Öffentliche Methoden | |
make (&$message, $identity, $return_to, $trust_root=null, $immediate=false, $assoc_handle=null, $server=null) | |
Auth_OpenID_CheckIDRequest ($identity, $return_to, $trust_root=null, $immediate=false, $assoc_handle=null, $server=null, $claimed_id=null) | |
equals ($other) | |
returnToVerified () | |
fromMessage (&$message, $server) | |
idSelect () | |
trustRootValid () | |
answer ($allow, $server_url=null, $identity=null, $claimed_id=null) | |
encodeToURL ($server_url) | |
getCancelURL () | |
Datenfelder | |
$verifyReturnTo = 'Auth_OpenID_verifyReturnTo' | |
$mode = "checkid_setup" | |
$immediate = false | |
$trust_root = null | |
$namespace |
Definiert in Zeile 709 der Datei Server.php.
answer | ( | $ | allow, | |
$ | server_url = null , |
|||
$ | identity = null , |
|||
$ | claimed_id = null | |||
) |
Respond to this request. Return either an Auth_OpenID_ServerResponse or Auth_OpenID_ServerError.
bool | $allow Allow this user to claim this identity, and allow the consumer to have this information? | |
string | $server_url DEPRECATED. Passing $op_endpoint to the Auth_OpenID_Server constructor makes this optional. |
Optional for requests where $immediate is false or $allow is true.
string | $identity The OP-local identifier to answer with. Only for use when the relying party requested identifier selection. | |
string | $claimed_id The claimed identifier to answer with, for use with identifier selection in the case where the claimed identifier and the OP-local identifier differ, i.e. when the claimed_id uses delegation. |
This parameter is new in OpenID 2.0.
Definiert in Zeile 973 der Datei Server.php.
00975 { 00976 if (!$this->return_to) { 00977 return new Auth_OpenID_NoReturnToError(); 00978 } 00979 00980 if (!$server_url) { 00981 if ((!$this->message->isOpenID1()) && 00982 (!$this->server->op_endpoint)) { 00983 return new Auth_OpenID_ServerError(null, 00984 "server should be constructed with op_endpoint to " . 00985 "respond to OpenID 2.0 messages."); 00986 } 00987 00988 $server_url = $this->server->op_endpoint; 00989 } 00990 00991 if ($allow) { 00992 $mode = 'id_res'; 00993 } else if ($this->message->isOpenID1()) { 00994 if ($this->immediate) { 00995 $mode = 'id_res'; 00996 } else { 00997 $mode = 'cancel'; 00998 } 00999 } else { 01000 if ($this->immediate) { 01001 $mode = 'setup_needed'; 01002 } else { 01003 $mode = 'cancel'; 01004 } 01005 } 01006 01007 if (!$this->trustRootValid()) { 01008 return new Auth_OpenID_UntrustedReturnURL(null, 01009 $this->return_to, 01010 $this->trust_root); 01011 } 01012 01013 $response = new Auth_OpenID_ServerResponse($this); 01014 01015 if ($claimed_id && 01016 ($this->message->isOpenID1())) { 01017 return new Auth_OpenID_ServerError(null, 01018 "claimed_id is new in OpenID 2.0 and not " . 01019 "available for ".$this->namespace); 01020 } 01021 01022 if ($identity && !$claimed_id) { 01023 $claimed_id = $identity; 01024 } 01025 01026 if ($allow) { 01027 01028 if ($this->identity == Auth_OpenID_IDENTIFIER_SELECT) { 01029 if (!$identity) { 01030 return new Auth_OpenID_ServerError(null, 01031 "This request uses IdP-driven identifier selection. " . 01032 "You must supply an identifier in the response."); 01033 } 01034 01035 $response_identity = $identity; 01036 $response_claimed_id = $claimed_id; 01037 01038 } else if ($this->identity) { 01039 if ($identity && 01040 ($this->identity != $identity)) { 01041 $fmt = "Request was for %s, cannot reply with identity %s"; 01042 return new Auth_OpenID_ServerError(null, 01043 sprintf($fmt, $this->identity, $identity)); 01044 } 01045 01046 $response_identity = $this->identity; 01047 $response_claimed_id = $this->claimed_id; 01048 } else { 01049 if ($identity) { 01050 return new Auth_OpenID_ServerError(null, 01051 "This request specified no identity and " . 01052 "you supplied ".$identity); 01053 } 01054 01055 $response_identity = null; 01056 } 01057 01058 if (($this->message->isOpenID1()) && 01059 ($response_identity === null)) { 01060 return new Auth_OpenID_ServerError(null, 01061 "Request was an OpenID 1 request, so response must " . 01062 "include an identifier."); 01063 } 01064 01065 $response->fields->updateArgs(Auth_OpenID_OPENID_NS, 01066 array('mode' => $mode, 01067 'return_to' => $this->return_to, 01068 'response_nonce' => Auth_OpenID_mkNonce())); 01069 01070 if (!$this->message->isOpenID1()) { 01071 $response->fields->setArg(Auth_OpenID_OPENID_NS, 01072 'op_endpoint', $server_url); 01073 } 01074 01075 if ($response_identity !== null) { 01076 $response->fields->setArg( 01077 Auth_OpenID_OPENID_NS, 01078 'identity', 01079 $response_identity); 01080 if ($this->message->isOpenID2()) { 01081 $response->fields->setArg( 01082 Auth_OpenID_OPENID_NS, 01083 'claimed_id', 01084 $response_claimed_id); 01085 } 01086 } 01087 01088 } else { 01089 $response->fields->setArg(Auth_OpenID_OPENID_NS, 01090 'mode', $mode); 01091 01092 if ($this->immediate) { 01093 if (($this->message->isOpenID1()) && 01094 (!$server_url)) { 01095 return new Auth_OpenID_ServerError(null, 01096 'setup_url is required for $allow=false \ 01097 in OpenID 1.x immediate mode.'); 01098 } 01099 01100 $setup_request =& new Auth_OpenID_CheckIDRequest( 01101 $this->identity, 01102 $this->return_to, 01103 $this->trust_root, 01104 false, 01105 $this->assoc_handle, 01106 $this->server, 01107 $this->claimed_id); 01108 $setup_request->message = $this->message; 01109 01110 $setup_url = $setup_request->encodeToURL($server_url); 01111 01112 if ($setup_url === null) { 01113 return new Auth_OpenID_NoReturnToError(); 01114 } 01115 01116 $response->fields->setArg(Auth_OpenID_OPENID_NS, 01117 'user_setup_url', 01118 $setup_url); 01119 } 01120 } 01121 01122 return $response; 01123 }
Auth_OpenID_CheckIDRequest | ( | $ | identity, | |
$ | return_to, | |||
$ | trust_root = null , |
|||
$ | immediate = false , |
|||
$ | assoc_handle = null , |
|||
$ | server = null , |
|||
$ | claimed_id = null | |||
) |
Definiert in Zeile 766 der Datei Server.php.
00770 { 00771 $this->namespace = Auth_OpenID_OPENID2_NS; 00772 $this->assoc_handle = $assoc_handle; 00773 $this->identity = $identity; 00774 if ($claimed_id === null) { 00775 $this->claimed_id = $identity; 00776 } else { 00777 $this->claimed_id = $claimed_id; 00778 } 00779 $this->return_to = $return_to; 00780 $this->trust_root = $trust_root; 00781 $this->server =& $server; 00782 00783 if ($immediate) { 00784 $this->immediate = true; 00785 $this->mode = "checkid_immediate"; 00786 } else { 00787 $this->immediate = false; 00788 $this->mode = "checkid_setup"; 00789 } 00790 }
encodeToURL | ( | $ | server_url | ) |
Definiert in Zeile 1125 der Datei Server.php.
01126 { 01127 if (!$this->return_to) { 01128 return new Auth_OpenID_NoReturnToError(); 01129 } 01130 01131 // Imported from the alternate reality where these classes are 01132 // used in both the client and server code, so Requests are 01133 // Encodable too. That's right, code imported from alternate 01134 // realities all for the love of you, id_res/user_setup_url. 01135 01136 $q = array('mode' => $this->mode, 01137 'identity' => $this->identity, 01138 'claimed_id' => $this->claimed_id, 01139 'return_to' => $this->return_to); 01140 01141 if ($this->trust_root) { 01142 if ($this->message->isOpenID1()) { 01143 $q['trust_root'] = $this->trust_root; 01144 } else { 01145 $q['realm'] = $this->trust_root; 01146 } 01147 } 01148 01149 if ($this->assoc_handle) { 01150 $q['assoc_handle'] = $this->assoc_handle; 01151 } 01152 01153 $response = new Auth_OpenID_Message( 01154 $this->message->getOpenIDNamespace()); 01155 $response->updateArgs(Auth_OpenID_OPENID_NS, $q); 01156 return $response->toURL($server_url); 01157 }
equals | ( | $ | other | ) |
Definiert in Zeile 792 der Datei Server.php.
00793 { 00794 return ( 00795 (is_a($other, 'Auth_OpenID_CheckIDRequest')) && 00796 ($this->namespace == $other->namespace) && 00797 ($this->assoc_handle == $other->assoc_handle) && 00798 ($this->identity == $other->identity) && 00799 ($this->claimed_id == $other->claimed_id) && 00800 ($this->return_to == $other->return_to) && 00801 ($this->trust_root == $other->trust_root)); 00802 }
fromMessage | ( | &$ | message, | |
$ | server | |||
) |
Definiert in Zeile 824 der Datei Server.php.
00825 { 00826 $mode = $message->getArg(Auth_OpenID_OPENID_NS, 'mode'); 00827 $immediate = null; 00828 00829 if ($mode == "checkid_immediate") { 00830 $immediate = true; 00831 $mode = "checkid_immediate"; 00832 } else { 00833 $immediate = false; 00834 $mode = "checkid_setup"; 00835 } 00836 00837 $return_to = $message->getArg(Auth_OpenID_OPENID_NS, 00838 'return_to'); 00839 00840 if (($message->isOpenID1()) && 00841 (!$return_to)) { 00842 $fmt = "Missing required field 'return_to' from checkid request"; 00843 return new Auth_OpenID_ServerError($message, $fmt); 00844 } 00845 00846 $identity = $message->getArg(Auth_OpenID_OPENID_NS, 00847 'identity'); 00848 $claimed_id = $message->getArg(Auth_OpenID_OPENID_NS, 'claimed_id'); 00849 if ($message->isOpenID1()) { 00850 if ($identity === null) { 00851 $s = "OpenID 1 message did not contain openid.identity"; 00852 return new Auth_OpenID_ServerError($message, $s); 00853 } 00854 } else { 00855 if ($identity && !$claimed_id) { 00856 $s = "OpenID 2.0 message contained openid.identity but not " . 00857 "claimed_id"; 00858 return new Auth_OpenID_ServerError($message, $s); 00859 } else if ($claimed_id && !$identity) { 00860 $s = "OpenID 2.0 message contained openid.claimed_id " . 00861 "but not identity"; 00862 return new Auth_OpenID_ServerError($message, $s); 00863 } 00864 } 00865 00866 // There's a case for making self.trust_root be a TrustRoot 00867 // here. But if TrustRoot isn't currently part of the 00868 // "public" API, I'm not sure it's worth doing. 00869 if ($message->isOpenID1()) { 00870 $trust_root_param = 'trust_root'; 00871 } else { 00872 $trust_root_param = 'realm'; 00873 } 00874 $trust_root = $message->getArg(Auth_OpenID_OPENID_NS, 00875 $trust_root_param); 00876 if (! $trust_root) { 00877 $trust_root = $return_to; 00878 } 00879 00880 if (! $message->isOpenID1() && 00881 ($return_to === null) && 00882 ($trust_root === null)) { 00883 return new Auth_OpenID_ServerError($message, 00884 "openid.realm required when openid.return_to absent"); 00885 } 00886 00887 $assoc_handle = $message->getArg(Auth_OpenID_OPENID_NS, 00888 'assoc_handle'); 00889 00890 $obj = Auth_OpenID_CheckIDRequest::make($message, 00891 $identity, 00892 $return_to, 00893 $trust_root, 00894 $immediate, 00895 $assoc_handle, 00896 $server); 00897 00898 if (is_a($obj, 'Auth_OpenID_ServerError')) { 00899 return $obj; 00900 } 00901 00902 $obj->claimed_id = $claimed_id; 00903 00904 return $obj; 00905 }
getCancelURL | ( | ) |
Definiert in Zeile 1159 der Datei Server.php.
01160 { 01161 if (!$this->return_to) { 01162 return new Auth_OpenID_NoReturnToError(); 01163 } 01164 01165 if ($this->immediate) { 01166 return new Auth_OpenID_ServerError(null, 01167 "Cancel is not an appropriate \ 01168 response to immediate mode \ 01169 requests."); 01170 } 01171 01172 $response = new Auth_OpenID_Message( 01173 $this->message->getOpenIDNamespace()); 01174 $response->setArg(Auth_OpenID_OPENID_NS, 'mode', 'cancel'); 01175 return $response->toURL($this->return_to); 01176 }
idSelect | ( | ) |
Definiert in Zeile 907 der Datei Server.php.
00908 { 00909 // Is the identifier to be selected by the IDP? 00910 // So IDPs don't have to import the constant 00911 return $this->identity == Auth_OpenID_IDENTIFIER_SELECT; 00912 }
make | ( | &$ | message, | |
$ | identity, | |||
$ | return_to, | |||
$ | trust_root = null , |
|||
$ | immediate = false , |
|||
$ | assoc_handle = null , |
|||
$ | server = null | |||
) |
Definiert in Zeile 737 der Datei Server.php.
00739 { 00740 if ($server === null) { 00741 return new Auth_OpenID_ServerError($message, 00742 "server must not be null"); 00743 } 00744 00745 if ($return_to && 00746 !Auth_OpenID_TrustRoot::_parse($return_to)) { 00747 return new Auth_OpenID_MalformedReturnURL($message, $return_to); 00748 } 00749 00750 $r = new Auth_OpenID_CheckIDRequest($identity, $return_to, 00751 $trust_root, $immediate, 00752 $assoc_handle, $server); 00753 00754 $r->namespace = $message->getOpenIDNamespace(); 00755 $r->message =& $message; 00756 00757 if (!$r->trustRootValid()) { 00758 return new Auth_OpenID_UntrustedReturnURL($message, 00759 $return_to, 00760 $trust_root); 00761 } else { 00762 return $r; 00763 } 00764 }
returnToVerified | ( | ) |
Definiert in Zeile 818 der Datei Server.php.
00819 { 00820 return call_user_func_array($this->verifyReturnTo, 00821 array($this->trust_root, $this->return_to)); 00822 }
trustRootValid | ( | ) |
Definiert in Zeile 914 der Datei Server.php.
00915 { 00916 if (!$this->trust_root) { 00917 return true; 00918 } 00919 00920 $tr = Auth_OpenID_TrustRoot::_parse($this->trust_root); 00921 if ($tr === false) { 00922 return new Auth_OpenID_MalformedTrustRoot($this->message, 00923 $this->trust_root); 00924 } 00925 00926 if ($this->return_to !== null) { 00927 return Auth_OpenID_TrustRoot::match($this->trust_root, 00928 $this->return_to); 00929 } else { 00930 return true; 00931 } 00932 }
$immediate = false |
Whether this request is for immediate mode.
Definiert in Zeile 724 der Datei Server.php.
$mode = "checkid_setup" |
The mode of this request.
Erneute Implementation von Auth_OpenID_Request.
Definiert in Zeile 719 der Datei Server.php.
$namespace |
The OpenID namespace for this request. deprecated since version 2.0.2
Definiert in Zeile 735 der Datei Server.php.
$trust_root = null |
The trust_root value for this request.
Definiert in Zeile 729 der Datei Server.php.
$verifyReturnTo = 'Auth_OpenID_verifyReturnTo' |
Return-to verification callback. Default is Auth_OpenID_verifyReturnTo from TrustRoot.php.
Definiert in Zeile 714 der Datei Server.php.
Copyright © 2003 - 2009 MyOOS [Shopsystem]. All rights reserved. MyOOS [Shopsystem] is Free Software released under the GNU/GPL License. Webmaster: info@r23.de (Impressum) |
|