11require_once
"Auth/OpenID/Extension.php";
13define(
'Auth_OpenID_PAPE_NS_URI',
14 "http://specs.openid.net/extensions/pape/1.0");
16define(
'PAPE_AUTH_MULTI_FACTOR_PHYSICAL',
17 'http://schemas.openid.net/pape/policies/2007/06/multi-factor-physical');
18define(
'PAPE_AUTH_MULTI_FACTOR',
19 'http://schemas.openid.net/pape/policies/2007/06/multi-factor');
20define(
'PAPE_AUTH_PHISHING_RESISTANT',
21 'http://schemas.openid.net/pape/policies/2007/06/phishing-resistant');
23define(
'PAPE_TIME_VALIDATOR',
24 '/^[0-9]{4,4}-[0-9][0-9]-[0-9][0-9]T[0-9][0-9]:[0-9][0-9]:[0-9][0-9]Z$/');
43 if ($preferred_auth_policies ===
null) {
44 $preferred_auth_policies = array();
47 $this->preferred_auth_policies = $preferred_auth_policies;
48 $this->max_auth_age = $max_auth_age;
62 if (!in_array($policy_uri, $this->preferred_auth_policies)) {
63 $this->preferred_auth_policies[] = $policy_uri;
70 'preferred_auth_policies' =>
71 implode(
' ', $this->preferred_auth_policies)
74 if ($this->max_auth_age !==
null) {
75 $ns_args[
'max_auth_age'] = strval($this->max_auth_age);
90 if ($args ===
null || $args === array()) {
94 $obj->parseExtensionArgs($args);
108 $this->preferred_auth_policies = array();
112 foreach (explode(
' ', $policies_str) as $uri) {
113 if (!in_array($uri, $this->preferred_auth_policies)) {
114 $this->preferred_auth_policies[] = $uri;
121 if ($max_auth_age_str) {
124 $this->max_auth_age =
null;
146 foreach ($supported_types as $st) {
147 if (in_array($st, $this->preferred_auth_policies)) {
165 $nist_auth_level=
null)
167 if ($auth_policies) {
168 $this->auth_policies = $auth_policies;
170 $this->auth_policies = array();
173 $this->auth_time = $auth_time;
174 $this->nist_auth_level = $nist_auth_level;
189 if (!in_array($policy_uri, $this->auth_policies)) {
190 $this->auth_policies[] = $policy_uri;
211 if ($args ===
null || $args === array()) {
215 $result = $obj->parseExtensionArgs($args);
240 if ($policies_str && $policies_str !=
"none") {
241 $this->auth_policies = explode(
" ", $policies_str);
245 if ($nist_level_str !==
null) {
248 if ($nist_level ===
false) {
256 if (0 <= $nist_level && $nist_level < 5) {
257 $this->nist_auth_level = $nist_level;
258 }
else if ($strict) {
264 if ($auth_time !==
null) {
266 $this->auth_time = $auth_time;
267 }
else if ($strict) {
276 if (count($this->auth_policies) > 0) {
277 $ns_args[
'auth_policies'] = implode(
' ', $this->auth_policies);
279 $ns_args[
'auth_policies'] =
'none';
282 if ($this->nist_auth_level !==
null) {
283 if (!in_array($this->nist_auth_level, range(0, 4),
true)) {
286 $ns_args[
'nist_auth_level'] = strval($this->nist_auth_level);
289 if ($this->auth_time !==
null) {
294 $ns_args[
'auth_time'] = $this->auth_time;
const PAPE_TIME_VALIDATOR
const Auth_OpenID_PAPE_NS_URI
An implementation of the OpenID Provider Authentication Policy Extension 1.0.
A Provider Authentication Policy request, sent from a relying party to a provider.
parseExtensionArgs($args)
Set the state of this request to be that expressed in these PAPE arguments.
getExtensionArgs()
Get the string arguments that should be added to an OpenID message for this extension.
addPolicyURI($policy_uri)
Add an acceptable authentication policy URI to this request.
preferredTypes($supported_types)
Given a list of authentication policy URIs that a provider supports, this method returns the subseque...
static fromOpenIDRequest($request)
Instantiate a Request object from the arguments in a checkid_* OpenID message.
Auth_OpenID_PAPE_Request($preferred_auth_policies=null, $max_auth_age=null)
A Provider Authentication Policy response, sent from a provider to a relying party.
parseExtensionArgs($args, $strict=false)
Parse the provider authentication policy arguments into the internal state of this object.
Auth_OpenID_PAPE_Response($auth_policies=null, $auth_time=null, $nist_auth_level=null)
static fromSuccessResponse($success_response)
Create an Auth_OpenID_PAPE_Response object from a successful OpenID library response.
addPolicyURI($policy_uri)
Add a authentication policy to this response.
getExtensionArgs()
Get the string arguments that should be added to an OpenID message for this extension.
static arrayGet($arr, $key, $fallback=null)
Convenience function for getting array values.
static intval($value)
Replacement (wrapper) for PHP's intval() because it's broken.