OpenId/Provider.php

Show: PublicProtectedPrivateinherited
Table of Contents
Zend Framework
LICENSE This source file is subject to the new BSD license that is bundled with this package in the file LICENSE.txt. It is also available through the world-wide-web at this URL: http://framework.zend.com/license/new-bsd If you did not receive a copy of the license and are unable to obtain it through the world-wide-web, please send an email to [email protected] so we can send you a copy immediately.
Category
Zend  
Copyright
Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)  
License
New BSD License  
Package
Zend_OpenId  
Subpackage
Zend_OpenId_Provider  
Version
$Id$  

\Zend_OpenId_Provider

Package: Zend_OpenId\Zend_OpenId_Provider
OpenID provider (server) implementation
Category
Zend  
Copyright
Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)  
License
New BSD License  

Properties

>VPropertyprivatestring $_loginUrl
URL to peform interactive user login
Details
Type
string
>VPropertyprivatestring $_opEndpoint
The OP Endpoint URL
Details
Type
string
>VPropertyprivateinteger $_sessionTtl
Time to live of association session in secconds
Details
Type
integer
>VPropertyprivate\Zend_OpenId_Provider_Storage $_storage
Reference to an implementation of storage object
>VPropertyprivatestring $_trustUrl
URL to peform interactive validation of consumer by user
Details
Type
string
>VPropertyprivate\Zend_OpenId_Provider_User $_user
Reference to an implementation of user object

Methods

methodpublic__construct(string $loginUrl = null, string $trustUrl = null, \Zend_OpenId_Provider_User $user = null, \Zend_OpenId_Provider_Storage $storage = null, integer $sessionTtl = 3600) : void

Constructs a Zend_OpenId_Provider object with given parameters.

Parameters
NameTypeDescription
$loginUrlstring

is an URL that provides login screen for end-user (by default it is the same URL with additional GET variable openid.action=login)

$trustUrlstring

is an URL that shows a question if end-user trust to given consumer (by default it is the same URL with additional GET variable openid.action=trust)

$user\Zend_OpenId_Provider_User

is an object for communication with User-Agent and store information about logged-in user (it is a Zend_OpenId_Provider_User_Session object by default)

$storage\Zend_OpenId_Provider_Storage

is an object for keeping persistent database (it is a Zend_OpenId_Provider_Storage_File object by default)

$sessionTtlinteger

is a default time to live for association session in seconds (1 hour by default). Consumer must reestablish association after that time.

methodprotected_associate(float $version, array $params) : array

Processes association request from OpenID consumerm generates secret shared key and send it back using Diffie-Hellman encruption.

Returns array of variables to push back to consumer.
Parameters
NameTypeDescription
$versionfloat

OpenID version

$paramsarray

GET or POST request variables

Returns
TypeDescription
array
methodprotected_checkAuthentication(float $version, array $params) : array

Performs authentication validation for dumb consumers Returns array of variables to push back to consumer.

It MUST contain 'is_valid' variable with value 'true' or 'false'.
Parameters
NameTypeDescription
$versionfloat

OpenID version

$paramsarray

GET or POST request variables

Returns
TypeDescription
array
methodprotected_checkId(float $version, array $params, bool $immediate, mixed $extensions = null, \Zend_Controller_Response_Abstract $response = null) : array

Performs authentication (or authentication check).

Parameters
NameTypeDescription
$versionfloat

OpenID version

$paramsarray

GET or POST request variables

$immediatebool

enables or disables interaction with user

$extensionsmixed

extension object or array of extensions objects

$response\Zend_Controller_Response_Abstract
Returns
TypeDescription
array
methodprotected_genSecret(string $func) : mixed

Generates a secret key for given hash function, returns RAW key or false if function is not supported

Parameters
NameTypeDescription
$funcstring

hash function (sha1 or sha256)

Returns
TypeDescription
mixed
methodprotected_respond(float $version, array $ret, array $params, mixed $extensions = null) : array

Perepares information to send back to consumer's authentication request and signs it using shared secret.

Parameters
NameTypeDescription
$versionfloat

OpenID protcol version

$retarray

arguments to be send back to consumer

$paramsarray

GET or POST request variables

$extensionsmixed

extension object or array of extensions objects

Returns
TypeDescription
array
methodprotected_secureStringCompare(string $a, string $b) : bool

Securely compare two strings for equality while avoided C level memcmp() optimisations capable of leaking timing information useful to an attacker attempting to iteratively guess the unknown string (e.g. password) being compared against.

Parameters
NameTypeDescription
$astring
$bstring
Returns
TypeDescription
bool
methodpublicallowSite(string $root, mixed $extensions = null) : bool

Allows consumer with given root URL to authenticate current logged in user. Returns true on success and false on error.

Parameters
NameTypeDescription
$rootstring

root URL

$extensionsmixed

extension object or array of extensions objects

Returns
TypeDescription
bool
methodpublicdelSite(string $root) : bool

Delete consumer with given root URL from known sites of current logged in user. Next time this consumer will try to authenticate the user, Provider will ask user's confirmation.

Returns true on success and false on error.
Parameters
NameTypeDescription
$rootstring

root URL

Returns
TypeDescription
bool
methodpublicdenySite(string $root) : bool

Prohibit consumer with given root URL to authenticate current logged in user. Returns true on success and false on error.

Parameters
NameTypeDescription
$rootstring

root URL

Returns
TypeDescription
bool
methodpublicgetLoggedInUser() : mixed

Returns identity URL of current logged in user or false

Returns
TypeDescription
mixed
methodpublicgetSiteRoot(array $params) : mixed

Retrieve consumer's root URL from request query.

Returns URL or false in case of failure
Parameters
NameTypeDescription
$paramsarray

query arguments

Returns
TypeDescription
mixed
methodpublicgetTrustedSites() : mixed

Returns list of known consumers for current logged in user or false if he is not logged in.

Returns
TypeDescription
mixed
methodpublichandle(array $params = null, mixed $extensions = null, \Zend_Controller_Response_Abstract $response = null) : mixed

Handles HTTP request from consumer

Parameters
NameTypeDescription
$paramsarray

GET or POST variables. If this parameter is omited or set to null, then $_GET or $_POST superglobal variable is used according to REQUEST_METHOD.

$extensionsmixed

extension object or array of extensions objects

$response\Zend_Controller_Response_Abstract

an optional response object to perform HTTP or HTML form redirection

Returns
TypeDescription
mixed
methodpublichasUser(string $id) : bool

Returns true if user with given $id exists and false otherwise

Parameters
NameTypeDescription
$idstring

user identity URL

Returns
TypeDescription
bool
methodpubliclogin(string $id, string $password) : bool

Performs login of user with given $id and $password Returns true in case of success and false otherwise

Parameters
NameTypeDescription
$idstring

user identity URL

$passwordstring

user password

Returns
TypeDescription
bool
methodpubliclogout() : void

Performs logout. Clears information about logged in user.

methodpublicregister(string $id, string $password) : bool

Registers a new user with given $id and $password Returns true in case of success and false if user with given $id already exists

Parameters
NameTypeDescription
$idstring

user identity URL

$passwordstring

encoded user password

Returns
TypeDescription
bool
methodpublicrespondToConsumer(array $params, mixed $extensions = null, \Zend_Controller_Response_Abstract $response = null) : bool

Perepares information to send back to consumer's authentication request, signs it using shared secret and send back through HTTP redirection

Parameters
NameTypeDescription
$paramsarray

GET or POST request variables

$extensionsmixed

extension object or array of extensions objects

$response\Zend_Controller_Response_Abstract

an optional response object to perform HTTP or HTML form redirection

Returns
TypeDescription
bool
methodpublicsetOpEndpoint(string $url) : null

Sets the OP Endpoint URL

Parameters
NameTypeDescription
$urlstring

the OP Endpoint URL

Returns
TypeDescription
null
Documentation was generated by phpDocumentor 2.2.0 .