Data Structures
class	Auth_OpenID_TrustRoot
	A wrapper for trust-root related functions. More...

Namespaces
namespace	OpenID
	This module contains code for dealing with associations between consumers and servers.

Functions
	filter_extractReturnURL ($endpoint)
&	Auth_OpenID_extractReturnURL (&$endpoint_list)
	Auth_OpenID_returnToMatches ($allowed_return_to_urls, $return_to)
	Auth_OpenID_getAllowedReturnURLs ($relying_party_url, $fetcher, $discover_function=null)
	Auth_OpenID_verifyReturnTo ($realm_str, $return_to, $fetcher, $_vrfy='Auth_OpenID_getAllowedReturnURLs')

Variables
const	Auth_OpenID___TLDs = '/\.(ac\|ad\|ae\|aero\|af\|ag\|ai\|al\|am\|an\|ao\|aq\|ar\|arpa\|as\|asia' . '\|at\|au\|aw\|ax\|az\|ba\|bb\|bd\|be\|bf\|bg\|bh\|bi\|biz\|bj\|bm\|bn\|bo\|br' . '\|bs\|bt\|bv\|bw\|by\|bz\|ca\|cat\|cc\|cd\|cf\|cg\|ch\|ci\|ck\|cl\|cm\|cn\|co' . '\|com\|coop\|cr\|cu\|cv\|cx\|cy\|cz\|de\|dj\|dk\|dm\|do\|dz\|ec\|edu\|ee\|eg' . '\|er\|es\|et\|eu\|fi\|fj\|fk\|fm\|fo\|fr\|ga\|gb\|gd\|ge\|gf\|gg\|gh\|gi\|gl' . '\|gm\|gn\|gov\|gp\|gq\|gr\|gs\|gt\|gu\|gw\|gy\|hk\|hm\|hn\|hr\|ht\|hu\|id\|ie' . '\|il\|im\|in\|info\|int\|io\|iq\|ir\|is\|it\|je\|jm\|jo\|jobs\|jp\|ke\|kg\|kh' . '\|ki\|km\|kn\|kp\|kr\|kw\|ky\|kz\|la\|lb\|lc\|li\|lk\|lr\|ls\|lt\|lu\|lv\|ly' . '\|ma\|mc\|md\|me\|mg\|mh\|mil\|mk\|ml\|mm\|mn\|mo\|mobi\|mp\|mq\|mr\|ms\|mt' . '\|mu\|museum\|mv\|mw\|mx\|my\|mz\|na\|name\|nc\|ne\|net\|nf\|ng\|ni\|nl\|no' . '\|np\|nr\|nu\|nz\|om\|org\|pa\|pe\|pf\|pg\|ph\|pk\|pl\|pm\|pn\|pr\|pro\|ps\|pt' . '\|pw\|py\|qa\|re\|ro\|rs\|ru\|rw\|sa\|sb\|sc\|sd\|se\|sg\|sh\|si\|sj\|sk\|sl' . '\|sm\|sn\|so\|sr\|st\|su\|sv\|sy\|sz\|tc\|td\|tel\|tf\|tg\|th\|tj\|tk\|tl\|tm' . '\|tn\|to\|tp\|tr\|travel\|tt\|tv\|tw\|tz\|ua\|ug\|uk\|us\|uy\|uz\|va\|vc\|ve' . '\|vg\|vi\|vn\|vu\|wf\|ws\|xn--0zwm56d\|xn--11b5bs3a9aj6g' . '\|xn--80akhbyknj4f\|xn--9t4b11yi5a\|xn--deba0ad\|xn--g6w251d' . '\|xn--hgbk6aj7f53bba\|xn--hlcj6aya9esc7a\|xn--jxalpdlp' . '\|xn--kgbechtv\|xn--zckzah\|ye\|yt\|yu\|za\|zm\|zw)\.?$/'
	A regular expression that matches a domain ending in a top-level domains.
const	Auth_OpenID___HostSegmentRe = "/^(?:[-a-zA-Z0-9!$&'\$\$\\+,;=._~]\|%[a-zA-Z0-9]{2})$/"

Function Documentation

& Auth_OpenID_extractReturnURL ( & $endpoint_list )

Definition at line 351 of file TrustRoot.php.

Referenced by Auth_OpenID_getAllowedReturnURLs().

{
    $result = array();
    foreach ($endpoint_list as $endpoint) {
        if (filter_extractReturnURL($endpoint)) {
            $result[] = $endpoint;
        }
    }

Here is the caller graph for this function:

Auth_OpenID_getAllowedReturnURLs	(	$relying_party_url,
		$fetcher,
		$discover_function = `null`
	)

Definition at line 395 of file TrustRoot.php.

References Auth_OpenID_extractReturnURL(), and Auth_Yadis_getServiceEndpoints().

{
    if ($discover_function === null) {
        $discover_function = array('Auth_Yadis_Yadis', 'discover');
    }
    $xrds_parse_cb = array('Auth_OpenID_ServiceEndpoint', 'consumerFromXRDS');
    list($rp_url_after_redirects, $endpoints) =
        Auth_Yadis_getServiceEndpoints($relying_party_url, $xrds_parse_cb,
                                       $discover_function, $fetcher);
    if ($rp_url_after_redirects != $relying_party_url) {
        // Verification caused a redirect
        return false;
    }
    call_user_func_array($discover_function,
                         array($relying_party_url, &$fetcher));
    $return_to_urls = array();
    $matching_endpoints = Auth_OpenID_extractReturnURL($endpoints);
    foreach ($matching_endpoints as $e) {
        $return_to_urls[] = $e->server_url;
    }

Here is the call graph for this function:

Auth_OpenID_returnToMatches	(	$allowed_return_to_urls,
		$return_to
	)

Definition at line 368 of file TrustRoot.php.

References Auth_OpenID_TrustRoot\_parse(), and Auth_OpenID_TrustRoot\match().

Referenced by Auth_OpenID_verifyReturnTo().

{
    foreach ($allowed_return_to_urls as $allowed_return_to) {
        // A return_to pattern works the same as a realm, except that
        // it's not allowed to use a wildcard. We'll model this by
        // parsing it as a realm, and not trying to match it if it has
        // a wildcard.
        $return_realm = Auth_OpenID_TrustRoot::_parse($allowed_return_to);
        if (// Parses as a trust root
            ($return_realm !== false) &&
            // Does not have a wildcard
            (!$return_realm['wildcard']) &&
            // Matches the return_to that we passed in with it
            (Auth_OpenID_TrustRoot::match($allowed_return_to, $return_to))) {
            return true;
        }
    }
    // No URL in the list matched

Here is the call graph for this function:

Here is the caller graph for this function:

Auth_OpenID_verifyReturnTo	(	$realm_str,
		$return_to,
		$fetcher,
		$_vrfy = `'Auth_OpenID_getAllowedReturnURLs'`
	)

Definition at line 436 of file TrustRoot.php.

References Auth_OpenID_returnToMatches(), and Auth_OpenID_TrustRoot\buildDiscoveryURL().

{
    $disco_url = Auth_OpenID_TrustRoot::buildDiscoveryURL($realm_str);
    if ($disco_url === false) {
        return false;
    }
    $allowable_urls = call_user_func_array($_vrfy,
                           array($disco_url, $fetcher));
    // The realm_str could not be parsed.
    if ($allowable_urls === false) {
        return false;
    }
    if (Auth_OpenID_returnToMatches($allowable_urls, $return_to)) {
        return true;
    } else {
        return false;

Here is the call graph for this function:

filter_extractReturnURL ( $endpoint )

Definition at line 342 of file TrustRoot.php.

References Auth_OpenID_RP_RETURN_TO_URL_TYPE.

{
    if ($endpoint->matchTypes(array(Auth_OpenID_RP_RETURN_TO_URL_TYPE))) {
        return $endpoint;
    } else {
        return null;

Variable Documentation

const Auth_OpenID___HostSegmentRe = "/^(?:[-a-zA-Z0-9!$&'\$\$\\*+,;=._~]|%[a-zA-Z0-9]{2})*$/"

Definition at line 42 of file TrustRoot.php.

const Auth_OpenID___TLDs = '/\.(ac|ad|ae|aero|af|ag|ai|al|am|an|ao|aq|ar|arpa|as|asia' . '|at|au|aw|ax|az|ba|bb|bd|be|bf|bg|bh|bi|biz|bj|bm|bn|bo|br' . '|bs|bt|bv|bw|by|bz|ca|cat|cc|cd|cf|cg|ch|ci|ck|cl|cm|cn|co' . '|com|coop|cr|cu|cv|cx|cy|cz|de|dj|dk|dm|do|dz|ec|edu|ee|eg' . '|er|es|et|eu|fi|fj|fk|fm|fo|fr|ga|gb|gd|ge|gf|gg|gh|gi|gl' . '|gm|gn|gov|gp|gq|gr|gs|gt|gu|gw|gy|hk|hm|hn|hr|ht|hu|id|ie' . '|il|im|in|info|int|io|iq|ir|is|it|je|jm|jo|jobs|jp|ke|kg|kh' . '|ki|km|kn|kp|kr|kw|ky|kz|la|lb|lc|li|lk|lr|ls|lt|lu|lv|ly' . '|ma|mc|md|me|mg|mh|mil|mk|ml|mm|mn|mo|mobi|mp|mq|mr|ms|mt' . '|mu|museum|mv|mw|mx|my|mz|na|name|nc|ne|net|nf|ng|ni|nl|no' . '|np|nr|nu|nz|om|org|pa|pe|pf|pg|ph|pk|pl|pm|pn|pr|pro|ps|pt' . '|pw|py|qa|re|ro|rs|ru|rw|sa|sb|sc|sd|se|sg|sh|si|sj|sk|sl' . '|sm|sn|so|sr|st|su|sv|sy|sz|tc|td|tel|tf|tg|th|tj|tk|tl|tm' . '|tn|to|tp|tr|travel|tt|tv|tw|tz|ua|ug|uk|us|uy|uz|va|vc|ve' . '|vg|vi|vn|vu|wf|ws|xn--0zwm56d|xn--11b5bs3a9aj6g' . '|xn--80akhbyknj4f|xn--9t4b11yi5a|xn--deba0ad|xn--g6w251d' . '|xn--hgbk6aj7f53bba|xn--hlcj6aya9esc7a|xn--jxalpdlp' . '|xn--kgbechtv|xn--zckzah|ye|yt|yu|za|zm|zw)\.?$/'

A regular expression that matches a domain ending in a top-level domains.

Used in checking trust roots for sanity.

private

Definition at line 23 of file TrustRoot.php.

Data Structures

Namespaces

Functions

Variables

Function Documentation

Variable Documentation