Class: OpenID_Assertion

OpenID::attach(): Attaches an observer
OpenID::detach(): Detaches the observer
OpenID::directRequest(): Sends a direct HTTP request.
OpenID::getHTTPRequest2Instance(): Instantiates HTTP_Request2. Abstracted for testing.
OpenID::getLastEvent(): Gets the last event
OpenID::getStore(): Gets the OpenID_Store_Interface instance. If none has been set, then the default store is used (CacheLite).
OpenID::getXRIGlobalSymbols(): Returns an array of the 5 XRI globals symbols
OpenID::normalizeIdentifier(): Normalizes an identifier (URI or XRI)
OpenID::notify(): Notifies all observers of an event
OpenID::resetInternalData(): Resets internal static variables.
OpenID::setLastEvent(): Sets the last event and notifies the observers
OpenID::setStore(): Sets a custom OpenID_Store_Interface object

Class Details

[line 37]
Class for verifying assertions. Does basic validation (nonce, return_to, etc), as well as signature verification and check_authentication.

Author: Bill Shupp <hostmaster@shupp.org>
Copyright: 2009 Bill Shupp
Link: http://github.com/shupp/openid
License: FreeBSD

[ Top ]

Class Variables

$clockSkew = null

[line 58]

The clock skew limit for checking nonces.

Var: (in seconds)
Access: protected

Type:

int

[ Top ]

$message = null

[line 44]

Response message passed to the constructor

Access: protected

Type:

OpenID_Message

[ Top ]

$requestedURL = null

[line 51]

The URL of the current request (to compare with openid.return_to)

Access: protected

Type:

string

[ Top ]

Method Detail

__construct (Constructor) [line 70]

void __construct(
OpenID_Message
$message, Net_URL2
$requestedURL, [int
$clockSkew = null])

Sets the request message, url, and clock skew. Then does some basic validation (return_to, nonce, discover).

Access: public

Parameters:

OpenID_Message	`$message`	—	Message from the request
Net_URL2	`$requestedURL`	—	The requested URL
int	`$clockSkew`	—	Nonce clock skew in seconds

[ Top ]

checkAuthentication [line 112]

OpenID_Message checkAuthentication(
[array
$options = array()])

Performs a check_authentication request.

Return: Reponse to the check_authentication request
Access: public

Parameters:

array $options — Options to pass to HTTP_Request

[ Top ]

getDiscover [line 300]

OpenID_Discover|false getDiscover(
string
$identifier)

Gets an instance of OpenID_Discover. Abstracted for testing.

Access: protected

Parameters:

string $identifier — OpenID Identifier

[ Top ]

validateDiscover [line 182]

void validateDiscover(
)

Validates and performs discovery on the openid.claimed_id paramter.

Throws: OpenID_Assertion_Exception on failure
Access: protected

[ Top ]

validateNonce [line 227]

void validateNonce(
)

Validates the openid.response_nonce parameter.

Throws: OpenID_Assertion_Exception on invalid or existing nonce
Access: protected

[ Top ]

validateReturnTo [line 128]

void validateReturnTo(
)

Validates the openid.return_to parameter in the response.

Throws: OpenID_Assertion_Exception on failure
Access: protected

[ Top ]

validateReturnToNonce [line 248]

void validateReturnToNonce(
)

Validates the nonce embedded in the openid.return_to paramater and deletes it from storage.. (For use with OpenID 1.1 only)

Throws: OpenID_Assertion_Exception on invalid or non-existing nonce
Access: protected

[ Top ]

verifySignature [line 100]

bool verifySignature(
OpenID_Association
$assoc)

Verifies the signature of this message association.

Return: result of OpenID_Association::checkMessageSignature()
See: OpenID_Association::checkMessageSignature()
Access: public

Parameters:

OpenID_Association $assoc — Association to use for checking the signature

[ Top ]