Permalink
Browse files

[security][listener] fix required\optional attributes.

  • Loading branch information...
1 parent bbc9b6f commit 608f01ef9388d5c026e7aeca2ab950e856c8e26b @makasim makasim committed Apr 19, 2012
@@ -20,8 +20,8 @@ protected function verify(Request $request)
$lightOpenId->identity = $this->guessIdentifier($request);
$lightOpenId->returnUrl = $this->guessReturnUrl($request);
- $lightOpenId->required = $this->guessRequiredParameters($request);
- $lightOpenId->optional = $this->guessOptionalParameters($request);
+ $lightOpenId->required = $this->guessRequiredAttributes($request);
+ $lightOpenId->optional = $this->guessOptionalAttributes($request);
return new RedirectResponse($lightOpenId->authUrl());
}
@@ -65,7 +65,7 @@ public function manage(Request $request)
*/
protected function guessTrustRoot(Request $request)
{
- return $request->attributes->get('openid_trust_root', $request->getHttpHost());
+ return $request->attributes->get('trust_root', $request->getHttpHost());
}
/**
@@ -93,18 +93,18 @@ protected function guessIdentifier(Request $request)
*
* @return string
*/
- protected function guessRequiredParameters(Request $request)
+ protected function guessRequiredAttributes(Request $request)
{
- return $request->get('openid_required_parameters', array());
+ return $request->get('required_attributes', array());
}
/**
* @param \Symfony\Component\HttpFoundation\Request $request
*
* @return string
*/
- protected function guessOptionalParameters(Request $request)
+ protected function guessOptionalAttributes(Request $request)
{
- return $request->get('openid_optional_parameters', array());
+ return $request->get('optional_attributes', array());
}
}
@@ -19,11 +19,11 @@ class OpenIdAuthenticationListener extends AbstractOpenIdAuthenticationListener
protected function attemptAuthentication(Request $request)
{
$openIdRequest = $request->duplicate();
- if (false == empty($this->options['required_parameters'])) {
- $openIdRequest->attributes->set('openid_required_parameters', $this->options['required_parameters']);
+ if (false == empty($this->options['required_attributes'])) {
+ $openIdRequest->attributes->set('required_attributes', $this->options['required_attributes']);
}
- if (false == empty($this->options['openid_optional_parameters'])) {
- $openIdRequest->attributes->set('openid_optional_parameters', $this->options['required_parameters']);
+ if (false == empty($this->options['optional_attributes'])) {
+ $openIdRequest->attributes->set('optional_attributes', $this->options['optional_attributes']);
}
$result = $this->getRelyingParty()->manage($openIdRequest);
@@ -0,0 +1,309 @@
+<?php
+namespace Fp\OpenIdBundle\Tests\RelyingParty;
+
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\RedirectResponse;
+
+use Fp\OpenIdBundle\RelyingParty\AbstractRelyingParty;
+use Fp\OpenIdBundle\RelyingParty\IdentityProviderResponse;
+
+/**
+ * @author Kotlyar Maksim <kotlyar.maksim@gmail.com>
+ * @since 4/19/12
+ */
+class AbstractRelyingPartyTest extends \PHPUnit_Framework_TestCase
+{
+ /**
+ * @test
+ */
+ public function shouldImplementsRelyingPartyInterface()
+ {
+ $rc = new \ReflectionClass('Fp\OpenIdBundle\RelyingParty\AbstractRelyingParty');
+
+ $this->assertTrue($rc->implementsInterface('Fp\OpenIdBundle\RelyingParty\RelyingPartyInterface'));
+ }
+
+ /**
+ * @test
+ */
+ public function shouldBeAbstractClass()
+ {
+ $rc = new \ReflectionClass('Fp\OpenIdBundle\RelyingParty\AbstractRelyingParty');
+
+ $this->assertTrue($rc->isAbstract());
+ }
+
+ /**
+ * @test
+ */
+ public function shouldNotSupportEmptyRequest()
+ {
+ $emptyRequest = Request::create('uri');
+
+ $relyingParty = new AbstractRelyingPartyMock();
+
+ $this->assertFalse($relyingParty->supports($emptyRequest));
+ }
+
+ /**
+ * @test
+ */
+ public function couldBeConstructedWithoutAnyArguments()
+ {
+ new AbstractRelyingPartyMock();
+ }
+
+ /**
+ * @test
+ */
+ public function shouldSupportIfQueryHasParameterStartsWithOpenId()
+ {
+ $request = Request::create('uri');
+ $request->query->set('openid_parameter', 1);
+
+ $relyingParty = new AbstractRelyingPartyMock();
+
+ $this->assertTrue($relyingParty->supports($request));
+ }
+
+ /**
+ * @test
+ */
+ public function shouldSupportIfRequestHasParameterStartsWithOpenId()
+ {
+ $request = Request::create('uri');
+ $request->request->set('openid_parameter', 1);
+
+ $relyingParty = new AbstractRelyingPartyMock();
+
+ $this->assertTrue($relyingParty->supports($request));
+ }
+
+ /**
+ * @test
+ *
+ * @expectedException InvalidArgumentException
+ * @expectedExceptionMessage The relying party does not support the request
+ */
+ public function throwIfTryToManageNotSupportedRequest()
+ {
+ $notSupportedRequest = Request::create('uri');
+
+ $relyingParty = new AbstractRelyingPartyMock();
+
+ //guard
+ $this->assertFalse($relyingParty->supports($notSupportedRequest));
+
+ $relyingParty->manage($notSupportedRequest);
+ }
+
+ /**
+ * @test
+ */
+ public function shouldCallVerifyAndReturnRedirectResponseIfOpenIdIdentifierParameterPresentInQuery()
+ {
+ $request = Request::create('uri');
+ $request->query->set('openid_identifier', 'an_id');
+
+ $relyingParty = new AbstractRelyingPartyMock();
+
+ $result = $relyingParty->manage($request);
+
+ $this->assertInstanceOf('Symfony\Component\HttpFoundation\RedirectResponse', $result);
+ }
+
+ /**
+ * @test
+ */
+ public function shouldCallVerifyAndReturnRedirectResponseIfOpenIdIdentifierParameterPresentInRequest()
+ {
+ $request = Request::create('uri');
+ $request->request->set('openid_identifier', 'an_id');
+
+ $relyingParty = new AbstractRelyingPartyMock();
+
+ $result = $relyingParty->manage($request);
+
+ $this->assertInstanceOf('Symfony\Component\HttpFoundation\RedirectResponse', $result);
+ }
+
+ /**
+ * @test
+ */
+ public function shouldCallCompleteAndReturnIdentityProviderResponseIfOpenIdIdentifierParameterNotPresent()
+ {
+ $request = Request::create('uri');
+ $request->request->set('openid_parameter', 'param');
+
+ $relyingParty = new AbstractRelyingPartyMock();
+
+ $result = $relyingParty->manage($request);
+
+ $this->assertInstanceOf('Fp\OpenIdBundle\RelyingParty\IdentityProviderResponse', $result);
+ }
+
+ /**
+ * @test
+ */
+ public function shouldReturnEmptyRequiredAttributesIfRequestDoesNotHaveAny()
+ {
+ $request = Request::create('uri');
+
+ $relyingParty = new AbstractRelyingPartyMock();
+
+ $result = $relyingParty->callProtected('guessRequiredAttributes', array($request));
+
+ $this->assertEquals(array(), $result);
+ }
+
+ /**
+ * @test
+ */
+ public function shouldReturnExpectedRequiredAttributesIfRequestHaveSome()
+ {
+ $expectedAttributes = array('foo' => 'bar');
+
+ $request = Request::create('uri');
+ $request->attributes->set('required_attributes', $expectedAttributes);
+
+ $relyingParty = new AbstractRelyingPartyMock();
+
+ $result = $relyingParty->callProtected('guessRequiredAttributes', array($request));
+
+ $this->assertEquals($expectedAttributes, $result);
+ }
+
+ /**
+ * @test
+ */
+ public function shouldReturnEmptyOptionalAttributesIfRequestDoesNotHaveAny()
+ {
+ $request = Request::create('uri');
+
+ $relyingParty = new AbstractRelyingPartyMock();
+
+ $result = $relyingParty->callProtected('guessOptionalAttributes', array($request));
+
+ $this->assertEquals(array(), $result);
+ }
+
+ /**
+ * @test
+ */
+ public function shouldReturnExpectedOptionalAttributesIfRequestHaveSome()
+ {
+ $expectedAttributes = array('foo' => 'bar');
+
+ $request = Request::create('uri');
+ $request->attributes->set('optional_attributes', $expectedAttributes);
+
+ $relyingParty = new AbstractRelyingPartyMock();
+
+ $result = $relyingParty->callProtected('guessOptionalAttributes', array($request));
+
+ $this->assertEquals($expectedAttributes, $result);
+ }
+
+ /**
+ * @test
+ */
+ public function shouldReturnNullAsIdentifierIfRequestNotHaveOne()
+ {
+ $request = Request::create('uri');
+
+ $relyingParty = new AbstractRelyingPartyMock();
+
+ $result = $relyingParty->callProtected('guessIdentifier', array($request));
+
+ $this->assertNull($result);
+ }
+
+ /**
+ * @test
+ */
+ public function shouldReturnExpectedIdentifierIfRequestHaveOne()
+ {
+ $expectedIdentifier = 'the_id';
+
+ $request = Request::create('uri');
+ $request->attributes->set('openid_identifier', $expectedIdentifier);
+
+ $relyingParty = new AbstractRelyingPartyMock();
+
+ $result = $relyingParty->callProtected('guessIdentifier', array($request));
+
+ $this->assertEquals($expectedIdentifier, $result);
+ }
+
+ /**
+ * @test
+ */
+ public function shouldReturnRequestHttpHostAsTrustRootIfRequestNotHaveAttributeTrustRoot()
+ {
+ $request = Request::create('uri');
+
+ $relyingParty = new AbstractRelyingPartyMock();
+
+ $result = $relyingParty->callProtected('guessTrustRoot', array($request));
+
+ $this->assertEquals($request->getHttpHost(), $result);
+ }
+
+ /**
+ * @test
+ */
+ public function shouldReturnExpectedTrustRootIfRequestHaveAttributeTrustRoot()
+ {
+ $expectedTrustRoot = 'the_trust_root';
+
+ $request = Request::create('uri');
+ $request->attributes->set('trust_root', $expectedTrustRoot);
+
+ $relyingParty = new AbstractRelyingPartyMock();
+
+ $result = $relyingParty->callProtected('guessTrustRoot', array($request));
+
+ $this->assertEquals($expectedTrustRoot, $result);
+ }
+
+ /**
+ * @test
+ */
+ public function shouldReturnRequestUriAsReturnUrl()
+ {
+ $request = Request::create('uri');
+
+ $relyingParty = new AbstractRelyingPartyMock();
+
+ $result = $relyingParty->callProtected('guessReturnUrl', array($request));
+
+ $this->assertEquals($request->getUri(), $result);
+ }
+}
+
+class AbstractRelyingPartyMock extends AbstractRelyingParty
+{
+ public $providerUrl = 'http://example.com/openid-provider';
+
+ public $identity = 'an_id';
+
+ public $attributes = array();
+
+ protected function verify(Request $request)
+ {
+ return new RedirectResponse($this->providerUrl);
+ }
+
+ protected function complete(Request $request)
+ {
+ return new IdentityProviderResponse(
+ $this->identity,
+ $this->attributes
+ );
+ }
+
+ public function callProtected($method, array $args = array())
+ {
+ return call_user_func_array(array($this, $method), $args);
+ }
+}
Oops, something went wrong.

0 comments on commit 608f01e

Please sign in to comment.