OpenId/Provider.php
inherited
Classes
- Category
- Zend
- Copyright
- Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
- License
- New BSD License
- Package
- Zend_OpenId
- Subpackage
- Zend_OpenId_Provider
- Version
- $Id$
\Zend_OpenId_Provider
- Category
- Zend
- Copyright
- Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
- License
- New BSD License
Properties
string $_loginUrl- Type
- string
string $_opEndpoint- Type
- string
integer $_sessionTtl- Type
- integer
\Zend_OpenId_Provider_Storage $_storagestring $_trustUrl- Type
- string
\Zend_OpenId_Provider_User $_userMethods
__construct(string $loginUrl = null, string $trustUrl = null, \Zend_OpenId_Provider_User $user = null, \Zend_OpenId_Provider_Storage $storage = null, integer $sessionTtl = 3600) : voidConstructs a Zend_OpenId_Provider object with given parameters.
| Name | Type | Description |
|---|---|---|
| $loginUrl | string | is an URL that provides login screen for end-user (by default it is the same URL with additional GET variable openid.action=login) |
| $trustUrl | string | is an URL that shows a question if end-user trust to given consumer (by default it is the same URL with additional GET variable openid.action=trust) |
| $user | \Zend_OpenId_Provider_User | is an object for communication with User-Agent and store information about logged-in user (it is a Zend_OpenId_Provider_User_Session object by default) |
| $storage | \Zend_OpenId_Provider_Storage | is an object for keeping persistent database (it is a Zend_OpenId_Provider_Storage_File object by default) |
| $sessionTtl | integer | is a default time to live for association session in seconds (1 hour by default). Consumer must reestablish association after that time. |
_associate(float $version, array $params) : arrayProcesses association request from OpenID consumerm generates secret shared key and send it back using Diffie-Hellman encruption.
| Name | Type | Description |
|---|---|---|
| $version | float | OpenID version |
| $params | array | GET or POST request variables |
| Type | Description |
|---|---|
| array |
_checkAuthentication(float $version, array $params) : arrayPerforms authentication validation for dumb consumers Returns array of variables to push back to consumer.
| Name | Type | Description |
|---|---|---|
| $version | float | OpenID version |
| $params | array | GET or POST request variables |
| Type | Description |
|---|---|
| array |
_checkId(float $version, array $params, bool $immediate, mixed $extensions = null, \Zend_Controller_Response_Abstract $response = null) : arrayPerforms authentication (or authentication check).
| Name | Type | Description |
|---|---|---|
| $version | float | OpenID version |
| $params | array | GET or POST request variables |
| $immediate | bool | enables or disables interaction with user |
| $extensions | mixed | extension object or array of extensions objects |
| $response | \Zend_Controller_Response_Abstract |
| Type | Description |
|---|---|
| array |
_genSecret(string $func) : mixedGenerates a secret key for given hash function, returns RAW key or false if function is not supported
| Name | Type | Description |
|---|---|---|
| $func | string | hash function (sha1 or sha256) |
| Type | Description |
|---|---|
| mixed |
_respond(float $version, array $ret, array $params, mixed $extensions = null) : arrayPerepares information to send back to consumer's authentication request and signs it using shared secret.
| Name | Type | Description |
|---|---|---|
| $version | float | OpenID protcol version |
| $ret | array | arguments to be send back to consumer |
| $params | array | GET or POST request variables |
| $extensions | mixed | extension object or array of extensions objects |
| Type | Description |
|---|---|
| array |
_secureStringCompare(string $a, string $b) : boolSecurely compare two strings for equality while avoided C level memcmp() optimisations capable of leaking timing information useful to an attacker attempting to iteratively guess the unknown string (e.g. password) being compared against.
| Name | Type | Description |
|---|---|---|
| $a | string | |
| $b | string |
| Type | Description |
|---|---|
| bool |
allowSite(string $root, mixed $extensions = null) : boolAllows consumer with given root URL to authenticate current logged in user. Returns true on success and false on error.
| Name | Type | Description |
|---|---|---|
| $root | string | root URL |
| $extensions | mixed | extension object or array of extensions objects |
| Type | Description |
|---|---|
| bool |
delSite(string $root) : boolDelete consumer with given root URL from known sites of current logged in user. Next time this consumer will try to authenticate the user, Provider will ask user's confirmation.
| Name | Type | Description |
|---|---|---|
| $root | string | root URL |
| Type | Description |
|---|---|
| bool |
denySite(string $root) : boolProhibit consumer with given root URL to authenticate current logged in user. Returns true on success and false on error.
| Name | Type | Description |
|---|---|---|
| $root | string | root URL |
| Type | Description |
|---|---|
| bool |
getLoggedInUser() : mixedReturns identity URL of current logged in user or false
| Type | Description |
|---|---|
| mixed |
getSiteRoot(array $params) : mixedRetrieve consumer's root URL from request query.
| Name | Type | Description |
|---|---|---|
| $params | array | query arguments |
| Type | Description |
|---|---|
| mixed |
getTrustedSites() : mixedReturns list of known consumers for current logged in user or false if he is not logged in.
| Type | Description |
|---|---|
| mixed |
handle(array $params = null, mixed $extensions = null, \Zend_Controller_Response_Abstract $response = null) : mixedHandles HTTP request from consumer
| Name | Type | Description |
|---|---|---|
| $params | array | GET or POST variables. If this parameter is omited or set to null, then $_GET or $_POST superglobal variable is used according to REQUEST_METHOD. |
| $extensions | mixed | extension object or array of extensions objects |
| $response | \Zend_Controller_Response_Abstract | an optional response object to perform HTTP or HTML form redirection |
| Type | Description |
|---|---|
| mixed |
hasUser(string $id) : boolReturns true if user with given $id exists and false otherwise
| Name | Type | Description |
|---|---|---|
| $id | string | user identity URL |
| Type | Description |
|---|---|
| bool |
login(string $id, string $password) : boolPerforms login of user with given $id and $password Returns true in case of success and false otherwise
| Name | Type | Description |
|---|---|---|
| $id | string | user identity URL |
| $password | string | user password |
| Type | Description |
|---|---|
| bool |
logout() : voidPerforms logout. Clears information about logged in user.
register(string $id, string $password) : boolRegisters a new user with given $id and $password Returns true in case of success and false if user with given $id already exists
| Name | Type | Description |
|---|---|---|
| $id | string | user identity URL |
| $password | string | encoded user password |
| Type | Description |
|---|---|
| bool |
respondToConsumer(array $params, mixed $extensions = null, \Zend_Controller_Response_Abstract $response = null) : boolPerepares information to send back to consumer's authentication request, signs it using shared secret and send back through HTTP redirection
| Name | Type | Description |
|---|---|---|
| $params | array | GET or POST request variables |
| $extensions | mixed | extension object or array of extensions objects |
| $response | \Zend_Controller_Response_Abstract | an optional response object to perform HTTP or HTML form redirection |
| Type | Description |
|---|---|
| bool |
setOpEndpoint(string $url) : nullSets the OP Endpoint URL
| Name | Type | Description |
|---|---|---|
| $url | string | the OP Endpoint URL |
| Type | Description |
|---|---|
| null |