OpenID
[ class tree: OpenID ] [ index: OpenID ] [ all elements ]

Class: OpenID_RelyingParty

Source Location: /OpenID-0.4.0/OpenID/RelyingParty.php

Class Overview

OpenID
   |
   --OpenID_RelyingParty

OpenID_RelyingParty


Author(s):

Copyright:

  • 2009 Bill Shupp

Variables

Methods


Inherited Variables

Inherited Methods

Class: OpenID

OpenID::attach()
Attaches an observer
OpenID::detach()
Detaches the observer
OpenID::directRequest()
Sends a direct HTTP request.
OpenID::getHTTPRequest2Instance()
Instantiates HTTP_Request2. Abstracted for testing.
OpenID::getLastEvent()
Gets the last event
OpenID::getStore()
Gets the OpenID_Store_Interface instance. If none has been set, then the default store is used (CacheLite).
OpenID::getXRIGlobalSymbols()
Returns an array of the 5 XRI globals symbols
OpenID::normalizeIdentifier()
Normalizes an identifier (URI or XRI)
OpenID::notify()
Notifies all observers of an event
OpenID::resetInternalData()
Resets internal static variables.
OpenID::setLastEvent()
Sets the last event and notifies the observers
OpenID::setStore()
Sets a custom OpenID_Store_Interface object

Class Details

[line 112]
OpenID_RelyingParty

OpenID_RelyingParty implements all the steps required to verify a claim in two step interface: prepare and verify.

prepare sets up the request, which includes performing discovery on the identifier, establishing an association with the OpenID Provider (optional), and then building an OpenID_Auth_Request object. With this object, you can optionally add OpenID_Extension(s), and then perform the request.

verify takes a Net_URL2 object as an argument, which represents the URL that the end user was redirected to after communicating with the the OpenID Provider. It processes the URL, and if it was a positive response from the OP, tries to verify that assertion.

Example:

  1.  // First set up some things about your relying party:
  2.  $realm    'http://examplerp.com';
  3.  $returnTo $realm '/relyingparty.php';
  4.  
  5.  // Here is an example user supplied identifier
  6.  $identifier $_POST['identifier'];
  7.  
  8.  // You might want to store it in session for use in verify()
  9.  $_SESSION['identifier'$identifier;
  10.  
  11.  // Fire up the OpenID_RelyingParty object
  12.  $rp = new OpenID_RelyingParty($returnTo$realm$identifier);
  13.  
  14.  // Here's an example of prepare() usage ...
  15.  // First, grab your Auth_Request_Object
  16.  $authRequest $rp->prepare();
  17.  
  18.  // Then, optionally add an extension
  19.   $sreg = new OpenID_Extension_SREG11(OpenID_Extension::REQUEST);
  20.   $sreg->set('required''email');
  21.   $sreg->set('optional''nickname,gender,dob');
  22.  
  23.   // You'll need to add it to OpenID_Auth_Request
  24.   $authRequest->addExtension($sreg);
  25.  // Optionally get association (from cache in this example)
  26.  
  27.  // Optionally make this a checkid_immediate request
  28.  $auth->setMode(OpenID::MODE_CHECKID_IMMEDIATE);
  29.  
  30.  // Send user to the OP
  31.  header('Location: ' $auth->getAuthorizeURL());
  32.  exit;
  33.  
  34.  
  35.  
  36.  
  37.  // Now, when they come back, you'll want to verify the claim ...
  38.  
  39.  // Assuming your $realm is the host which they came in to, build a Net_URL2
  40.  // object from this request:
  41.  $request = new Net_URL2($realm $_SERVER['REQUEST_URI']);
  42.  
  43.  if (!count($_POST)) {
  44.      list($queryStringexplode('?'$_SERVER['REQUEST_URI']);
  45.  else {
  46.      $queryString file_get_contents('php://input');
  47.  }
  48.  $message = new \OpenID_Message($queryString\OpenID_Message::FORMAT_HTTP);
  49.  
  50.  // Now verify:
  51.  $result $rp->verify($request$message);
  52.  if ($result->success()) {
  53.      echo "success! :)";
  54.  else {
  55.      echo "failure :(";
  56.  }



[ Top ]


Class Variables

$clockSkew =  null

[line 164]

How far off of the current time to allow for nonce checking

Type:   int


[ Top ]

$normalizedID =  null

[line 121]

The user supplied identifier, normalized

Type:   string


[ Top ]

$realm =  null

[line 137]

The URI used for the openid.realm paramater

Type:   string


[ Top ]

$requestOptions = array(
        'follow_redirects' => true,
        'timeout'          => 3,
        'connect_timeout'  => 3
    )

[line 144]

HTTP_Request2 options
  • Access: protected

Type:   array


[ Top ]

$returnTo =  null

[line 129]

The URI used for the openid.return_to parameter

Type:   string


[ Top ]

$useAssociations =  true

[line 156]

Whether or not to use associations

Type:   mixed


[ Top ]



Method Detail

__construct (Constructor)   [line 178]

OpenID_RelyingParty __construct( mixed $returnTo, mixed $realm, [mixed $identifier = null])

Sets the identifier, returnTo, and realm to be used for messages. The identifier is normalized before being set.
  • See: OpenID::normalizeIdentifier
  • Throws: OpenID_Exception When the identifier is invalid
  • Access: public

Parameters:

mixed   $returnTo   —  The openid.return_to parameter value
mixed   $realm   —  The openid.realm parameter value
mixed   $identifier   —  The user supplied identifier, defaults to null

[ Top ]

disableAssociations   [line 202]

void disableAssociations( )

Disables the use if associations
  • Access: public

[ Top ]

enableAssociations   [line 192]

void enableAssociations( )

Enables the use of associations (default)
  • Access: public

[ Top ]

getAssertionObject   [line 455]

OpenID_Assertion getAssertionObject( OpenID_Message $message, Net_URL2 $requestedURL)

Gets an instance of OpenID_Assertion. Abstracted for testing purposes.

Parameters:

OpenID_Message   $message   —  The message passed to verify()
Net_URL2   $requestedURL   —  The URL requested (redirect from OP)

[ Top ]

getAssociation   [line 411]

OpenID_Association getAssociation( string $opEndpointURL, string $version)

Gets an association from cache if it exists, otherwise, creates one.
  • Return: on success, false on failure
  • Access: protected

Parameters:

string   $opEndpointURL   —  The OP Endpoint URL to communicate with
string   $version   —  The version of OpenID being used

[ Top ]

getAssociationRequestObject   [line 441]

OpenID_Association_Request getAssociationRequestObject( string $opEndpointURL, string $version)

Gets a new OpenID_Association_Request object. Abstracted for testing.

Parameters:

string   $opEndpointURL   —  The OP endpoint URL to communicate with
string   $version   —  The OpenID version being used

[ Top ]

getDiscover   [line 386]

OpenID_Discover getDiscover( )

Gets discovered information from cache if it exists, otherwise performs discovery.

[ Top ]

getRequestOptions   [line 467]

array getRequestOptions( )

Return the HTTP_Request2 options
  • Return: Array of HTTP_Request2 options
  • Access: public

[ Top ]

prepare   [line 247]

OpenID_Auth_Request prepare( )

Prepares an OpenID_Auth_Request and returns it. This process includes performing discovery and optionally creating an association before preparing the OpenID_Auth_Request object.
  • Throws: OpenID_Exception if no identifier was passed to the constructor
  • Access: public

[ Top ]

setClockSkew   [line 215]

void setClockSkew( int $skew)

Sets the clock skew for nonce checking
  • Throws: OpenID_Exception if $skew is not numeric
  • Access: public

Parameters:

int   $skew   —  Skew (or timeout) in seconds

[ Top ]

setRequestOptions   [line 233]

OpenID_RelyingParty setRequestOptions( array $options)

Sets the HTTP_Request2 options to use
  • Return: for fluent interface
  • Access: public

Parameters:

array   $options   —  Array of HTTP_Request2 options

[ Top ]

verify   [line 293]

OpenID_Assertion_Response verify( Net_URL2 $requestedURL, OpenID_Message $message)

Verifies an assertion response from the OP. If the openid.mode is error, an exception is thrown.
  • Throws: OpenID_Exception on error or invalid openid.mode
  • Access: public

Parameters:

Net_URL2   $requestedURL   —  The requested URL (that the user was directed to by the OP) as a Net_URL2 object
OpenID_Message   $message   —  The OpenID_Message instance, as extractd from the input (GET or POST)

[ Top ]


Documentation generated on Mon, 11 Mar 2019 15:57:49 -0400 by phpDocumentor 1.4.4. PEAR Logo Copyright © PHP Group 2004.