nov-ruby-openid 2.1.9

data/test/data/test_xrds/spoof1.xrds

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<XRDS ref="xri://=keturn*isDrummond" xmlns="xri://$xrds">
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*keturn</Query>
+ <ProviderID>xri://=</ProviderID>
+ <LocalID>!E4</LocalID>
+ <CanonicalID>=!E4</CanonicalID>
+
+ <Service>
+   <Type>xri://$res*auth*($v*2.0)</Type>
+   <URI>http://keturn.example.com/resolve/</URI>
+   <ProviderID>=!E4</ProviderID>
+ </Service>
+ </XRD>
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+  <Query>*isDrummond</Query>
+  <ProviderID>=!E4</ProviderID>
+  <LocalID>!D2</LocalID>
+  <CanonicalID>=!D2</CanonicalID>
+  <Service>
+    <Type>http://openid.net/signon/1.0</Type>
+    <URI>http://keturn.example.com/openid</URI>
+  </Service>
+ </XRD>
+</XRDS>

data/test/data/test_xrds/spoof2.xrds

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<XRDS ref="xri://=keturn*isDrummond" xmlns="xri://$xrds">
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*keturn</Query>
+ <ProviderID>xri://=</ProviderID>
+ <LocalID>!E4</LocalID>
+ <CanonicalID>=!E4</CanonicalID>
+
+ <Service>
+   <Type>xri://$res*auth*($v*2.0)</Type>
+   <URI>http://keturn.example.com/resolve/</URI>
+   <ProviderID>xri://=</ProviderID>
+ </Service>
+ </XRD>
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+  <Query>*isDrummond</Query>
+  <ProviderID>xri://=</ProviderID>
+  <LocalID>!D2</LocalID>
+  <CanonicalID>=!D2</CanonicalID>
+  <Service>
+    <Type>http://openid.net/signon/1.0</Type>
+    <URI>http://keturn.example.com/openid</URI>
+  </Service>
+ </XRD>
+</XRDS>

data/test/data/test_xrds/spoof3.xrds

@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<XRDS ref="xri://=keturn*isDrummond" xmlns="xri://$xrds">
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+ <Query>*keturn</Query>
+ <ProviderID>xri://@</ProviderID>
+ <LocalID>@E4</LocalID>
+ <CanonicalID>@!E4</CanonicalID>
+
+ <Service>
+   <Type>xri://$res*auth*($v*2.0)</Type>
+   <URI>http://keturn.example.com/resolve/</URI>
+   <ProviderID>@!E4</ProviderID>
+ </Service>
+ </XRD>
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+  <Query>*is</Query>
+  <ProviderID>@!E4</ProviderID>
+  <LocalID>!D2</LocalID>
+  <CanonicalID>=!C0</CanonicalID>
+  <CanonicalID>=!E4!01</CanonicalID>
+  <Service>
+    <Type>xri://$res*auth*($v*2.0)</Type>
+    <URI>http://keturn.example.com/resolve/</URI>
+    <ProviderID>@!C0</ProviderID>
+  </Service>
+ </XRD>
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+  <Query>*drummond</Query>
+  <ProviderID>@!C0</ProviderID>
+  <LocalID>!D2</LocalID>
+  <CanonicalID>@!C0!D2</CanonicalID>
+  <Service>
+    <Type>http://openid.net/signon/1.0</Type>
+    <URI>http://keturn.example.com/openid</URI>
+  </Service>
+ </XRD>
+</XRDS>

data/test/data/test_xrds/status222.xrds

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<XRDS ref="xri://=x" xmlns="xri://$xrds">
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+  <Query>*x</Query>
+  <Status code="222">The subsegment does not exist</Status>
+  <Expires>2006-08-18T00:02:35.000Z</Expires>
+  <ProviderID>xri://=</ProviderID>
+ </XRD>
+</XRDS>

data/test/data/test_xrds/subsegments.xrds

@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<XRDS ref="xri://=nishitani*masaki" xmlns="xri://$xrds">
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+  <Query>*nishitani</Query>
+  <Status code="100"/>
+  <Expires>2007-12-25T11:33:39.000Z</Expires>
+  <ProviderID>xri://=</ProviderID>
+  <LocalID priority="10">!E117.EF2F.454B.C707</LocalID>
+  <CanonicalID priority="10">=!E117.EF2F.454B.C707</CanonicalID>
+  <Service priority="10">
+   <Type select="true">http://openid.net/signon/1.0</Type>
+   <ProviderID>xri://!!1003!103</ProviderID>
+   <URI append="none" priority="1">https://linksafe.ezibroker.net/server/</URI>
+  </Service>
+  <Service priority="10">
+   <Type select="true">xri://$res*auth*($v*2.0)</Type>
+   <ProviderID>xri://!!1003!103</ProviderID>
+   <MediaType>application/xrds+xml;trust=none</MediaType>
+   <URI priority="10">http://resolve.ezibroker.net/resolve/=nishitani/</URI>
+  </Service>
+  <Service priority="1">
+   <Type match="content" select="true">xri://+i-service*(+forwarding)*($v*1.0)</Type>
+   <Type match="null" select="false"/>
+   <ProviderID>xri://!!1003!103</ProviderID>
+   <Path match="content">(+index)</Path>
+   <Path match="default"/>
+   <URI append="qxri" priority="1">http://linksafe-forward.ezibroker.net/forwarding/</URI>
+  </Service>
+ </XRD>
+ <XRD xmlns="xri://$xrd*($v*2.0)">
+  <Query>*masaki</Query>
+  <Status code="100">SUCCESS</Status>
+  <ProviderID>xri://!!1003</ProviderID>
+  <LocalID>!0000.0000.3B9A.CA01</LocalID>
+  <CanonicalID>=!E117.EF2F.454B.C707!0000.0000.3B9A.CA01</CanonicalID>
+  <Service>
+   <Type select="true">http://openid.net/signon/1.0</Type>
+   <ProviderID>xri://!!1003!103</ProviderID>
+   <URI append="none" priority="1">https://linksafe.ezibroker.net/server/</URI>
+  </Service>
+  <Service>
+   <Type select="true">xri://+i-service*(+contact)*($v*1.0)</Type>
+   <Type match="null"/>
+   <ProviderID>xri://!!1003!103</ProviderID>
+   <Path select="true">(+contact)</Path>
+   <Path match="null"/>
+   <URI append="authority" priority="1">http://linksafe-contact.ezibroker.net/contact/</URI>
+  </Service>
+  <Service priority="1">
+   <Type match="content" select="true">xri://+i-service*(+forwarding)*($v*1.0)</Type>
+   <Type match="null" select="false"/>
+   <ProviderID>xri://!!1003!103</ProviderID>
+   <Path match="content">(+index)</Path>
+   <Path match="default"/>
+   <URI append="qxri" priority="1">http://linksafe-forward.ezibroker.net/forwarding/</URI>
+  </Service>
+ </XRD>
+</XRDS>

data/test/data/test_xrds/valid-populated-xrds.xml

@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xrds:XRDS
+    xmlns:xrds="xri://$xrds"
+    xmlns:openid="http://openid.net/xmlns/1.0"
+    xmlns:typekey="http://typekey.com/xmlns/1.0"
+    xmlns="xri://$xrd*($v*2.0)">
+  <XRD>
+
+    <Service priority="0">
+      <Type>http://openid.net/signon/1.0</Type>
+      <URI>http://www.myopenid.com/server</URI>
+      <openid:Delegate>http://josh.myopenid.com/</openid:Delegate>
+    </Service>
+
+    <Service priority="20">
+      <Type>http://lid.netmesh.org/sso/2.0b5</Type>
+      <Type>http://lid.netmesh.org/2.0b5</Type>
+      <URI>http://mylid.net/josh</URI>
+    </Service>
+
+    <Service priority="10">
+      <Type>http://openid.net/signon/1.0</Type>
+      <URI>http://www.livejournal.com/openid/server.bml</URI>
+      <openid:Delegate>http://www.livejournal.com/users/nedthealpaca/</openid:Delegate>
+    </Service>
+
+    <Service priority="15">
+      <Type>http://typekey.com/services/1.0</Type>
+      <typekey:MemberName>joshhoyt</typekey:MemberName>
+    </Service>
+
+    <Service priority="5">
+      <Type>http://openid.net/signon/1.0</Type>
+      <URI>http://www.schtuff.com/openid</URI>
+      <openid:Delegate>http://users.schtuff.com/josh</openid:Delegate>
+    </Service>
+
+  </XRD>
+</xrds:XRDS>

data/test/data/trustroot.txt

@@ -0,0 +1,153 @@
+========================================
+Trust root parsing checking
+========================================
+
+----------------------------------------
+23: Does not parse
+----------------------------------------
+baz.org
+*.foo.com
+http://*.schtuff.*/
+ftp://foo.com
+ftp://*.foo.com
+http://*.foo.com:80:90/
+foo.*.com
+http://foo.*.com
+http://www.*
+http://*foo.com/
+http://foo.com/invalid#fragment
+http://..it/
+http://.it/
+http://*:8081/
+http://*:80
+http://localhost:1900foo/
+http://foo.com\/
+http://π.pi.com/
+http://lambda.com/Λ
+
+ 
+ 	
+5
+
+----------------------------------------
+14: Insane
+----------------------------------------
+http:///
+http://*/
+https://*/
+http://*.com
+http://*.com/
+https://*.com/
+http://*.com.au/
+http://*.co.uk/
+http://*.foo.notatld/
+https://*.foo.notatld/
+http://*.museum/
+https://*.museum/
+http://www.schtuffcom/
+http://it/
+
+----------------------------------------
+18: Sane
+----------------------------------------
+http://*.schtuff.com./
+http://*.schtuff.com/
+http://*.foo.schtuff.com/
+http://*.schtuff.com
+http://www.schtuff.com/
+http://www.schtuff.com./
+http://www.schutff.com
+http://*.this.that.schtuff.com/
+http://*.foo.com/path
+http://*.foo.com/path?action=foo2
+http://x.foo.com/path?action=foo2
+http://x.foo.com/path?action=%3D
+http://localhost:8081/
+http://localhost:8082/?action=openid
+https://foo.com/
+http://kink.fm/should/be/sane
+http://beta.lingu.no/
+http://goathack.livejournal.org:8020/openid/login.bml
+
+========================================
+return_to matching
+========================================
+
+----------------------------------------
+46: matches
+----------------------------------------
+http://*/                             http://cnn.com/
+http://*/                             http://livejournal.com/
+http://*/                             http://met.museum/
+http://localhost:8081/x?action=openid http://localhost:8081/x?action=openid
+http://*.foo.com                      http://b.foo.com
+http://*.foo.com                      http://b.foo.com/
+http://*.foo.com/                     http://b.foo.com
+http://b.foo.com                      http://b.foo.com
+http://b.foo.com                      http://b.foo.com/
+http://b.foo.com/                     http://b.foo.com
+http://*.b.foo.com                    http://b.foo.com
+http://*.b.foo.com                    http://b.foo.com/
+http://*.b.foo.com/                   http://b.foo.com
+http://*.b.foo.com                    http://x.b.foo.com
+http://*.b.foo.com                    http://w.x.b.foo.com
+http://*.bar.co.uk                    http://www.bar.co.uk
+http://*.uoregon.edu                  http://x.cs.uoregon.edu
+http://x.com/abc                      http://x.com/abc
+http://x.com/abc                      http://x.com/abc/def
+http://10.0.0.1/abc                   http://10.0.0.1/abc
+http://*.x.com                        http://x.com/gallery
+http://*.x.com                        http://foo.x.com/gallery
+http://foo.x.com                      http://foo.x.com/gallery/xxx
+http://*.x.com/gallery                http://foo.x.com/gallery
+http://localhost:8082/?action=openid  http://localhost:8082/?action=openid
+http://goathack.livejournal.org:8020/ http://goathack.livejournal.org:8020/openid/login.bml
+https://foo.com                       https://foo.com
+http://Foo.com                        http://foo.com
+http://foo.com                        http://Foo.com
+http://foo.com:80/                    http://foo.com/
+http://foo.com/?x=y                   http://foo.com/?x=y&a=b
+http://foo.com/x                      http://foo.com/x?y
+http://mylid.net/j3h.                 http://mylid.net/j3h.?x=y
+http://j3h.us                         http://j3h.us?ride=unicycle
+https://www.filmclans.com:443/mattmartin/FilmClans https://www.filmclans.com/mattmartin/FilmClans/Logon.aspx?nonce=BVjqSOee
+http://foo.com:80                     http://foo.com
+http://foo.com                        http://foo.com:80
+http://foo.com                        http://foo.com/
+http://foo.com/                       http://foo.com
+http://foo.com/                       http://foo.com:80
+http://foo.com:80/                    http://foo.com:80/stuff
+http://foo.com:80/                    http://foo.com/stuff
+http://foo.com/path                   http://foo.com/path/extra
+http://foo.com/path2                  http://foo.com/path2?extra=query
+http://foo.com/path2                  http://foo.com/path2/?extra=query
+http://foo.com/                       HTTP://foo.com/
+
+----------------------------------------
+25: does not match
+----------------------------------------
+http://*/                             ftp://foo.com/
+http://*/                             xxx
+http://foo.com/                       http://oo.com/
+http://*.x.com/abc                    http://foo.x.com
+http://*.x.com/abc                    http://*.x.com
+http://*.com/                         http://*.com/
+http://x.com/abc                      http://x.com/
+http://x.com/abc                      http://x.com/a
+http://x.com/abc                      http://x.com/ab
+http://x.com/abc                      http://x.com/abcd
+http://*.cs.uoregon.edu               http://x.uoregon.edu
+http://*.foo.com                      http://bar.com
+http://*.foo.com                      http://www.bar.com
+http://*.bar.co.uk                    http://xxx.co.uk
+https://foo.com                       http://foo.com
+http://foo.com                        https://foo.com
+http://foo.com:81                     http://foo.com:80
+http://foo.com/?a=b                   http://foo.com/?x=y
+http://foo.com/?a=b                   http://foo.com/?x=y&a=b
+http://foo.com/?a=b                   http://foo.com/
+http://*.oo.com/                      http://foo.com/
+http://foo.com/*                      http://foo.com/anything
+http://foo.com                        http://foo.com:443
+https://foo.com                       https://foo.com:80
+http://foo.com/path/xev               http://foo.com/path?extra=more

data/test/data/urinorm.txt

@@ -0,0 +1,79 @@
+Already normal form
+http://example.com/
+http://example.com/
+
+Add a trailing slash
+http://example.com
+http://example.com/
+
+Remove an empty port segment
+http://example.com:/
+http://example.com/
+
+Remove a default port segment
+http://example.com:80/
+http://example.com/
+
+Capitalization in host names
+http://wWw.exaMPLE.COm/
+http://www.example.com/
+
+Capitalization in scheme names
+htTP://example.com/
+http://example.com/
+
+Capitalization in percent-escaped reserved characters
+http://example.com/foo%2cbar
+http://example.com/foo%2Cbar
+
+Unescape percent-encoded unreserved characters
+http://example.com/foo%2Dbar%2dbaz
+http://example.com/foo-bar-baz
+
+remove_dot_segments example 1
+http://example.com/a/b/c/./../../g
+http://example.com/a/g
+
+remove_dot_segments example 2
+http://example.com/mid/content=5/../6
+http://example.com/mid/6
+
+remove_dot_segments: single-dot
+http://example.com/a/./b
+http://example.com/a/b
+
+remove_dot_segments: double-dot
+http://example.com/a/../b
+http://example.com/b
+
+remove_dot_segments: leading double-dot
+http://example.com/../b
+http://example.com/b
+
+remove_dot_segments: trailing single-dot
+http://example.com/a/.
+http://example.com/a/
+
+remove_dot_segments: trailing double-dot
+http://example.com/a/..
+http://example.com/
+
+remove_dot_segments: trailing single-dot-slash
+http://example.com/a/./
+http://example.com/a/
+
+remove_dot_segments: trailing double-dot-slash
+http://example.com/a/../
+http://example.com/
+
+Test of all kinds of syntax-based normalization
+hTTPS://a/./b/../b/%63/%7bfoo%7d
+https://a/b/c/%7Bfoo%7D
+
+Unsupported scheme
+ftp://example.com/
+fail
+
+Non-absolute URI
+http:/foo
+fail

data/test/discoverdata.rb

@@ -0,0 +1,131 @@
+
+require 'uri'
+require 'openid/yadis/constants'
+require 'openid/yadis/discovery'
+require 'openid/extras'
+require 'openid/util'
+
+module OpenID
+
+  module DiscoverData
+
+    include TestDataMixin
+    include Util
+
+    TESTLIST = [
+                # success,  input_name,          id_name,            result_name
+                [true,  "equiv",             "equiv",            "xrds"],
+                [true,  "header",            "header",           "xrds"],
+                [true,  "lowercase_header",  "lowercase_header", "xrds"],
+                [true,  "xrds",              "xrds",             "xrds"],
+                [true,  "xrds_ctparam",      "xrds_ctparam",     "xrds_ctparam"],
+                [true,  "xrds_ctcase",       "xrds_ctcase",      "xrds_ctcase"],
+                [false, "xrds_html",         "xrds_html",        "xrds_html"],
+                [true,  "redir_equiv",       "equiv",            "xrds"],
+                [true,  "redir_header",      "header",           "xrds"],
+                [true,  "redir_xrds",        "xrds",             "xrds"],
+                [false, "redir_xrds_html",   "xrds_html",        "xrds_html"],
+                [true,  "redir_redir_equiv", "equiv",            "xrds"],
+                [false, "404_server_response", nil,             nil],
+                [false, "404_with_header",     nil,             nil],
+                [false, "404_with_meta",       nil,             nil],
+                [false, "201_server_response", nil,             nil],
+                [false, "500_server_response", nil,             nil],
+             ]
+
+    @@example_xrds_file = 'example-xrds.xml'
+    @@default_test_file = 'test1-discover.txt'
+    @@discover_tests = {}
+
+    def readTests(filename)
+      data = read_data_file(filename, false)
+      tests = {}
+      data.split("\f\n", -1).each { |case_|
+        name, content = case_.split("\n", 2)
+        tests[name] = content
+      }
+
+      return tests
+    end
+
+    def getData(filename, name)
+      if !@@discover_tests.member?(filename)
+        @@discover_tests[filename] = readTests(filename)
+      end
+
+      file_tests = @@discover_tests[filename]
+      return file_tests[name]
+    end
+
+    def fillTemplate(test_name, template, base_url, example_xrds)
+      mapping = [
+                 ['URL_BASE/', base_url],
+                 ['<XRDS Content>', example_xrds],
+                 ['YADIS_HEADER', Yadis::YADIS_HEADER_NAME],
+                 ['NAME', test_name],
+                ]
+
+      mapping.each { |k, v|
+        template = template.gsub(/#{k}/, v)
+      }
+
+      return template
+    end
+
+    def generateSample(test_name, base_url,
+                       example_xrds=nil,
+                       filename=@@default_test_file)
+      if example_xrds.nil?
+        example_xrds = read_data_file(@@example_xrds_file, false)
+      end
+
+      begin
+        template = getData(filename, test_name)
+      rescue Errno::ENOENT
+        raise ArgumentError(filename)
+      end
+
+      return fillTemplate(test_name, template, base_url, example_xrds)
+    end
+
+    def generateResult(base_url, input_name, id_name, result_name, success)
+      uri = URI::parse(base_url)
+
+      input_url = (uri + input_name).to_s
+
+      # If the name is None then we expect the protocol to fail, which
+      # we represent by None
+      if id_name.nil?
+        Util.assert(result_name.nil?)
+        return input_url, DiscoveryFailure
+      end
+
+      result = generateSample(result_name, base_url)
+      headers, content = result.split("\n\n", 2)
+      header_lines = headers.split("\n")
+
+      ctype = nil
+      header_lines.each { |header_line|
+        if header_line.starts_with?('Content-Type:')
+          _, ctype = header_line.split(':', 2)
+          ctype = ctype.strip()
+          break
+        else
+          ctype = nil
+        end
+      }
+
+      id_url = (uri + id_name).to_s
+      result = Yadis::DiscoveryResult.new(input_url)
+      result.normalized_uri = id_url
+
+      if success
+        result.xrds_uri = (uri + result_name).to_s
+      end
+
+      result.content_type = ctype
+      result.response_text = content
+      return [input_url, result]
+    end
+  end
+end