ILIAS  release_4-4 Revision
Auth_OpenID_PAPE_Response Class Reference

A Provider Authentication Policy response, sent from a provider to a relying party. More...

+ Inheritance diagram for Auth_OpenID_PAPE_Response:
+ Collaboration diagram for Auth_OpenID_PAPE_Response:

Public Member Functions

 Auth_OpenID_PAPE_Response ($auth_policies=null, $auth_time=null, $nist_auth_level=null)
 
 addPolicyURI ($policy_uri)
 Add a authentication policy to this response. More...
 
 parseExtensionArgs ($args, $strict=false)
 Parse the provider authentication policy arguments into the internal state of this object. More...
 
 getExtensionArgs ()
 
- Public Member Functions inherited from Auth_OpenID_Extension
 getExtensionArgs ()
 Get the string arguments that should be added to an OpenID message for this extension. More...
 
 toMessage ($message)
 Add the arguments from this extension to the provided message. More...
 

Static Public Member Functions

static fromSuccessResponse ($success_response)
 Create an Auth_OpenID_PAPE_Response object from a successful OpenID library response. More...
 

Data Fields

 $ns_alias = 'pape'
 
 $ns_uri = Auth_OpenID_PAPE_NS_URI
 
- Data Fields inherited from Auth_OpenID_Extension
 $ns_uri = null
 ns_uri: The namespace to which to add the arguments for this extension More...
 
 $ns_alias = null
 

Detailed Description

A Provider Authentication Policy response, sent from a provider to a relying party.

Definition at line 154 of file PAPE.php.

Member Function Documentation

◆ addPolicyURI()

Auth_OpenID_PAPE_Response::addPolicyURI (   $policy_uri)

Add a authentication policy to this response.

This method is intended to be used by the provider to add a policy that the provider conformed to when authenticating the user.

Parameters
policy_uriThe identifier for the preferred type of authentication.

Definition at line 182 of file PAPE.php.

184  : The identifier for the preferred type of
185  * authentication.
186  */
187  function addPolicyURI($policy_uri)
addPolicyURI($policy_uri)
Add a authentication policy to this response.
Definition: PAPE.php:182

◆ Auth_OpenID_PAPE_Response()

Auth_OpenID_PAPE_Response::Auth_OpenID_PAPE_Response (   $auth_policies = null,
  $auth_time = null,
  $nist_auth_level = null 
)

Definition at line 159 of file PAPE.php.

References $result, Auth_OpenID_PAPE_Request\addPolicyURI(), Auth_OpenID\arrayGet(), Auth_OpenID_PAPE_NS_URI, Auth_OpenID\intval(), PAPE_TIME_VALIDATOR, and Auth_OpenID_PAPE_Request\parseExtensionArgs().

159  {
160 
161  var $ns_alias = 'pape';
163 
164  function Auth_OpenID_PAPE_Response($auth_policies=null, $auth_time=null,
165  $nist_auth_level=null)
166  {
167  if ($auth_policies) {
168  $this->auth_policies = $auth_policies;
169  } else {
170  $this->auth_policies = array();
Auth_OpenID_PAPE_Response($auth_policies=null, $auth_time=null, $nist_auth_level=null)
Definition: PAPE.php:159
const Auth_OpenID_PAPE_NS_URI
An implementation of the OpenID Provider Authentication Policy Extension 1.0.
Definition: PAPE.php:13
+ Here is the call graph for this function:

◆ fromSuccessResponse()

static Auth_OpenID_PAPE_Response::fromSuccessResponse (   $success_response)
static

Create an Auth_OpenID_PAPE_Response object from a successful OpenID library response.

Parameters
success_response$success_responseA SuccessResponse from Auth_OpenID_Consumer::complete()
Returns
: A provider authentication policy response from the data that was supplied with the id_res response.

Definition at line 199 of file PAPE.php.

201  : A provider authentication policy response from the
202  * data that was supplied with the id_res response.
203  */
204  static function fromSuccessResponse($success_response)
205  {
206  $obj = new Auth_OpenID_PAPE_Response();
207 
208  // PAPE requires that the args be signed.
209  $args = $success_response->getSignedNS(Auth_OpenID_PAPE_NS_URI);
210 
211  if ($args === null || $args === array()) {
212  return null;
213  }
214 
215  $result = $obj->parseExtensionArgs($args);
216 
217  if ($result === false) {
$result
Auth_OpenID_PAPE_Response($auth_policies=null, $auth_time=null, $nist_auth_level=null)
Definition: PAPE.php:159
const Auth_OpenID_PAPE_NS_URI
An implementation of the OpenID Provider Authentication Policy Extension 1.0.
Definition: PAPE.php:13
static fromSuccessResponse($success_response)
Create an Auth_OpenID_PAPE_Response object from a successful OpenID library response.
Definition: PAPE.php:199

◆ getExtensionArgs()

Auth_OpenID_PAPE_Response::getExtensionArgs ( )

Definition at line 268 of file PAPE.php.

References PAPE_TIME_VALIDATOR.

274  {
275  $ns_args = array();
276  if (count($this->auth_policies) > 0) {
277  $ns_args['auth_policies'] = implode(' ', $this->auth_policies);
278  } else {
279  $ns_args['auth_policies'] = 'none';
280  }
281 
282  if ($this->nist_auth_level !== null) {
283  if (!in_array($this->nist_auth_level, range(0, 4), true)) {
284  return false;
285  }
286  $ns_args['nist_auth_level'] = strval($this->nist_auth_level);
287  }
288 
289  if ($this->auth_time !== null) {
290  if (!preg_match(PAPE_TIME_VALIDATOR, $this->auth_time)) {
291  return false;
292  }
293 
const PAPE_TIME_VALIDATOR
Definition: PAPE.php:19

◆ parseExtensionArgs()

Auth_OpenID_PAPE_Response::parseExtensionArgs (   $args,
  $strict = false 
)

Parse the provider authentication policy arguments into the internal state of this object.

Parameters
argsunqualified provider authentication policy arguments
strictWhether to return false when bad data is encountered
Returns
null The data is parsed into the internal fields of this object.

Definition at line 232 of file PAPE.php.

238  {
239  $policies_str = Auth_OpenID::arrayGet($args, 'auth_policies');
240  if ($policies_str && $policies_str != "none") {
241  $this->auth_policies = explode(" ", $policies_str);
242  }
243 
244  $nist_level_str = Auth_OpenID::arrayGet($args, 'nist_auth_level');
245  if ($nist_level_str !== null) {
246  $nist_level = Auth_OpenID::intval($nist_level_str);
247 
248  if ($nist_level === false) {
249  if ($strict) {
250  return false;
251  } else {
252  $nist_level = null;
253  }
254  }
255 
256  if (0 <= $nist_level && $nist_level < 5) {
257  $this->nist_auth_level = $nist_level;
258  } else if ($strict) {
259  return false;
260  }
261  }
262 
263  $auth_time = Auth_OpenID::arrayGet($args, 'auth_time');
264  if ($auth_time !== null) {
265  if (preg_match(PAPE_TIME_VALIDATOR, $auth_time)) {
266  $this->auth_time = $auth_time;
const PAPE_TIME_VALIDATOR
Definition: PAPE.php:19
static arrayGet($arr, $key, $fallback=null)
Convenience function for getting array values.
Definition: OpenID.php:242
static intval($value)
Replacement (wrapper) for PHP&#39;s intval() because it&#39;s broken.
Definition: OpenID.php:444

Field Documentation

◆ $ns_alias

Auth_OpenID_PAPE_Response::$ns_alias = 'pape'

Definition at line 156 of file PAPE.php.

◆ $ns_uri

Auth_OpenID_PAPE_Response::$ns_uri = Auth_OpenID_PAPE_NS_URI

Definition at line 157 of file PAPE.php.


The documentation for this class was generated from the following file: