| 1 |
<?php
|
| 2 |
// $Id: openid.test,v 1.5 2009/09/15 19:46:04 webchick Exp $
|
| 3 |
|
| 4 |
/**
|
| 5 |
* Test login and account registration using OpenID.
|
| 6 |
*/
|
| 7 |
class OpenIDFunctionalTest extends DrupalWebTestCase {
|
| 8 |
protected $web_user;
|
| 9 |
|
| 10 |
public static function getInfo() {
|
| 11 |
return array(
|
| 12 |
'name' => 'OpenID login and account registration',
|
| 13 |
'description' => "Adds an identity to a user's profile and uses it to log in, creates a user account using auto-registration.",
|
| 14 |
'group' => 'OpenID'
|
| 15 |
);
|
| 16 |
}
|
| 17 |
|
| 18 |
function setUp() {
|
| 19 |
parent::setUp('openid', 'openid_test');
|
| 20 |
|
| 21 |
// User doesn't need special permissions; only the ability to log in.
|
| 22 |
$this->web_user = $this->drupalCreateUser(array());
|
| 23 |
}
|
| 24 |
|
| 25 |
/**
|
| 26 |
* Test discovery of OpenID Provider Endpoint via Yadis and HTML.
|
| 27 |
*/
|
| 28 |
function testDiscovery() {
|
| 29 |
$this->drupalLogin($this->web_user);
|
| 30 |
|
| 31 |
// The User-supplied Identifier entered by the user may indicate the URL of
|
| 32 |
// the OpenID Provider Endpoint in various ways, as described in OpenID
|
| 33 |
// Authentication 2.0 and Yadis Specification 1.0.
|
| 34 |
// Note that all of the tested identifiers refer to the same endpoint, so
|
| 35 |
// only the first will trigger an associate request in openid_association()
|
| 36 |
// (association is only done the first time Drupal encounters a given
|
| 37 |
// endpoint).
|
| 38 |
|
| 39 |
|
| 40 |
// Yadis discovery (see Yadis Specification 1.0, section 6.2.5):
|
| 41 |
// If the User-supplied Identifier is a URL, it may be a direct or indirect
|
| 42 |
// reference to an XRDS document (a Yadis Resource Descriptor) that contains
|
| 43 |
// the URL of the OpenID Provider Endpoint.
|
| 44 |
|
| 45 |
// Identifier is the URL of an XRDS document.
|
| 46 |
$this->addIdentity(url('openid-test/yadis/xrds', array('absolute' => TRUE)), 2);
|
| 47 |
|
| 48 |
// Identifier is the URL of an HTML page that is sent with an HTTP header
|
| 49 |
// that contains the URL of an XRDS document.
|
| 50 |
$this->addIdentity(url('openid-test/yadis/x-xrds-location', array('absolute' => TRUE)), 2);
|
| 51 |
|
| 52 |
// Identifier is the URL of an HTML page containing a <meta http-equiv=...>
|
| 53 |
// element that contains the URL of an XRDS document.
|
| 54 |
$this->addIdentity(url('openid-test/yadis/http-equiv', array('absolute' => TRUE)), 2);
|
| 55 |
|
| 56 |
|
| 57 |
// HTML-based discovery:
|
| 58 |
// If the User-supplied Identifier is a URL of an HTML page, the page may
|
| 59 |
// contain a <link rel=...> element containing the URL of the OpenID
|
| 60 |
// Provider Endpoint. OpenID 1 and 2 describe slightly different formats.
|
| 61 |
|
| 62 |
// OpenID Authentication 1.1, section 3.1:
|
| 63 |
$this->addIdentity(url('openid-test/html/openid1', array('absolute' => TRUE)), 1);
|
| 64 |
|
| 65 |
// OpenID Authentication 2.0, section 7.3.3:
|
| 66 |
$this->addIdentity(url('openid-test/html/openid2', array('absolute' => TRUE)), 2);
|
| 67 |
}
|
| 68 |
|
| 69 |
/**
|
| 70 |
* Test login using OpenID.
|
| 71 |
*/
|
| 72 |
function testLogin() {
|
| 73 |
$this->drupalLogin($this->web_user);
|
| 74 |
|
| 75 |
// Use a User-supplied Identity that is the URL of an XRDS document.
|
| 76 |
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
|
| 77 |
$this->addIdentity($identity);
|
| 78 |
|
| 79 |
$this->drupalLogout();
|
| 80 |
|
| 81 |
// Fill out and submit the login form.
|
| 82 |
$edit = array('openid_identifier' => $identity);
|
| 83 |
$this->drupalPost(NULL, $edit, t('Log in'));
|
| 84 |
|
| 85 |
// Check we are on the OpenID redirect form.
|
| 86 |
$this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
|
| 87 |
|
| 88 |
// Submit form to the OpenID Provider Endpoint.
|
| 89 |
$this->drupalPost(NULL, array(), t('Send'));
|
| 90 |
|
| 91 |
$this->assertText($this->web_user->name, t('User was logged in.'));
|
| 92 |
|
| 93 |
// Test logging in via the user/login page.
|
| 94 |
$this->drupalLogout();
|
| 95 |
$this->drupalPost('user/login', $edit, t('Log in'));
|
| 96 |
|
| 97 |
// Check we are on the OpenID redirect form.
|
| 98 |
$this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
|
| 99 |
|
| 100 |
// Submit form to the OpenID Provider Endpoint.
|
| 101 |
$this->drupalPost(NULL, array(), t('Send'));
|
| 102 |
|
| 103 |
$this->assertText($this->web_user->name, t('User was logged in.'));
|
| 104 |
|
| 105 |
// Verify user was redirected away from user/login to an accessible page.
|
| 106 |
$this->assertResponse(200);
|
| 107 |
}
|
| 108 |
|
| 109 |
/**
|
| 110 |
* Test deleting an OpenID identity from a user's profile.
|
| 111 |
*/
|
| 112 |
function testDelete() {
|
| 113 |
$this->drupalLogin($this->web_user);
|
| 114 |
|
| 115 |
// Add identity to user's profile.
|
| 116 |
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
|
| 117 |
$this->addIdentity($identity);
|
| 118 |
$this->assertText($identity, t('Identity appears in list.'));
|
| 119 |
|
| 120 |
// Delete the newly added identity.
|
| 121 |
$this->clickLink(t('Delete'));
|
| 122 |
$this->drupalPost(NULL, array(), t('Confirm'));
|
| 123 |
|
| 124 |
$this->assertText(t('OpenID deleted.'), t('Identity deleted'));
|
| 125 |
$this->assertNoText($identity, t('Identity no longer appears in list.'));
|
| 126 |
}
|
| 127 |
|
| 128 |
/**
|
| 129 |
* Add OpenID identity to user's profile.
|
| 130 |
*/
|
| 131 |
function addIdentity($identity, $version = 2) {
|
| 132 |
$this->drupalGet('user/' . $this->web_user->uid . '/openid');
|
| 133 |
$edit = array('openid_identifier' => $identity);
|
| 134 |
$this->drupalPost(NULL, $edit, t('Add an OpenID'));
|
| 135 |
|
| 136 |
// OpenID 1 used a HTTP redirect, OpenID 2 uses a HTML form that is submitted automatically using JavaScript.
|
| 137 |
if ($version == 2) {
|
| 138 |
// Manually submit form because SimpleTest is not able to execute JavaScript.
|
| 139 |
$this->assertRaw('<script type="text/javascript">document.getElementById("openid-redirect-form").submit();</script>', t('JavaScript form submission found.'));
|
| 140 |
$this->drupalPost(NULL, array(), t('Send'));
|
| 141 |
}
|
| 142 |
|
| 143 |
$this->assertRaw(t('Successfully added %identity', array('%identity' => $identity)), t('Identity %identity was added.', array('%identity' => $identity)));
|
| 144 |
}
|
| 145 |
|
| 146 |
/**
|
| 147 |
* Test openID auto-registration with e-mail verification disabled.
|
| 148 |
*/
|
| 149 |
function testRegisterUserWithoutEmailVerification() {
|
| 150 |
variable_set('user_email_verification', FALSE);
|
| 151 |
|
| 152 |
// Load the front page to get the user login block.
|
| 153 |
$this->drupalGet('');
|
| 154 |
|
| 155 |
// Use a User-supplied Identity that is the URL of an XRDS document.
|
| 156 |
$identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
|
| 157 |
|
| 158 |
// Fill out and submit the login form.
|
| 159 |
$edit = array('openid_identifier' => $identity);
|
| 160 |
$this->drupalPost(NULL, $edit, t('Log in'));
|
| 161 |
|
| 162 |
// The OpenID module responds with an HTML form that is to be submitted
|
| 163 |
// to the OpenID Provider Endpoint. This is usually done automatically
|
| 164 |
// using JavaScript, but the SimpleTest browser does not support JavaScript,
|
| 165 |
// so the form is submitted manually instead.
|
| 166 |
$this->assertRaw('<script type="text/javascript">document.getElementById("openid-redirect-form").submit();</script>', t('JavaScript form submission found.'));
|
| 167 |
$this->drupalPost(NULL, array(), t('Send'));
|
| 168 |
$this->assertText('johndoe', t('User was logged in.'));
|
| 169 |
|
| 170 |
$user = user_load_by_name('johndoe');
|
| 171 |
$this->assertTrue($user, t('User was found.'));
|
| 172 |
$this->assertEqual($user->mail, 'johndoe@example.com', t('User was registered with right email address.'));
|
| 173 |
}
|
| 174 |
}
|
| 175 |
|
| 176 |
/**
|
| 177 |
* Test internal helper functions.
|
| 178 |
*/
|
| 179 |
class OpenIDUnitTest extends DrupalWebTestCase {
|
| 180 |
public static function getInfo() {
|
| 181 |
return array(
|
| 182 |
'name' => 'OpenID helper functions',
|
| 183 |
'description' => 'Test OpenID helper functions.',
|
| 184 |
'group' => 'OpenID'
|
| 185 |
);
|
| 186 |
}
|
| 187 |
|
| 188 |
function setUp() {
|
| 189 |
parent::setUp('openid');
|
| 190 |
module_load_include('inc', 'openid');
|
| 191 |
}
|
| 192 |
|
| 193 |
/**
|
| 194 |
* Test _openid_dh_XXX_to_XXX() functions.
|
| 195 |
*/
|
| 196 |
function testConversion() {
|
| 197 |
$this->assertEqual(_openid_dh_long_to_base64('12345678901234567890123456789012345678901234567890'), 'CHJ/Y2mq+DyhUCZ0evjH8ZbOPwrS', t('_openid_dh_long_to_base64() returned expected result.'));
|
| 198 |
$this->assertEqual(_openid_dh_base64_to_long('BsH/g8Nrpn2dtBSdu/sr1y8hxwyx'), '09876543210987654321098765432109876543210987654321', t('_openid_dh_base64_to_long() returned expected result.'));
|
| 199 |
|
| 200 |
$this->assertEqual(_openid_dh_long_to_binary('12345678901234567890123456789012345678901234567890'), "\x08r\x7fci\xaa\xf8<\xa1P&tz\xf8\xc7\xf1\x96\xce?\x0a\xd2", t('_openid_dh_long_to_binary() returned expected result.'));
|
| 201 |
$this->assertEqual(_openid_dh_binary_to_long("\x06\xc1\xff\x83\xc3k\xa6}\x9d\xb4\x14\x9d\xbb\xfb+\xd7/!\xc7\x0c\xb1"), '09876543210987654321098765432109876543210987654321', t('_openid_dh_binary_to_long() returned expected result.'));
|
| 202 |
}
|
| 203 |
|
| 204 |
/**
|
| 205 |
* Test _openid_dh_xorsecret().
|
| 206 |
*/
|
| 207 |
function testOpenidDhXorsecret() {
|
| 208 |
$this->assertEqual(_openid_dh_xorsecret('123456790123456790123456790', "abc123ABC\x00\xFF"), "\xa4'\x06\xbe\xf1.\x00y\xff\xc2\xc1", t('_openid_dh_xorsecret() returned expected result.'));
|
| 209 |
}
|
| 210 |
|
| 211 |
/**
|
| 212 |
* Test _openid_get_bytes().
|
| 213 |
*/
|
| 214 |
function testOpenidGetBytes() {
|
| 215 |
$this->assertEqual(strlen(_openid_get_bytes(20)), 20, t('_openid_get_bytes() returned expected result.'));
|
| 216 |
}
|
| 217 |
|
| 218 |
/**
|
| 219 |
* Test _openid_signature().
|
| 220 |
*/
|
| 221 |
function testOpenidSignature() {
|
| 222 |
// Test that signature is calculated according to OpenID Authentication 2.0,
|
| 223 |
// section 6.1. In the following array, only the two first entries should be
|
| 224 |
// included in the calculation, because the substring following the period
|
| 225 |
// is mentioned in the third argument for _openid_signature(). The last
|
| 226 |
// entry should not be included, because it does not start with "openid.".
|
| 227 |
$response = array(
|
| 228 |
'openid.foo' => 'abc1',
|
| 229 |
'openid.bar' => 'abc2',
|
| 230 |
'openid.baz' => 'abc3',
|
| 231 |
'foobar.foo' => 'abc4',
|
| 232 |
);
|
| 233 |
$association = new stdClass;
|
| 234 |
$association->mac_key = "1234567890abcdefghij\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\xF0\xF1\xF2\xF3\xF4\xF5\xF6\xF7\xF8\xF9";
|
| 235 |
$this->assertEqual(_openid_signature($association, $response, array('foo', 'bar')), 'QnKZQzSFstT+GNiJDFOptdcZjrc=', t('Expected signature calculated.'));
|
| 236 |
}
|
| 237 |
|
| 238 |
/**
|
| 239 |
* Test _openid_is_xri().
|
| 240 |
*/
|
| 241 |
function testOpenidXRITest() {
|
| 242 |
// Test that the XRI test is according to OpenID Authentication 2.0,
|
| 243 |
// section 7.2. If the user-supplied string starts with xri:// it should be
|
| 244 |
// stripped and the resulting string should be treated as an XRI when it
|
| 245 |
// starts with "=", "@", "+", "$", "!" or "(".
|
| 246 |
$this->assertTrue(_openid_is_xri('xri://=foo'), t('_openid_is_xri returned expected result for an xri identifier with xri scheme.'));
|
| 247 |
$this->assertTrue(_openid_is_xri('xri://@foo'), t('_openid_is_xri returned expected result for an xri identifier with xri scheme.'));
|
| 248 |
$this->assertTrue(_openid_is_xri('xri://+foo'), t('_openid_is_xri returned expected result for an xri identifier with xri scheme.'));
|
| 249 |
$this->assertTrue(_openid_is_xri('xri://$foo'), t('_openid_is_xri returned expected result for an xri identifier with xri scheme.'));
|
| 250 |
$this->assertTrue(_openid_is_xri('xri://!foo'), t('_openid_is_xri returned expected result for an xri identifier with xri scheme..'));
|
| 251 |
$this->assertTrue(_openid_is_xri('xri://(foo'), t('_openid_is_xri returned expected result for an xri identifier with xri scheme..'));
|
| 252 |
|
| 253 |
$this->assertTrue(_openid_is_xri('=foo'), t('_openid_is_xri returned expected result for an xri identifier.'));
|
| 254 |
$this->assertTrue(_openid_is_xri('@foo'), t('_openid_is_xri returned expected result for an xri identifier.'));
|
| 255 |
$this->assertTrue(_openid_is_xri('+foo'), t('_openid_is_xri returned expected result for an xri identifier.'));
|
| 256 |
$this->assertTrue(_openid_is_xri('$foo'), t('_openid_is_xri returned expected result for an xri identifier.'));
|
| 257 |
$this->assertTrue(_openid_is_xri('!foo'), t('_openid_is_xri returned expected result for an xri identifier.'));
|
| 258 |
$this->assertTrue(_openid_is_xri('(foo'), t('_openid_is_xri returned expected result for an xri identifier.'));
|
| 259 |
|
| 260 |
$this->assertFalse(_openid_is_xri('foo'), t('_openid_is_xri returned expected result for an http URL.'));
|
| 261 |
$this->assertFalse(_openid_is_xri('xri://foo'), t('_openid_is_xri returned expected result for an http URL.'));
|
| 262 |
$this->assertFalse(_openid_is_xri('http://foo/'), t('_openid_is_xri returned expected result for an http URL.'));
|
| 263 |
$this->assertFalse(_openid_is_xri('http://example.com/'), t('_openid_is_xri returned expected result for an http URL.'));
|
| 264 |
$this->assertFalse(_openid_is_xri('user@example.com/'), t('_openid_is_xri returned expected result for an http URL.'));
|
| 265 |
$this->assertFalse(_openid_is_xri('http://user@example.com/'), t('_openid_is_xri returned expected result for an http URL.'));
|
| 266 |
}
|
| 267 |
}
|
Parent Directory
| 
Revision Log
| 
Revision Graph