ILIAS  Release_4_2_x_branch Revision 61807
 All Data Structures Namespaces Files Functions Variables Groups Pages
Auth_OpenID_Consumer Class Reference
+ Collaboration diagram for Auth_OpenID_Consumer:

Public Member Functions

 Auth_OpenID_Consumer ($store, $session=null, $consumer_cls=null)
 Initialize a Consumer instance.
 getDiscoveryObject ($session, $openid_url, $session_key_prefix)
 Used in testing to define the discovery mechanism.
 begin ($user_url, $anonymous=false)
 Start the OpenID authentication process.
 beginWithoutDiscovery ($endpoint, $anonymous=false)
 Start OpenID verification without doing OpenID server discovery.
 complete ($current_url, $query=null)
 Called to interpret the server's response to an OpenID request.

Data Fields

 $discoverMethod = 'Auth_OpenID_discover'
 private
 $session_key_prefix = "_openid_consumer_"
 private
 $_token_suffix = "last_token"
 private

Detailed Description

Definition at line 215 of file Consumer.php.

Member Function Documentation

Auth_OpenID_Consumer::Auth_OpenID_Consumer (   $store,
  $session = null,
  $consumer_cls = null 
)

Initialize a Consumer instance.

You should create a new instance of the Consumer object with every HTTP request that handles OpenID transactions.

Parameters
Auth_OpenID_OpenIDStore$storeThis must be an object that implements the interface in Auth_OpenID_OpenIDStore. Several concrete implementations are provided, to cover most common use cases. For stores backed by MySQL, PostgreSQL, or SQLite, see the Auth_OpenID_SQLStore class and its sublcasses. For a filesystem-backed store, see the Auth_OpenID_FileStore module. As a last resort, if it isn't possible for the server to store state at all, an instance of Auth_OpenID_DumbStore can be used.
mixed$sessionAn object which implements the interface of the Auth_Yadis_PHPSession class. Particularly, this object is expected to have these methods: get($key), set($key), $value), and del($key). This defaults to a session object which wraps PHP's native session machinery. You should only need to pass something here if you have your own sessioning implementation.
str$consumer_clsThe name of the class to instantiate when creating the internal consumer object. This is used for testing.

Definition at line 261 of file Consumer.php.

References $_token_suffix.

{
if ($session === null) {
$session = new Auth_Yadis_PHPSession();
}
$this->session = $session;
if ($consumer_cls !== null) {
$this->consumer = new $consumer_cls($store);
} else {
$this->consumer = new Auth_OpenID_GenericConsumer($store);
}
$this->_token_key = $this->session_key_prefix . $this->_token_suffix;
}
Auth_OpenID_Consumer::begin (   $user_url,
  $anonymous = false 
)

Start the OpenID authentication process.

See steps 1-2 in the overview at the top of this file.

Parameters
string$user_urlIdentity URL given by the user. This method performs a textual transformation of the URL to try and make sure it is normalized. For example, a user_url of example.com will be normalized to http://example.com/ normalizing and resolving any redirects the server might issue.
bool$anonymousTrue if the OpenID request is to be sent to the server without any identifier information. Use this when you want to transport data but don't want to do OpenID authentication with identifiers.
Returns
Auth_OpenID_AuthRequest $auth_request An object containing the discovered information will be returned, with a method for building a redirect URL to the server, as described in step 3 of the overview. This object may also be used to add extension arguments to the request, using its 'addExtensionArg' method.

Definition at line 313 of file Consumer.php.

References $loader, beginWithoutDiscovery(), and getDiscoveryObject().

{
$openid_url = $user_url;
$disco = $this->getDiscoveryObject($this->session,
$openid_url,
$this->session_key_prefix);
// Set the 'stale' attribute of the manager. If discovery
// fails in a fatal way, the stale flag will cause the manager
// to be cleaned up next time discovery is attempted.
$m = $disco->getManager();
if ($m) {
if ($m->stale) {
$disco->destroyManager();
} else {
$m->stale = true;
$disco->session->set($disco->session_key,
serialize($loader->toSession($m)));
}
}
$endpoint = $disco->getNextService($this->discoverMethod,
$this->consumer->fetcher);
// Reset the 'stale' attribute of the manager.
$m = $disco->getManager();
if ($m) {
$m->stale = false;
$disco->session->set($disco->session_key,
serialize($loader->toSession($m)));
}
if ($endpoint === null) {
return null;
} else {
return $this->beginWithoutDiscovery($endpoint,
$anonymous);
}
}

+ Here is the call graph for this function:

Auth_OpenID_Consumer::beginWithoutDiscovery (   $endpoint,
  $anonymous = false 
)

Start OpenID verification without doing OpenID server discovery.

This method is used internally by Consumer.begin after discovery is performed, and exists to provide an interface for library users needing to perform their own discovery.

Parameters
Auth_OpenID_ServiceEndpoint$endpointan OpenID service endpoint descriptor.
boolanonymous Set to true if you want to perform OpenID without identifiers.
Returns
Auth_OpenID_AuthRequest $auth_request An OpenID authentication request object.

Definition at line 373 of file Consumer.php.

References $loader.

Referenced by begin().

{
$auth_req = $this->consumer->begin($endpoint);
$this->session->set($this->_token_key,
$loader->toSession($auth_req->endpoint));
if (!$auth_req->setAnonymous($anonymous)) {
return new Auth_OpenID_FailureResponse(null,
"OpenID 1 requests MUST include the identifier " .
"in the request.");
}
return $auth_req;
}

+ Here is the caller graph for this function:

Auth_OpenID_Consumer::complete (   $current_url,
  $query = null 
)

Called to interpret the server's response to an OpenID request.

It is called in step 4 of the flow described in the consumer overview.

Parameters
string$current_urlThe URL used to invoke the application. Extract the URL from your application's web request framework and specify it here to have it checked against the openid.current_url value in the response. If the current_url URL check fails, the status of the completion will be FAILURE.
array$queryAn array of the query parameters (key => value pairs) for this HTTP request. Defaults to null. If null, the GET or POST data are automatically gotten from the PHP environment. It is only useful to override $query for testing.
Returns
Auth_OpenID_ConsumerResponse $response A instance of an Auth_OpenID_ConsumerResponse subclass. The type of response is indicated by the status attribute, which will be one of SUCCESS, CANCEL, FAILURE, or SETUP_NEEDED.

Definition at line 410 of file Consumer.php.

References $loader, $query, Auth_OpenID_CANCEL, Auth_OpenID_SUCCESS, Auth_OpenID_Message\fromPostArgs(), getDiscoveryObject(), and Auth_OpenID\getQuery().

{
if ($current_url && !is_string($current_url)) {
// This is ugly, but we need to complain loudly when
// someone uses the API incorrectly.
trigger_error("current_url must be a string; see NEWS file " .
"for upgrading notes.",
E_USER_ERROR);
}
if ($query === null) {
}
$endpoint_data = $this->session->get($this->_token_key);
$endpoint =
$loader->fromSession($endpoint_data);
$response = $this->consumer->complete($message, $endpoint,
$current_url);
$this->session->del($this->_token_key);
if (in_array($response->status, array(Auth_OpenID_SUCCESS,
if ($response->identity_url !== null) {
$disco = $this->getDiscoveryObject($this->session,
$response->identity_url,
$this->session_key_prefix);
$disco->cleanup(true);
}
}
return $response;
}

+ Here is the call graph for this function:

Auth_OpenID_Consumer::getDiscoveryObject (   $session,
  $openid_url,
  $session_key_prefix 
)

Used in testing to define the discovery mechanism.

private

Definition at line 284 of file Consumer.php.

References $session_key_prefix.

Referenced by begin(), and complete().

{
return new Auth_Yadis_Discovery($session, $openid_url,
}

+ Here is the caller graph for this function:

Field Documentation

Auth_OpenID_Consumer::$_token_suffix = "last_token"

private

Definition at line 230 of file Consumer.php.

Referenced by Auth_OpenID_Consumer().

Auth_OpenID_Consumer::$discoverMethod = 'Auth_OpenID_discover'

private

Definition at line 220 of file Consumer.php.

Auth_OpenID_Consumer::$session_key_prefix = "_openid_consumer_"

private

Definition at line 225 of file Consumer.php.

Referenced by getDiscoveryObject().


The documentation for this class was generated from the following file: