Auth_OpenID_SQLStore Klassenreferenz
Abgeleitet von Auth_OpenID_OpenIDStore.Basisklasse für Auth_OpenID_MySQLStore, Auth_OpenID_PostgreSQLStore und Auth_OpenID_SQLiteStore.
Öffentliche Methoden | |
| Auth_OpenID_SQLStore ($connection, $associations_table=null, $nonces_table=null) | |
| tableExists ($table_name) | |
| isError ($value) | |
| resultToBool ($obj) | |
| setSQL () | |
| reset () | |
| _verifySQL () | |
| _fixSQL () | |
| blobDecode ($blob) | |
| blobEncode ($str) | |
| createTables () | |
| create_nonce_table () | |
| create_assoc_table () | |
| _set_assoc ($server_url, $handle, $secret, $issued, $lifetime, $assoc_type) | |
| storeAssociation ($server_url, $association) | |
| _get_assoc ($server_url, $handle) | |
| _get_assocs ($server_url) | |
| removeAssociation ($server_url, $handle) | |
| getAssociation ($server_url, $handle=null) | |
| _add_nonce ($server_url, $timestamp, $salt) | |
| useNonce ($server_url, $timestamp, $salt) | |
| _octify ($str) | |
| _unoctify ($str) | |
| cleanupNonces () | |
| cleanupAssociations () | |
Ausführliche Beschreibung
Definiert in Zeile 67 der Datei SQLStore.php.
Dokumentation der Elementfunktionen
| _add_nonce | ( | $ | server_url, | |
| $ | timestamp, | |||
| $ | salt | |||
| ) |
private
Erneute Implementation in Auth_OpenID_SQLiteStore.
Definiert in Zeile 466 der Datei SQLStore.php.
00467 { 00468 $sql = $this->sql['add_nonce']; 00469 $result = $this->connection->query($sql, array($server_url, 00470 $timestamp, 00471 $salt)); 00472 if ($this->isError($result)) { 00473 $this->connection->rollback(); 00474 } else { 00475 $this->connection->commit(); 00476 } 00477 return $this->resultToBool($result); 00478 }
| _fixSQL | ( | ) |
private
Definiert in Zeile 251 der Datei SQLStore.php.
00252 { 00253 $replacements = array( 00254 array( 00255 'value' => $this->nonces_table_name, 00256 'keys' => array('nonce_table', 00257 'add_nonce', 00258 'clean_nonce') 00259 ), 00260 array( 00261 'value' => $this->associations_table_name, 00262 'keys' => array('assoc_table', 00263 'set_assoc', 00264 'get_assoc', 00265 'get_assocs', 00266 'remove_assoc', 00267 'clean_assoc') 00268 ) 00269 ); 00270 00271 foreach ($replacements as $item) { 00272 $value = $item['value']; 00273 $keys = $item['keys']; 00274 00275 foreach ($keys as $k) { 00276 if (is_array($this->sql[$k])) { 00277 foreach ($this->sql[$k] as $part_key => $part_value) { 00278 $this->sql[$k][$part_key] = sprintf($part_value, 00279 $value); 00280 } 00281 } else { 00282 $this->sql[$k] = sprintf($this->sql[$k], $value); 00283 } 00284 } 00285 } 00286 }
| _get_assoc | ( | $ | server_url, | |
| $ | handle | |||
| ) |
private
Definiert in Zeile 366 der Datei SQLStore.php.
00367 { 00368 $result = $this->connection->getRow($this->sql['get_assoc'], 00369 array($server_url, $handle)); 00370 if ($this->isError($result)) { 00371 return null; 00372 } else { 00373 return $result; 00374 } 00375 }
| _get_assocs | ( | $ | server_url | ) |
private
Definiert in Zeile 380 der Datei SQLStore.php.
00381 { 00382 $result = $this->connection->getAll($this->sql['get_assocs'], 00383 array($server_url)); 00384 00385 if ($this->isError($result)) { 00386 return array(); 00387 } else { 00388 return $result; 00389 } 00390 }
| _octify | ( | $ | str | ) |
"Octifies" a binary string by returning a string with escaped octal bytes. This is used for preparing binary data for PostgreSQL BYTEA fields.
private
Definiert in Zeile 498 der Datei SQLStore.php.
00499 { 00500 $result = ""; 00501 for ($i = 0; $i < Auth_OpenID::bytes($str); $i++) { 00502 $ch = substr($str, $i, 1); 00503 if ($ch == "\\") { 00504 $result .= "\\\\\\\\"; 00505 } else if (ord($ch) == 0) { 00506 $result .= "\\\\000"; 00507 } else { 00508 $result .= "\\" . strval(decoct(ord($ch))); 00509 } 00510 } 00511 return $result; 00512 }
| _set_assoc | ( | $ | server_url, | |
| $ | handle, | |||
| $ | secret, | |||
| $ | issued, | |||
| $ | lifetime, | |||
| $ | assoc_type | |||
| ) |
private
Erneute Implementation in Auth_OpenID_PostgreSQLStore.
Definiert in Zeile 333 der Datei SQLStore.php.
00335 { 00336 return $this->connection->query($this->sql['set_assoc'], 00337 array( 00338 $server_url, 00339 $handle, 00340 $secret, 00341 $issued, 00342 $lifetime, 00343 $assoc_type)); 00344 }
| _unoctify | ( | $ | str | ) |
"Unoctifies" octal-escaped data from PostgreSQL and returns the resulting ASCII (possibly binary) string.
private
Definiert in Zeile 520 der Datei SQLStore.php.
00521 { 00522 $result = ""; 00523 $i = 0; 00524 while ($i < strlen($str)) { 00525 $char = $str[$i]; 00526 if ($char == "\\") { 00527 // Look to see if the next char is a backslash and 00528 // append it. 00529 if ($str[$i + 1] != "\\") { 00530 $octal_digits = substr($str, $i + 1, 3); 00531 $dec = octdec($octal_digits); 00532 $char = chr($dec); 00533 $i += 4; 00534 } else { 00535 $char = "\\"; 00536 $i += 2; 00537 } 00538 } else { 00539 $i += 1; 00540 } 00541 00542 $result .= $char; 00543 } 00544 00545 return $result; 00546 }
| _verifySQL | ( | ) |
private
Definiert in Zeile 223 der Datei SQLStore.php.
00224 { 00225 $missing = array(); 00226 $empty = array(); 00227 00228 $required_sql_keys = array( 00229 'nonce_table', 00230 'assoc_table', 00231 'set_assoc', 00232 'get_assoc', 00233 'get_assocs', 00234 'remove_assoc' 00235 ); 00236 00237 foreach ($required_sql_keys as $key) { 00238 if (!array_key_exists($key, $this->sql)) { 00239 $missing[] = $key; 00240 } else if (!$this->sql[$key]) { 00241 $empty[] = $key; 00242 } 00243 } 00244 00245 return array($missing, $empty); 00246 }
| Auth_OpenID_SQLStore | ( | $ | connection, | |
| $ | associations_table = null, |
|||
| $ | nonces_table = null | |||
| ) |
This creates a new SQLStore instance. It requires an established database connection be given to it, and it allows overriding the default table names.
- Parameter:
-
connection $connection This must be an established connection to a database of the correct type for the SQLStore subclass you're using. This must either be an PEAR DB connection handle or an instance of a subclass of Auth_OpenID_DatabaseConnection. associations_table,: This is an optional parameter to specify the name of the table used for storing associations. The default value is 'oid_associations'. nonces_table,: This is an optional parameter to specify the name of the table used for storing nonces. The default value is 'oid_nonces'.
Definiert in Zeile 88 der Datei SQLStore.php.
00091 { 00092 global $__Auth_OpenID_PEAR_AVAILABLE; 00093 00094 $this->associations_table_name = "oid_associations"; 00095 $this->nonces_table_name = "oid_nonces"; 00096 00097 // Check the connection object type to be sure it's a PEAR 00098 // database connection. 00099 if (!(is_object($connection) && 00100 (is_subclass_of($connection, 'db_common') || 00101 is_subclass_of($connection, 00102 'auth_openid_databaseconnection')))) { 00103 trigger_error("Auth_OpenID_SQLStore expected PEAR connection " . 00104 "object (got ".get_class($connection).")", 00105 E_USER_ERROR); 00106 return; 00107 } 00108 00109 $this->connection = $connection; 00110 00111 // Be sure to set the fetch mode so the results are keyed on 00112 // column name instead of column index. This is a PEAR 00113 // constant, so only try to use it if PEAR is present. Note 00114 // that Auth_Openid_Databaseconnection instances need not 00115 // implement ::setFetchMode for this reason. 00116 if ($__Auth_OpenID_PEAR_AVAILABLE) { 00117 $this->connection->setFetchMode(DB_FETCHMODE_ASSOC); 00118 } 00119 00120 if ($associations_table) { 00121 $this->associations_table_name = $associations_table; 00122 } 00123 00124 if ($nonces_table) { 00125 $this->nonces_table_name = $nonces_table; 00126 } 00127 00128 $this->max_nonce_age = 6 * 60 * 60; 00129 00130 // Be sure to run the database queries with auto-commit mode 00131 // turned OFF, because we want every function to run in a 00132 // transaction, implicitly. As a rule, methods named with a 00133 // leading underscore will NOT control transaction behavior. 00134 // Callers of these methods will worry about transactions. 00135 $this->connection->autoCommit(false); 00136 00137 // Create an empty SQL strings array. 00138 $this->sql = array(); 00139 00140 // Call this method (which should be overridden by subclasses) 00141 // to populate the $this->sql array with SQL strings. 00142 $this->setSQL(); 00143 00144 // Verify that all required SQL statements have been set, and 00145 // raise an error if any expected SQL strings were either 00146 // absent or empty. 00147 list($missing, $empty) = $this->_verifySQL(); 00148 00149 if ($missing) { 00150 trigger_error("Expected keys in SQL query list: " . 00151 implode(", ", $missing), 00152 E_USER_ERROR); 00153 return; 00154 } 00155 00156 if ($empty) { 00157 trigger_error("SQL list keys have no SQL strings: " . 00158 implode(", ", $empty), 00159 E_USER_ERROR); 00160 return; 00161 } 00162 00163 // Add table names to queries. 00164 $this->_fixSQL(); 00165 }
| blobDecode | ( | $ | blob | ) |
Erneute Implementation in Auth_OpenID_PostgreSQLStore.
Definiert in Zeile 288 der Datei SQLStore.php.
| blobEncode | ( | $ | str | ) |
Erneute Implementation in Auth_OpenID_MySQLStore und Auth_OpenID_PostgreSQLStore.
Definiert in Zeile 293 der Datei SQLStore.php.
| cleanupAssociations | ( | ) |
Erneute Implementation von Auth_OpenID_OpenIDStore.
Definiert in Zeile 559 der Datei SQLStore.php.
00560 { 00561 $this->connection->query($this->sql['clean_assoc'], 00562 array(time())); 00563 $num = $this->connection->affectedRows(); 00564 $this->connection->commit(); 00565 return $num; 00566 }
| cleanupNonces | ( | ) |
Erneute Implementation von Auth_OpenID_OpenIDStore.
Definiert in Zeile 548 der Datei SQLStore.php.
00549 { 00550 global $Auth_OpenID_SKEW; 00551 $v = time() - $Auth_OpenID_SKEW; 00552 00553 $this->connection->query($this->sql['clean_nonce'], array($v)); 00554 $num = $this->connection->affectedRows(); 00555 $this->connection->commit(); 00556 return $num; 00557 }
| create_assoc_table | ( | ) |
Definiert in Zeile 321 der Datei SQLStore.php.
00322 { 00323 if (!$this->tableExists($this->associations_table_name)) { 00324 $r = $this->connection->query($this->sql['assoc_table']); 00325 return $this->resultToBool($r); 00326 } 00327 return true; 00328 }
| create_nonce_table | ( | ) |
Definiert in Zeile 312 der Datei SQLStore.php.
00313 { 00314 if (!$this->tableExists($this->nonces_table_name)) { 00315 $r = $this->connection->query($this->sql['nonce_table']); 00316 return $this->resultToBool($r); 00317 } 00318 return true; 00319 }
| createTables | ( | ) |
Definiert in Zeile 298 der Datei SQLStore.php.
00299 { 00300 $this->connection->autoCommit(true); 00301 $n = $this->create_nonce_table(); 00302 $a = $this->create_assoc_table(); 00303 $this->connection->autoCommit(false); 00304 00305 if ($n && $a) { 00306 return true; 00307 } else { 00308 return false; 00309 } 00310 }
| getAssociation | ( | $ | server_url, | |
| $ | handle = null | |||
| ) |
This method returns an Association object from storage that matches the server URL and, if specified, handle. It returns null if no such association is found or if the matching association is expired.
If no handle is specified, the store may return any association which matches the server URL. If multiple associations are valid, the recommended return value for this method is the one most recently issued.
This method is allowed (and encouraged) to garbage collect expired associations when found. This method must not return expired associations.
- Parameter:
-
string $server_url The URL of the identity server to get the association for. Because of the way the server portion of the library uses this interface, don't assume there are any limitations on the character set of the input string. In particular, expect to see unescaped non-url-safe characters in the server_url field. mixed $handle This optional parameter is the handle of the specific association to get. If no specific handle is provided, any valid association matching the server URL is returned.
- Rückgabe:
- Association The Association for the given identity server.
Erneute Implementation von Auth_OpenID_OpenIDStore.
Definiert in Zeile 409 der Datei SQLStore.php.
00410 { 00411 if ($handle !== null) { 00412 $assoc = $this->_get_assoc($server_url, $handle); 00413 00414 $assocs = array(); 00415 if ($assoc) { 00416 $assocs[] = $assoc; 00417 } 00418 } else { 00419 $assocs = $this->_get_assocs($server_url); 00420 } 00421 00422 if (!$assocs || (count($assocs) == 0)) { 00423 return null; 00424 } else { 00425 $associations = array(); 00426 00427 foreach ($assocs as $assoc_row) { 00428 $assoc = new Auth_OpenID_Association($assoc_row['handle'], 00429 $assoc_row['secret'], 00430 $assoc_row['issued'], 00431 $assoc_row['lifetime'], 00432 $assoc_row['assoc_type']); 00433 00434 $assoc->secret = $this->blobDecode($assoc->secret); 00435 00436 if ($assoc->getExpiresIn() == 0) { 00437 $this->removeAssociation($server_url, $assoc->handle); 00438 } else { 00439 $associations[] = array($assoc->issued, $assoc); 00440 } 00441 } 00442 00443 if ($associations) { 00444 $issued = array(); 00445 $assocs = array(); 00446 foreach ($associations as $key => $assoc) { 00447 $issued[$key] = $assoc[0]; 00448 $assocs[$key] = $assoc[1]; 00449 } 00450 00451 array_multisort($issued, SORT_DESC, $assocs, SORT_DESC, 00452 $associations); 00453 00454 // return the most recently issued one. 00455 list($issued, $assoc) = $associations[0]; 00456 return $assoc; 00457 } else { 00458 return null; 00459 } 00460 } 00461 }
| isError | ( | $ | value | ) |
Returns true if $value constitutes a database error; returns false otherwise.
Definiert in Zeile 179 der Datei SQLStore.php.
00180 { 00181 return PEAR::isError($value); 00182 }
| removeAssociation | ( | $ | server_url, | |
| $ | handle | |||
| ) |
This method removes the matching association if it's found, and returns whether the association was removed or not.
- Parameter:
-
string $server_url The URL of the identity server the association to remove belongs to. Because of the way the server portion of the library uses this interface, don't assume there are any limitations on the character set of the input string. In particular, expect to see unescaped non-url-safe characters in the server_url field. string $handle This is the handle of the association to remove. If there isn't an association found that matches both the given URL and handle, then there was no matching handle found.
- Rückgabe:
- mixed Returns whether or not the given association existed.
Erneute Implementation von Auth_OpenID_OpenIDStore.
Definiert in Zeile 392 der Datei SQLStore.php.
00393 { 00394 if ($this->_get_assoc($server_url, $handle) == null) { 00395 return false; 00396 } 00397 00398 if ($this->resultToBool($this->connection->query( 00399 $this->sql['remove_assoc'], 00400 array($server_url, $handle)))) { 00401 $this->connection->commit(); 00402 } else { 00403 $this->connection->rollback(); 00404 } 00405 00406 return true; 00407 }
| reset | ( | ) |
Resets the store by removing all records from the store's tables.
Erneute Implementation von Auth_OpenID_OpenIDStore.
Definiert in Zeile 211 der Datei SQLStore.php.
00212 { 00213 $this->connection->query(sprintf("DELETE FROM %s", 00214 $this->associations_table_name)); 00215 00216 $this->connection->query(sprintf("DELETE FROM %s", 00217 $this->nonces_table_name)); 00218 }
| resultToBool | ( | $ | obj | ) |
Converts a query result to a boolean. If the result is a database error according to $this->isError(), this returns false; otherwise, this returns true.
Definiert in Zeile 189 der Datei SQLStore.php.
00190 { 00191 if ($this->isError($obj)) { 00192 return false; 00193 } else { 00194 return true; 00195 } 00196 }
| setSQL | ( | ) |
This method should be overridden by subclasses. This method is called by the constructor to set values in $this->sql, which is an array keyed on sql name.
Erneute Implementation in Auth_OpenID_MySQLStore, Auth_OpenID_PostgreSQLStore und Auth_OpenID_SQLiteStore.
Definiert in Zeile 203 der Datei SQLStore.php.
| storeAssociation | ( | $ | server_url, | |
| $ | association | |||
| ) |
This method puts an Association object into storage, retrievable by server URL and handle.
- Parameter:
-
string $server_url The URL of the identity server that this association is with. Because of the way the server portion of the library uses this interface, don't assume there are any limitations on the character set of the input string. In particular, expect to see unescaped non-url-safe characters in the server_url field. Association $association The Association to store.
Erneute Implementation von Auth_OpenID_OpenIDStore.
Definiert in Zeile 346 der Datei SQLStore.php.
00347 { 00348 if ($this->resultToBool($this->_set_assoc( 00349 $server_url, 00350 $association->handle, 00351 $this->blobEncode( 00352 $association->secret), 00353 $association->issued, 00354 $association->lifetime, 00355 $association->assoc_type 00356 ))) { 00357 $this->connection->commit(); 00358 } else { 00359 $this->connection->rollback(); 00360 } 00361 }
| tableExists | ( | $ | table_name | ) |
Definiert in Zeile 167 der Datei SQLStore.php.
00168 { 00169 return !$this->isError( 00170 $this->connection->query( 00171 sprintf("SELECT * FROM %s LIMIT 0", 00172 $table_name))); 00173 }
| useNonce | ( | $ | server_url, | |
| $ | timestamp, | |||
| $ | salt | |||
| ) |
Called when using a nonce.
This method should return C{True} if the nonce has not been used before, and store it for a while to make sure nobody tries to use the same value again. If the nonce has already been used, return C{False}.
Change: In earlier versions, round-trip nonces were used and a nonce was only valid if it had been previously stored with storeNonce. Version 2.0 uses one-way nonces, requiring a different implementation here that does not depend on a storeNonce call. (storeNonce is no longer part of the interface.
- Parameter:
-
string $nonce The nonce to use.
- Rückgabe:
- bool Whether or not the nonce was valid.
Erneute Implementation von Auth_OpenID_OpenIDStore.
Definiert in Zeile 480 der Datei SQLStore.php.
00481 { 00482 global $Auth_OpenID_SKEW; 00483 00484 if ( abs($timestamp - time()) > $Auth_OpenID_SKEW ) { 00485 return False; 00486 } 00487 00488 return $this->_add_nonce($server_url, $timestamp, $salt); 00489 }
Die Dokumentation für diese Klasse wurde erzeugt aufgrund der Datei:
- Auth/OpenID/SQLStore.php
