Auth_OpenID_Consumer Class Reference

Collaboration diagram for Auth_OpenID_Consumer:

Public Member Functions
	Auth_OpenID_Consumer ($store, $session=null, $consumer_cls=null)
	Initialize a Consumer instance. More...
	getDiscoveryObject ($session, $openid_url, $session_key_prefix)
	Used in testing to define the discovery mechanism. More...
	begin ($user_url, $anonymous=false)
	Start the OpenID authentication process. More...
	beginWithoutDiscovery ($endpoint, $anonymous=false)
	Start OpenID verification without doing OpenID server discovery. More...
	complete ($current_url, $query=null)
	Called to interpret the server's response to an OpenID request. More...

Data Fields
	$discoverMethod = 'Auth_OpenID_discover'
	private More...
	$session_key_prefix = "_openid_consumer_"
	private More...
	$_token_suffix = "last_token"
	private More...

Detailed Description

Definition at line 215 of file Consumer.php.

Member Function Documentation

Auth_OpenID_Consumer()

Auth_OpenID_Consumer::Auth_OpenID_Consumer	(		$store,
			$session = null,
			$consumer_cls = null
	)

Initialize a Consumer instance.

You should create a new instance of the Consumer object with every HTTP request that handles OpenID transactions.

Parameters

Auth_OpenID_OpenIDStore	$store	This must be an object that implements the interface in Auth_OpenID_OpenIDStore. Several concrete implementations are provided, to cover most common use cases. For stores backed by MySQL, PostgreSQL, or SQLite, see the Auth_OpenID_SQLStore class and its sublcasses. For a filesystem-backed store, see the Auth_OpenID_FileStore module. As a last resort, if it isn't possible for the server to store state at all, an instance of Auth_OpenID_DumbStore can be used.
mixed	$session	An object which implements the interface of the Auth_Yadis_PHPSession class. Particularly, this object is expected to have these methods: get($key), set($key), $value), and del($key). This defaults to a session object which wraps PHP's native session machinery. You should only need to pass something here if you have your own sessioning implementation.
str	$consumer_cls	The name of the class to instantiate when creating the internal consumer object. This is used for testing.

Definition at line 261 of file Consumer.php.

References $_token_suffix.

    {
        if ($session === null) {
            $session = new Auth_Yadis_PHPSession();
        }

        $this->session = $session;

        if ($consumer_cls !== null) {
            $this->consumer = new $consumer_cls($store);
        } else {
            $this->consumer = new Auth_OpenID_GenericConsumer($store);
        }

        $this->_token_key = $this->session_key_prefix . $this->_token_suffix;
    }

begin()

Auth_OpenID_Consumer::begin	(		$user_url,
			$anonymous = false
	)

Start the OpenID authentication process.

See steps 1-2 in the overview at the top of this file.

Parameters

string	$user_url	Identity URL given by the user. This method performs a textual transformation of the URL to try and make sure it is normalized. For example, a user_url of example.com will be normalized to http://example.com/ normalizing and resolving any redirects the server might issue.
bool	$anonymous	True if the OpenID request is to be sent to the server without any identifier information. Use this when you want to transport data but don't want to do OpenID authentication with identifiers.

Returns

Auth_OpenID_AuthRequest $auth_request An object containing the discovered information will be returned, with a method for building a redirect URL to the server, as described in step 3 of the overview. This object may also be used to add extension arguments to the request, using its 'addExtensionArg' method.

Definition at line 313 of file Consumer.php.

References $loader, beginWithoutDiscovery(), and getDiscoveryObject().

    {
        $openid_url = $user_url;

        $disco = $this->getDiscoveryObject($this->session,
                                           $openid_url,
                                           $this->session_key_prefix);

        // Set the 'stale' attribute of the manager.  If discovery
        // fails in a fatal way, the stale flag will cause the manager
        // to be cleaned up next time discovery is attempted.

        $m = $disco->getManager();
        $loader = new Auth_Yadis_ManagerLoader();

        if ($m) {
            if ($m->stale) {
                $disco->destroyManager();
            } else {
                $m->stale = true;
                $disco->session->set($disco->session_key,
                                     serialize($loader->toSession($m)));
            }
        }

        $endpoint = $disco->getNextService($this->discoverMethod,
                                           $this->consumer->fetcher);

        // Reset the 'stale' attribute of the manager.
        $m = $disco->getManager();
        if ($m) {
            $m->stale = false;
            $disco->session->set($disco->session_key,
                                 serialize($loader->toSession($m)));
        }

        if ($endpoint === null) {
            return null;
        } else {
            return $this->beginWithoutDiscovery($endpoint,
                                                $anonymous);
        }
    }

Here is the call graph for this function:

beginWithoutDiscovery()

Auth_OpenID_Consumer::beginWithoutDiscovery	(		$endpoint,
			$anonymous = false
	)

Start OpenID verification without doing OpenID server discovery.

This method is used internally by Consumer.begin after discovery is performed, and exists to provide an interface for library users needing to perform their own discovery.

Parameters

Auth_OpenID_ServiceEndpoint	$endpoint	an OpenID service endpoint descriptor.
	bool	anonymous Set to true if you want to perform OpenID without identifiers.

Returns

Auth_OpenID_AuthRequest $auth_request An OpenID authentication request object.

Definition at line 373 of file Consumer.php.

References $loader.

Referenced by begin().

    {
        $loader = new Auth_OpenID_ServiceEndpointLoader();
        $auth_req = $this->consumer->begin($endpoint);
        $this->session->set($this->_token_key,
              $loader->toSession($auth_req->endpoint));
        if (!$auth_req->setAnonymous($anonymous)) {
            return new Auth_OpenID_FailureResponse(null,
              "OpenID 1 requests MUST include the identifier " .
              "in the request.");
        }
        return $auth_req;
    }

Here is the caller graph for this function:

complete()

Auth_OpenID_Consumer::complete	(		$current_url,
			$query = null
	)

Called to interpret the server's response to an OpenID request.

It is called in step 4 of the flow described in the consumer overview.

Parameters

string	$current_url	The URL used to invoke the application. Extract the URL from your application's web request framework and specify it here to have it checked against the openid.current_url value in the response. If the current_url URL check fails, the status of the completion will be FAILURE.
array	$query	An array of the query parameters (key => value pairs) for this HTTP request. Defaults to null. If null, the GET or POST data are automatically gotten from the PHP environment. It is only useful to override $query for testing.

Returns

Auth_OpenID_ConsumerResponse $response A instance of an Auth_OpenID_ConsumerResponse subclass. The type of response is indicated by the status attribute, which will be one of SUCCESS, CANCEL, FAILURE, or SETUP_NEEDED.

Definition at line 410 of file Consumer.php.

References $loader, $query, Auth_OpenID_CANCEL, Auth_OpenID_SUCCESS, Auth_OpenID_Message\fromPostArgs(), getDiscoveryObject(), and Auth_OpenID\getQuery().

    {
        if ($current_url && !is_string($current_url)) {
            // This is ugly, but we need to complain loudly when
            // someone uses the API incorrectly.
            trigger_error("current_url must be a string; see NEWS file " .
                          "for upgrading notes.",
                          E_USER_ERROR);
        }

        if ($query === null) {
            $query = Auth_OpenID::getQuery();
        }

        $loader = new Auth_OpenID_ServiceEndpointLoader();
        $endpoint_data = $this->session->get($this->_token_key);
        $endpoint =
            $loader->fromSession($endpoint_data);

        $message = Auth_OpenID_Message::fromPostArgs($query);
        $response = $this->consumer->complete($message, $endpoint, 
                                              $current_url);
        $this->session->del($this->_token_key);

        if (in_array($response->status, array(Auth_OpenID_SUCCESS,
                                              Auth_OpenID_CANCEL))) {
            if ($response->identity_url !== null) {
                $disco = $this->getDiscoveryObject($this->session,
                                                   $response->identity_url,
                                                   $this->session_key_prefix);
                $disco->cleanup(true);
            }
        }

        return $response;
    }

Here is the call graph for this function:

getDiscoveryObject()

Auth_OpenID_Consumer::getDiscoveryObject	(		$session,
			$openid_url,
			$session_key_prefix
	)

Used in testing to define the discovery mechanism.

private

Definition at line 284 of file Consumer.php.

Referenced by begin(), and complete().

    {
        return new Auth_Yadis_Discovery($session, $openid_url,
                                        $session_key_prefix);
    }

Here is the caller graph for this function:

Field Documentation

$_token_suffix

Auth_OpenID_Consumer::$_token_suffix = "last_token"

private

Definition at line 230 of file Consumer.php.

Referenced by Auth_OpenID_Consumer().

$discoverMethod

Auth_OpenID_Consumer::$discoverMethod = 'Auth_OpenID_discover'

private

Definition at line 220 of file Consumer.php.

$session_key_prefix

Auth_OpenID_Consumer::$session_key_prefix = "_openid_consumer_"

private

Definition at line 225 of file Consumer.php.

---

The documentation for this class was generated from the following file:

• Services/OpenId/lib/Auth/OpenID/Consumer.php