Author: as
Date: Tue Aug 7 16:21:26 2007
New Revision: 5838
Log:
- Implemented feature request #10998: Added a Database backend for OpenID
authentication.
Added:
trunk/AuthenticationDatabaseTiein/docs/tutorial/load_openid_db_store_schema.php
(with props)
trunk/AuthenticationDatabaseTiein/docs/tutorial/openid_db_store_schema.dba
trunk/AuthenticationDatabaseTiein/docs/tutorial/tutorial_openid_smart_db.php
(with props)
trunk/AuthenticationDatabaseTiein/src/authentication_openid_autoload.php
(with props)
trunk/AuthenticationDatabaseTiein/src/filters/openid/
trunk/AuthenticationDatabaseTiein/src/filters/openid/openid_db_store.php
(with props)
trunk/AuthenticationDatabaseTiein/src/options/openid_db_store_options.php
(with props)
trunk/AuthenticationDatabaseTiein/tests/filters/openid/
trunk/AuthenticationDatabaseTiein/tests/filters/openid/data/
trunk/AuthenticationDatabaseTiein/tests/filters/openid/data/openid_db_store_helper.php
(with props)
trunk/AuthenticationDatabaseTiein/tests/filters/openid/openid_db_store_test.php
(with props)
Modified:
trunk/Authentication/ChangeLog
trunk/Authentication/docs/tutorial.txt
trunk/Authentication/docs/tutorial/tutorial_openid_smart.php
trunk/Authentication/src/filters/openid/openid_file_store.php
trunk/Authentication/src/options/openid_options.php
trunk/Authentication/tests/filters/openid/openid_test.php
trunk/AuthenticationDatabaseTiein/ChangeLog
trunk/AuthenticationDatabaseTiein/design/class_diagram.png
trunk/AuthenticationDatabaseTiein/docs/tutorial.txt
trunk/AuthenticationDatabaseTiein/tests/suite.php
Modified: trunk/Authentication/ChangeLog
==============================================================================
--- trunk/Authentication/ChangeLog [iso-8859-1] (original)
+++ trunk/Authentication/ChangeLog [iso-8859-1] Tue Aug 7 16:21:26 2007
@@ -1,3 +1,10 @@
+1.1alpha1 - [RELEASEDATE]
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Implemented feature request #10998: Added a Database backend for OpenID
+ authentication.
+
+
1.0 - Monday 02 July 2007
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Modified: trunk/Authentication/docs/tutorial.txt
==============================================================================
--- trunk/Authentication/docs/tutorial.txt [iso-8859-1] (original)
+++ trunk/Authentication/docs/tutorial.txt [iso-8859-1] Tue Aug 7 16:21:26 2007
@@ -82,7 +82,12 @@
ezcAuthenticationOpenidFileStore
Uses file storage. Nonces are stored in files named after the nonce itself,
and associations are stored in files named after the OpenID provider with
- which the association is made. Currently is the only store implemented.
+ which the association is made.
+
+ezcAuthenticationOpenidDbStore
+ Database storage. Nonces and associations are stored in two tables, with
+ names defined as options in ezcAuthenticationOpenidDbStoreOptions.
+ Implemented in `AuthenticationDatabaseTiein`_.
General authentication
@@ -333,9 +338,10 @@
:literal:
The only differences between this example and the one in the previous section
-is defining the mode of the OpenID filter, and defining a store (here: a file
-store) which will hold the associations. In addition the store will also hold
-the nonces which are used to prevent replay attacks.
+is defining the mode of the OpenID filter, and defining a store (file store in
+this example or database store as shown in the OpenID example in
+`AuthenticationDatabaseTiein`_) which will hold the associations. In addition
+the store will also hold the nonces which are used to prevent replay attacks.
Token
Modified: trunk/Authentication/docs/tutorial/tutorial_openid_smart.php
==============================================================================
--- trunk/Authentication/docs/tutorial/tutorial_openid_smart.php [iso-8859-1]
(original)
+++ trunk/Authentication/docs/tutorial/tutorial_openid_smart.php [iso-8859-1]
Tue Aug 7 16:21:26 2007
@@ -20,7 +20,10 @@
{
$options = new ezcAuthenticationOpenidOptions();
$options->mode = ezcAuthenticationOpenidFilter::MODE_SMART;
+
+ // define a file store
$options->store = new ezcAuthenticationOpenidFileStore( '/tmp/store' );
+
$filter = new ezcAuthenticationOpenidFilter( $options );
$authentication->addFilter( $filter );
}
Modified: trunk/Authentication/src/filters/openid/openid_file_store.php
==============================================================================
--- trunk/Authentication/src/filters/openid/openid_file_store.php [iso-8859-1]
(original)
+++ trunk/Authentication/src/filters/openid/openid_file_store.php [iso-8859-1]
Tue Aug 7 16:21:26 2007
@@ -12,6 +12,23 @@
/**
* Class providing file storage for OpenID authentication.
*
+ * Example of use:
+ * <code>
+ * // create an OpenID options object
+ * $options = new ezcAuthenticationOpenidOptions();
+ * $options->mode = ezcAuthenticationOpenidFilter::MODE_SMART;
+ *
+ * // define a file store
+ * $options->store = new ezcAuthenticationOpenidFileStore( '/tmp/store' );
+ *
+ * // create an OpenID filter based on the options object
+ * $filter = new ezcAuthenticationOpenidFilter( $options );
+ * </code>
+ *
+ * @property string $path
+ * The path where the files will be kept. It must exist and it must
+ * be writable.
+ *
* @package Authentication
* @version //autogen//
*/
Modified: trunk/Authentication/src/options/openid_options.php
==============================================================================
--- trunk/Authentication/src/options/openid_options.php [iso-8859-1] (original)
+++ trunk/Authentication/src/options/openid_options.php [iso-8859-1] Tue Aug 7
16:21:26 2007
@@ -17,6 +17,7 @@
* // create an options object
* $options = new ezcAuthenticationOpenidOptions();
* $options->mode = ezcAuthenticationOpenidFilter::MODE_SMART;
+ * $options->store = new ezcAuthenticationOpenidFileStore( '/tmp/store' );
* $options->timeout = 5;
* $options->timeoutOpen = 3;
* $options->requestSource = $_POST;
Modified: trunk/Authentication/tests/filters/openid/openid_test.php
==============================================================================
--- trunk/Authentication/tests/filters/openid/openid_test.php [iso-8859-1]
(original)
+++ trunk/Authentication/tests/filters/openid/openid_test.php [iso-8859-1] Tue
Aug 7 16:21:26 2007
@@ -193,7 +193,9 @@
{
$filter = new ezcAuthenticationOpenidWrapper();
$result = $filter->discoverHtml( self::$url );
- $expected = array( 'openid.server' => array( 0 =>
'http://www.myopenid.com/server' ) );
+ $expected = array(
+ 'openid.server' => array( 0 => 'http://www.myopenid.com/server' ),
+ 'openid2.provider' => array( 0 => 'http://www.myopenid.com/server'
) );
$this->assertEquals( $expected, $result );
}
@@ -201,7 +203,9 @@
{
$filter = new ezcAuthenticationOpenidWrapper();
$result = $filter->discoverHtml( self::$urlIncomplete );
- $expected = array( 'openid.server' => array( 0 =>
'http://www.myopenid.com/server' ) );
+ $expected = array(
+ 'openid.server' => array( 0 => 'http://www.myopenid.com/server' ),
+ 'openid2.provider' => array( 0 => 'http://www.myopenid.com/server'
) );
$this->assertEquals( $expected, $result );
}
Modified: trunk/AuthenticationDatabaseTiein/ChangeLog
==============================================================================
--- trunk/AuthenticationDatabaseTiein/ChangeLog [iso-8859-1] (original)
+++ trunk/AuthenticationDatabaseTiein/ChangeLog [iso-8859-1] Tue Aug 7
16:21:26 2007
@@ -1,3 +1,10 @@
+1.1alpha1 - [RELEASEDATE]
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Implemented feature request #10998: Added a Database backend for OpenID
+ authentication.
+
+
1.0 - Monday 02 July 2007
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Modified: trunk/AuthenticationDatabaseTiein/design/class_diagram.png
==============================================================================
Binary files - no diff available.
Modified: trunk/AuthenticationDatabaseTiein/docs/tutorial.txt
==============================================================================
--- trunk/AuthenticationDatabaseTiein/docs/tutorial.txt [iso-8859-1] (original)
+++ trunk/AuthenticationDatabaseTiein/docs/tutorial.txt [iso-8859-1] Tue Aug 7
16:21:26 2007
@@ -14,13 +14,15 @@
providers and protocols.
AuthenticationDatabaseTiein provides a Database filter for the
-`Authentication`_ component by using the `Database`_ component.
+`Authentication`_ component by using the `Database`_ component, and an
+implementation of a database store (backend) for OpenID authentication.
Class overview
==============
-An overview of the most important classes in the `Authentication`_ component.
+An overview of the most important classes in the `Authentication`_ component
+and this component.
Base classes
@@ -29,12 +31,13 @@
ezcAuthentication
Main class of `Authentication`_. It is a container for authentication
filters, which will be run in sequence. The method run() returns true or
- false depending on the success of the authentication filters.
+ false depending on the success of the authentication filters. Implemented
+ in `Authentication`_.
ezcAuthenticationCredentials
Structure which holds user credentials. Types are id credentials
(ezcAuthenticationIdCredentials) and id + password credentials
- (ezcAuthenticationPasswordCredentials).
+ (ezcAuthenticationPasswordCredentials). Implemented in `Authentication`_.
Authentication filters
@@ -43,6 +46,26 @@
ezcAuthenticationDatabaseFilter
Filter to authenticate against a database. Uses a database instance provided
by the `Database`_ component (via the ezcDbInstance::get() function).
+
+
+Stores
+------
+
+OpenID uses a store to hold the generated nonces and the associations (in
+"smart" mode). If there is no store specified, then nonces are not checked.
+
+ezcAuthenticationOpenidStore
+ Abstract class from which the different stores inherit. Implemented in
+ `Authentication`_.
+
+ezcAuthenticationOpenidFileStore
+ Uses file storage. Nonces are stored in files named after the nonce itself,
+ and associations are stored in files named after the OpenID provider with
+ which the association is made. Implemented in `Authentication`_.
+
+ezcAuthenticationOpenidDbStore
+ Database storage. Nonces and associations are stored in two tables, with
+ names defined as options in ezcAuthenticationOpenidDbStoreOptions.
Authentication filters
@@ -74,6 +97,29 @@
content.
+OpenID
+------
+
+OpenID "smart" (stateful) mode
+``````````````````````````````
+
+The following example shows how to authenticate against OpenID in "smart"
+(stateful) mode, using a database store.
+
+.. include:: tutorial/tutorial_openid_smart_db.php
+ :literal:
+
+A database store is defined at line 25. This store will also hold the nonces
+which are used to prevent replay attacks.
+
+The database store requires that certain tables are present in the database. To
+load the .dba definition for these tables into your database you must have the
+DatabaseSchema component installed. Use the following code to load the schema:
+
+.. include:: tutorial/load_openid_db_store_schema.php
+ :literal:
+
+
Securing applications
=====================
Added:
trunk/AuthenticationDatabaseTiein/docs/tutorial/load_openid_db_store_schema.php
==============================================================================
---
trunk/AuthenticationDatabaseTiein/docs/tutorial/load_openid_db_store_schema.php
(added)
+++
trunk/AuthenticationDatabaseTiein/docs/tutorial/load_openid_db_store_schema.php
[iso-8859-1] Tue Aug 7 16:21:26 2007
@@ -1,0 +1,8 @@
+<?php
+require_once 'tutorial_autoload.php';
+
+$db = ezcDbInstance::get(); // replace if you get your database instance
differently
+
+$schema = ezcDbSchema::createFromFile( 'array', 'openid_db_store_schema.dba' );
+$schema->writeToDb( $db );
+?>
Propchange:
trunk/AuthenticationDatabaseTiein/docs/tutorial/load_openid_db_store_schema.php
------------------------------------------------------------------------------
svn:eol-style = native
Added:
trunk/AuthenticationDatabaseTiein/docs/tutorial/openid_db_store_schema.dba
==============================================================================
--- trunk/AuthenticationDatabaseTiein/docs/tutorial/openid_db_store_schema.dba
(added)
+++ trunk/AuthenticationDatabaseTiein/docs/tutorial/openid_db_store_schema.dba
[iso-8859-1] Tue Aug 7 16:21:26 2007
@@ -1,0 +1,86 @@
+<?php return array (
+ 0 =>
+ array (
+ 'openid_associations' =>
+ ezcDbSchemaTable::__set_state(array(
+ 'fields' =>
+ array (
+ 'association' =>
+ ezcDbSchemaField::__set_state(array(
+ 'type' => 'text',
+ 'length' => 2048,
+ 'notNull' => false,
+ 'default' => NULL,
+ 'autoIncrement' => false,
+ 'unsigned' => false,
+ )),
+ 'url' =>
+ ezcDbSchemaField::__set_state(array(
+ 'type' => 'text',
+ 'length' => 255,
+ 'notNull' => false,
+ 'default' => NULL,
+ 'autoIncrement' => false,
+ 'unsigned' => false,
+ )),
+ ),
+ 'indexes' =>
+ array (
+ 'url' =>
+ ezcDbSchemaIndex::__set_state(array(
+ 'indexFields' =>
+ array (
+ 'url' =>
+ ezcDbSchemaIndexField::__set_state(array(
+ 'sorting' => NULL,
+ )),
+ ),
+ 'primary' => false,
+ 'unique' => false,
+ )),
+ ),
+ )),
+ 'openid_nonces' =>
+ ezcDbSchemaTable::__set_state(array(
+ 'fields' =>
+ array (
+ 'nonce' =>
+ ezcDbSchemaField::__set_state(array(
+ 'type' => 'text',
+ 'length' => 32,
+ 'notNull' => false,
+ 'default' => NULL,
+ 'autoIncrement' => false,
+ 'unsigned' => false,
+ )),
+ 'timestamp' =>
+ ezcDbSchemaField::__set_state(array(
+ 'type' => 'text',
+ 'length' => 32,
+ 'notNull' => false,
+ 'default' => NULL,
+ 'autoIncrement' => false,
+ 'unsigned' => false,
+ )),
+ ),
+ 'indexes' =>
+ array (
+ 'nonce' =>
+ ezcDbSchemaIndex::__set_state(array(
+ 'indexFields' =>
+ array (
+ 'nonce' =>
+ ezcDbSchemaIndexField::__set_state(array(
+ 'sorting' => NULL,
+ )),
+ ),
+ 'primary' => false,
+ 'unique' => false,
+ )),
+ ),
+ )),
+ ),
+ 1 =>
+ array (
+ ),
+); ?>
Added:
trunk/AuthenticationDatabaseTiein/docs/tutorial/tutorial_openid_smart_db.php
==============================================================================
---
trunk/AuthenticationDatabaseTiein/docs/tutorial/tutorial_openid_smart_db.php
(added)
+++
trunk/AuthenticationDatabaseTiein/docs/tutorial/tutorial_openid_smart_db.php
[iso-8859-1] Tue Aug 7 16:21:26 2007
@@ -1,0 +1,69 @@
+<?php
+require_once 'tutorial_autoload.php';
+
+// no headers should be sent before calling $session->start()
+$session = new ezcAuthenticationSession();
+$session->start();
+
+$url = isset( $_GET['openid_identifier'] ) ? $_GET['openid_identifier'] :
$session->load();
+$action = isset( $_GET['action'] ) ? strtolower( $_GET['action'] ) : null;
+
+$credentials = new ezcAuthenticationIdCredentials( $url );
+$authentication = new ezcAuthentication( $credentials );
+$authentication->session = $session;
+
+if ( $action === 'logout' )
+{
+ $session->destroy();
+}
+else
+{
+ $options = new ezcAuthenticationOpenidOptions();
+ $options->mode = ezcAuthenticationOpenidFilter::MODE_SMART;
+
+ // define a database store by specifying a database instance
+ $options->store = new ezcAuthenticationOpenidDbStore( ezcDbInstance::get()
);
+
+ $filter = new ezcAuthenticationOpenidFilter( $options );
+ $authentication->addFilter( $filter );
+}
+
+if ( !$authentication->run() )
+{
+ // authentication did not succeed, so inform the user
+ $status = $authentication->getStatus();
+ $err = array(
+ 'ezcAuthenticationOpenidFilter' => array(
+ ezcAuthenticationOpenidFilter::STATUS_SIGNATURE_INCORRECT =>
'OpenID said the provided identifier was incorrect',
+ ezcAuthenticationOpenidFilter::STATUS_CANCELLED => 'The
OpenID authentication was cancelled',
+ ezcAuthenticationOpenidFilter::STATUS_URL_INCORRECT => 'The
identifier you provided is invalid'
+ ),
+ 'ezcAuthenticationSession' => array(
+ ezcAuthenticationSession::STATUS_EMPTY => '',
+ ezcAuthenticationSession::STATUS_EXPIRED => 'Session expired'
+ )
+ );
+ foreach ( $status as $line )
+ {
+ list( $key, $value ) = each( $line );
+ echo $err[$key][$value] . "\n";
+ }
+?>
+Please login with your OpenID identifier (an URL, eg. www.example.com or
http://www.example.com):
+<form method="GET" action="">
+<input type="hidden" name="action" value="login" />
+<img src="http://openid.net/login-bg.gif"; /> <input type="text"
name="openid_identifier" />
+<input type="submit" value="Login" />
+</form>
+
+<?php
+}
+else
+{
+?>
+
+You are logged-in as <b><?php echo $url; ?></b> | <a
href="?action=logout">Logout</a>
+
+<?php
+}
+?>
Propchange:
trunk/AuthenticationDatabaseTiein/docs/tutorial/tutorial_openid_smart_db.php
------------------------------------------------------------------------------
svn:eol-style = native
Added: trunk/AuthenticationDatabaseTiein/src/authentication_openid_autoload.php
==============================================================================
--- trunk/AuthenticationDatabaseTiein/src/authentication_openid_autoload.php
(added)
+++ trunk/AuthenticationDatabaseTiein/src/authentication_openid_autoload.php
[iso-8859-1] Tue Aug 7 16:21:26 2007
@@ -1,0 +1,16 @@
+<?php
+/**
+ * Autoloader definition for the AuthenticationDatabaseTiein component.
+ *
+ * @copyright Copyright (C) 2005-2007 eZ systems as. All rights reserved.
+ * @license http://ez.no/licenses/new_bsd New BSD License
+ * @version //autogentag//
+ * @filesource
+ * @package AuthenticationDatabaseTiein
+ */
+
+return array(
+ 'ezcAuthenticationOpenidDbStore' =>
'AuthenticationDatabaseTiein/filters/openid/openid_db_store.php',
+ 'ezcAuthenticationOpenidDbStoreOptions' =>
'AuthenticationDatabaseTiein/options/openid_db_store_options.php',
+);
+?>
Propchange:
trunk/AuthenticationDatabaseTiein/src/authentication_openid_autoload.php
------------------------------------------------------------------------------
svn:eol-style = native
Added: trunk/AuthenticationDatabaseTiein/src/filters/openid/openid_db_store.php
==============================================================================
--- trunk/AuthenticationDatabaseTiein/src/filters/openid/openid_db_store.php
(added)
+++ trunk/AuthenticationDatabaseTiein/src/filters/openid/openid_db_store.php
[iso-8859-1] Tue Aug 7 16:21:26 2007
@@ -1,0 +1,294 @@
+<?php
+/**
+ * File containing the ezcAuthenticationOpenidDbStore class.
+ *
+ * @copyright Copyright (C) 2005-2007 eZ systems as. All rights reserved.
+ * @license http://ez.no/licenses/new_bsd New BSD License
+ * @filesource
+ * @package AuthenticationDatabaseTiein
+ * @version //autogen//
+ */
+
+/**
+ * Class providing database storage for OpenID authentication.
+ *
+ * This class requires that the database used contains two special tables. See
+ * the tutorial for information on how to create those tables.
+ *
+ * Example of use:
+ * <code>
+ * // create an OpenID options object
+ * $options = new ezcAuthenticationOpenidOptions();
+ * $options->mode = ezcAuthenticationOpenidFilter::MODE_SMART;
+ *
+ * // define a database store
+ * $options->store = new ezcAuthenticationOpenidDbStore( ezcDbInstance::get()
);
+ *
+ * // create an OpenID filter based on the options object
+ * $filter = new ezcAuthenticationOpenidFilter( $options );
+ * </code>
+ *
+ * @property ezcDbHandler $instance
+ * The database instance to use for database storage.
+ *
+ * @package AuthenticationDatabaseTiein
+ * @version //autogen//
+ */
+class ezcAuthenticationOpenidDbStore extends ezcAuthenticationOpenidStore
+{
+ /**
+ * Holds the properties of this class.
+ *
+ * @var array(string=>mixed)
+ */
+ private $properties = array();
+
+ /**
+ * Creates a new object of this class.
+ *
+ * @param ezcDbHandler $instance The database instance used for this store
+ * @param ezcAuthenticationOpenidDbStoreOptions $options Options for this
class
+ */
+ public function __construct( ezcDbHandler $instance,
ezcAuthenticationOpenidDbStoreOptions $options = null )
+ {
+ $this->instance = $instance;
+ $this->options = ( $options === null ) ? new
ezcAuthenticationOpenidDbStoreOptions() : $options;
+ }
+
+ /**
+ * Sets the property $name to $value.
+ *
+ * @throws ezcBasePropertyNotFoundException
+ * if the property $name does not exist
+ * @throws ezcBaseValueException
+ * if $value is not correct for the property $name
+ * @param string $name The name of the property to set
+ * @param mixed $value The new value of the property
+ * @ignore
+ */
+ public function __set( $name, $value )
+ {
+ switch ( $name )
+ {
+ case 'instance':
+ if ( !( $value instanceof ezcDbHandler ) )
+ {
+ throw new ezcBaseValueException( $name, $value,
'ezcDbHandler' );
+ }
+
+ $this->properties[$name] = $value;
+ break;
+
+ default:
+ throw new ezcBasePropertyNotFoundException( $name );
+ }
+ }
+
+ /**
+ * Returns the value of the property $name.
+ *
+ * @throws ezcBasePropertyNotFoundException
+ * if the property $name does not exist
+ * @param string $name The name of the property for which to return the
value
+ * @return mixed
+ * @ignore
+ */
+ public function __get( $name )
+ {
+ switch ( $name )
+ {
+ case 'instance':
+ return $this->properties[$name];
+
+ default:
+ throw new ezcBasePropertyNotFoundException( $name );
+ }
+ }
+
+ /**
+ * Returns true if the property $name is set, otherwise false.
+ *
+ * @param string $name The name of the property to test if it is set
+ * @return bool
+ * @ignore
+ */
+ public function __isset( $name )
+ {
+ switch ( $name )
+ {
+ case 'instance':
+ return isset( $this->properties[$name] );
+
+ default:
+ return false;
+ }
+ }
+
+ /**
+ * Stores the nonce in the store.
+ *
+ * Returns true if the nonce was stored successfully, and false otherwise.
+ *
+ * @throws ezcBaseFilePermissionException
+ * if the nonce cannot be written in the store
+ * @param string $nonce The nonce value to store
+ * @return bool
+ */
+ public function storeNonce( $nonce )
+ {
+ $table = $this->options->tableNonces;
+
+ $query = new ezcQueryInsert( $this->instance );
+
+ $query->insertInto( $this->instance->quoteIdentifier( $table['name'] )
)
+ ->set( $this->instance->quoteIdentifier(
$table['fields']['nonce'] ), $query->bindValue( $nonce ) )
+ ->set( $this->instance->quoteIdentifier(
$table['fields']['timestamp'] ), $query->bindValue( time() ) );
+
+ $stmt = $query->prepare();
+ $stmt->execute();
+
+ return true;
+ }
+
+ /**
+ * Checks if the nonce exists and afterwards deletes it.
+ *
+ * Returns the timestamp of the nonce if it exists, and false otherwise.
+ *
+ * @param string $nonce The nonce value to check and delete
+ * @return bool|int
+ */
+ public function useNonce( $nonce )
+ {
+ $table = $this->options->tableNonces;
+
+ $query = new ezcQuerySelect( $this->instance );
+ $e = $query->expr;
+ $query->select( '*' )
+ ->from( $this->instance->quoteIdentifier( $table['name'] ) )
+ ->where(
+ $e->eq( $this->instance->quoteIdentifier(
$table['fields']['nonce'] ), $query->bindValue( $nonce ) )
+ );
+ $query = $query->prepare();
+ $query->execute();
+ $rows = $query->fetchAll();
+ if ( count( $rows ) > 0 )
+ {
+ $rows = $rows[0];
+ $lastModified = $rows[$table['fields']['timestamp']];
+
+ $this->removeNonce( $nonce );
+
+ return $lastModified;
+ }
+
+ // $nonce was not found in the database
+ return false;
+ }
+
+ /**
+ * Removes the nonce from the nonces table.
+ *
+ * @param string $nonce
+ */
+ protected function removeNonce( $nonce )
+ {
+ $table = $this->options->tableNonces;
+
+ $query = new ezcQueryDelete( $this->instance );
+ $e = $query->expr;
+ $query->deleteFrom( $this->instance->quoteIdentifier( $table['name'] )
)
+ ->where(
+ $e->eq( $this->instance->quoteIdentifier(
$table['fields']['nonce'] ), $query->bindValue( $nonce ) )
+ );
+ $query = $query->prepare();
+ $query->execute();
+ }
+
+ /**
+ * Stores an association in the store linked to the OpenID provider URL.
+ *
+ * Returns true always.
+ *
+ * @param string $url The URL of the OpenID provider
+ * @param ezcAuthenticationOpenidAssociation $association The association
value to store
+ * @return bool
+ */
+ public function storeAssociation( $url, $association )
+ {
+ $table = $this->options->tableAssociations;
+ $data = serialize( $association );
+
+ $query = new ezcQueryInsert( $this->instance );
+
+ $query->insertInto( $this->instance->quoteIdentifier( $table['name'] )
)
+ ->set( $this->instance->quoteIdentifier( $table['fields']['url']
), $query->bindValue( $url ) )
+ ->set( $this->instance->quoteIdentifier(
$table['fields']['association'] ), $query->bindValue( $data ) );
+
+ $stmt = $query->prepare();
+ $stmt->execute();
+
+ return true;
+ }
+
+ /**
+ * Returns the unserialized association linked to the OpenID provider URL.
+ *
+ * Returns false if the association could not be retrieved or if it
expired.
+ *
+ * @param string $url The URL of the OpenID provider
+ * @return ezcAuthenticationOpenidAssociation
+ */
+ public function getAssociation( $url )
+ {
+ $table = $this->options->tableAssociations;
+
+ $query = new ezcQuerySelect( $this->instance );
+ $e = $query->expr;
+ $query->select( '*' )
+ ->from( $this->instance->quoteIdentifier( $table['name'] ) )
+ ->where(
+ $e->eq( $this->instance->quoteIdentifier(
$table['fields']['url'] ), $query->bindValue( $url ) )
+ );
+
+ $query = $query->prepare();
+ $query->execute();
+ $rows = $query->fetchAll();
+
+ if ( count( $rows ) > 0 )
+ {
+ $rows = $rows[0];
+ $data = unserialize( $rows[$table['fields']['association']] );
+
+ return $data;
+ }
+
+ // no association was found for $url
+ return false;
+ }
+
+ /**
+ * Removes the association linked to the OpenID provider URL.
+ *
+ * Returns true always.
+ *
+ * @param string $url The URL of the OpenID provider
+ * @return bool
+ */
+ public function removeAssociation( $url )
+ {
+ $table = $this->options->tableAssociations;
+
+ $query = new ezcQueryDelete( $this->instance );
+ $e = $query->expr;
+ $query->deleteFrom( $this->instance->quoteIdentifier( $table['name'] )
)
+ ->where(
+ $e->eq( $this->instance->quoteIdentifier(
$table['fields']['url'] ), $query->bindValue( $url ) )
+ );
+ $query = $query->prepare();
+ $query->execute();
+
+ return true;
+ }
+}
+?>
Propchange:
trunk/AuthenticationDatabaseTiein/src/filters/openid/openid_db_store.php
------------------------------------------------------------------------------
svn:eol-style = native
Added: trunk/AuthenticationDatabaseTiein/src/options/openid_db_store_options.php
==============================================================================
--- trunk/AuthenticationDatabaseTiein/src/options/openid_db_store_options.php
(added)
+++ trunk/AuthenticationDatabaseTiein/src/options/openid_db_store_options.php
[iso-8859-1] Tue Aug 7 16:21:26 2007
@@ -1,0 +1,95 @@
+<?php
+/**
+ * File containing the ezcAuthenticationOpenidDbStoreOptions class.
+ *
+ * @copyright Copyright (C) 2005-2007 eZ systems as. All rights reserved.
+ * @license http://ez.no/licenses/new_bsd New BSD License
+ * @filesource
+ * @package AuthenticationDatabaseTiein
+ * @version //autogen//
+ */
+
+/**
+ * Class containing the options for the OpenID database store.
+ *
+ * Example of use:
+ * <code>
+ * // create an options object
+ * $options = new ezcAuthenticationOpenidDbStoreOptions();
+ * $options->tableNonces = array( 'name' => 'openid_nonces', 'fields' =>
array( 'nonce' => 'id', 'timestamp' => 'time' ) );
+ * $options->tableAssociations = array( 'name' => 'openid_associations',
'fields' => array( 'url' => 'id', 'association' => 'assoc' ) );
+ *
+ * // use the options object
+ * $store = new ezcAuthenticationOpenidDbStore( ezcDbInstance::get(), $options
);
+ *
+ * // alternatively, you can set the options to an existing object
+ * $store = new ezcAuthenticationOpenidDbStore( ezcDbInstance::get() );
+ * $store->setOptions( $options );
+ * </code>
+ *
+ * @property array(string=>mixed) $tableNonces
+ * A structure defining how the table which holds the nonces looks
like.
+ * The default is array( 'name' => 'openid_nonces', 'fields' =>
array(
+ * 'nonce' => 'nonce', 'timestamp' => 'timestamp' ) ). The column
+ * nonce is a key in the table. The names of the columns and of the
+ * table name can be changed ('nonce', 'timestamp', 'openid_nonces').
+ *
+ * @property array(string=>mixed) $tableAssociations
+ * A structure defining how the table which holds the nonces looks
like.
+ * The default is array( 'name' => 'openid_associations', 'fields'
=> array(
+ * 'url' => 'url', 'association' => 'association' ) ). The column
+ * nonce is a key in the table. The names of the columns and of the
+ * table name can be changed ('nonce', 'timestamp',
'openid_associations').
+ *
+ * @package AuthenticationDatabaseTiein
+ * @version //autogen//
+ */
+class ezcAuthenticationOpenidDbStoreOptions extends
ezcAuthenticationOpenidStoreOptions
+{
+ /**
+ * Constructs an object with the specified values.
+ *
+ * @throws ezcBasePropertyNotFoundException
+ * if $options contains a property not defined
+ * @throws ezcBaseValueException
+ * if $options contains a property with a value not allowed
+ * @param array(string=>mixed) $options Options for this class
+ */
+ public function __construct( array $options = array() )
+ {
+ $this->tableNonces = array( 'name' => 'openid_nonces', 'fields' =>
array( 'nonce' => 'nonce', 'timestamp' => 'timestamp' ) );
+ $this->tableAssociations = array( 'name' => 'openid_associations',
'fields' => array( 'url' => 'url', 'association' => 'association' ) );
+
+ parent::__construct( $options );
+ }
+
+ /**
+ * Sets the option $name to $value.
+ *
+ * @throws ezcBasePropertyNotFoundException
+ * if the property $name is not defined
+ * @throws ezcBaseValueException
+ * if $value is not correct for the property $name
+ * @param string $name The name of the property to set
+ * @param mixed $value The new value of the property
+ * @ignore
+ */
+ public function __set( $name, $value )
+ {
+ switch ( $name )
+ {
+ case 'tableNonces':
+ case 'tableAssociations':
+ if ( !is_array( $value ) )
+ {
+ throw new ezcBaseValueException( $name, $value, 'array' );
+ }
+ $this->properties[$name] = $value;
+ break;
+
+ default:
+ parent::__set( $name, $value );
+ }
+ }
+}
+?>
Propchange:
trunk/AuthenticationDatabaseTiein/src/options/openid_db_store_options.php
------------------------------------------------------------------------------
svn:eol-style = native
Added:
trunk/AuthenticationDatabaseTiein/tests/filters/openid/data/openid_db_store_helper.php
==============================================================================
---
trunk/AuthenticationDatabaseTiein/tests/filters/openid/data/openid_db_store_helper.php
(added)
+++
trunk/AuthenticationDatabaseTiein/tests/filters/openid/data/openid_db_store_helper.php
[iso-8859-1] Tue Aug 7 16:21:26 2007
@@ -1,0 +1,88 @@
+<?php
+/**
+ * File containing the ezcAuthenticationOpenidDbStoreHelper class.
+ *
+ * @copyright Copyright (C) 2005-2007 eZ systems as. All rights reserved.
+ * @license http://ez.no/licenses/new_bsd New BSD License
+ * @filesource
+ * @package AuthenticationDatabaseTiein
+ * @version //autogen//
+ * @subpackage Tests
+ */
+
+/**
+ * Class which exposes the protected functions from
ezcAuthenticationOpenidDbStore
+ * and contains other needed methods for OpenID database store tests.
+ *
+ * For testing purposes only.
+ *
+ * @package AuthenticationDatabaseTiein
+ * @version //autogen//
+ * @subpackage Tests
+ * @access private
+ */
+class ezcAuthenticationOpenidDbStoreHelper extends
ezcAuthenticationOpenidDbStore
+{
+ public static function getNonces( ezcDbHandler $db )
+ {
+ $options = new ezcAuthenticationOpenidDbStoreOptions();
+ $table = $options->tableNonces;
+
+ $query = new ezcQuerySelect( $db );
+ $query->select( '*' )
+ ->from( $db->quoteIdentifier( $table['name'] ) );
+
+ $query = $query->prepare();
+ $query->execute();
+ $rows = $query->fetchAll();
+
+ $result = array();
+ foreach ( $rows as $row )
+ {
+ $result[] = $row['nonce'];
+ }
+ return $result;
+ }
+
+ public static function getAssociations( ezcDbHandler $db, $url )
+ {
+ $options = new ezcAuthenticationOpenidDbStoreOptions();
+ $table = $options->tableAssociations;
+
+ $query = new ezcQuerySelect( $db );
+ $e = $query->expr;
+ $query->select( '*' )
+ ->from( $db->quoteIdentifier( $table['name'] ) )
+ ->where(
+ $e->eq( $db->quoteIdentifier( $table['fields']['url'] ),
$query->bindValue( $url ) )
+ );
+
+ $query = $query->prepare();
+ $query->execute();
+ $rows = $query->fetchAll();
+
+ if ( count( $rows ) > 0 )
+ {
+ $rows = $rows[0];
+ $data = $rows[$table['fields']['association']];
+
+ return $data;
+ }
+ }
+
+ public static function deleteNonce( ezcDbHandler $db, $nonce )
+ {
+ $options = new ezcAuthenticationOpenidDbStoreOptions();
+ $nonces = $options->tableNonces;
+
+ $query = new ezcQueryDelete( $db );
+ $e = $query->expr;
+ $query->deleteFrom( $db->quoteIdentifier( $nonces['name'] ) )
+ ->where(
+ $e->eq( $db->quoteIdentifier( $nonces['fields']['nonce'] ),
$query->bindValue( $nonce ) )
+ );
+ $query = $query->prepare();
+ $query->execute();
+ }
+}
+?>
Propchange:
trunk/AuthenticationDatabaseTiein/tests/filters/openid/data/openid_db_store_helper.php
------------------------------------------------------------------------------
svn:eol-style = native
Added:
trunk/AuthenticationDatabaseTiein/tests/filters/openid/openid_db_store_test.php
==============================================================================
---
trunk/AuthenticationDatabaseTiein/tests/filters/openid/openid_db_store_test.php
(added)
+++
trunk/AuthenticationDatabaseTiein/tests/filters/openid/openid_db_store_test.php
[iso-8859-1] Tue Aug 7 16:21:26 2007
@@ -1,0 +1,416 @@
+<?php
+/**
+ * @copyright Copyright (C) 2005-2007 eZ systems as. All rights reserved.
+ * @license http://ez.no/licenses/new_bsd New BSD License
+ * @filesource
+ * @package AuthenticationDatabaseTiein
+ * @version //autogen//
+ * @subpackage Tests
+ */
+
+include_once( 'AuthenticationDatabaseTiein/tests/test.php' );
+include_once( 'Authentication/tests/filters/openid/data/openid_wrapper.php' );
+include_once( 'data/openid_db_store_helper.php' );
+
+/**
+ * @package AuthenticationDatabaseTiein
+ * @version //autogen//
+ * @subpackage Tests
+ */
+class ezcAuthenticationOpenidDbStoreTest extends
ezcAuthenticationDatabaseTieinTest
+{
+ protected static $tableNonces = 'openid_nonces';
+ protected static $tableAssociations = 'openid_associations';
+
+ protected static $nonce1 = '123456';
+ protected static $nonce2 = '999999';
+ protected static $urlServer = 'http://www.myopenid.com/server';
+ protected static $url = 'http://ezc.myopenid.com/';
+
+ public static $provider = "http://www.myopenid.com/server";;
+
+ public static $requestCheckAuthenticationGet = array(
+ 'openid_assoc_handle' => '{HMAC-SHA1}{4640581a}{3X/rrw==}',
+ 'openid_signed' => 'return_to,mode,identity',
+ 'openid_sig' => 'SkaCB2FA9EysKoDkybyBD46zb0E=',
+ 'openid_return_to' => 'http://localhost',
+ 'openid_identity' => 'http://ezc.myopenid.com',
+ 'openid_op_endpoint' => 'http://www.myopenid.com/server',
+ 'openid_mode' => 'check_authentication',
+ );
+
+ public static $requestSmartGet = array(
+ 'nonce' => '770890',
+ 'openid_assoc_handle' => '{HMAC-SHA1}{465d8eb9}{NQN84Q==}',
+ 'openid_signed' =>
'assoc_handle,identity,mode,op_endpoint,response_nonce,return_to,signed',
+ 'openid_sig' => 'HkLMUymWy3/GmHWVuWYOs9IHkrs=',
+ 'openid_mode' => 'id_res',
+ 'openid_identity' => 'http://ezc.myopenid.com/',
+ 'openid_op_endpoint' => 'http://www.myopenid.com/server',
+ 'openid_response_nonce' => '2007-05-31T08:33:59ZLdyyJF',
+ 'openid_return_to' =>
'http://localhost/openid.php?action=login&openid_identifier=http%3A%2F%2Fezc.myopenid.com&nonce=770890',
+ );
+
+ public static $association;
+ public static $associationArray;
+
+ public static $server = array(
+ 'HTTP_HOST' => 'localhost',
+ 'REQUEST_URI' =>
'/openid.php?action=login&openid_identifier=http%3A%2F%2Fezc.myopenid.com',
+ );
+
+ public static function suite()
+ {
+ self::$associationArray = array(
+ 'handle' => '{HMAC-SHA1}{465d66d3}{6K1aSw==}',
+ 'secret' => 'W0ixM9SYQviSG9TF6HrnXaxHudQ=',
+ 'issued' => time(),
+ 'validity' => 1209600,
+ 'type' => 'HMAC-SHA1',
+ );
+
+ self::$association = new ezcAuthenticationOpenidAssociation(
'{HMAC-SHA1}{465d8eb9}{NQN84Q==}',
+
'foz3UXCxQJ5lKvau78Oqen9dTUc=',
+
1180536597,
+ time() -
1180536597 + 604800, // valid 1 week from current time
+
'HMAC-SHA1' );
+
+ return new PHPUnit_Framework_TestSuite( __CLASS__ );
+ }
+
+ public function setUp()
+ {
+ $_GET = null;
+ $_SERVER = self::$server;
+
+ try
+ {
+ $this->db = ezcDbInstance::get();
+
+ $this->cleanupTables( $this->db );
+ $schema = ezcDbSchema::createFromFile(
+ 'array',
+ dirname( __FILE__ ) .
'/../../../docs/tutorial/openid_db_store_schema.dba'
+ );
+ $schema->writeToDb( $this->db );
+ }
+
+ catch ( Exception $e )
+ {
+ $this->markTestSkipped( "You must provide a database to
runtests.php." );
+ }
+
+ }
+
+ public function tearDown()
+ {
+ if ( $this->db !== null )
+ {
+ $this->cleanupTables();
+ }
+
+ $this->db = null;
+ }
+
+ public function cleanupTables()
+ {
+ $this->db->exec( 'DROP TABLE IF EXISTS ' . self::$tableNonces . ';' );
+ $this->db->exec( 'DROP TABLE IF EXISTS ' . self::$tableAssociations .
';' );
+ }
+
+ public function testOpenidDbStoreStoreNonceNormal()
+ {
+ $store = new ezcAuthenticationOpenidDbStore( $this->db );
+
+ $nonce = self::$nonce1;
+ $store->storeNonce( $nonce );
+ $this->assertEquals( true, in_array( $nonce,
ezcAuthenticationOpenidDbStoreHelper::getNonces( $this->db ) ) );
+ }
+
+ public function testOpenidDbStoreStoreNonceExistent()
+ {
+ $store = new ezcAuthenticationOpenidDbStore( $this->db );
+
+ $nonce = self::$nonce1;
+ $store->storeNonce( $nonce );
+ $store->storeNonce( $nonce );
+ $this->assertEquals( true, in_array( $nonce,
ezcAuthenticationOpenidDbStoreHelper::getNonces( $this->db ) ) );
+ }
+
+ public function testOpenidDbStoreUseNonceStillValid()
+ {
+ $store = new ezcAuthenticationOpenidDbStore( $this->db );
+
+ $nonce = self::$nonce1;
+ $store->storeNonce( $nonce );
+ $this->assertEquals( true, in_array( $nonce,
ezcAuthenticationOpenidDbStoreHelper::getNonces( $this->db ) ) );
+
+ $ret = $store->useNonce( $nonce );
+ $this->assertEquals( true, $ret );
+ $this->assertEquals( false, in_array( $nonce,
ezcAuthenticationOpenidDbStoreHelper::getNonces( $this->db ) ) );
+ }
+
+ public function testOpenidDbStoreUseNonceNonexistent()
+ {
+ $store = new ezcAuthenticationOpenidDbStore( $this->db );
+
+ $nonce = self::$nonce1;
+ $store->storeNonce( $nonce );
+
+ $this->assertEquals( true, in_array( $nonce,
ezcAuthenticationOpenidDbStoreHelper::getNonces( $this->db ) ) );
+
+ ezcAuthenticationOpenidDbStoreHelper::deleteNonce( $this->db, $nonce );
+
+ $this->assertEquals( false, in_array( $nonce,
ezcAuthenticationOpenidDbStoreHelper::getNonces( $this->db ) ) );
+
+ $ret = $store->useNonce( $nonce );
+ $this->assertEquals( false, $ret );
+ $this->assertEquals( false, in_array( $nonce,
ezcAuthenticationOpenidDbStoreHelper::getNonces( $this->db ) ) );
+ }
+
+ public function testOpenidDbStoreStoreAssociationNormal()
+ {
+ $store = new ezcAuthenticationOpenidDbStore( $this->db );
+
+ $association = ezcAuthenticationOpenidAssociation::__set_state(
self::$associationArray );
+ $url = self::$urlServer;
+ $store->storeAssociation( $url, $association );
+
+ $data = ezcAuthenticationOpenidDbStoreHelper::getAssociations(
$this->db, $url );
+
+ $this->assertEquals( unserialize( $data ), $store->getAssociation(
$url ) );
+ }
+
+ public function testOpenidDbStoreStoreAssociationExistent()
+ {
+ $store = new ezcAuthenticationOpenidDbStore( $this->db );
+
+ $association = ezcAuthenticationOpenidAssociation::__set_state(
self::$associationArray );
+ $url = self::$urlServer;
+ $store->storeAssociation( $url, $association );
+ $store->storeAssociation( $url, $association );
+ $data = ezcAuthenticationOpenidDbStoreHelper::getAssociations(
$this->db, $url );
+
+ $this->assertEquals( unserialize( $data ), $store->getAssociation(
$url ) );
+ }
+
+ public function testOpenidDbStoreRemoveAssociationNormal()
+ {
+ $store = new ezcAuthenticationOpenidDbStore( $this->db );
+
+ $association = ezcAuthenticationOpenidAssociation::__set_state(
self::$associationArray );
+ $url = self::$urlServer;
+ $store->storeAssociation( $url, $association );
+ $data = ezcAuthenticationOpenidDbStoreHelper::getAssociations(
$this->db, $url );
+
+ $this->assertEquals( unserialize( $data ), $store->getAssociation(
$url ) );
+
+ $this->assertEquals( true, $store->removeAssociation( $url ) );
+ $this->assertEquals( false, $store->getAssociation( $url ) );
+ }
+
+ public function testOpenidDbStoreRemoveAssociationNonexistent()
+ {
+ $store = new ezcAuthenticationOpenidDbStore( $this->db );
+
+ $association = ezcAuthenticationOpenidAssociation::__set_state(
self::$associationArray );
+ $url = self::$urlServer;
+
+ // for DbStore, removeAssociation() returns always true, but for
FileStore it could be false
+ $this->assertEquals( true, $store->removeAssociation( $url ) );
+
+ $this->assertEquals( false, $store->getAssociation( $url ) );
+ }
+
+ public function testOpenidWrapperRunModeIdResSmartModeDbStore()
+ {
+ if ( !ezcBaseFeatures::hasExtensionSupport( 'openssl' ) )
+ {
+ $this->markTestSkipped( 'PHP must be compiled with
--with-openssl.' );
+ }
+
+ $_GET = self::$requestCheckAuthenticationGet;
+ $_GET['openid_mode'] = 'id_res';
+ $credentials = new ezcAuthenticationIdCredentials( self::$url );
+
+ $options = new ezcAuthenticationOpenidOptions();
+ $options->mode = ezcAuthenticationOpenidFilter::MODE_SMART;
+ $options->store = new ezcAuthenticationOpenidDbStore( $this->db );
+
+ $filter = new ezcAuthenticationOpenidWrapper( $options );
+ $result = $filter->run( $credentials );
+ $this->assertEquals(
ezcAuthenticationOpenidFilter::STATUS_SIGNATURE_INCORRECT, $result );
+ }
+
+ public function testOpenidWrapperRunModeIdResSmartModeDbStoreExistent()
+ {
+ if ( !ezcBaseFeatures::hasExtensionSupport( 'openssl' ) )
+ {
+ $this->markTestSkipped( 'PHP must be compiled with
--with-openssl.' );
+ }
+
+ $params = array(
+ 'openid.mode' => 'associate',
+ 'openid.assoc_type' => 'HMAC-SHA1',
+ );
+
+ $filter = new ezcAuthenticationOpenidWrapper();
+ $res = $filter->associate( self::$provider, $params );
+ $secret = isset( $res['enc_mac_key'] ) ? $res['enc_mac_key'] :
$res['mac_key'];
+ $association = new ezcAuthenticationOpenidAssociation(
$res['assoc_handle'],
+ $secret,
+ time(),
+
$res['expires_in'],
+
$res['assoc_type'] );
+
+ $_GET = self::$requestCheckAuthenticationGet;
+ $_GET['openid_mode'] = 'id_res';
+ $credentials = new ezcAuthenticationIdCredentials( self::$url );
+
+ $options = new ezcAuthenticationOpenidOptions();
+ $options->mode = ezcAuthenticationOpenidFilter::MODE_SMART;
+ $options->store = new ezcAuthenticationOpenidDbStore( $this->db );
+ $options->store->storeAssociation( self::$provider, $association );
+
+ $filter = new ezcAuthenticationOpenidWrapper( $options );
+ $result = $filter->run( $credentials );
+ $this->assertEquals(
ezcAuthenticationOpenidFilter::STATUS_SIGNATURE_INCORRECT, $result );
+ }
+
+ public function
testOpenidWrapperRunModeIdResSmartModeDbStoreExistentCorrect()
+ {
+ if ( !ezcBaseFeatures::hasExtensionSupport( 'openssl' ) )
+ {
+ $this->markTestSkipped( 'PHP must be compiled with
--with-openssl.' );
+ }
+
+ $association = self::$association;
+ $_GET = self::$requestSmartGet;
+ $credentials = new ezcAuthenticationIdCredentials( self::$url );
+
+ $options = new ezcAuthenticationOpenidOptions();
+ $options->mode = ezcAuthenticationOpenidFilter::MODE_SMART;
+ $options->store = new ezcAuthenticationOpenidDbStore( $this->db );
+ $options->store->storeAssociation( self::$provider, $association );
+ $options->store->storeNonce( $_GET['nonce'] );
+
+ $filter = new ezcAuthenticationOpenidWrapper( $options );
+ $result = $filter->run( $credentials );
+
+ $this->assertEquals( ezcAuthenticationOpenidFilter::STATUS_OK, $result
);
+ }
+
+ public function testOpenidWrapperRunModeIdResDbStore()
+ {
+ if ( !ezcBaseFeatures::hasExtensionSupport( 'openssl' ) )
+ {
+ $this->markTestSkipped( 'PHP must be compiled with
--with-openssl.' );
+ }
+
+ $_GET = self::$requestCheckAuthenticationGet;
+ $_GET['openid_mode'] = 'id_res';
+ $credentials = new ezcAuthenticationIdCredentials( self::$url );
+
+ $options = new ezcAuthenticationOpenidOptions();
+ $options->store = new ezcAuthenticationOpenidDbStore( $this->db );
+
+ $filter = new ezcAuthenticationOpenidWrapper( $options );
+ $result = $filter->run( $credentials );
+ $this->assertEquals(
ezcAuthenticationOpenidFilter::STATUS_SIGNATURE_INCORRECT, $result );
+ }
+
+ public function testOpenidWrapperRunModeIdResDbStoreExistent()
+ {
+ if ( !ezcBaseFeatures::hasExtensionSupport( 'openssl' ) )
+ {
+ $this->markTestSkipped( 'PHP must be compiled with
--with-openssl.' );
+ }
+
+ $_GET = self::$requestCheckAuthenticationGet;
+ $_GET['openid_mode'] = 'id_res';
+ $credentials = new ezcAuthenticationIdCredentials( self::$url );
+
+ $options = new ezcAuthenticationOpenidOptions();
+ $options->store = new ezcAuthenticationOpenidDbStore( $this->db );
+
+ $filter = new ezcAuthenticationOpenidWrapper( $options );
+ $result = $filter->run( $credentials );
+ $this->assertEquals(
ezcAuthenticationOpenidFilter::STATUS_SIGNATURE_INCORRECT, $result );
+ }
+
+ public function testOpenidWrapperRunModeIdResDbStoreNonceValid()
+ {
+ if ( !ezcBaseFeatures::hasExtensionSupport( 'openssl' ) )
+ {
+ $this->markTestSkipped( 'PHP must be compiled with
--with-openssl.' );
+ }
+
+ $_GET = self::$requestCheckAuthenticationGet;
+ $_GET['openid_mode'] = 'id_res';
+ $nonce = '123456';
+ $_GET['openid_return_to'] = ezcAuthenticationUrl::appendQuery(
$_GET['openid_return_to'], 'nonce', $nonce );
+
+ $options = new ezcAuthenticationOpenidOptions();
+ $options->store = new ezcAuthenticationOpenidDbStore( $this->db );
+ $options->store->storeNonce( $nonce );
+
+ $credentials = new ezcAuthenticationIdCredentials( self::$url );
+
+ $filter = new ezcAuthenticationOpenidWrapper( $options );
+ $result = $filter->run( $credentials );
+ $this->assertEquals(
ezcAuthenticationOpenidFilter::STATUS_SIGNATURE_INCORRECT, $result );
+ }
+
+ public function testOpenidWrapperRunModeIdResDbStoreNonceInvalid()
+ {
+ $_GET = self::$requestCheckAuthenticationGet;
+ $_GET['openid_mode'] = 'id_res';
+ $nonce = '123456';
+ $_GET['openid_return_to'] = ezcAuthenticationUrl::appendQuery(
$_GET['openid_return_to'], 'nonce', $nonce );
+
+ $options = new ezcAuthenticationOpenidOptions();
+ $options->store = new ezcAuthenticationOpenidDbStore( $this->db );
+
+ $credentials = new ezcAuthenticationIdCredentials( self::$url );
+
+ $filter = new ezcAuthenticationOpenidWrapper( $options );
+ $result = $filter->run( $credentials );
+
+ $this->assertEquals(
ezcAuthenticationOpenidFilter::STATUS_NONCE_INCORRECT, $result );
+ }
+
+ public function testOpenidDbStoreOptions()
+ {
+ $options = new ezcAuthenticationOpenidDbStoreOptions();
+
+ $this->invalidPropertyTest( $options, 'tableNonces', 'wrong value',
'array' );
+ $this->invalidPropertyTest( $options, 'tableAssociations', 'wrong
value', 'array' );
+ $this->missingPropertyTest( $options, 'no_such_property' );
+ }
+
+ public function testOpenidDbStoreOptionsGetSet()
+ {
+ $store = new ezcAuthenticationOpenidDbStore( $this->db );
+
+ $options = new ezcAuthenticationOpenidDbStoreOptions();
+ $store->setOptions( $options );
+ $this->assertEquals( $options, $store->getOptions() );
+ }
+
+ public function testOpenidDbStoreProperties()
+ {
+ $store = new ezcAuthenticationOpenidDbStore( $this->db );
+
+ $this->invalidPropertyTest( $store, 'instance', 'wrong value',
'ezcDbHandler' );
+ $this->missingPropertyTest( $store, 'no_such_property' );
+ }
+
+ public function testOpenidDbStorePropertiesIsSet()
+ {
+ $store = new ezcAuthenticationOpenidDbStore( $this->db );
+
+ $this->issetPropertyTest( $store, 'instance', true );
+ $this->issetPropertyTest( $store, 'no_such_property', false );
+ }
+}
+?>
Propchange:
trunk/AuthenticationDatabaseTiein/tests/filters/openid/openid_db_store_test.php
------------------------------------------------------------------------------
svn:eol-style = native
Modified: trunk/AuthenticationDatabaseTiein/tests/suite.php
==============================================================================
--- trunk/AuthenticationDatabaseTiein/tests/suite.php [iso-8859-1] (original)
+++ trunk/AuthenticationDatabaseTiein/tests/suite.php [iso-8859-1] Tue Aug 7
16:21:26 2007
@@ -14,6 +14,7 @@
* Including the tests
*/
require_once( "filters/database/database_test.php" );
+require_once( "filters/openid/openid_db_store_test.php" );
/**
* @package AuthenticationDatabaseTiein
@@ -28,6 +29,7 @@
$this->setName( "AuthenticationDatabaseTiein" );
$this->addTest( ezcAuthenticationDatabaseTest::suite() );
+ $this->addTest( ezcAuthenticationOpenidDbStoreTest::suite() );
}
public static function suite()
--
svn-components mailing list
[email protected]
http://lists.ez.no/mailman/listinfo/svn-components
![http://openid.net/login-bg.gif"](http://openid.net/login-bg.gif"){kind=link}