Nonce.php File Reference

Go to the source code of this file.

Namespaces
namespace	OpenID
	This module contains code for dealing with associations between consumers and servers.

Functions
	Auth_OpenID_splitNonce ($nonce_string)
	Auth_OpenID_checkTimestamp ($nonce_string, $allowed_skew=null, $now=null)
	Auth_OpenID_mkNonce ($when=null)

Variables
const	Auth_OpenID_Nonce_CHRS = "abcdefghijklmnopqrstuvwxyz" . "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
	Need CryptUtil to generate random strings.
global	$Auth_OpenID_SKEW = 60 * 60 * 5
const	Auth_OpenID_Nonce_REGEX = '/(\d{4})-(\d\d)-(\d\d)T(\d\d):(\d\d):(\d\d)Z(.*)/'
const	Auth_OpenID_Nonce_TIME_FMT = '%Y-%m-%dT%H:%M:%SZ'

Function Documentation

Auth_OpenID_checkTimestamp	(		$nonce_string,
			$allowed_skew = null,
			$now = null
	)

Definition at line 57 of file Nonce.php.

Referenced by Auth_OpenID_FileStore\clean().

{
    // Is the timestamp that is part of the specified nonce string
    // within the allowed clock-skew of the current time?
    global $Auth_OpenID_SKEW;

    if ($allowed_skew === null) {
        $allowed_skew = $Auth_OpenID_SKEW;
    }

    $parts = Auth_OpenID_splitNonce($nonce_string);
    if ($parts == null) {
        return false;
    }

    if ($now === null) {
        $now = time();
    }

    $stamp = $parts[0];

    // Time after which we should not use the nonce
    $past = $now - $allowed_skew;

    // Time that is too far in the future for us to allow
    $future = $now + $allowed_skew;

    // the stamp is not too far in the future and is not too far
    // in the past

Here is the caller graph for this function:

Auth_OpenID_mkNonce

(

$when = null

)

Definition at line 91 of file Nonce.php.

Referenced by Auth_OpenID_CheckIDRequest\answer(), and Auth_OpenID_GenericConsumer\begin().

{
    // Generate a nonce with the current timestamp
    $salt = Auth_OpenID_CryptUtil::randomString(
        6, Auth_OpenID_Nonce_CHRS);
    if ($when === null) {
        // It's safe to call time() with no arguments; it returns a
        // GMT unix timestamp on PHP 4 and PHP 5.  gmmktime() with no
        // args returns a local unix timestamp on PHP 4, so don't use
        // that.
        $when = time();
    }
    $time_str = gmstrftime(Auth_OpenID_Nonce_TIME_FMT, $when);

Here is the caller graph for this function:

Auth_OpenID_splitNonce

(

$nonce_string

)

Definition at line 30 of file Nonce.php.

Referenced by Auth_OpenID_GenericConsumer\_idResCheckNonce().

                   :%M:%SZ');

function Auth_OpenID_splitNonce($nonce_string)
{
    // Extract a timestamp from the given nonce string
    $result = preg_match(Auth_OpenID_Nonce_REGEX, $nonce_string, $matches);
    if ($result != 1 || count($matches) != 8) {
        return null;
    }

    list($unused,
         $tm_year,
         $tm_mon,
         $tm_mday,
         $tm_hour,
         $tm_min,
         $tm_sec,
         $uniquifier) = $matches;

    $timestamp =
        @gmmktime($tm_hour, $tm_min, $tm_sec, $tm_mon, $tm_mday, $tm_year);

    if ($timestamp === false || $timestamp < 0) {
        return null;
    }

Here is the caller graph for this function:

Variable Documentation

$Auth_OpenID_SKEW = 60 * 60 * 5

Definition at line 23 of file Nonce.php.

Referenced by Auth_OpenID_FileStore\cleanupNonces(), Auth_OpenID_MDB2Store\cleanupNonces(), Auth_OpenID_SQLStore\cleanupNonces(), Auth_OpenID_MemcachedStore\useNonce(), Auth_OpenID_FileStore\useNonce(), Auth_OpenID_MDB2Store\useNonce(), and Auth_OpenID_SQLStore\useNonce().

const Auth_OpenID_Nonce_CHRS = "abcdefghijklmnopqrstuvwxyz" . "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"

Need CryptUtil to generate random strings.

This is the characters that the nonces are made from.

Definition at line 17 of file Nonce.php.

const Auth_OpenID_Nonce_REGEX = '/(\d{4})-(\d\d)-(\d\d)T(\d\d):(\d\d):(\d\d)Z(.*)/'

Definition at line 26 of file Nonce.php.

const Auth_OpenID_Nonce_TIME_FMT = '%Y-%m-%dT%H:%M:%SZ'

Definition at line 28 of file Nonce.php.