Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
project
drupal
Commits
175bb6d1
Commit
175bb6d1
authored
Sep 15, 2009
by
webchick
Browse files
#575796
by Heine: Fixed OpenID XRI test violates the spec.
parent
6c0f8eba
Changes
2
Hide whitespace changes
Inline
Side-by-side
modules/openid/openid.inc
View file @
175bb6d1
...
...
@@ -109,11 +109,15 @@ function openid_redirect_form(&$form_state, $url, $message) {
* Determine if the given identifier is an XRI ID.
*/
function
_openid_is_xri
(
$identifier
)
{
$firstchar
=
substr
(
$identifier
,
0
,
1
);
if
(
$firstchar
==
"@"
||
$firstchar
==
"="
)
return
TRUE
;
// Strip the xri:// scheme from the identifier if present.
if
(
stripos
(
$identifier
,
'xri://'
)
!==
FALSE
)
{
$identifier
=
substr
(
$identifier
,
6
);
}
if
(
stristr
(
$identifier
,
'xri://'
)
!==
FALSE
)
{
// Test whether the identifier starts with an XRI global context symbol or (.
$firstchar
=
substr
(
$identifier
,
0
,
1
);
if
(
strpos
(
"=@+$!("
,
$firstchar
)
!==
FALSE
)
{
return
TRUE
;
}
...
...
modules/openid/openid.test
View file @
175bb6d1
...
...
@@ -219,4 +219,34 @@ class OpenIDUnitTest extends DrupalWebTestCase {
$association
->
mac_key
=
"1234567890abcdefghij
\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\xF0\xF1\xF2\xF3\xF4\xF5\xF6\xF7\xF8\xF9
"
;
$this
->
assertEqual
(
_openid_signature
(
$association
,
$response
,
array
(
'foo'
,
'bar'
)),
'QnKZQzSFstT+GNiJDFOptdcZjrc='
,
t
(
'Expected signature calculated.'
));
}
/**
* Test _openid_is_xri().
*/
function
testOpenidXRITest
()
{
// Test that the XRI test is according to OpenID Authentication 2.0,
// section 7.2. If the user-supplied string starts with xri:// it should be
// stripped and the resulting string should be treated as an XRI when it
// starts with "=", "@", "+", "$", "!" or "(".
$this
->
assertTrue
(
_openid_is_xri
(
'xri://=foo'
),
t
(
'_openid_is_xri returned expected result for an xri identifier with xri scheme.'
));
$this
->
assertTrue
(
_openid_is_xri
(
'xri://@foo'
),
t
(
'_openid_is_xri returned expected result for an xri identifier with xri scheme.'
));
$this
->
assertTrue
(
_openid_is_xri
(
'xri://+foo'
),
t
(
'_openid_is_xri returned expected result for an xri identifier with xri scheme.'
));
$this
->
assertTrue
(
_openid_is_xri
(
'xri://$foo'
),
t
(
'_openid_is_xri returned expected result for an xri identifier with xri scheme.'
));
$this
->
assertTrue
(
_openid_is_xri
(
'xri://!foo'
),
t
(
'_openid_is_xri returned expected result for an xri identifier with xri scheme..'
));
$this
->
assertTrue
(
_openid_is_xri
(
'xri://(foo'
),
t
(
'_openid_is_xri returned expected result for an xri identifier with xri scheme..'
));
$this
->
assertTrue
(
_openid_is_xri
(
'=foo'
),
t
(
'_openid_is_xri returned expected result for an xri identifier.'
));
$this
->
assertTrue
(
_openid_is_xri
(
'@foo'
),
t
(
'_openid_is_xri returned expected result for an xri identifier.'
));
$this
->
assertTrue
(
_openid_is_xri
(
'+foo'
),
t
(
'_openid_is_xri returned expected result for an xri identifier.'
));
$this
->
assertTrue
(
_openid_is_xri
(
'$foo'
),
t
(
'_openid_is_xri returned expected result for an xri identifier.'
));
$this
->
assertTrue
(
_openid_is_xri
(
'!foo'
),
t
(
'_openid_is_xri returned expected result for an xri identifier.'
));
$this
->
assertTrue
(
_openid_is_xri
(
'(foo'
),
t
(
'_openid_is_xri returned expected result for an xri identifier.'
));
$this
->
assertFalse
(
_openid_is_xri
(
'foo'
),
t
(
'_openid_is_xri returned expected result for an http URL.'
));
$this
->
assertFalse
(
_openid_is_xri
(
'xri://foo'
),
t
(
'_openid_is_xri returned expected result for an http URL.'
));
$this
->
assertFalse
(
_openid_is_xri
(
'http://foo/'
),
t
(
'_openid_is_xri returned expected result for an http URL.'
));
$this
->
assertFalse
(
_openid_is_xri
(
'http://example.com/'
),
t
(
'_openid_is_xri returned expected result for an http URL.'
));
$this
->
assertFalse
(
_openid_is_xri
(
'user@example.com/'
),
t
(
'_openid_is_xri returned expected result for an http URL.'
));
$this
->
assertFalse
(
_openid_is_xri
(
'http://user@example.com/'
),
t
(
'_openid_is_xri returned expected result for an http URL.'
));
}
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment