API Documentation

Zend/OpenId/Provider.php

Show: inherited
Table of Contents

Zend Framework

LICENSE

This source file is subject to the new BSD license that is bundled with this package in the file LICENSE.txt. It is also available through the world-wide-web at this URL: http://framework.zend.com/license/new-bsd If you did not receive a copy of the license and are unable to obtain it through the world-wide-web, please send an email to license@zend.com so we can send you a copy immediately.

Category
Zend  
Copyright
Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)  
License
New BSD License  
Package
Zend_OpenId  
Subpackage
Zend_OpenId_Provider  
Version
$Id: Provider.php 24594 2012-01-05 21:27:01Z matthew $  

\Zend_OpenId_Provider

Package: Zend\OpenId\Zend\OpenId\Provider

OpenID provider (server) implementation

Category
Zend  
Copyright
Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)  
License
New BSD License  

Properties

Propertyprivatestring  $_loginUrl= ''

URL to peform interactive user login

Details
Type
string
Propertyprivatestring  $_opEndpoint= ''

The OP Endpoint URL

Details
Type
string
Propertyprivateinteger  $_sessionTtl= ''

Time to live of association session in secconds

Details
Type
integer
Propertyprivate\Zend_OpenId_Provider_Storage  $_storage= ''

Reference to an implementation of storage object

Propertyprivatestring  $_trustUrl= ''

URL to peform interactive validation of consumer by user

Details
Type
string
Propertyprivate\Zend_OpenId_Provider_User  $_user= ''

Reference to an implementation of user object

Methods

methodpublic__construct( string $loginUrl = null, string $trustUrl = null, \Zend_OpenId_Provider_User $user = null, \Zend_OpenId_Provider_Storage $storage = null, integer $sessionTtl = 3600 ) : void

Constructs a Zend_OpenId_Provider object with given parameters.

Parameters
Name Type Description
$loginUrl string

is an URL that provides login screen for end-user (by default it is the same URL with additional GET variable openid.action=login)

$trustUrl string

is an URL that shows a question if end-user trust to given consumer (by default it is the same URL with additional GET variable openid.action=trust)

$user \Zend_OpenId_Provider_User

is an object for communication with User-Agent and store information about logged-in user (it is a Zend_OpenId_Provider_User_Session object by default)

$storage \Zend_OpenId_Provider_Storage

is an object for keeping persistent database (it is a Zend_OpenId_Provider_Storage_File object by default)

$sessionTtl integer

is a default time to live for association session in seconds (1 hour by default). Consumer must reestablish association after that time.

methodprotected_associate( float $version, array $params ) : array

Processes association request from OpenID consumerm generates secret shared key and send it back using Diffie-Hellman encruption.

Returns array of variables to push back to consumer.

Parameters
Name Type Description
$version float

OpenID version

$params array

GET or POST request variables

Returns
Type Description
array
methodprotected_checkAuthentication( float $version, array $params ) : array

Performs authentication validation for dumb consumers Returns array of variables to push back to consumer.

It MUST contain 'is_valid' variable with value 'true' or 'false'.

Parameters
Name Type Description
$version float

OpenID version

$params array

GET or POST request variables

Returns
Type Description
array
methodprotected_checkId( float $version, array $params, bool $immediate, mixed $extensions = null, \Zend_Controller_Response_Abstract $response = null ) : array

Performs authentication (or authentication check).

Parameters
Name Type Description
$version float

OpenID version

$params array

GET or POST request variables

$immediate bool

enables or disables interaction with user

$extensions mixed

extension object or array of extensions objects

$response \Zend_Controller_Response_Abstract
Returns
Type Description
array
methodprotected_genSecret( string $func ) : mixed

Generates a secret key for given hash function, returns RAW key or false if function is not supported

Parameters
Name Type Description
$func string

hash function (sha1 or sha256)

Returns
Type Description
mixed
methodprotected_respond( float $version, array $ret, array $params, mixed $extensions = null ) : array

Perepares information to send back to consumer's authentication request and signs it using shared secret.

Parameters
Name Type Description
$version float

OpenID protcol version

$ret array

arguments to be send back to consumer

$params array

GET or POST request variables

$extensions mixed

extension object or array of extensions objects

Returns
Type Description
array
methodprotected_secureStringCompare( string $a, string $b ) : bool

Securely compare two strings for equality while avoided C level memcmp() optimisations capable of leaking timing information useful to an attacker attempting to iteratively guess the unknown string (e.g. password) being compared against.

Parameters
Name Type Description
$a string
$b string
Returns
Type Description
bool
methodpublicallowSite( string $root, mixed $extensions = null ) : bool

Allows consumer with given root URL to authenticate current logged in user. Returns true on success and false on error.

Parameters
Name Type Description
$root string

root URL

$extensions mixed

extension object or array of extensions objects

Returns
Type Description
bool
methodpublicdelSite( string $root ) : bool

Delete consumer with given root URL from known sites of current logged in user. Next time this consumer will try to authenticate the user, Provider will ask user's confirmation.

Returns true on success and false on error.

Parameters
Name Type Description
$root string

root URL

Returns
Type Description
bool
methodpublicdenySite( string $root ) : bool

Prohibit consumer with given root URL to authenticate current logged in user. Returns true on success and false on error.

Parameters
Name Type Description
$root string

root URL

Returns
Type Description
bool
methodpublicgetLoggedInUser( ) : mixed

Returns identity URL of current logged in user or false

Returns
Type Description
mixed
methodpublicgetSiteRoot( array $params ) : mixed

Retrieve consumer's root URL from request query.

Returns URL or false in case of failure

Parameters
Name Type Description
$params array

query arguments

Returns
Type Description
mixed
methodpublicgetTrustedSites( ) : mixed

Returns list of known consumers for current logged in user or false if he is not logged in.

Returns
Type Description
mixed
methodpublichandle( array $params = null, mixed $extensions = null, \Zend_Controller_Response_Abstract $response = null ) : mixed

Handles HTTP request from consumer

Parameters
Name Type Description
$params array

GET or POST variables. If this parameter is omited or set to null, then $_GET or $_POST superglobal variable is used according to REQUEST_METHOD.

$extensions mixed

extension object or array of extensions objects

$response \Zend_Controller_Response_Abstract

an optional response object to perform HTTP or HTML form redirection

Returns
Type Description
mixed
methodpublichasUser( string $id ) : bool

Returns true if user with given $id exists and false otherwise

Parameters
Name Type Description
$id string

user identity URL

Returns
Type Description
bool
methodpubliclogin( string $id, string $password ) : bool

Performs login of user with given $id and $password Returns true in case of success and false otherwise

Parameters
Name Type Description
$id string

user identity URL

$password string

user password

Returns
Type Description
bool
methodpubliclogout( ) : void

Performs logout. Clears information about logged in user.

methodpublicregister( string $id, string $password ) : bool

Registers a new user with given $id and $password Returns true in case of success and false if user with given $id already exists

Parameters
Name Type Description
$id string

user identity URL

$password string

encoded user password

Returns
Type Description
bool
methodpublicrespondToConsumer( array $params, mixed $extensions = null, \Zend_Controller_Response_Abstract $response = null ) : bool

Perepares information to send back to consumer's authentication request, signs it using shared secret and send back through HTTP redirection

Parameters
Name Type Description
$params array

GET or POST request variables

$extensions mixed

extension object or array of extensions objects

$response \Zend_Controller_Response_Abstract

an optional response object to perform HTTP or HTML form redirection

Returns
Type Description
bool
methodpublicsetOpEndpoint( string $url ) : null

Sets the OP Endpoint URL

Parameters
Name Type Description
$url string

the OP Endpoint URL

Returns
Type Description
null
Documentation was generated by DocBlox 0.15.1.