RubyGems - entp-ruby-openid - Versions diffs - 2.2 - Mend

entp-ruby-openid 2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (200) hide show

data/CHANGELOG +215 -0
data/INSTALL +47 -0
data/LICENSE +210 -0
data/NOTICE +2 -0
data/README +85 -0
data/UPGRADE +127 -0
data/admin/runtests.rb +45 -0
data/examples/README +32 -0
data/examples/active_record_openid_store/README +58 -0
data/examples/active_record_openid_store/XXX_add_open_id_store_to_db.rb +24 -0
data/examples/active_record_openid_store/XXX_upgrade_open_id_store.rb +26 -0
data/examples/active_record_openid_store/init.rb +8 -0
data/examples/active_record_openid_store/lib/association.rb +10 -0
data/examples/active_record_openid_store/lib/nonce.rb +3 -0
data/examples/active_record_openid_store/lib/open_id_setting.rb +4 -0
data/examples/active_record_openid_store/lib/openid_ar_store.rb +57 -0
data/examples/active_record_openid_store/test/store_test.rb +212 -0
data/examples/discover +49 -0
data/examples/rails_openid/README +153 -0
data/examples/rails_openid/Rakefile +10 -0
data/examples/rails_openid/app/controllers/application.rb +4 -0
data/examples/rails_openid/app/controllers/consumer_controller.rb +125 -0
data/examples/rails_openid/app/controllers/login_controller.rb +45 -0
data/examples/rails_openid/app/controllers/server_controller.rb +265 -0
data/examples/rails_openid/app/helpers/application_helper.rb +3 -0
data/examples/rails_openid/app/helpers/login_helper.rb +2 -0
data/examples/rails_openid/app/helpers/server_helper.rb +9 -0
data/examples/rails_openid/app/views/consumer/index.rhtml +81 -0
data/examples/rails_openid/app/views/layouts/server.rhtml +68 -0
data/examples/rails_openid/app/views/login/index.rhtml +56 -0
data/examples/rails_openid/app/views/server/decide.rhtml +26 -0
data/examples/rails_openid/config/boot.rb +19 -0
data/examples/rails_openid/config/database.yml +74 -0
data/examples/rails_openid/config/environment.rb +54 -0
data/examples/rails_openid/config/environments/development.rb +19 -0
data/examples/rails_openid/config/environments/production.rb +19 -0
data/examples/rails_openid/config/environments/test.rb +19 -0
data/examples/rails_openid/config/routes.rb +24 -0
data/examples/rails_openid/doc/README_FOR_APP +2 -0
data/examples/rails_openid/public/404.html +8 -0
data/examples/rails_openid/public/500.html +8 -0
data/examples/rails_openid/public/dispatch.cgi +12 -0
data/examples/rails_openid/public/dispatch.fcgi +26 -0
data/examples/rails_openid/public/dispatch.rb +12 -0
data/examples/rails_openid/public/favicon.ico +0 -0
data/examples/rails_openid/public/images/openid_login_bg.gif +0 -0
data/examples/rails_openid/public/javascripts/controls.js +750 -0
data/examples/rails_openid/public/javascripts/dragdrop.js +584 -0
data/examples/rails_openid/public/javascripts/effects.js +854 -0
data/examples/rails_openid/public/javascripts/prototype.js +1785 -0
data/examples/rails_openid/public/robots.txt +1 -0
data/examples/rails_openid/script/about +3 -0
data/examples/rails_openid/script/breakpointer +3 -0
data/examples/rails_openid/script/console +3 -0
data/examples/rails_openid/script/destroy +3 -0
data/examples/rails_openid/script/generate +3 -0
data/examples/rails_openid/script/performance/benchmarker +3 -0
data/examples/rails_openid/script/performance/profiler +3 -0
data/examples/rails_openid/script/plugin +3 -0
data/examples/rails_openid/script/process/reaper +3 -0
data/examples/rails_openid/script/process/spawner +3 -0
data/examples/rails_openid/script/process/spinner +3 -0
data/examples/rails_openid/script/runner +3 -0
data/examples/rails_openid/script/server +3 -0
data/examples/rails_openid/test/functional/login_controller_test.rb +18 -0
data/examples/rails_openid/test/functional/server_controller_test.rb +18 -0
data/examples/rails_openid/test/test_helper.rb +28 -0
data/lib/hmac/hmac.rb +112 -0
data/lib/hmac/sha1.rb +11 -0
data/lib/hmac/sha2.rb +25 -0
data/lib/openid.rb +22 -0
data/lib/openid/association.rb +249 -0
data/lib/openid/consumer.rb +395 -0
data/lib/openid/consumer/associationmanager.rb +344 -0
data/lib/openid/consumer/checkid_request.rb +186 -0
data/lib/openid/consumer/discovery.rb +497 -0
data/lib/openid/consumer/discovery_manager.rb +123 -0
data/lib/openid/consumer/html_parse.rb +134 -0
data/lib/openid/consumer/idres.rb +523 -0
data/lib/openid/consumer/responses.rb +150 -0
data/lib/openid/cryptutil.rb +115 -0
data/lib/openid/dh.rb +89 -0
data/lib/openid/extension.rb +39 -0
data/lib/openid/extensions/ax.rb +539 -0
data/lib/openid/extensions/oauth.rb +91 -0
data/lib/openid/extensions/pape.rb +179 -0
data/lib/openid/extensions/sreg.rb +277 -0
data/lib/openid/extras.rb +11 -0
data/lib/openid/fetchers.rb +258 -0
data/lib/openid/kvform.rb +136 -0
data/lib/openid/kvpost.rb +58 -0
data/lib/openid/message.rb +553 -0
data/lib/openid/protocolerror.rb +12 -0
data/lib/openid/server.rb +1544 -0
data/lib/openid/store.rb +10 -0
data/lib/openid/store/filesystem.rb +272 -0
data/lib/openid/store/interface.rb +75 -0
data/lib/openid/store/memcache.rb +109 -0
data/lib/openid/store/memory.rb +84 -0
data/lib/openid/store/nonce.rb +68 -0
data/lib/openid/trustroot.rb +349 -0
data/lib/openid/urinorm.rb +75 -0
data/lib/openid/util.rb +119 -0
data/lib/openid/version.rb +3 -0
data/lib/openid/yadis.rb +15 -0
data/lib/openid/yadis/accept.rb +148 -0
data/lib/openid/yadis/constants.rb +21 -0
data/lib/openid/yadis/discovery.rb +153 -0
data/lib/openid/yadis/filters.rb +205 -0
data/lib/openid/yadis/htmltokenizer.rb +305 -0
data/lib/openid/yadis/parsehtml.rb +45 -0
data/lib/openid/yadis/services.rb +42 -0
data/lib/openid/yadis/xrds.rb +155 -0
data/lib/openid/yadis/xri.rb +90 -0
data/lib/openid/yadis/xrires.rb +91 -0
data/test/data/test_discover/openid_utf8.html +11 -0
data/test/support/test_data_mixin.rb +127 -0
data/test/support/test_util.rb +53 -0
data/test/support/yadis_data.rb +131 -0
data/test/support/yadis_data/accept.txt +124 -0
data/test/support/yadis_data/dh.txt +29 -0
data/test/support/yadis_data/example-xrds.xml +14 -0
data/test/support/yadis_data/linkparse.txt +587 -0
data/test/support/yadis_data/n2b64 +650 -0
data/test/support/yadis_data/test1-discover.txt +137 -0
data/test/support/yadis_data/test1-parsehtml.txt +152 -0
data/test/support/yadis_data/test_discover/malformed_meta_tag.html +19 -0
data/test/support/yadis_data/test_discover/openid.html +11 -0
data/test/support/yadis_data/test_discover/openid2.html +11 -0
data/test/support/yadis_data/test_discover/openid2_xrds.xml +12 -0
data/test/support/yadis_data/test_discover/openid2_xrds_no_local_id.xml +11 -0
data/test/support/yadis_data/test_discover/openid_1_and_2.html +11 -0
data/test/support/yadis_data/test_discover/openid_1_and_2_xrds.xml +16 -0
data/test/support/yadis_data/test_discover/openid_1_and_2_xrds_bad_delegate.xml +17 -0
data/test/support/yadis_data/test_discover/openid_and_yadis.html +12 -0
data/test/support/yadis_data/test_discover/openid_no_delegate.html +10 -0
data/test/support/yadis_data/test_discover/openid_utf8.html +11 -0
data/test/support/yadis_data/test_discover/yadis_0entries.xml +12 -0
data/test/support/yadis_data/test_discover/yadis_2_bad_local_id.xml +15 -0
data/test/support/yadis_data/test_discover/yadis_2entries_delegate.xml +22 -0
data/test/support/yadis_data/test_discover/yadis_2entries_idp.xml +21 -0
data/test/support/yadis_data/test_discover/yadis_another_delegate.xml +14 -0
data/test/support/yadis_data/test_discover/yadis_idp.xml +12 -0
data/test/support/yadis_data/test_discover/yadis_idp_delegate.xml +13 -0
data/test/support/yadis_data/test_discover/yadis_no_delegate.xml +11 -0
data/test/support/yadis_data/test_xrds/=j3h.2007.11.14.xrds +25 -0
data/test/support/yadis_data/test_xrds/README +12 -0
data/test/support/yadis_data/test_xrds/delegated-20060809-r1.xrds +34 -0
data/test/support/yadis_data/test_xrds/delegated-20060809-r2.xrds +34 -0
data/test/support/yadis_data/test_xrds/delegated-20060809.xrds +34 -0
data/test/support/yadis_data/test_xrds/no-xrd.xml +7 -0
data/test/support/yadis_data/test_xrds/not-xrds.xml +2 -0
data/test/support/yadis_data/test_xrds/prefixsometimes.xrds +34 -0
data/test/support/yadis_data/test_xrds/ref.xrds +109 -0
data/test/support/yadis_data/test_xrds/sometimesprefix.xrds +34 -0
data/test/support/yadis_data/test_xrds/spoof1.xrds +25 -0
data/test/support/yadis_data/test_xrds/spoof2.xrds +25 -0
data/test/support/yadis_data/test_xrds/spoof3.xrds +37 -0
data/test/support/yadis_data/test_xrds/status222.xrds +9 -0
data/test/support/yadis_data/test_xrds/subsegments.xrds +58 -0
data/test/support/yadis_data/test_xrds/valid-populated-xrds.xml +39 -0
data/test/support/yadis_data/trustroot.txt +153 -0
data/test/support/yadis_data/urinorm.txt +79 -0
data/test/test_accept.rb +170 -0
data/test/test_association.rb +268 -0
data/test/test_associationmanager.rb +918 -0
data/test/test_ax.rb +690 -0
data/test/test_checkid_request.rb +293 -0
data/test/test_consumer.rb +260 -0
data/test/test_cryptutil.rb +119 -0
data/test/test_dh.rb +85 -0
data/test/test_discover.rb +848 -0
data/test/test_discovery_manager.rb +259 -0
data/test/test_extension.rb +46 -0
data/test/test_extras.rb +35 -0
data/test/test_fetchers.rb +554 -0
data/test/test_filters.rb +269 -0
data/test/test_helper.rb +4 -0
data/test/test_idres.rb +961 -0
data/test/test_kvform.rb +164 -0
data/test/test_kvpost.rb +64 -0
data/test/test_linkparse.rb +100 -0
data/test/test_message.rb +1115 -0
data/test/test_nonce.rb +89 -0
data/test/test_oauth.rb +176 -0
data/test/test_openid_yadis.rb +177 -0
data/test/test_pape.rb +248 -0
data/test/test_parsehtml.rb +79 -0
data/test/test_responses.rb +63 -0
data/test/test_server.rb +2455 -0
data/test/test_sreg.rb +479 -0
data/test/test_stores.rb +292 -0
data/test/test_trustroot.rb +111 -0
data/test/test_urinorm.rb +34 -0
data/test/test_util.rb +145 -0
data/test/test_xrds.rb +167 -0
data/test/test_xri.rb +48 -0
data/test/test_xrires.rb +67 -0
data/test/test_yadis_discovery.rb +218 -0
metadata +268 -0

data/test/test_checkid_request.rb ADDED

@@ -0,0 +1,293 @@
+require 'test_helper'
+require 'support/test_util'
+require "openid/consumer/checkid_request"
+require "openid/message"
+module OpenID
+  class Consumer
+    class CheckIDRequest
+      class DummyEndpoint
+        attr_accessor :preferred_namespace, :local_id, :server_url,
+          :is_op_identifier, :claimed_id
+        def initialize
+          @preferred_namespace = nil
+          @local_id = nil
+          @server_url = nil
+          @is_op_identifier = false
+        end
+        def get_local_id
+          @local_id
+        end
+        def compatibility_mode
+          @preferred_namespace == OPENID1_NS
+        end
+      end
+      module CheckIDTestMixin
+        include TestUtil
+        def setup
+          @endpoint = DummyEndpoint.new
+          @endpoint.local_id = 'http://server.unittest/joe'
+          @endpoint.claimed_id = 'http://joe.vanity.example/'
+          @endpoint.server_url = 'http://server.unittest/'
+          @endpoint.preferred_namespace = preferred_namespace
+          @realm = 'http://example/'
+          @return_to = 'http://example/return/'
+          @assoc = GoodAssoc.new
+          @checkid_req = CheckIDRequest.new(@assoc, @endpoint)
+        end
+        def assert_has_identifiers(msg, local_id, claimed_id)
+          assert_openid_value_equal(msg, 'identity', local_id)
+          assert_openid_value_equal(msg, 'claimed_id', claimed_id)
+        end
+        def assert_openid_key_exists(msg, key)
+          assert(msg.get_arg(OPENID_NS, key),
+                 "#{key} not present in #{msg.get_args(OPENID_NS).inspect}")
+        end
+        def assert_openid_key_absent(msg, key)
+          assert(msg.get_arg(OPENID_NS, key).nil?)
+        end
+        def assert_openid_value_equal(msg, key, expected)
+          actual = msg.get_arg(OPENID_NS, key, NO_DEFAULT)
+          error_text = ("Expected #{expected.inspect} for openid.#{key} "\
+                        "but got #{actual.inspect}: #{msg.inspect}")
+          assert_equal(expected, actual, error_text)
+        end
+        def assert_anonymous(msg)
+          ['claimed_id', 'identity'].each do |key|
+            assert_openid_key_absent(msg, key)
+          end
+        end
+        def assert_has_required_fields(msg)
+          internal_message = @checkid_req.instance_variable_get(:@message)
+          assert_equal(preferred_namespace,
+                       internal_message.get_openid_namespace)
+          assert_equal(preferred_namespace, msg.get_openid_namespace)
+          assert_openid_value_equal(msg, 'mode', expected_mode)
+          # Implement these in subclasses because they depend on
+          # protocol differences!
+          assert_has_realm(msg)
+          assert_identifiers_present(msg)
+        end
+        # TESTS
+        def test_check_no_assoc_handle
+          @checkid_req.instance_variable_set('@assoc', nil)
+          msg = assert_log_matches("Generated checkid") {
+            @checkid_req.get_message(@realm, @return_to, immediate)
+          }
+          assert_openid_key_absent(msg, 'assoc_handle')
+        end
+        def test_check_with_assoc_handle
+          msg = assert_log_matches("Generated checkid") {
+            @checkid_req.get_message(@realm, @return_to, immediate)
+          }
+          assert_openid_value_equal(msg, 'assoc_handle', @assoc.handle)
+        end
+        def test_add_extension_arg
+          @checkid_req.add_extension_arg('bag:', 'color', 'brown')
+          @checkid_req.add_extension_arg('bag:', 'material', 'paper')
+          assert(@checkid_req.message.namespaces.member?('bag:'))
+          assert_equal(@checkid_req.message.get_args('bag:'),
+                       {'color' => 'brown', 'material' => 'paper'})
+          msg = assert_log_matches("Generated checkid") {
+            @checkid_req.get_message(@realm, @return_to, immediate)
+          }
+          # XXX: this depends on the way that Message assigns
+          # namespaces. Really it doesn't care that it has alias "0",
+          # but that is tested anyway
+          post_args = msg.to_post_args()
+          assert_equal('brown', post_args['openid.ext0.color'])
+          assert_equal('paper', post_args['openid.ext0.material'])
+        end
+        def test_standard
+          msg = assert_log_matches('Generated checkid') {
+            @checkid_req.get_message(@realm, @return_to, immediate)
+          }
+          assert_has_identifiers(msg, @endpoint.local_id, @endpoint.claimed_id)
+        end
+        def test_send_redirect?
+          silence_logging {
+            url = @checkid_req.redirect_url(@realm, @return_to, immediate)
+            assert(url.length < OPENID1_URL_LIMIT)
+            assert(@checkid_req.send_redirect?(@realm, @return_to, immediate))
+            @return_to << '/foo' * 1000
+            url = @checkid_req.redirect_url(@realm, @return_to, immediate)
+            assert(url.length > OPENID1_URL_LIMIT)
+            actual = @checkid_req.send_redirect?(@realm, @return_to, immediate)
+            expected = preferred_namespace != OPENID2_NS
+            assert_equal(expected, actual)
+          }
+        end
+      end
+      class TestCheckIDRequestOpenID2 < Test::Unit::TestCase
+        include CheckIDTestMixin
+        def immediate
+          false
+        end
+        def expected_mode
+          'checkid_setup'
+        end
+        def preferred_namespace
+          OPENID2_NS
+        end
+        # check presence of proper realm key and absence of the wrong
+        # one.
+        def assert_has_realm(msg)
+          assert_openid_value_equal(msg, 'realm', @realm)
+          assert_openid_key_absent(msg, 'trust_root')
+        end
+        def assert_identifiers_present(msg)
+          identity_present = msg.has_key?(OPENID_NS, 'identity')
+          claimed_present = msg.has_key?(OPENID_NS, 'claimed_id')
+          assert_equal(claimed_present, identity_present)
+        end
+        # OpenID Checkid_Requests should be able to set 'anonymous' to true.
+        def test_set_anonymous_works_for_openid2
+          assert(@checkid_req.message.is_openid2)
+          assert_nothing_raised {@checkid_req.anonymous = true}
+          assert_nothing_raised {@checkid_req.anonymous = false}
+        end
+        def test_user_anonymous_ignores_identfier
+          @checkid_req.anonymous = true
+          msg = assert_log_matches('Generated checkid') {
+            @checkid_req.get_message(@realm, @return_to, immediate)
+          }
+          assert_has_required_fields(msg)
+          assert_anonymous(msg)
+        end
+        def test_op_anonymous_ignores_identifier
+          @endpoint.is_op_identifier = true
+          @checkid_req.anonymous = true
+          msg = assert_log_matches('Generated checkid') {
+            @checkid_req.get_message(@realm, @return_to, immediate)
+          }
+          assert_has_required_fields(msg)
+          assert_anonymous(msg)
+        end
+        def test_op_identifier_sends_identifier_select
+          @endpoint.is_op_identifier = true
+          msg = assert_log_matches('Generated checkid') {
+            @checkid_req.get_message(@realm, @return_to, immediate)
+          }
+          assert_has_required_fields(msg)
+          assert_has_identifiers(msg, IDENTIFIER_SELECT, IDENTIFIER_SELECT)
+        end
+      end
+      class TestCheckIDRequestOpenID1 < Test::Unit::TestCase
+        include CheckIDTestMixin
+        def immediate
+          false
+        end
+        def preferred_namespace
+          OPENID1_NS
+        end
+        def expected_mode
+          'checkid_setup'
+        end
+        # Make sure claimed_is is *absent* in request.
+        def assert_has_identifiers(msg, op_specific_id, claimed_id)
+          assert_openid_value_equal(msg, 'identity', op_specific_id)
+          assert_openid_key_absent(msg, 'claimed_id')
+        end
+        def assert_identifiers_present(msg)
+          assert_openid_key_absent(msg, 'claimed_id')
+          assert(msg.has_key?(OPENID_NS, 'identity'))
+        end
+        # check presence of proper realm key and absence of the wrong
+        # one.
+        def assert_has_realm(msg)
+          assert_openid_value_equal(msg, 'trust_root', @realm)
+          assert_openid_key_absent(msg, 'realm')
+        end
+        # TESTS
+        # OpenID 1 requests MUST NOT be able to set anonymous to true
+        def test_set_anonymous_fails_for_openid1
+          assert(@checkid_req.message.is_openid1)
+          assert_raises(ArgumentError) {
+            @checkid_req.anonymous = true
+          }
+          assert_nothing_raised{
+            @checkid_req.anonymous = false
+          }
+        end
+        # Identfier select SHOULD NOT be sent, but this pathway is in
+        # here in case some special discovery stuff is done to trigger
+        # it with OpenID 1. If it is triggered, it will send
+        # identifier_select just like OpenID 2.
+        def test_identifier_select
+          @endpoint.is_op_identifier = true
+          msg = assert_log_matches('Generated checkid') {
+            @checkid_req.get_message(@realm, @return_to, immediate)
+          }
+          assert_has_required_fields(msg)
+          assert_equal(IDENTIFIER_SELECT,
+                       msg.get_arg(OPENID1_NS, 'identity'))
+        end
+      end
+      class TestCheckIDRequestOpenID1Immediate < TestCheckIDRequestOpenID1
+        def immediate
+          true
+        end
+        def expected_mode
+          'checkid_immediate'
+        end
+      end
+      class TestCheckid_RequestOpenID2Immediate < TestCheckIDRequestOpenID2
+        def immediate
+          true
+        end
+        def expected_mode
+          'checkid_immediate'
+        end
+      end
+    end
+  end
+end

data/test/test_consumer.rb ADDED

@@ -0,0 +1,260 @@
+require 'test_helper'
+require 'support/test_util'
+require "openid/consumer"
+module OpenID
+  class Consumer
+    module TestConsumer
+      class TestLastEndpoint < Test::Unit::TestCase
+        def test_set_get
+          session = {}
+          consumer = Consumer.new(session, nil)
+          consumer.send(:last_requested_endpoint=, :endpoint)
+          ep = consumer.send(:last_requested_endpoint)
+          assert_equal(:endpoint, ep)
+          ep = consumer.send(:last_requested_endpoint)
+          assert_equal(:endpoint, ep)
+          consumer.send(:cleanup_last_requested_endpoint)
+          ep = consumer.send(:last_requested_endpoint)
+          assert_equal(nil, ep)
+        end
+      end
+      class TestBegin < Test::Unit::TestCase
+        attr_accessor :user_input, :anonymous, :services,
+          :discovered_identifier, :checkid_request, :service
+        def setup
+          @discovered_identifier = 'http://discovered/'
+          @user_input = 'user.input'
+          @service = :service
+          @services = [@service]
+          @session = {}
+          @anonymous = false
+          @checkid_request = :checkid_request
+        end
+        def consumer
+          test = self
+          consumer = Consumer.new(@session, nil)
+          consumer.extend(InstanceDefExtension)
+          consumer.instance_def(:discover) do |identifier|
+            test.assert_equal(test.user_input, identifier)
+            [test.discovered_identifier, test.services]
+          end
+          consumer.instance_def(:begin_without_discovery) do
+            |service, sent_anonymous|
+            test.assert_equal(test.service, service)
+            test.assert_equal(test.anonymous, sent_anonymous)
+            test.checkid_request
+          end
+          consumer
+        end
+        def test_begin
+          checkid_request = consumer.begin(@user_input, @anonymous)
+          assert_equal(:checkid_request, checkid_request)
+          assert_equal(['OpenID::Consumer::DiscoveredServices::'\
+                        'OpenID::Consumer::'], @session.keys.sort!)
+        end
+        def test_begin_failure
+          @services = []
+          assert_raises(DiscoveryFailure) {
+            consumer.begin(@user_input, @anonymous)
+          }
+        end
+        def test_begin_fallback
+          @services = [:service1, :service2]
+          consumer = self.consumer
+          @service = :service1
+          consumer.begin(@user_input, @anonymous)
+          @service = :service2
+          consumer.begin(@user_input, @anonymous)
+          @service = :service1
+          consumer.begin(@user_input, @anonymous)
+          @service = :service2
+          consumer.begin(@user_input, @anonymous)
+        end
+      end
+      class TestBeginWithoutDiscovery < Test::Unit::TestCase
+        attr_reader :assoc
+        def setup
+          @session = {}
+          @assoc = :assoc
+          @service = OpenIDServiceEndpoint.new
+          @claimed_id = 'http://claimed.id/'
+          @service.claimed_id = @claimed_id
+          @anonymous = false
+        end
+        def consumer
+          test = self
+          assoc_manager = Object.new
+          assoc_manager.extend(InstanceDefExtension)
+          assoc_manager.instance_def(:get_association) do
+            test.assoc
+          end
+          consumer = Consumer.new(@session, nil)
+          consumer.extend(InstanceDefExtension)
+          consumer.instance_def(:association_manager) do |service|
+            assoc_manager
+          end
+          consumer
+        end
+        def call_begin_without_discovery
+          result = consumer.begin_without_discovery(@service, @anonymous)
+          assert(result.instance_of?(CheckIDRequest))
+          assert_equal(@anonymous, result.anonymous)
+          assert_equal(@service, consumer.send(:last_requested_endpoint))
+          assert_equal(result.instance_variable_get(:@assoc), @assoc)
+          return result
+        end
+        def cid_name
+          Consumer.openid1_return_to_claimed_id_name
+        end
+        def nonce_name
+          Consumer.openid1_return_to_nonce_name
+        end
+        def test_begin_without_openid1
+          result = call_begin_without_discovery
+          assert_equal(@claimed_id, result.return_to_args[cid_name])
+          assert_equal([cid_name, nonce_name].sort!,
+                       result.return_to_args.keys.sort!)
+        end
+        def test_begin_without_openid1_anonymous
+          @anonymous = true
+          assert_raises(ArgumentError) {
+            call_begin_without_discovery
+          }
+        end
+        def test_begin_without_openid2
+          @service.type_uris = [OPENID_2_0_TYPE]
+          result = call_begin_without_discovery
+          assert(result.return_to_args.empty?)
+        end
+        def test_begin_without_openid2_anonymous
+          @anonymous = true
+          @service.type_uris = [OPENID_2_0_TYPE]
+          result = call_begin_without_discovery
+          assert(result.return_to_args.empty?)
+        end
+      end
+      class TestComplete < Test::Unit::TestCase
+        def setup
+          @session = {}
+          @consumer = Consumer.new(@session, nil)
+        end
+        def test_bad_mode
+          response = @consumer.complete({'openid.ns' => OPENID2_NS,
+                                        'openid.mode' => 'bad'}, nil)
+          assert_equal(FAILURE, response.status)
+        end
+        def test_missing_mode
+          response = @consumer.complete({'openid.ns' => OPENID2_NS}, nil)
+          assert_equal(FAILURE, response.status)
+        end
+        def test_cancel
+          response = @consumer.complete({'openid.mode' => 'cancel'}, nil)
+          assert_equal(CANCEL, response.status)
+        end
+        def test_setup_needed_openid1
+          response = @consumer.complete({'openid.mode' => 'setup_needed'}, nil)
+          assert_equal(FAILURE, response.status)
+        end
+        def test_setup_needed_openid2
+          setup_url = 'http://setup.url/'
+          args = {'openid.ns' => OPENID2_NS, 'openid.mode' => 'setup_needed', 'openid.user_setup_url' => setup_url}
+          response = @consumer.complete(args, nil)
+          assert_equal(SETUP_NEEDED, response.status)
+          assert_equal(setup_url, response.setup_url)
+        end
+        def test_idres_setup_needed_openid1
+          setup_url = 'http://setup.url/'
+          args = {
+            'openid.user_setup_url' => setup_url,
+            'openid.mode' => 'id_res',
+          }
+          response = @consumer.complete(args, nil)
+          assert_equal(SETUP_NEEDED, response.status)
+          assert_equal(setup_url, response.setup_url)
+        end
+        def test_error
+          contact = 'me'
+          reference = 'thing thing'
+          args = {
+            'openid.mode' => 'error',
+            'openid.contact' => contact,
+            'openid.reference' => reference,
+          }
+          response = @consumer.complete(args, nil)
+          assert_equal(FAILURE, response.status)
+          assert_equal(contact, response.contact)
+          assert_equal(reference, response.reference)
+          args['openid.ns'] = OPENID2_NS
+          response = @consumer.complete(args, nil)
+          assert_equal(FAILURE, response.status)
+          assert_equal(contact, response.contact)
+          assert_equal(reference, response.reference)
+        end
+        def test_idres_openid1
+          args = {
+            'openid.mode' => 'id_res',
+          }
+          endpoint = OpenIDServiceEndpoint.new
+          endpoint.claimed_id = :test_claimed_id
+          idres = Object.new
+          idres.extend(InstanceDefExtension)
+          idres.instance_def(:endpoint){endpoint}
+          idres.instance_def(:signed_fields){:test_signed_fields}
+          test = self
+          @consumer.extend(InstanceDefExtension)
+          @consumer.instance_def(:handle_idres) {|message, return_to|
+            test.assert_equal(args, message.to_post_args)
+            test.assert_equal(:test_return_to, return_to)
+            idres
+          }
+          response = @consumer.complete(args, :test_return_to)
+          assert_equal(SUCCESS, response.status, response.message)
+          assert_equal(:test_claimed_id, response.identity_url)
+          assert_equal(endpoint, response.endpoint)
+          error_message = "In Soviet Russia, id_res handles you!"
+          @consumer.instance_def(:handle_idres) {|message, return_to|
+            raise ProtocolError, error_message
+          }
+          response = @consumer.complete(args, :test_return_to)
+          assert_equal(FAILURE, response.status)
+          assert_equal(error_message, response.message)
+        end
+      end
+    end
+  end
+end