openid.test 23.1 KB
Newer Older
1
2
3
4
5
6
7
8
9
<?php
// $Id$

/**
 * Test login and account registration using OpenID.
 */
class OpenIDFunctionalTest extends DrupalWebTestCase {
  protected $web_user;

10
  public static function getInfo() {
11
    return array(
12
13
14
      'name' => 'OpenID login and account registration',
      'description' => "Adds an identity to a user's profile and uses it to log in, creates a user account using auto-registration.",
      'group' => 'OpenID'
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
    );
  }

  function setUp() {
    parent::setUp('openid', 'openid_test');

    // User doesn't need special permissions; only the ability to log in.
    $this->web_user = $this->drupalCreateUser(array());
  }

  /**
   * Test discovery of OpenID Provider Endpoint via Yadis and HTML.
   */
  function testDiscovery() {
    $this->drupalLogin($this->web_user);

    // The User-supplied Identifier entered by the user may indicate the URL of
    // the OpenID Provider Endpoint in various ways, as described in OpenID
    // Authentication 2.0 and Yadis Specification 1.0.
    // Note that all of the tested identifiers refer to the same endpoint, so
    // only the first will trigger an associate request in openid_association()
    // (association is only done the first time Drupal encounters a given
    // endpoint).


    // Yadis discovery (see Yadis Specification 1.0, section 6.2.5):
    // If the User-supplied Identifier is a URL, it may be a direct or indirect
    // reference to an XRDS document (a Yadis Resource Descriptor) that contains
    // the URL of the OpenID Provider Endpoint.

    // Identifier is the URL of an XRDS document.
46
47
48
49
    // The URL scheme is stripped in order to test that the supplied identifier
    // is normalized in openid_begin().
    $identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
    $this->addIdentity(preg_replace('@^https?://@', '', $identity), 2, $identity);
50

51
52
53
54
    // Identifier is the URL of an XRDS document containing an OP Identifier
    // Element. The Relying Party sends the special value
    // "http://specs.openid.net/auth/2.0/identifier_select" as Claimed
    // Identifier. The OpenID Provider responds with the actual identifier.
55
56
57
58
59
60
61
    $identity = url('openid-test/yadis/xrds/dummy-user', array('absolute' => TRUE));
    // Tell openid_test.module to respond with this identifier. The URL scheme
    // is stripped in order to test that the returned identifier is normalized in
    // openid_complete().
    variable_set('openid_test_response', array('openid.claimed_id' => preg_replace('@^https?://@', '', $identity)));
    $this->addIdentity(url('openid-test/yadis/xrds/server', array('absolute' => TRUE)), 2, $identity);
    variable_set('openid_test_response', array());
62

63
64
65
66
67
68
69
70
    // Identifier is the URL of an HTML page that is sent with an HTTP header
    // that contains the URL of an XRDS document.
    $this->addIdentity(url('openid-test/yadis/x-xrds-location', array('absolute' => TRUE)), 2);

    // Identifier is the URL of an HTML page containing a <meta http-equiv=...>
    // element that contains the URL of an XRDS document.
    $this->addIdentity(url('openid-test/yadis/http-equiv', array('absolute' => TRUE)), 2);

71
72
73
    // Identifier is an XRI. Resolve using our own dummy proxy resolver.
    variable_set('xri_proxy_resolver', url('openid-test/yadis/xrds/xri', array('absolute' => TRUE)) . '/');
    $this->addIdentity('@example*résumé;%25', 2, 'http://example.com/user');
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107

    // HTML-based discovery:
    // If the User-supplied Identifier is a URL of an HTML page, the page may
    // contain a <link rel=...> element containing the URL of the OpenID
    // Provider Endpoint. OpenID 1 and 2 describe slightly different formats.

    // OpenID Authentication 1.1, section 3.1:
    $this->addIdentity(url('openid-test/html/openid1', array('absolute' => TRUE)), 1);

    // OpenID Authentication 2.0, section 7.3.3:
    $this->addIdentity(url('openid-test/html/openid2', array('absolute' => TRUE)), 2);
  }

  /**
   * Test login using OpenID.
   */
  function testLogin() {
    $this->drupalLogin($this->web_user);

    // Use a User-supplied Identity that is the URL of an XRDS document.
    $identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
    $this->addIdentity($identity);

    $this->drupalLogout();

    // Fill out and submit the login form.
    $edit = array('openid_identifier' => $identity);
    $this->drupalPost(NULL, $edit, t('Log in'));

    // Check we are on the OpenID redirect form.
    $this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));

    // Submit form to the OpenID Provider Endpoint.
    $this->drupalPost(NULL, array(), t('Send'));
108
    $this->assertLink($this->web_user->name, 0, t('User was logged in.'));
109
110
111
112
113
114
115
116
117
118
119

    // Test logging in via the user/login page.
    $this->drupalLogout();
    $this->drupalPost('user/login', $edit, t('Log in'));

    // Check we are on the OpenID redirect form.
    $this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));

    // Submit form to the OpenID Provider Endpoint.
    $this->drupalPost(NULL, array(), t('Send'));

120
    $this->assertLink($this->web_user->name, 0, t('User was logged in.'));
121
122
123

    // Verify user was redirected away from user/login to an accessible page.
    $this->assertResponse(200);
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
  }

  /**
   * Test deleting an OpenID identity from a user's profile.
   */
  function testDelete() {
    $this->drupalLogin($this->web_user);

    // Add identity to user's profile.
    $identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));
    $this->addIdentity($identity);
    $this->assertText($identity, t('Identity appears in list.'));

    // Delete the newly added identity.
    $this->clickLink(t('Delete'));
    $this->drupalPost(NULL, array(), t('Confirm'));

    $this->assertText(t('OpenID deleted.'), t('Identity deleted'));
    $this->assertNoText($identity, t('Identity no longer appears in list.'));
  }

145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
  /**
   * Test that a blocked user cannot log in.
   */
  function testBlockedUserLogin() {
    // Use a User-supplied Identity that is the URL of an XRDS document.
    $identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));

    // Log in and add an OpenID Identity to the account.
    $this->drupalLogin($this->web_user);
    $this->addIdentity($identity);
    $this->drupalLogout();

    // Log in as an admin user and block the account.
    $admin_user = $this->drupalCreateUser(array('administer users'));
    $this->drupalLogin($admin_user);
    $this->drupalGet('admin/people');
    $edit = array(
      'operation' => 'block',
      'accounts[' . $this->web_user->uid . ']' => TRUE,
    );
    $this->drupalPost('admin/people', $edit, t('Update'));
    $this->assertRaw('The update has been performed.', t('Account was blocked.'));
    $this->drupalLogout();

    // Fill out and submit the login form.
    $edit = array('openid_identifier' => $identity);
    $this->drupalPost(NULL, $edit, t('Log in'));

    // Check we are on the OpenID redirect form.
    $this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));

    // Submit form to the OpenID Provider Endpoint.
    $this->drupalPost(NULL, array(), t('Send'));
    $this->assertRaw(t('The username %name has not been activated or is blocked.', array('%name' => $this->web_user->name)), t('User login was blocked.'));
  }

181
182
  /**
   * Add OpenID identity to user's profile.
183
184
185
186
187
188
189
   *
   * @param $identity
   *   The User-supplied Identifier.
   * @param $version
   *   The protocol version used by the service.
   * @param $claimed_id
   *   The expected Claimed Identifier returned by the OpenID Provider.
190
   */
191
  function addIdentity($identity, $version = 2, $claimed_id = NULL) {
192
193
194
195
196
197
198
199
200
201
202
    $this->drupalGet('user/' . $this->web_user->uid . '/openid');
    $edit = array('openid_identifier' => $identity);
    $this->drupalPost(NULL, $edit, t('Add an OpenID'));

    // OpenID 1 used a HTTP redirect, OpenID 2 uses a HTML form that is submitted automatically using JavaScript.
    if ($version == 2) {
      // Manually submit form because SimpleTest is not able to execute JavaScript.
      $this->assertRaw('<script type="text/javascript">document.getElementById("openid-redirect-form").submit();</script>', t('JavaScript form submission found.'));
      $this->drupalPost(NULL, array(), t('Send'));
    }

203
204
205
206
    if (!$claimed_id) {
      $claimed_id = $identity;
    }
    $this->assertRaw(t('Successfully added %identity', array('%identity' => $claimed_id)), t('Identity %identity was added.', array('%identity' => $identity)));
207
208
209
  }

  /**
210
   * Test OpenID auto-registration with e-mail verification disabled.
211
212
213
214
215
216
217
218
219
220
   */
  function testRegisterUserWithoutEmailVerification() {
    variable_set('user_email_verification', FALSE);

    // Load the front page to get the user login block.
    $this->drupalGet('');

    // Use a User-supplied Identity that is the URL of an XRDS document.
    $identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));

221
    // Tell openid_test.module to respond with these SREG fields.
222
223
224
225
226
227
228
229
    variable_set('openid_test_response', array('openid.sreg.nickname' => 'john', 'openid.sreg.email' => 'john@example.com'));

    // Fill out and submit the login form.
    $edit = array('openid_identifier' => $identity);
    $this->drupalPost(NULL, $edit, t('Log in'));

    // Check we are on the OpenID redirect form.
    $this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
230

231
232
    // Submit form to the OpenID Provider Endpoint.
    $this->drupalPost(NULL, array(), t('Send'));
233
    $this->assertLink('john', 0, t('User was logged in.'));
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250

    $user = user_load_by_name('john');
    $this->assertTrue($user, t('User was registered with right username.'));
    $this->assertEqual($user->mail, 'john@example.com', t('User was registered with right email address.'));
  }

  /**
   * Test OpenID auto-registration with a provider that supplies invalid SREG
   * information (a username that is already taken, and no e-mail address).
   */
  function testRegisterUserWithInvalidSreg() {
    // Load the front page to get the user login block.
    $this->drupalGet('');

    // Use a User-supplied Identity that is the URL of an XRDS document.
    $identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));

251
    // Tell openid_test.module to respond with these SREG fields.
252
253
254
255
256
257
258
259
    variable_set('openid_test_response', array('openid.sreg.nickname' => $this->web_user->name, 'openid.sreg.email' => 'mail@invalid#'));

    // Fill out and submit the login form.
    $edit = array('openid_identifier' => $identity);
    $this->drupalPost(NULL, $edit, t('Log in'));

    // Check we are on the OpenID redirect form.
    $this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
260

261
262
263
    // Submit form to the OpenID Provider Endpoint.
    $this->drupalPost(NULL, array(), t('Send'));

264
    $this->assertRaw(t('Account registration using the information provided by your OpenID provider failed due to the reasons listed below. Complete the registration by filling out the form below. If you already have an account, you can <a href="@login">log in</a> now and add your OpenID under "My account".', array('@login' => url('user/login'))), t('User was asked to complete the registration process manually.'));
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
    $this->assertRaw(t('The name %name is already taken.', array('%name' => $this->web_user->name)), t('Form validation error for username was displayed.'));
    $this->assertRaw(t('The e-mail address %mail is not valid.', array('%mail' => 'mail@invalid#')), t('Form validation error for e-mail address was displayed.'));

    // Enter username and e-mail address manually.
    $edit = array('name' => 'john', 'mail' => 'john@example.com');
    $this->drupalPost(NULL, $edit, t('Create new account'));
    $this->assertRaw(t('Once you have verified your e-mail address, you may log in via OpenID.'), t('User was asked to verify e-mail address.'));

    $user = user_load_by_name('john');
    $this->assertTrue($user, t('User was registered with right username.'));

    // Follow the one-time login that was sent in the confirmation e-mail.
    $this->drupalGet(user_pass_reset_url($user));
    $this->drupalPost(NULL, array(), t('Log in'));

    // The user is taken to user/%uid/edit.
    $this->assertFieldByName('mail', 'john@example.com', t('User was registered with right e-mail address.'));

    $this->clickLink(t('OpenID identities'));
    $this->assertRaw($identity, t('OpenID identity was registered.'));
  }

  /**
   * Test OpenID auto-registration with a provider that does not supply SREG
   * information (i.e. no username or e-mail address).
   */
  function testRegisterUserWithoutSreg() {
    // Load the front page to get the user login block.
    $this->drupalGet('');

    // Use a User-supplied Identity that is the URL of an XRDS document.
    $identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));

298
299
300
301
    // Fill out and submit the login form.
    $edit = array('openid_identifier' => $identity);
    $this->drupalPost(NULL, $edit, t('Log in'));

302
303
    // Check we are on the OpenID redirect form.
    $this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));
304

305
    // Submit form to the OpenID Provider Endpoint.
306
307
    $this->drupalPost(NULL, array(), t('Send'));

308
    $this->assertRaw(t('Complete the registration by filling out the form below. If you already have an account, you can <a href="@login">log in</a> now and add your OpenID under "My account".', array('@login' => url('user/login'))), t('User was asked to complete the registration process manually.'));
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
    $this->assertNoRaw(t('You must enter a username.'), t('Form validation error for username was not displayed.'));
    $this->assertNoRaw(t('You must enter an e-mail address.'), t('Form validation error for e-mail address was not displayed.'));

    // Enter username and e-mail address manually.
    $edit = array('name' => 'john', 'mail' => 'john@example.com');
    $this->drupalPost(NULL, $edit, t('Create new account'));
    $this->assertRaw(t('Once you have verified your e-mail address, you may log in via OpenID.'), t('User was asked to verify e-mail address.'));

    $user = user_load_by_name('john');
    $this->assertTrue($user, t('User was registered with right username.'));

    // Follow the one-time login that was sent in the confirmation e-mail.
    $this->drupalGet(user_pass_reset_url($user));
    $this->drupalPost(NULL, array(), t('Log in'));

    // The user is taken to user/%uid/edit.
    $this->assertFieldByName('mail', 'john@example.com', t('User was registered with right e-mail address.'));

    $this->clickLink(t('OpenID identities'));
    $this->assertRaw($identity, t('OpenID identity was registered.'));
329
  }
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364

  /**
   * Test OpenID auto-registration with a provider that supplies AX information,
   * but no SREG.
   */
  function testRegisterUserWithAXButNoSREG() {
    variable_set('user_email_verification', FALSE);

    // Load the front page to get the user login block.
    $this->drupalGet('');

    // Use a User-supplied Identity that is the URL of an XRDS document.
    $identity = url('openid-test/yadis/xrds', array('absolute' => TRUE));

    // Tell openid_test.module to respond with these AX fields.
    variable_set('openid_test_response', array(
      'openid.ns.ext123' => 'http://openid.net/srv/ax/1.0',
      'openid.ext123.value.email' => 'john@example.com',
    ));

    // Fill out and submit the login form.
    $edit = array('openid_identifier' => $identity);
    $this->drupalPost(NULL, $edit, t('Log in'));

    // Check we are on the OpenID redirect form.
    $this->assertTitle(t('OpenID redirect'), t('OpenID redirect page was displayed.'));

    // Submit form to the OpenID Provider Endpoint.
    $this->drupalPost(NULL, array(), t('Send'));
    $this->assertLink('john', 0, t('User was logged in.'));

    $user = user_load_by_name('john');
    $this->assertTrue($user, t('User was registered with right username.'));
    $this->assertEqual($user->mail, 'john@example.com', t('User was registered with right email address.'));
  }
365
366
367
368
369
370
}

/**
 * Test internal helper functions.
 */
class OpenIDUnitTest extends DrupalWebTestCase {
371
  public static function getInfo() {
372
    return array(
373
374
375
      'name' => 'OpenID helper functions',
      'description' => 'Test OpenID helper functions.',
      'group' => 'OpenID'
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
    );
  }

  function setUp() {
    parent::setUp('openid');
    module_load_include('inc', 'openid');
  }

  /**
   * Test _openid_dh_XXX_to_XXX() functions.
   */
  function testConversion() {
    $this->assertEqual(_openid_dh_long_to_base64('12345678901234567890123456789012345678901234567890'), 'CHJ/Y2mq+DyhUCZ0evjH8ZbOPwrS', t('_openid_dh_long_to_base64() returned expected result.'));
    $this->assertEqual(_openid_dh_base64_to_long('BsH/g8Nrpn2dtBSdu/sr1y8hxwyx'), '09876543210987654321098765432109876543210987654321', t('_openid_dh_base64_to_long() returned expected result.'));

    $this->assertEqual(_openid_dh_long_to_binary('12345678901234567890123456789012345678901234567890'), "\x08r\x7fci\xaa\xf8<\xa1P&tz\xf8\xc7\xf1\x96\xce?\x0a\xd2", t('_openid_dh_long_to_binary() returned expected result.'));
    $this->assertEqual(_openid_dh_binary_to_long("\x06\xc1\xff\x83\xc3k\xa6}\x9d\xb4\x14\x9d\xbb\xfb+\xd7/!\xc7\x0c\xb1"), '09876543210987654321098765432109876543210987654321', t('_openid_dh_binary_to_long() returned expected result.'));
  }

  /**
   * Test _openid_dh_xorsecret().
   */
  function testOpenidDhXorsecret() {
    $this->assertEqual(_openid_dh_xorsecret('123456790123456790123456790', "abc123ABC\x00\xFF"), "\xa4'\x06\xbe\xf1.\x00y\xff\xc2\xc1", t('_openid_dh_xorsecret() returned expected result.'));
  }

  /**
   * Test _openid_get_bytes().
   */
  function testOpenidGetBytes() {
    $this->assertEqual(strlen(_openid_get_bytes(20)), 20, t('_openid_get_bytes() returned expected result.'));
  }

  /**
   * Test _openid_signature().
   */
  function testOpenidSignature() {
    // Test that signature is calculated according to OpenID Authentication 2.0,
    // section 6.1. In the following array, only the two first entries should be
    // included in the calculation, because the substring following the period
    // is mentioned in the third argument for _openid_signature(). The last
    // entry should not be included, because it does not start with "openid.".
    $response = array(
      'openid.foo' => 'abc1',
      'openid.bar' => 'abc2',
      'openid.baz' => 'abc3',
      'foobar.foo' => 'abc4',
    );
    $association = new stdClass;
    $association->mac_key = "1234567890abcdefghij\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\xF0\xF1\xF2\xF3\xF4\xF5\xF6\xF7\xF8\xF9";
    $this->assertEqual(_openid_signature($association, $response, array('foo', 'bar')), 'QnKZQzSFstT+GNiJDFOptdcZjrc=', t('Expected signature calculated.'));
  }
428
429
430
431
432
433
434
435
436

  /**
   * Test _openid_is_xri().
   */
  function testOpenidXRITest() {
    // Test that the XRI test is according to OpenID Authentication 2.0,
    // section 7.2. If the user-supplied string starts with xri:// it should be
    // stripped and the resulting string should be treated as an XRI when it
    // starts with "=", "@", "+", "$", "!" or "(".
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
    $this->assertTrue(_openid_is_xri('xri://=foo'), t('_openid_is_xri() returned expected result for an xri identifier with xri scheme.'));
    $this->assertTrue(_openid_is_xri('xri://@foo'), t('_openid_is_xri() returned expected result for an xri identifier with xri scheme.'));
    $this->assertTrue(_openid_is_xri('xri://+foo'), t('_openid_is_xri() returned expected result for an xri identifier with xri scheme.'));
    $this->assertTrue(_openid_is_xri('xri://$foo'), t('_openid_is_xri() returned expected result for an xri identifier with xri scheme.'));
    $this->assertTrue(_openid_is_xri('xri://!foo'), t('_openid_is_xri() returned expected result for an xri identifier with xri scheme..'));
    $this->assertTrue(_openid_is_xri('xri://(foo'), t('_openid_is_xri() returned expected result for an xri identifier with xri scheme..'));

    $this->assertTrue(_openid_is_xri('=foo'), t('_openid_is_xri() returned expected result for an xri identifier.'));
    $this->assertTrue(_openid_is_xri('@foo'), t('_openid_is_xri() returned expected result for an xri identifier.'));
    $this->assertTrue(_openid_is_xri('+foo'), t('_openid_is_xri() returned expected result for an xri identifier.'));
    $this->assertTrue(_openid_is_xri('$foo'), t('_openid_is_xri() returned expected result for an xri identifier.'));
    $this->assertTrue(_openid_is_xri('!foo'), t('_openid_is_xri() returned expected result for an xri identifier.'));
    $this->assertTrue(_openid_is_xri('(foo'), t('_openid_is_xri() returned expected result for an xri identifier.'));

    $this->assertFalse(_openid_is_xri('foo'), t('_openid_is_xri() returned expected result for an http URL.'));
    $this->assertFalse(_openid_is_xri('xri://foo'), t('_openid_is_xri() returned expected result for an http URL.'));
    $this->assertFalse(_openid_is_xri('http://foo/'), t('_openid_is_xri() returned expected result for an http URL.'));
    $this->assertFalse(_openid_is_xri('http://example.com/'), t('_openid_is_xri() returned expected result for an http URL.'));
    $this->assertFalse(_openid_is_xri('user@example.com/'), t('_openid_is_xri() returned expected result for an http URL.'));
    $this->assertFalse(_openid_is_xri('http://user@example.com/'), t('_openid_is_xri() returned expected result for an http URL.'));
457
  }
458
459

  /**
460
   * Test openid_normalize().
461
462
463
464
465
   */
  function testOpenidNormalize() {
    // Test that the normalization is according to OpenID Authentication 2.0,
    // section 7.2 and 11.5.2.

466
467
    $this->assertEqual(openid_normalize('$foo'), '$foo', t('openid_normalize() correctly normalized an XRI.'));
    $this->assertEqual(openid_normalize('xri://$foo'), '$foo', t('openid_normalize() correctly normalized an XRI with an xri:// scheme.'));
468

469
470
471
    $this->assertEqual(openid_normalize('example.com/'), 'http://example.com/', t('openid_normalize() correctly normalized a URL with a missing scheme.'));
    $this->assertEqual(openid_normalize('example.com'), 'http://example.com/', t('openid_normalize() correctly normalized a URL with a missing scheme and empty path.'));
    $this->assertEqual(openid_normalize('http://example.com'), 'http://example.com/', t('openid_normalize() correctly normalized a URL with an empty path.'));
472

473
    $this->assertEqual(openid_normalize('http://example.com/path'), 'http://example.com/path', t('openid_normalize() correctly normalized a URL with a path.'));
474

475
    $this->assertEqual(openid_normalize('http://example.com/path#fragment'), 'http://example.com/path', t('openid_normalize() correctly normalized a URL with a fragment.'));
476
477
  }

478
479
480
481
482
483
484
485
486
487
488
  /**
   * Test _openid_google_idp_normalize().
   */
  function testGoogleIdpNormalize() {
    // We consider that Gmail will always be Gmail.
    $this->assertTrue(valid_url(_openid_google_idp_normalize('testuser@gmail.com'), TRUE), t('_openid_google_idp_normalize() correctly normalized a Google Gmail identifier.'));
    // This is a test domain documented on http://sites.google.com/site/oauthgoog/fedlogininterp/saml-idp.
    $this->assertTrue(valid_url(_openid_google_idp_normalize('test@lso-test-domain.com'), TRUE), t('_openid_google_idp_normalize() correctly normalized a Google Apps for Domain identifier.'));
    // We consider that microsoft.com will never be hosted by Google.
    $this->assertFalse(valid_url(_openid_google_idp_normalize('test@microsoft.com'), TRUE), t("_openid_google_idp_normalize() didn't normalized an identifier for a domain that is not Google-enabled."));
  }
489
}