ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
Auth_OpenID_Signatory Class Reference
+ Collaboration diagram for Auth_OpenID_Signatory:

Public Member Functions

 Auth_OpenID_Signatory ($store)
 Create a new signatory using a given store. More...
 
 verify ($assoc_handle, $message)
 Verify, using a given association handle, a signature with signed key-value pairs from an HTTP request. More...
 
 sign ($response)
 Given a response, sign the fields in the response's 'signed' list, and insert the signature into the response. More...
 
 createAssociation ($dumb=true, $assoc_type='HMAC-SHA1')
 Make a new association. More...
 
 getAssociation ($assoc_handle, $dumb, $check_expiration=true)
 Given an association handle, get the association from the store, or return a ServerError or null if something goes wrong. More...
 
 invalidate ($assoc_handle, $dumb)
 Invalidate a given association handle. More...
 

Data Fields

 $SECRET_LIFETIME = 1209600
 
 $normal_key = 'http://localhost/|normal'
 
 $dumb_key = 'http://localhost/|dumb'
 

Detailed Description

Definition at line 1299 of file Server.php.

Member Function Documentation

◆ Auth_OpenID_Signatory()

Auth_OpenID_Signatory::Auth_OpenID_Signatory (   $store)

Create a new signatory using a given store.

Definition at line 1314 of file Server.php.

1315 {
1316 // assert store is not None
1317 $this->store = $store;
1318 }

◆ createAssociation()

Auth_OpenID_Signatory::createAssociation (   $dumb = true,
  $assoc_type = 'HMAC-SHA1' 
)

Make a new association.

Definition at line 1373 of file Server.php.

1374 {
1376 Auth_OpenID_getSecretSize($assoc_type));
1377
1378 $uniq = base64_encode(Auth_OpenID_CryptUtil::getBytes(4));
1379 $handle = sprintf('{%s}{%x}{%s}', $assoc_type, intval(time()), $uniq);
1380
1382 $this->SECRET_LIFETIME, $handle, $secret, $assoc_type);
1383
1384 if ($dumb) {
1385 $key = $this->dumb_key;
1386 } else {
1387 $key = $this->normal_key;
1388 }
1389
1390 $this->store->storeAssociation($key, $assoc);
1391 return $assoc;
1392 }
Auth_OpenID_getSecretSize($assoc_type)
static fromExpiresIn($expires_in, $handle, $secret, $assoc_type)
This is an alternate constructor (factory method) used by the OpenID consumer library to create assoc...
Definition: Association.php:97
static getBytes($num_bytes)
Get the specified number of random bytes.
Definition: CryptUtil.php:40

References $dumb_key, $normal_key, Auth_OpenID_getSecretSize(), Auth_OpenID_Association\fromExpiresIn(), and Auth_OpenID_CryptUtil\getBytes().

Referenced by sign().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getAssociation()

Auth_OpenID_Signatory::getAssociation (   $assoc_handle,
  $dumb,
  $check_expiration = true 
)

Given an association handle, get the association from the store, or return a ServerError or null if something goes wrong.

Definition at line 1398 of file Server.php.

1399 {
1400 if ($assoc_handle === null) {
1401 return new Auth_OpenID_ServerError(null,
1402 "assoc_handle must not be null");
1403 }
1404
1405 if ($dumb) {
1406 $key = $this->dumb_key;
1407 } else {
1408 $key = $this->normal_key;
1409 }
1410
1411 $assoc = $this->store->getAssociation($key, $assoc_handle);
1412
1413 if (($assoc !== null) && ($assoc->getExpiresIn() <= 0)) {
1414 if ($check_expiration) {
1415 $this->store->removeAssociation($key, $assoc_handle);
1416 $assoc = null;
1417 }
1418 }
1419
1420 return $assoc;
1421 }

References $dumb_key, and $normal_key.

Referenced by sign(), and verify().

+ Here is the caller graph for this function:

◆ invalidate()

Auth_OpenID_Signatory::invalidate (   $assoc_handle,
  $dumb 
)

Invalidate a given association handle.

Definition at line 1426 of file Server.php.

1427 {
1428 if ($dumb) {
1429 $key = $this->dumb_key;
1430 } else {
1431 $key = $this->normal_key;
1432 }
1433 $this->store->removeAssociation($key, $assoc_handle);
1434 }

References $dumb_key, and $normal_key.

Referenced by sign().

+ Here is the caller graph for this function:

◆ sign()

Auth_OpenID_Signatory::sign (   $response)

Given a response, sign the fields in the response's 'signed' list, and insert the signature into the response.

Definition at line 1340 of file Server.php.

1341 {
1342 $signed_response = $response;
1343 $assoc_handle = $response->request->assoc_handle;
1344
1345 if ($assoc_handle) {
1346 // normal mode
1347 $assoc = $this->getAssociation($assoc_handle, false, false);
1348 if (!$assoc || ($assoc->getExpiresIn() <= 0)) {
1349 // fall back to dumb mode
1350 $signed_response->fields->setArg(Auth_OpenID_OPENID_NS,
1351 'invalidate_handle', $assoc_handle);
1352 $assoc_type = ($assoc ? $assoc->assoc_type : 'HMAC-SHA1');
1353
1354 if ($assoc && ($assoc->getExpiresIn() <= 0)) {
1355 $this->invalidate($assoc_handle, false);
1356 }
1357
1358 $assoc = $this->createAssociation(true, $assoc_type);
1359 }
1360 } else {
1361 // dumb mode.
1362 $assoc = $this->createAssociation(true);
1363 }
1364
1365 $signed_response->fields = $assoc->signMessage(
1366 $signed_response->fields);
1367 return $signed_response;
1368 }
const Auth_OpenID_OPENID_NS
Definition: Message.php:42
getAssociation($assoc_handle, $dumb, $check_expiration=true)
Given an association handle, get the association from the store, or return a ServerError or null if s...
Definition: Server.php:1398
invalidate($assoc_handle, $dumb)
Invalidate a given association handle.
Definition: Server.php:1426
createAssociation($dumb=true, $assoc_type='HMAC-SHA1')
Make a new association.
Definition: Server.php:1373

References Auth_OpenID_OPENID_NS, createAssociation(), getAssociation(), and invalidate().

+ Here is the call graph for this function:

◆ verify()

Auth_OpenID_Signatory::verify (   $assoc_handle,
  $message 
)

Verify, using a given association handle, a signature with signed key-value pairs from an HTTP request.

Definition at line 1324 of file Server.php.

1325 {
1326 $assoc = $this->getAssociation($assoc_handle, true);
1327 if (!$assoc) {
1328 // oidutil.log("failed to get assoc with handle %r to verify sig %r"
1329 // % (assoc_handle, sig))
1330 return false;
1331 }
1332
1333 return $assoc->checkMessageSignature($message);
1334 }

References getAssociation().

+ Here is the call graph for this function:

Field Documentation

◆ $dumb_key

Auth_OpenID_Signatory::$dumb_key = 'http://localhost/|dumb'

Definition at line 1309 of file Server.php.

Referenced by createAssociation(), getAssociation(), and invalidate().

◆ $normal_key

Auth_OpenID_Signatory::$normal_key = 'http://localhost/|normal'

Definition at line 1308 of file Server.php.

Referenced by createAssociation(), getAssociation(), and invalidate().

◆ $SECRET_LIFETIME

Auth_OpenID_Signatory::$SECRET_LIFETIME = 1209600

Definition at line 1302 of file Server.php.


The documentation for this class was generated from the following file: