1');
+ $this->store->storeAssociation($this->normal_key, $assoc);
+ $this->request->assoc_handle = $assoc_handle;
+ $webresponse = $this->encoder->encode($this->response);
+ $this->assertEquals($webresponse->code, AUTH_OPENID_HTTP_REDIRECT);
+ $this->assertTrue(array_key_exists('location',
+ $webresponse->headers));
+
+ $location = $webresponse->headers['location'];
+ $parsed = parse_url($location);
+ $query = Auth_OpenID::getQuery($parsed['query']);
+
+ $this->assertTrue(array_key_exists('openid.sig', $query));
+ $this->assertTrue(array_key_exists('openid.assoc_handle', $query));
+ $this->assertTrue(array_key_exists('openid.signed', $query));
+ }
+
+ function test_idresDumb()
+ {
+ $webresponse = $this->encoder->encode($this->response);
+ $this->assertEquals($webresponse->code, AUTH_OPENID_HTTP_REDIRECT);
+ $this->assertTrue(array_key_exists('location', $webresponse->headers));
+
+ $location = $webresponse->headers['location'];
+ $parsed = parse_url($location);
+ $query = Auth_OpenID::getQuery($parsed['query']);
+
+ $this->assertTrue(array_key_exists('openid.sig', $query));
+ $this->assertTrue(array_key_exists('openid.assoc_handle', $query));
+ $this->assertTrue(array_key_exists('openid.signed', $query));
+ }
+
+ function test_forgotStore()
+ {
+ $this->encoder->signatory = null;
+ $result = $this->encoder->encode($this->response);
+ if (!is_a($result, 'Auth_OpenID_ServerError')) {
+ $this->fail(sprintf("Expected Auth_OpenID_ServerError, got %s",
+ gettype($result)));
+ }
+ }
+
+ function test_cancel()
+ {
+ $request = new Auth_OpenID_CheckIDRequest(
+ 'http://bombom.unittest/',
+ 'http://burr.unittest/',
+ 'http://burr.unittest/999',
+ false,
+ null,
+ $this->server);
+
+ $response = new Auth_OpenID_ServerResponse($request, 'cancel');
+ $webresponse = $this->encoder->encode($response);
+ $this->assertEquals($webresponse->code, AUTH_OPENID_HTTP_REDIRECT);
+ $this->assertTrue(array_key_exists('location', $webresponse->headers));
+ $location = $webresponse->headers['location'];
+ $parsed = parse_url($location);
+ $query = Auth_OpenID::getQuery($parsed['query']);
+
+ $this->assertFalse(array_key_exists('openid.sig', $query));
+ }
+
+ function test_assocReply()
+ {
+ if (!defined('Auth_OpenID_NO_MATH_SUPPORT')) {
+ $message = new Auth_OpenID_Message(Auth_OpenID_OPENID1_NS);
+ $request = Auth_OpenID_AssociateRequest::fromMessage($message,
+ $this->server);
+ $response = new Auth_OpenID_ServerResponse($request);
+ $response->fields = Auth_OpenID_Message::fromOpenIDArgs(
+ array('assoc_handle' => "every-zig"));
+ $webresponse = $this->encoder->encode($response);
+ $body = "assoc_handle:every-zig\n";
+
+ $this->assertEquals($webresponse->code, AUTH_OPENID_HTTP_OK);
+ $this->assertEquals($webresponse->headers, array());
+ $this->assertEquals($webresponse->body, $body);
+ }
+ }
+
+ function test_alreadySigned()
+ {
+ $this->response->fields->setArg(Auth_OpenID_OPENID_NS, 'sig', 'priorSig==');
+ $result = $this->encoder->encode($this->response);
+ if (!is_a($result, 'Auth_OpenID_AlreadySigned')) {
+ $this->fail(sprintf("Expected Auth_OpenID_AlreadySigned " .
+ "instance, got %s", gettype($result)));
+ }
+ }
+}
+
+class Tests_Auth_OpenID_CheckID extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->store = new Tests_Auth_OpenID_MemStore();
+
+ $this->op_endpoint = 'http://endpoint.unittest/encode';
+
+ $this->server = new Auth_OpenID_Server($this->store,
+ $this->op_endpoint);
+
+ $this->request = new Auth_OpenID_CheckIDRequest(
+ 'http://bambam.unittest/',
+ 'http://bar.unittest/999',
+ 'http://bar.unittest/',
+ false, null,
+ $this->server);
+
+ $this->request->message = new Auth_OpenID_Message(
+ Auth_OpenID_OPENID2_NS);
+ }
+
+ function test_fromMessageClaimedIDWithoutIdentityOpenID2()
+ {
+ $name = 'https://example.myopenid.com';
+
+ $msg = new Auth_OpenID_Message(Auth_OpenID_OPENID2_NS);
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'mode', 'checkid_setup');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'return_to',
+ 'http://invalid:8000/rt');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'claimed_id', $name);
+
+ $result = Auth_OpenID_CheckIDRequest::fromMessage(
+ $msg, $this->server);
+
+ $this->assertTrue(is_a($result, 'Auth_OpenID_ServerError'));
+ }
+
+ function test_fromMessageIdentityWithoutClaimedIDOpenID2()
+ {
+ $name = 'https://example.myopenid.com';
+
+ $msg = new Auth_OpenID_Message(Auth_OpenID_OPENID2_NS);
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'mode', 'checkid_setup');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'return_to',
+ 'http://invalid:8000/rt');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'identity', $name);
+
+ $result = Auth_OpenID_CheckIDRequest::fromMessage(
+ $msg, $this->server);
+
+ $this->assertTrue(is_a($result, 'Auth_OpenID_ServerError'));
+ }
+
+ function test_fromMessageWithEmptyTrustRoot()
+ {
+ $return_to = 'http://does.not.matter/';
+ $msg = Auth_OpenID_Message::fromPostArgs(array(
+ 'openid.assoc_handle' => '{blah}{blah}{OZivdQ==}',
+ 'openid.claimed_id' => 'http://delegated.invalid/',
+ 'openid.identity' => 'http://op-local.example.com/',
+ 'openid.mode' => 'checkid_setup',
+ 'openid.ns' => 'http://openid.net/signon/1.0',
+ 'openid.return_to' => $return_to,
+ 'openid.trust_root' => ''
+ ));
+ $result = Auth_OpenID_CheckIDRequest::fromMessage(
+ $msg, $this->server);
+ $this->assertEquals($return_to, $result->trust_root);
+ }
+
+ function test_trustRootInvalid()
+ {
+ $this->request->trust_root = "http://foo.unittest/17";
+ $this->request->return_to = "http://foo.unittest/39";
+ $this->assertFalse($this->request->trustRootValid());
+ }
+
+ function test_trustRootValid()
+ {
+ $this->request->trust_root = "http://foo.unittest/";
+ $this->request->return_to = "http://foo.unittest/39";
+ $this->assertTrue($this->request->trustRootValid());
+ }
+
+ function test_malformedTrustRoot()
+ {
+ $this->request->trust_root = "invalid://trust*root/";
+ $this->request->return_to = "http://foo.unittest/39";
+ $sentinel = 'Sentinel';
+ $this->request->message = $sentinel;
+
+ $result = $this->request->trustRootValid();
+ $this->assertTrue(Auth_OpenID_isError($result));
+ $this->assertEquals($result->message, $sentinel);
+ }
+
+ function _verify($trust_root, $return_to, $value)
+ {
+ $this->assertEquals($this->request->trust_root, $trust_root);
+ $this->assertEquals($this->request->return_to, $return_to);
+ return $value;
+ }
+
+ function _verifyTrue($trust_root, $return_to)
+ {
+ return $this->_verify($trust_root, $return_to, true);
+ }
+
+ function _verifyFalse($trust_root, $return_to)
+ {
+ return $this->_verify($trust_root, $return_to, false);
+ }
+
+ /*
+ * Make sure that verifyReturnTo is calling
+ * Auth_OpenID_verifyReturnTo
+ */
+ function test_returnToVerified_callsVerify()
+ {
+ // Ensure that True and False are passed through unchanged
+ $this->request->verifyReturnTo = array($this, '_verifyTrue');
+ $this->assertEquals(true, $this->request->returnToVerified());
+
+ $this->request->verifyReturnTo = array($this, '_verifyFalse');
+ $this->assertEquals(false, $this->request->returnToVerified());
+ }
+
+ function test_answerToInvalidRoot()
+ {
+ $this->request->trust_root = "http://foo.unittest/17";
+ $this->request->return_to = "http://foo.unittest/39";
+ $result = $this->request->answer(true);
+ if (!is_a($result, 'Auth_OpenID_UntrustedReturnURL')) {
+ $this->fail(sprintf("Expected Auth_OpenID_UntrustedReturnURL, " .
+ "got %s", gettype($result)));
+ }
+ $this->assertTrue($this->request->answer(false));
+ }
+
+ function _expectAnswer($answer, $identity=null, $claimed_id=null)
+ {
+ if (is_a($answer, 'Auth_OpenID_ServerError')) {
+ $this->fail("Got ServerError, expected valid response in ".$this->getName());
+ return;
+ }
+
+ $expected_list = array(
+ array('mode', 'id_res'),
+ array('return_to', $this->request->return_to),
+ array('op_endpoint', $this->op_endpoint));
+
+ if ($identity) {
+ $expected_list[] = array('identity', $identity);
+
+ if ($claimed_id) {
+ $expected_list[] = array('claimed_id', $claimed_id);
+ } else {
+ $expected_list[] = array('claimed_id', $identity);
+ }
+ }
+
+ foreach ($expected_list as $pair) {
+ list($k, $expected) = $pair;
+ $actual = $answer->fields->getArg(Auth_OpenID_OPENID_NS, $k);
+ $this->assertEquals($expected, $actual,
+ "Got wrong value for field '".$k."'");
+ }
+
+ $this->assertTrue($answer->fields->hasKey(Auth_OpenID_OPENID_NS, 'response_nonce'));
+ $this->assertTrue($answer->fields->getOpenIDNamespace() == Auth_OpenID_OPENID2_NS);
+
+ # One for nonce, one for ns
+ $this->assertEquals(count($answer->fields->toPostArgs()),
+ count($expected_list) + 2);
+ }
+
+ function test_answerAllow()
+ {
+ $answer = $this->request->answer(true);
+
+ if (Auth_OpenID_isError($answer)) {
+ $this->fail($answer->toString());
+ return;
+ }
+ $this->assertEquals($answer->request, $this->request);
+ $this->_expectAnswer($answer, $this->request->identity);
+ }
+
+ function test_answerAllowDelegatedIdentity()
+ {
+ $this->request->claimed_id = 'http://delegating.unittest/';
+ $answer = $this->request->answer(true);
+ $this->_expectAnswer($answer, $this->request->identity,
+ $this->request->claimed_id);
+ }
+
+ function test_answerAllowWithoutIdentityReally()
+ {
+ $this->request->identity = null;
+ $answer = $this->request->answer(true);
+ $this->assertEquals($answer->request, $this->request);
+ $this->_expectAnswer($answer);
+ }
+
+ function test_answerAllowAnonymousFail()
+ {
+ $this->request->identity = null;
+ // XXX - Check on this, I think this behavior is legal in
+ // OpenID 2.0?
+ // $this->failUnlessRaises(
+ // ValueError, $this->request->answer, true, identity="=V");
+ $this->assertTrue(is_a($this->request->answer(true, null, "=V"),
+ 'Auth_OpenID_ServerError'));
+ }
+
+ function test_answerAllowWithIdentity()
+ {
+ $this->request->identity = Auth_OpenID_IDENTIFIER_SELECT;
+ $selected_id = 'http://anon.unittest/9861';
+ $answer = $this->request->answer(true, null, $selected_id);
+ $this->_expectAnswer($answer, $selected_id);
+ }
+
+ function test_fromMessageWithoutTrustRoot()
+ {
+ $msg = new Auth_OpenID_Message(Auth_OpenID_OPENID2_NS);;
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'mode', 'checkid_setup');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'return_to',
+ 'http://real_trust_root/foo');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'assoc_handle', 'bogus');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'identity', 'george');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'claimed_id', 'george');
+
+ $result = Auth_OpenID_CheckIDRequest::fromMessage(
+ $msg, $this->server->op_endpoint);
+
+ $this->assertEquals($result->trust_root,
+ 'http://real_trust_root/foo');
+ }
+
+ function test_fromMessageWithoutTrustRootOrReturnTo()
+ {
+ $msg = new Auth_OpenID_Message(Auth_OpenID_OPENID2_NS);
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'mode', 'checkid_setup');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'assoc_handle', 'bogus');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'identity', 'george');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'claimed_id', 'george');
+
+ $result = Auth_OpenID_CheckIDRequest::fromMessage(
+ $msg, $this->server);
+ $this->assertTrue(is_a($result, 'Auth_OpenID_ServerError'));
+ }
+
+ function test_answerAllowNoEndpointOpenID1()
+ {
+ $identity = 'http://bambam.unittest/';
+ $reqmessage = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'identity' => $identity,
+ 'trust_root' => 'http://bar.unittest/',
+ 'return_to' => 'http://bar.unittest/999',
+ ));
+ $this->server->op_endpoint = null;
+ $this->request = Auth_OpenID_CheckIDRequest::fromMessage($reqmessage, $this->server);
+ $answer = $this->request->answer(true);
+
+ $expected_list = array('mode' => 'id_res',
+ 'return_to' => $this->request->return_to,
+ 'identity' => $identity,
+ );
+
+ foreach ($expected_list as $k => $expected) {
+ $actual = $answer->fields->getArg(Auth_OpenID_OPENID_NS, $k);
+ $this->assertEquals($expected, $actual);
+ }
+
+ $this->assertTrue($answer->fields->hasKey(Auth_OpenID_OPENID_NS,
+ 'response_nonce'));
+ $this->assertTrue($answer->fields->getOpenIDNamespace(),
+ Auth_OpenID_OPENID1_NS);
+ $this->assertTrue(
+ $answer->fields->namespaces->isImplicit(Auth_OpenID_OPENID1_NS));
+
+ // One for nonce (OpenID v1 namespace is implicit)
+ $this->assertEquals(count($answer->fields->toPostArgs()),
+ count($expected_list) + 1,
+ var_export($answer->fields->toPostArgs(), true));
+ }
+
+ function test_answerAllowWithDelegatedIdentityOpenID2()
+ {
+ // Answer an IDENTIFIER_SELECT case with a delegated
+ // identifier. claimed_id delegates to selected_id here.
+ $this->request->identity = Auth_OpenID_IDENTIFIER_SELECT;
+ $selected_id = 'http://anon.unittest/9861';
+ $claimed_id = 'http://monkeyhat.unittest/';
+ $answer = $this->request->answer(true, null, $selected_id,
+ $claimed_id);
+ $this->_expectAnswer($answer, $selected_id, $claimed_id);
+ }
+
+ function test_answerAllowWithDelegatedIdentityOpenID1()
+ {
+ // claimed_id parameter doesn't exist in OpenID 1.
+ $msg = new Auth_OpenID_Message(Auth_OpenID_OPENID1_NS);
+ $this->request->message = $msg;
+ // claimed_id delegates to selected_id here.
+ $this->request->identity = Auth_OpenID_IDENTIFIER_SELECT;
+ $selected_id = 'http://anon.unittest/9861';
+ $claimed_id = 'http://monkeyhat.unittest/';
+
+ $result = $this->request->answer(true,
+ null,
+ $selected_id,
+ $claimed_id);
+
+ $this->assertTrue(is_a($result, "Auth_OpenID_ServerError"),
+ var_export($result, true));
+ }
+
+ function test_answerAllowWithAnotherIdentity()
+ {
+ // XXX - Check on this, I think this behavior is legal is
+ // OpenID 2.0?
+ // $this->failUnlessRaises(ValueError, $this->request->answer, true,
+ // identity="http://pebbles.unittest/");
+ $result = $this->request->answer(true, null, "http://pebbles.unittest/");
+ $this->assertTrue(is_a($result, "Auth_OpenID_ServerError"));
+ }
+
+ function test_answerAllowNoIdentityOpenID1()
+ {
+ $msg = new Auth_OpenID_Message(Auth_OpenID_OPENID1_NS);
+ $this->request->message = $msg;
+ $this->request->identity = null;
+ // $this->failUnlessRaises(ValueError, $this->request->answer, true,
+ // identity=null);
+ $result = $this->request->answer(true);
+ $this->assertTrue(is_a($result, "Auth_OpenID_ServerError"));
+ }
+
+ function test_answerAllowForgotEndpoint()
+ {
+ $this->request->server->op_endpoint = null;
+ $result = $this->request->answer(true);
+ $this->assertTrue(is_a($result, "Auth_OpenID_ServerError"));
+ }
+
+ function test_checkIDWithNoIdentityOpenID1()
+ {
+ $msg = new Auth_OpenID_Message(Auth_OpenID_OPENID1_NS);
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'return_to', 'bogus');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'trust_root', 'bogus');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'mode', 'checkid_setup');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'assoc_handle', 'bogus');
+
+ // $this->failUnlessRaises(server->ProtocolError,
+ // server->CheckIDRequest->fromMessage,
+ // msg, $this->server);
+ $result = Auth_OpenID_CheckIDRequest::fromMessage($msg, $this->server);
+
+ $this->assertTrue(is_a($result, 'Auth_OpenID_ServerError'));
+ }
+
+ function test_trustRootOpenID1()
+ {
+ // Ignore openid.realm in OpenID 1
+ $msg = new Auth_OpenID_Message(Auth_OpenID_OPENID1_NS);
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'mode', 'checkid_setup');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'trust_root', 'http://real_trust_root/');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'realm', 'http://fake_trust_root/');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'return_to', 'http://real_trust_root/foo');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'assoc_handle', 'bogus');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'identity', 'george');
+
+ $result = Auth_OpenID_CheckIDRequest::fromMessage($msg, $this->server);
+
+ $this->assertTrue($result->trust_root == 'http://real_trust_root/');
+ }
+
+ function test_trustRootOpenID2()
+ {
+ // Ignore openid.trust_root in OpenID 2
+ $msg = new Auth_OpenID_Message(Auth_OpenID_OPENID2_NS);
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'mode', 'checkid_setup');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'realm', 'http://real_trust_root/');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'trust_root', 'http://fake_trust_root/');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'return_to', 'http://real_trust_root/foo');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'assoc_handle', 'bogus');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'identity', 'george');
+ $msg->setArg(Auth_OpenID_OPENID_NS, 'claimed_id', 'george');
+
+ $result = Auth_OpenID_CheckIDRequest::fromMessage($msg, $this->server);
+
+ $this->assertTrue($result->trust_root == 'http://real_trust_root/');
+ }
+
+ function test_encodeToURL()
+ {
+ $server_url = 'http://openid-server.unittest/';
+ $result = $this->request->encodeToURL($server_url);
+
+ $this->assertFalse(is_a($result, 'Auth_OpenID_ServerError'));
+
+ // How to check? How about a round-trip test.
+ list($base, $result_args) = explode("?", $result, 2);
+ $args = Auth_OpenID::getQuery($result_args);
+ $message = Auth_OpenID_Message::fromPostArgs($args);
+
+ $rebuilt_request = Auth_OpenID_CheckIDRequest::fromMessage($message,
+ $this->server);
+ // argh, lousy hack
+ $this->assertTrue($rebuilt_request->equals($this->request));
+ }
+
+ function test_answerAllowNoTrustRoot()
+ {
+ $this->request->trust_root = null;
+ $answer = $this->request->answer(true);
+ $this->assertEquals($answer->request, $this->request);
+ $this->_expectAnswer($answer, $this->request->identity);
+ }
+
+ function test_answerImmediateDenyOpenID1()
+ {
+ $msg = new Auth_OpenID_Message(Auth_OpenID_OPENID1_NS);
+ $this->request->message = $msg;
+ $this->request->namespace = $msg->getOpenIDNamespace();
+ $this->request->mode = 'checkid_immediate';
+ $this->request->claimed_id = 'http://claimed-id.test/';
+ $this->request->immediate = true;
+ $server_url = "http://setup-url.unittest/";
+ $answer = $this->request->answer(false, $server_url);
+
+ $this->assertEquals($answer->request, $this->request);
+ $this->assertEquals(count($answer->fields->toPostArgs()), 2);
+ $this->assertEquals($answer->fields->getOpenIDNamespace(),
+ Auth_OpenID_OPENID1_NS);
+ $this->assertTrue(
+ $answer->fields->namespaces->isImplicit(Auth_OpenID_OPENID1_NS));
+ $this->assertEquals($answer->fields->getArg(Auth_OpenID_OPENID_NS, 'mode'),
+ 'id_res');
+
+ $usu = $answer->fields->getArg(Auth_OpenID_OPENID_NS,'user_setup_url');
+ $this->assertTrue(strpos($usu, $server_url) == 0);
+ $expected_substr = 'openid.claimed_id=http%3A%2F%2Fclaimed-id.test%2F';
+ $this->assertTrue(strpos($usu, $expected_substr), $usu);
+ }
+
+ function test_answerImmediateDenyOpenID2()
+ {
+ $this->request->mode = 'checkid_immediate';
+ $this->request->immediate = true;
+ $server_url = "http://setup-url.unittest/";
+ $answer = $this->request->answer(false, $server_url);
+
+ $this->assertEquals($answer->request, $this->request);
+ $this->assertEquals(count($answer->fields->toPostArgs()), 3);
+ $this->assertEquals($answer->fields->getOpenIDNamespace(),
+ Auth_OpenID_OPENID2_NS);
+ $this->assertEquals($answer->fields->getArg(Auth_OpenID_OPENID_NS, 'mode'),
+ 'setup_needed');
+ }
+
+ function test_answerSetupDeny()
+ {
+ $answer = $this->request->answer(false);
+ $this->assertEquals($answer->fields->getArgs(Auth_OpenID_OPENID_NS),
+ array('mode' => 'cancel'));
+ }
+
+ function test_getCancelURL()
+ {
+ $url = $this->request->getCancelURL();
+
+ $parsed = parse_url($url);
+ $query = Auth_OpenID::getQuery($parsed['query']);
+
+ $this->assertEquals(array('openid.mode' => 'cancel',
+ 'openid.ns' => Auth_OpenID_OPENID2_NS),
+ $query);
+ }
+
+ function test_getCancelURLimmed()
+ {
+ $this->request->mode = 'checkid_immediate';
+ $this->request->immediate = true;
+ $result = $this->request->getCancelURL();
+ if (!is_a($result, 'Auth_OpenID_ServerError')) {
+ $this->fail(sprintf("Expected Auth_OpenID_ServerError, got %s",
+ gettype($result)));
+ }
+ }
+}
+
+class Tests_Auth_OpenID_CheckIDExtension extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->op_endpoint = 'http://endpoint.unittest/ext';
+ $this->store = new Tests_Auth_OpenID_MemStore();
+ $this->server = new Auth_OpenID_Server($this->store, $this->op_endpoint);
+ $this->request = new Auth_OpenID_CheckIDRequest(
+ 'http://bambam.unittest/',
+ 'http://bar.unittest/',
+ 'http://bar.unittest/999',
+ false,
+ null,
+ $this->server);
+
+ $this->response = new Auth_OpenID_ServerResponse($this->request);
+ $this->response->fields->setArg(Auth_OpenID_OPENID_NS, 'mode', 'id_res');
+ $this->response->fields->setArg(Auth_OpenID_OPENID_NS, 'blue', 'star');
+ }
+
+ function test_addField()
+ {
+ $namespace = 'something:';
+ $this->response->fields->setArg($namespace, 'bright', 'potato');
+ $this->assertEquals($this->response->fields->getArgs(Auth_OpenID_OPENID_NS),
+ array('blue' => 'star',
+ 'mode' => 'id_res'));
+
+ $this->assertEquals($this->response->fields->getArgs($namespace),
+ array('bright' => 'potato'));
+ }
+
+ function test_addFields()
+ {
+ $namespace = 'mi5:';
+ $args = array('tangy' => 'suspenders',
+ 'bravo' => 'inclusion');
+
+ $this->response->fields->updateArgs($namespace, $args);
+ $this->assertEquals($this->response->fields->getArgs(Auth_OpenID_OPENID_NS),
+ array('blue' => 'star',
+ 'mode' => 'id_res'));
+ $this->assertEquals($this->response->fields->getArgs($namespace), $args);
+ }
+}
+
+class _MockSignatory {
+ var $isValid = true;
+
+ function _MockSignatory($assoc)
+ {
+ $this->assocs = array($assoc);
+ }
+
+ function verify($assoc_handle, $message)
+ {
+ if (!$message->hasKey(Auth_OpenID_OPENID_NS, 'sig')) {
+ return false;
+ }
+
+ if (in_array(array(true, $assoc_handle), $this->assocs)) {
+ return $this->isValid;
+ } else {
+ return false;
+ }
+ }
+
+ function getAssociation($assoc_handle, $dumb)
+ {
+ if (in_array(array($dumb, $assoc_handle), $this->assocs)) {
+ // This isn't a valid implementation for many uses of this
+ // function, mind you.
+ return true;
+ } else {
+ return null;
+ }
+ }
+
+ function invalidate($assoc_handle, $dumb)
+ {
+ if (in_array(array($dumb, $assoc_handle), $this->assocs)) {
+ $i = 0;
+ foreach ($this->assocs as $pair) {
+ if ($pair == array($dumb, $assoc_handle)) {
+ unset($this->assocs[$i]);
+ break;
+ }
+ $i++;
+ }
+ }
+ }
+}
+
+class Tests_Auth_OpenID_CheckAuth extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->assoc_handle = 'mooooooooo';
+ $this->message = Auth_OpenID_Message::fromPostArgs(
+ array('openid.sig' => 'signarture',
+ 'one' => 'alpha',
+ 'two' => 'beta'));
+
+ $this->request = new Auth_OpenID_CheckAuthRequest(
+ $this->assoc_handle, $this->message);
+
+ $this->signatory = new _MockSignatory(array(true, $this->assoc_handle));
+ }
+
+ function test_valid()
+ {
+ $this->request->namespace = Auth_OpenID_OPENID1_NS;
+ $r = $this->request->answer($this->signatory);
+ $this->assertEquals($r->fields->getArgs(Auth_OpenID_OPENID1_NS),
+ array('is_valid' => 'true'));
+ $this->assertEquals($r->request, $this->request);
+ }
+
+ function test_invalid()
+ {
+ $this->request->namespace = Auth_OpenID_OPENID1_NS;
+ $this->signatory->isValid = false;
+ $r = $this->request->answer($this->signatory);
+ $this->assertEquals($r->fields->getArgs(Auth_OpenID_OPENID1_NS),
+ array('is_valid' => 'false'));
+ }
+
+ function test_replay()
+ {
+ $this->request->namespace = Auth_OpenID_OPENID1_NS;
+ $r = $this->request->answer($this->signatory);
+ $r = $this->request->answer($this->signatory);
+ $this->assertEquals($r->fields->getArgs(Auth_OpenID_OPENID1_NS),
+ array('is_valid' => 'false'));
+ }
+
+ function test_invalidatehandle()
+ {
+ $this->request->namespace = Auth_OpenID_OPENID1_NS;
+ $this->request->invalidate_handle = "bogusHandle";
+ $r = $this->request->answer($this->signatory);
+ $this->assertEquals($r->fields->getArgs(Auth_OpenID_OPENID1_NS),
+ array('is_valid' => 'true',
+ 'invalidate_handle' => "bogusHandle"));
+ $this->assertEquals($r->request, $this->request);
+ }
+
+ function test_invalidatehandleNo()
+ {
+ $this->request->namespace = Auth_OpenID_OPENID1_NS;
+ $assoc_handle = 'goodhandle';
+ $this->signatory->assocs[] = array(false, 'goodhandle');
+ $this->request->invalidate_handle = $assoc_handle;
+ $r = $this->request->answer($this->signatory);
+ $this->assertEquals($r->fields->getArgs(Auth_OpenID_OPENID1_NS),
+ array('is_valid' => 'true'));
+ }
+}
+
+class Tests_Auth_OpenID_Associate extends PHPUnit_Framework_TestCase {
+ // TODO: test DH with non-default values for modulus and gen.
+ // (important to do because we actually had it broken for a
+ // while.)
+
+ function setUp()
+ {
+ $message = new Auth_OpenID_Message(Auth_OpenID_OPENID1_NS);
+ $this->request = Auth_OpenID_AssociateRequest::fromMessage($message);
+ $this->store = new Tests_Auth_OpenID_MemStore();
+ $this->signatory = new Auth_OpenID_Signatory($this->store);
+ }
+
+ function test_dhSHA1()
+ {
+ if (!defined('Auth_OpenID_NO_MATH_SUPPORT')) {
+ $this->assoc = $this->signatory->createAssociation(false,
+ 'HMAC-SHA1');
+
+ $dh = new Auth_OpenID_DiffieHellman();
+ $ml = Auth_OpenID_getMathLib();
+
+ $cpub = $dh->public;
+ $session = new Auth_OpenID_DiffieHellmanSHA1ServerSession(
+ new Auth_OpenID_DiffieHellman(),
+ $cpub);
+
+ $this->request = new Auth_OpenID_AssociateRequest($session,
+ 'HMAC-SHA1');
+ $response = $this->request->answer($this->assoc);
+
+ $this->assertEquals(
+ $response->fields->getArg(Auth_OpenID_OPENID_NS, "assoc_type"),
+ "HMAC-SHA1");
+
+ $this->assertEquals(
+ $response->fields->getArg(Auth_OpenID_OPENID_NS, "assoc_handle"),
+ $this->assoc->handle);
+
+ $this->assertFalse(
+ $response->fields->getArg(Auth_OpenID_OPENID_NS, "mac_key"));
+
+ $this->assertEquals(
+ $response->fields->getArg(Auth_OpenID_OPENID_NS, "session_type"),
+ "DH-SHA1");
+
+ $this->assertTrue(
+ $response->fields->getArg(Auth_OpenID_OPENID_NS, "enc_mac_key"));
+
+ $this->assertTrue(
+ $response->fields->getArg(Auth_OpenID_OPENID_NS,
+ "dh_server_public"));
+
+ $enc_key = base64_decode(
+ $response->fields->getArg(Auth_OpenID_OPENID_NS, "enc_mac_key"));
+
+ $spub = $ml->base64ToLong(
+ $response->fields->getArg(Auth_OpenID_OPENID_NS,
+ "dh_server_public"));
+
+ $secret = $dh->xorSecret($spub, $enc_key, $session->hash_func);
+
+ $this->assertEquals($secret, $this->assoc->secret);
+ }
+ }
+
+ function test_dhSHA256()
+ {
+ if (defined('Auth_OpenID_NO_MATH_SUPPORT') ||
+ !Auth_OpenID_SHA256_SUPPORTED) {
+ print "(Skipping test_dhSHA256)";
+ return;
+ }
+
+ $this->assoc = $this->signatory->createAssociation(false,
+ 'HMAC-SHA256');
+ $consumer_dh = new Auth_OpenID_DiffieHellman();
+ $cpub = $consumer_dh->public;
+ $server_dh = new Auth_OpenID_DiffieHellman();
+ $session = new Auth_OpenID_DiffieHellmanSHA256ServerSession($server_dh, $cpub);
+
+ $this->request = new Auth_OpenID_AssociateRequest($session, 'HMAC-SHA256');
+ $response = $this->request->answer($this->assoc);
+
+ $this->assertFalse($response->fields->getArg(Auth_OpenID_OPENID_NS, "mac_key"));
+ $this->assertTrue($response->fields->getArg(Auth_OpenID_OPENID_NS, "enc_mac_key"));
+ $this->assertTrue($response->fields->getArg(Auth_OpenID_OPENID_NS, "dh_server_public"));
+
+ $fields = array(
+ 'assoc_type' => 'HMAC-SHA256',
+ 'assoc_handle' => $this->assoc->handle,
+ 'session_type' => 'DH-SHA256',
+ );
+
+ foreach ($fields as $k => $v) {
+ $this->assertEquals(
+ $response->fields->getArg(Auth_OpenID_OPENID_NS, $k), $v);
+ }
+
+ $enc_key = base64_decode(
+ $response->fields->getArg(Auth_OpenID_OPENID_NS, "enc_mac_key"));
+
+ $lib = Auth_OpenID_getMathLib();
+ $spub = $lib->base64ToLong($response->fields->getArg(Auth_OpenID_OPENID_NS,
+ "dh_server_public"));
+ $secret = $consumer_dh->xorSecret($spub, $enc_key, 'Auth_OpenID_SHA256');
+
+ $s = base64_encode($secret);
+ $assoc_s = base64_encode($this->assoc->secret);
+
+ $this->assertEquals($s, $assoc_s);
+ }
+
+ function test_protoError256()
+ {
+ if (defined('Auth_OpenID_NO_MATH_SUPPORT') ||
+ !Auth_OpenID_HMACSHA256_SUPPORTED) {
+ print "(Skipping test_protoError256)";
+ return;
+ }
+
+ $s256_session = new Auth_OpenID_DiffieHellmanSHA256ConsumerSession();
+
+ $invalid_s256 = array('openid.assoc_type' => 'HMAC-SHA1',
+ 'openid.session_type' => 'DH-SHA256');
+
+ $invalid_s256 = array_merge($invalid_s256, $s256_session->getRequest());
+
+ $invalid_s256_2 = array('openid.assoc_type' => 'MONKEY-PIRATE',
+ 'openid.session_type' => 'DH-SHA256');
+
+ $invalid_s256_2 = array_merge($invalid_s256_2, $s256_session->getRequest());
+
+ $bad_request_argss = array(
+ $invalid_s256,
+ $invalid_s256_2);
+
+ foreach ($bad_request_argss as $request_args) {
+ $message = Auth_OpenID_Message::fromPostArgs($request_args);
+ $result = Auth_OpenID_Associaterequest::fromMessage($message);
+ $this->assertTrue(is_a($result, 'Auth_OpenID_ServerError'));
+ }
+ }
+
+ function test_plaintext()
+ {
+ $this->assoc = $this->signatory->createAssociation(false,
+ 'HMAC-SHA1');
+ $response = $this->request->answer($this->assoc);
+
+ $this->assertEquals(
+ $response->fields->getArg(Auth_OpenID_OPENID_NS, "assoc_type"),
+ "HMAC-SHA1");
+
+ $this->assertEquals(
+ $response->fields->getArg(Auth_OpenID_OPENID_NS, "assoc_handle"),
+ $this->assoc->handle);
+
+ $this->assertEquals(
+ $response->fields->getArg(Auth_OpenID_OPENID_NS, "expires_in"),
+ sprintf("%d", $this->signatory->SECRET_LIFETIME));
+
+ $this->assertEquals(
+ $response->fields->getArg(Auth_OpenID_OPENID_NS, "mac_key"),
+ base64_encode($this->assoc->secret));
+
+ $this->assertFalse($response->fields->getArg(Auth_OpenID_OPENID_NS,
+ "session_type"));
+
+ $this->assertFalse($response->fields->getArg(Auth_OpenID_OPENID_NS,
+ "enc_mac_key"));
+
+ $this->assertFalse($response->fields->getArg(Auth_OpenID_OPENID_NS,
+ "dh_server_public"));
+ }
+
+ function test_plaintextV2()
+ {
+ // The main difference between this and the v1 test is that
+ // the session_typ is always returned in v2.
+ $args = array('openid.mode' => 'associate',
+ 'openid.ns' => Auth_OpenID_OPENID2_NS,
+ 'openid.assoc_type' => 'HMAC-SHA1',
+ 'openid.session_type' => 'no-encryption');
+
+ $this->request = Auth_OpenID_AssociateRequest::fromMessage(
+ Auth_OpenID_Message::fromPostArgs($args));
+ $this->assertFalse($this->request->message->isOpenID1());
+
+ $this->assoc = $this->signatory->createAssociation(false,
+ 'HMAC-SHA1');
+ $response = $this->request->answer($this->assoc);
+
+ $this->assertEquals(
+ $response->fields->getArg(Auth_OpenID_OPENID_NS, "assoc_type"),
+ "HMAC-SHA1");
+
+ $this->assertEquals(
+ $response->fields->getArg(Auth_OpenID_OPENID_NS, "assoc_handle"),
+ $this->assoc->handle);
+
+ $this->assertEquals(
+ $response->fields->getArg(Auth_OpenID_OPENID_NS, "expires_in"),
+ sprintf("%d", $this->signatory->SECRET_LIFETIME));
+
+ $this->assertEquals(
+ $response->fields->getArg(Auth_OpenID_OPENID_NS, "mac_key"),
+ base64_encode($this->assoc->secret));
+
+ $session_type = $response->fields->getArg(Auth_OpenID_OPENID_NS,
+ "session_type");
+ $this->assertEquals('no-encryption', $session_type);
+
+ $this->assertFalse($response->fields->getArg(Auth_OpenID_OPENID_NS,
+ "enc_mac_key"));
+ $this->assertFalse($response->fields->getArg(Auth_OpenID_OPENID_NS,
+ "dh_server_public"));
+ }
+
+ function test_protoError()
+ {
+ $s1_session = new Auth_OpenID_DiffieHellmanSHA1ConsumerSession();
+
+ $invalid_s1 = array('openid.assoc_type' => 'HMAC-SHA256',
+ 'openid.session_type' => 'DH-SHA1');
+ $invalid_s1 = array_merge($invalid_s1, $s1_session->getRequest());
+
+ $invalid_s1_2 = array('openid.assoc_type' => 'ROBOT-NINJA',
+ 'openid.session_type' => 'DH-SHA1');
+ $invalid_s1_2 = array_merge($invalid_s1_2, $s1_session->getRequest());
+
+ $bad_request_argss = array(array('openid.assoc_type' => 'Wha?'),
+ $invalid_s1,
+ $invalid_s1_2);
+
+ foreach ($bad_request_argss as $request_args) {
+ $message = Auth_OpenID_Message::fromPostArgs($request_args);
+ $result = Auth_OpenID_AssociateRequest::fromMessage($message);
+ $this->assertTrue(is_a($result, 'Auth_OpenID_ServerError'));
+ }
+ }
+
+ function test_protoErrorFields()
+ {
+ $contact = 'user@example.invalid';
+ $reference = 'Trac ticket number MAX_INT';
+ $error = 'poltergeist';
+
+ $openid1_args = array(
+ 'openid.identitiy' => 'invalid',
+ 'openid.mode' => 'checkid_setup');
+
+ $openid2_args = $openid1_args;
+ $openid2_args = array_merge($openid2_args,
+ array('openid.ns' => Auth_OpenID_OPENID2_NS));
+
+ // Check presence of optional fields in both protocol versions
+
+ $openid1_msg = Auth_OpenID_Message::fromPostArgs($openid1_args);
+ $p = new Auth_OpenID_ServerError($openid1_msg, $error,
+ $reference, $contact);
+ $reply = $p->toMessage();
+
+ $this->assertEquals($reply->getArg(Auth_OpenID_OPENID_NS, 'reference'),
+ $reference);
+ $this->assertEquals($reply->getArg(Auth_OpenID_OPENID_NS, 'contact'),
+ $contact);
+
+ $openid2_msg = Auth_OpenID_Message::fromPostArgs($openid2_args);
+ $p = new Auth_OpenID_ServerError($openid2_msg, $error,
+ $reference, $contact);
+ $reply = $p->toMessage();
+
+ $this->assertEquals($reply->getArg(Auth_OpenID_OPENID_NS, 'reference'),
+ $reference);
+ $this->assertEquals($reply->getArg(Auth_OpenID_OPENID_NS, 'contact'),
+ $contact);
+ }
+
+ function failUnlessExpiresInMatches($msg, $expected_expires_in)
+ {
+ $expires_in_str = $msg->getArg(Auth_OpenID_OPENID_NS, 'expires_in');
+ if ($expires_in_str === null) {
+ $this->fail("Expected expires_in value.");
+ return;
+ }
+
+ $expires_in = intval($expires_in_str);
+
+ // Slop is necessary because the tests can sometimes get run
+ // right on a second boundary
+ $slop = 1; // second
+ $difference = $expected_expires_in - $expires_in;
+
+ $error_message = sprintf('"expires_in" value not within %s of expected: '.
+ 'expected=%s, actual=%s',
+ $slop, $expected_expires_in, $expires_in);
+ $this->assertTrue((0 <= $difference &&
+ $difference <= $slop), $error_message);
+ }
+
+ function test_plaintext256()
+ {
+ if (defined('Auth_OpenID_NO_MATH_SUPPORT') ||
+ !Auth_OpenID_SHA256_SUPPORTED) {
+ print "(Skipping test_plaintext256)";
+ return;
+ }
+
+ $this->assoc = $this->signatory->createAssociation(false,
+ 'HMAC-SHA256');
+ $response = $this->request->answer($this->assoc);
+ $f = $response->fields;
+
+ $this->assertEquals($f->getArg(Auth_OpenID_OPENID_NS, "assoc_type"),
+ "HMAC-SHA1");
+ $this->assertEquals($f->getArg(Auth_OpenID_OPENID_NS, "assoc_handle"),
+ $this->assoc->handle);
+
+ $this->failUnlessExpiresInMatches(
+ $f,
+ $this->signatory->SECRET_LIFETIME);
+
+ $this->assertEquals(
+ $f->getArg(Auth_OpenID_OPENID_NS, "mac_key"),
+ base64_encode($this->assoc->secret));
+ $this->assertFalse($f->hasKey(Auth_OpenID_OPENID_NS, "session_type"));
+ $this->assertFalse($f->hasKey(Auth_OpenID_OPENID_NS, "enc_mac_key"));
+ $this->assertFalse($f->hasKey(Auth_OpenID_OPENID_NS, "dh_server_public"));
+ }
+
+ function test_unsupportedPrefer()
+ {
+ $allowed_assoc = 'COLD-PET-RAT';
+ $allowed_sess = 'FROG-BONES';
+ $message = 'This is a unit test';
+
+ // Set an OpenID 2 message so answerUnsupported doesn't raise
+ // ProtocolError.
+ $this->request->message = new Auth_OpenID_Message(Auth_OpenID_OPENID2_NS);
+
+ $response = $this->request->answerUnsupported(
+ $message,
+ $allowed_assoc,
+ $allowed_sess);
+ $f = $response->fields;
+ $this->assertEquals($f->getArg(Auth_OpenID_OPENID_NS, 'error_code'),
+ 'unsupported-type');
+
+ $this->assertEquals($f->getArg(Auth_OpenID_OPENID_NS, 'assoc_type'),
+ $allowed_assoc);
+
+ $this->assertEquals($f->getArg(Auth_OpenID_OPENID_NS, 'error'),
+ $message);
+
+ $this->assertEquals($f->getArg(Auth_OpenID_OPENID_NS, 'session_type'),
+ $allowed_sess);
+ }
+
+ function test_unsupported()
+ {
+ $message = 'This is a unit test';
+
+ $this->request->message = new Auth_OpenID_Message(Auth_OpenID_OPENID2_NS);
+
+ $response = $this->request->answerUnsupported($message);
+
+ $f = $response->fields;
+ $this->assertEquals($f->getArg(Auth_OpenID_OPENID_NS, 'error_code'),
+ 'unsupported-type');
+
+ $this->assertEquals($f->getArg(Auth_OpenID_OPENID_NS, 'assoc_type'), null);
+ $this->assertEquals($f->getArg(Auth_OpenID_OPENID_NS, 'error'), $message);
+ $this->assertEquals($f->getArg(Auth_OpenID_OPENID_NS, 'session_type'), null);
+ }
+}
+
+class Counter {
+ function Counter()
+ {
+ $this->count = 0;
+ }
+
+ function inc()
+ {
+ $this->count += 1;
+ }
+}
+
+class Tests_Auth_OpenID_ServerTest extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->store = new Tests_Auth_OpenID_MemStore();
+ $this->server = new Auth_OpenID_Server($this->store);
+ }
+
+ function test_associate()
+ {
+ if (!defined('Auth_OpenID_NO_MATH_SUPPORT')) {
+ $message = new Auth_OpenID_Message(Auth_OpenID_OPENID1_NS);
+ $request = Auth_OpenID_AssociateRequest::fromMessage($message);
+ $response = $this->server->openid_associate($request);
+ $this->assertTrue($response->fields->hasKey(Auth_OpenID_OPENID_NS,
+ 'assoc_handle'));
+ }
+ }
+
+ function test_associate2()
+ {
+ // Associate when the server has no allowed association types
+ //
+ // Gives back an error with error_code and no fallback session
+ // or assoc types.
+ $this->server->negotiator->setAllowedTypes(array());
+
+ $msg = Auth_OpenID_Message::fromPostArgs(array(
+ 'openid.ns' => Auth_OpenID_OPENID2_NS,
+ 'openid.session_type' => 'no-encryption'));
+
+ $request = Auth_OpenID_AssociateRequest::fromMessage($msg);
+
+ $response = $this->server->openid_associate($request);
+ $this->assertTrue($response->fields->hasKey(Auth_OpenID_OPENID_NS, "error"));
+ $this->assertTrue($response->fields->hasKey(Auth_OpenID_OPENID_NS, "error_code"));
+ $this->assertFalse($response->fields->hasKey(Auth_OpenID_OPENID_NS, "assoc_handle"));
+ $this->assertFalse($response->fields->hasKey(Auth_OpenID_OPENID_NS, "assoc_type"));
+ $this->assertFalse($response->fields->hasKey(Auth_OpenID_OPENID_NS, "session_type"));
+ }
+
+ function test_associate3()
+ {
+ if (defined('Auth_OpenID_NO_MATH_SUPPORT') ||
+ !Auth_OpenID_HMACSHA256_SUPPORTED) {
+ print "(Skipping test_associate3)";
+ return;
+ }
+
+ // Request an assoc type that is not supported when there are
+ // supported types.
+ //
+ // Should give back an error message with a fallback type.
+ $this->server->negotiator->setAllowedTypes(array(array('HMAC-SHA256', 'DH-SHA256')));
+
+ $msg = Auth_OpenID_Message::fromPostArgs(array(
+ 'openid.ns' => Auth_OpenID_OPENID2_NS,
+ 'openid.session_type' => 'no-encryption'));
+
+ $request = Auth_OpenID_AssociateRequest::fromMessage($msg);
+ $response = $this->server->openid_associate($request);
+
+ $this->assertTrue($response->fields->hasKey(Auth_OpenID_OPENID_NS, "error"));
+ $this->assertTrue($response->fields->hasKey(Auth_OpenID_OPENID_NS, "error_code"));
+ $this->assertFalse($response->fields->hasKey(Auth_OpenID_OPENID_NS, "assoc_handle"));
+ $this->assertEquals($response->fields->getArg(Auth_OpenID_OPENID_NS, "assoc_type"),
+ 'HMAC-SHA256');
+ $this->assertEquals($response->fields->getArg(Auth_OpenID_OPENID_NS, "session_type"),
+ 'DH-SHA256');
+ }
+
+ function test_associate4()
+ {
+ if (defined('Auth_OpenID_NO_MATH_SUPPORT') ||
+ !Auth_OpenID_HMACSHA256_SUPPORTED) {
+ print "(Skipping test_associate4)";
+ return;
+ }
+
+ $this->assertTrue($this->server->negotiator->setAllowedTypes(
+ array(array('HMAC-SHA256', 'DH-SHA256'))));
+
+ $query = array(
+ 'openid.dh_consumer_public' =>
+ 'ALZgnx8N5Lgd7pCj8K86T/DDMFjJXSss1SKoLmxE72kJTzOtG6I2PaYrHX'.
+ 'xku4jMQWSsGfLJxwCZ6280uYjUST/9NWmuAfcrBfmDHIBc3H8xh6RBnlXJ'.
+ '1WxJY3jHd5k1/ZReyRZOxZTKdF/dnIqwF8ZXUwI6peV0TyS/K1fOfF/s',
+ 'openid.assoc_type' => 'HMAC-SHA256',
+ 'openid.session_type' => 'DH-SHA256');
+
+ $message = Auth_OpenID_Message::fromPostArgs($query);
+ $request = Auth_OpenID_AssociateRequest::fromMessage($message);
+ $response = $this->server->openid_associate($request);
+ $this->assertTrue($response->fields->hasKey(Auth_OpenID_OPENID_NS, "assoc_handle"));
+ }
+
+ function test_missingSessionTypeOpenID2()
+ {
+ // Make sure session_type is required in OpenID 2
+ $msg = Auth_OpenID_Message::fromPostArgs(array('openid.ns' => Auth_OpenID_OPENID2_NS));
+
+ $result = Auth_OpenID_AssociateRequest::fromMessage($msg);
+
+ $this->assertTrue(is_a($result, 'Auth_OpenID_ServerError'));
+ }
+
+ function test_checkAuth()
+ {
+ $request = new Auth_OpenID_CheckAuthRequest('arrrrrf',
+ '0x3999', array());
+
+ $response = $this->server->openid_check_authentication($request);
+ $this->assertTrue($response->fields->hasKey(Auth_OpenID_OPENID_NS, 'is_valid'));
+ }
+}
+
+class Tests_Auth_OpenID_Signatory extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->store = new Tests_Auth_OpenID_MemStore();
+ $this->signatory = new Auth_OpenID_Signatory($this->store);
+ $this->dumb_key = $this->signatory->dumb_key;
+ $this->normal_key = $this->signatory->normal_key;
+ }
+
+ function test_sign()
+ {
+ $request = new Auth_OpenID_ServerRequest();
+ $request->namespace = Auth_OpenID_OPENID1_NS;
+
+ $assoc_handle = '{assoc}{lookatme}';
+ $assoc = Auth_OpenID_Association::fromExpiresIn(60, $assoc_handle,
+ 'sekrit', 'HMAC-SHA1');
+ $this->store->storeAssociation($this->normal_key, $assoc);
+ $request->assoc_handle = $assoc_handle;
+ $request->namespace = Auth_OpenID_OPENID1_NS;
+
+ $response = new Auth_OpenID_ServerResponse($request);
+ $response->fields = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'foo' => 'amsigned',
+ 'bar' => 'notsigned',
+ 'azu' => 'alsosigned'));
+
+ $sresponse = $this->signatory->sign($response);
+
+ $this->assertEquals($sresponse->fields->getArg(Auth_OpenID_OPENID_NS,
+ 'assoc_handle'),
+ $assoc_handle);
+
+ $this->assertEquals($sresponse->fields->getArg(Auth_OpenID_OPENID_NS, 'signed'),
+ 'assoc_handle,azu,bar,foo,signed');
+
+ $this->assertTrue($sresponse->fields->hasKey(Auth_OpenID_OPENID_NS, 'sig'));
+ }
+
+ function test_signDumb()
+ {
+ $request = new Auth_OpenID_ServerRequest();
+ $request->assoc_handle = null;
+ $request->namespace = Auth_OpenID_OPENID1_NS;
+
+ $response = new Auth_OpenID_ServerResponse($request);
+ $response->fields = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'foo' => 'amsigned',
+ 'bar' => 'notsigned',
+ 'azu' => 'alsosigned'));
+
+ $sresponse = $this->signatory->sign($response);
+
+ $assoc_handle = $sresponse->fields->getArg(Auth_OpenID_OPENID_NS,
+ 'assoc_handle');
+
+ $this->assertTrue($assoc_handle);
+ $assoc = $this->signatory->getAssociation($assoc_handle, true);
+
+ $this->assertTrue($assoc);
+ $this->assertEquals($sresponse->fields->getArg(Auth_OpenID_OPENID_NS, 'signed'),
+ 'assoc_handle,azu,bar,foo,signed');
+ $this->assertTrue($sresponse->fields->hasKey(Auth_OpenID_OPENID_NS, 'sig'));
+ }
+
+ function test_signExpired()
+ {
+ $request = new Auth_OpenID_ServerRequest();
+ $assoc_handle = '{assoc}{lookatme}';
+ $assoc = Auth_OpenID_Association::fromExpiresIn(-10, $assoc_handle,
+ 'sekrit', 'HMAC-SHA1');
+ $this->store->storeAssociation($this->normal_key, $assoc);
+ $this->assertTrue($this->store->getAssociation($this->normal_key,
+ $assoc_handle));
+
+ $request->assoc_handle = $assoc_handle;
+ $request->namespace = Auth_OpenID_OPENID1_NS;
+
+ $response = new Auth_OpenID_ServerResponse($request);
+ $response->fields = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'foo' => 'amsigned',
+ 'bar' => 'notsigned',
+ 'azu' => 'alsosigned'));
+
+ $sresponse = $this->signatory->sign($response);
+
+ $new_assoc_handle = $sresponse->fields->getArg(Auth_OpenID_OPENID_NS,
+ 'assoc_handle');
+ $this->assertTrue($new_assoc_handle);
+ $this->assertFalse($new_assoc_handle == $assoc_handle);
+
+ $this->assertEquals($sresponse->fields->getArg(Auth_OpenID_OPENID_NS,
+ 'invalidate_handle'),
+ $assoc_handle);
+
+ $this->assertEquals($sresponse->fields->getArg(Auth_OpenID_OPENID_NS,
+ 'signed'),
+ 'assoc_handle,azu,bar,foo,invalidate_handle,signed');
+ $this->assertTrue($sresponse->fields->hasKey(Auth_OpenID_OPENID_NS,
+ 'sig'));
+
+ // make sure the expired association is gone
+ $this->assertFalse($this->store->getAssociation($this->normal_key,
+ $assoc_handle));
+
+ // make sure the new key is a dumb mode association
+ $this->assertTrue($this->store->getAssociation($this->dumb_key,
+ $new_assoc_handle));
+
+ $this->assertFalse($this->store->getAssociation($this->normal_key,
+ $new_assoc_handle));
+ }
+
+ function test_signInvalidHandle()
+ {
+ $request = new Auth_OpenID_ServerRequest();
+ $assoc_handle = '{bogus-assoc}{notvalid}';
+
+ $request->assoc_handle = $assoc_handle;
+ $request->namespace = Auth_OpenID_OPENID1_NS;
+
+ $response = new Auth_OpenID_ServerResponse($request);
+ $response->fields = Auth_OpenID_Message::fromOpenIDArgs(array(
+ 'foo' => 'amsigned',
+ 'bar' => 'notsigned',
+ 'azu' => 'alsosigned'));
+
+ $response->signed = array('foo', 'azu');
+ $sresponse = $this->signatory->sign($response);
+
+ $new_assoc_handle = $sresponse->fields->getArg(Auth_OpenID_OPENID_NS,
+ 'assoc_handle');
+
+ $this->assertTrue($new_assoc_handle);
+ $this->assertFalse($new_assoc_handle == $assoc_handle);
+
+ $this->assertEquals($sresponse->fields->getArg(Auth_OpenID_OPENID_NS,
+ 'invalidate_handle'),
+ $assoc_handle);
+
+ $this->assertEquals($sresponse->fields->getArg(Auth_OpenID_OPENID_NS,
+ 'signed'),
+ 'assoc_handle,azu,bar,foo,invalidate_handle,signed');
+ $this->assertTrue($sresponse->fields->hasKey(Auth_OpenID_OPENID_NS,
+ 'sig'));
+
+ // make sure the new key is a dumb mode association
+ $this->assertTrue($this->store->getAssociation($this->dumb_key,
+ $new_assoc_handle));
+
+ $this->assertFalse($this->store->getAssociation($this->normal_key,
+ $new_assoc_handle));
+ }
+
+ function test_verify()
+ {
+ $assoc_handle = '{vroom}{zoom}';
+ $assoc = Auth_OpenID_Association::fromExpiresIn(60, $assoc_handle,
+ 'sekrit', 'HMAC-SHA1');
+
+ $this->store->storeAssociation($this->dumb_key, $assoc);
+
+ $signed = Auth_OpenID_Message::fromPostArgs(array(
+ 'openid.foo' => 'bar',
+ 'openid.apple' => 'orange',
+ 'openid.assoc_handle' => $assoc_handle,
+ 'openid.signed' => 'apple,assoc_handle,foo,signed',
+ 'openid.sig' => 'uXoT1qm62/BB09Xbj98TQ8mlBco='));
+
+ $verified = $this->signatory->verify($assoc_handle, $signed);
+ $this->assertTrue($verified);
+ }
+
+ function test_verifyBadSig()
+ {
+ $assoc_handle = '{vroom}{zoom}';
+ $assoc = Auth_OpenID_Association::fromExpiresIn(60, $assoc_handle,
+ 'sekrit', 'HMAC-SHA1');
+
+ $this->store->storeAssociation($this->dumb_key, $assoc);
+
+ $signed = Auth_OpenID_Message::fromPostArgs(array(
+ 'openid.foo' => 'bar',
+ 'openid.apple' => 'orange',
+ 'openid.assoc_handle' => $assoc_handle,
+ 'openid.signed' => 'apple,assoc_handle,foo,signed',
+ 'openid.sig' => str_rot13('uXoT1qm62/BB09Xbj98TQ8mlBco=')));
+
+ $verified = $this->signatory->verify($assoc_handle, $signed);
+
+ $this->assertFalse($verified);
+ }
+
+ function test_verifyBadHandle()
+ {
+ $assoc_handle = '{vroom}{zoom}';
+ $signed = Auth_OpenID_Message::fromPostArgs(
+ array('foo' => 'bar',
+ 'apple' => 'orange',
+ 'openid.sig' => "Ylu0KcIR7PvNegB/K41KpnRgJl0="));
+
+ $verified = $this->signatory->verify($assoc_handle, $signed);
+ $this->assertFalse($verified);
+ }
+
+ function test_verifyAssocMismatch()
+ {
+ // Attempt to validate sign-all message with a signed-list
+ // assoc.
+ $assoc_handle = '{vroom}{zoom}';
+ $assoc = Auth_OpenID_Association::fromExpiresIn(
+ 60, $assoc_handle, 'sekrit', 'HMAC-SHA1');
+
+ $this->store->storeAssociation($this->dumb_key, $assoc);
+
+ $signed = Auth_OpenID_Message::fromPostArgs(array(
+ 'foo' => 'bar',
+ 'apple' => 'orange',
+ 'openid.sig' => "d71xlHtqnq98DonoSgoK/nD+QRM="
+ ));
+
+ $verified = $this->signatory->verify($assoc_handle, $signed);
+ $this->assertFalse($verified);
+ }
+
+ function test_getAssoc()
+ {
+ $assoc_handle = $this->makeAssoc(true);
+ $assoc = $this->signatory->getAssociation($assoc_handle, true);
+ $this->assertTrue($assoc);
+ $this->assertEquals($assoc->handle, $assoc_handle);
+ }
+
+ function test_getAssocExpired()
+ {
+ $assoc_handle = $this->makeAssoc(true, -10);
+ $assoc = $this->signatory->getAssociation($assoc_handle, true);
+ $this->assertFalse($assoc);
+ }
+
+ function test_getAssocInvalid()
+ {
+ $ah = 'no-such-handle';
+ $this->assertEquals(
+ $this->signatory->getAssociation($ah, false), null);
+ }
+
+ function test_getAssocDumbVsNormal()
+ {
+ $assoc_handle = $this->makeAssoc(true);
+ $this->assertEquals(
+ $this->signatory->getAssociation($assoc_handle, false), null);
+ }
+
+ function test_createAssociation()
+ {
+ $assoc = $this->signatory->createAssociation(false);
+ $this->assertTrue($this->signatory->getAssociation($assoc->handle,
+ false));
+ }
+
+ function makeAssoc($dumb, $lifetime = 60)
+ {
+ $assoc_handle = '{bling}';
+ $assoc = Auth_OpenID_Association::fromExpiresIn(
+ $lifetime, $assoc_handle,
+ 'sekrit', 'HMAC-SHA1');
+
+ $this->store->storeAssociation((($dumb) ? $this->dumb_key :
+ $this->normal_key), $assoc);
+ return $assoc_handle;
+ }
+
+ function test_invalidate()
+ {
+ $assoc_handle = '-squash-';
+ $assoc = Auth_OpenID_Association::fromExpiresIn(60, $assoc_handle,
+ 'sekrit', 'HMAC-SHA1');
+
+ $this->store->storeAssociation($this->dumb_key, $assoc);
+ $assoc = $this->signatory->getAssociation($assoc_handle, true);
+ $this->assertTrue($assoc);
+ $assoc = $this->signatory->getAssociation($assoc_handle, true);
+ $this->assertTrue($assoc);
+ $this->signatory->invalidate($assoc_handle, true);
+ $assoc = $this->signatory->getAssociation($assoc_handle, true);
+ $this->assertFalse($assoc);
+ }
+}
+
+class Tests_Auth_OpenID_Server extends PHPUnit_Framework_TestSuite {
+
+ function getName()
+ {
+ return "Tests_Auth_OpenID_Server";
+ }
+
+ function Tests_Auth_OpenID_Server()
+ {
+ $this->addTestSuite('Tests_Auth_OpenID_Signatory');
+ $this->addTestSuite('Tests_Auth_OpenID_ServerTest');
+ if (!defined('Auth_OpenID_NO_MATH_SUPPORT')) {
+ $this->addTestSuite('Tests_Auth_OpenID_Associate');
+ }
+ $this->addTestSuite('Tests_Auth_OpenID_CheckAuth');
+ $this->addTestSuite('Tests_Auth_OpenID_CheckIDExtension');
+ $this->addTestSuite('Tests_Auth_OpenID_CheckAuth');
+ $this->addTestSuite('Tests_Auth_OpenID_SigningEncode');
+ $this->addTestSuite('Tests_Auth_OpenID_Test_Encode');
+ $this->addTestSuite('Tests_Auth_OpenID_Test_Decode');
+ $this->addTestSuite('Tests_Auth_OpenID_Test_ServerError');
+ $this->addTestSuite('Tests_Auth_OpenID_CheckID');
+ }
+}
+
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/StoreTest.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/StoreTest.php
new file mode 100644
index 000000000..7c50e2fda
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/StoreTest.php
@@ -0,0 +1,755 @@
+<?php
+
+/**
+ * A test script for the OpenIDStore classes.
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2005-2008 Janrain, Inc.
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+/**
+ * Require classes and functions to run the Store tests.
+ */
+require_once 'Auth/OpenID/Association.php';
+require_once 'Auth/OpenID/CryptUtil.php';
+require_once 'Auth/OpenID/Nonce.php';
+require_once 'Auth/OpenID.php';
+
+function _Auth_OpenID_mkdtemp()
+{
+ if (strpos(PHP_OS, 'WIN') === 0) {
+ $dir = $_ENV['TMP'];
+ if (!isset($dir)) {
+ $dir = 'C:\Windows\Temp';
+ }
+ } else {
+ $dir = @$_ENV['TMPDIR'];
+ if (!isset($dir)) {
+ $dir = '/tmp';
+ }
+ }
+
+ return Auth_OpenID_FileStore::_mkdtemp($dir);
+}
+
+/**
+ * This is the host where the SQL stores' databases should be created
+ * and destroyed.
+ */
+global $_Auth_OpenID_db_test_host;
+$_Auth_OpenID_db_test_host = 'dbtest';
+
+/**
+ * Generate a sufficently unique database name so many hosts can run
+ * SQL store tests on the server at the same time and not step on each
+ * other.
+ */
+function _Auth_OpenID_getTmpDbName()
+{
+ $hostname = php_uname('n');
+ $hostname = str_replace('.', '_', $hostname);
+ $hostname = str_replace('-', '_', $hostname);
+ $hostname = strtolower($hostname);
+
+ return sprintf("%s_%d_%s_openid_test",
+ $hostname,
+ getmypid(),
+ strval(rand(1, time())));
+}
+
+/**
+ * Superclass that has methods for testing OpenID stores. Subclass this to
+ * test your own store implementation.
+ *
+ * @package OpenID
+ */
+class Tests_Auth_OpenID_Store extends PHPUnit_Framework_TestCase {
+
+ function pass() {}
+
+ /**
+ * Prepares for the SQL store tests.
+ */
+ function setUp()
+ {
+ $this->letters = Auth_OpenID_letters;
+ $this->digits = Auth_OpenID_digits;
+ $this->punct = Auth_OpenID_punct;
+ $this->allowed_nonce = $this->letters . $this->digits;
+ $this->allowed_handle = $this->letters . $this->digits . $this->punct;
+ }
+
+ /**
+ * Generates an association with the specified parameters.
+ */
+ function genAssoc($now, $issued = 0, $lifetime = 600)
+ {
+ $sec = Auth_OpenID_CryptUtil::randomString(20);
+ $hdl = Auth_OpenID_CryptUtil::randomString(128, $this->allowed_handle);
+ return new Auth_OpenID_Association($hdl, $sec, $now + $issued,
+ $lifetime, 'HMAC-SHA1');
+ }
+
+ /**
+ * @access private
+ */
+ function _checkRetrieve($store, $url, $handle, $expected, $name = null)
+ {
+ $retrieved_assoc = $store->getAssociation($url, $handle);
+ if ($expected === null) {
+ $this->assertTrue($retrieved_assoc === null);
+ } else {
+ $this->assertTrue($expected->equal($retrieved_assoc), $name);
+ }
+ }
+
+ function _checkRemove($store, $url, $handle, $expected, $name = null)
+ {
+ $present = $store->removeAssociation($url, $handle);
+ $this->assertTrue((!$expected && !$present) ||
+ ($expected && $present),
+ $name);
+ }
+
+ /**
+ * Make sure a given store has a minimum of API compliance. Call
+ * this function with an empty store.
+ *
+ * Raises AssertionError if the store does not work as expected.
+ *
+ * OpenIDStore -> NoneType
+ */
+ function _testStore($store)
+ {
+ // Association functions
+ $now = time();
+
+ $server_url = 'http://www.myopenid.com/openid';
+
+ $assoc = $this->genAssoc($now);
+
+ $this->_checkRetrieve($store, $server_url, null, null,
+ 'Make sure that a missing association returns no result');
+
+ $store->storeAssociation($server_url, $assoc);
+ $this->_checkRetrieve($store, $server_url, null, $assoc,
+ 'Check that after storage, getting returns the same result');
+
+ $this->_checkRetrieve($store, $server_url, null, $assoc,
+ 'more than once');
+
+ $store->storeAssociation($server_url, $assoc);
+ $this->_checkRetrieve($store, $server_url, null, $assoc,
+ 'Storing more than once has no ill effect');
+
+ // Removing an association that does not exist returns not present
+ $this->_checkRemove($store, $server_url, $assoc->handle . 'x', false,
+ "Remove nonexistent association (1)");
+
+ // Removing an association that does not exist returns not present
+ $this->_checkRemove($store, $server_url . 'x', $assoc->handle, false,
+ "Remove nonexistent association (2)");
+
+ // Removing an association that is present returns present
+ $this->_checkRemove($store, $server_url, $assoc->handle, true,
+ "Remove existent association");
+
+ // but not present on subsequent calls
+ $this->_checkRemove($store, $server_url, $assoc->handle, false,
+ "Remove nonexistent association after removal");
+
+ // Put assoc back in the store
+ $store->storeAssociation($server_url, $assoc);
+
+ // More recent and expires after assoc
+ $assoc2 = $this->genAssoc($now, $issued = 1);
+ $store->storeAssociation($server_url, $assoc2);
+
+ $this->_checkRetrieve($store, $server_url, null, $assoc2,
+ 'After storing an association with a different handle, but the
+same $server_url, the handle with the later expiration is
+returned.');
+
+ $this->_checkRetrieve($store, $server_url, $assoc->handle, $assoc,
+ 'We can still retrieve the older association');
+
+ $this->_checkRetrieve($store, $server_url, $assoc2->handle, $assoc2,
+ 'Plus we can retrieve the association with the later expiration
+explicitly');
+
+ $assoc3 = $this->genAssoc($now, $issued = 2, $lifetime = 100);
+ $store->storeAssociation($server_url, $assoc3);
+
+ // More recent issued time, so assoc3 is expected.
+ $this->_checkRetrieve($store, $server_url, null, $assoc3, "(1)");
+
+ $this->_checkRetrieve($store, $server_url, $assoc->handle,
+ $assoc, "(2)");
+
+ $this->_checkRetrieve($store, $server_url, $assoc2->handle,
+ $assoc2, "(3)");
+
+ $this->_checkRetrieve($store, $server_url, $assoc3->handle,
+ $assoc3, "(4)");
+
+ $this->_checkRemove($store, $server_url, $assoc2->handle, true, "(5)");
+
+ $this->_checkRetrieve($store, $server_url, null, $assoc3, "(6)");
+
+ $this->_checkRetrieve($store, $server_url, $assoc->handle,
+ $assoc, "(7)");
+
+ $this->_checkRetrieve($store, $server_url, $assoc2->handle,
+ null, "(8)");
+
+ $this->_checkRetrieve($store, $server_url, $assoc3->handle,
+ $assoc3, "(9)");
+
+ $this->_checkRemove($store, $server_url, $assoc2->handle,
+ false, "(10)");
+
+ $this->_checkRemove($store, $server_url, $assoc3->handle,
+ true, "(11)");
+
+ $this->_checkRetrieve($store, $server_url, null, $assoc, "(12)");
+
+ $this->_checkRetrieve($store, $server_url, $assoc->handle,
+ $assoc, "(13)");
+
+ $this->_checkRetrieve($store, $server_url, $assoc2->handle,
+ null, "(14)");
+
+ $this->_checkRetrieve($store, $server_url, $assoc3->handle,
+ null, "(15)");
+
+ $this->_checkRemove($store, $server_url, $assoc2->handle,
+ false, "(16)");
+
+ $this->_checkRemove($store, $server_url, $assoc->handle,
+ true, "(17)");
+
+ $this->_checkRemove($store, $server_url, $assoc3->handle,
+ false, "(18)");
+
+ $this->_checkRetrieve($store, $server_url, null, null, "(19)");
+
+ $this->_checkRetrieve($store, $server_url, $assoc->handle,
+ null, "(20)");
+
+ $this->_checkRetrieve($store, $server_url, $assoc2->handle,
+ null, "(21)");
+
+ $this->_checkRetrieve($store, $server_url,$assoc3->handle,
+ null, "(22)");
+
+ $this->_checkRemove($store, $server_url, $assoc2->handle,
+ false, "(23)");
+
+ $this->_checkRemove($store, $server_url, $assoc->handle,
+ false, "(24)");
+
+ $this->_checkRemove($store, $server_url, $assoc3->handle,
+ false, "(25)");
+
+ // Put associations into store, for two different server URLs
+ $assoc1 = $this->genAssoc($now);
+ $assoc2 = $this->genAssoc($now + 2);
+ $server_url1 = "http://one.example.com/one";
+ $server_url2 = "http://two.localhost.localdomain/two";
+
+ $store->storeAssociation($server_url1, $assoc1);
+ $store->storeAssociation($server_url2, $assoc2);
+
+ // Ask for each one, make sure we get it
+ $this->_checkRetrieve($store, $server_url1, $assoc1->handle,
+ $assoc1, "(26)");
+
+ $this->_checkRetrieve($store, $server_url2, $assoc2->handle,
+ $assoc2, "(27)");
+
+ $store->storeAssociation($server_url1, $assoc1);
+ $store->storeAssociation($server_url2, $assoc2);
+
+ // Ask for each one, make sure we get it
+ $this->_checkRetrieve($store, $server_url1, null,
+ $assoc1, "(28)");
+
+ $this->_checkRetrieve($store, $server_url2, null,
+ $assoc2, "(29)");
+
+ // test expired associations
+ // assoc 1: server 1, valid
+ // assoc 2: server 1, expired
+ // assoc 3: server 2, expired
+ // assoc 4: server 3, valid
+ $assocValid1 = $this->genAssoc($now, -3600, 7200);
+ $assocValid2 = $this->genAssoc($now, -5);
+ $assocExpired1 = $this->genAssoc($now, -7200, 3600);
+ $assocExpired2 = $this->genAssoc($now, -7200, 3600);
+
+ if (!$store->supportsCleanup()) {
+ return;
+ }
+
+ $store->cleanupAssociations();
+ $store->storeAssociation($server_url . '1', $assocValid1);
+ $store->storeAssociation($server_url . '1', $assocExpired1);
+ $store->storeAssociation($server_url . '2', $assocExpired2);
+ $store->storeAssociation($server_url . '3', $assocValid2);
+
+ $cleaned = $store->cleanupAssociations();
+ $this->assertEquals(2, $cleaned);
+ }
+
+ function _checkUseNonce($store, $nonce, $expected, $server_url, $msg=null)
+ {
+ list($stamp, $salt) = Auth_OpenID_splitNonce($nonce);
+ $actual = $store->useNonce($server_url, $stamp, $salt);
+ $this->assertEquals(intval($expected), intval($actual), "_checkUseNonce failed: $server_url, $msg");
+ }
+
+ function _testNonce($store)
+ {
+ // Nonce functions
+
+ $server_url = 'http://www.myopenid.com/openid';
+
+ foreach (array($server_url, '') as $url) {
+ // Random nonce (not in store)
+ $nonce1 = Auth_OpenID_mkNonce();
+
+ // A nonce is not by default
+ $this->_checkUseNonce($store, $nonce1, true, $url, "blergx");
+
+ // Once stored, cannot be stored again
+ $this->_checkUseNonce($store, $nonce1, false, $url, 2);
+
+ // And using again has the same effect
+ $this->_checkUseNonce($store, $nonce1, false, $url, 3);
+
+ // Nonces from when the universe was an hour old should
+ // not pass these days.
+ $old_nonce = Auth_OpenID_mkNonce(3600);
+ $this->_checkUseNonce($store, $old_nonce, false, $url,
+ "Old nonce ($old_nonce) passed.");
+
+ }
+ }
+
+ function _testNonceCleanup($store) {
+ if (!$store->supportsCleanup()) {
+ return;
+ }
+
+ $server_url = 'http://www.myopenid.com/openid';
+
+ $now = time();
+
+ $old_nonce1 = Auth_OpenID_mkNonce($now - 20000);
+ $old_nonce2 = Auth_OpenID_mkNonce($now - 10000);
+ $recent_nonce = Auth_OpenID_mkNonce($now - 600);
+
+ global $Auth_OpenID_SKEW;
+ $orig_skew = $Auth_OpenID_SKEW;
+
+ $Auth_OpenID_SKEW = 0;
+ $store->cleanupNonces();
+ // Set SKEW high so stores will keep our nonces.
+ $Auth_OpenID_SKEW = 100000;
+
+ $params = Auth_OpenID_splitNonce($old_nonce1);
+ array_unshift($params, $server_url);
+ $this->assertTrue(call_user_func_array(array($store, 'useNonce'), $params));
+
+ $params = Auth_OpenID_splitNonce($old_nonce2);
+ array_unshift($params, $server_url);
+ $this->assertTrue(call_user_func_array(array($store, 'useNonce'), $params));
+
+ $params = Auth_OpenID_splitNonce($recent_nonce);
+ array_unshift($params, $server_url);
+ $this->assertTrue(call_user_func_array(array($store, 'useNonce'), $params));
+
+ $Auth_OpenID_SKEW = 3600;
+ $cleaned = $store->cleanupNonces();
+ $this->assertEquals(2, $cleaned); // , "Cleaned %r nonces." % (cleaned,)
+
+ $Auth_OpenID_SKEW = 100000;
+ // A roundabout method of checking that the old nonces were
+ // cleaned is to see if we're allowed to add them again.
+
+ $params = Auth_OpenID_splitNonce($old_nonce1);
+ array_unshift($params, $server_url);
+ $this->assertTrue(call_user_func_array(array($store, 'useNonce'), $params));
+ $params = Auth_OpenID_splitNonce($old_nonce2);
+ array_unshift($params, $server_url);
+ $this->assertTrue(call_user_func_array(array($store, 'useNonce'), $params));
+
+ // The recent nonce wasn't cleaned, so it should still fail.
+ $params = Auth_OpenID_splitNonce($recent_nonce);
+ array_unshift($params, $server_url);
+ $this->assertFalse(call_user_func_array(array($store, 'useNonce'), $params));
+
+ $Auth_OpenID_SKEW = $orig_skew;
+ }
+
+}
+/**
+ * Class that tests all of the stores included with the OpenID library
+ *
+ * @package OpenID
+ */
+class Tests_Auth_OpenID_Included_StoreTest extends Tests_Auth_OpenID_Store {
+ function test_memstore()
+ {
+ require_once 'Tests/Auth/OpenID/MemStore.php';
+ $store = new Tests_Auth_OpenID_MemStore();
+ $this->_testStore($store);
+ $this->_testNonce($store);
+ $this->_testNonceCleanup($store);
+ }
+
+ function test_filestore()
+ {
+ require_once 'Auth/OpenID/FileStore.php';
+
+ $temp_dir = _Auth_OpenID_mkdtemp();
+
+ if (!$temp_dir) {
+ trigger_error('Could not create temporary directory ' .
+ 'with Auth_OpenID_FileStore::_mkdtemp',
+ E_USER_WARNING);
+ return null;
+ }
+
+ $store = new Auth_OpenID_FileStore($temp_dir);
+ $this->_testStore($store);
+ $this->_testNonce($store);
+ $this->_testNonceCleanup($store);
+ $store->destroy();
+ }
+
+ function test_postgresqlstore()
+ {
+ // If the postgres extension isn't loaded or loadable, succeed
+ // because we can't run the test.
+ if (!(extension_loaded('pgsql')) ||
+ !(@include_once 'DB.php')) {
+ print "(not testing PostGreSQL store)";
+ $this->pass();
+ return;
+ }
+
+ require_once 'Auth/OpenID/PostgreSQLStore.php';
+
+ global $_Auth_OpenID_db_test_host;
+
+ $temp_db_name = _Auth_OpenID_getTmpDbName();
+
+ $connect_db_name = 'test_master';
+
+ $dsn = array(
+ 'phptype' => 'pgsql',
+ 'username' => 'openid_test',
+ 'password' => '',
+ 'hostspec' => $_Auth_OpenID_db_test_host,
+ 'database' => $connect_db_name
+ );
+
+ $allowed_failures = 5;
+ $result = null;
+ $sleep_time = 1.0;
+ $sql = sprintf("CREATE DATABASE %s", $temp_db_name);
+
+ for ($failures = 0; $failures < $allowed_failures; $failures++) {
+ $template_db =& DB::connect($dsn);
+
+ if (PEAR::isError($template_db)) {
+ $result =& $template_db;
+ } else {
+ // Try to create the test database.
+ $result = $template_db->query($sql);
+
+ $template_db->disconnect();
+ unset($template_db);
+
+ if (!PEAR::isError($result)) {
+ break;
+ }
+ }
+
+ $sleep_time *= ((mt_rand(1, 100) / 100.0) + 1.5);
+ print "Failed to create database $temp_db_name.\n".
+ "Waiting $sleep_time before trying again\n";
+
+ $int_sleep = floor($sleep_time);
+ $frac_sleep = $sleep_time - $int_sleep;
+ sleep($int_sleep);
+ usleep($frac_sleep * 1000000.0);
+ }
+
+ if ($failures == $allowed_failures) {
+ $this->pass("Temporary database creation failed after $failures ".
+ " tries ('$temp_db_name'): " . $result->getMessage());
+ return;
+ }
+
+ // Disconnect from template1 and reconnect to the temporary
+ // testing database.
+ $dsn['database'] = $temp_db_name;
+ $db =& DB::connect($dsn);
+
+ if (PEAR::isError($db)) {
+ $this->fail("Temporary database connection failed " .
+ " ('$temp_db_name'): " . $db->getMessage());
+ return;
+ }
+
+ $store = new Auth_OpenID_PostgreSQLStore($db);
+
+ $this->assertFalse($store->tableExists($store->nonces_table_name));
+ $this->assertFalse($store->tableExists($store->associations_table_name));
+
+ $store->createTables();
+
+ $this->assertTrue($store->tableExists($store->nonces_table_name));
+ $this->assertTrue($store->tableExists($store->associations_table_name));
+
+ $this->_testStore($store);
+ $this->_testNonce($store);
+ $this->_testNonceCleanup($store);
+
+ $db->disconnect();
+ unset($db);
+
+ // Connect to template1 again so we can drop the temporary
+ // database.
+ $dsn['database'] = $connect_db_name;
+ $template_db =& DB::connect($dsn);
+
+ if (PEAR::isError($template_db)) {
+ $this->fail("Template database connection (to drop " .
+ "temporary database) failed: " .
+ $template_db->getMessage());
+ return;
+ }
+
+ $result = $template_db->query(sprintf("DROP DATABASE %s",
+ $temp_db_name));
+
+ if (PEAR::isError($result)) {
+ $this->fail("Dropping temporary database failed: " .
+ $result->getMessage());
+ return;
+ }
+
+ $template_db->disconnect();
+ unset($template_db);
+ }
+
+ function test_sqlitestore()
+ {
+ // If the sqlite extension isn't loaded or loadable, succeed
+ // because we can't run the test.
+ if (!(extension_loaded('sqlite')) ||
+ !(@include_once 'DB.php')) {
+ print "(not testing SQLite store)";
+ $this->pass();
+ return;
+ }
+
+ require_once 'Auth/OpenID/SQLiteStore.php';
+
+ $temp_dir = _Auth_OpenID_mkdtemp();
+
+ if (!$temp_dir) {
+ trigger_error('Could not create temporary directory ' .
+ 'with Auth_OpenID_FileStore::_mkdtemp',
+ E_USER_WARNING);
+ return null;
+ }
+
+ $dsn = 'sqlite:///' . urlencode($temp_dir) . '/php_openid_storetest.db';
+ $db =& DB::connect($dsn);
+
+ if (PEAR::isError($db)) {
+ $this->pass("SQLite database connection failed: " .
+ $db->getMessage());
+ } else {
+ $store = new Auth_OpenID_SQLiteStore($db);
+ $this->assertTrue($store->createTables(), "Table creation failed");
+ $this->_testStore($store);
+ $this->_testNonce($store);
+ $this->_testNonceCleanup($store);
+ }
+
+ $db->disconnect();
+ unset($db);
+ unset($store);
+ unlink($temp_dir . '/php_openid_storetest.db');
+ rmdir($temp_dir);
+ }
+
+ function test_mysqlstore()
+ {
+ // If the mysql extension isn't loaded or loadable, succeed
+ // because we can't run the test.
+ if (!(extension_loaded('mysql')) ||
+ !(@include_once 'DB.php')) {
+ print "(not testing MySQL store)";
+ $this->pass();
+ return;
+ }
+
+ require_once 'Auth/OpenID/MySQLStore.php';
+
+ global $_Auth_OpenID_db_test_host;
+
+ $dsn = array(
+ 'phptype' => 'mysql',
+ 'username' => 'openid_test',
+ 'password' => '',
+ 'hostspec' => $_Auth_OpenID_db_test_host
+ );
+
+ $db =& DB::connect($dsn);
+
+ if (PEAR::isError($db)) {
+ print "MySQL database connection failed: " .
+ $db->getMessage();
+ $this->pass();
+ return;
+ }
+
+ $temp_db_name = _Auth_OpenID_getTmpDbName();
+
+ $result = $db->query("CREATE DATABASE $temp_db_name");
+
+ if (PEAR::isError($result)) {
+ $this->pass("Error creating MySQL temporary database: " .
+ $result->getMessage());
+ return;
+ }
+
+ $db->query("USE $temp_db_name");
+
+ $store = new Auth_OpenID_MySQLStore($db);
+ $store->createTables();
+ $this->_testStore($store);
+ $this->_testNonce($store);
+ $this->_testNonceCleanup($store);
+
+ $db->query("DROP DATABASE $temp_db_name");
+ }
+
+ function test_mdb2store()
+ {
+ // The MDB2 test can use any database engine. MySQL is chosen
+ // arbitrarily.
+ if (!(extension_loaded('mysql') ||
+ @dl('mysql.' . PHP_SHLIB_SUFFIX)) ||
+ !(@include_once 'MDB2.php')) {
+ print "(not testing MDB2 store)";
+ $this->pass();
+ return;
+ }
+
+ require_once 'Auth/OpenID/MDB2Store.php';
+
+ global $_Auth_OpenID_db_test_host;
+
+ $dsn = array(
+ 'phptype' => 'mysql',
+ 'username' => 'openid_test',
+ 'password' => '',
+ 'hostspec' => $_Auth_OpenID_db_test_host
+ );
+
+ $db =& MDB2::connect($dsn);
+
+ if (PEAR::isError($db)) {
+ print "MySQL database connection failed: " .
+ $db->getMessage();
+ $this->pass();
+ return;
+ }
+
+ $temp_db_name = _Auth_OpenID_getTmpDbName();
+
+ $result = $db->query("CREATE DATABASE $temp_db_name");
+
+ if (PEAR::isError($result)) {
+ $this->pass("Error creating MySQL temporary database: " .
+ $result->getMessage());
+ return;
+ }
+
+ $db->query("USE $temp_db_name");
+
+ $store =& new Auth_OpenID_MDB2Store($db);
+ if (!$store->createTables()) {
+ $this->fail("Failed to create tables");
+ return;
+ }
+ $this->_testStore($store);
+ $this->_testNonce($store);
+ $this->_testNonceCleanup($store);
+
+ $db->query("DROP DATABASE $temp_db_name");
+ }
+}
+
+/**
+ * This is the host that the store test will use
+ */
+global $_Auth_OpenID_memcache_test_host;
+$_Auth_OpenID_memcache_test_host = 'localhost';
+
+class Tests_Auth_OpenID_MemcachedStore_Test extends Tests_Auth_OpenID_Store {
+ function test_memcache()
+ {
+ // If the memcache extension isn't loaded or loadable, succeed
+ // because we can't run the test.
+ if (!extension_loaded('memcache')) {
+ print "(skipping memcache store tests)";
+ $this->pass();
+ return;
+ }
+ require_once 'Auth/OpenID/MemcachedStore.php';
+
+ global $_Auth_OpenID_memcache_test_host;
+
+ $memcached = new Memcache();
+ if (!$memcached->connect($_Auth_OpenID_memcache_test_host)) {
+ print "(skipping memcache store tests - couldn't connect)";
+ $this->pass();
+ } else {
+ $store = new Auth_OpenID_MemcachedStore($memcached);
+
+ $this->_testStore($store);
+ $this->_testNonce($store);
+ $this->_testNonceCleanup($store);
+
+ $memcached->close();
+ }
+ }
+}
+
+class Tests_Auth_OpenID_StoreTest extends PHPUnit_Framework_TestSuite {
+ function getName()
+ {
+ return "Tests_Auth_OpenID_StoreTest";
+ }
+
+ function Tests_Auth_OpenID_StoreTest()
+ {
+ $this->addTestSuite('Tests_Auth_OpenID_Included_StoreTest');
+ $this->addTestSuite('Tests_Auth_OpenID_MemcachedStore_Test');
+ }
+}
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/TestUtil.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/TestUtil.php
new file mode 100644
index 000000000..28e3ca9af
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/TestUtil.php
@@ -0,0 +1,60 @@
+<?php
+
+/**
+ * Utilites for test functions
+ */
+
+
+function Tests_Auth_OpenID_datafile($name, $reader)
+{
+ $path = dirname(realpath(__FILE__));
+ $sep = DIRECTORY_SEPARATOR;
+ $filename = $path . $sep . 'data' . $sep . $name;
+ $data = $reader($filename);
+ if ($data === false) {
+ $msg = "Failed to open data file: $name";
+ trigger_error($msg, E_USER_ERROR);
+ }
+ return $data;
+}
+
+function Tests_Auth_OpenID_readdata($name)
+{
+ return Tests_Auth_OpenID_datafile($name, 'file_get_contents');
+}
+
+function Tests_Auth_OpenID_readlines($name)
+{
+ return Tests_Auth_OpenID_datafile($name, 'file');
+}
+
+class OpenIDTestMixin extends PHPUnit_Framework_TestCase {
+ function failUnlessOpenIDValueEquals($msg, $key, $expected, $ns=null)
+ {
+ if ($ns === null) {
+ $ns = Auth_OpenID_OPENID_NS;
+ }
+
+ $actual = $msg->getArg($ns, $key);
+ $error_format = 'Wrong value for openid.%s: expected=%s, actual=%s';
+ $error_message = sprintf($error_format,
+ $key, $expected, $actual);
+
+ $this->assertEquals($expected, $actual, $error_message);
+ }
+
+ function failIfOpenIDKeyExists($msg, $key, $ns=null)
+ {
+ if ($ns === null) {
+ $ns = Auth_OpenID_OPENID_NS;
+ }
+
+ $actual = $msg->getArg($ns, $key);
+ $error_message = sprintf('openid.%s unexpectedly present: %s',
+ $key, $actual);
+
+ $this->assertFalse($msg->hasKey($ns, $key),
+ $error_message);
+ }
+}
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/TrustRoot.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/TrustRoot.php
new file mode 100644
index 000000000..360394091
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/TrustRoot.php
@@ -0,0 +1,172 @@
+<?php
+
+/**
+ * Tests for the TrustRoot module
+ */
+
+require_once "Auth/OpenID/TrustRoot.php";
+require_once "Tests/Auth/OpenID/TestUtil.php";
+
+class Tests_Auth_OpenID_TRParseCase extends PHPUnit_Framework_TestCase {
+ function Tests_Auth_OpenID_TRParseCase($desc, $case, $expected)
+ {
+ $this->setName($desc);
+ $this->case = $case;
+ $this->expected = $expected;
+ }
+
+ function runTest()
+ {
+ $is_sane = Auth_OpenID_TrustRoot::isSane($this->case);
+ $parsed = (bool)Auth_OpenID_TrustRoot::_parse($this->case);
+ switch ($this->expected) {
+ case 'sane':
+ $this->assertTrue($parsed, "Did not parse");
+ $this->assertTrue($is_sane, "Is not sane");
+ break;
+ case 'insane':
+ $this->assertTrue($parsed, "Did not parse");
+ $this->assertFalse($is_sane, "Is sane");
+ break;
+ default:
+ $this->assertFalse($parsed, "Did parse");
+ $this->assertFalse($is_sane, "Is sane");
+ }
+ }
+}
+
+class Tests_Auth_OpenID_TRMatchCase extends PHPUnit_Framework_TestCase {
+ function Tests_Auth_OpenID_TRMatchCase($desc, $tr, $rt, $matches)
+ {
+ $this->setName($desc);
+ $this->tr = $tr;
+ $this->rt = $rt;
+ $this->matches = $matches;
+ }
+
+ function runTest()
+ {
+ $matches = Auth_OpenID_TrustRoot::match($this->tr, $this->rt);
+ $this->assertEquals((bool)$this->matches, (bool)$matches);
+ }
+}
+
+function Tests_Auth_OpenID_parseHeadings($data, $c)
+{
+ $heading_pat = '/(^|\n)' . $c . '{40}\n([^\n]+)\n' . $c . '{40}\n()/';
+ $offset = 0;
+ $headings = array();
+ while (true) {
+ preg_match($heading_pat, substr($data, $offset), $matches,
+ PREG_OFFSET_CAPTURE);
+ if (!$matches) {
+ break;
+ }
+ $start = $matches[0][1];
+ $heading = $matches[2][0];
+ $end = $matches[3][1];
+ $headings[] = array('heading' => $heading,
+ 'start' => $offset + $start,
+ 'end' => $offset + $end,
+ );
+ $offset += $end;
+ }
+ return $headings;
+}
+
+function Tests_Auth_OpenID_getSections($data)
+{
+ $headings = Tests_Auth_OpenID_parseHeadings($data, '-');
+ $sections = array();
+ $n = count($headings);
+ for ($i = 0; $i < $n; ) {
+ $secdata = $headings[$i];
+ list($numtests, $desc) = explode(': ', $secdata['heading']);
+ $start = $secdata['end'];
+ $i += 1;
+ if ($i < $n) {
+ $blob = substr($data, $start, $headings[$i]['start'] - $start);
+ } else {
+ $blob = substr($data, $start);
+ }
+ $lines = explode("\n", trim($blob));
+ if (count($lines) != $numtests) {
+ trigger_error('Parse failure: ' . var_export($secdata, true),
+ E_USER_ERROR);
+ }
+ $sections[] = array('desc' => $desc, 'lines' => $lines,);
+ }
+ return $sections;
+}
+
+function Tests_Auth_OpenID_trParseTests($head, $tests)
+{
+ $tests = array('fail' => $tests[0],
+ 'insane' => $tests[1],
+ 'sane' => $tests[2]);
+ $testobjs = array();
+ foreach ($tests as $expected => $testdata) {
+ $lines = $testdata['lines'];
+ foreach ($lines as $line) {
+ $desc = sprintf("%s - %s: %s", $head,
+ $testdata['desc'], var_export($line, true));
+ $testobjs[] = new Tests_Auth_OpenID_TRParseCase(
+ $desc, $line, $expected);
+ }
+ }
+ return $testobjs;
+}
+
+function Tests_Auth_OpenID_trMatchTests($head, $tests)
+{
+ $tests = array(true => $tests[0], false => $tests[1]);
+ $testobjs = array();
+ foreach ($tests as $expected => $testdata) {
+ $lines = $testdata['lines'];
+ foreach ($lines as $line) {
+ $pat = '/^([^ ]+) +([^ ]+)$/';
+ preg_match($pat, $line, $matches);
+ list($_, $tr, $rt) = $matches;
+ $desc = sprintf("%s - %s: %s %s", $head, $testdata['desc'],
+ var_export($tr, true), var_export($rt, true));
+ $testobjs[] = new Tests_Auth_OpenID_TRMatchCase(
+ $desc, $tr, $rt, $expected);
+ }
+ }
+ return $testobjs;
+}
+
+function Tests_Auth_OpenID_trustRootTests()
+{
+ $data = Tests_Auth_OpenID_readdata('trustroot.txt');
+ list($parsehead, $matchhead) = Tests_Auth_OpenID_parseHeadings($data, '=');
+ $pe = $parsehead['end'];
+ $parsedata = substr($data, $pe, $matchhead['start'] - $pe);
+ $parsetests = Tests_Auth_OpenID_getSections($parsedata);
+ $parsecases = Tests_Auth_OpenID_trParseTests($parsehead['heading'],
+ $parsetests);
+
+ $matchdata = substr($data, $matchhead['end']);
+ $matchtests = Tests_Auth_OpenID_getSections($matchdata);
+ $matchcases = Tests_Auth_OpenID_trMatchTests($matchhead['heading'],
+ $matchtests);
+
+ return array_merge($parsecases, $matchcases);
+}
+
+class Tests_Auth_OpenID_TrustRoot extends PHPUnit_Framework_TestSuite {
+ function Tests_Auth_OpenID_TrustRoot($name)
+ {
+ $this->setName($name);
+
+ foreach (Tests_Auth_OpenID_trustRootTests() as $test) {
+ $this->_addTestByValue($test);
+ }
+ }
+
+ function _addTestByValue($test) {
+ $this->addTest($test);
+ }
+}
+
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/URINorm.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/URINorm.php
new file mode 100644
index 000000000..b79b7802b
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/URINorm.php
@@ -0,0 +1,66 @@
+<?php
+
+/**
+ * Tests for the URI normalization routines used by the OpenID
+ * library.
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2005-2008 Janrain, Inc.
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+require_once 'Auth/OpenID/URINorm.php';
+require_once 'Tests/Auth/OpenID/TestUtil.php';
+
+class Tests_Auth_OpenID_URINorm_TestCase extends PHPUnit_Framework_TestCase {
+ function Tests_Auth_OpenID_URINorm_TestCase(
+ $name, $uri, $expected)
+ {
+
+ $this->setName($name);
+ $this->uri = $uri;
+ $this->expected = $expected;
+ }
+
+ function runTest()
+ {
+ $actual = Auth_OpenID_urinorm($this->uri);
+ $this->assertEquals($this->expected, $actual);
+ }
+}
+
+class Tests_Auth_OpenID_URINorm extends PHPUnit_Framework_TestSuite {
+ function _readTestCases()
+ {
+ $lines = Tests_Auth_OpenID_readlines('urinorm.txt');
+ $cases = array();
+ $case = array();
+ for ($i = 0; $i < count($lines) && ($i + 3 <= count($lines)); $i += 4) {
+ $name = trim($lines[$i]);
+ $uri = trim($lines[$i + 1]);
+ $expected = trim($lines[$i + 2]);
+ if ($expected == 'fail') {
+ $expected = null;
+ }
+ $cases[] = array($name, $uri, $expected);
+ }
+
+ return $cases;
+ }
+
+ function Tests_Auth_OpenID_URINorm($name)
+ {
+ $this->setName($name);
+ $cases = $this->_readTestCases();
+ foreach ($cases as $case) {
+ list($name, $uri, $expected) = $case;
+ $this->addTest(new Tests_Auth_OpenID_URINorm_TestCase($name, $uri, $expected));
+ }
+ }
+}
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/Util.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Util.php
new file mode 100644
index 000000000..ecaed7905
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/Util.php
@@ -0,0 +1,319 @@
+<?php
+
+/**
+ * Tests for utility functions used by the OpenID library.
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2005-2008 Janrain, Inc.
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+require_once 'Auth/OpenID.php';
+
+class Tests_Auth_OpenID_Util extends PHPUnit_Framework_TestCase {
+ function test_base64()
+ {
+ // This is not good for international use, but PHP doesn't
+ // appear to provide access to the local alphabet.
+ $letters = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
+ $digits = "0123456789";
+ $extra = "+/=";
+ $allowed_s = $letters . $digits . $extra;
+ $allowed_d = array();
+
+ for ($i = 0; $i < strlen($allowed_s); $i++) {
+ $c = $allowed_s[$i];
+ $allowed_d[$c] = null;
+ }
+
+ function checkEncoded($obj, $str, $allowed_array)
+ {
+ for ($i = 0; $i < strlen($str); $i++) {
+ $obj->assertTrue(array_key_exists($str[$i],
+ $allowed_array));
+ }
+ }
+
+ $cases = array(
+ "",
+ "x",
+ "\x00",
+ "\x01",
+ str_repeat("\x00", 100),
+ implode("", array_map('chr', range(0, 255)))
+ );
+
+ foreach ($cases as $s) {
+ $b64 = base64_encode($s);
+ checkEncoded($this, $b64, $allowed_d);
+ $s_prime = base64_decode($b64);
+ $this->assertEquals($s_prime, $s);
+ }
+
+ function random_ordinal($unused)
+ {
+ return rand(0, 255);
+ }
+
+ // Randomized test
+ foreach (range(0, 49) as $i) {
+ $n = rand(0, 2048);
+ $s = implode("", array_map('chr',
+ array_map('random_ordinal',
+ range(0, $n))));
+ $b64 = base64_encode($s);
+ checkEncoded($this, $b64, $allowed_d);
+ $s_prime = base64_decode($b64);
+ $this->assertEquals($s_prime, $s);
+ }
+ }
+
+ function test_urldefrag()
+ {
+ $cases = array(
+ array('http://foo.com', 'http://foo.com'),
+ array('http://foo.com/', 'http://foo.com/'),
+ array('http://foo.com/path', 'http://foo.com/path'),
+ array('http://foo.com/path?query', 'http://foo.com/path?query'),
+ array('http://foo.com/path?query=v', 'http://foo.com/path?query=v'),
+ array('http://foo.com/?query=v', 'http://foo.com/?query=v'),
+ );
+
+ foreach ($cases as $pair) {
+ list($orig, $after) = $pair;
+ list($base, $frag) = Auth_OpenID::urldefrag($orig);
+ $this->assertEquals($after, $base);
+ $this->assertEquals($frag, '');
+
+ list($base, $frag) = Auth_OpenID::urldefrag($orig . "#fragment");
+ $this->assertEquals($after, $base);
+ $this->assertEquals('fragment', $frag);
+ }
+ }
+
+ function test_normalizeUrl()
+ {
+ $this->assertEquals("http://foo.com/",
+ Auth_OpenID::normalizeUrl("foo.com"));
+
+ $this->assertEquals("http://foo.com/",
+ Auth_OpenID::normalizeUrl("http://foo.com"));
+
+ $this->assertEquals("https://foo.com/",
+ Auth_OpenID::normalizeUrl("https://foo.com"));
+
+ $this->assertEquals("http://foo.com/bar",
+ Auth_OpenID::normalizeUrl("foo.com/bar"));
+
+ $this->assertEquals("http://foo.com/bar",
+ Auth_OpenID::normalizeUrl("http://foo.com/bar"));
+
+ $this->assertEquals("http://foo.com/",
+ Auth_OpenID::normalizeUrl("http://foo.com/"));
+
+ $this->assertEquals("https://foo.com/",
+ Auth_OpenID::normalizeUrl("https://foo.com/"));
+
+ $this->assertEquals("https://foo.com/bar" ,
+ Auth_OpenID::normalizeUrl("https://foo.com/bar"));
+
+ $this->assertEquals("http://foo.com/bar" ,
+ Auth_OpenID::normalizeUrl("HTtp://foo.com/bar"));
+
+ $this->assertEquals("http://foo.com/bar" ,
+ Auth_OpenID::normalizeUrl("HTtp://foo.com/bar#fraggle"));
+
+ $this->assertEquals("http://foo.com/bAr/" ,
+ Auth_OpenID::normalizeUrl("HTtp://fOo.com/bAr/.#fraggle"));
+
+ if (0) {
+ $this->assertEquals("http://foo.com/%E8%8D%89",
+ Auth_OpenID::normalizeUrl("foo.com/\u8349"));
+
+ $this->assertEquals("http://foo.com/%E8%8D%89",
+ Auth_OpenID::normalizeUrl("http://foo.com/\u8349"));
+ }
+
+ $non_ascii_domain_cases = array(
+ array("http://xn--vl1a.com/",
+ "\u8349.com"),
+
+ array("http://xn--vl1a.com/",
+ "http://\u8349.com"),
+
+ array("http://xn--vl1a.com/",
+ "\u8349.com/"),
+
+ array("http://xn--vl1a.com/",
+ "http://\u8349.com/"),
+
+ array("http://xn--vl1a.com/%E8%8D%89",
+ "\u8349.com/\u8349"),
+
+ array("http://xn--vl1a.com/%E8%8D%89",
+ "http://\u8349.com/\u8349"),
+ );
+
+ // XXX
+ /*
+ codecs.getencoder('idna')
+ except LookupError:
+ # If there is no idna codec, these cases with
+ # non-ascii-representable domain names should fail.
+ should_raise = True
+ else:
+ should_raise = False
+
+ for expected, case in non_ascii_domain_cases:
+try:
+actual = Auth_OpenID::normalizeUrl(case)
+ except UnicodeError:
+ assert should_raise
+ else:
+assert not should_raise and actual == expected, case
+ */
+
+ $this->assertNull(Auth_OpenID::normalizeUrl(null));
+ $this->assertNull(Auth_OpenID::normalizeUrl(''));
+ $this->assertNull(Auth_OpenID::normalizeUrl('http://'));
+ }
+
+ function test_appendArgs()
+ {
+
+ $simple = 'http://www.example.com/';
+
+ $cases = array(
+ array('empty list',
+ array($simple, array()),
+ $simple),
+
+ array('empty dict',
+ array($simple, array()),
+ $simple),
+
+ array('one list',
+ array($simple, array(array('a', 'b'))),
+ $simple . '?a=b'),
+
+ array('one dict',
+ array($simple, array('a' => 'b')),
+ $simple . '?a=b'),
+
+ array('two list (same)',
+ array($simple, array(array('a', 'b'),
+ array('a', 'c'))),
+ $simple . '?a=b&a=c'),
+
+ array('two list',
+ array($simple, array(array('a', 'b'),
+ array('b', 'c'))),
+ $simple . '?a=b&b=c'),
+
+ array('two list (order)',
+ array($simple, array(array('b', 'c'),
+ array('a', 'b'))),
+ $simple . '?b=c&a=b'),
+
+ array('two dict (order)',
+ array($simple, array('b' => 'c',
+ 'a' => 'b')),
+ $simple . '?a=b&b=c'),
+
+ array('escape',
+ array($simple, array(array('=', '='))),
+ $simple . '?%3D=%3D'),
+
+ array('escape (URL)',
+ array($simple, array(array('this_url',
+ $simple))),
+ $simple .
+ '?this_url=http%3A%2F%2Fwww.example.com%2F'),
+
+ array('use dots',
+ array($simple, array(array('openid.stuff',
+ 'bother'))),
+ $simple . '?openid.stuff=bother'),
+
+ array('args exist (empty)',
+ array($simple . '?stuff=bother', array()),
+ $simple . '?stuff=bother'),
+
+ array('args exist',
+ array($simple . '?stuff=bother',
+ array(array('ack', 'ack'))),
+ $simple . '?stuff=bother&ack=ack'),
+
+ array('args exist',
+ array($simple . '?stuff=bother',
+ array(array('ack', 'ack'))),
+ $simple . '?stuff=bother&ack=ack'),
+
+ array('args exist (dict)',
+ array($simple . '?stuff=bother',
+ array('ack' => 'ack')),
+ $simple . '?stuff=bother&ack=ack'),
+
+ array('args exist (dict 2)',
+ array($simple . '?stuff=bother',
+ array('ack' => 'ack', 'zebra' => 'lion')),
+ $simple . '?stuff=bother&ack=ack&zebra=lion'),
+
+ array('three args (dict)',
+ array($simple, array('stuff' => 'bother',
+ 'ack' => 'ack',
+ 'zebra' => 'lion')),
+ $simple . '?ack=ack&stuff=bother&zebra=lion'),
+
+ array('three args (list)',
+ array($simple, array(
+ array('stuff', 'bother'),
+ array('ack', 'ack'),
+ array('zebra', 'lion'))),
+ $simple . '?stuff=bother&ack=ack&zebra=lion'),
+ );
+
+ // Tests.
+ foreach ($cases as $case) {
+ list($desc, $data, $expected) = $case;
+ list($url, $query) = $data;
+ $this->assertEquals($expected,
+ Auth_OpenID::appendArgs($url, $query));
+ }
+ }
+
+ function test_getQuery()
+ {
+ $queries = array(
+ '' => array(),
+ 'single' => array(),
+ 'no&pairs' => array(),
+ 'x%3Dy' => array(),
+ 'single&real=value' => array('real' => 'value'),
+ 'x=y&m=x%3Dn' => array('x' => 'y', 'm' => 'x=n'),
+ '&m=x%20y' => array('m' => 'x y'),
+ 'single&&m=x%20y&bogus' => array('m' => 'x y'),
+ // Even with invalid encoding. But don't do that.
+ 'too=many=equals&' => array('too' => 'many=equals')
+ );
+
+ foreach ($queries as $s => $data) {
+ $query = Auth_OpenID::getQuery($s);
+
+ foreach ($data as $key => $value) {
+ $this->assertTrue($query[$key] === $value);
+ }
+
+ foreach ($query as $key => $value) {
+ $this->assertTrue($data[$key] === $value);
+ }
+ }
+ }
+}
+
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/VerifyDisco.php b/models/openid-php-openid-782224d/Tests/Auth/OpenID/VerifyDisco.php
new file mode 100644
index 000000000..ea2566d19
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/VerifyDisco.php
@@ -0,0 +1,422 @@
+<?php
+
+require_once "Tests/Auth/OpenID/TestUtil.php";
+require_once "Tests/Auth/OpenID/MemStore.php";
+
+require_once "Auth/OpenID/Message.php";
+require_once "Auth/OpenID/Consumer.php";
+
+class Tests_Auth_OpenID_VerifyDisco_1 extends Auth_OpenID_GenericConsumer {
+ function _discoverAndVerify($claimed_id, $to_match_endpoints)
+ {
+ $this->test_case->assertEquals($this->endpoint->claimed_id, $claimed_id);
+ return new Auth_OpenID_FailureResponse(null, $this->text);
+ }
+}
+
+class __VerifiedError extends Auth_OpenID_FailureResponse {
+}
+
+class VerifyDisco_Consumer_verifiedError extends Auth_OpenID_GenericConsumer {
+ function _discoverAndVerify($to_match)
+ {
+ return new __VerifiedError(null, 'verified error');
+ }
+}
+
+class _DiscoverAndVerify extends OpenIDTestMixin {
+ var $consumer_class = 'Auth_OpenID_GenericConsumer';
+
+ function setUp()
+ {
+ $this->store = new Tests_Auth_OpenID_MemStore();
+ $cl = $this->consumer_class;
+ $this->consumer = new $cl($this->store);
+ $this->return_to = "http://some.host/path";
+ $this->endpoint = new Auth_OpenID_ServiceEndpoint();
+
+ $this->server_id = "sirod";
+ $this->server_url = "serlie";
+ $this->consumer_id = "consu";
+
+ $this->endpoint->claimed_id = $this->consumer_id;
+ $this->endpoint->server_url = $this->server_url;
+ $this->endpoint->local_id = $this->server_id;
+ $this->endpoint->type_uris = array(Auth_OpenID_TYPE_1_1);
+ }
+
+ function failUnlessProtocolError($thing)
+ {
+ $this->assertTrue(Auth_OpenID::isFailure($thing));
+ }
+}
+
+class _Tests_discoveryOverride {
+ function _Tests_discoveryOverride($endpoint)
+ {
+ $this->endpoint = $endpoint;
+ }
+
+ function discover($unused_url)
+ {
+ return array($this->endpoint->claimed_id, array($this->endpoint));
+ }
+}
+class Tests_openID1Fallback1_0 extends _DiscoverAndVerify {
+ function test_openID1Fallback1_0()
+ {
+ $claimed_id = 'http://claimed.id/';
+ $resp_msg = Auth_OpenID_Message::fromOpenIDArgs(
+ array('ns' => Auth_OpenID_OPENID1_NS,
+ 'identity' => $claimed_id));
+ $resp_msg->setArg(Auth_OpenID_BARE_NS, 'openid1_claimed_id',
+ $claimed_id);
+ $expected_endpoint = new Auth_OpenID_ServiceEndpoint();
+ $expected_endpoint->type_uris = array(Auth_OpenID_TYPE_1_0);
+ $expected_endpoint->local_id = null;
+ $expected_endpoint->claimed_id = $claimed_id;
+
+ $discovery_override = new _Tests_discoveryOverride($expected_endpoint);
+ $this->consumer->discoverMethod = array($discovery_override, 'discover');
+
+ $actual_endpoint = $this->consumer->_verifyDiscoveryResults(
+ $resp_msg, null);
+
+ $this->assertTrue(is_a($actual_endpoint, "Auth_OpenID_ServiceEndpoint"));
+
+ $this->assertEquals($expected_endpoint->local_id,
+ $actual_endpoint->local_id);
+ $this->assertEquals($expected_endpoint->server_url,
+ $actual_endpoint->server_url);
+
+ $this->assertEquals($expected_endpoint->type_uris,
+ $actual_endpoint->type_uris);
+
+ $this->assertEquals($expected_endpoint->claimed_id,
+ $actual_endpoint->claimed_id);
+
+ }
+}
+
+class Tests_Auth_OpenID_VerifyDisco extends _DiscoverAndVerify {
+ function test_openID1NoLocalID()
+ {
+ $endpoint = new Auth_OpenID_ServiceEndpoint();
+ $endpoint->claimed_id = 'bogus';
+
+ $msg = Auth_OpenID_Message::fromOpenIDArgs(array());
+ // 'Missing required field openid.identity'
+ $this->failUnlessProtocolError($this->consumer->_verifyDiscoveryResults($msg, $endpoint));
+ }
+
+ function test_openID1NoEndpoint()
+ {
+ $msg = Auth_OpenID_Message::fromOpenIDArgs(array('identity' => 'snakes on a plane'));
+ $this->failUnlessProtocolError($this->consumer->_verifyDiscoveryResults($msg));
+ }
+
+ function test_openID2NoOPEndpointArg()
+ {
+ $msg = Auth_OpenID_Message::fromOpenIDArgs(array('ns' => Auth_OpenID_OPENID2_NS));
+ $this->failUnlessProtocolError($this->consumer->_verifyDiscoveryResults($msg, null));
+ }
+
+ function test_openID2LocalIDNoClaimed()
+ {
+ $msg = Auth_OpenID_Message::fromOpenIDArgs(array('ns' => Auth_OpenID_OPENID2_NS,
+ 'op_endpoint' => 'Phone Home',
+ 'identity' => 'Jose Lius Borges'));
+ // 'openid.identity is present without',
+ $this->failUnlessProtocolError($this->consumer->_verifyDiscoveryResults($msg));
+ }
+
+ function test_openID2NoLocalIDClaimed()
+ {
+ $msg = Auth_OpenID_Message::fromOpenIDArgs(array('ns' => Auth_OpenID_OPENID2_NS,
+ 'op_endpoint' => 'Phone Home',
+ 'claimed_id' => 'Manuel Noriega'));
+ // 'openid.claimed_id is present without',
+ $this->failUnlessProtocolError(
+ $this->consumer->_verifyDiscoveryResults($msg));
+ }
+
+ function test_openID2NoIdentifiers()
+ {
+ $op_endpoint = 'Phone Home';
+ $msg = Auth_OpenID_Message::fromOpenIDArgs(array('ns' => Auth_OpenID_OPENID2_NS,
+ 'op_endpoint' => $op_endpoint));
+ $result_endpoint = $this->consumer->_verifyDiscoveryResults($msg);
+ $this->assertTrue($result_endpoint->isOPIdentifier());
+ $this->assertEquals($op_endpoint, $result_endpoint->server_url);
+ $this->assertEquals(null, $result_endpoint->claimed_id);
+ }
+
+ function test_openid2UsePreDiscovered()
+ {
+ $endpoint = new Auth_OpenID_ServiceEndpoint();
+ $endpoint->local_id = 'my identity';
+ $endpoint->claimed_id = 'i am sam';
+ $endpoint->server_url = 'Phone Home';
+ $endpoint->type_uris = array(Auth_OpenID_TYPE_2_0);
+
+ $msg = Auth_OpenID_Message::fromOpenIDArgs(
+ array('ns' => Auth_OpenID_OPENID2_NS,
+ 'identity' => $endpoint->local_id,
+ 'claimed_id' => $endpoint->claimed_id,
+ 'op_endpoint' => $endpoint->server_url));
+
+ $result = $this->consumer->_verifyDiscoveryResults($msg, $endpoint);
+ $this->assertTrue($result === $endpoint);
+ }
+
+ function test_openid2UsePreDiscoveredWrongType()
+ {
+ $this->consumer = new Tests_Auth_OpenID_VerifyDisco_1($this->store);
+ $this->consumer->test_case =& $this;
+ $this->consumer->text = "verify failed";
+
+ $endpoint = new Auth_OpenID_ServiceEndpoint();
+ $endpoint->local_id = 'my identity';
+ $endpoint->claimed_id = 'i am sam';
+ $endpoint->server_url = 'Phone Home';
+ $endpoint->type_uris = array(Auth_OpenID_TYPE_1_1);
+
+ $this->consumer->endpoint =& $endpoint;
+
+ $msg = Auth_OpenID_Message::fromOpenIDArgs(
+ array('ns' => Auth_OpenID_OPENID2_NS,
+ 'identity' => $endpoint->local_id,
+ 'claimed_id' => $endpoint->claimed_id,
+ 'op_endpoint' => $endpoint->server_url));
+
+ $result = $this->consumer->_verifyDiscoveryResults($msg, $endpoint);
+ $this->failUnlessProtocolError($result);
+ $this->assertTrue($result->message == "verify failed");
+ }
+
+ function test_openid1UsePreDiscovered()
+ {
+ $endpoint = new Auth_OpenID_ServiceEndpoint();
+ $endpoint->local_id = 'my identity';
+ $endpoint->claimed_id = 'i am sam';
+ $endpoint->server_url = 'Phone Home';
+ $endpoint->type_uris = array(Auth_OpenID_TYPE_1_1);
+
+ $msg = Auth_OpenID_Message::fromOpenIDArgs(
+ array('ns' => Auth_OpenID_OPENID1_NS,
+ 'identity' => $endpoint->local_id));
+ $result = $this->consumer->_verifyDiscoveryResults($msg, $endpoint);
+ $this->assertTrue($result == $endpoint);
+ }
+
+ function test_openid2Fragment()
+ {
+ $claimed_id = "http://unittest.invalid/";
+ $claimed_id_frag = $claimed_id . "#fragment";
+
+ $endpoint = new Auth_OpenID_ServiceEndpoint();
+ $endpoint->local_id = 'my identity';
+ $endpoint->claimed_id = $claimed_id;
+ $endpoint->server_url = 'Phone Home';
+ $endpoint->type_uris = array(Auth_OpenID_TYPE_2_0);
+
+ $msg = Auth_OpenID_Message::fromOpenIDArgs(
+ array('ns' => Auth_OpenID_OPENID2_NS,
+ 'identity' => $endpoint->local_id,
+ 'claimed_id' => $claimed_id_frag,
+ 'op_endpoint' => $endpoint->server_url));
+ $result = $this->consumer->_verifyDiscoveryResults($msg, $endpoint);
+
+ $this->assertEquals($result->local_id, $endpoint->local_id);
+ $this->assertEquals($result->server_url, $endpoint->server_url);
+
+ $this->assertEquals($result->type_uris, $endpoint->type_uris);
+
+ $this->assertEquals($result->claimed_id, $claimed_id_frag);
+ }
+
+}
+
+class Tests_openid1UsePreDiscoveredWrongType extends _DiscoverAndVerify {
+ var $consumer_class = 'VerifyDisco_Consumer_verifiedError';
+
+ function test_openid1UsePreDiscoveredWrongType()
+ {
+ $endpoint = new Auth_OpenID_ServiceEndpoint();
+ $endpoint->local_id = 'my identity';
+ $endpoint->claimed_id = 'i am sam';
+ $endpoint->server_url = 'Phone Home';
+ $endpoint->type_uris = array(Auth_OpenID_TYPE_2_0);
+
+ $msg = Auth_OpenID_Message::fromOpenIDArgs(
+ array('ns' => Auth_OpenID_OPENID1_NS,
+ 'identity' => $endpoint->local_id));
+
+ $result = $this->consumer->_verifyDiscoveryResults($msg, $endpoint);
+ $this->failUnlessProtocolError($result);
+ $this->assertTrue(is_a($result, '__VerifiedError'));
+ }
+}
+
+// XXX: test the implementation of _discoverAndVerify
+
+class Tests_openID2NoEndpointDoesDisco_sentinel extends Auth_OpenID_GenericConsumer {
+ var $sentinel = 'blah';
+
+ function _discoverAndVerify($to_match)
+ {
+ return $this->sentinel;
+ }
+}
+
+class Tests_openID2NoEndpointDoesDisco_failure extends Auth_OpenID_GenericConsumer {
+ var $failure_message = 'A fake failure response message';
+
+ function _verifyDiscoverySingle($to_match)
+ {
+ return new Auth_OpenID_FailureResponse(null, $this->failure_message);
+ }
+}
+
+class Tests_openID2NoEndpointDoesDisco extends Tests_Auth_OpenID_VerifyDisco {
+ var $consumer_class = 'Tests_openID2NoEndpointDoesDisco_sentinel';
+
+ function test_openID2NoEndpointDoesDisco()
+ {
+ $op_endpoint = 'Phone Home';
+ $this->consumer->sentinel = new Auth_OpenID_ServiceEndpoint();
+ $this->consumer->sentinel->claimed_id = 'monkeysoft';
+
+ $msg = Auth_OpenID_Message::fromOpenIDArgs(
+ array('ns' => Auth_OpenID_OPENID2_NS,
+ 'identity' => 'sour grapes',
+ 'claimed_id' => 'monkeysoft',
+ 'op_endpoint' => $op_endpoint));
+
+ $result = $this->consumer->_verifyDiscoveryResults($msg);
+ $this->assertEquals($this->consumer->sentinel, $result);
+ }
+}
+
+class Tests_openID2MismatchedDoesDisco extends Tests_Auth_OpenID_VerifyDisco {
+ var $consumer_class = 'Tests_openID2NoEndpointDoesDisco_sentinel';
+
+ function test_openID2MismatchedDoesDisco()
+ {
+ $mismatched = new Auth_OpenID_ServiceEndpoint();
+ $mismatched->identity = 'nothing special, but different';
+ $mismatched->local_id = 'green cheese';
+
+ $sentinel = new Auth_OpenID_ServiceEndpoint();
+ $sentinel->claimed_id = 'monkeysoft';
+ $this->consumer->sentinel = $sentinel;
+
+ $op_endpoint = 'Phone Home';
+
+ $msg = Auth_OpenID_Message::fromOpenIDArgs(
+ array('ns' => Auth_OpenID_OPENID2_NS,
+ 'identity' => 'sour grapes',
+ 'claimed_id' => 'monkeysoft',
+ 'op_endpoint' => $op_endpoint));
+
+ $result = $this->consumer->_verifyDiscoveryResults($msg, $mismatched);
+ $this->assertEquals($this->consumer->sentinel, $result);
+ }
+}
+
+class Tests_openID2MismatchedDoesDisco_failure extends PHPUnit_Framework_TestCase {
+ var $consumer_class = 'Tests_openID2NoEndpointDoesDisco_failure';
+
+ function setUp()
+ {
+ $this->store = new Tests_Auth_OpenID_MemStore();
+ $cl = $this->consumer_class;
+ $this->consumer = new $cl($this->store);
+ $this->return_to = "http://some.host/path";
+ $this->endpoint = new Auth_OpenID_ServiceEndpoint();
+
+ $this->consumer->discoverMethod = array($this, "_getServices");
+
+ $this->server_id = "sirod";
+ $this->server_url = "serlie";
+ $this->consumer_id = "consu";
+
+ $this->endpoint->claimed_id = $this->consumer_id;
+ $this->endpoint->server_url = $this->server_url;
+ $this->endpoint->local_id = $this->server_id;
+ $this->endpoint->type_uris = array(Auth_OpenID_TYPE_1_1);
+ }
+
+ function _getServices($claimed_id, $fetcher=null) {
+ return array(null, array($this->endpoint));
+ }
+
+ function test_openID2MismatchedDoesDisco_failure()
+ {
+ $mismatched = new Auth_OpenID_ServiceEndpoint();
+ $mismatched->identity = 'nothing special, but different';
+ $mismatched->local_id = 'green cheese';
+
+ $op_endpoint = 'Phone Home';
+
+ $msg = Auth_OpenID_Message::fromOpenIDArgs(
+ array('ns' => Auth_OpenID_OPENID2_NS,
+ 'identity' => 'sour grapes',
+ 'claimed_id' => 'monkeysoft',
+ 'op_endpoint' => $op_endpoint));
+
+ $result = $this->consumer->_verifyDiscoveryResults($msg, $mismatched);
+ $this->assertTrue(Auth_OpenID::isFailure($result));
+ }
+}
+
+class TestVerifyDiscoverySingle extends OpenIDTestMixin {
+ var $consumer_class = 'Auth_OpenID_GenericConsumer';
+
+ function setUp()
+ {
+ $this->store = new Tests_Auth_OpenID_MemStore();
+ $cl = $this->consumer_class;
+ $this->consumer = new $cl($this->store);
+ $this->return_to = "http://some.host/path";
+ $this->endpoint = new Auth_OpenID_ServiceEndpoint();
+
+ $this->server_id = "sirod";
+ $this->server_url = "serlie";
+ $this->consumer_id = "consu";
+
+ $this->endpoint->claimed_id = $this->consumer_id;
+ $this->endpoint->server_url = $this->server_url;
+ $this->endpoint->local_id = $this->server_id;
+ $this->endpoint->type_uris = array(Auth_OpenID_TYPE_1_1);
+ }
+
+ function test_endpointWithoutLocalID()
+ {
+ // An endpoint like this with no local_id is generated as a
+ // result of e.g. Yadis discovery with no LocalID tag.
+ $endpoint = new Auth_OpenID_ServiceEndpoint();
+ $endpoint->server_url = "http://localhost:8000/openidserver";
+ $endpoint->claimed_id = "http://localhost:8000/id/id-jo";
+
+ $to_match = new Auth_OpenID_ServiceEndpoint();
+ $to_match->server_url = "http://localhost:8000/openidserver";
+ $to_match->claimed_id = "http://localhost:8000/id/id-jo";
+ $to_match->local_id = "http://localhost:8000/id/id-jo";
+
+ $result = $this->consumer->_verifyDiscoverySingle($endpoint, $to_match);
+
+ // result should always be None, raises exception on failure.
+ $this->assertEquals($result, null);
+ }
+}
+
+global $Tests_Auth_OpenID_VerifyDisco_other;
+$Tests_Auth_OpenID_VerifyDisco_other = array(
+ new Tests_openID2MismatchedDoesDisco(),
+ new Tests_openID2NoEndpointDoesDisco(),
+ new Tests_openID2MismatchedDoesDisco_failure(),
+ new Tests_openid1UsePreDiscoveredWrongType(),
+ new Tests_openID1Fallback1_0(),
+ );
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/dhexch b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/dhexch
new file mode 100644
index 000000000..7a8be0737
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/dhexch
@@ -0,0 +1,25 @@
+2126517416 1503105722 107994742031567165457540274858809652167995244913839787589743578103625285208352685332617657612917013907706708046204110421143061814711041523408378123857885283119340960531860106377561159933747570456852792031929014142490977574671361334052940195520731561436107832724927338342871107723160776334443535305873323500256
+1726325708 97982531 120276049194830643562108817809662062106546923236483207874835831104433621725428405166395533625121884325430201809382464614237831903082554679507511419420917850293136497504021313018779166242697363853538302653639224106865664333535348491338293646599577557630201300627170167862878616413985927131488374258664616392092
+7191572 1822336109 122056637146069839485450157659463602136773435897258591538866604089577736061707581662949502933519623787237101424065925246227311788026398025228549571401681364284397681558495127293422405005519207011429758784679359026564663723906503072635741603815702201571462971153413211041068663899032199555395016545688330586044
+228786056 1675584603 117701151389970889003978379762267752133865163176557074701079147801046451813688145274964215828365957142552336288689654120601548113748929766366564174096775189852190965077394508456052823068488823291767811224538103381867631753777200820579564678159674117155563703553000884461777658090456283332220216734612556688513
+804908984 2135801843 64993745755656098807721600357147815184322152457013249228399624894951891365784451431980303960531348451816046446458097670030866575746640795583720668211568084611960590087205609635406810868042628237527172170079769791670793545166757565720288711565725471066283638538704293790079806106677373567711048953361333211210
+1122280790 1614259350 3970244390792364343312138669070883638127263175075582263096706481850448381703964455173288740017450440943500797144425033043394229962284552755667989452357422108026327690718801740503572676309934059296211509079412739861064178751353597300902277808636740745335474263237517162977595705012834985895341553367459792583
+554314515 998420920 123643361743671701825618173162391028658772950477687990712748798605914570427945055208640384218469111438408345424338893652923941552893606133066783001743721804859308011765507616515353882559991735865794891472781955621601467016660304188272123202130977476560852093272543539966026915472638392018462692756028817601255
+719945347 612820861 103551249110130410018728043034553056272870332237608830696804104933749752848182147616875273399120950956495972830177071656956289995248469136767050516935071277259217339496102844766065836859503647533631994664364053659677674596380230790347281302210808329346735637394258018381272973124437749621859047096780954428763
+1030625109 1519412381 15696617275088442746387785148060623054817901281945029743077460769180096631404983383910114661025034557230747207080210469011273591184527303007260363112037932265980126744700626024259985586947347501172863220738584453809309462129610346067407238209251289710742647393829531889303218223237301268534338307710560528439
+1711254768 1710707291 57671766580359527580383190392835992822988951359063099518333951473557157636791373831886967456320589708220219137556141104065094734173377513568373511612097050435132426608350879787688784646390242899955969071718348216328885834450215105058725433533776719158074043390881257587614495125963197168525883771897032429145
+350065369 319208735 44521456496863698728911963510653524876630475042295240074435222668882607096381437705850621136342821688618111659046306438623837465097724847737566157513351593063095577843263064035230462006868686576892037899378382406468120801597507834123281075093108794208153836881908434178839513489161646768450411118658866064760
+2060218994 1946043223 56312469398022909670236635086334904553302665496424591277087996113064393075310693844995965663947160222486178761741935506327835516277624460430181450292802834360724976701838361338230904004764511115279873515265325364671729600765057941485718305803874368460265173324375012707038078949514720443784809672434739391394
+348859478 486047271 63578529904279717544096579659734885121575283886072626718230632949600891106018451131129915865157675764791879663149288069798959505461654979937263948081560345222746334083402817181164255208790802816536212306902000509334761465449621953806270899950736579351124776383450108496252367170418747525612150563944975123906
+1012847796 1311216437 107243486601777772242638374457577339776317528440551074937135087437181884726459082109032187432358497015564158022857522392034581988349463322793155498885898276448910563934149930379053835676169014345745737841013305105289515557002942278171260275549569040668192618881235525671100756834785472005323827534045854021808
+1108188659 73002956 151810407586486667408500610375120927048683500513617431444670840241105574837701928593342245869128797827409414723271900961746330458448581633550115101600384307415146567797051023727766743006773542272526168313129133103058023736384944187039543948615045687254043611794926502253898300807539332514119558228945387167129
+1367891527 957164137 106888874248390844568539366153235739322099571679913873665077300044384432133087328354115380340807163549209282323027334598550750155549975114208460003069900549945106924101337174939911191001778776920788324219234143471273850920009578258747072782983631129326451246547584416492036977756842649955247390532642313031673
+1109319782 312705549 68015190517529836158634537187194145539209089151286211608940739126031607591236786876471227901028349157506546942329120582174574792522929377067808957872180985535362179866434055727341930725758279092655515659945664689974113139170079360543337269872976473433045950679959300152245802435127006127508284128226462808242
+77629902 1442208847 80002290434058357698705037287975366182731667140415670086832039653095542318592553515737200055739316505804591069679885064388918352070456242079053263046801427045473800954002156858264359891351667747947419377687560365442620710551484084591458509139700723197713694698034159851521977928611736821392017020477832037627
+1876665427 42392232 94638321177007894302596716790742601595610267055803051893624262442254201910985079684859058170169970420428917385076321338591735591117741499259022286688741758915429225227910702796255294628145448897362890044237980198958757175908654342104958253051607028469935368687936664986431151922321609065078691893879183189566
+559635525 1782490275 71365295096950865667427967092027725943054589808884646377867956234326896501650860934260905567087143525158504721587985301638221372965891635800328428504369765880956526297788284176796001565732103141822914955442743632126166019769189834699258461912602048002960149362882398622111007162709444738907309082349930416022
+743575094 32085276 110453584602878746921666429659148701413696049424461554973529870857842263810553552249241246313332783204009612578170167391820378603413812193480492843470042238103670641705732755583940134259794253885826115668806244330875357074130716388274584300227667628005544555311079499447940768673150499033922449576383527638186
+129818206 137481306 140835473021876998102027624369898079740454145360699735493249477450544517213808389172240396819192163023303266715591396745357472463341356969319556862236385556442904650009255138279232984377682804793224148996875324569988553808409865099882747099149617352970774643108291836908871124753511856578160489828404865664010
+570689556 1980693879 108353275894436996626884805554770441694866167783124178905252902978286824751598925059178987939656961896173921225105217325495780672752694383439806863122466053616930970271706866769895033633709670957150865005763659847698663978549871624628298476651867451354816053985969930735100533712902146229305011837945607699037
+2103057616 691067770 27024056452709622585420653808400360576905666723601175215091499609471301967744143329187436673102391151329548614036436716051750524604202541651425479133617399916946398092715923340837394931898418514658066714568415577105694330058750941172815095999450748361179045856199026312487393802486505084466623313733605784416
+481705774 1641440342 117722260864906582664053412535574009960206959347375143271559843536103545468155917636456429488071536410856812908716077868452921005581676036410474437330482920141777150620686622782118823530416466223519936589968714322291361670902315520017103387742935706013660879451297004924070011539277017717095949755265539759012
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/dhpriv b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/dhpriv
new file mode 100644
index 000000000..0fa523146
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/dhpriv
@@ -0,0 +1,29 @@
+130706940119084053627151828062879423433929180135817317038378606310097533503449582079984816816837125851552273641820339909167103200910805078308128174143174269944095368580519322913514764528012639683546377014716235962867583443566164615728897857285824741767070432119909660645255499710701356135207437699643611094585 139808169914464096465921128085565621767096724855516655439365028496569658038844954238931647642811548254956660405394116677296461848124300258439895306367561416289126854788101396379292925819850897858045772500578222021901631436550118958972312221974009238050517034542286574826081826542722270952769078386418682059418
+91966407878983240112417790733941098492087186469785726449910011271065622315680646030230288265496017310433513856308693810812043160919214636748486185212617634222158204354206411031403206076739932806412551605172319515223573351072757800448643935018534945933808900467686115619932664888581913179496050117713298715475 88086484332488517006277516020842172054013692832175783214603951240851750819999098631851571207693874357651112736088114133607400684776234181681933311972926752846692615822043533641407510569745606256772455614745111122033229877596984718963046218854103292937700694160593653595134512369959987897086639788909618660591
+94633950701209990078055218830969910271587805983595045023718108184189787131629772007048606080263109446462048743696369276578815611098215686598630889831104860221067872883514840819381234786050098278403321905311637820524177879167250981289318356078312300538871435101338967079907049912435983871847334104247675360099 136836393035803488129856151345450008294260680733328546556640578838845312279198933806383329293483852515700876505956362639881210101974254765087350842271260064592406308509078284840473735904755203614987286456952991025347168970462354352741159076541157478949094536405618626397435745496863324654768971213730622037771
+24685127248019769965088146297942173464487677364928435784091685260262292485380918213538979925891771204729738138857126454465630594391449913947358655368215901119137728648638547728497517587701248406019427282237279437409508871300675355166059811431191200555457304463617727969228965042729205402243355816702436970430 103488011917988946858248200111251786178288940265978921633592888293430082248387786443813155999158786903216094876295371112716734481877806417714913656921169196196571699893360825510307056269738593971532017994987406325068886420548597161498019372380511676314312298122272401348856314619382867707981701472607230523868
+116791045850880292989786005885944774698035781824784400772676299590038746153860847252706167458966356897309533614849402276819438194497464696186624618374179812548893947178936305721131565012344462048549467883494038577857638815386798694225798517783768606048713198211730870155881426709644960689953998714045816205549 25767875422998856261320430397505398614439586659207416236135894343577952114994718158163212134503751463610021489053571733974769536157057815413209619147486931502025658987681202196476489081257777148377685478756033509708349637895740799542063593586769082830323796978935454479273531157121440998804334199442003857410
+75582226959658406842894734694860761896800153014775231713388264961517169436476322183886891849966756849783437334069692683523296295601533803799559985845105706728538458624387103621364117548643541824878550074680443708148686601108223917493525070861593238005735446708555769966855130921562955491250908613793521520082 51100990616369611694975829054222013346248289055987940844427061856603230021472379888102172458517294080775792439385531234808129302064303666640376750139242970123503857186428797403843206765926798353022284672682073397573130625177187185114726049347844460311761033584101482859992951420083621362870301150543916815123
+22852401165908224137274273646590366934616265607879280260563022941455466297431255072303172649495519837876946233272420969249841381161312477263365567831938496555136366981954001163034914812189448922853839616662859772087929140818377228980710884492996109434435597500854043325062122184466315338260530734979159890875 35017410720028595029711778101507729481023945551700945988329114663345341120595162378885287946069695772429641825579528116641336456773227542256911497084242947904528367986325800537695079726856460817606404224094336361853766354225558025931211551975334149258299477750615397616908655079967952372222383056221992235704
+37364490883518159794654045194678325635036705086417851509136183713863262621334636905291385255662750747808690129471989906644041585863034419130023070856805511017402434123099100618568335168939301014148587149578150068910141065808373976114927339040964292334109797421173369274978107389084873550233108940239410902552 40916262212189137562350357241447034318002130016858244002788189310078477605649010031339865625243230798681216437501833540185827501244378529230150467789369234869122179247196276164931090039290879808162629109742198951942358028123056268054775108592325500609335947248599688175189333996086475013450537086042387719925
+42030470670714872936404499074069849778147578537708230270030877866700844337372497704027708080369726758812896818567830863540507961487472657570488625639077418109017434494794778542739932765561706796300920251933107517954265066804108669800167526425723377411855061131982689717887180411017924173629124764378241885274 124652439272864857598747946875599560379786580730218192165733924418687522301721706620565030507816884907589477351553268146177293719586287258662025940181301472851649975563004543250656807255226609296537922304346339513054316391667044301386950180277940536542183725690479451746977789001659540839582630251935163344393
+33176766914206542084736303652243484580303865879984981189372762326078776390896986743451688462101732968104375838228070296418541745483112261133079756514082093269959937647525005374035326747696591842313517634077723301677759648869372517403529488493581781546743147639937580084065663597330159470577639629864369972900 67485835091897238609131069363014775606263390149204621594445803179810038685760826651889895397414961195533694176706808504447269558421955735607423135937153901140512527504198912146656610630396284977496295289999655140295415981288181545277299615922576281262872097567020980675200178329219970170480653040350512964539
+131497983897702298481056962402569646971797912524360547236788650961059980711719600424210346263081838703940277066368168874781981151411096949736205282734026497995296147418292226818536168555712128736975034272678008697869326747592750850184857659420541708058277866000692785617873742438060271311159568468507825422571 5400380840349873337222394910303409203226429752629134721503171858543984393161548520471799318518954232197106728096866840965784563043721652790856860155702760027304915133166173298206604451826182024471262142046935060360564569939062438160049193241369468208458085699995573492688298015026628427440418009025072261296
+83265103005695640943261961853521077357830295830250157593141844209296716788437615940096402365505416686459260302419338241462783388722843946886845478224048360927114533590583464979009731440049610985062455108831881153988321298531365779084012803908832525921630534096740755274371500276660832724874701671184539131864 141285570207910287798371174771658911045525474449663877845558585668334618068814605961306961485855329182957174312715910923324965889174835444049526313968571611940626279733302104955951067959291852710640374412577070764165811275030632465290729619533330733368808295932659463215921521905553936914975786500018720073003
+68435028583616495789148116911096163791710022987677894923742899873596891423986951658100606742052014161171185231735413902875605720814417622409817842932759492013585936536452615480700628719795872201528559780249210820284350401473564919576289210869896327937002173624497942136329576506818749730506884927872345019446 134655528287263100540003157571441260698452262106680191153945271167894435782028803135774578949200580551016388918860856991026082917835209212892423567114480975540305860034439015788120390011692862968771136814777768281366591257663821495720134621172848947971117885754539770645621669309650476331439675400544167728223
+97765390064836080322590528352647421920257073063706996347334558390461274981996865736612531330863478931481491964338380362350271734683183807511097331539820133036984271653285063355715726806139083282458695728902452215405696318402583540317419929113959816258829534543044153959951908676300847164682178008704099351835 92552521881196975294401505656851872247567784546370503402756239533783651371688190302773864319828182042605239246779598629409815474038541272600580320815319709309111399294952620375093803971373108792300726524826209329889463854451846561437729676142864421966497641824498079067929811613947148353921163336822026640804
+145767094672933012300753301037546647564595762930138884463767054235112032706630891961371504668013023047595721138624016493638510710257541241706724342585654715468628355455898091951826598092812212209834746162089753649871544789379424903025374228231365026585872808685759231756517703720396301355299998059523896918448 116669462839999965355861187716880953863237226719689755457884414384663576662696981997535568446560375442532084973721539944428004043491468494548231348032618218312515409944970197902589794303562379864012797605284844016184274353252071642511293089390472576498394410829972525726474727579603392265177009323768966538608
+34172517877854802711907683049441723730724885305592620486269966708379625109832852005775048584124451699198484092407720344962116726808090368739361658889584507734617844212547181476646725256303630128954338675520938806905779837227983648887192531356390902975904503218654196581612781227843742951241442641220856414232 126013077261793777773236390821108423367648447987653714614732477073177878509574051196587476846560696305938891953527959347566502332765820074506907037627115954790645652211088723122982633069089920979477728376746424256704724173255656757918995039125823421607024407307091796807227896314403153380323770001854211384322
+9979624731056222925878866378063961280844793874828281622845276060532093809300121084179730782833657205171434732875093693074415298975346410131191865198158876447591891117577190438695367929923494177555818480377241891190442070100052523008290671797937772993634966511431668500154258765510857129203107386972819651767 76559085024395996164590986654274454741199399364851956129137304209855150918182685643729981600389513229011956888957763987167398150792454613751473654448162776379362213885827651020309844507723069713820393068520302223477225569348080362344052033711960892643036147232270133731530049660264526964146237693063093765111
+18162696663677410793062235946366423954875282212790518677684260521370996677183041664345920941714064628111537529793170736292618705900247450994864220481135611781148410617609559050220262121494712903009168783279356915189941268264177631458029177102542745167475619936272581126346266816618866806564180995726437177435 63244550218824945129624987597134280916829928261688093445040235408899092619821698537312158783367974202557699994650667088974727356690181336666077506063310290098995215324552449858513870629176838494348632073938023916155113126203791709810160925798130199717340478393420816876665127594623142175853115698049952126277
+4817943161362708117912118300716778687157593557807116683477307391846133734701449509121209661982298574607233039490570567781316652698287671086985501523197566560479906850423709894582834963398034434055472063156147829131181965140631257939036683622084290629927807369457311894970308590034407761706800045378158588657 61612160237840981966750225147965256022861527286827877531373888434780789812764688703260066154973576040405676432586962624922734102370509771313805122788566405984830112657060375568510809122230960988304085950306616401218206390412815884549481965750553137717475620505076144744211331973240555181377832337912951699135
+36363324947629373144612372870171042343590861026293829791335153646774927623889458346817049419803031378037141773848560341251355283891019532059644644509836766167835557471311319194033709837770615526356168418160386395260066262292757953919140150454538786106958252854181965875293629955562111756775391296856504912587 86831561031659073326747216166881733513938228972332631084118628692228329095617884068498116676787029033973607066377816508795286358748076949738854520048303930186595481606562375516134920902325649683618195251332651685732712539073110524182134321873838204219194459231650917098791250048469346563303077080880339797744
+26406869969418301728540993821409753036653370247174689204659006239823766914991146853283367848649039747728229875444327879875275718711878211919734397349994000106499628652960403076186651083084423734034070082770589453774926850920776427074440483233447839259180467805375782600203654373428926653730090468535611335253 100139935381469543084506312717977196291289016554846164338908226931204624582010530255955411615528804421371905642197394534614355186795223905217732992497673429554618838376065777445760355552020655667172127543653684405493978325270279321013143828897100500212200358450649158287605846102419527584313353072518101626851
+92613116984760565837109105383781193800503303131143575169488835702472221039082994091847595094556327985517286288659598094631489552181233202387028607421487026032402972597880028640156629614572656967808446397456622178472130864873587747608262139844319805074476178618930354824943672367046477408898479503054125369731 30023391082615178562263328892343821010986429338255434046051061316154579824472412477397496718186615690433045030046315908170615910505869972621853946234911296439134838951047107272129711854649412919542407760508235711897489847951451200722151978578883748353566191421685659370090024401368356823252748749449302536931
+31485815361342085113278193504381994806529237123359718043079410511224607873725611862217941085749929342777366642477711445011074784469367917758629403998067347054115844421430072631339788256386509261291675080191633908849638316409182455648806133048549359800886124554879661473112614246869101243501787363247762961784 114503770698890543429251666713050844656853278831559195214556474458830029271801818536133531843456707474500106283648085144619097572354066554819887152106174400667929098257361286338795493838820850475790977445807435511982704395422526800272723708548541616513134676140304653112325071112865020365664833601046215694089
+76882090884790547431641385530818076533805072109483843307806375918023300052767710853172670987385376253156912268523505310624133905633437815297307463917718596711590885553760690350221265675690787249135345226947453988081566088302642706234126002514517416493192624887800567412565527886687096028028124049522890448168 15056463217273240496622619354104573042767532856243223052125822509781815362480522535564283485059790932505429110157271454207173426525345813426696743168079246510944969446574354255284952839036431873039487144279164893710061580467579842173706653409487110282515691099753380094215805485573768509475850463001549608836
+52345178981230648108672997265819959243255047568833938156267924185186047373470984278294897653277996726416846430969793375429223610099546622112048283560483136389901514170116723365811871938630317974150540909650396429631704968748113009366339718498979597226137532343384889080245796447593572468846438769413505393967 32148494517199936472358017244372701214529606506776255341152991328091526865643069587953759877295255050519124541457805199596762210567333445908166076384465183589342153762720515477404466193879418014196727238972417616122646440870364200208488239778452378059236162633837824948613596114768455832408342040970780086
+41095268619128788015767564971105114602454449306041732792746397800275041704886345704294273937217484580365505320134717320083763349380629342859670693445658118959823430378844830923452105707338162448974869312012791385772125813291388247857971218575518319578818336960572244046567099555399203328678654466958536663208 92166550199033418923713824997841892577149715275633481076285269142670107687867024550593869464613175882141630640739938334001211714884975032600306279287443909448541179109981755796752132502127330056736913454039526413284519137059580845856736918773597087836203497066909257930043736166431682872083389105176299181629
+40049143661018504441607875135884755310012910557581028447435354354754245291878800571089144452035026644953322330676651798951447670184106450649737772686119714700743396359069052813433030118630105307022867200053964644574786137276428546712005171080129190959914708907200288299169344380390093918556722227705114244981 108159089972386282154772900619022507336076619354549601813179459338897131937353741544606392560724999980281424266891537298473163753022749859939445293926707568015958367188089915420630082556748668489756475027008449860889202622698060097015044886961901650857610841562477736791450080980702347705778074391774667412741
+69905259478181995876884927656894491893594530150260951315109404530530357998889589977208787140430938039028941393673520799460431992051993157468616168400324834880926190141581037597526917869362292931957289043707855837933490285814769110495657056206391880865972389421774822461752702336812585852278453803972600333734 71821415380277072313878763768684432371552628204186742842154591000123020597011744840460964835414360968627162765288463383113375595799297552681618876474019263288277398833725479226930770694271622605114061622753165584075733358178384410640349907375170170910499615355511313349300918885560131539570707695789106185664
+26945345439378873515011714350080059082081595419023056538696949766471272811362104837806324694947413603019863785876836706911406330379274553386254346050697348395574746891556054334903838949157798006141473389066020212044825140294048709654273698482867946522782450500680195477050110145664069582549935651920545151500 80313315938584480048642653013876614091607852535582224914294013785054094052454758327935781971746329853786568549510067442145637007308960551652864942042189241081946607011847245280773379099020221884296226818685556430275385068764313042226925852500883894269809033380734632866477789520106865758504064806906234130588
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/hmac-sha1.txt b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/hmac-sha1.txt
new file mode 100644
index 000000000..4299a9655
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/hmac-sha1.txt
@@ -0,0 +1,49 @@
+test_case = 1
+key = 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
+key_len = 20
+data = "Hi There"
+data_len = 8
+digest = 0xb617318655057264e28bc0b6fb378c8ef146be00
+
+test_case = 2
+key = "Jefe"
+key_len = 4
+data = "what do ya want for nothing?"
+data_len = 28
+digest = 0xeffcdf6ae5eb2fa2d27416d5f184df9c259a7c79
+
+test_case = 3
+key = 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+key_len = 20
+data = 0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
+data_len = 50
+digest = 0x125d7342b9ac11cd91a39af48aa17b4f63f175d3
+
+test_case = 4
+key = 0x0102030405060708090a0b0c0d0e0f10111213141516171819
+key_len = 25
+data = 0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd
+data_len = 50
+digest = 0x4c9007f4026250c6bc8414f9bf50c86c2d7235da
+
+test_case = 5
+key = 0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
+key_len = 20
+data = "Test With Truncation"
+data_len = 20
+digest = 0x4c1a03424b55e07fe7f27be1d58bb9324a9a5a04
+digest-96 = 0x4c1a03424b55e07fe7f27be1
+
+test_case = 6
+key = 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+key_len = 80
+data = "Test Using Larger Than Block-Size Key - Hash Key First"
+data_len = 54
+digest = 0xaa4ae5e15272d00e95705637ce8a3b55ed402112
+
+test_case = 7
+key = 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+key_len = 80
+data = "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data"
+data_len = 73
+digest = 0xe8e99d0f45237d786d6bbaa7965c7808bbff1a91
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/hmac-sha256.txt b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/hmac-sha256.txt
new file mode 100644
index 000000000..a0b2e73aa
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/hmac-sha256.txt
@@ -0,0 +1,29 @@
+test_case = 1
+key = 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
+data = 0x4869205468657265
+digest = 0xb0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7
+
+test_case = 2
+key = 0x4a656665
+data = 0x7768617420646f2079612077616e7420666f72206e6f7468696e673f
+digest = 0x5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843
+
+test_case = 3
+key = 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+data = 0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
+digest = 0x773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe
+
+test_case = 4
+key = 0x0102030405060708090a0b0c0d0e0f10111213141516171819
+data = 0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd
+digest = 0x82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b
+
+test_case = 6
+key = 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+data = 0x54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374
+digest = 0x60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54
+
+test_case = 7
+key = 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+data = 0x5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e
+digest = 0x9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/linkparse.txt b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/linkparse.txt
new file mode 100644
index 000000000..eb13e6b53
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/linkparse.txt
@@ -0,0 +1,594 @@
+Num Tests: 73
+
+OpenID link parsing test cases
+Copyright (C) 2005-2008, JanRain, Inc.
+See COPYING for license information.
+
+File format
+-----------
+
+All text before the first triple-newline (this chunk) should be ignored.
+
+This file may be interpreted as Latin-1 or UTF-8.
+
+Test cases separated by three line separators (`\n\n\n'). The test
+cases consist of a headers section followed by a data block. These are
+separated by a double newline. The headers consist of the header name,
+followed by a colon, a space, the value, and a newline. There must be
+one, and only one, `Name' header for a test case. There may be zero or
+more link headers. The `Link' header consists of whitespace-separated
+attribute pairs. A link header with an empty string as a value
+indicates an empty but present link tag. The attribute pairs are `='
+separated and not quoted.
+
+Optional Links and attributes have a trailing `*'. A compilant
+implementation may produce this as output or may not. A compliant
+implementation will not produce any output that is absent from this
+file.
+
+
+Name: Well-formed link rel (in CAPS)
+Link: rel=openid.server href=http://www.myopenid.com/server
+
+<HTML>
+ <HEAD>
+ <LINK REL="openid.server"
+ HREF="http://www.myopenid.com/server" />
+ </HEAD>
+</HTML>
+
+
+Name: No link tag at all
+
+<html>
+<head>
+</head>
+</html>
+
+
+Name: Link element first
+
+<link>
+
+
+Name: Link inside HTML, not head
+
+<html>
+<link>
+
+
+Name: Link inside head, not html
+
+<head>
+<link>
+
+
+Name: Link inside html, after head
+
+<html>
+<head>
+</head>
+<link>
+
+
+Name: Link inside html, before head
+
+<html>
+<link>
+<head>
+
+
+Name: Link before html and head
+
+<link>
+<html>
+<head>
+
+
+Name: Link after html document with head
+
+<html>
+<head>
+</head>
+</html>
+<link>
+
+
+Name: Link inside html inside head, inside another html
+
+<html>
+<head>
+<html>
+<link>
+
+
+Name: Link inside html inside head
+
+<head>
+<html>
+<link>
+
+
+Name: link inside body inside head inside html
+
+<html>
+<head>
+<body>
+<link>
+
+
+Name: Link inside head inside head inside html
+
+<html>
+<head>
+<head>
+<link>
+
+
+Name: Link inside script inside head inside html
+
+<html>
+<head>
+<script>
+<link>
+</script>
+
+
+Name: Link inside comment inside head inside html
+
+<html>
+<head/>
+<link>
+
+
+Name: Link inside of head after short head
+
+<html>
+<head/>
+<head>
+<link>
+
+
+Name: Plain vanilla
+Link:
+
+<html>
+<head>
+<link>
+
+
+Name: Ignore tags in the <script:... > namespace
+Link*:
+
+<html>
+<head>
+<script:paddypan>
+<link>
+</script:paddypan>
+
+
+Name: Short link tag
+Link:
+
+<html>
+<head>
+<link/>
+
+
+Name: Spaces in the HTML tag
+Link:
+
+<html >
+<head>
+<link>
+
+
+Name: Spaces in the head tag
+Link:
+
+<html>
+<head >
+<link>
+
+
+Name: Spaces in the link tag
+Link:
+
+<html>
+<head>
+<link >
+
+
+Name: No whitespace
+Link:
+
+<html><head><link>
+
+
+Name: Closed head tag
+Link:
+
+<html>
+<head>
+<link>
+</head>
+
+
+Name: One good, one bad (after close head)
+Link:
+
+<html>
+<head>
+<link>
+</head>
+<link>
+
+
+Name: One good, one bad (after open body)
+Link:
+
+<html>
+<head>
+<link>
+<body>
+<link>
+
+
+Name: ill formed (missing close head)
+Link:
+
+<html>
+<head>
+<link>
+</html>
+
+
+Name: Ill formed (no close head, link after </html>)
+Link:
+
+<html>
+<head>
+<link>
+</html>
+<link>
+
+
+Name: Ignore random tags inside of html
+Link:
+
+<html>
+<delicata>
+<head>
+<title>
+<link>
+
+
+Name: case-folding
+Link*:
+
+<HtMl>
+<hEaD>
+<LiNk>
+
+
+Name: unexpected tags
+Link:
+
+<butternut>
+<html>
+<summer>
+<head>
+<turban>
+<link>
+
+
+Name: un-closed script tags
+Link*:
+
+<html>
+<head>
+<script>
+<link>
+
+
+Name: un-closed script tags (no whitespace)
+Link*:
+
+<html><head><script><link>
+
+
+Name: un-closed comment
+Link*:
+
+<html>
+<head>
+<!--
+<link>
+
+
+Name: un-closed CDATA
+Link*:
+
+<html>
+<head>
+<![CDATA[
+<link>
+
+
+Name: cdata-like
+Link*:
+
+<html>
+<head>
+<![ACORN[
+<link>
+]]>
+
+
+Name: comment close only
+Link:
+
+<html>
+<head>
+<link>
+-->
+
+
+Name: Vanilla, two links
+Link:
+Link:
+
+<html>
+<head>
+<link>
+<link>
+
+
+Name: extra tag, two links
+Link:
+Link:
+
+<html>
+<gold nugget>
+<head>
+<link>
+<link>
+
+
+Name: case-fold, body ends, two links
+Link:
+Link*:
+
+<html>
+<head>
+<link>
+<LiNk>
+<body>
+<link>
+
+
+Name: simple, non-quoted rel
+Link: rel=openid.server
+
+<html><head><link rel=openid.server>
+
+
+Name: short tag has rel
+Link: rel=openid.server
+
+<html><head><link rel=openid.server/>
+
+
+Name: short tag w/space has rel
+Link: rel=openid.server
+
+<html><head><link rel=openid.server />
+
+
+Name: extra non-attribute, has rel
+Link: rel=openid.server
+
+<html><head><link hubbard rel=openid.server>
+
+
+Name: non-attr, has rel, short
+Link: rel=openid.server
+
+<html><head><link hubbard rel=openid.server/>
+
+
+Name: non-attr, has rel, short, space
+Link: rel=openid.server
+
+<html><head><link hubbard rel=openid.server />
+
+
+Name: misplaced slash has rel
+Link: rel=openid.server
+
+<html><head><link / rel=openid.server>
+
+
+Name: quoted rel
+Link: rel=openid.server
+
+<html><head><link rel="openid.server">
+
+
+Name: single-quoted rel
+Link: rel=openid.server
+
+<html><head><link rel='openid.server'>
+
+
+Name: two links w/ rel
+Link: x=y
+Link: a=b
+
+<html><head><link x=y><link a=b>
+
+
+Name: non-entity
+Link: x=&y
+
+<html><head><link x=&y>
+
+
+Name: quoted non-entity
+Link: x=&y
+
+<html><head><link x="&y">
+
+
+Name: quoted entity
+Link: x=&
+
+<html><head><link x="&amp;">
+
+
+Name: entity not processed
+Link: x=&#26;
+
+<html><head><link x="&#26;">
+
+
+Name: &lt;
+Link: x=<
+
+<html><head><link x="&lt;">
+
+
+Name: &gt;
+Link: x=>
+
+<html><head><link x="&gt;">
+
+
+Name: &quot;
+Link: x="
+
+<html><head><link x="&quot;">
+
+
+Name: &amp;&quot;
+Link: x=&"
+
+<html><head><link x="&amp;&quot;">
+
+
+Name: mixed entity and non-entity
+Link: x=&"&hellip;>
+
+<html><head><link x="&amp;&quot;&hellip;&gt;">
+
+
+Name: mixed entity and non-entity (w/normal chars)
+Link: x=x&"&hellip;>x
+
+<html><head><link x="x&amp;&quot;&hellip;&gt;x">
+
+
+Name: broken tags
+Link*: x=y
+
+<html><head><link x=y<>
+
+
+Name: missing close pointy
+Link: z=y
+
+<html><head><link x=y<link z=y />
+
+
+Name: missing attribute value
+Link: x=y y*=
+Link: x=y
+
+<html><head><link x=y y=><link x=y />
+
+
+Name: Missing close pointy (no following)
+Link*: x=y
+
+<html><head><link x=y
+
+
+Name: Should be quoted
+Link: x*=<
+
+<html><head><link x="<">
+
+
+Name: Should be quoted (2)
+Link: x*=>
+
+<html><head><link x=">">
+
+
+Name: Repeated attribute
+Link: x=y
+
+<html><head><link x=z x=y>
+
+
+Name: Repeated attribute (2)
+Link: x=y
+
+<html><head><link x=y x=y>
+
+
+Name: Two attributes
+Link: x=y y=z
+
+<html><head><link x=y y=z>
+
+
+Name: Well-formed link rel="openid.server"
+Link: rel=openid.server href=http://www.myopenid.com/server
+
+<html>
+ <head>
+ <link rel="openid.server"
+ href="http://www.myopenid.com/server" />
+ </head>
+</html>
+
+
+Name: Well-formed link rel="openid.server" and "openid.delegate"
+Link: rel=openid.server href=http://www.myopenid.com/server
+Link: rel=openid.delegate href=http://example.myopenid.com/
+
+<html><head><link rel="openid.server"
+ href="http://www.myopenid.com/server" />
+ <link rel="openid.delegate" href="http://example.myopenid.com/" />
+</head></html>
+
+
+Name: from brian's livejournal page
+Link: rel=stylesheet href=http://www.livejournal.com/~serotta/res/319998/stylesheet?1130478711 type=text/css
+Link: rel=openid.server href=http://www.livejournal.com/openid/server.bml
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <link rel="stylesheet"
+ href="http://www.livejournal.com/~serotta/res/319998/stylesheet?1130478711"
+ type="text/css" />
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ <meta name="foaf:maker"
+ content="foaf:mbox_sha1sum '12f8abdacb5b1a806711e23249da592c0d316260'" />
+ <meta name="robots" content="noindex, nofollow, noarchive" />
+ <meta name="googlebot" content="nosnippet" />
+ <link rel="openid.server"
+ href="http://www.livejournal.com/openid/server.bml" />
+ <title>Brian</title>
+ </head>
+
+
+Name: non-ascii (Latin-1 or UTF8)
+Link: x=®
+
+<html><head><link x="®">
+
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/n2b64 b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/n2b64
new file mode 100644
index 000000000..b12a24604
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/n2b64
@@ -0,0 +1,650 @@
+AA== 0
+AQ== 1
+Ag== 2
+Aw== 3
+BA== 4
+BQ== 5
+Bg== 6
+Bw== 7
+CA== 8
+CQ== 9
+Cg== 10
+Cw== 11
+DA== 12
+DQ== 13
+Dg== 14
+Dw== 15
+EA== 16
+EQ== 17
+Eg== 18
+Ew== 19
+FA== 20
+FQ== 21
+Fg== 22
+Fw== 23
+GA== 24
+GQ== 25
+Gg== 26
+Gw== 27
+HA== 28
+HQ== 29
+Hg== 30
+Hw== 31
+IA== 32
+IQ== 33
+Ig== 34
+Iw== 35
+JA== 36
+JQ== 37
+Jg== 38
+Jw== 39
+KA== 40
+KQ== 41
+Kg== 42
+Kw== 43
+LA== 44
+LQ== 45
+Lg== 46
+Lw== 47
+MA== 48
+MQ== 49
+Mg== 50
+Mw== 51
+NA== 52
+NQ== 53
+Ng== 54
+Nw== 55
+OA== 56
+OQ== 57
+Og== 58
+Ow== 59
+PA== 60
+PQ== 61
+Pg== 62
+Pw== 63
+QA== 64
+QQ== 65
+Qg== 66
+Qw== 67
+RA== 68
+RQ== 69
+Rg== 70
+Rw== 71
+SA== 72
+SQ== 73
+Sg== 74
+Sw== 75
+TA== 76
+TQ== 77
+Tg== 78
+Tw== 79
+UA== 80
+UQ== 81
+Ug== 82
+Uw== 83
+VA== 84
+VQ== 85
+Vg== 86
+Vw== 87
+WA== 88
+WQ== 89
+Wg== 90
+Ww== 91
+XA== 92
+XQ== 93
+Xg== 94
+Xw== 95
+YA== 96
+YQ== 97
+Yg== 98
+Yw== 99
+ZA== 100
+ZQ== 101
+Zg== 102
+Zw== 103
+aA== 104
+aQ== 105
+ag== 106
+aw== 107
+bA== 108
+bQ== 109
+bg== 110
+bw== 111
+cA== 112
+cQ== 113
+cg== 114
+cw== 115
+dA== 116
+dQ== 117
+dg== 118
+dw== 119
+eA== 120
+eQ== 121
+eg== 122
+ew== 123
+fA== 124
+fQ== 125
+fg== 126
+fw== 127
+AIA= 128
+AIE= 129
+AII= 130
+AIM= 131
+AIQ= 132
+AIU= 133
+AIY= 134
+AIc= 135
+AIg= 136
+AIk= 137
+AIo= 138
+AIs= 139
+AIw= 140
+AI0= 141
+AI4= 142
+AI8= 143
+AJA= 144
+AJE= 145
+AJI= 146
+AJM= 147
+AJQ= 148
+AJU= 149
+AJY= 150
+AJc= 151
+AJg= 152
+AJk= 153
+AJo= 154
+AJs= 155
+AJw= 156
+AJ0= 157
+AJ4= 158
+AJ8= 159
+AKA= 160
+AKE= 161
+AKI= 162
+AKM= 163
+AKQ= 164
+AKU= 165
+AKY= 166
+AKc= 167
+AKg= 168
+AKk= 169
+AKo= 170
+AKs= 171
+AKw= 172
+AK0= 173
+AK4= 174
+AK8= 175
+ALA= 176
+ALE= 177
+ALI= 178
+ALM= 179
+ALQ= 180
+ALU= 181
+ALY= 182
+ALc= 183
+ALg= 184
+ALk= 185
+ALo= 186
+ALs= 187
+ALw= 188
+AL0= 189
+AL4= 190
+AL8= 191
+AMA= 192
+AME= 193
+AMI= 194
+AMM= 195
+AMQ= 196
+AMU= 197
+AMY= 198
+AMc= 199
+AMg= 200
+AMk= 201
+AMo= 202
+AMs= 203
+AMw= 204
+AM0= 205
+AM4= 206
+AM8= 207
+ANA= 208
+ANE= 209
+ANI= 210
+ANM= 211
+ANQ= 212
+ANU= 213
+ANY= 214
+ANc= 215
+ANg= 216
+ANk= 217
+ANo= 218
+ANs= 219
+ANw= 220
+AN0= 221
+AN4= 222
+AN8= 223
+AOA= 224
+AOE= 225
+AOI= 226
+AOM= 227
+AOQ= 228
+AOU= 229
+AOY= 230
+AOc= 231
+AOg= 232
+AOk= 233
+AOo= 234
+AOs= 235
+AOw= 236
+AO0= 237
+AO4= 238
+AO8= 239
+APA= 240
+APE= 241
+API= 242
+APM= 243
+APQ= 244
+APU= 245
+APY= 246
+APc= 247
+APg= 248
+APk= 249
+APo= 250
+APs= 251
+APw= 252
+AP0= 253
+AP4= 254
+AP8= 255
+AQA= 256
+AQE= 257
+AQI= 258
+AQM= 259
+AQQ= 260
+AQU= 261
+AQY= 262
+AQc= 263
+AQg= 264
+AQk= 265
+AQo= 266
+AQs= 267
+AQw= 268
+AQ0= 269
+AQ4= 270
+AQ8= 271
+ARA= 272
+ARE= 273
+ARI= 274
+ARM= 275
+ARQ= 276
+ARU= 277
+ARY= 278
+ARc= 279
+ARg= 280
+ARk= 281
+ARo= 282
+ARs= 283
+ARw= 284
+AR0= 285
+AR4= 286
+AR8= 287
+ASA= 288
+ASE= 289
+ASI= 290
+ASM= 291
+ASQ= 292
+ASU= 293
+ASY= 294
+ASc= 295
+ASg= 296
+ASk= 297
+ASo= 298
+ASs= 299
+ASw= 300
+AS0= 301
+AS4= 302
+AS8= 303
+ATA= 304
+ATE= 305
+ATI= 306
+ATM= 307
+ATQ= 308
+ATU= 309
+ATY= 310
+ATc= 311
+ATg= 312
+ATk= 313
+ATo= 314
+ATs= 315
+ATw= 316
+AT0= 317
+AT4= 318
+AT8= 319
+AUA= 320
+AUE= 321
+AUI= 322
+AUM= 323
+AUQ= 324
+AUU= 325
+AUY= 326
+AUc= 327
+AUg= 328
+AUk= 329
+AUo= 330
+AUs= 331
+AUw= 332
+AU0= 333
+AU4= 334
+AU8= 335
+AVA= 336
+AVE= 337
+AVI= 338
+AVM= 339
+AVQ= 340
+AVU= 341
+AVY= 342
+AVc= 343
+AVg= 344
+AVk= 345
+AVo= 346
+AVs= 347
+AVw= 348
+AV0= 349
+AV4= 350
+AV8= 351
+AWA= 352
+AWE= 353
+AWI= 354
+AWM= 355
+AWQ= 356
+AWU= 357
+AWY= 358
+AWc= 359
+AWg= 360
+AWk= 361
+AWo= 362
+AWs= 363
+AWw= 364
+AW0= 365
+AW4= 366
+AW8= 367
+AXA= 368
+AXE= 369
+AXI= 370
+AXM= 371
+AXQ= 372
+AXU= 373
+AXY= 374
+AXc= 375
+AXg= 376
+AXk= 377
+AXo= 378
+AXs= 379
+AXw= 380
+AX0= 381
+AX4= 382
+AX8= 383
+AYA= 384
+AYE= 385
+AYI= 386
+AYM= 387
+AYQ= 388
+AYU= 389
+AYY= 390
+AYc= 391
+AYg= 392
+AYk= 393
+AYo= 394
+AYs= 395
+AYw= 396
+AY0= 397
+AY4= 398
+AY8= 399
+AZA= 400
+AZE= 401
+AZI= 402
+AZM= 403
+AZQ= 404
+AZU= 405
+AZY= 406
+AZc= 407
+AZg= 408
+AZk= 409
+AZo= 410
+AZs= 411
+AZw= 412
+AZ0= 413
+AZ4= 414
+AZ8= 415
+AaA= 416
+AaE= 417
+AaI= 418
+AaM= 419
+AaQ= 420
+AaU= 421
+AaY= 422
+Aac= 423
+Aag= 424
+Aak= 425
+Aao= 426
+Aas= 427
+Aaw= 428
+Aa0= 429
+Aa4= 430
+Aa8= 431
+AbA= 432
+AbE= 433
+AbI= 434
+AbM= 435
+AbQ= 436
+AbU= 437
+AbY= 438
+Abc= 439
+Abg= 440
+Abk= 441
+Abo= 442
+Abs= 443
+Abw= 444
+Ab0= 445
+Ab4= 446
+Ab8= 447
+AcA= 448
+AcE= 449
+AcI= 450
+AcM= 451
+AcQ= 452
+AcU= 453
+AcY= 454
+Acc= 455
+Acg= 456
+Ack= 457
+Aco= 458
+Acs= 459
+Acw= 460
+Ac0= 461
+Ac4= 462
+Ac8= 463
+AdA= 464
+AdE= 465
+AdI= 466
+AdM= 467
+AdQ= 468
+AdU= 469
+AdY= 470
+Adc= 471
+Adg= 472
+Adk= 473
+Ado= 474
+Ads= 475
+Adw= 476
+Ad0= 477
+Ad4= 478
+Ad8= 479
+AeA= 480
+AeE= 481
+AeI= 482
+AeM= 483
+AeQ= 484
+AeU= 485
+AeY= 486
+Aec= 487
+Aeg= 488
+Aek= 489
+Aeo= 490
+Aes= 491
+Aew= 492
+Ae0= 493
+Ae4= 494
+Ae8= 495
+AfA= 496
+AfE= 497
+AfI= 498
+AfM= 499
+AfQ= 500
+AfU= 501
+AfY= 502
+Afc= 503
+Afg= 504
+Afk= 505
+Afo= 506
+Afs= 507
+Afw= 508
+Af0= 509
+Af4= 510
+Af8= 511
+AgA= 512
+ALDs7paJl5xPh6ORH61iDA6pONpV0rTjGiTkLEW2JsVsRKaRiS4AGn2PTR1UZXP0vXAmRXwdSegQgWPUp3Hm3RofRcDh1SykZBLif7ulau1hVO+rhwRyKc7F8F+7LcMf/v+s73eOXUDbbI2r52wfr7skZy/IELhsC8EK6HzhACI3 124241322153253947064453752054205174382289463089695815605736438952932114700118408072544073767229325045596832952652232288773280299665950768731398747700657715829631597019676014848183966683866396215048196276450953653433516126074463193382764063985175903718735372053536664711482497859539116009770850968340298474039
+AOzgU1s6Pd2IkrJlvGND8legXTe50nyDCocI5mwT9rW0YsisY5jaaEOcu51BAq9MmXBPeVX0k/jlXwH4Pn3mCpUAU1rEOsTdcmSJp35siKliDdhTZHHdZNMW+igfXGX5OCsA/BaBcGnE6NnrGWXKyTOoVUGQLEkL2T5yhNUaCT83 166340174936369324883416612727439279977041963320514134445183426741643586944819834936989524033374309932122967866930503619179389342537723598234062828695747850043368572301869699886931403612266216965783079972698791813140295203826980649434652168563255385527187360027803388963151668338040517316899628026707657178935
+AO8hrpw+lDiJ13JahLtCb1RenupQcNd0wlTSck9OLL8wB/x6gAoj0PTLV05eZIbz43N3GUSDmmckjlxdHXiBJ9rsoB0P95l1CWIV+4rXblCqxmOdmlm6VZ13bqbI0x7l0cjeMrkmk+yJ067WqUolqQBlUWMTuJVfkxALJYH5xr/C 167923899524385316022824282304301434707626789716026029252173742527362300338760906999615029022863637963070711762128687835779073122264515776657475985362344360699359591353388569856862973447791264902182048648600267737826849280828116753682917256540180401899752566540869918949003470368970029744573140084219550547906
+QxAn7yrdVs5tlHV+Glbqdaj67c6Ni8am3bBLOL8PV5HbdrLf2xIPmNugo6MfUwFSnT+ZPJ51+VTOsItaNwCFju0Eh1cqyP3JWyLRPE7emKuo6xRhf+5ik0pTg77LEF4JXW6ofDqirpR4alFi0G2d9yImQPphsYJwYGF/nNT8u0Q= 47093316905427544098193936500644355852669366083115552072584429220248776817916430034648347490325490701471113667554329499736495877969341478442613611948220957798780043076906836236556612316544460763366275536846463456405604189392790111985912854476264292503164100482712281088955640964034295834935468665872932715332
+AI9PVzrbJUvmCihwSFans1lBKwudGEZpWWu8pkSK2zVgzGhMvUoGgMp6TG2zsUd1tV8zv7KsVD2t6pXmjT1wPUynufq97GVHI06SGpflDTt30WboYRh3DgYxvso1sOjUXpnDezcaqc2Aiz4nV5MSShkBlyBjA8z2worHDE+uXqw0 100635651531872121827765663065728398779771663753008344681972226973080394359405041113312675686974926993279775427390065833081040771269307007695807025882757371805607979134114890454059957194316765342461291139168706134406917264848659448693866813989352429841300235734400772946895458374870482441457514575059390213172
+FiinVicXOqqRLpxcGTorQpSAGeQ/PfDOuzYK9ViFtmPv6D0cYPfhUH4qXEHOejvmX+0b4lfaX8MWPVZxlqpfXiU9BhG76HJxkLF4ysipukeOvhoHzvcxE5bnhSF1i//bOSifATBLBEZInwqSVg5tHHPuuCkwTL91NqhOulp7Lsk= 15560440884463435471963622630292643727112462888414585143143739400703889930416938984547754943252935620248108237258540176511252143752416771350868493435174026287082706690332705481726295797196444796135827460509780634261726494455068460028424141500629527968240913757449787164107068039175831847071025316475940056777
+aYrxyQN/hkBne2ayqo2/iDLF3DZGgk080SOMJfsj9h3Z1OfFZM7TJA+y+/O7niqatosvKrfHrAw+Qs7c6tCZ6NPwYJ4QJLOF9bqH2u2a3fkI954voNUctlUagYUJsZXV8hdhLM6NwUyIZ3ZFkPcpTZp7nKQQ84tr1a8VjDIT5/o= 74114640794666001532816944350975062126079079113921109750255283189037502412929005615388097912507598112836936032143435813588205939470002911374442844578739574773399427907766548612582213272643279263782396527705126350063372192910060171635870872236876399794128383338399728947176692692942605589343038282957050865658
+AMpCUeKUX/vtRslWiUUuXNl1KA9uDAWjMUkTrdsxxRDESI7iZIn3TR9lW+0kV5fzkLF18iYLAwSGBmX1PS/T0UVFmoBPJ9yS7yktNL0lpQ3noyGFn8HHZ6XB3FkH3jegIfGbvwwhnhhFzpHPrXlpO5iU5Y+rexzp2XHWt4yJGuIL 142031143422642739313498629438991149460874309300342349421794421544918823888598660275343727563280565210534243383322796489809683834300630555650331646026843796764549231159336347965502383849513994449309613369541991287590422095953275586374371960367000083487965487661436037637475372929033613295072397262739084075531
+AIMIQVz0JIEKEI+PREu94m3v9XoiU/Q0CpsSuqkwSSje+Wyul5ea9oU5qgtOpdkMUOW91BJo0DW/GMZ8v3C4qyyP29TtjCcAHObJi9hfLSlnTSuzXZnDStooYYKqzfToLToCaAJKCXiXAVW0vWtapLnyqafrf/KgyGZ5u4HfXKY0 92013973253053602863003242446596060337454881568126916916519869242232429836082762281129448384605359749247852792606718908482332975424967542242332487707042773885428473061056052851768940900752317020681189773407893371297668591494665352294885305475871917069040377145530889271334616499701769138948975263435137525300
+ANfP+zPBTR27afneyac1KJhOB5Pq3AXB+SoAXJvQI/GkSoNhw5KdfqoIkLcoJi8wClCm424Gm1AdrdGwDFOM/iKTSPkrvMag93+b2EbQGX66/n2X3YRFNkgq/Gtb+2M8oCcAL054Z/iiMD67aU5RWzjqS64ePHsn01bJ7dqLgpMO 151548639867177154896951257541227014781655576169318283047778755573323724856619156348444192550664853912434681577093459933599575436686424046466113215132845213008587152894642577278656978304699131916299275797578171518984206145555369576872231567191579337901913492071976578289189524123204040497290426960375042970382
+AK0kHtacLGu1NFWMADq2rG8hpzM4UEYyPOL+aMJbnwXcUYptRIxb0YFZg35RN/RiZs4lQsiq+kEJKzMMV71TsJq59vMkIZhZoB3t8g9ZqBZuq0JYcTICDwRpNSttJidVpJ6P9sR3s1xPMYKdlSwt6EEc9htOXfZU+yHKYgn98X60 121583812047864398969816595368193171848971298823388059338224714026742264861090347096116404814514279627148994345584790617974476594451626305761040465570524035369799925437276511604752129817947910677564301623631349399504187314174538914591944778074509068973226322566160587813128746039859381466427380402262866230964
+W3sZlWW1Aev3x/DiH9MzwCAZzBj++x9cknLfGAHwgFqkLH6vimEH/r8hi85hzlCOG5CjwhoZ0D/Hsfr26ZJ3X4chG84byrfDnek1V9mm1++v+clJvlYgcuVgn2Opsba2TILTm1MDB+Ujs9brJ2AAKrE9+ep5nvtQVeG9PUGtdlo= 64240043913835461386212515483198059541440539167395859777194837833769712010594411295323900074066077107346806786205590345517755715510695858065925747020336398305793661773798243627926904542715123849691490667964262778804487343218972081260210371192903128886030021862362141928329650003493687310970684093289133340250
+FTQRk9/BIj21gbLwI22fHJWYj+8Ghdcc613hOtJ+/hQmh73HwTXLpaGK9aCptxVbpjW0r/bxaRjmgxu9u1CCZh5yRd7Z46Wk/LIPXGd3ycQzqRMFB7TISFQGJIcFoxRp3Eb5wa2OyrUg7c/D+kb7oFJq9P7mEwIh8TpLzwmu4SU= 14889529068556301710329043521845510156960298822469914567758538023025100741826628180855835334285179977296740667353391766487166458692144569279381035582718738461626140662441222061900764829681913534146898551570916312642104487829660946024590782808750587095559047648957238487820069966851521487428624726655438348581
+APYXO6uGvs9qWiEAkcWsaCaCrGJJCP2Z1g++XlJ67oZIgEoWITn3T/R2/c4edAfwUUzNHAYZN1h2dSrRoqlrRXrbxFtGOuRCUrXcGLFFcEbTrtm+z5z8xGRfcorx7Cu3FIBPMK5XcGPcbRZdyP1gBkeDMvuBNAo0/To+LP/dhCNM 172810804474418448604443090732221483571611665465870520701624598983692130272337358406272727413570938793741430131635927237320173996217984860203754686741782921346604605228620148450611724714868551781003004492587584071978757421616871762681049508123223983431502852926521520561941051298696758046005573332373854233420
+AIDNxhnDEe1kTJ3XGfTS8zKXeXPRdw5yifm8j8Ibzj/quExy7hFPtKct8hRskPR2qwTlMiW9Ra8Npg2USsqHV0rBoIkX7E3psxq5LBfp/q00l3SEBuLL4K2FGR87bPgU+Duk3RVrNMnColiTcnAR5XkoeWhn/r9MfJMIN9Y0FEh8 90449107125498302548188660544012777357148118984122992664008792590422284061463729084479315745509706793674355738023180454297730948397413371686013210006834869294564190666543874617716180411178090109573192518129248278410216362657350215009192850017507998797754539132540293137589672869131300859207213449571846080636
+AIRWavxYRsGlH0Yr0DudwrpYtbrByf9ZsDawKom7ubiRfepqYzcBlwt4adMMnkYSaXeYtOsD4KBm2ZvLKN3++RkYNmxgkyarORBEg7ERyiThBj7Ksw57pNHCAoHtBEhH7Wp9mHhuZtPvPgCEptmwCu9rYhLt4zZp+Zq8a02dkXvM 92930601962515884925250459851491509622611227724602941760145671636277317511265759558869239180653492283311584982044597979173761619470326096725838197524704577188104121460089235709339932110663536557497112887112782062772810759971739760085128369628777812332518137107605855679096146402427144185104230596200130247628
+AMNJGLcAiJtL5fUfkesWKYJurdYSnvsOZeZcrg7bemkEVjF6S9CcojimUl+ncr/YY5/EXnU0mg84fObtDxWWdJ7z7l0CFcoALTyEatDYKshT0xvdKY3u+LUShxIAyk8EcGnf+KoEaa4Mx3tg2oTBnVegXClOakNTWw8bu2ItagoQ 137134165107366719462230252606689766470445826753581409513106273517221906418464863733870948759313279128624638614534848890858250894834883265387344539280755177217350585564186248554307335197387734431939154077778003706720017441895613190141376534460438929588407764609772857975000507660651583780079804513519571438096
+BmGPZt8XqqI1PuLN4K1/PZMi2rfOYtHEMrcwZdSjKRm5qTkd0Pbb/5zPV07TnM0uLRvIQYTLloEY+GYyn0K5gDTEZpEtQ8ee6Y87zYGDwcf20eqYNxkA7FVV71vqCP/Uw3Oi6B+hMvsWZbvv2vH6MkAeADCrezOtwqVS+irftyc= 4480956865245875120472829476982311611308898564405318773810939350829150182630548948231116574193987272498161864310429976564278532538229396846813874244969927890037756969704618336242255039858182439641759659872128285423988638335967412040624105824571426792562334458751137508116412821914961236269913776304372561703
+APqFgCIYbJWuRyEGuOStPvcprj2PILQ0JpgwQ2jLKn3DvkWSd83qh7PWGKozGavsjh803K+ZzI7P2wP+Nc0r0El3q4nzaHvKaCtVRyMwbXv9wYLFZICeM6J1l9ljUMts4tbDoPzkIy3ScU7pYxarBWqMkcBU8qL6NN1vEdkeu0fW 175922170410080716883576123079908758276229469783745771772401183721225804343343063277676406040455068452258961299511343441961963941297631097736305638850193978800615558067791016294285848963023036905095022181004058235239390870177623185946205281141386416867569004073524130001309977475780893497185890756991672600534
+APA/rCcGeH6A+6ZwaBBDM6mB6tTD8mjkrOWEo/pK3MCZ+rrErMBnFp2S19GhlLOfuY8BHS+D834Fdm8+3wKYkWnXZpGb+e3v8ofOQ34G1HvzULOYtrEiC4ISZRt2SSyz2hU+PBXjVnplsHWTRxZDmBxTJdgli4ItAqxGCxj/aJ9m 168708388929747822981923386197903561880341990893945097067702518857172133291360611402092714329372304718329568897960770488377524912057166920574319430820488930520807742026377043178502591886293565177404635365772829346030773275726024973460121300339258054215286249329967181244588558220467488638468686270735376228198
+AKmwrLP108dCGWOWxE/6woJVLRi/Kra/DvdsPkkrZQmWIlUT7IvwM4gU6bUr4f6wpT08cIQls2cGh7dbSEaO0xLa3mmtKhPiAlzSnz0wuifF3JT9U3uXgUfCZuFtE0z7Oi7WTOrpl3k3GA7JFvXnY0lwblIQALVf6oWyNETnajGl 119160465301384937485959146028591622947513292915838943629387700439301197965652871741710280647524383590817798553034250156068573474278225305190573334054718387045488098320076877626430189054572361967283632592181431701411266656256255758079114072932140551282607247364388070762970060420036793573956057551235306893733
+VTe3rCzAL1Sljo3QAXEkAdBy1ZARHZwtrj6ZNRa5ttqd6/l21g4z3iHCeGo4rnE2F8wYTy+NlugjXw86OS+XojW5y6UzTtx0HX5IJ4POqN64aXWmaklGzroBEYWeuFFKcgQN3NOxkuJoDQ6VElP7Epz69kj5CsKJUwL0SjbNrFY= 59841866347633473702601462509811342285929528424012250265905695635971518533504187799047710303717472950129869674786231155102509311322791323986824635569605105662070745033595366004805920086888891275288347907772640070278731650628917037915863439204501060041944275512863990729926528905725569467329169134226609384534
+AIZt1xGhC/HrvpPASsvVIVdsu//tn0noyJmVYh3FdQ6yIh1uce47iCsrV1yvYqx5ZTbC0vnfnbjFcWqH+HtLX/DelgvhEwzqJ8hwQrfE1ShLG4ZjAVo1Z4GCjrDcEUMlwKcunuSJssuxeQuXwTLS92+q6QeBSS7OmfxPX29CLb4B 94399298271083745508290936113986978382457275531684761701599029877008571741877683365769553170771833981099580359640421358853566501815723434822307977440496208486103754978934472597505865596938563438311337045817621762649604204720249750058676095769230214181772215323235427976398686727606000594646472236822594174465
+NIhTPpWXS82VTA0LTd6TfM+HgLgUcmvnMYtLqPpuqCKZwalAycwl0XFYNyVvaY21J94j92ts/lRYgVtHDhk7/9nLXq5js/lsUnG8rWPHJo11JTxvW+df88aX0pw8u+biOWt87vc1MW1dsMTTsJFJAeBx77qU/Cwto95IVqM7vSE= 36889590210230649939994518345793530042252563793069578097360569338647730438860274349862767107939590441616825589851005429465345268710487649366046960918184701290985280638488938340668212498212581853679035928093386035688597446809895381618260692378376844452061580510108168030682664507293277674052032318576713776417
+KXdi4A2Z7tSiiX9YGtDtxUXIfQvPhcc48rUH+Q2SnXL7fLNmr+F4Rf3RiFBRiHKocPfE94pothop5qQJ5X221/DbEKWK6s+ChfQ636jvRxojoLMab3dPtaAPpDJHrfZMxbT4ZaDJT0tpA2e+zZrzBuDs+UUgCpty9nxtdm1gS7A= 29118662951481660380477444121362422614202367719725087486810943918529894738076273660245405874301505615796632229852040910511025841576465052938308369421493312085081188509808322692130449282585522349552501983296872614029139293444558468751646868108213623606366977549477663987815308260383403466635254115908032940976
+AIOTBZQR2EJJRmoWdRNFLG4fceoS3KnRTHRpPdllhHODqdg+QxTOcOvqIzBqgdD0JgO12SuNAjLQOiz0jhd02qkXw9Y1adGuKvL97ARFtNEuJiNzFAj7KpDLy2zk2rPJp4Lp7cjQs0fe8BQYnTzTsNRGm+4ybln/gse1YWu9w8y5 92394618277596007469808288231093678404089765494062813665106014405059399079199990128824492247005602685377185496959522609467906358619318009231448503013528692450191782140091818984176967246749464502089280153086163239846744554575017530385347720563798041108608545014076448155956762636929707905789978331102411214009
+NzfbJRBF4pqEeborJrjoknJgpfK+DZh2k9cE5dcElMPZ2Zn9im7desWGiBSQnu3KbTO4L/t4+m6nFTNcbIJnqbVSMDHdsfG72rG/t89aOuECQw0HMVVgONNNa6i/mw0jZSWnRLD4fa1YgbUlMd8jeqO9XcBDB4mVtDTxyeGa3vU= 38775530011374537813502898274019389132620116890266344603221997943675706375698597061571989090674289834838060050848545748579361837989319487970580969082824601965845786771062335733318139530316825802589479118956745739691326447349403950997231306042638797277408335778415717988679050762936401945487285814799382535925
+Y4BVPZ6necuLSwaqYEPeZp0lt9tTGFl/WCJJbwg7XpyvuwYKtzagC1NLzY5ymBfwGFw1yRlQuyGsYd9mBfC99DuVCIeh0JNrhJN1bNfoSzy5UO5+dmTr+dm66VGSRS0tFcViDTfCIleTV+zxo/xuZT+Bjxq7kZue8zGkjp42Kmo= 69872189501616471647606976308259279995249122669120675885925763529037695584466011511740991152346215507625265226811128801733353566555339153627478941716586678793853828514394269931890370517258825006937741437480128878717892485074131232336852490940507703859793477547154689914725314529986438108117871674332626168426
+AKCP9Mto4q/a2xNqM4N7PekbKspwt48OGPre+iqVwPrSP/jWKxg3CvvLNZzN5P+/FiUGIklMMFJ8w76OaHIPqKuwckj1gvCLECJEE+UAZWrNKPmpzd/ootN9/kQhNMuloTFCyhXAUUOXJ7Z0WVLb2u6fn4zroszSMBoWQEKC6lcq 112750701794692134675959811050012620191158543234019977304167102486465198271340022889272244811582365901584420008564301920174477182946432553537794834985703732129975734658113610563794129371053853971031300761815004524681756388784922001759202643614966614186697992611399618828963452661554240362943588548146868410154
+APOTAFA2waoAODECaGNgCHa8dNN+cjMnD01M+IeQFytzo9RLMzzzg/gpTUFpyLtFMcfbCkDYQMLXwE4crTimdz5sVvjGQ+5fSFQjoDY6Bw7MO6NAcLzlV/sI/1WyNBKaLQbcl2720n16tdUcdckQNnV+cC2J48CVxYM1c7QQlxA0 171043636512232272455501595416608280460445723238023572475354665686544174728784633443479486247342724860289312593374524429736857970220153680852977711594899595712511352458264354251161579203922747468321999465061463474727943140910084880926005209538535217464825087114791420210981711903880998556269523363208766099508
+AMGpxRlB8WVnsGqyyiy3/mzrPymtJW1o1HcDErK11ZwQV5PwTF3c0THwlnxDmcziLWHSWgPQwfRddVDCXMGW9BffJn+XO6aTcWDPmDAh+1DbWJPE1aqApGbHvQ8HONy90dQMZf1ayuwceWCVTuU1wnHdo9F/sIsRbuu7ic2OJDzY 135994898408425255747055209966103741651849229328236418804928584233229830656742052333413774490626915784901255640138520158698845938184666683995579777154437927013722740366497459963753542029774185193376253885864514386760437194444013834088425088260658670140534670789371556026135595577395047002643901630053097946328
+AJAw4uDYdSYkOrjtwJVWLv3pi1+UxWge4RmkWKqVquTsAVcT2tRZ+MFdHM457Hl7fmFIyxvGZQy4c2v1AbHEfPR8ID2sCRQpdcfrxEUZPMDqxfnHHm0ziny6W4X6ggdBzMp/sBWaVNTBL0e61/pELBGYNRGFMzGws7HQkr/sro1D 101254336834199527040756567675327011562230719161388328289463594628690618298993695452746353237675715087353241661592074446889034411683413957950360025295995263477031608845241728493807755308798509893719674568267846671753070163272328014412744008880395248474446310603301447848026040555910147467745595720879397834051
+AM09TdtXgYL4FI5CGNiVjf0T/AN/pZ5zZsBOi1MAUKMURiXnc1x8VKYTqM9Xb86mqNBBqphynIQG6/3e/YbGJgHlsSdrmKbo+P9daMr02I/7Z76/7Osa8+7Ky6lhVCbU3F0tBH4WvopkCQmuJ267afgvDD5kB+9uNr28deMH00cY 144124056591600568767398029380314564902309327093641173350205276895603332085753288682409279238417493662029954512382520307259348748813767324609446500382301421328754981718014234615523158887865271179104711373675849713359713282937065993613915015084108700238420759344034475478243507306107546245540340758766909867800
+AKDhK+/BKGXbrbBh2vM61OP8LN81YwlJKe68KNwUu4tjXlQg7i49Jis7QKPI/YFPUpSNTu5N2iCgeMnCX4+r3NAfivOao9lw4N3nc9bi839SIWdlokhwBHBYmCIgjehUeBAdkU4jKqlE06pIrpRmSvBtn7O4aWTbT+C++ViYAcGF 112973480670453665543892521898882856059335781900313607790238402438320486344365203510769919022496690291280873287383392088872774202832124927485754495093552572232234532821756395965072330282810574669371524103814871172318519695921477775100282448247625395376072233777533359104085023946019406729587713120941266551173
+ALxDiSxHjfxvP8ETvpE+SyDPTS7q3o3zCK519WTepygC58KSRfvDnIVIyV3toQKzgqD50kF1Ni5D/wuaSs62y3zg3kELX1g+WuBCc8+x50+kDtbHXa1Me3et/OqVS/QeppkcjK1UZMU29fXze6P/w6aQfvKQkE7koeQtZBKkYc0p 132203344567902304830160099595561253300484092355345272411265169562971473393256361094745618829297250316196312398486598077249124198329075791740755862221465178128527292695331061023291345396067863215552021206609309872689233899464919108147533679134727064586730810633196817136739658243232643507412032417747255282985
+VF0YUTvy8Mfi5o6X06DEvLm87r72mAtTdyyLNr0/GXlk0Xj3L2Oi2bVUMtcXQNRXg/mkdGP88pgdaP/eMzqkUU++vJ7t3UgOC1i3SHegpiBhhZh+aZHH/wjFV8Mz2XZB5z8MpMgN+QwALK1TT2Pyt/feQTsOy0imVanB5+OvCeQ= 59242171319056188000481457618922567543461456096441095927600135114274111606802456239311634638536207588762066940095527920532936960549439269891703098017342732142860571277442598349453761561189719823290643146391349978698217357430495238876700400634593256155537598291759795109752990651995982467695091946768443574756
+ezpwBt0N6QhTusiPcKrBvSB6yuk/KShTLUFQHdf5J1u1fgDYrp+aOWuXOFVfOd0bweiG4UxBQNXB2IDFWfYON0fBoaDqNk/41YyqXBSkKbiNWLi1y3zPmwTAiwK0PzYp2EPfk/t/j0HsDbvebu0ygcxb2tPqj4EQ1TXEdD007kU= 86533835313999945727720083706940213467453975054116752898416709637030456504024135513972566184073843025739226187558143854850980654667596935003124034699919861200483994576288766702308068265526535622439762454501169018136389983894783905946543636163866717367545972667876983557989192393479830223914708619684891389509
+U8BT26zT46tTZnkmTNxGUAlXbJhk5cNi4AMSd8fSvZHm55siMFGJ8Jl7mtdzEFR1UFAyEztf2fUhxdtMLe8ei/OJgM0j7myQ9STucEwnsShT7QS/DjBmfvcC42sl1CRpXkb0ZLrEJCPf+crtLKGrG7ExS1oawIAgALBiMQIL6mE= 58812148564290791415180898639607206220554150794356494356250223429674091688305329629529905854147200457536549527135776329004085047145097927266797668252160196098870200925284256433894773392353678965699083286106628662506590268955650280670838340651598082083455821825076016227525614626726458235627297885815646710369
+HfYii3U1SIkBZl09RHaGGA7H3np+qxyNeeCNY07PDl8LwZAaaYk/bHPeBVboan0I2X4o78zCD/gFXFBJ4rxwwUsVjHEioyO2JcpV2/oDOelJBD//78WzBMMSWt7ZKbJV9uYr9ZUM0BUD3fsk1esFCEdnDJdr86U0UMmiig2R+ME= 21039655953870571289679214995029926285040274249531458675115179004718812090027267801012507748013357317597416722235988917212676802092082137617336199787762782958420742299451435320649616271885264333948336627286638368859041172783505464468640994920853000441536629081040963398001710173320125308624362209157720438977
+AICOlee3daFyqTrTdtWjVb5M2rclh9BpIo1CRvKo2bF7NYcjrU0/VvbOnTVXDwdeGMLupbi76f0BrfDxYtkzMXvIZlgoTit4g5ennnklDHFBC5cogaGlri8U28w4/h5oMunZ1O4ezdpRgVJe9nTP/sSEMYiNS5IA7Zshdvm/XccF 90275777798511290102824338787811725003177532250296755103300529948194832904403489332420505850668003332750291879153080212231952155092379375422537931240723308384652734942204313672973885652497290433943089371705605128843469306776615573873479312715317072986990219294942040272550822460408702072075001377245051602693
+L0QUSVIjxvE201b1ztRZyOOxy8vkUz6626TH4tbLwXjjc+AhmrvplaVlavnOgHqve+/L18XNuAYP4BqdxIcWTx+yxBKm4ZS92dRJdcAtccvZpEJtYjdJvI6qbL5Ph6HluaVZwp4dyFyXuZOJGTfYdTb7PUWM0jNT/xsqyjxSQ2U= 33191267986826803728285073844005357792766429917696698533494382218509532051029343127452480789088572904364699220151221680328978554239767633887572649589456766209242252549993823283929686430100804479376247660556781589549613316880150951333982646510273364068770923588389668733632648346075516618646974067295703417701
+APlD9ECKJuACUmQUsbd2GTOpb2PgQVT08C/5hyNEVdA5bWoICX7epmoCKCybdolk+cfEBP6fSz33j+Vn8MbeiHBLdmF6ETbmcyOjldJ902MDvU8dqAa8IgEZN5Uh5x/xzN+3dqk9o0ji7yi291u90rpfIh85PPpDat2B4l5zs9i5 175040148659257809883308984693597046378367187659749953472629929701758633206586720399909808941145946314755491399962797299295431089674294356220216615950668954164397362123668926410543898553191541662075745481299747832013627018846822876386760538344447600390187421938699064459451308870669878673306013635576901916857
+KB7N0tE+A5vFhyrd/m6Qe1wTihkjqmBn+rinfmMAzRlvtxIBSyDLzQsOQs7L4oTG64ABU+YwcWVijvoeZNamaxGl4hatAH1pRqmC/r8FMvC4vqiFTbFHzQhkjM7uoHD1aKnxyBVgjMj0E0KZjrRxydZjIR2p13FXjLP3UQSFtII= 28173452509830313810392326357601136401754938805266458365469366750775669869895498658593356375710132149836430968810246171974040975430205200958564616924399794768861923079158311829444850822144940112488994119845741191519421434257276977333662656888696213514226866147767570046232093727585815615828360199830275208322
+bxFgV7eXwnbQScl4VzS3RTdcMW+NY6pcGkT1UsqHIeDVyBb8DnH/2/Z+DX3zniR1iW6FPdvhJJeQyPIax1ohILa11R27C1TLxGvTrRBGUycxjEcBIxamHveBsXbECWusYLEakeSDg9x4BTWMz1rTQajkorBoeEjYuW+xBxQtXME= 77994515143740690952370766995249847650881300682406161400195705464876513409097078624084133111941171517535435606295232558665316819077765607639545069239931096306624817379462598756505457054433358548941076472902905065316335603665413114267741896000877284610377452471067725794013283338924419969559537339967562669249
+AOH6E2eBzD76QdTJ6QbR/7OeF7AagUif9pEYx7fMqrIsXCJKKpLV/RHIItCDYP2WO4URCaVueoAJe3M/Shj4o6efvH9pf5Q8MLM0rn5MTHWhThivqYQDwjCp1ZsPgq1VFS+gcnmwgHhj2W7XzJxiNPeRXlxI2vL+XTT/wPBYhqEP 158686346608862569574095184731081143351413141116869402750758091813874232272198082464382169470744476593016502816563462778075467588097653320101723165887488327616477297401486647183409348122990505635004320879840358339260797834264972100385692477324858942142372580281421734058008608134075577990829273447077276721423
+ANDDgNXOB/rXwmS4KEjiHj7RCDocVrMv5SU0aw6AJzNTBfseFngqidXx2AJKOEeG7RDDN2gzn4K4qJktF0AIPG2JbELlLUu0MFlpOLxamp586qyp67Cl9OuPq3UZTyQhIsSIE3VQkvxuQkGsaV1owDV3BKIWQbQEqMQI3yT4ELHm 146598844784260148346676185962272439320781765598895126402049215152385925250917998794921584290777625240122575975327405909800121511343265147922400813488099624745229653124857224399973509428158163452130086943873214460600035260925149630502192183407327427517292065083168010281295559088633086659209316582810260124134
+Vprr6oBnWuxIzyTZjuxlKSdZhBc0upeNBHVIlXpQEnN1Q+XURKzp4/6Vg/koITftr3SMSgGpE7LkrERMGFgYaqM5XZ1RXYFKT9dRJnz9VRDITVZtdkDrU04bqo2Ur+jvZhvg/oHBDTgQ4nPLJfHO3+GEmUtck+g/wOVozMMgufY= 60816213163057201559480662231646403262735082707152897397414589876256824040344252799972529759737904461369360580708093117244392116003622336721789703580184437841209963565058475060017600871779929808204093448248984201640754565635410002090180110910120481044515630478472999135146756643143415057403006410330361346550
+do4LGsm0afQLHl9alWF2RVyEKPxLIErsf4pTPgScRE7ZiTSVErbCDeyzd/KHzhBLQs/DhHHcw+OXj541cIRm6jaLVKiT8EwLW/dVG0AkVli83sFh2f56Kk+bCGSKvfGEQcGLY2k7nQ06zoMlYR/xbZCka6Q6kSq4YBDQgigQ1lU= 83252051731120517035090523892596419800592471447735288551342681962005778435125655090199060145942826521644585427683714084736143440310518046334877897672493531918539106001203807757254797471481884534543367685912500572052457610702790097953420236852480969038388056545966568595395722585797418296411673622376893961813
+OL2Qoj4xkqRrQmuuLwrABG3BMMBNGjfBtVBNTdBf7g027Ghkk/z3aK3jKT1EPpdiOdn8zXYBSO1mTRGyK3n7Jo8ICOcnlBOF6cZtDsb9bvSVE26MOD2wzl6irU7vzS+s3vGBkN3AazrxPD4czk3xezA9y13DJVnNzgAgIQHEols= 39844525812817530522650122383059885756573694015271773938493414420875846359054562126060762455794481186614035892021706051863945033061233991184379580556219478200155757966121832613842937722944431875100059046588723473670448006803481527981834627086055642349130254917244469014754132003347635357123155857820000494171
+Ljgn+3Hcg5DOf6usRumk7P+ZrdTBRmo968HdZU1mS7LwLW3Hii2KNkwMV7J77zA0P1pnvhMSEEeh1RbCUjLtSIbt3RIcOEoc+aO0eINF8r99l83xF57CBI3MDA3AAbtaYATy/NUXSC2h4W5kdsQuR88139MFi5y8E5njqxHu3UI= 32456338403763561215581247445990611953939298888251578685087656354454727113846722731945605696397627662593375001096230320486703167389461057538581895745078593206660798580358701927596287363374862536765135996838944212622199018632046955402325290145163082309469649329852148345837780541107029165352782710901375425858
+AMt5/u+ZUNm+Xsucr4RQPUu6ExAOq/Jbcjm/Kb2YIAaEQ1czIL82wsu6YmpHcfMaxLjY+EnaaF+eCWQPeGd1av919+QFbQPeh5DT7ZT9klK7BFyVsN0nEDJQ3AMMJqq6lm4sUeVxDVTmMypYnkzRl7jqzyCRY1MHA+o2LyMECdOg 142886089970163885609957244378225169093559131065687633458877059657380607541767850701139140472705242750285722732461954100519608059127637509286558848391554697942686619832870045594188204522385787253648018847569919409782188708374165437385572046835539379151066214153911415525465041951116179326632238059135825466272
+AMvXeHCaa+zk5VdB27KoS8XpjSUngaw7Gwlq6e2RrkEOxBhU2rGWGJ3fhq1HBNRxDf0quqfYTMd1speisaEr3cIyx9BhYwB6A+Nex/Sf9DSixezhcgEz6c5CfwUYP0QTTOiZDqzz+GcjKikjN7DKJTO0WSXMRG8qX8FBbH0rlc9l 143142496664357119491819741364830737485524654099662921673419335301323845847085335210884201567922636945282124120681371777665458057821603161276185071778040317947168899788341482064834489328957963447735297898161379277478278414388733161844053774747425459239004132791029364174047523473372650441001639174571312926565
+AMxoMXHfE2i4khsAkv/lPtLQhbWUjP3kxYmlJkpacpicBB6z/TmG5zjmTC/sqzBvBn3J4UvMzKYFyk9/l7Wnuc480500a3S4HRVtMtirPueV8v/SPktL67eN2zoj1VZA/Rex0aRGjW2CzEKGwEn3G2bZSgdT8hKv7AypF69ppjz6 143539479941314279463880342636704987025205547180882175105616955926182352311179043850344463145750154442573797875223178075233807385237935671604701513551125937539235111702655902037518920150424691586943553275517626347557879039695678271564616114192941679606063184290901862703975921261779714258077775731727612132602
+ODvOKg7l9RCn5CePG1FfMitkR5l9+7JK67eU+WeA5p1YXCcKS8GbYAKCtXPD2QfxmQcrNYfAc6Yb/kksaq29oW7MzZuTDzK0HXY5xBc/fJzEuvU51gaI0PR3cuU1qRlLqwmIlyt16gto+2E64BgPgIKJcAjx+TfH/EqNeJ77/W4= 39488587053253042573878502921384752550143716864908041972426777545317969264945056510991363961916339225192727727267483337259701961148978214005913510275048195308792987888118270387288989623193626554910652030960235845935461155296845475356011099372367616732243132816329531758943935324760665826550992788664237161838
+AKkznyQtB+PGvbVroM5nUIzhJUjiNj7q4fC9sSFbmDgvehnwPElVlie6PimH2FKonGV4GSaxZ+osil+9omfkb4rO3pq8fy5KcFSw/gs09X/U2eEEcUt/4oSbjs2NaMIxQftM2CauULiwfkWdkMFTBkHnh7Bbyocc8dtmrBDdoI8a 118817437232756222334188081193205110010964766506378146125932730686679941224328135190204402802650523704343176483564284220367074983943319572348376466341132480772885833789613392397284313483009178508647973749522358005819092779831781339778163122774381387989185969990310049504391258988402795259963134610905036263194
+AJfwWA7XnYbTjlJt+9hO/Q/OubHkUkyMYrN6Jd0cN5MG9Rg8W3i8U6oJxT18p4XozkiOgPlF1lE7hIAW9KRKJKGTue+iw0okLq5UNMu2Ha6l5/wzKi0QzRVTBnQm2zjPlQpgUorBBty5mcbt/B/Y3vOE4I3iVXklVtjQ7zIBHaNK 106695084438708194568048926154027115609888551145480521213711726807296356271397749432698558860759334362315257102647885062353922543502466463770991058956633500180245599467233361812610650830611712448187310827443315947425061886163301613989593906515923245020641415290300558869209909418659128196109640872398602216266
+aCXItk5XhuNrbrqJr1Qm04U4y4AzSKDMms11PgVcdf5fCGdizibh6/oZqx5OitM26nRz2vob8F+ZIP0CIyIJU0T1M50dVTbbpwuVNdv/XI6gHekQt0d2g34x1TQJIcsT1VWwGWTPNMtht1hezBAYxwv105AGKnqdLiz04YAdEk0= 73134927546833985031652237686088635686032103401394612286045377544136784429757461671691980910279873140130943470029643791712859175007885735170485461366406852784845528918253441791024065848540598601036357817496637108534035807393364939272891745520961269029038360205258229770737579266643408540634722493263322616397
+APNeoaWlyNa554OtHP8F7GAY5V9F7LMoF2ssg5wBmsgGFktrRH1C4FdyD0COrzIb0Vcko1/HiTnA9JXlfGKc3gTHEnO0gxBSDjK41L+EIgUfR0EhAD9iftTaCoBM7qZN3R1MYrSz3sevQZNMFOOnRrzwWEXnJaPKAZXvsqPzOIF9 170899982929163229592439208307232242235219591108657660041403142612622997092685093132858257827585941687488772925553142105567685213341947938835403410054637382864108739466539574004149772568683507025358331323655651148107044968424043673850583150424463706583215452211942132017052425497789362680979074312857823248765
+ALhwBfBYpOk1pfJcNut0C2fEAd4hhYU03/ZQBqVe/7MgpEDjro7oMvSdba5kjH/VBssmZVqpvuZ5lG+vI9lXLukhwRKJg7m67HG8lZXvjDmjU/PCjxBPNt5r8/DziETYmMa+fhaMTw4hedZcwDe37t1VPIflvM94sBKu6be9yJAn 129516480651398210587505113546142851617282590236388547627336279692965778911450075230961856270046942312918567973875005814982283590898552829322178788678196583244198944578081007477482775130405341039067711963061287597331433268366003672643052056973656674139309732186091974604170508497340243515339072325943686631463
+c9vpoiZvtnj71b8XguD67WayOF57QgOX4V4L++nG2u/RY9VT2+0tJ/C4NIawVa7ScQZAPVLuhV4J50HJX7FZgtY5n+lwMzNo0av7i0IqTS+1BBO8eNJy2wkCbWWBxNybuNnF6OK7eXdPb2Mmwm2OmhN2/j7HAr0cD7rK/Hnif7I= 81358980280155473712258342299472964374474635149963153129588784719499494479288254287754874893180126149146558961101860327826747785201363745989346818037655063262173536227595206355647880155693272153902647256175878517626925488264893732295267833614283963802283320574654949992393798458265266551024756663538388467634
+APArEXNLzDydcHrieLDReJryWxFzcsN1dxjpJIVGeJp6itsJOrUtnmXVnETtaZhWsmN3/Zh0R7TgJ253f7PZ/Z2xCEdqF0hs2MmnERSywdWZQ0a0McbDUUaDjBNYFht1wvS6djbI1b8RfayrnEZ0miYdzrrP1ntU+5cM1QBAvj6T 168651870043094856205824264282870999215855903395882323164614939540734011037112413507417141209480771157672307388419164831992909066097194364645695794831939514470650008210390333649278806163193463937050083854756730458780288720541495880958909249273048328511615821480782977316719631334570687241232556472064072892051
+RhGyx6xibf0OvY1XjnmX5na3G7emG8PWbvEa1kIjR6pK6K1MrMZnxFefXpHWInFS7ADESNI9LHjZB8VW5QrjRVPMksgdEAlkhY7MyQxaclUlShFl2AfKYBfIIro+vg7mUMzMctD+07BLk+jejRHtPVIxHmNnZrZYds80ve5z3Xw= 49204219353786910100605282012781696579642953908541693903348594981245301165936599174304121350092894937817100350990938057159324959104937469442065996667276651025661016077514839755853073999975805394464570132481314896694678249282338429544941873047382467276103868995474424700207571657816852575364781281563515280764
+AKbFfU3GL6NILVyONPVD/X0tffk5HS//7FBp7n6JKMXu3VXvWnfTl32R0WyVHk2yP0iIyi6SUusSicOH9ncO8KJHmaoMGN9Fn+Zq94FTFqZne5NxHmCtwRAbFNDVGg4FeemGXEe1S5Kk1VcvWqnp+QgY0uwa7RtT8C7/T+1pZlwq 117110890075563714812929271250884717870581483065920538069845585667296154465072587148155060755111295509684258790280104272121160614620669593483929827848744548171793187278583947500205314283462739235860439216105116687015890394925743036369717346234391524403038196640934551590543386844279091801685432977718405127210
+AJ0xZ9dfRc6P4W31bMHBymgOq+38ETEIMvMtr+wB5WTcsquZY1IUB4IVkrHaOo3W2SIr479IfJOOQhmvyRS4iB05yDI88Z/fJfXarkH53gDivECuo+5+JmV7e0S6gCvOuVamwoQjlK3G32bCV2946ry4EyIsVZ6Alk9xk7X5HfGU 110384671994603894282707302829898242894456931176497230904862171369974466400767175784681299142670706023468915238955836087425993929524341269289746060546848852729416925808186253355106621584826213979718185296723694190658548757311188764342751280681935289121682174507629679900374674992438818324999211250580434317716
+fjzmb1D+YBU5Wn1GlwhxjiJS07k+fXxjeNRbOv5SjktzxOXmautO8xZ5ACOlYrTt5G2gzW2PU6sYNfByQ0xoUSyutOuQlD2r+8MnDrxCo6RxT3P0dUSX7q0IVj+oLK4GPbscnKLfe6KqUcYLMgKnDYnc+ztFD+csL6BQnM9WMLk= 88647261832601702291191332432291274285041869480562430895152086741320122435409959711452438332192792226899741738806447713240934608106883094466050154088410020909933636902495700779087737304255058561688767369900548260278700135161077055869478387490726087630962098228537973426295306997128615315548440548541717688505
+YDg99aHkQSh9RjytWknbXzcgLD8MrWUEHF46yQLHYANKXaQYyf3yGM9TYPCDUqWbOapqQe+XfOCoACLyRg7vVDsnOPRDI9ZFUgCQBNG06ZOxzktEhnNJoRC99da8jyodFqqk2f9UD1lVa8tsQdatjUDocwgJaDAOpYEyGnUlbXo= 67567767932654827067250684965667741848878457020992905661955722020937161710030993261011062929936964216357930453809610708591260182295097124272956485574313839759737390934220465669626974544253750900911093325004172643146669082793591441922014060981070503803266774197958528843445580649512373693546027107823355522426
+ANdsfO+cNtWsbT/QJHGkYAL2WCHWVPrX6oEz78pO8lUwiigVEow5roLI5Tm7GP7XffjF95z5WDxzpoam+Bfp4za75D6ZEHQmuFnpWQAmNLUHdKUE6UcsWN1rbV1uY+x+Nr5Vni/M7PfQi1yRTTJTYav40tFPb9rY48FsUotivoxd 151275723772668372472508916060743043308364940375633847663054782759325087560768667906829087958412643723335046123025802453213225972572697773468957759328009026531148112732519692142632237595562259864125679649273054426879080697360204352423668940795473103047320116317252295126635024518179060076282921965794883439709
+D2Z8YA0G/vzEVVQ6itLPUC92r9n9FKRpf6lDPWIgpZOOfIkukPp7zzTlo9Ej5IsBrZBbtGz/eYmlHeZ8Y9pQj8HFW24HeKYqjmR0ujbNxI0QgoE+VUwPVg0HhoQsOGmq47zpXpkDwpOAZbMh/t1Bafq6r2zM0qmiwOacJ8KFUas= 10814483230552506566705634583020057064935800294861277580077052473134972003523900930560478187758928889017740705417070994563709463926267126567504805864719383185267204810142444719634360655595490833208838383875687102074846353850310954150927702228780599083427768247170427544730791038729428517279760042619935478187
+XoZpSMHqlOyPYJS7dWSRNDJHCkjbo6+DECzu0FpB9O8bftcxan/06Twbo5d1lEqPlLx3w0XeWtrmCSCaeVcXVtlY3QuPjdKPv8LBnnhslPOVcbGyflaTPXU+ITWE6rwnIF+yWQl3NIwCV4EBtCT+3U//Dt/Ebif9gzfKpKltD6U= 66377743237695515693282032069691369056215169443985727092982918806809030742478033317158686828712146024066618073633406428345129492010236994055590530566431286733776441810601990431112187030942086686719669823512292071202675269428014136307286941704297995292544712278047959299939833088742083527714893795660235870117
+QUbbkyJQ0Nru9c/nPbphM6VxHp5DWlai6407KIDbTGvUReVYI7de1gO/BFphL9GA7gDareYoMuej3/SVp8lEujXywtXzjiI+j2TzR3YYiMBAMhsJO1wU9pxy69Cj5xeFFlrOycjE9sPS9nrqnEEEFNPiK/GDDTHj0KuNbWSCLrI= 45838919357034925862751142472777409057791233610959872523563363744902783251621354580995921495295078179996083468819097423327554678806691589090814275138081407920379810144694354354954459732280968086760894209634364189264517251735804373673532012530665557440070501687207620525228416650281363557992436992284712644274
+F+uI7ARCeAlnPLO1YR7RJj8LyhtE/EJMcY45lsNMff0YeENe8KOITZVxNA55FcxDYpg9sKi1UV3/ASqkqpH8MOxWpBdT2UwSX3oBkp6ETfJKqiag0C4MS8cQVsfcKF39BJ6KUE7X6KUEj11j2YIIRREmLPyZ0LatG7dN7Rmv2iI= 16797235966984072293396362937533957334369977688369659112225970370748312376722010874726300554329794854683394163379447263409228872034356195791733533528404245739693397078461712458035888813157166614479153484688995068722288153129390850561042173295997770817893349738328312152341860704179681230323810266038959856162
+ALkEoXznA7BJlBIfA3Avl9kygQcxexEMApwduVRiXeYG0uEXMQU4rgMJBlPqs+ly8LTIcLFaLnJAG2KFQn2GXz2TNa7w4xkegkrslIJEtBWX/lc7VzRtcLbhaXEs0Ci1ValnW9Up7dYOj3Qw9eNo/9M9b1fD9TI+0QXFtp1ge728 129924120553920201168632484268654219915712271781591182777925696006023100660478316445751842982460082888615429513674356810187315558964251402722465707617058251479494744427428152566665405423424700027316505872162698141109433045594670140335040479559124757490095995568556894332243767736124299898808796118800328801724
+Ki3FNTEE870E9GaNtbT418CLSmf++s6Di3hzAy8NgiDOFo+uuicJa54V3JNRxOBc99sl/chfZuaBQt14BFOQ0i+9rm2KD82okNABd+SNfXOb0Ow2taZX8CpkVJYDyphFPyHbPIKmzwMShNx9X2z9w4++tJgzBzGcFTPv1nhAlxc= 29618953883711174042338818332957726953262658484143534778541769862244883781157097499904047532839425875312731531093860721544220959674634750905085721866390609141599426547378130082409488797303960018348798930232014390380383063108812922828160584483043190739354817699497573863286563890071313017508437166939160221463
+AJq8tcSnAq6M32ViO4hVGiHY7Tb08cLVyxpl/v0Y5adYblvjrbsFcCmsNDi5PnBOBl5awR7KZdQ1xgq6jIs+SQbccEMvJvGUZW5MgcHrXBj9XVd+8oB0z0eahqXpgYBqLDeHLU6238xR3dJYFf+Xrcrzjg8swx66OmQKkAQVJtdq 108660120968150664552423780971948386965268856900017812123107864829782135741514930439461240950044759098603910762272795612101834680870627850178371693837566833495418727543557712057554231215186486008080050486837716071537742708913279026303380104388546316647349432118287628353129105425052237438199445863950767806314
+AI3mfrgcRwtE3mA12gSoQV1xyIGy/YA4pCCvja4mTjvzQOAfiZL0efadxZH5awohCC1SpZDCFsE9yYp4LugHKu/A8zMcp4k5ena8sTPDkSod1yucjybgmVJ5h17Pru28AzHQ/YUmCnojQv55aV2+AUhxzIfojY+NT2PKRqr+vuf+ 99645829268436288676280252226747461064597487404802430565833102291706103139410465131373666856042539909746769688396958963177805479987372681967013633920910376342526433530508868114301205524789149997372160919406352823342811006288909548557622230243808373083272214426118230701324879006645047374853535922112549545982
+TmXQ+D8XFKSclXwnTIH8d+sb1IV0gfm7GagJahaFL6A9rvYaZ0NTizkG5DQ0RmXyo0wPmLork/296whsdNdUxVAwnGFlWWvMV0ftR1fOvN9KoT0WtVZ4Rmu6Fuc7q1PskAZzIp7MkOAxILO4iX5dNuVC+GLZYIbpTel3Ga8fXuU= 55052751096768041533898435453266875315629605001878362193939750978427494147944918632414581744895066623527980497732722163665712245580312596487741856071020477624754815927936394948233480228964159047139170955663289543349257377302556035170334384320502468579367401821986660515827461352578142560630318492817238744805
+EF6KIBWQiQoHOnBdJs1p+WIcAv9ILt0cnQVo+o/2niOtI0C+eFBSiNgeddhotkQFgHvGUjq8BPYgtLC8A5IFKGzXu4SYj5ziagka0hqfhVs9zVHKNx2NUoMhPDG5R7+giwEGGPOayGHVNbsBf1FBYG91+mwy8hnNbhcHSnvLGk4= 11494909948912248031301686864833544028186348338729984264372557659364976118965740281229664413031002362633393381744365783802034700038490736736266032000546393704814403638058993380993275865674190555703046732456017652317200288968188655019374159412919163798248766655991273308390043613040731449231289437754791500366
+AL7wCh8tkFe07qChFAzRkrnNehvda/Teroj65X1Bmcr14+/zeJlZDObYRYBOm8YYSYNgJekcL3o9lLFE34sCMbSJgm4dGwpEVexiLVi+zc8ndnqBDSAnRqtC+3jbInm/v8l6cUvuzrUNtzXIQ/H4FrmPMiVy0EMerkMtkfw5GBsd 134080980697158076909534078193319899756347955848461100874771253577754225619652121295523443912922220564492468474647193062555347746840044705102003079330399499915801536721237211615317000955332058281901995149084303143543150689010335818219129745452688372571010816270728441637278434982752674030696337642893239393053
+APunLhlblRi3bbRBwSV8dsw8h5SvT8ncAmXPnca+e1dLzrQZzL7P2OhFope0mW1MCDl2kJPiGTdK3SiYJVsAFeR3r/0z96g3oq+8uS66T6VaJym0QToMsqQF4/fUMaTo9HsukyPyOgjVIU+6TiFd3SxQKIu1/GpQWVQIP2pkHFKM 176716779397275986910036615967409090183531310366246043951791503601618945774743601662530806467045971394247287367421508126613573039423674729894091424105133906122821596079925540513892022311039293333114333317886304014722168786051080135090242879622144693440448171583324154550086458411590240882982297314605229953676
+MM6B5AgdJKe5OLlPzcXwi9WhqQjx5KsnBYxxa3kWdGNTdk/IN6TVd4Ptn8lWkLm78mw3DXP4Ol1sQbIfkHRoKFUN6TaWg5aDCJBDXyHSTZI2FDc1di0Te1SwziYn0sIOe+R+rfuLuHlcT1xaZBgL6+dDLAZaZza36UEjn5i/pTs= 34273208848307582992498656582721015257885595139328466874135636009184357438445251703533153492315835793684794951576799764181908090765379592683793969576893243386892292517067596035059342970830813419330530731370385186653239446376170533147020072285887964430731437765184844167400169982662183791828762458682426369339
+AJK1dx77ZA4F0sYCgRL1LKSTvjGTKBHd4QBeVnE6FKJxIow82puqtsVZ7TBxbECex+LkLQPrEbuQaVr3giUDjg0aJCE0D9ZVXCUS06qulqcCCdWgGFHXDOQzTWDn6TlJCGxtTEMbMxSlUq1q0iKZ19kwMHiT3GydBn8/G7tIYd23 103022457217861194294329435482792508957642944252832971366936865663608381648431732294396977429863681671686490913575377744795372643599438468695483808375208871881849232129651519218503507811863794426234594709451104684234156597418383183271923307418704786548452806494411689822939919114966188329657999811363991575991
+fPZNsqUYBbVGA2FAiglnByxGJOZkVSpj8Y4QNW5wq6o/1e/PRwp0TLYJXIoCJRs82pAj0QDpQbHl5lCZmNxEIQP8o8xI//HCPxPIdgBJmSfm3VGetrOpqEGU0KJJqK4IsjoVpAfPFMUMOpGNz9CSvCHGk1AKrtYvrTJEKmETuig= 87751387019308584846595931543798879607048239290774788042055795835726250309378365187899578817976976035304304847968410200168743967600896348021636654074952051821111673620467434295067182213181329543946368332581250062140819766061014427755090798550122401239987766844126425179573454145697756278292448630509686471208
+EmT6DUd0bxcdprYhAnycQaxm89kltJOlIOGFFRmEK90H3RhzBGr5PRVTJVqemFVpVliO1gy1nPHgqDGVNIE1GXhrhyFJU6m+HJeNcduippRe38xPCiuraRkXao79X7WAiVYUq6RIH+UIRnfTvHBgzTwjrOvKJ5853hYmGaanjh0= 12917015385266582065020051081997430892582163827812227349569911846746592973268746845211126663077128575098045461893559476227689488349263954564361736197688317585888118974603264677576027836032271531903881104937422976121352854003385726888601980526287956222142458858211589791399646989299770657341412683499692330525
+APtOYyWzdY1A/YU0SGrtjPdMZA5E50Y3hJVXppwuuSk04TjXzcbu2Sqp7sMnKYbToRW4nB5p2UnaLPhTRy0yszOd1auLngW+0ttCybD6nTcVoP65gYOwXGfSEQysqKLb1OfV8kYq5Ba92Efn+CcWWWuS0wEr97W5M/Hccx9bGu0r 176473215292413922394356058789571494026727424839036665031567966488209592078148711908841964690807374236235612412767651029865069639786447019874344449598703213025389428836803984245755885691094364960118900160737925054803955567361126391353868279642836569627177281508980029006921064654964339077608785831304875404587
+Vs6bjpYfFA1R/QTeCfhMuZLZ+Zxo6wxq1jFZpi5SBR1LaUwAtOAj38OJC8L7zmxSOj/RGEmJHkulI3E1MH7P7xlWbY468/azfot5fX9BgHrtptV6Q0dkBUg7H91+tcxdbm4/V0HGQGa2rZp+XK1rO+U/d0ki6iNbsCsCR+OeyvI= 60957991334776853645581868230398759578123373154273044785333939425321390401088800849629483265841435899835570419798325123273632247193463641611211088549152950252041797959644227170492417662363676228611376046334386877555777556575818860902071813120592757466883038430756577949025778080997296219236534786815367760626
+GiauT9A+wmwJsFbS2OPIM6ultIbU+kT2NgACn1jFAy+vNBahdfHMCH0jJdCs5TbmKTCeiEf3ITc5TV1OSvIejJ0GRkTf80nY47TAhiP1aehZvMAv59NQHHTDUE1U4TPVYKIyFpm1V1A+JBHKJzuGrB4lvqB2ed7k4m/ZD5lFLMM= 18363925023885496669420377869542744504974590667921570026763131637088916425434675950812384919000566852243714758512996458727914094904422651029609645299422563453163291342992902510788457007623888307499601267675322986672697397389663297565071582648674012080122614260400848960757021864980761735684874056409664531651
+AL/9KOZLtZu4+ZQYQsmOgbST8F4RV4N/Z+l8qsbCFlHdXHqTTkcN0chsccE/3KkVTZsAnAyJqogbAvB/RZqttaK5a8iKlOEoerUS92FVQw/42WhsVaFggR9cHVuvCD6QqclZjSBQKQzUMy0YWPWlycAZDIv96tooA+V+Fk0jbcFs 134819194171226950171930028888667967094069342154233489571728632904658607624703819928943642011918061760802468868660586005724399808048609316802502143143910585363214684061242274402109137825176291816945489430125510625857564490981683683589784133305376252294774711594646923226452625156299996630452243345104727556460
+AK5x2N/4+PKlsW/fNrw76CnE+nS76Rd7Ugo3IKhMTB/IuCc5xG4MQHo5MlWE0oVkZ+Gs4CxUpvD/WCCjHHFlSxKG4mC6ehz3NVLglBt+f1RWfPkF28JPd0UaIOG3um8kG4J3JDN48PXOPP86A0H8ZYbE5+ImmXsGAcwvScUQRInU 122499245103202714319465533564374494931278163571999934877854825659720649344163774228004853964635693562785966889622928722984134944784141208867445419597834322541679973956606275877526560988151196822256754309120410807075405427166696093800381410682490767468563176131997424692783482903880902119461752084196789357012
+ALZ12i0hqFhwRAikcoahYzH/BUolhgZ9Jz6adLvvTO4wk6LLOpNC/zCz+LjM7HazZomT1SqeYJ2X+WeGFLADHuWo+Gp/I3S0UEneYHKJxoU7OoOtE0mB0BCncLckHao/LmbpnQpS+Lx5bRsr0yE6oWNea6gbyRm/R0to74MI3/KK 128128022342420083856194424802390993133863171077961467523372211039771843125192435716337829530528063182315478279257832480290950255315151577221042903861075751839976362752440630888566422581799720709574650482021111126414843635330535518992034746102956214991673417580508389225948159518319625680855827280146399752842
+APXxvLifWgehdwdTRAJP5KrchRzgbUsyMWKcPGm2ZkwGDJjoTl2LIOOGVFiL4CyPBxahkEHf0nMxBN5oNGX/Y4W4PuOAC8gMgHzdLkPWkpnTcyoe5DD+fQsqNuKVw9nvyB15fx8k0d6b056nfFjnnRqgybby7MSllAWSKRYRdxVm 172707950911363219032118650562553641123743396229371815589867086054370029540557395298194067635069298952836929253340374819975848769009260895874615676938511747311585257140973518651959463416682165208985512233703837931718385346209362040743041262031997793519095342415901373534535662377972036003546589624834285049190
+O+9ohtZ9SzGLJoZM8IRQAjhc/GPt2X5G+M22ZidYjx9WgOTrZDXorSyxLuHxay6djsJSgjxYMj8MuanYSn/DzPWBB1Gn4cDmIsfeYuzO+vUJ4l6d0nIvBg9Iqs61/PGFd46YxhnDiVQ9HEznyTjzESnNqc0+/OkQVJcwNHAcZBg= 42087920806448980363073662127262313840530298932643042322138035915324224188032438119079107631420338701086802583985117830416851550991102672642532160807467909040086448764318690465254898516502941122327185894900817634110254371864896139724173087625913998657136384357741816102965779105122269429701537815263708996632
+VJOZmvqrqsIUTQSSJpZPhbQIYN2tsfBhAciWnfAYpwjK9/ts7OP4Qgdp6T/V2EsSRPnfZ0VKdLg1CnEWDhfcODo+/BZcUrJ0AviFAEtdeUhoMSWXtjel9Ln2guHY4s33z2cN70+e8gfjes65lCzrxUIXEF4nKxzKBnScoooQP5k= 59391682001673484862915842850714742391303140646889359425353339320546979084250010101273851580028171449840778038774656177449549941659895629203970455580974953864068394275066532699748911169800076515776388213090834432354601344176559839798153004796057709798368011673585434643656820656931921831615507416411999846297
+FRyJCOgPziO6RDHX1JgYGZRcSAuoQFIZM4niD/B0twK3l+TRpmVigKZAJnZZFtmX+0JQkDwQn3lcBGQIL6mgy+j0hD58U2/Wd6xebuHSzf4OHVGo1cYoqZLplszA+hVCoDVTHi2YAZ+GtfQEggumcNVxqfEZd6D9Nu//hm0t21M= 14824975573460749317081504809641216868382341402512168178334301409725840669112911061147252565570697788806398498723577368905065980113760265945344671897779830912242224090954834750057278285419880820811348943398148063418809729356397202526234113316098584002071850758705282845646489058224513019380757604894853946195
+dUk5LyS7mduFJlvh5o8R73kJIeeTh0Zli/y3XjtIXfCaNRf+wDlD/pX91JEwsQ5Mvj8yq/Uq13QyWhoNwsPpXVcJtJ+02wtIn5darsBDfzcD/LbWhl7zTRUeMjZ72gAWi1djx94SWjrZJS2oWZU92Og1yOyKRG+ua0AhHfYYh6g= 82361050315899968537319599868832189063658136463903643442673674137187842597528653416212822014359684261704550279153006971937114135373937934986951573613797195556144113400128502946618028800530164890707031379614952207482505803377774320259789692177752930767589642007257364960987343146063216186985472686575891023784
+AI6rejwEznR35rIPuIz0CP2aWyhRUR3unJ90YfxyuVYxrqOJQGSDTSf6SGDDw5MqpZXa9pWuwpyrb6smOq4ZtC3Er7lipJfXDjhy+0k1qcfMjmqbATUscwXGpgW+MO71cttccEz6vhbjndi8gvG5M/vfL2l1jA8nXuBd4e254dbz 100186164434910864539376019601151338080943067893748898987236087770762310617199833479771711726248130012472861788210345311298499515751355424063761182369333224929721733015910055321263016834247318907562652286587380604998130368845939290804442878127169587599285040969551065995197981341260363722618429042861484922611
+AJ5vLZX0fSs8dUSBqd5hki48T9cYuR0atxR+qv7cRu9nD1vP8uNVR8dLitg3XH0RARt3ZmOgi/AuggZt6tTxuIBg+9JhBY9WW+BLL5CnYWHC3AKMi7MQBWciLtmBpyF152bDaEcV1PXxtml2KxX0Ba0C+hGVDmJSdi8Kjd4AkfU6 111256341508463539324514225759801553679558662737345522765042612717818066374840372549356543720386819501973783940451033901079765311790026584654529398345993992144903839534037331533660672892487693477412528974248713261092693018326068480417183236210881306241164169849090833681510163753605662526243408192127670285626
+ZhXtSzn1GiFfHHnSKUYZiTcEWqlI8owyCKFjCQ+VEvkdk50m8uN7RCQ6ZhI545tN7Uy0WdLstJhgJETBYLHHIoWsJn07mgPxuyO0XsqNroICMQEOO/YWQFk1c0VqZifcohQAwJj7fONzM7hTcA22/7gVigJ3iLq178jZOJsEPQs= 71686982768953132894579286530164112027530221141251507987469672039995314435159469907420372652392376452531392493658576814100773556880394271726970628960571077839124343525055625420896355363707908511865700866168843075071778015504724409171911254647909938237551680861008772396291072284353858575645679153885560978699
+Vc8Cw5m5yI+bJ5sUJYm/F2wyZ5x3D4ydyL0uU/3eVF2ZJu55OOlC9pUyyv7WGExClHvWpR9mhMnsqCLyseLfM2Q/YXJ7cjGPKp2xd+fvwHa4hRi1FdOxs96rJnb+HUt9hTwQByXgzpnUfs7AqrqaNf4WSlBNMu0IOOqDdB4iVHU= 60256873326783629723455608618518793848697944184579877638436234491615392142659293975260290798403892159720925893207048153291000664050780029732557737984085196691225472664027706406879051455184548871511448456651238810812870905640934953489289909009741493031472382758586341375517766302753448531830002512912250459253
+QmeUn6cbpE8YrDfMETz/+KVFaK+d4NHHzcdj/MnjcmqQSLpP/XwCW/aeudlN3SfKd6rNo1XZefunZO/ek+PHEIy899WzjiJaajhf2X05fl9WuPEaMES3Yrr+ClogFNQ+9jL8+7L+J8lDuqQzvchT0U0RPay5HSNZw+ZouVCiQ18= 46630904037845609335515965570673490721137364238213103678233212262384415738654627185220187275286458759154841820256007930773120637898228224906635911124921895934056288121005350040349882413280772888907627838315559544636626856478316691755270725623680935763476199888127096014398699432042227882284223578563208692575
+ALUBYIShA4w5kRUa6iNF8S33DqaprdOWjVBnO+j9CCGtUh+NNwfpKR8AKf536MtuFFtwaQvRIlkLpaTYXuRxzyU/YG2+UfRQF3pEmXQhcMxJqFzqZ5nWCIWlJ/KtYS4lcC/B7hD2UGAktnIdjVUTSxX60VzA+zxeunV2iBZXQlEs 127106299687401374061881872616647348819431126560557369258073443762502337592227172639640997680536372567116568811258505773087926491911004324918919511363985868314578663758269650473780772688462266790559846182685481907703974916356209771821075179827563487466641669110315430790405454641953880582274165368514679034156
+ANyAdMnVCVjmUZGiVdyvGE5mUQpKoJOJINqMAfzVUGvvxXFmGdoAx+xsDRNAP4KoijpXk6E3yPBPBZEWyhiHnyjEkktK/gX6gnb745afS0QIlsjhKCk/W/BHXkzC862Llnc1ZGAIsERnGceEoZHdICfDUh/7nMFp5WuSMzPB7nEO 154841617115465511611746667401422322067517612306328612547616471923266281876818466022676728696273611923942543658633762267658490816264271663863494188027433799849037906883352478212451733963905925106470599843045599411842850386623187980045961158399934160107237440980574028985561404965317132715808604373199725949198
+AJ4nfhDe+HojR2YrprDHW9FVUxsZvoIekwlNL2iKFRFcTB9IcEdh6QnGcaRinev7yEYUsL6saSxUj39uWlqo8udJFdszuuQUmnloIi34L5uj0m1OpLy2dawpFQr8pqyA7go4ugMMj6XCtiVnISUcK8wjHgY3Jed/EKK8k5ce0Jxt 111059703393618496515021583605572584329116596402705082562306930876194742195701060137568030171429700588269665205795898835699633817098262654446852249498668467827435829513531633390969638488553144849154126899372953755511962841193763362947708260103832329116485114451074371844037650417731807385491783373627950406765
+AL+heSTflb2MkRYFTKghfzqlVQ1oE5vcx0eCIsy9NJ2NGFXCRRvoGDVoB8UEsUWIRnaA+MIpwDKGpbOS8kRQrvBvPe/xM/t3jrGkaS6pN064+bCBx8Y/Jq31ZXNG8oUol+y1Eo6fkUKNl4EOetmZWK8VmhVwol5YngDffj4Q8ned 134567692290185631768518572983694048149859804864902017394351513816079806629664302312927579302025923096596995134868068794900003728293470554490807959649153000914807604036531509869958441069678002226922395630284261949256022972967357884468325217602330254290548618134453007903724438628204981673400911693835033278365
+AI272d2sbYIi637kHZC+6lievgcDvT5VKaCnus3fHwm2vfao7oYu31P4st9DlqPWJ635X6QtLkU5HgvVSy66MDj2fcOfwVL09ffkZYnoGNdhMADVgOq62Ro5cCpOdw8Ko0cCyVpVIaSysPuqY7kiClf9GTdyZz/uYHDgwWeNrc4R 99528854246023003959943182132914587584844397870416002887630245681136432049666385367430032197518895755482367603560037194955739661569172773017279832774100155646116233705958563163070414171045438199561777058338188494271322834524386565519620661180246416329082614115142485663975718653564590519408413408765689056785
+AN9S8vPzo4SkyKsk07nfyD0um1riJzRqqWF9KCL+kWMHajurgPACikYzu61tL7l1mNEaIU16Ndz541o+y76DgsTLYszu4KXUOEt1Gu3eHy05Fq18zCDlNesSVjkZjPmuJr2ku+p0cP0TLLMn7/KuVOm4GlEVc6OvBNZuEzRriSYZ 156823459768092337875922818543729136404805918580285507923139232733465414368775678369646914249412830351437211620056021568154043505276475345347569200977945836210758870414054407438380975491139001471954448623922841964684437333066353208837709613982022690623722155151315252634380695513434502419141555410441456920089
+AMc5H8kywLgiT4zz5xgoI90jejsHorbqUGtBeX9wke7zyvEKyWxRKScZwzRbinjDZzN48eg/30qTZOV2Rw97JFg+EA63iZ0vqfF8jErIt3hODniKX8zayCuNmiSb5kiZL0UDU1SNh8ER4m6o5vshBKkmqs0PeozfCGQtR3bZXlx4 139899247405256530335276706333424670310599977544642091674186635734421385499036688803073040921114325725234673132788498809189814711681909865484671959982394306416477300458309408833281654917008031099378445580498219376391819745965887864647387211647794422908411100892195529730435423964537342228510107659017578765432
+AKv+3H/TruTX3wdMWnLzD05em8u/QMl6lCHT4VkK+uZwBXoLeji54Tcs/hZIhj0Bdj0URrRt+7JdGSTy4Sr986AtVFxBJZA3lT+JT4JSrq3oY1Tv+tX/yg8ZodQmbpQyyfaFg3BgeHNmsUoCrdqhj4IwBqEXoOBRIXnzaTuqqSEw 120779384043726135670909127168686589868907326577918074234323699599475436892003731971700278391108690400460261929381703781833059801757700386671579819341589048987186473249926590758009001670959004477454905417357202448886738669226760846888369186457452643053236389556969071303251275912453385963613554945645058007344
+ANXIB+HxOyJd3YYsscMpqZpi/eYjZi5q6A0MohU4BiWEJK/E4uIObLJDH5yd4ng+hn7UMhc+R/AxG88hIdOc5NyG/QyFs95ZLUC26F9rkRifu2CBkgqR5EQi2cgwC8jGxQOkC62YND6cAn/ILsKTYaH0iavtO9Tz04vQp9Ypc82H 150122383481070201614242107655752525590609186454390549085509458064289390813495886095936526832230958746095739308601699615024239939948911472291507190108935262129646691795733786714291498653838550751365834947465294261687773081563139416397262227609481906371677917295227469553787085145970923979142676551778927103367
+ZQLFoW+dJ7vrHdMlcLRGKY6T6PZKnE2L3NjXymS/55my2CDBLdDf3oXwLlRjVt9KnEiXyQzLhyY2PrFA4k3N/3P5lVDLHero5c36TMshbHgbIKRGN2CGWPEFeQ4j040IwVbQCPJeuF3jL5ikCxWZFXfeEnTL6TqumLfD9yLQfKA= 70932215714423143395949105745758445705072524008235214324766464113352968998429901322485575506330607802260244612268338586532462314021433435523464635419846126736185176246740838082062856583684393425704173881940108783636582561707441482446854068022535943408999200681879161519209676205165680598258447492092651404448
+LzzvPw0FdtM2G/RRiqoajJiIH+Lw3jpL4H+08yOpp1bNITR2Aq0beu2nP0H4o2Z1/FNr2hzuGakkAhVbmmRXc8keoOkeaAQAP/8OYxHpjrqou3WPWaKx+vUCTSqVYYf8gnVKpAAC2cD+3lW+/ZJ538o+c0ovbUKNu1u1j1OBtA0= 33171669664542509840621265032202455391098253465550501094201777336478104142847268103467889435377685359857979277521589539506627375165485879405453566052091202280471235979376217319335800766353336252760793484157724210008639813552207624049019149744883918494762511376489708611103181576211531366514802868659603747853
+APrGj1lIIlxA57DNh+bTEAFbJK2Y2P3MxLShb4fPx2aY6j88k3umoe07ISQLf9PzNPeml4/0I3w0KNd2x4s9KHbj7NsIT64lhO6eQSEteqZXZGXUYUyNzhrTbAjt+Q9LVKItQhsTkTW2HTQ5RQZfGrkL118b/I18J4P+T8CGZdDz 176100632478477421621142147788721746818712752858710594712903769452749028606541677227413333567013253138397373757811889654342173021761934591400685421771460440213093509170325205622261487145789848227404883040799927313402244625239515162996390018403365063394514244196976794479529075569412676472840544017222373593331
+Fvcl/LemWk29I5LCjU1QedTjGlkvFF/kZXNkRJv+vNZ7qgq6pX8WB9yVkk6AoclDYAhCRfKTKuEpR23iafVuHpprPfNXcqBH8n01kq3U27xqIy2hS+D6BRBK67PQaekq31EB0aOcEb/DuNaXakS9+mtTMx6BKt+WoEY+NkzHK6c= 16126868736093163702771491576570380743773057522016869811780571865928979861357811080042796140032050364543242385458140594532945509386155523162799601656485075247603490060565663264947465987286983338572455184901756399862440455644131755848583379822279676555143231305246033911608913609591095831135803702269767527335
+AKW8tvaB8YZ7J5W2lmquBniJzUhRfqFdPZPqvBoMzR4cRh1CMNdSFsYsnsaF3KolNzogdsxFpHAaEMG6zSvpNJAoi4nixCqb5SETXrSLASXvNjI9MvCoE2JCRq7kMbjPL7cem+mBPWZITGUI6KVlJPLxQngHYSFxukqlx7jznwJH 116384596458828069344020651216200368975621068920641012055593076864629080375946542748377736186556382088448816531408136815533164209947323588157210859294774679831647934533061547276394884474877353537242203645373945111105805934070657589374883764420038511061919092743520704686962593876316976299391579463759429567047
+D5N2P4FrqDf7/2Z2BJsqah4SjUtolic/yNqdNzvNEogDKZKAJyGq4zhnHvkYXkEm2ueU/FDPJRqisszG0oULdU6c7p8acirEwsGLVh4RamnFRgmQSK1vbiYB3bR+P+iFX/bZ+TWjN2Y3YMa5UB//I6Zb5kEIjmTpjY2LEPI1e6s= 10937855369372570149476727082965401421189236366492771695094788039313362971972373068736123833330006002198346944149230147444718818161877123407713821100752433128205189334393732633989950841577315682292180735057952587083688644195300641998709155269462601925653013312848413290208844194513502358901613104779186502571
+V/A1ktS0xrcwlI8xrYqvlLCFYrdVp8tEzZaZ9iNNpPH/pzVsA0WbnnUeHbdilkje+4OdoX9C4U2xaOuWOfvqLR0c7GeCkSffCqyf4ZsBmjy/BQL6rCpxMF0gIHXO5O8aJ1h17hy9LTuNzWm4zVh4pNFuHC9L6nAcf92udMiIQzk= 61752386563628388546439207444896778638632243226541303179646524864765343154194512297447627825411023405896612559648434895675553567405277169056807223959390559391191382555701580549902639604424290133917402316755076644943742815711432111554988540913643347167948778404861099845961151998728662878854088239266688156473
+APoPgEKA0/r1FYmt/Iso6ChYK6dDU62Y+vH5h/LVE00biBYG1f7aL3GdllUTN+XQSHpqlDw8CD+9xojwZIMfgpgjOwLbbe7Aso460zLrg3R8aHBpbVt8iZUgjACwPYr5UyKbFzIAWaXcnYYQ+tCO9aDIuOz+/7eIF62C81zXFJVZ 175598490446477604563905754135475294999639698464908622773037381109011373179895295130424828038708319325919451724985361900259676699137657615076219968061941008972496322083528922054390781811699677037439989404270415929836486610353098273115864435328533577114470407444852521009919911888840405368858409835197558461785
+cL54ymLJhRx3U20Y9aUTIsXy9Ags+XHy4qk3F7uJyO46eiXSL7VrrR9vTQXAbETbu1YiVWfslsPht810eUDUVaVir6yLnXkywn46Ci42FEvVoTEFjO22uYcCh8nqB8H589w/+lVSlNrcILugwfdfCvK1iZzVimOO6l3qzfXToOU= 79171550718114578361958369278761819285111811576818442980166457146638966315793211967882077899426611721874954146020093740153495693185472340728106727284441726113022873005252623222594060645383105757498856463065370975867121188445567981809371870213273555432308279508351518168027875538720367440153667708369625129189
+QdQN4qW2QZq8/fmSaqlRiPSoDbhmF0oYjaY29HcKYGHdlOH0AMJb+RUIq1aszvVtjh7AYay2TNhaZMWQ6Qi3c42SNk3A1MVknT6zqiRCGjNFfxf/matbRLbTFQF832MAId708vrFLF/o2HpekMkc5hcHB6bkUUhEI1NLcMXwGck= 46226230186280253581676626651942823886592433541360244612432763620730826574920825070086312767146345247802570752482654580909236388357139147786783758670999083804670979821212991224400629053427330483809790366665043598754931511997925850227997764381723288657884346974360232490075739442406431704368767588177525348809
+cxHvCK/dyVDvaqCCQyLeaiBGA36mV5el+1lc2eUTkHGUzX5gU0QQCEp+iSXNJhIOON8VFpKOFsziuV0Z+3cegWRw/VnxnjXcBh6IDKdupzOPB+Yl8MA1ti/GrQjLC6ikcNYNjQT0ZThL7KTqEvvZJH68WYmD0IuK26swjNGIGaI= 80804939616399473443737611589382762718815989847332356984276911837267997590368701684135326680567847542004499684038240485603420973682522792156533112356849436451918522884749244246467852622918805139990256619014116276456718693703261686778030658826952213058982142604346352178078750879100976710761147710018148637090
+AIQ3OIZevkYoRGBmsFaXJobSfLeInuKKReVYNjP5VEPoMq0mXTltY6l09/rQ3d1JjsMD1PfA7emhxex+H9t3leBIfCi6Ux34GQEjXWpQc4awuiy9tbR077HaJyecvb8Qy1FTnOHoH5C043QJzrKYT/sFXjgB60piI8Y0R/hwxO4r 92845026347218330987427785323244729176754623818531419911990153715676845614711324345879159989637824921793015074978358052562420379797956750450245721653716740651389924718711940869162230097839047895842495414221110468446944827052871968998907462191349838598297775847512250220907563815783358238473966349820476321323
+LoG6ib5lUh57rdmSkZSWzBoudytFohS4uoU/uly6OaQDOi34GeNVxu/yr6RszJyL9JWkGNgFaBIv/HirH5zA9VQAL/6kpL93a0/GQ/nuHkHy3GWZPF/2+yJ0PfazQ40fWhHZfRxBngWslbguFPjj1XaJ37YzpQAYb/+QcUai9ic= 32658152290878644668906121702816147999633088014476055330179597550087921141413344679134407016170035735846077181424615228657687216737432274043674411132745299610950657139041836412322040866250189120286839287690983293111362228893996267791120043532014262644480689231457941173330523718758287779526551822788227954215
+AKu2jgOQCCfYZ3CLkXEH44aO4TtwMPeK/eq4FtNj9HZ9FxT0LLNJh0ZXPOaPJjgznvIw5C7/hNm7rUs1JeV8I8dj3nbS3EVERQz1gc/ckYB3H1bViWREOD5+TScDusi86YO/z4ar3dauKkg5kT1kKDuU/OP5kNMWvtJjHc4Vd3L3 120581042599355202025471829872601846477331097842315143148145881424071317426176264583672725691485724160094190478865850305422057632110749683552966861219554215519032344086824849470294473808177223497912069335635933312949412445851201918768630656712413082629164792850095444166888072453190903931430551124946191872759
+ANLs7OsR7oBM5jSjVADrk+Mx9d0TeieTIkxwWiJ5STKNQmW2EzPOjgbfcLhbYEhzzDFJveXO2dzz6/c8V5oW2yqg7VMx88DzEbpQnQpk/rOQRw9jbI4fxXNJHkNZCeysEVvFfLJb4ecsGA0xJ3Aylny/jP10ahPv2z5K99edGZSU 148116916208650944522110872759145096907599612943009577897396622287067669897712748449324334650112672914917664881091633448764667172850435775162090891556266912697811031318228334453406561952979778127173704706529448647577013482442758465809198730066784986763500579667100246958959793527011919373534159474250508506260
+AL+Er3n1qj+SBsZVtOMJYg4m0CN+DE6gRnC1F7nPvd2XnBe+QE0+LKfcpUDHVNxoydW4BDzNVwnUNbyjXZ+iuddPtO9hchVEI36UiuL0ydeldFpOZ9mtHJaAF6abd0MlHw4vXRf8CbOvXb5N4s76ggijlZBjRtU563sSmBcyq6Zt 134488725667189507159811764480908602790838430340670328479145818969651133017546803581865897303917708192047926432630297993507146075655594931523561067937580218599890162311074002344315818494246433967228889645359283635389151927472221799543158424012020308449895562192866672439712148770104592027035768027605661099629
+AK/04XOBSjjPpuFXTDF82RNWnKqZz9mJQbS2B5bn0ehFnBa6j+B+MazX+AxXTL/d5+hPLT1uexcnSMl3DcGGwKipOXg7Dtuj3pfJXHTrCqXAUYrIXI+8vKVQO55yQPGfzIg9SVgetwW1sDk+a28ZhJ5a9OddqNoi5C+dLce7ZtNb 123560902006294001923570614486104726169564351074482936927091682096999779538353161007361361829586988452098646362280351148131540524964916445100589671458589346440250329883789099771417949746709217272531950438336245613419967556433467843237384555807236658182067742367748737224684334525934210197178231424396818830171
+PzOEGHlihiveoWFAALY+LOfkRJfm0NUF/uR6cSU/tbpGAq4onNpr+iZIzEP5o3JBLOtDC595/NBPI0fzaXl0vQvgJs6KG8iKANjsLKQjIpZBkoKhdbG9MzTVQuAeuDW0w3sn2iMZ/v2dgAzRwfqmQYXJr3I2BbcwWraIJuZXw5A= 44381416070253681813077725822442106641846565789204187691647505370231831464947935035197059366680327425453811558282831465960889061956588244308214943856009686127871667376028831540813257349779756631357122923723235595360268572998278795110672666089470210929411514949652537714634611421849780859192966935514197771152
+APnuduN01GS9dO2m2uCLs400AR2lX7elOnIPC5U6e17qbukxWYzNhilZlM4kdGXAIeYpzFdSIW/gxRMZe6TXq9krFWRaaPyT2QwRfGHYnazS9F1QNYmW1zXdt+qVp0JGxmh5PyDstbP8Z3x50/E8Mb0gLLPhNAvzY2Jnr9A8Q1Hy 175507868985304663005133968393406051624825489142498103948374797086106732382869120248515993626061853699363294022457032257026588816021007648668265488426495800459085474654859258116280251546902009156490112550154951965894022789029787886785376415437170872937201839249103828294508088966180386198213606090453461193202
+QHEhL4iVzNdUsfG0izTEepwTOvxka8t/9MwuF1Ey6kxsI+ry4g4sJPgR2xMnbtOmvQn2NitAkfvA8JPCiL7a8+gmf+DVRDjKDfpfrtgAVmo+3rH+uJYTrKhAp8R7ggU2xIrvbIrgeUj7ieThPI3Rtap+IdkPCL853JC/+oKtytM= 45252649968839515171157821292772647085425694172492111870169593872127007254353374581972876464918186509502070064028725519394859148593053614163356612260257013360168930649423732336969778875205250872728821432415158634190866775855521719727700464116412886964736859295086745723651735554245035077902615220578218265299
+APeaekK4mVhEShCfM0mkRebcg1Iq5CgrFIEGOoh1nHzgebr5A9Wrhm9yD1Vd3e+fFD9urDRB4y5MHPJHX1U2NFToC+H8nQkFXL8bfd/9Wl2c7y8m0Mxwi53pLIdzETLbbfeOOtJvuSYYT3n8+/PeMnJ46UD8OfqtnFuS0/bVpFLS 173873040145444066957050580959132871919216036714423404143335635770937773583761934638398867981658394368476005882852706046614562314432695052874974848076542261910660410561876043187368112065303981001507235893831108658530338308496461162623683138693880482650786841100027392293758260448606244283355655751440485602002
+FqC/wgZDPTUoObPFSH5w4QR79zj/O+ZiHGTEnsBMwNZD3Gl/ClRDIsFMDDupNLgwgXsqCQbpwSOHOtAvUuAFwRpzt5B7lwIgtP5ism/AZRno5p+9WVSmUAM3glHsNtvYydz2MkXtnXzSMIR1ZVoLrdwMnckE4pbMzggqz+JZqxw= 15889870005716350976759704672045310928616256175405784574141006779373730686049218680335525720670897894546334915362899913262232170795516176419192840427996647372619000239408311568577050460995518058850793096827271653902583271225799114408537346367483775593212272587811309978019791973449354003275559762102731778844
+AJXNbv2AMWadF5h99ZAUy5gLnVK/hMaakFo0ZedtPNRJobxPmwj+h52G+Czd0U48G0V0wpdeUJC9v/4BhjzhCvNhNsdAT1+vQXDuteYQ1aspsEKLQ6b+NknO88QSbRJw53+KeOY2xe7PKOa4V89XnFFBF7wljRnIYrM8vvcqVQDk 105194875227030598769888785590198577650278341586165110611689226597424766274486797264032300493674927704016605741286512271390703088626381669060095573361828932336327125438452066548897528158329044309005232090053420259033538936293519762277428283316506398965916381374819450858053512398634116052299066189424983605476
+AIDRnUpBHepjBqYAlU4MG/8JxzX1mPxVNHpWvnEVgvqTQx/bisFPpXrYs3jAKIR/lzevYwhH0K/8Vvw4NK9iTMFqgSnU44AZztKsoxUXsEsl1UU56UscY5C7ciKU6vjjWI7nm/uHNOXdE82TQXkk2WX8ferNqZU5DaLFCb+zxb7w 90459642084794142567976043425270153270545560059973413835786695756473295513758287577749768786155290305189883600338986370836806413936196854410098516254596146039255388020628703824195128439558127783534033672712705194483515442668075394018677699876614329419492391568463215822656901183478205197671375262145069825776
+AIdvVNzJqWPgAShvi3GhbhMQft+SLigKGrhoqas2Saz/bA9u9Td6fAxa2LjrAqshW6cnm2aalc3Yv6RW/Y8vg7Ho31NSaRjT4zMUenykcC0/Y88UNxREi85wdnHwGytms6Lq49H8/7EFGJIyL1PLRWPmZn6XFkegscI/HUq/hiKm 95105613103051650721863964216778532448106311156426028879315612217763044797186635476805213120469258258125661666950525364331551671653846368977016286153840829836509696804585927581668281228810410814602664419962214359687545209312836366693384158782798559255789953908588601637765910472073600954502095647132310971046
+DdchOPjXrI6lpV84IdKCisPmdqZan8AARXRLADEhixsfXCYuO+WhNatI/fM1vgv+/TxwwIQjIfG1vOZcB36JUfjHYdItYQ70vUXaVFdpqvoBGyfOTU50Ds/11iGPCF8mWiQwR30/XAXytqDZtaVJVWsgHD3RigBSnSHhnvZAWYg= 9719024770319024562623340689338530708271347986326272393419504304391837979619189392867902307307106771234732135400958362219711925045600118964223238147375808749507928768896918369395426933218443166133187066167663170936604731896932630589251946733237697936733924510107175304126061649311812536190882160340308613512
+I+Z6rdTOt26/v3dtUP1plITb15fjb6aMDvqFS3AD1+nxBqnnk7ISGE9j6dv762EIWQpMzcCG5NCCq35KOHEwRXP28zup6olOMt3CBFgYVcBE2pWOpGiO19G/iFweYZXZPY5HgIkex7HBbb7l6HhomPc2sLL/IRhh2oogyHx2JMM= 25210054612455888156900839678249806510561198051210010474517915819801056434402727631042894881559517808906460418029149538469607239850657781476308872923928122553395468026744382526167194202058040459679991391557937527079948356545086684521068912222036707113005006607012596093923970784177288565193670152033981048003
+ALbBoyelCs4UkfnPjMT3S67ujhBHBEE0uxLx6kSGZq2IOMU/QdWYPFElRgYC/y++334FSEycjS6NAJJo2ITpZCO5AjNJ93J3WYgbDLiwu1VzKHX6ItfFNEk45km+QTi07+pDKcKNd1k0mxqpLd/PuZd5hRpPDDoKBb6i+mrCb2yF 128335905497646745013379107761994003743181143126608677203818152878840562628631384684712779135591095534911406031545494164782375276574093777950840330452805743803067864740000758175436633463846967335728314347497013853264454015790847388463800323796888198433722196292529074568758149650782323407298620158495364705413
+ANwlxEkeqmqYTxw1ZwMi1v2wo4ntPaEYZYoTLTJQfa+kuIksnHW9va243HAiOixd+rviVdm1dEwzESBbX0wiJNtRBpP+bnRxy4xOBjNoOB0c/tfka5JVwu5eeskyHx4V3inLviUaj86Yck42n5NaJFMfBvhzVftZ/YF9WBITI8g6 154592850289860621115358362871905683265658659789986179554827712019629689749439795961607030363152337159590319622241556795951071651584979664762468782303706550885785493534656062553770262954861884613383561063525714923031691298088562054236178003658891902606245782350998076658704876516153027797371814038658244397114
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/openid.html b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/openid.html
new file mode 100644
index 000000000..1a57d44f2
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/openid.html
@@ -0,0 +1,11 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html>
+ <head>
+ <title>Identity Page for Smoker</title>
+ <link rel="openid.server" href="http://www.myopenid.com/server" />
+ <link rel="openid.delegate" href="http://smoker.myopenid.com/" />
+ </head>
+ <body>
+ <p>foo</p>
+ </body>
+</html>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid.html b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid.html
new file mode 100644
index 000000000..1a57d44f2
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid.html
@@ -0,0 +1,11 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html>
+ <head>
+ <title>Identity Page for Smoker</title>
+ <link rel="openid.server" href="http://www.myopenid.com/server" />
+ <link rel="openid.delegate" href="http://smoker.myopenid.com/" />
+ </head>
+ <body>
+ <p>foo</p>
+ </body>
+</html>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid2.html b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid2.html
new file mode 100644
index 000000000..a74c042e7
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid2.html
@@ -0,0 +1,11 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html>
+ <head>
+ <title>Identity Page for Smoker</title>
+ <link rel="openid2.provider" href="http://www.myopenid.com/server" />
+ <link rel="openid2.local_id" href="http://smoker.myopenid.com/" />
+ </head>
+ <body>
+ <p>foo</p>
+ </body>
+</html>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid2_xrds.xml b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid2_xrds.xml
new file mode 100644
index 000000000..8091ab94d
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid2_xrds.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)"
+ >
+ <XRD>
+ <Service priority="10">
+ <Type>http://specs.openid.net/auth/2.0/signon</Type>
+ <URI>http://www.myopenid.com/server</URI>
+ <LocalID>http://smoker.myopenid.com/</LocalID>
+ </Service>
+ </XRD>
+</xrds:XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid2_xrds_no_local_id.xml b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid2_xrds_no_local_id.xml
new file mode 100644
index 000000000..e6a0eb977
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid2_xrds_no_local_id.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)"
+ >
+ <XRD>
+ <Service priority="10">
+ <Type>http://specs.openid.net/auth/2.0/signon</Type>
+ <URI>http://www.myopenid.com/server</URI>
+ </Service>
+ </XRD>
+</xrds:XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_1_and_2.html b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_1_and_2.html
new file mode 100644
index 000000000..5e581287b
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_1_and_2.html
@@ -0,0 +1,11 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html>
+ <head>
+ <title>Identity Page for Smoker</title>
+ <link rel="openid2.provider openid.server" href="http://www.myopenid.com/server" />
+ <link rel="openid2.local_id openid.delegate" href="http://smoker.myopenid.com/" />
+ </head>
+ <body>
+ <p>foo</p>
+ </body>
+</html>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_1_and_2_xrds.xml b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_1_and_2_xrds.xml
new file mode 100644
index 000000000..6d85d57e3
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_1_and_2_xrds.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)"
+ xmlns:openid="http://openid.net/xmlns/1.0"
+ >
+ <XRD>
+
+ <Service priority="10">
+ <Type>http://specs.openid.net/auth/2.0/signon</Type>
+ <Type>http://openid.net/signon/1.1</Type>
+ <URI>http://www.myopenid.com/server</URI>
+ <LocalID>http://smoker.myopenid.com/</LocalID>
+ <openid:Delegate>http://smoker.myopenid.com/</openid:Delegate>
+ </Service>
+ </XRD>
+</xrds:XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_1_and_2_xrds_bad_delegate.xml b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_1_and_2_xrds_bad_delegate.xml
new file mode 100644
index 000000000..db7282e2b
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_1_and_2_xrds_bad_delegate.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)"
+ xmlns:openid="http://openid.net/xmlns/1.0"
+ >
+ <XRD>
+
+ <Service priority="10">
+ <Type>http://specs.openid.net/auth/2.0/signon</Type>
+ <Type>http://openid.net/signon/1.0</Type>
+ <Type>http://openid.net/signon/1.1</Type>
+ <URI>http://www.myopenid.com/server</URI>
+ <LocalID>http://smoker.myopenid.com/</LocalID>
+ <openid:Delegate>http://localid.mismatch.invalid/</openid:Delegate>
+ </Service>
+ </XRD>
+</xrds:XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_and_yadis.html b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_and_yadis.html
new file mode 100644
index 000000000..3befa6fc3
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_and_yadis.html
@@ -0,0 +1,12 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html>
+ <head>
+ <title>Identity Page for Smoker</title>
+ <meta http-equiv="X-XRDS-Location" content="http://someuser.unittest/xrds" />
+ <link rel="openid.server" href="http://www.myopenid.com/server" />
+ <link rel="openid.delegate" href="http://smoker.myopenid.com/" />
+ </head>
+ <body>
+ <p>foo</p>
+ </body>
+</html>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_no_delegate.html b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_no_delegate.html
new file mode 100644
index 000000000..f5180b3dc
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_no_delegate.html
@@ -0,0 +1,10 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html>
+ <head>
+ <title>Identity Page for Smoker</title>
+ <link rel="openid.server" href="http://www.myopenid.com/server" />
+ </head>
+ <body>
+ <p>foo</p>
+ </body>
+</html>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_ssl.xml b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_ssl.xml
new file mode 100644
index 000000000..111945c85
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_openid_ssl.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)"
+ xmlns:openid="http://openid.net/xmlns/1.0"
+ >
+ <XRD>
+
+ <Service priority="10">
+ <Type>http://openid.net/signon/1.0</Type>
+ <URI>http://nossl.vroom.unittest/server</URI>
+ <openid:Delegate>http://smoker.myopenid.com/</openid:Delegate>
+ </Service>
+ <Service priority="11">
+ <Type>http://openid.net/signon/1.0</Type>
+ <URI>https://ssl.vroom.unittest/server</URI>
+ <openid:Delegate>http://smoker.myopenid.com/</openid:Delegate>
+ </Service>
+ </XRD>
+</xrds:XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_0entries.xml b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_0entries.xml
new file mode 100644
index 000000000..f161a0b31
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_0entries.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)"
+ xmlns:openid="http://openid.net/xmlns/1.0"
+ >
+ <XRD>
+ <Service >
+ <Type>http://is-not-openid.unittest/</Type>
+ <URI>http://noffing.unittest./</URI>
+ </Service>
+ </XRD>
+</xrds:XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_2_bad_local_id.xml b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_2_bad_local_id.xml
new file mode 100644
index 000000000..68c2ce1fc
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_2_bad_local_id.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)"
+ xmlns:openid="http://openid.net/xmlns/1.0"
+ >
+ <XRD>
+
+ <Service priority="10">
+ <Type>http://specs.openid.net/auth/2.0/signon</Type>
+ <URI>http://www.myopenid.com/server</URI>
+ <LocalID>http://smoker.myopenid.com/</LocalID>
+ <LocalID>http://localid.mismatch.invalid/</LocalID>
+ </Service>
+ </XRD>
+</xrds:XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_2entries_delegate.xml b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_2entries_delegate.xml
new file mode 100644
index 000000000..372955b02
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_2entries_delegate.xml
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)"
+ xmlns:openid="http://openid.net/xmlns/1.0"
+ >
+ <XRD>
+ <CanonicalID>=!1000</CanonicalID>
+
+ <Service priority="10">
+ <Type>http://openid.net/signon/1.0</Type>
+ <URI>http://www.myopenid.com/server</URI>
+ <openid:Delegate>http://smoker.myopenid.com/</openid:Delegate>
+ </Service>
+
+ <Service priority="20">
+ <Type>http://openid.net/signon/1.0</Type>
+ <URI>http://www.livejournal.com/openid/server.bml</URI>
+ <openid:Delegate>http://frank.livejournal.com/</openid:Delegate>
+ </Service>
+
+ </XRD>
+</xrds:XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_2entries_idp.xml b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_2entries_idp.xml
new file mode 100644
index 000000000..9a07b3d40
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_2entries_idp.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)"
+ xmlns:openid="http://openid.net/xmlns/1.0"
+ >
+ <XRD>
+ <CanonicalID>=!1000</CanonicalID>
+
+ <Service priority="10">
+ <Type>http://specs.openid.net/auth/2.0/signon</Type>
+ <URI>http://www.myopenid.com/server</URI>
+ <openid:LocalID>http://smoker.myopenid.com/</openid:LocalID>
+ </Service>
+
+ <Service priority="20">
+ <Type>http://specs.openid.net/auth/2.0/server</Type>
+ <URI>http://www.livejournal.com/openid/server.bml</URI>
+ </Service>
+
+ </XRD>
+</xrds:XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_another_delegate.xml b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_another_delegate.xml
new file mode 100644
index 000000000..2f3b9af37
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_another_delegate.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)"
+ xmlns:openid="http://openid.net/xmlns/1.0"
+ >
+ <XRD>
+
+ <Service priority="10">
+ <Type>http://openid.net/signon/1.0</Type>
+ <URI>http://vroom.unittest/server</URI>
+ <openid:Delegate>http://smoker.myopenid.com/</openid:Delegate>
+ </Service>
+ </XRD>
+</xrds:XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_idp.xml b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_idp.xml
new file mode 100644
index 000000000..f570d0437
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_idp.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)"
+ xmlns:openid="http://openid.net/xmlns/1.0"
+ >
+ <XRD>
+ <Service priority="10">
+ <Type>http://specs.openid.net/auth/2.0/server</Type>
+ <URI>http://www.myopenid.com/server</URI>
+ </Service>
+ </XRD>
+</xrds:XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_idp_delegate.xml b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_idp_delegate.xml
new file mode 100644
index 000000000..541060053
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_idp_delegate.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)"
+ xmlns:openid="http://openid.net/xmlns/1.0"
+ >
+ <XRD>
+ <Service>
+ <Type>http://specs.openid.net/auth/2.0/server</Type>
+ <URI>http://www.myopenid.com/server</URI>
+ <openid:Delegate>http://smoker.myopenid.com/</openid:Delegate>
+ </Service>
+ </XRD>
+</xrds:XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_no_delegate.xml b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_no_delegate.xml
new file mode 100644
index 000000000..fbd673490
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/test_discover_yadis_no_delegate.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)"
+ >
+ <XRD>
+ <Service priority="10">
+ <Type>http://openid.net/signon/1.0</Type>
+ <URI>http://www.myopenid.com/server</URI>
+ </Service>
+ </XRD>
+</xrds:XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/trustroot.txt b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/trustroot.txt
new file mode 100644
index 000000000..1b6cb4ca5
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/trustroot.txt
@@ -0,0 +1,149 @@
+========================================
+Trust root parsing checking
+========================================
+
+----------------------------------------
+20: Does not parse
+----------------------------------------
+baz.org
+*.foo.com
+http://*.schtuff.*/
+ftp://foo.com
+ftp://*.foo.com
+http://*.foo.com:80:90/
+foo.*.com
+http://foo.*.com
+http://www.*
+http://*foo.com/
+http://foo.com\/
+http://localhost:1900foo/
+http://foo.com/invalid#fragment
+http://Ï€.pi.com/
+http://lambda.com/Λ
+
+
+
+5
+http:///
+
+----------------------------------------
+15: Insane
+----------------------------------------
+http://*/
+https://*/
+http://*.com
+http://*.com/
+https://*.com/
+http://*.com.au/
+http://*.co.uk/
+http://*.foo.notatld/
+https://*.foo.notatld/
+http://*.museum/
+https://*.museum/
+http://www.schtuffcom/
+http://it/
+http://..it/
+http://.it/
+
+----------------------------------------
+18: Sane
+----------------------------------------
+http://*.schtuff.com./
+http://*.schtuff.com/
+http://*.foo.schtuff.com/
+http://*.schtuff.com
+http://www.schtuff.com/
+http://www.schtuff.com./
+http://www.schutff.com
+http://*.this.that.schtuff.com/
+http://*.foo.com/path
+http://*.foo.com/path?action=foo2
+http://x.foo.com/path?action=foo2
+http://x.foo.com/path?action=%3D
+http://localhost:8081/
+http://localhost:8082/?action=openid
+https://foo.com/
+http://kink.fm/should/be/sane
+http://beta.lingu.no/
+http://goathack.livejournal.org:8020/openid/login.bml
+
+========================================
+return_to matching
+========================================
+
+----------------------------------------
+45: matches
+----------------------------------------
+http://foo.com/ HTTP://foo.com/
+http://*/ http://cnn.com/
+http://*/ http://livejournal.com/
+http://*/ http://met.museum/
+http://*:8081/ http://met.museum:8081/
+http://localhost:8081/x?action=openid http://localhost:8081/x?action=openid
+http://*.foo.com http://b.foo.com
+http://*.foo.com http://b.foo.com/
+http://*.foo.com/ http://b.foo.com
+http://b.foo.com http://b.foo.com
+http://b.foo.com http://b.foo.com/
+http://b.foo.com/ http://b.foo.com
+http://*.b.foo.com http://b.foo.com
+http://*.b.foo.com http://b.foo.com/
+http://*.b.foo.com/ http://b.foo.com
+http://*.b.foo.com http://x.b.foo.com
+http://*.b.foo.com http://w.x.b.foo.com
+http://*.bar.co.uk http://www.bar.co.uk
+http://*.uoregon.edu http://x.cs.uoregon.edu
+http://x.com/abc http://x.com/abc
+http://127.1/abc http://127.1/abc
+http://10.0.0.1/abc http://10.0.0.1/abc
+http://x.com/abc http://x.com/abc/def
+http://*.x.com http://x.com/gallery
+http://*.x.com http://foo.x.com/gallery
+http://foo.x.com http://foo.x.com/gallery/xxx
+http://*.x.com/gallery http://foo.x.com/gallery
+http://localhost:8082/?action=openid http://localhost:8082/?action=openid
+http://goathack.livejournal.org:8020/ http://goathack.livejournal.org:8020/openid/login.bml
+https://foo.com https://foo.com
+http://Foo.com http://foo.com
+http://foo.com http://Foo.com
+http://foo.com:80/ http://foo.com/
+http://foo.com/?x=y http://foo.com/?x=y&a=b
+http://foo.com/x http://foo.com/x?y
+http://mylid.net/j3h. http://mylid.net/j3h.?x=y
+http://j3h.us http://j3h.us?ride=unicycle
+https://www.filmclans.com:443/mattmartin/FilmClans https://www.filmclans.com/mattmartin/FilmClans/Logon.aspx?nonce=BVjqSOee
+http://foo.com:80 http://foo.com
+http://foo.com http://foo.com:80
+http://foo.com http://foo.com/
+http://foo.com/ http://foo.com
+http://foo.com/ http://foo.com:80
+http://foo.com:80/ http://foo.com:80/stuff
+http://foo.com:80/ http://foo.com/stuff
+
+----------------------------------------
+24: does not match
+----------------------------------------
+http://*/ ftp://foo.com/
+http://*/ xxx
+http://*.x.com/abc http://foo.x.com
+http://*.x.com/abc http://*.x.com
+http://*.com/ http://*.com/
+http://x.com/abc http://x.com/
+http://x.com/abc http://x.com/a
+http://x.com/abc http://x.com/ab
+http://x.com/abc http://x.com/abcd
+http://*.cs.uoregon.edu http://x.uoregon.edu
+http://*.foo.com http://bar.com
+http://*.foo.com http://www.bar.com
+http://*.bar.co.uk http://xxx.co.uk
+https://foo.com http://foo.com
+http://foo.com https://foo.com
+http://foo.com:81 http://foo.com:80
+http://*:80 http://foo.com:81
+http://foo.com/?a=b http://foo.com/?x=y
+http://foo.com/?a=b http://foo.com/?x=y&a=b
+http://foo.com/?a=b http://foo.com/
+http://*.oo.com/ http://foo.com/
+http://foo.com/* http://foo.com/anything
+http://foo.com http://foo.com:443
+https://foo.com https://foo.com:80
diff --git a/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/urinorm.txt b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/urinorm.txt
new file mode 100644
index 000000000..9e10135b6
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/OpenID/data/urinorm.txt
@@ -0,0 +1,87 @@
+Already normal form
+http://example.com/
+http://example.com/
+
+Add a trailing slash
+http://example.com
+http://example.com/
+
+Remove an empty port segment
+http://example.com:/
+http://example.com/
+
+Remove a default port segment
+http://example.com:80/
+http://example.com/
+
+Capitalization in host names
+http://wWw.exaMPLE.COm/
+http://www.example.com/
+
+Capitalization in scheme names
+htTP://example.com/
+http://example.com/
+
+Capitalization in percent-escaped reserved characters
+http://example.com/foo%2cbar
+http://example.com/foo%2Cbar
+
+Unescape percent-encoded unreserved characters
+http://example.com/foo%2Dbar%2dbaz
+http://example.com/foo-bar-baz
+
+remove_dot_segments example 1
+http://example.com/a/b/c/./../../g
+http://example.com/a/g
+
+remove_dot_segments example 2
+http://example.com/mid/content=5/../6
+http://example.com/mid/6
+
+remove_dot_segments: single-dot
+http://example.com/a/./b
+http://example.com/a/b
+
+remove_dot_segments: double-dot
+http://example.com/a/../b
+http://example.com/b
+
+remove_dot_segments: leading double-dot
+http://example.com/../b
+http://example.com/b
+
+remove_dot_segments: trailing single-dot
+http://example.com/a/.
+http://example.com/a/
+
+remove_dot_segments: trailing double-dot
+http://example.com/a/..
+http://example.com/
+
+remove_dot_segments: trailing single-dot-slash
+http://example.com/a/./
+http://example.com/a/
+
+remove_dot_segments: trailing double-dot-slash
+http://example.com/a/../
+http://example.com/
+
+Test of all kinds of syntax-based normalization
+hTTPS://a/./b/../b/%63/%7bfoo%7d
+https://a/b/c/%7Bfoo%7D
+
+Unsupported scheme
+ftp://example.com/
+fail
+
+Non-absolute URI
+http:/foo
+fail
+
+Illegal character in URI
+http://<illegal>.com/
+fail
+
+Non-ascii character in URI
+http://foo.com/
+fail \ No newline at end of file
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/DiscoverData.php b/models/openid-php-openid-782224d/Tests/Auth/Yadis/DiscoverData.php
new file mode 100644
index 000000000..bf02d660d
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/DiscoverData.php
@@ -0,0 +1,152 @@
+<?php
+
+require_once "Auth/Yadis/Yadis.php";
+require_once "Tests/Auth/Yadis/TestUtil.php";
+
+global $testlist;
+$testlist = array(
+ // success, input_name, id_name, result_name
+ array(true, "equiv", "equiv", "xrds"),
+ array(true, "header", "header", "xrds"),
+ array(true, "lowercase_header", "lowercase_header", "xrds"),
+ array(true, "xrds", "xrds", "xrds"),
+ array(true, "xrds_ctparam", "xrds_ctparam", "xrds_ctparam"),
+ array(true, "xrds_ctcase", "xrds_ctcase", "xrds_ctcase"),
+ array(false, "xrds_html", "xrds_html", "xrds_html"),
+ array(true, "redir_equiv", "equiv", "xrds"),
+ array(true, "redir_header", "header", "xrds"),
+ array(true, "redir_xrds", "xrds", "xrds"),
+ array(false, "redir_xrds_html", "xrds_html", "xrds_html"),
+ array(true, "redir_redir_equiv", "equiv", "xrds"),
+ array(false, "404_server_response", null, null),
+ array(false, "404_with_header", null, null),
+ array(false, "404_with_meta", null, null),
+ array(false, "201_server_response", null, null),
+ array(false, "500_server_response", null, null)
+ );
+
+function getExampleXRDS()
+{
+ return Tests_Auth_Yadis_readdata('example-xrds.xml');
+}
+
+global $example_xrds;
+$example_xrds = getExampleXRDS();
+
+global $default_test_file;
+$default_test_file = 'test1-discover.txt';
+
+global $discover_tests;
+$discover_tests = array();
+
+function readTests($filename)
+{
+ $data = Tests_Auth_Yadis_readdata($filename);
+
+ if ($data === null) {
+ return null;
+ }
+
+ $tests = array();
+ foreach (preg_split("/\f\n/", $data) as $case) {
+ list($name, $content) = explode("\n", $case, 2);
+ $tests[$name] = $content;
+ }
+ return $tests;
+}
+
+function getData($filename, $name)
+{
+ global $discover_tests;
+ if (!array_key_exists($filename, $discover_tests)) {
+ $data = readTests($filename);
+ if ($data === null) {
+ return null;
+ }
+ $discover_tests[$filename] = $data;
+ }
+
+ $file_tests = $discover_tests[$filename];
+
+ if (array_key_exists($name, $file_tests)) {
+ return $file_tests[$name];
+ } else {
+ return null;
+ }
+}
+
+function fillTemplate($test_name, $template, $base_url, $example_xrds)
+{
+ $mapping = array(
+ array('URL_BASE/', $base_url),
+ array('<XRDS Content>', $example_xrds),
+ array('YADIS_HEADER', 'X-XRDS-Location'),
+ array('NAME', $test_name));
+
+ foreach ($mapping as $pair) {
+ list($k, $v) = $pair;
+ $template = str_replace($k, $v, $template);
+ }
+
+ return $template;
+}
+
+function generateSample($test_name, $base_url,
+ $_example_xrds = null, $filename = null)
+{
+ global $example_xrds, $default_test_file;
+
+ if ($_example_xrds === null) {
+ $_example_xrds = $example_xrds;
+ }
+
+ if ($filename === null) {
+ $filename = $default_test_file;
+ }
+
+ $template = getData($filename, $test_name);
+
+ if ($template === null) {
+ return null;
+ }
+
+ return fillTemplate($test_name, $template, $base_url, $_example_xrds);
+}
+
+function generateResult($base_url, $input_name, $id_name, $result_name, $success)
+{
+ $input_url = $base_url . $input_name; // urlparse.urljoin(base_url, input_name)
+
+ // If the name is null then we expect the protocol to fail, which
+ // we represent by null
+ if ($id_name === null) {
+ // assert result_name is null
+ return array($input_url, null); // DiscoveryFailure
+ }
+
+ $result = generateSample($result_name, $base_url);
+ list($headers, $content) = explode("\n\n", $result, 2);
+ $header_lines = explode("\n", $headers);
+ $ctype = null;
+ foreach ($header_lines as $header_line) {
+ if (strpos($header_line, 'Content-Type:') === 0) {
+ list($temp, $ctype) = explode(":", $header_line, 2);
+ $ctype = trim($ctype);
+ break;
+ }
+ }
+
+ $id_url = $base_url . $id_name;
+
+ $result = new Auth_Yadis_Yadis();
+ $result->uri = $id_url;
+ if ($success) {
+ $result->xrds_uri = $base_url . $result_name;
+ } else {
+ $result->xrds_uri = null;
+ }
+ $result->content_type = $ctype;
+ $result->body = $content;
+ return array($input_url, $result);
+}
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/Discover_Yadis.php b/models/openid-php-openid-782224d/Tests/Auth/Yadis/Discover_Yadis.php
new file mode 100644
index 000000000..0ca3b2eea
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/Discover_Yadis.php
@@ -0,0 +1,230 @@
+<?php
+
+require_once "Tests/Auth/Yadis/DiscoverData.php";
+require_once "Auth/Yadis/Yadis.php";
+require_once "Auth/Yadis/HTTPFetcher.php";
+
+global $__status_header_re;
+$__status_header_re = '/Status: (\d+) .*?$/m';
+
+function mkResponse($data)
+{
+ global $__status_header_re;
+
+ $matches = array();
+ $status_mo = preg_match($__status_header_re, $data, $matches);
+ list($headers_str, $body) = explode("\n\n", $data, 2);
+ $headers = array();
+ foreach (explode("\n", $headers_str) as $line) {
+ list($k, $v) = explode(":", $line, 2);
+ $k = strtolower(trim($k));
+ $v = trim($v);
+ $headers[$k] = $v;
+ }
+ $status = intval($matches[1]);
+ $r = new Auth_Yadis_HTTPResponse(null, $status, $headers, $body);
+ return $r;
+}
+class TestFetcher {
+ function TestFetcher($base_url)
+ {
+ $this->base_url = $base_url;
+ }
+
+ function get($url, $headers = null)
+ {
+ $current_url = $url;
+ while (true) {
+ $parsed = parse_url($current_url);
+ $path = substr($parsed['path'], 1);
+ $data = generateSample($path, $this->base_url);
+
+ if ($data === null) {
+ return new Auth_Yadis_HTTPResponse($current_url,
+ 404,
+ array(),
+ '');
+ }
+
+ $response = mkResponse($data);
+ if (in_array($response->status, array(301, 302, 303, 307))) {
+ $current_url = $response->headers['location'];
+ } else {
+ $response->final_url = $current_url;
+ return $response;
+ }
+ }
+ }
+}
+
+class BlankContentTypeFetcher {
+ function get($url, $headers=null)
+ {
+ return new Auth_Yadis_HTTPResponse(
+ $url, 200, array("Content-Type" => ""), '');
+ }
+}
+
+class NoContentTypeFetcher {
+ function get($url, $headers=null)
+ {
+ return new Auth_Yadis_HTTPResponse($url, 200, array(), '');
+ }
+}
+
+class MockFetcher {
+ function MockFetcher() {
+ $this->count = 0;
+ }
+
+ function get($uri, $headers = null, $body = null)
+ {
+ $this->count++;
+ if ($this->count == 1) {
+ $headers = array(strtolower('X-XRDS-Location') . ': http://unittest/404');
+ return new Auth_Yadis_HTTPResponse($uri, 200, $headers, '');
+ } else {
+ return new Auth_Yadis_HTTPResponse($uri, 404);
+ }
+ }
+}
+
+class TestSecondGet extends PHPUnit_Framework_TestCase {
+ function test_404()
+ {
+ $uri = "http://something.unittest/";
+ $response = null;
+ $fetcher = new MockFetcher();
+ $this->assertTrue(
+ Auth_Yadis_Yadis::discover($uri, $response, $fetcher) === null);
+ }
+}
+
+class _TestCase extends PHPUnit_Framework_TestCase {
+ var $base_url = 'http://invalid.unittest/';
+
+ function _TestCase($input_name, $id_name, $result_name, $success)
+ {
+ parent::__construct();
+ $this->input_name = $input_name;
+ $this->id_name = $id_name;
+ $this->result_name = $result_name;
+ $this->success = $success;
+ $this->fetcher = new TestFetcher($this->base_url);
+ }
+
+ function setUp()
+ {
+ list($this->input_url, $this->expected) = generateResult($this->base_url,
+ $this->input_name,
+ $this->id_name,
+ $this->result_name,
+ $this->success);
+ }
+
+ function runTest()
+ {
+ if ($this->expected === null) {
+ $result = Auth_Yadis_Yadis::discover($this->input_url,
+ $this->fetcher);
+ $this->assertTrue($result->isFailure());
+ } else {
+ $result = Auth_Yadis_Yadis::discover($this->input_url,
+ $this->fetcher);
+
+ if ($result === null) {
+ $this->fail("Discovery result was null");
+ return;
+ }
+
+ $this->assertEquals($this->input_url, $result->request_uri);
+
+ $msg = 'Identity URL mismatch: actual = %s, expected = %s';
+ $msg = sprintf($msg, $result->normalized_uri, $this->expected->uri);
+ $this->assertEquals($this->expected->uri, $result->normalized_uri, $msg);
+
+ $msg = 'Content mismatch: actual = %s, expected = %s';
+ $msg = sprintf($msg, $result->response_text, $this->expected->body);
+ $this->assertEquals($this->expected->body, $result->response_text, $msg);
+
+ $this->assertEquals($this->expected->xrds_uri, $result->xrds_uri);
+ $this->assertEquals($this->expected->content_type, $result->content_type);
+ }
+ }
+
+ function getName()
+ {
+ if ($this->input_url) {
+ return $this->input_url;
+ } else {
+ return $this->input_name;
+ }
+ }
+}
+
+class Tests_Auth_Yadis_Discover_Yadis extends PHPUnit_Framework_TestSuite {
+
+ function getName()
+ {
+ return "Tests_Auth_Yadis_Discover_Yadis";
+ }
+
+ function Tests_Auth_Yadis_Discover_Yadis()
+ {
+ global $testlist;
+
+ foreach ($testlist as $test) {
+ list($success, $input_name, $id_name, $result_name) = $test;
+ $this->addTest(new _TestCase($input_name, $id_name, $result_name, $success));
+ }
+ }
+}
+
+class Tests_Auth_Yadis_Discover_Yadis_ContentTypes extends PHPUnit_Framework_TestCase {
+ function test_is_xrds_yadis_location()
+ {
+ $result = new Auth_Yadis_DiscoveryResult('http://request.uri/');
+ $result->normalized_uri = "http://normalized/";
+ $result->xrds_uri = "http://normalized/xrds";
+
+ $this->assertTrue($result->isXRDS());
+ }
+
+ function test_is_xrds_content_type()
+ {
+ $result = new Auth_Yadis_DiscoveryResult('http://request.uri/');
+ $result->normalized_uri = $result->xrds_uri = "http://normalized/";
+ $result->content_type = Auth_Yadis_CONTENT_TYPE;
+
+ $this->assertTrue($result->isXRDS());
+ }
+
+ function test_is_xrds_neither()
+ {
+ $result = new Auth_Yadis_DiscoveryResult('http://request.uri/');
+ $result->normalized_uri = $result->xrds_uri = "http://normalized/";
+ $result->content_type = "another/content-type";
+
+ $this->assertTrue(!$result->isXRDS());
+ }
+
+ function test_no_content_type()
+ {
+ $fetcher = new NoContentTypeFetcher();
+ $result = Auth_Yadis_Yadis::discover("http://bogus", $fetcher);
+ $this->assertEquals(null, $result->content_type);
+ }
+
+ function test_blank_content_type()
+ {
+ $fetcher = new BlankContentTypeFetcher();
+ $result = Auth_Yadis_Yadis::discover("http://bogus", $fetcher);
+ $this->assertEquals("", $result->content_type);
+ }
+}
+
+global $Tests_Auth_Yadis_Discover_Yadis_other;
+$Tests_Auth_Yadis_Discover_Yadis_other = array(
+ new Tests_Auth_Yadis_Discover_Yadis_ContentTypes()
+ );
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/ParseHTML.php b/models/openid-php-openid-782224d/Tests/Auth/Yadis/ParseHTML.php
new file mode 100644
index 000000000..e3977bc75
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/ParseHTML.php
@@ -0,0 +1,86 @@
+<?php
+
+/**
+ * Tests for the Yadis HTML parsing functionality.
+ *
+ * PHP versions 4 and 5
+ *
+ * LICENSE: See the COPYING file included in this distribution.
+ *
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2005-2008 Janrain, Inc.
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+require_once 'Tests/Auth/Yadis/TestUtil.php';
+require_once 'Auth/Yadis/ParseHTML.php';
+
+class Tests_Auth_Yadis_ParseTest extends PHPUnit_Framework_TestCase {
+ function Tests_Auth_Yadis_ParseTest($case)
+ {
+ list($result, $comment, $html) = $case;
+
+ $this->result = $result;
+ $this->comment = $comment;
+ $this->html_string = $html;
+ $this->parser = new Auth_Yadis_ParseHTML();
+ }
+
+ function getName()
+ {
+ return $this->comment;
+ }
+
+ function runTest()
+ {
+ $value = $this->parser->getHTTPEquiv($this->html_string);
+
+ if ($this->result == "EOF") {
+ $this->assertTrue($value === null);
+ } else if ($this->result == "None") {
+ $this->assertTrue($value === null);
+ } else {
+ $this->assertEquals($this->result, $value);
+ }
+ }
+}
+
+class Tests_Auth_Yadis_ParseHTML extends PHPUnit_Framework_TestSuite {
+
+ function getName()
+ {
+ return "Tests_Auth_Yadis_Parse";
+ }
+
+ function parseTests($s)
+ {
+ $tests = array();
+
+ $cases = preg_split("/\f\n/", $s);
+
+ foreach ($cases as $case) {
+ // Split the case text on newline, and keep the first two
+ // lines and re-join the rest (those are the HTML).
+ $parts = explode("\n", $case);
+ $result = $parts[0];
+ $html_comment = $parts[1];
+ $html_string = implode("\n", array_slice($parts, 2));
+ $tests[] = array($result, $html_comment, $html_string);
+ }
+
+ return $tests;
+ }
+
+ function Tests_Auth_Yadis_ParseHTML()
+ {
+ $test_data = Tests_Auth_Yadis_readdata('test1-parsehtml.txt');
+
+ $test_cases = $this->parseTests($test_data);
+
+ foreach ($test_cases as $case) {
+ $this->addTest(new Tests_Auth_Yadis_ParseTest($case));
+ }
+ }
+}
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/TestUtil.php b/models/openid-php-openid-782224d/Tests/Auth/Yadis/TestUtil.php
new file mode 100644
index 000000000..6c2581251
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/TestUtil.php
@@ -0,0 +1,30 @@
+<?php
+
+/**
+ * Utilites for test functions
+ */
+
+function Tests_Auth_Yadis_datafile($name, $reader)
+{
+ $path = dirname(realpath(__FILE__));
+ $sep = DIRECTORY_SEPARATOR;
+ $filename = $path . $sep . 'data' . $sep . $name;
+ $data = $reader($filename);
+ if ($data === false) {
+ $msg = "Failed to open data file: $name";
+ trigger_error($msg, E_USER_ERROR);
+ }
+ return $data;
+}
+
+function Tests_Auth_Yadis_readdata($name)
+{
+ return Tests_Auth_Yadis_datafile($name, 'file_get_contents');
+}
+
+function Tests_Auth_Yadis_readlines($name)
+{
+ return Tests_Auth_Yadis_datafile($name, 'file');
+}
+
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/XRDS.php b/models/openid-php-openid-782224d/Tests/Auth/Yadis/XRDS.php
new file mode 100644
index 000000000..3bb23e48d
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/XRDS.php
@@ -0,0 +1,247 @@
+<?php
+
+/**
+ * XRDS-parsing tests for the Yadis library.
+ */
+
+require_once 'Auth/Yadis/XRDS.php';
+require_once 'Auth/Yadis/XRIRes.php';
+require_once 'Auth/Yadis/XRI.php';
+require_once 'Tests/Auth/Yadis/TestUtil.php';
+
+class Tests_Auth_Yadis_XRDS extends PHPUnit_Framework_TestCase {
+
+ function test_good()
+ {
+ $files = array(
+ 'brian.xrds' => 1,
+ 'pip.xrds' => 2
+ );
+
+ foreach ($files as $filename => $service_count) {
+ $xml = Tests_Auth_Yadis_readdata($filename);
+ $xrds = Auth_Yadis_XRDS::parseXRDS($xml);
+
+ $this->assertTrue($xrds !== null);
+
+ if ($xrds) {
+ $this->assertEquals(count($xrds->services()), $service_count);
+ } else {
+ $this->fail("Could not test XRDS service list because the ".
+ "XRDS object is null");
+ }
+ }
+ }
+
+ function test_good_multi()
+ {
+ $xml = Tests_Auth_Yadis_readdata("brian.multi.xrds");
+ $xrds = Auth_Yadis_XRDS::parseXRDS($xml);
+ $this->assertTrue($xrds !== null);
+ $this->assertEquals(count($xrds->services()), 1);
+ $s = $xrds->services();
+ $s = $s[0];
+
+ $types = $s->getTypes();
+
+ $this->assertTrue(count($types) == 1);
+ $this->assertEquals('http://openid.net/signon/1.0',
+ $types[0]);
+ }
+
+ function test_good_uri_multi()
+ {
+ $xml = Tests_Auth_Yadis_readdata("brian.multi_uri.xrds");
+ $xrds = Auth_Yadis_XRDS::parseXRDS($xml);
+ $this->assertTrue($xrds !== null);
+ $this->assertEquals(1, count($xrds->services()));
+ }
+
+ function test_uri_sorting()
+ {
+ $xml = Tests_Auth_Yadis_readdata("uri_priority.xrds");
+ $xrds = Auth_Yadis_XRDS::parseXRDS($xml);
+ $services = $xrds->services();
+ $uris = $services[0]->getURIs();
+
+ $expected_uris = array(
+ "http://zero.priority/",
+ "http://one.priority/",
+ "http://no.priority/"
+ );
+
+ $this->assertEquals($uris, $expected_uris);
+ }
+
+ function test_bad()
+ {
+ $this->assertTrue(Auth_Yadis_XRDS::parseXRDS(null) === null);
+ $this->assertTrue(Auth_Yadis_XRDS::parseXRDS(5) === null);
+ $this->assertTrue(Auth_Yadis_XRDS::parseXRDS('') === null);
+ $this->assertTrue(Auth_Yadis_XRDS::parseXRDS('<html></html>') ===
+ null);
+ $this->assertTrue(Auth_Yadis_XRDS::parseXRDS("\x00") === null);
+ }
+
+ function test_getCanonicalID()
+ {
+ $canonicalIDtests = array(
+ array("@ootao*test1", "delegated-20060809.xrds",
+ "@!5BAD.2AA.3C72.AF46!0000.0000.3B9A.CA01"),
+ array("@ootao*test1", "delegated-20060809-r1.xrds",
+ "@!5BAD.2AA.3C72.AF46!0000.0000.3B9A.CA01"),
+ array("@ootao*test1", "delegated-20060809-r2.xrds",
+ "@!5BAD.2AA.3C72.AF46!0000.0000.3B9A.CA01"),
+ array("@ootao*test1", "sometimesprefix.xrds",
+ "@!5BAD.2AA.3C72.AF46!0000.0000.3B9A.CA01"),
+ array("@ootao*test1", "prefixsometimes.xrds",
+ "@!5BAD.2AA.3C72.AF46!0000.0000.3B9A.CA01"),
+ array("=keturn*isDrummond", "spoof1.xrds", null),
+ array("=keturn*isDrummond", "spoof2.xrds", null),
+ array("@keturn*is*drummond", "spoof3.xrds", null),
+ // Don't let IRI authorities be canonical for the GCS.
+ array("phreak.example.com", "delegated-20060809-r2.xrds", null)
+ // TODO: Refs
+ // ("@ootao*test.ref", "ref.xrds", "@!BAE.A650.823B.2475")
+ );
+
+ foreach ($canonicalIDtests as $tupl) {
+ list($iname, $filename, $expectedID) = $tupl;
+
+ $xml = Tests_Auth_Yadis_readdata($filename);
+ $xrds = Auth_Yadis_XRDS::parseXRDS($xml);
+ $this->_getCanonicalID($iname, $xrds, $expectedID);
+ }
+ }
+
+ function _getCanonicalID($iname, $xrds, $expectedID)
+ {
+ if ($expectedID === null) {
+ $result = Auth_Yadis_getCanonicalID($iname, $xrds);
+ if ($result !== false) {
+ $this->fail($iname.' (got '.$result.')');
+ }
+ } else {
+ $cid = Auth_Yadis_getCanonicalID($iname, $xrds);
+ $this->assertEquals(Auth_Yadis_XRI($expectedID), $cid);
+ }
+ }
+
+ function test_services_filters()
+ {
+ // First, just be sure that service objects do the right
+ // thing.
+ $xml = Tests_Auth_Yadis_readdata("brian_priority.xrds");
+ $xrds = Auth_Yadis_XRDS::parseXRDS($xml,
+ array('openid' =>
+ 'http://openid.net/xmlns/1.0'));
+ $this->assertTrue($xrds !== null);
+
+ // Get list of service objects.
+ $services = $xrds->services();
+ $this->assertEquals(count($services), 2, "first service count");
+
+ // Query the two service objecs.
+ $s1 = $services[0];
+ $this->assertEquals($s1->getPriority(), 1, "first priority check");
+ $types = $s1->getTypes();
+ $this->assertEquals(count($types), 1, "first type check");
+
+ $s2 = $services[1];
+ $this->assertEquals($s2->getPriority(), 2, "second priority check");
+ $types = $s2->getTypes();
+ $this->assertEquals(count($types), 1, "second type check");
+
+ function _DelegateFilter($service)
+ {
+ if ($service->getElements('openid:Delegate')) {
+ return true;
+ }
+ return false;
+ }
+
+ // Make sure that a filter which matches both DOES match both.
+ $this->assertEquals(count(
+ $xrds->services(array("_DelegateFilter"))), 2,
+ "_DelegateFilter check");
+
+ // This filter should match all services in the document.
+ function _HasTypeAndURI($service)
+ {
+ if ($service->getTypes() &&
+ $service->getURIs()) {
+ return true;
+ }
+ return false;
+ }
+
+ // This filter should only match one.
+ function _URIMatchesSchtuff($service)
+ {
+ $uris = $service->getURIs();
+
+ foreach ($uris as $uri) {
+ if (preg_match("|schtuff|", $uri)) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ // This filter should only match one.
+ function _URIMatchesMyOpenID($service)
+ {
+ $uris = $service->getURIs();
+
+ foreach ($uris as $uri) {
+ if (preg_match("|myopenid|", $uri)) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ // Make sure a pair of filters in ALL mode only match one service.
+ $this->assertEquals(count(
+ $xrds->services(array("_HasTypeAndURI",
+ "_URIMatchesSchtuff"),
+ SERVICES_YADIS_MATCH_ALL)), 1,
+ "_HasTypeAndURI / _URIMatchesSchtuff check");
+
+ // Make sure a pair of filters in ALL mode only match one service.
+ $this->assertEquals(count(
+ $xrds->services(array("_HasTypeAndURI",
+ "_URIMatchesMyOpenID"),
+ SERVICES_YADIS_MATCH_ALL)), 1,
+ "_HasTypeAndURI / _URIMatchesMyOpenID check");
+
+ // Make sure a pair of filters in ANY mode matches both services.
+ $this->assertEquals(count(
+ $xrds->services(array("_URIMatchesMyOpenID",
+ "_URIMatchesSchtuff"))), 2,
+ "_URIMatchesMyOpenID / _URIMatchesSchtuff check");
+
+ // Make sure the order of the services returned (when using
+ // filters) is correct.
+ $s = $xrds->services(array("_URIMatchesMyOpenID",
+ "_URIMatchesSchtuff"));
+
+ $this->assertTrue($s[0]->getPriority() === 1, "s[0] priority check");
+ $this->assertTrue($s[1]->getPriority() === 2, "s[1] priority check");
+
+ // Make sure a bad filter mode gets us a null service list.
+ $this->assertTrue($xrds->services(array("_URIMatchesMyOpenID",
+ "_URIMatchesSchtuff"),
+ "bogus") === null,
+ "bogus filter check");
+ }
+
+ function test_multisegment_xri()
+ {
+ $xml = Tests_Auth_Yadis_readdata('subsegments.xrds');
+ $xmldoc = Auth_Yadis_XRDS::parseXRDS($xml);
+ $result = Auth_Yadis_getCanonicalId('xri://=nishitani*masaki', $xmldoc);
+ $this->assertEquals($result, "xri://=!E117.EF2F.454B.C707!0000.0000.3B9A.CA01");
+ }
+}
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/XRI.php b/models/openid-php-openid-782224d/Tests/Auth/Yadis/XRI.php
new file mode 100644
index 000000000..403b1e32b
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/XRI.php
@@ -0,0 +1,142 @@
+<?php
+
+/**
+ * XRI resolution / handling tests.
+ *
+ * @package OpenID
+ * @author JanRain, Inc. <openid@janrain.com>
+ * @copyright 2005-2008 Janrain, Inc.
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+require_once "Auth/Yadis/XRIRes.php";
+require_once "Auth/Yadis/XRI.php";
+require_once "Auth/Yadis/Yadis.php";
+
+class Tests_Auth_Yadis_XriDiscoveryTestCase extends PHPUnit_Framework_TestCase {
+ function runTest()
+ {
+ $this->assertEquals(
+ Auth_Yadis_identifierScheme('=john.smith'), 'XRI');
+
+ $this->assertEquals(
+ Auth_Yadis_identifierScheme(''), 'URI');
+
+ $this->assertEquals(
+ Auth_Yadis_identifierScheme('@smiths/john'), 'XRI');
+
+ $this->assertEquals(
+ Auth_Yadis_identifierScheme('smoker.myopenid.com'), 'URI');
+
+ $this->assertEquals(
+ Auth_Yadis_identifierScheme('xri://=john'), 'XRI');
+ }
+}
+
+class Tests_Auth_Yadis_XriEscapingTestCase extends PHPUnit_Framework_TestCase {
+ function test_escaping_percents()
+ {
+ $this->assertEquals(Auth_Yadis_escapeForIRI('@example/abc%2Fd/ef'),
+ '@example/abc%252Fd/ef');
+ }
+
+ function runTest()
+ {
+ // no escapes
+ $this->assertEquals('@example/foo/(@bar)',
+ Auth_Yadis_escapeForIRI('@example/foo/(@bar)'));
+
+ // escape slashes
+ $this->assertEquals('@example/foo/(@bar%2Fbaz)',
+ Auth_Yadis_escapeForIRI('@example/foo/(@bar/baz)'));
+
+ $this->assertEquals('@example/foo/(@bar%2Fbaz)/(+a%2Fb)',
+ Auth_Yadis_escapeForIRI('@example/foo/(@bar/baz)/(+a/b)'));
+
+ // escape query ? and fragment
+ $this->assertEquals('@example/foo/(@baz%3Fp=q%23r)?i=j#k',
+ Auth_Yadis_escapeForIRI('@example/foo/(@baz?p=q#r)?i=j#k'));
+ }
+}
+
+class Tests_Auth_Yadis_ProxyQueryTestCase extends PHPUnit_Framework_TestCase {
+ function setUp()
+ {
+ $this->proxy_url = 'http://xri.example.com/';
+ $this->fetcher = Auth_Yadis_Yadis::getHTTPFetcher();
+ $this->proxy = new Auth_Yadis_ProxyResolver($this->fetcher,
+ $this->proxy_url);
+ $this->servicetype = 'xri://+i-service*(+forwarding)*($v*1.0)';
+ $this->servicetype_enc = 'xri%3A%2F%2F%2Bi-service%2A%28%2Bforwarding%29%2A%28%24v%2A1.0%29';
+ }
+
+ function runTest()
+ {
+ $st = $this->servicetype;
+ $ste = $this->servicetype_enc;
+ $args_esc = "_xrd_r=application%2Fxrds%2Bxml&_xrd_t=" . $ste;
+ $h = $this->proxy_url;
+ $this->assertEquals($h . '=foo?' . $args_esc,
+ $this->proxy->queryURL('=foo', $st));
+ $this->assertEquals($h . '=foo/bar?baz&' . $args_esc,
+ $this->proxy->queryURL('=foo/bar?baz', $st));
+ $this->assertEquals($h . '=foo/bar?baz=quux&' . $args_esc,
+ $this->proxy->queryURL('=foo/bar?baz=quux', $st));
+ $this->assertEquals($h . '=foo/bar?mi=fa&so=la&' . $args_esc,
+ $this->proxy->queryURL('=foo/bar?mi=fa&so=la', $st));
+
+ $args_esc = "_xrd_r=application%2Fxrds%2Bxml&_xrd_t=" . $ste;
+ $h = $this->proxy_url;
+ $this->assertEquals($h . '=foo/bar??' . $args_esc,
+ $this->proxy->queryURL('=foo/bar?', $st));
+ $this->assertEquals($h . '=foo/bar????' . $args_esc,
+ $this->proxy->queryURL('=foo/bar???', $st));
+ }
+}
+
+class Tests_Auth_Yadis_TestGetRootAuthority extends PHPUnit_Framework_TestCase {
+ function runTest()
+ {
+ $xris = array(
+ array("@foo", "@"),
+ array("@foo*bar", "@"),
+ array("@*foo*bar", "@"),
+ array("@foo/bar", "@"),
+ array("!!990!991", "!"),
+ array("!1001!02", "!"),
+ array("=foo*bar", "="),
+ array("(example.com)/foo", "(example.com)"),
+ array("(example.com)*bar/foo", "(example.com)"),
+ array("baz.example.com/foo", "baz.example.com"),
+ array("baz.example.com:8080/foo", "baz.example.com:8080")
+ // Looking at the ABNF in XRI Syntax 2.0, I don't think you can
+ // have example.com*bar. You can do (example.com)*bar, but that
+ // would mean something else.
+ // ("example.com*bar/(=baz)", "example.com*bar"),
+ // ("baz.example.com!01/foo", "baz.example.com!01"),
+ );
+
+ foreach ($xris as $tupl) {
+ list($thexri, $expected_root) = $tupl;
+ $this->assertEquals(Auth_Yadis_XRI($expected_root),
+ Auth_Yadis_rootAuthority($thexri),
+ 'rootAuthority test ('.$thexri.')');
+ }
+ }
+}
+
+class Tests_Auth_Yadis_XRI extends PHPUnit_Framework_TestSuite {
+ function getName()
+ {
+ return "Tests_Auth_Yadis_XRI";
+ }
+
+ function Tests_Auth_Yadis_XRI()
+ {
+ $this->addTest(new Tests_Auth_Yadis_ProxyQueryTestCase());
+ $this->addTest(new Tests_Auth_Yadis_XriEscapingTestCase());
+ $this->addTest(new Tests_Auth_Yadis_XriDiscoveryTestCase());
+ $this->addTest(new Tests_Auth_Yadis_TestGetRootAuthority());
+ }
+}
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/Yadis.php b/models/openid-php-openid-782224d/Tests/Auth/Yadis/Yadis.php
new file mode 100644
index 000000000..5672a1565
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/Yadis.php
@@ -0,0 +1,88 @@
+<?php
+
+/**
+ * Tests for the core of the PHP Yadis library.
+ */
+
+require_once 'Auth/Yadis/Yadis.php';
+require_once 'Tests/Auth/Yadis/TestUtil.php';
+
+class Tests_Auth_Yadis_DiscoveryTest extends PHPUnit_Framework_TestCase {
+
+ function Tests_Auth_Yadis_DiscoveryTest($input_url, $redir_uri,
+ $xrds_uri, $num)
+ {
+ $this->input_url = $input_url;
+ $this->redir_uri = $redir_uri;
+ $this->xrds_uri = $xrds_uri;
+ $this->num = $num;
+ }
+
+ function getName()
+ {
+ return "Yadis discovery test ".$this->num;
+ }
+
+ function runTest()
+ {
+ $fetcher = Auth_Yadis_Yadis::getHTTPFetcher();
+ $y = Auth_Yadis_Yadis::discover(
+ $this->input_url, $fetcher);
+ $this->assertTrue($y !== null);
+
+ // Compare parts of returned Yadis object to expected URLs.
+ $this->assertEquals($this->redir_uri, $y->normalized_uri, "tried $this->input_url");
+
+ if ($this->xrds_uri) {
+ $this->assertEquals($this->xrds_uri, $y->xrds_uri);
+ // Compare contents of actual HTTP GET with that of Yadis
+ // response.
+ $f = Auth_Yadis_Yadis::getHTTPFetcher();
+ $http_response = $f->get($this->xrds_uri);
+
+ $this->assertEquals($http_response->body, $y->response_text);
+ } else {
+ $this->assertTrue($y->xrds_uri === null);
+ }
+ }
+}
+
+class Tests_Auth_Yadis_Yadis extends PHPUnit_Framework_TestSuite {
+
+ function getName()
+ {
+ return "Tests_Auth_Yadis_Yadis";
+ }
+
+ function parseTests($data)
+ {
+ $cases = explode("\n", $data);
+ $tests = array();
+
+ foreach ($cases as $line) {
+ if ($line && ($line[0] != "#")) {
+ $tests[] = explode("\t", $line, 3);
+ }
+ }
+
+ return $tests;
+ }
+
+ function Tests_Auth_Yadis_Yadis()
+ {
+ $test_data = file_get_contents('http://www.openidenabled.com/resources/yadis-test/discover/manifest.txt');
+
+ $test_cases = $this->parseTests($test_data);
+
+ $i = 0;
+ foreach ($test_cases as $case) {
+ $i++;
+ list($input, $redir, $xrds) = $case;
+ $this->addTest(new Tests_Auth_Yadis_DiscoveryTest($input,
+ $redir,
+ $xrds, $i));
+ }
+ }
+
+}
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/README b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/README
new file mode 100644
index 000000000..3739cf1c7
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/README
@@ -0,0 +1,12 @@
+delegated-20060809.xrds - results from proxy.xri.net, determined by
+ Drummond and Kevin to be incorrect.
+delegated-20060809-r1.xrds - Drummond's 1st correction
+delegated-20060809-r2.xrds - Drummond's 2nd correction
+
+spoofs: keturn's (=!E4)'s attempts to log in with Drummond's i-number (=!D2)
+spoof1.xrds
+spoof2.xrds
+spoof3.xrds - attempt to steal @!C0!D2 by having "at least one" CanonicalID
+ match the $res service ProviderID.
+
+ref.xrds - resolving @ootao*test.ref, which refers to a neustar XRI.
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/accept.txt b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/accept.txt
new file mode 100644
index 000000000..0853321a8
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/accept.txt
@@ -0,0 +1,118 @@
+# Accept: [Accept: header value from RFC2616,
+# http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html]
+# Available: [whitespace-separated content types]
+# Expected: [Accept-header like list, containing the available content
+# types with their q-values]
+
+Accept: */*
+Available: text/plain
+Expected: text/plain; q=1.0
+
+Accept: */*
+Available: text/plain, text/html
+Expected: text/plain; q=1.0, text/html; q=1.0
+
+# The order matters
+Accept: */*
+Available: text/html, text/plain
+Expected: text/html; q=1.0, text/plain; q=1.0
+
+Accept: text/*, */*; q=0.9
+Available: text/plain, image/jpeg
+Expected: text/plain; q=1.0, image/jpeg; q=0.9
+
+Accept: text/*, */*; q=0.9
+Available: image/jpeg, text/plain
+Expected: text/plain; q=1.0, image/jpeg; q=0.9
+
+# wildcard subtypes still reject differing main types
+Accept: text/*
+Available: image/jpeg, text/plain
+Expected: text/plain; q=1.0
+
+Accept: text/html
+Available: text/html
+Expected: text/html; q=1.0
+
+Accept: text/html, text/*
+Available: text/html
+Expected: text/html; q=1.0
+
+Accept: text/html, text/*
+Available: text/plain, text/html
+Expected: text/plain; q=1.0, text/html; q=1.0
+
+Accept: text/html, text/*; q=0.9
+Available: text/plain, text/html
+Expected: text/html; q=1.0, text/plain; q=0.9
+
+# If a more specific type has a higher q-value, then the higher value wins
+Accept: text/*; q=0.9, text/html
+Available: text/plain, text/html
+Expected: text/html; q=1.0, text/plain; q=0.9
+
+Accept: */*, text/*; q=0.9, text/html; q=0.1
+Available: text/plain, text/html, image/monkeys
+Expected: image/monkeys; q=1.0, text/plain; q=0.9, text/html; q=0.1
+
+Accept: text/*, text/html; q=0
+Available: text/html
+Expected:
+
+Accept: text/*, text/html; q=0
+Available: text/html, text/plain
+Expected: text/plain; q=1.0
+
+Accept: text/html
+Available: text/plain
+Expected:
+
+Accept: application/xrds+xml, text/html; q=0.9
+Available: application/xrds+xml, text/html
+Expected: application/xrds+xml; q=1.0, text/html; q=0.9
+
+Accept: application/xrds+xml, */*; q=0.9
+Available: application/xrds+xml, text/html
+Expected: application/xrds+xml; q=1.0, text/html; q=0.9
+
+Accept: application/xrds+xml, application/xhtml+xml; q=0.9, text/html; q=0.8, text/xml; q=0.7
+Available: application/xrds+xml, text/html
+Expected: application/xrds+xml; q=1.0, text/html; q=0.8
+
+# See http://www.rfc-editor.org/rfc/rfc3023.txt, section A.13
+Accept: application/xrds
+Available: application/xrds+xml
+Expected:
+
+Accept: application/xrds+xml
+Available: application/xrds
+Expected:
+
+Accept: application/xml
+Available: application/xrds+xml
+Expected:
+
+Available: application/xrds+xml
+Accept: application/xml
+Expected:
+
+
+
+#################################################
+# The tests below this line are documentation of how this library
+# works. If the implementation changes, it's acceptable to change the
+# test to reflect that. These are specified so that we can make sure
+# that the current implementation actually works the way that we
+# expect it to given these inputs.
+
+Accept: text/html;level=1
+Available: text/html
+Expected: text/html; q=1.0
+
+Accept: text/html; level=1, text/html; level=9; q=0.1
+Available: text/html
+Expected: text/html; q=1.0
+
+Accept: text/html; level=9; q=0.1, text/html; level=1
+Available: text/html
+Expected: text/html; q=1.0
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/brian.multi.xrds b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/brian.multi.xrds
new file mode 100644
index 000000000..1bc95dea9
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/brian.multi.xrds
@@ -0,0 +1,38 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS
+ xmlns:xrds="xri://$xrds"
+ xmlns:openid="http://openid.net/xmlns/1.0"
+ xmlns="xri://$xrd*($v*2.0)">
+ <XRD>
+
+ <Service priority="2">
+ <Type>http://openid.net/signon/1.1</Type>
+ <URI>http://www.myopenid.com/server</URI>
+ <openid:Delegate>http://frank.myopenid.com/</openid:Delegate>
+ </Service>
+
+ </XRD>
+ <XRD>
+
+ <Service priority="1">
+ <Type>http://bar.com/</Type>
+ <URI>http://bar.com/server</URI>
+ </Service>
+
+ <Service priority="2">
+ <Type>http://foo.com</Type>
+ <URI>http://foo.com/server</URI>
+ </Service>
+
+ </XRD>
+ <XRD>
+
+ <Service priority="0">
+ <Type>http://openid.net/signon/1.0</Type>
+ <URI>http://www.myopenid.com/server</URI>
+ <openid:Delegate>http://brian.myopenid.com/</openid:Delegate>
+ </Service>
+
+ </XRD>
+</xrds:XRDS>
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/brian.multi_uri.xrds b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/brian.multi_uri.xrds
new file mode 100644
index 000000000..fce5ef72f
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/brian.multi_uri.xrds
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS
+ xmlns:xrds="xri://$xrds"
+ xmlns:openid="http://openid.net/xmlns/1.0"
+ xmlns="xri://$xrd*($v*2.0)">
+ <XRD>
+
+ <Service>
+ <Type>http://openid.net/signon/1.0</Type>
+ <URI>http://www.myopenid.com/server</URI>
+ <URI>http://example.com/server</URI>
+ </Service>
+
+ </XRD>
+</xrds:XRDS>
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/brian.xrds b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/brian.xrds
new file mode 100644
index 000000000..c7539fe1b
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/brian.xrds
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS
+ xmlns:xrds="xri://$xrds"
+ xmlns:openid="http://openid.net/xmlns/1.0"
+ xmlns="xri://$xrd*($v*2.0)">
+ <XRD>
+
+ <Service priority="0">
+ <Type>http://openid.net/signon/1.0</Type>
+ <URI>http://www.myopenid.com/server</URI>
+ <openid:Delegate>http://brian.myopenid.com/</openid:Delegate>
+ </Service>
+
+ </XRD>
+</xrds:XRDS>
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/brian_priority.xrds b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/brian_priority.xrds
new file mode 100644
index 000000000..273077dfa
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/brian_priority.xrds
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS
+ xmlns:xrds="xri://$xrds"
+ xmlns:openid="http://openid.net/xmlns/1.0"
+ xmlns="xri://$xrd*($v*2.0)">
+ <XRD>
+
+ <Service priority="2">
+ <Type>http://openid.net/signon/1.0</Type>
+ <URI>http://www.schtuff.com/?action=openid_server</URI>
+ <openid:Delegate>http://users.schtuff.com/brian</openid:Delegate>
+ </Service>
+
+ <Service priority="1">
+ <Type>http://openid.net/signon/1.0</Type>
+ <URI>http://www.myopenid.com/server</URI>
+ <openid:Delegate>http://brian.myopenid.com/</openid:Delegate>
+ </Service>
+
+ </XRD>
+</xrds:XRDS>
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/delegated-20060809-r1.xrds b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/delegated-20060809-r1.xrds
new file mode 100644
index 000000000..f994b140e
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/delegated-20060809-r1.xrds
@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<XRDS ref="xri://@ootao*test1" xmlns="xri://$xrds">
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*ootao</Query>
+ <Status code="100"/>
+ <Expires>2006-08-09T22:07:13.000Z</Expires>
+ <ProviderID>xri://@</ProviderID>
+ <LocalID priority="10">!5BAD.2AA.3C72.AF46</LocalID>
+ <CanonicalID priority="10">@!5BAD.2AA.3C72.AF46</CanonicalID>
+ <Service priority="10">
+ <Type>xri://$res*auth*($v*2.0)</Type>
+ <ProviderID>xri://!!1003</ProviderID>
+ <MediaType>application/xrds+xml;trust=none</MediaType>
+ <URI priority="10">http://resolve.ezibroker.net/resolve/@ootao/</URI>
+ </Service>
+ <Service priority="10">
+ <Type select="true">http://openid.net/signon/1.0</Type>
+ <ProviderID/>
+ <URI append="qxri" priority="1">https://linksafe.ezibroker.net/server/</URI>
+ </Service>
+ </XRD>
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*test1</Query>
+ <Status code="100">SUCCESS</Status>
+ <ProviderID>xri://!!1003</ProviderID>
+ <LocalID>!0000.0000.3B9A.CA01</LocalID>
+ <CanonicalID>@!5BAD.2AA.3C72.AF46!0000.0000.3B9A.CA01</CanonicalID>
+ <Service>
+ <Type select="true">http://openid.net/signon/1.0</Type>
+ <ProviderID/>
+ <URI append="qxri" priority="1">https://linksafe.ezibroker.net/server/</URI>
+ </Service>
+ </XRD>
+</XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/delegated-20060809-r2.xrds b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/delegated-20060809-r2.xrds
new file mode 100644
index 000000000..68c08dc44
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/delegated-20060809-r2.xrds
@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<XRDS ref="xri://@ootao*test1" xmlns="xri://$xrds">
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*ootao</Query>
+ <Status code="100"/>
+ <Expires>2006-08-09T22:07:13.000Z</Expires>
+ <ProviderID>xri://@</ProviderID>
+ <LocalID priority="10">!5BAD.2AA.3C72.AF46</LocalID>
+ <CanonicalID priority="10">@!5BAD.2AA.3C72.AF46</CanonicalID>
+ <Service priority="10">
+ <Type>xri://$res*auth*($v*2.0)</Type>
+ <ProviderID>xri://@!5BAD.2AA.3C72.AF46</ProviderID>
+ <MediaType>application/xrds+xml;trust=none</MediaType>
+ <URI priority="10">http://resolve.ezibroker.net/resolve/@ootao/</URI>
+ </Service>
+ <Service priority="10">
+ <Type select="true">http://openid.net/signon/1.0</Type>
+ <ProviderID/>
+ <URI append="qxri" priority="1">https://linksafe.ezibroker.net/server/</URI>
+ </Service>
+ </XRD>
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*test1</Query>
+ <Status code="100">SUCCESS</Status>
+ <ProviderID>xri://@!5BAD.2AA.3C72.AF46</ProviderID>
+ <LocalID>!0000.0000.3B9A.CA01</LocalID>
+ <CanonicalID>@!5BAD.2AA.3C72.AF46!0000.0000.3B9A.CA01</CanonicalID>
+ <Service>
+ <Type select="true">http://openid.net/signon/1.0</Type>
+ <ProviderID/>
+ <URI append="qxri" priority="1">https://linksafe.ezibroker.net/server/</URI>
+ </Service>
+ </XRD>
+</XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/delegated-20060809.xrds b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/delegated-20060809.xrds
new file mode 100644
index 000000000..073ee6889
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/delegated-20060809.xrds
@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<XRDS ref="xri://@ootao*test1" xmlns="xri://$xrds">
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*ootao</Query>
+ <Status code="100"/>
+ <Expires>2006-08-09T22:07:13.000Z</Expires>
+ <ProviderID>xri://@</ProviderID>
+ <LocalID priority="10">!5BAD.2AA.3C72.AF46</LocalID>
+ <CanonicalID priority="10">@!5BAD.2AA.3C72.AF46</CanonicalID>
+ <Service priority="10">
+ <Type>xri://$res*auth*($v*2.0)</Type>
+ <ProviderID/>
+ <MediaType>application/xrds+xml;trust=none</MediaType>
+ <URI priority="10">http://resolve.ezibroker.net/resolve/@ootao/</URI>
+ </Service>
+ <Service priority="10">
+ <Type select="true">http://openid.net/signon/1.0</Type>
+ <ProviderID/>
+ <URI append="qxri" priority="1">https://linksafe.ezibroker.net/server/</URI>
+ </Service>
+ </XRD>
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*test1</Query>
+ <Status code="100">SUCCESS</Status>
+ <ProviderID>xri://!!1003</ProviderID>
+ <LocalID>!0000.0000.3B9A.CA01</LocalID>
+ <CanonicalID>@!5BAD.2AA.3C72.AF46!0000.0000.3B9A.CA01</CanonicalID>
+ <Service>
+ <Type select="true">http://openid.net/signon/1.0</Type>
+ <ProviderID/>
+ <URI append="qxri" priority="1">https://linksafe.ezibroker.net/server/</URI>
+ </Service>
+ </XRD>
+</XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/example-xrds.xml b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/example-xrds.xml
new file mode 100644
index 000000000..101ba3bd5
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/example-xrds.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Sample XRDS file at: NAME -->
+<xrds:XRDS
+ xmlns:xrds="xri://$xrds"
+ xmlns="xri://$xrd*($v*2.0)">
+ <XRD>
+
+ <Service priority="0">
+ <Type>http://example.com/</Type>
+ <URI>http://www.openidenabled.com/</URI>
+ </Service>
+
+ </XRD>
+</xrds:XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/no-xrd.xml b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/no-xrd.xml
new file mode 100644
index 000000000..ca66f7359
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/no-xrd.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS
+ xmlns:xrds="xri://$xrds"
+ xmlns:openid="http://openid.net/xmlns/1.0"
+ xmlns:typekey="http://typekey.com/xmlns/1.0"
+ xmlns="xri://$xrd*($v*2.0)">
+</xrds:XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/not-xrds.xml b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/not-xrds.xml
new file mode 100644
index 000000000..7f5bfd511
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/not-xrds.xml
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<x></x>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/pip.xrds b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/pip.xrds
new file mode 100644
index 000000000..ca271ab19
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/pip.xrds
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS
+ xmlns:xrds="xri://$xrds"
+ xmlns:openid="http://openid.net/xmlns/1.0"
+ xmlns="xri://$xrd*($v*2.0)">
+ <XRD>
+
+ <Service priority="10">
+ <Type>http://openid.net/signon/1.1</Type>
+ <Type>http://openid.net/sreg/1.0</Type>
+ <URI>https://pip.verisignlabs.com/server</URI>
+ </Service>
+
+ <Service priority="20">
+ <Type>http://openid.net/signon/1.0</Type>
+ <Type>http://openid.net/sreg/1.0</Type>
+ <URI>https://pip.verisignlabs.com/server</URI>
+ </Service>
+
+ </XRD>
+</xrds:XRDS>
+
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/prefixsometimes.xrds b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/prefixsometimes.xrds
new file mode 100644
index 000000000..5522a6e5e
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/prefixsometimes.xrds
@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<XRDS ref="xri://@ootao*test1" xmlns="xri://$xrds">
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*ootao</Query>
+ <Status code="100"/>
+ <Expires>2006-08-09T22:07:13.000Z</Expires>
+ <ProviderID>xri://@</ProviderID>
+ <LocalID priority="10">!5BAD.2AA.3C72.AF46</LocalID>
+ <CanonicalID priority="10">@!5BAD.2AA.3C72.AF46</CanonicalID>
+ <Service priority="10">
+ <Type>xri://$res*auth*($v*2.0)</Type>
+ <ProviderID>xri://@!5BAD.2AA.3C72.AF46</ProviderID>
+ <MediaType>application/xrds+xml;trust=none</MediaType>
+ <URI priority="10">http://resolve.ezibroker.net/resolve/@ootao/</URI>
+ </Service>
+ <Service priority="10">
+ <Type select="true">http://openid.net/signon/1.0</Type>
+ <ProviderID/>
+ <URI append="qxri" priority="1">https://linksafe.ezibroker.net/server/</URI>
+ </Service>
+ </XRD>
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*test1</Query>
+ <Status code="100">SUCCESS</Status>
+ <ProviderID>xri://@!5BAD.2AA.3C72.AF46</ProviderID>
+ <LocalID>!0000.0000.3B9A.CA01</LocalID>
+ <CanonicalID>xri://@!5BAD.2AA.3C72.AF46!0000.0000.3B9A.CA01</CanonicalID>
+ <Service>
+ <Type select="true">http://openid.net/signon/1.0</Type>
+ <ProviderID/>
+ <URI append="qxri" priority="1">https://linksafe.ezibroker.net/server/</URI>
+ </Service>
+ </XRD>
+</XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/ref.xrds b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/ref.xrds
new file mode 100644
index 000000000..69cf683db
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/ref.xrds
@@ -0,0 +1,109 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<XRDS ref="xri://@ootao*test.ref" xmlns="xri://$xrds">
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*ootao</Query>
+ <Status code="100"/>
+ <Expires>2006-08-15T18:56:09.000Z</Expires>
+ <ProviderID>xri://@</ProviderID>
+ <LocalID priority="10">!5BAD.2AA.3C72.AF46</LocalID>
+ <CanonicalID priority="10">@!5BAD.2AA.3C72.AF46</CanonicalID>
+ <Service priority="10">
+ <Type>xri://$res*auth*($v*2.0)</Type>
+ <ProviderID/>
+ <MediaType>application/xrds+xml;trust=none</MediaType>
+ <URI priority="10">http://resolve.ezibroker.net/resolve/@ootao/</URI>
+ </Service>
+ <Service priority="10">
+ <Type select="true">http://openid.net/signon/1.0</Type>
+ <ProviderID/>
+ <URI append="qxri" priority="1">https://linksafe.ezibroker.net/server/</URI>
+ </Service>
+ </XRD>
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*test.ref</Query>
+ <Status code="100">SUCCESS</Status>
+ <ProviderID>xri://!!1003</ProviderID>
+ <LocalID>!0000.0000.3B9A.CA03</LocalID>
+ <CanonicalID>@!5BAD.2AA.3C72.AF46!0000.0000.3B9A.CA03</CanonicalID>
+ <Ref>@!BAE.A650.823B.2475</Ref>
+ <Service>
+ <Type select="true">http://openid.net/signon/1.0</Type>
+ <ProviderID/>
+ <URI append="qxri" priority="1">https://linksafe.ezibroker.net/server/</URI>
+ </Service>
+ </XRD>
+ <XRDS ref="xri://@!BAE.A650.823B.2475" xmlns="xri://$xrds">
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>!BAE.A650.823B.2475</Query>
+ <Status code="100"/>
+ <Expires>2006-08-15T18:56:10.000Z</Expires>
+ <ProviderID>xri://@</ProviderID>
+ <LocalID priority="10">!BAE.A650.823B.2475</LocalID>
+ <CanonicalID priority="10">@!BAE.A650.823B.2475</CanonicalID>
+ <Service priority="10">
+ <Type select="true">(+wdnc)</Type>
+ <ProviderID/>
+ <Path select="true">(+wdnc)</Path>
+ <URI append="none" priority="10">http://www.tcpacompliance.us</URI>
+ </Service>
+ <Service priority="10">
+ <Type match="content" select="true">xri://$res*auth*($v*2.0)</Type>
+ <ProviderID/>
+ <MediaType match="content" select="false">application/xrds+xml;trust=none</MediaType>
+ <URI priority="10">http://dev.dready.org/cgi-bin/xri</URI>
+ </Service>
+ <Service priority="10">
+ <Type match="content" select="true">(+i-name)</Type>
+ <ProviderID/>
+ <Path match="content" select="true">(+i-name)</Path>
+ <URI append="none" priority="10">http://www.inames.net</URI>
+ </Service>
+ <Service priority="10">
+ <Type select="true">xri://+i-service*(+contact)*($v*1.0)</Type>
+ <Type match="default" select="false"/>
+ <ProviderID>xri://!!1001</ProviderID>
+ <Path select="true">(+contact)</Path>
+ <Path match="null" select="false"/>
+ <MediaType select="false">text/html</MediaType>
+ <MediaType match="default" select="false"/>
+ <URI append="none" priority="10">http://www.neustar.biz</URI>
+ </Service>
+ </XRD>
+ </XRDS>
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>!BAE.A650.823B.2475</Query>
+ <Status code="100"/>
+ <Expires>2006-08-15T18:56:10.000Z</Expires>
+ <ProviderID>xri://@</ProviderID>
+ <LocalID priority="10">!BAE.A650.823B.2475</LocalID>
+ <CanonicalID priority="10">@!BAE.A650.823B.2475</CanonicalID>
+ <Service priority="10">
+ <Type select="true">(+wdnc)</Type>
+ <ProviderID/>
+ <Path select="true">(+wdnc)</Path>
+ <URI append="none" priority="10">http://www.tcpacompliance.us</URI>
+ </Service>
+ <Service priority="10">
+ <Type match="content" select="true">xri://$res*auth*($v*2.0)</Type>
+ <ProviderID/>
+ <MediaType match="content" select="false">application/xrds+xml;trust=none</MediaType>
+ <URI priority="10">http://dev.dready.org/cgi-bin/xri</URI>
+ </Service>
+ <Service priority="10">
+ <Type match="content" select="true">(+i-name)</Type>
+ <ProviderID/>
+ <Path match="content" select="true">(+i-name)</Path>
+ <URI append="none" priority="10">http://www.inames.net</URI>
+ </Service>
+ <Service priority="10">
+ <Type select="true">xri://+i-service*(+contact)*($v*1.0)</Type>
+ <Type match="default" select="false"/>
+ <ProviderID>xri://!!1001</ProviderID>
+ <Path select="true">(+contact)</Path>
+ <Path match="null" select="false"/>
+ <MediaType select="false">text/html</MediaType>
+ <MediaType match="default" select="false"/>
+ <URI append="none" priority="10">http://www.neustar.biz</URI>
+ </Service>
+ </XRD>
+</XRDS> \ No newline at end of file
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/sometimesprefix.xrds b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/sometimesprefix.xrds
new file mode 100644
index 000000000..eff755543
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/sometimesprefix.xrds
@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<XRDS ref="xri://@ootao*test1" xmlns="xri://$xrds">
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*ootao</Query>
+ <Status code="100"/>
+ <Expires>2006-08-09T22:07:13.000Z</Expires>
+ <ProviderID>xri://@</ProviderID>
+ <LocalID priority="10">!5BAD.2AA.3C72.AF46</LocalID>
+ <CanonicalID priority="10">xri://@!5BAD.2AA.3C72.AF46</CanonicalID>
+ <Service priority="10">
+ <Type>xri://$res*auth*($v*2.0)</Type>
+ <ProviderID>xri://@!5BAD.2AA.3C72.AF46</ProviderID>
+ <MediaType>application/xrds+xml;trust=none</MediaType>
+ <URI priority="10">http://resolve.ezibroker.net/resolve/@ootao/</URI>
+ </Service>
+ <Service priority="10">
+ <Type select="true">http://openid.net/signon/1.0</Type>
+ <ProviderID/>
+ <URI append="qxri" priority="1">https://linksafe.ezibroker.net/server/</URI>
+ </Service>
+ </XRD>
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*test1</Query>
+ <Status code="100">SUCCESS</Status>
+ <ProviderID>xri://@!5BAD.2AA.3C72.AF46</ProviderID>
+ <LocalID>!0000.0000.3B9A.CA01</LocalID>
+ <CanonicalID>@!5BAD.2AA.3C72.AF46!0000.0000.3B9A.CA01</CanonicalID>
+ <Service>
+ <Type select="true">http://openid.net/signon/1.0</Type>
+ <ProviderID/>
+ <URI append="qxri" priority="1">https://linksafe.ezibroker.net/server/</URI>
+ </Service>
+ </XRD>
+</XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/spoof1.xrds b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/spoof1.xrds
new file mode 100644
index 000000000..8e870c815
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/spoof1.xrds
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<XRDS ref="xri://=keturn*isDrummond" xmlns="xri://$xrds">
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*keturn</Query>
+ <ProviderID>xri://=</ProviderID>
+ <LocalID>!E4</LocalID>
+ <CanonicalID>=!E4</CanonicalID>
+
+ <Service>
+ <Type>xri://$res*auth*($v*2.0)</Type>
+ <URI>http://keturn.example.com/resolve/</URI>
+ <ProviderID>=!E4</ProviderID>
+ </Service>
+ </XRD>
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*isDrummond</Query>
+ <ProviderID>=!E4</ProviderID>
+ <LocalID>!D2</LocalID>
+ <CanonicalID>=!D2</CanonicalID>
+ <Service>
+ <Type>http://openid.net/signon/1.0</Type>
+ <URI>http://keturn.example.com/openid</URI>
+ </Service>
+ </XRD>
+</XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/spoof2.xrds b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/spoof2.xrds
new file mode 100644
index 000000000..7547561e1
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/spoof2.xrds
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<XRDS ref="xri://=keturn*isDrummond" xmlns="xri://$xrds">
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*keturn</Query>
+ <ProviderID>xri://=</ProviderID>
+ <LocalID>!E4</LocalID>
+ <CanonicalID>=!E4</CanonicalID>
+
+ <Service>
+ <Type>xri://$res*auth*($v*2.0)</Type>
+ <URI>http://keturn.example.com/resolve/</URI>
+ <ProviderID>xri://=</ProviderID>
+ </Service>
+ </XRD>
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*isDrummond</Query>
+ <ProviderID>xri://=</ProviderID>
+ <LocalID>!D2</LocalID>
+ <CanonicalID>=!D2</CanonicalID>
+ <Service>
+ <Type>http://openid.net/signon/1.0</Type>
+ <URI>http://keturn.example.com/openid</URI>
+ </Service>
+ </XRD>
+</XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/spoof3.xrds b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/spoof3.xrds
new file mode 100644
index 000000000..f4c43c9b4
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/spoof3.xrds
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<XRDS ref="xri://=keturn*isDrummond" xmlns="xri://$xrds">
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*keturn</Query>
+ <ProviderID>xri://@</ProviderID>
+ <LocalID>@E4</LocalID>
+ <CanonicalID>@!E4</CanonicalID>
+
+ <Service>
+ <Type>xri://$res*auth*($v*2.0)</Type>
+ <URI>http://keturn.example.com/resolve/</URI>
+ <ProviderID>@!E4</ProviderID>
+ </Service>
+ </XRD>
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*is</Query>
+ <ProviderID>@!E4</ProviderID>
+ <LocalID>!D2</LocalID>
+ <CanonicalID>=!C0</CanonicalID>
+ <CanonicalID>=!E4!01</CanonicalID>
+ <Service>
+ <Type>xri://$res*auth*($v*2.0)</Type>
+ <URI>http://keturn.example.com/resolve/</URI>
+ <ProviderID>@!C0</ProviderID>
+ </Service>
+ </XRD>
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*drummond</Query>
+ <ProviderID>@!C0</ProviderID>
+ <LocalID>!D2</LocalID>
+ <CanonicalID>@!C0!D2</CanonicalID>
+ <Service>
+ <Type>http://openid.net/signon/1.0</Type>
+ <URI>http://keturn.example.com/openid</URI>
+ </Service>
+ </XRD>
+</XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/subsegments.xrds b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/subsegments.xrds
new file mode 100644
index 000000000..11d2e9122
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/subsegments.xrds
@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<XRDS ref="xri://=nishitani*masaki" xmlns="xri://$xrds">
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*nishitani</Query>
+ <Status code="100"/>
+ <Expires>2007-12-25T11:33:39.000Z</Expires>
+ <ProviderID>xri://=</ProviderID>
+ <LocalID priority="10">!E117.EF2F.454B.C707</LocalID>
+ <CanonicalID priority="10">=!E117.EF2F.454B.C707</CanonicalID>
+ <Service priority="10">
+ <Type select="true">http://openid.net/signon/1.0</Type>
+ <ProviderID>xri://!!1003!103</ProviderID>
+ <URI append="none" priority="1">https://linksafe.ezibroker.net/server/</URI>
+ </Service>
+ <Service priority="10">
+ <Type select="true">xri://$res*auth*($v*2.0)</Type>
+ <ProviderID>xri://!!1003!103</ProviderID>
+ <MediaType>application/xrds+xml;trust=none</MediaType>
+ <URI priority="10">http://resolve.ezibroker.net/resolve/=nishitani/</URI>
+ </Service>
+ <Service priority="1">
+ <Type match="content" select="true">xri://+i-service*(+forwarding)*($v*1.0)</Type>
+ <Type match="null" select="false"/>
+ <ProviderID>xri://!!1003!103</ProviderID>
+ <Path match="content">(+index)</Path>
+ <Path match="default"/>
+ <URI append="qxri" priority="1">http://linksafe-forward.ezibroker.net/forwarding/</URI>
+ </Service>
+ </XRD>
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*masaki</Query>
+ <Status code="100">SUCCESS</Status>
+ <ProviderID>xri://!!1003</ProviderID>
+ <LocalID>!0000.0000.3B9A.CA01</LocalID>
+ <CanonicalID>=!E117.EF2F.454B.C707!0000.0000.3B9A.CA01</CanonicalID>
+ <Service>
+ <Type select="true">http://openid.net/signon/1.0</Type>
+ <ProviderID>xri://!!1003!103</ProviderID>
+ <URI append="none" priority="1">https://linksafe.ezibroker.net/server/</URI>
+ </Service>
+ <Service>
+ <Type select="true">xri://+i-service*(+contact)*($v*1.0)</Type>
+ <Type match="null"/>
+ <ProviderID>xri://!!1003!103</ProviderID>
+ <Path select="true">(+contact)</Path>
+ <Path match="null"/>
+ <URI append="authority" priority="1">http://linksafe-contact.ezibroker.net/contact/</URI>
+ </Service>
+ <Service priority="1">
+ <Type match="content" select="true">xri://+i-service*(+forwarding)*($v*1.0)</Type>
+ <Type match="null" select="false"/>
+ <ProviderID>xri://!!1003!103</ProviderID>
+ <Path match="content">(+index)</Path>
+ <Path match="default"/>
+ <URI append="qxri" priority="1">http://linksafe-forward.ezibroker.net/forwarding/</URI>
+ </Service>
+ </XRD>
+</XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/test1-discover.txt b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/test1-discover.txt
new file mode 100644
index 000000000..7ec9b8788
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/test1-discover.txt
@@ -0,0 +1,137 @@
+equiv
+Status: 200 OK
+Content-Type: text/html
+
+<html>
+<head>
+<meta http-equiv="YADIS_HEADER" content="URL_BASE/xrds">
+<title>Joe Schmoe's Homepage</title>
+</head>
+<body>
+<h1>Joe Schmoe's Homepage</h1>
+<p>Blah blah blah blah blah blah blah</p>
+</body>
+</html>
+
+header
+Status: 200 OK
+Content-Type: text/html
+YADIS_HEADER: URL_BASE/xrds
+
+<html>
+<head>
+<title>Joe Schmoe's Homepage</title>
+</head>
+<body>
+<h1>Joe Schmoe's Homepage</h1>
+<p>Blah blah blah blah blah blah blah</p>
+</body>
+
+xrds
+Status: 200 OK
+Content-Type: application/xrds+xml
+
+<XRDS Content>
+
+xrds_ctparam
+Status: 200 OK
+Content-Type: application/xrds+xml; charset=UTF8
+
+<XRDS Content>
+
+xrds_ctcase
+Status: 200 OK
+Content-Type: appliCATION/XRDS+xml
+
+<XRDS Content>
+
+xrds_html
+Status: 200 OK
+Content-Type: text/html
+
+<XRDS Content>
+
+redir_equiv
+Status: 302 Found
+Content-Type: text/plain
+Location: URL_BASE/equiv
+
+You are presently being redirected.
+
+redir_header
+Status: 302 Found
+Content-Type: text/plain
+Location: URL_BASE/header
+
+You are presently being redirected.
+
+redir_xrds
+Status: 302 Found
+Content-Type: application/xrds+xml
+Location: URL_BASE/xrds
+
+<XRDS Content>
+
+redir_xrds_html
+Status: 302 Found
+Content-Type: text/plain
+Location: URL_BASE/xrds_html
+
+You are presently being redirected.
+
+redir_redir_equiv
+Status: 302 Found
+Content-Type: text/plain
+Location: URL_BASE/redir_equiv
+
+You are presently being redirected.
+
+lowercase_header
+Status: 200 OK
+Content-Type: text/html
+x-xrds-location: URL_BASE/xrds
+
+<html>
+<head>
+<title>Joe Schmoe's Homepage</title>
+</head>
+<body>
+<h1>Joe Schmoe's Homepage</h1>
+<p>Blah blah blah blah blah blah blah</p>
+</body>
+
+404_server_response
+Status: 404 Not Found
+
+EEk!
+
+500_server_response
+Status: 500 Server error
+
+EEk!
+
+201_server_response
+Status: 201 Created
+
+EEk!
+
+404_with_header
+Status: 404 Not Found
+YADIS_HEADER: URL_BASE/xrds
+
+EEk!
+
+404_with_meta
+Status: 404 Not Found
+Content-Type: text/html
+
+<html>
+<head>
+<meta http-equiv="YADIS_HEADER" content="URL_BASE/xrds">
+<title>Joe Schmoe's Homepage</title>
+</head>
+<body>
+<h1>Joe Schmoe's Homepage</h1>
+<p>Blah blah blah blah blah blah blah</p>
+</body>
+</html>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/test1-parsehtml.txt b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/test1-parsehtml.txt
new file mode 100644
index 000000000..752ad091d
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/test1-parsehtml.txt
@@ -0,0 +1,149 @@
+found
+<!-- minimal well-formed success case -->
+<html><head><meta http-equiv="X-XRDS-Location" content="found"></head></html>
+
+found
+<!-- minimal well-formed success case, xhtml closing, whitespace -->
+<html><head><meta http-equiv="X-XRDS-Location" content="found" /></head></html>
+
+found
+<!-- minimal well-formed success case, xhtml closing, no whitespace -->
+<html><head><meta http-equiv="X-XRDS-Location" content="found"/></head></html>
+
+found
+<!-- minimal success case -->
+<html><head><meta http-equiv="X-XRDS-Location" content="found">
+
+found
+<!-- ignore bogus top-level tags -->
+</porky><html><head><meta http-equiv="X-XRDS-Location" content="found">
+
+found
+<!-- Case folding for header name -->
+<html><head><meta http-equiv="x-xrds-location" content="found">
+
+found
+<!-- missing <html> tag -->
+<head><meta http-equiv="X-XRDS-Location" content="found">
+
+found
+<!-- javascript in head -->
+<html><head><script type="text/javascript">document.write("<body>");</script><META http-equiv="X-XRDS-Location" content="found">
+
+EOF
+<!-- javascript in head -->
+<html><head><script type="text/javascript">document.write("<body>");<META http-equiv="X-XRDS-Location" content="found">
+
+found
+<!-- case folding for tag names -->
+<html><head><META http-equiv="X-XRDS-Location" content="found">
+
+found
+<!-- Stop after first one found -->
+<html><head>
+<meta http-equiv="x-xrds-location" content="found">
+<meta http-equiv="x-xrds-location" content="not-found">
+
+&
+<!-- standard entity -->
+<head><meta http-equiv="X-XRDS-Location" content="&amp;">
+
+found
+<!-- hex entity -->
+<html>
+ <head>
+ <meta http-equiv="X-XRDS-Location" content="&#x66;ound">
+ </head>
+</html>
+
+found
+<!-- decimal entity -->
+<html>
+ <head>
+ <meta http-equiv="X-XRDS-Location" content="&#102;ound">
+ </head>
+</html>
+
+/
+<!-- hex entity -->
+<html>
+ <head>
+ <meta http-equiv="X-XRDS-Location" content="&#x2f;">
+ </head>
+</html>
+
+
+<!-- empty string -->
+<html><head><meta http-equiv="X-XRDS-Location" content="">
+
+EOF
+<!-- No markup, except this comment -->
+
+None
+<!-- No meta, just standard HTML -->
+<html>
+ <head>
+ <title>A boring document</title>
+ </head>
+ <body>
+ <h1>A boring document</h1>
+ <p>There's really nothing interesting about this</p>
+ </body>
+</html>
+
+EOF
+<!-- No <html> or <head> -->
+<meta http-equiv="X-XRDS-Location" content="found">
+
+EOF
+<!-- No <head> tag -->
+<html><meta http-equiv="X-XRDS-Location" content="found">
+
+None
+<!-- No <html> or <head> and a <body> -->
+<body><meta http-equiv="X-XRDS-Location" content="found">
+
+None
+<!-- <head> and <html> reversed -->
+<head><html><meta http-equiv="X-XRDS-Location" content="found">
+
+None
+<!-- <meta> is inside of <body> -->
+<html><head><body><meta http-equiv="X-XRDS-Location" content="found">
+
+None
+<!-- <meta> is inside comment -->
+<html>
+ <head>
+ <!--<meta http-equiv="X-XRDS-Location" content="found">-->
+ </head>
+</html>
+
+None
+<!-- <meta> is inside of <body> -->
+<html>
+ <head>
+ <title>Someone's blog</title>
+ </head>
+ <body>
+ <h1>My blog</h1>
+ <p>This is my blog</p>
+ <h2>Comments</h2>
+ <p><meta http-equiv="X-XRDS-Location" content="found"></p>
+ </body>
+</html>
+
+None
+<!-- short head tag -->
+<html><head/>
+<meta http-equiv="X-XRDS-Location" content="found">
+
+None
+<!-- <body> comes first -->
+<body><html><head>
+<meta http-equiv="X-XRDS-Location" content="found">
+
+None
+<!-- </body> comes first -->
+</body><html><head>
+<meta http-equiv="X-XRDS-Location" content="found">
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/test1-xrd.xml b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/test1-xrd.xml
new file mode 100644
index 000000000..60e5ca7b1
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/test1-xrd.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS
+ xmlns:xrds="xri://$xrds"
+ xmlns:openid="http://openid.net/xmlns/1.0"
+ xmlns:typekey="http://typekey.com/xmlns/1.0"
+ xmlns="xri://$xrd*($v*2.0)">
+ <XRD>
+
+ <Service priority="0">
+ <Type>http://openid.net/signon/1.0</Type>
+ <URI>http://www.myopenid.com/server</URI>
+ <openid:Delegate>http://josh.myopenid.com/</openid:Delegate>
+ </Service>
+
+ <Service priority="20">
+ <Type>http://lid.netmesh.org/sso/2.0b5</Type>
+ <Type>http://lid.netmesh.org/2.0b5</Type>
+ <URI>http://mylid.net/josh</URI>
+ </Service>
+
+ <Service priority="10">
+ <Type>http://openid.net/signon/1.0</Type>
+ <URI>http://www.livejournal.com/openid/server.bml</URI>
+ <openid:Delegate>http://www.livejournal.com/users/nedthealpaca/</openid:Delegate>
+ </Service>
+
+ <Service priority="15">
+ <Type>http://typekey.com/services/1.0</Type>
+ <typekey:MemberName>joshhoyt</typekey:MemberName>
+ </Service>
+
+ <Service priority="5">
+ <Type>http://openid.net/signon/1.0</Type>
+ <URI>http://www.schtuff.com/openid</URI>
+ <openid:Delegate>http://users.schtuff.com/josh</openid:Delegate>
+ </Service>
+
+ </XRD>
+</xrds:XRDS>
diff --git a/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/uri_priority.xrds b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/uri_priority.xrds
new file mode 100644
index 000000000..b1a2f65c3
--- /dev/null
+++ b/models/openid-php-openid-782224d/Tests/Auth/Yadis/data/uri_priority.xrds
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS
+ xmlns:xrds="xri://$xrds"
+ xmlns:openid="http://openid.net/xmlns/1.0"
+ xmlns="xri://$xrd*($v*2.0)">
+ <XRD>
+
+ <Service>
+ <Type>http://openid.net/signon/1.0</Type>
+ <URI>http://no.priority/</URI>
+ <URI priority="1">http://one.priority/</URI>
+ <URI priority="0">http://zero.priority/</URI>
+ </Service>
+
+ </XRD>
+</xrds:XRDS>
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-27 23:38:48 +0000