ILIAS  Release_4_1_x_branch Revision 61804
 All Data Structures Namespaces Files Functions Variables Groups Pages
Public Member Functions | Data Fields
Auth_OpenID_Signatory Class Reference
+ Collaboration diagram for Auth_OpenID_Signatory:

Public Member Functions

 Auth_OpenID_Signatory ($store)
 Create a new signatory using a given store.
 verify ($assoc_handle, $message)
 Verify, using a given association handle, a signature with signed key-value pairs from an HTTP request.
 sign ($response)
 Given a response, sign the fields in the response's 'signed' list, and insert the signature into the response.
 createAssociation ($dumb=true, $assoc_type= 'HMAC-SHA1')
 Make a new association.
 getAssociation ($assoc_handle, $dumb, $check_expiration=true)
 Given an association handle, get the association from the store, or return a ServerError or null if something goes wrong.
 invalidate ($assoc_handle, $dumb)
 Invalidate a given association handle.

Data Fields

 $SECRET_LIFETIME = 1209600
 $normal_key = 'http://localhost/|normal'
 $dumb_key = 'http://localhost/|dumb'

Detailed Description

Definition at line 1299 of file Server.php.

Member Function Documentation

Auth_OpenID_Signatory::Auth_OpenID_Signatory (   $store)

Create a new signatory using a given store.

Definition at line 1314 of file Server.php.

{
// assert store is not None
$this->store = $store;
}
Auth_OpenID_Signatory::createAssociation (   $dumb = true,
  $assoc_type = 'HMAC-SHA1' 
)

Make a new association.

Definition at line 1373 of file Server.php.

References $dumb_key, $normal_key, Auth_OpenID_getSecretSize(), Auth_OpenID_Association\fromExpiresIn(), and Auth_OpenID_CryptUtil\getBytes().

Referenced by sign().

{
$secret = Auth_OpenID_CryptUtil::getBytes(
Auth_OpenID_getSecretSize($assoc_type));
$uniq = base64_encode(Auth_OpenID_CryptUtil::getBytes(4));
$handle = sprintf('{%s}{%x}{%s}', $assoc_type, intval(time()), $uniq);
$assoc = Auth_OpenID_Association::fromExpiresIn(
$this->SECRET_LIFETIME, $handle, $secret, $assoc_type);
if ($dumb) {
$key = $this->dumb_key;
} else {
$key = $this->normal_key;
}
$this->store->storeAssociation($key, $assoc);
return $assoc;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

Auth_OpenID_Signatory::getAssociation (   $assoc_handle,
  $dumb,
  $check_expiration = true 
)

Given an association handle, get the association from the store, or return a ServerError or null if something goes wrong.

Definition at line 1398 of file Server.php.

References $dumb_key, and $normal_key.

Referenced by sign(), and verify().

{
if ($assoc_handle === null) {
return new Auth_OpenID_ServerError(null,
"assoc_handle must not be null");
}
if ($dumb) {
$key = $this->dumb_key;
} else {
$key = $this->normal_key;
}
$assoc = $this->store->getAssociation($key, $assoc_handle);
if (($assoc !== null) && ($assoc->getExpiresIn() <= 0)) {
if ($check_expiration) {
$this->store->removeAssociation($key, $assoc_handle);
$assoc = null;
}
}
return $assoc;
}

+ Here is the caller graph for this function:

Auth_OpenID_Signatory::invalidate (   $assoc_handle,
  $dumb 
)

Invalidate a given association handle.

Definition at line 1426 of file Server.php.

References $dumb_key, and $normal_key.

Referenced by sign().

{
if ($dumb) {
$key = $this->dumb_key;
} else {
$key = $this->normal_key;
}
$this->store->removeAssociation($key, $assoc_handle);
}

+ Here is the caller graph for this function:

Auth_OpenID_Signatory::sign (   $response)

Given a response, sign the fields in the response's 'signed' list, and insert the signature into the response.

Definition at line 1340 of file Server.php.

References Auth_OpenID_OPENID_NS, createAssociation(), getAssociation(), and invalidate().

{
$signed_response = $response;
$assoc_handle = $response->request->assoc_handle;
if ($assoc_handle) {
// normal mode
$assoc = $this->getAssociation($assoc_handle, false, false);
if (!$assoc || ($assoc->getExpiresIn() <= 0)) {
// fall back to dumb mode
$signed_response->fields->setArg(Auth_OpenID_OPENID_NS,
'invalidate_handle', $assoc_handle);
$assoc_type = ($assoc ? $assoc->assoc_type : 'HMAC-SHA1');
if ($assoc && ($assoc->getExpiresIn() <= 0)) {
$this->invalidate($assoc_handle, false);
}
$assoc = $this->createAssociation(true, $assoc_type);
}
} else {
// dumb mode.
$assoc = $this->createAssociation(true);
}
$signed_response->fields = $assoc->signMessage(
$signed_response->fields);
return $signed_response;
}

+ Here is the call graph for this function:

Auth_OpenID_Signatory::verify (   $assoc_handle,
  $message 
)

Verify, using a given association handle, a signature with signed key-value pairs from an HTTP request.

Definition at line 1324 of file Server.php.

References getAssociation().

{
$assoc = $this->getAssociation($assoc_handle, true);
if (!$assoc) {
// oidutil.log("failed to get assoc with handle %r to verify sig %r"
// % (assoc_handle, sig))
return false;
}
return $assoc->checkMessageSignature($message);
}

+ Here is the call graph for this function:

Field Documentation

Auth_OpenID_Signatory::$dumb_key = 'http://localhost/|dumb'

Definition at line 1309 of file Server.php.

Referenced by createAssociation(), getAssociation(), and invalidate().

Auth_OpenID_Signatory::$normal_key = 'http://localhost/|normal'

Definition at line 1308 of file Server.php.

Referenced by createAssociation(), getAssociation(), and invalidate().

Auth_OpenID_Signatory::$SECRET_LIFETIME = 1209600

Definition at line 1302 of file Server.php.

The documentation for this class was generated from the following file: