ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
Auth_OpenID_Consumer Class Reference
+ Collaboration diagram for Auth_OpenID_Consumer:

Public Member Functions

 Auth_OpenID_Consumer ($store, $session=null, $consumer_cls=null)
 Initialize a Consumer instance. More...
 
 getDiscoveryObject ($session, $openid_url, $session_key_prefix)
 Used in testing to define the discovery mechanism. More...
 
 begin ($user_url, $anonymous=false)
 Start the OpenID authentication process. More...
 
 beginWithoutDiscovery ($endpoint, $anonymous=false)
 Start OpenID verification without doing OpenID server discovery. More...
 
 complete ($current_url, $query=null)
 Called to interpret the server's response to an OpenID request. More...
 

Data Fields

 $discoverMethod = 'Auth_OpenID_discover'
 @access private More...
 
 $session_key_prefix = "_openid_consumer_"
 @access private More...
 
 $_token_suffix = "last_token"
 @access private More...
 

Detailed Description

Definition at line 215 of file Consumer.php.

Member Function Documentation

◆ Auth_OpenID_Consumer()

Auth_OpenID_Consumer::Auth_OpenID_Consumer (   $store,
  $session = null,
  $consumer_cls = null 
)

Initialize a Consumer instance.

You should create a new instance of the Consumer object with every HTTP request that handles OpenID transactions.

Parameters
Auth_OpenID_OpenIDStore$storeThis must be an object that implements the interface in Auth_OpenID_OpenIDStore. Several concrete implementations are provided, to cover most common use cases. For stores backed by MySQL, PostgreSQL, or SQLite, see the Auth_OpenID_SQLStore class and its sublcasses. For a filesystem-backed store, see the Auth_OpenID_FileStore module. As a last resort, if it isn't possible for the server to store state at all, an instance of Auth_OpenID_DumbStore can be used.
mixed$sessionAn object which implements the interface of the Auth_Yadis_PHPSession class. Particularly, this object is expected to have these methods: get($key), set($key), $value), and del($key). This defaults to a session object which wraps PHP's native session machinery. You should only need to pass something here if you have your own sessioning implementation.
str$consumer_clsThe name of the class to instantiate when creating the internal consumer object. This is used for testing.

Definition at line 261 of file Consumer.php.

263 {
264 if ($session === null) {
265 $session = new Auth_Yadis_PHPSession();
266 }
267
268 $this->session = $session;
269
270 if ($consumer_cls !== null) {
271 $this->consumer = new $consumer_cls($store);
272 } else {
273 $this->consumer = new Auth_OpenID_GenericConsumer($store);
274 }
275
276 $this->_token_key = $this->session_key_prefix . $this->_token_suffix;
277 }
$_token_suffix
@access private
Definition: Consumer.php:230

References $_token_suffix.

◆ begin()

Auth_OpenID_Consumer::begin (   $user_url,
  $anonymous = false 
)

Start the OpenID authentication process.

See steps 1-2 in the overview at the top of this file.

Parameters
string$user_urlIdentity URL given by the user. This method performs a textual transformation of the URL to try and make sure it is normalized. For example, a user_url of example.com will be normalized to http://example.com/ normalizing and resolving any redirects the server might issue.
bool$anonymousTrue if the OpenID request is to be sent to the server without any identifier information. Use this when you want to transport data but don't want to do OpenID authentication with identifiers.
Returns
Auth_OpenID_AuthRequest $auth_request An object containing the discovered information will be returned, with a method for building a redirect URL to the server, as described in step 3 of the overview. This object may also be used to add extension arguments to the request, using its 'addExtensionArg' method.

Definition at line 313 of file Consumer.php.

314 {
315 $openid_url = $user_url;
316
317 $disco = $this->getDiscoveryObject($this->session,
318 $openid_url,
319 $this->session_key_prefix);
320
321 // Set the 'stale' attribute of the manager. If discovery
322 // fails in a fatal way, the stale flag will cause the manager
323 // to be cleaned up next time discovery is attempted.
324
325 $m = $disco->getManager();
327
328 if ($m) {
329 if ($m->stale) {
330 $disco->destroyManager();
331 } else {
332 $m->stale = true;
333 $disco->session->set($disco->session_key,
334 serialize($loader->toSession($m)));
335 }
336 }
337
338 $endpoint = $disco->getNextService($this->discoverMethod,
339 $this->consumer->fetcher);
340
341 // Reset the 'stale' attribute of the manager.
342 $m = $disco->getManager();
343 if ($m) {
344 $m->stale = false;
345 $disco->session->set($disco->session_key,
346 serialize($loader->toSession($m)));
347 }
348
349 if ($endpoint === null) {
350 return null;
351 } else {
352 return $this->beginWithoutDiscovery($endpoint,
353 $anonymous);
354 }
355 }
getDiscoveryObject($session, $openid_url, $session_key_prefix)
Used in testing to define the discovery mechanism.
Definition: Consumer.php:284
beginWithoutDiscovery($endpoint, $anonymous=false)
Start OpenID verification without doing OpenID server discovery.
Definition: Consumer.php:373
$loader

References $loader, beginWithoutDiscovery(), and getDiscoveryObject().

+ Here is the call graph for this function:

◆ beginWithoutDiscovery()

Auth_OpenID_Consumer::beginWithoutDiscovery (   $endpoint,
  $anonymous = false 
)

Start OpenID verification without doing OpenID server discovery.

This method is used internally by Consumer.begin after discovery is performed, and exists to provide an interface for library users needing to perform their own discovery.

Parameters
Auth_OpenID_ServiceEndpoint$endpointan OpenID service endpoint descriptor.
boolanonymous Set to true if you want to perform OpenID without identifiers.
Returns
Auth_OpenID_AuthRequest $auth_request An OpenID authentication request object.

Definition at line 373 of file Consumer.php.

374 {
376 $auth_req = $this->consumer->begin($endpoint);
377 $this->session->set($this->_token_key,
378 $loader->toSession($auth_req->endpoint));
379 if (!$auth_req->setAnonymous($anonymous)) {
380 return new Auth_OpenID_FailureResponse(null,
381 "OpenID 1 requests MUST include the identifier " .
382 "in the request.");
383 }
384 return $auth_req;
385 }

References $loader.

Referenced by begin().

+ Here is the caller graph for this function:

◆ complete()

Auth_OpenID_Consumer::complete (   $current_url,
  $query = null 
)

Called to interpret the server's response to an OpenID request.

It is called in step 4 of the flow described in the consumer overview.

Parameters
string$current_urlThe URL used to invoke the application. Extract the URL from your application's web request framework and specify it here to have it checked against the openid.current_url value in the response. If the current_url URL check fails, the status of the completion will be FAILURE.
array$queryAn array of the query parameters (key => value pairs) for this HTTP request. Defaults to null. If null, the GET or POST data are automatically gotten from the PHP environment. It is only useful to override $query for testing.
Returns
Auth_OpenID_ConsumerResponse $response A instance of an Auth_OpenID_ConsumerResponse subclass. The type of response is indicated by the status attribute, which will be one of SUCCESS, CANCEL, FAILURE, or SETUP_NEEDED.

Definition at line 410 of file Consumer.php.

411 {
412 if ($current_url && !is_string($current_url)) {
413 // This is ugly, but we need to complain loudly when
414 // someone uses the API incorrectly.
415 trigger_error("current_url must be a string; see NEWS file " .
416 "for upgrading notes.",
417 E_USER_ERROR);
418 }
419
420 if ($query === null) {
422 }
423
425 $endpoint_data = $this->session->get($this->_token_key);
426 $endpoint =
427 $loader->fromSession($endpoint_data);
428
430 $response = $this->consumer->complete($message, $endpoint,
431 $current_url);
432 $this->session->del($this->_token_key);
433
434 if (in_array($response->status, array(Auth_OpenID_SUCCESS,
436 if ($response->identity_url !== null) {
437 $disco = $this->getDiscoveryObject($this->session,
438 $response->identity_url,
439 $this->session_key_prefix);
440 $disco->cleanup(true);
441 }
442 }
443
444 return $response;
445 }
const Auth_OpenID_CANCEL
Status to indicate cancellation of OpenID authentication.
Definition: Consumer.php:185
const Auth_OpenID_SUCCESS
Require utility classes and functions for the consumer.
Definition: Consumer.php:180
static fromPostArgs($args)
Definition: Message.php:444
static getQuery($query_str=null)
Gets the query data from the server environment based on the request method used.
Definition: OpenID.php:142

References $loader, $query, Auth_OpenID_CANCEL, Auth_OpenID_SUCCESS, Auth_OpenID_Message\fromPostArgs(), getDiscoveryObject(), and Auth_OpenID\getQuery().

+ Here is the call graph for this function:

◆ getDiscoveryObject()

Auth_OpenID_Consumer::getDiscoveryObject (   $session,
  $openid_url,
  $session_key_prefix 
)

Used in testing to define the discovery mechanism.

@access private

Definition at line 284 of file Consumer.php.

286 {
287 return new Auth_Yadis_Discovery($session, $openid_url,
289 }
$session_key_prefix
@access private
Definition: Consumer.php:225

References $session_key_prefix.

Referenced by begin(), and complete().

+ Here is the caller graph for this function:

Field Documentation

◆ $_token_suffix

Auth_OpenID_Consumer::$_token_suffix = "last_token"

@access private

Definition at line 230 of file Consumer.php.

Referenced by Auth_OpenID_Consumer().

◆ $discoverMethod

Auth_OpenID_Consumer::$discoverMethod = 'Auth_OpenID_discover'

@access private

Definition at line 220 of file Consumer.php.

◆ $session_key_prefix

Auth_OpenID_Consumer::$session_key_prefix = "_openid_consumer_"

@access private

Definition at line 225 of file Consumer.php.

Referenced by getDiscoveryObject().


The documentation for this class was generated from the following file: