diff --git a/lib/openid/extensions/ax.rb b/lib/openid/extensions/ax.rb index 55eda8e7..4c8e899e 100644 --- a/lib/openid/extensions/ax.rb +++ b/lib/openid/extensions/ax.rb @@ -110,10 +110,12 @@ def self.to_type_uris(namespace_map, alias_list_s) class FetchRequest < AXMessage attr_reader :requested_attributes attr_accessor :update_url + + MODE = 'fetch_request' def initialize(update_url = nil) super() - @mode = 'fetch_request' + @mode = MODE @requested_attributes = {} @update_url = update_url end @@ -180,7 +182,7 @@ def get_required_attrs def self.from_openid_request(oidreq) message = oidreq.message ax_args = message.get_args(NS_URI) - return nil if ax_args == {} + return nil if ax_args == {} or ax_args['mode'] != MODE req = new req.parse_extension_args(ax_args) @@ -467,11 +469,26 @@ def self.from_success_response(success_response, signed=true) # A store request attribute exchange message representation class StoreRequest < KeyValueMessage + + MODE = 'store_request' + def initialize super - @mode = 'store_request' + @mode = MODE end - + + # Extract a StoreRequest from an OpenID message + # message: OpenID::Message + # return a StoreRequest or nil if AX arguments are not present + def self.from_openid_request(oidreq) + message = oidreq.message + ax_args = message.get_args(NS_URI) + return nil if ax_args.empty? or ax_args['mode'] != MODE + req = new + req.parse_extension_args(ax_args) + req + end + def get_extension_args(aliases=nil) ax_args = new_args kv_args = _get_extension_kv_args(aliases) @@ -499,7 +516,13 @@ def initialize(succeeded = true, error_message = nil) end @error_message = error_message end - + + def self.from_success_response(success_response) + resp = nil + ax_args = success_response.message.get_args(NS_URI) + resp = ax_args.key?('error') ? new(false, ax_args['error']) : new + end + def succeeded? @mode == SUCCESS_MODE end diff --git a/test/test_ax.rb b/test/test_ax.rb index c1dcfb1f..2d17c1f5 100644 --- a/test/test_ax.rb +++ b/test/test_ax.rb @@ -371,7 +371,28 @@ def test_from_openid_request_no_ax ax_req = FetchRequest.from_openid_request(openid_req) assert(ax_req.nil?) end - + + def test_from_openid_request_wrong_ax_mode + uri = 'http://under.the.sea/' + name = 'ext0' + value = 'snarfblat' + + message = OpenID::Message.from_openid_args({ + 'mode' => 'id_res', + 'ns' => OPENID2_NS, + 'ns.ax' => AXMessage::NS_URI, + 'ax.update_url' => 'http://example.com/realm/update_path', + 'ax.mode' => 'store_request', + 'ax.type.' + name => uri, + 'ax.count.' + name => '1', + 'ax.value.' + name + '.1' => value + }) + openid_req = Server::OpenIDRequest.new + openid_req.message = message + ax_req = FetchRequest.from_openid_request(openid_req) + assert(ax_req.nil?) + end + def test_openid_update_url_verification_error openid_req_msg = Message.from_openid_args({ 'mode' => 'checkid_setup', @@ -602,7 +623,28 @@ def test_get_extension_args_empty } assert_equal(eargs, @msg.get_extension_args) end - + + def test_from_openid_request_wrong_ax_mode + uri = 'http://under.the.sea/' + name = 'ext0' + value = 'snarfblat' + + message = OpenID::Message.from_openid_args({ + 'mode' => 'id_res', + 'ns' => OPENID2_NS, + 'ns.ax' => AXMessage::NS_URI, + 'ax.update_url' => 'http://example.com/realm/update_path', + 'ax.mode' => 'fetch_request', + 'ax.type.' + name => uri, + 'ax.count.' + name => '1', + 'ax.value.' + name + '.1' => value + }) + openid_req = Server::OpenIDRequest.new + openid_req.message = message + ax_req = StoreRequest.from_openid_request(openid_req) + assert(ax_req.nil?) + end + def test_get_extension_args_nonempty @msg.set_values(@type_a, ['foo','bar']) aliases = NamespaceMap.new