Zend Framework API Documentation » \Zend_OpenId

OpenID provider (server) implementation

category	Zend
package	Zend_OpenId
subpackage	Zend_OpenId_Provider
copyright	Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com)
license	New BSD License

Methods

Constructs a Zend_OpenId_Provider object with given parameters.

__construct(string $loginUrl = null, string $trustUrl = null, \Zend_OpenId_Provider_User $user = null, \Zend_OpenId_Provider_Storage $storage = null, integer $sessionTtl = 3600)

Parameters

$loginUrl

string

is an URL that provides login screen for end-user (by default it is the same URL with additional GET variable openid.action=login)

$trustUrl

string

is an URL that shows a question if end-user trust to given consumer (by default it is the same URL with additional GET variable openid.action=trust)

$user

\Zend_OpenId_Provider_User

is an object for communication with User-Agent and store information about logged-in user (it is a Zend_OpenId_Provider_User_Session object by default)

$storage

\Zend_OpenId_Provider_Storage

is an object for keeping persistent database (it is a Zend_OpenId_Provider_Storage_File object by default)

$sessionTtl

integer

is a default time to live for association session in seconds (1 hour by default). Consumer must reestablish association after that time.

Allows consumer with given root URL to authenticate current logged in user. Returns true on success and false on error.

allowSite(string $root, mixed $extensions = null) : boolean

Parameters

$root

string

root URL

$extensions

mixed

extension object or array of extensions objects

Returns

boolean

Delete consumer with given root URL from known sites of current logged in user. Next time this consumer will try to authenticate the user, Provider will ask user's confirmation.

delSite(string $root) : boolean

Returns true on success and false on error.

Parameters

$root

string

root URL

Returns

boolean

Prohibit consumer with given root URL to authenticate current logged in user. Returns true on success and false on error.

denySite(string $root) : boolean

Parameters

$root

string

root URL

Returns

boolean

Returns identity URL of current logged in user or false

getLoggedInUser() : mixed

Returns

mixed

Retrieve consumer's root URL from request query.

getSiteRoot(array $params) : mixed

Returns URL or false in case of failure

Parameters

$params

array

query arguments

Returns

mixed

Returns list of known consumers for current logged in user or false if he is not logged in.

getTrustedSites() : mixed

Returns

mixed

Handles HTTP request from consumer

handle(array $params = null, mixed $extensions = null, \Zend_Controller_Response_Abstract $response = null) : mixed

Parameters

$params

array

GET or POST variables. If this parameter is omited or set to null, then $_GET or $_POST superglobal variable is used according to REQUEST_METHOD.

$extensions

mixed

extension object or array of extensions objects

$response

\Zend_Controller_Response_Abstract

an optional response object to perform HTTP or HTML form redirection

Returns

mixed

Returns true if user with given $id exists and false otherwise

hasUser(string $id) : boolean

Parameters

$id

string

user identity URL

Returns

boolean

Performs login of user with given $id and $password Returns true in case of success and false otherwise

login(string $id, string $password) : boolean

Parameters

$id

string

user identity URL

$password

string

user password

Returns

boolean

Performs logout. Clears information about logged in user.

logout() : void

Registers a new user with given $id and $password Returns true in case of success and false if user with given $id already exists

register(string $id, string $password) : boolean

Parameters

$id

string

user identity URL

$password

string

encoded user password

Returns

boolean

Perepares information to send back to consumer's authentication request, signs it using shared secret and send back through HTTP redirection

respondToConsumer(array $params, mixed $extensions = null, \Zend_Controller_Response_Abstract $response = null) : boolean

Parameters

$params

array

GET or POST request variables

$extensions

mixed

extension object or array of extensions objects

$response

\Zend_Controller_Response_Abstract

an optional response object to perform HTTP or HTML form redirection

Returns

boolean

Sets the OP Endpoint URL

setOpEndpoint(string $url) : null

Parameters

$url

string

the OP Endpoint URL

Returns

null

Processes association request from OpenID consumerm generates secret shared key and send it back using Diffie-Hellman encruption.

_associate(float $version, array $params) : array

Returns array of variables to push back to consumer.

Parameters

$version

float

OpenID version

$params

array

GET or POST request variables

Returns

array

Performs authentication validation for dumb consumers Returns array of variables to push back to consumer.

_checkAuthentication(float $version, array $params) : array

It MUST contain 'is_valid' variable with value 'true' or 'false'.

Parameters

$version

float

OpenID version

$params

array

GET or POST request variables

Returns

array

Performs authentication (or authentication check).

_checkId(float $version, array $params, boolean $immediate, mixed $extensions = null, \Zend_Controller_Response_Abstract $response = null) : array

Parameters

$version

float

OpenID version

$params

array

GET or POST request variables

$immediate

boolean

enables or disables interaction with user

$extensions

mixed

extension object or array of extensions objects

$response

\Zend_Controller_Response_Abstract

Returns

array

Generates a secret key for given hash function, returns RAW key or false if function is not supported

_genSecret(string $func) : mixed

Parameters

$func

string

hash function (sha1 or sha256)

Returns

mixed

Perepares information to send back to consumer's authentication request and signs it using shared secret.

_respond(float $version, array $ret, array $params, mixed $extensions = null) : array

Parameters

$version

float

OpenID protcol version

$ret

array

arguments to be send back to consumer

$params

array

GET or POST request variables

$extensions

mixed

extension object or array of extensions objects

Returns

array

Securely compare two strings for equality while avoided C level memcmp() optimisations capable of leaking timing information useful to an attacker attempting to iteratively guess the unknown string (e.g. password) being compared against.

_secureStringCompare(string $a, string $b) : boolean

Parameters

$a

string

$b

string

Returns

boolean

Properties

URL to peform interactive user login

$_loginUrl : string

Default

The OP Endpoint URL

$_opEndpoint : string

Default

Time to live of association session in secconds

$_sessionTtl : integer

Default

Reference to an implementation of storage object

$_storage : \Zend_OpenId_Provider_Storage

Default

URL to peform interactive validation of consumer by user

$_trustUrl : string

Default

Reference to an implementation of user object

$_user : \Zend_OpenId_Provider_User