JanRain OpenID Library

Auth_OpenID_GenericConsumer
in package

OpenID

This class is the interface to the OpenID consumer logic.

Instances of it maintain no per-request state, so they can be reused (or even used by multiple threads concurrently) as needed.

$_use_assocs : mixed
$discoverMethod : mixed
$fetcher : Auth_Yadis_ParanoidHTTPFetcher|Auth_Yadis_PlainHTTPFetcher
$negotiator : Auth_OpenID_SessionNegotiator
$openid1_nonce_query_arg_name : mixed
$openid1_return_to_identifier_name : mixed: Another query parameter that gets added to the return_to for OpenID 1; if the user's session state is lost, use this claimed identifier to do discovery when verifying the response.
$session_types : array<string|int, mixed>
$store : mixed: This consumer's store object.
__construct() : mixed: This method initializes a new {@link Auth_OpenID_Consumer} instance to access the library.
_checkAuth() : bool
_checkReturnTo() : bool
_checkSetupNeeded() : bool
_complete_cancel() : Auth_OpenID_CancelResponse
_complete_error() : Auth_OpenID_FailureResponse
_complete_id_res() : Auth_OpenID_FailureResponse|Auth_OpenID_SetupNeededResponse|Auth_OpenID_SuccessResponse|null
_complete_setup_needed() : Auth_OpenID_FailureResponse|Auth_OpenID_SetupNeededResponse
_completeInvalid() : Auth_OpenID_FailureResponse
_createAssociateRequest() : array<string|int, mixed>|null
_createCheckAuthRequest() : Auth_OpenID_Message|null
_discoverAndVerify() : Auth_OpenID_FailureResponse
_doIdRes() : Auth_OpenID_FailureResponse|Auth_OpenID_SuccessResponse|mixed|null|string
_extractAssociation() : Auth_OpenID_Association|Auth_OpenID_FailureResponse|null
_extractSupportedAssociationType() : array<string|int, mixed>|null: Handle ServerErrors resulting from association requests.
_getAssociation() : Auth_OpenID_Association|Auth_OpenID_Message|Auth_OpenID_ServerErrorContainer|null
_getOpenID1SessionType() : string: Given an association response message, extract the OpenID 1.X session type.
_httpResponseToMessage() : Auth_OpenID_Message|Auth_OpenID_ServerErrorContainer|null: Adapt a POST response to a Message.
_idResCheckForFields() : Auth_OpenID_FailureResponse|mixed|null|string
_idResCheckNonce() : Auth_OpenID_FailureResponse|null
_idResCheckSignature() : Auth_OpenID_FailureResponse|null
_idResGetNonceOpenID1() : string: Extract the nonce from an OpenID 1 response. Return the nonce from the BARE_NS since we independently check the return_to arguments are the same as those in the response message.
_makeKVPost() : Auth_OpenID_Message|Auth_OpenID_ServerErrorContainer|null
_negotiateAssociation() : Auth_OpenID_Association|null
_processCheckAuthResponse() : bool
_requestAssociation() : Auth_OpenID_Association|Auth_OpenID_Message|Auth_OpenID_ServerErrorContainer|null
_verifyDiscoveryResults() : Auth_OpenID_FailureResponse|Auth_OpenID_ServiceEndpoint
_verifyDiscoveryResultsOpenID1() : Auth_OpenID_FailureResponse|Auth_OpenID_ServiceEndpoint
_verifyDiscoveryResultsOpenID2() : Auth_OpenID_FailureResponse|Auth_OpenID_ServiceEndpoint
_verifyDiscoveryServices() : Auth_OpenID_FailureResponse|Auth_OpenID_ServiceEndpoint
_verifyDiscoverySingle() : Auth_OpenID_FailureResponse|null
_verifyReturnToArgs() : Auth_OpenID_FailureResponse|bool
begin() : Auth_OpenID_AuthRequest: Called to begin OpenID authentication using the specified {@link Auth_OpenID_ServiceEndpoint}.
complete() : Auth_OpenID_SuccessResponse: Given an {@link Auth_OpenID_Message}, {@link Auth_OpenID_ServiceEndpoint} and optional return_to URL, complete OpenID authentication.

$_use_assocs


    public
        mixed
    $_use_assocs

$discoverMethod


    public
        mixed
    $discoverMethod
     = 'Auth_OpenID_discover'

$fetcher


    public
        Auth_Yadis_ParanoidHTTPFetcher|Auth_Yadis_PlainHTTPFetcher
    $fetcher

$negotiator


    public
        Auth_OpenID_SessionNegotiator
    $negotiator

$openid1_nonce_query_arg_name


    public
        mixed
    $openid1_nonce_query_arg_name
     = 'janrain_nonce'

$openid1_return_to_identifier_name

Another query parameter that gets added to the return_to for OpenID 1; if the user's session state is lost, use this claimed identifier to do discovery when verifying the response.


    public
        mixed
    $openid1_return_to_identifier_name
     = 'openid1_claimed_id'

$session_types


    public
        array<string|int, mixed>
    $session_types

$store

This consumer's store object.


    public
        mixed
    $store

__construct()

This method initializes a new {@link Auth_OpenID_Consumer} instance to access the library.


    public
                    __construct(Auth_OpenID_OpenIDStore $store) : mixed

Parameters

$store : Auth_OpenID_OpenIDStore: This must be an object that implements the interface in . Several concrete implementations are provided, to cover most common use cases. For stores backed by MySQL, PostgreSQL, or SQLite, see the class and its sublcasses. For a filesystem-backed store, see the module. As a last resort, if it isn't possible for the server to store state at all, an instance of can be used.

Return values

mixed —

_checkAuth()


    public
                    _checkAuth(Auth_OpenID_Message $message, string $server_url) : bool

Parameters

$message : Auth_OpenID_Message
$server_url : string

Return values

bool —

_checkReturnTo()


    public
                    _checkReturnTo(Auth_OpenID_Message $message, string $return_to) : bool

Parameters

$message : Auth_OpenID_Message
$return_to : string

Return values

bool —

_checkSetupNeeded()


    public
                    _checkSetupNeeded(Auth_OpenID_Message $message) : bool

Parameters

$message : Auth_OpenID_Message

Return values

bool —

_complete_cancel()


    public
                    _complete_cancel(Auth_OpenID_Message $message, Auth_OpenID_ServiceEndpoint $endpoint) : Auth_OpenID_CancelResponse

Parameters

$message : Auth_OpenID_Message
$endpoint : Auth_OpenID_ServiceEndpoint

Return values

Auth_OpenID_CancelResponse —

_complete_error()


    public
                    _complete_error(Auth_OpenID_Message $message, Auth_OpenID_ServiceEndpoint $endpoint) : Auth_OpenID_FailureResponse

Parameters

$message : Auth_OpenID_Message
$endpoint : Auth_OpenID_ServiceEndpoint

Return values

Auth_OpenID_FailureResponse —

_complete_id_res()


    public
                    _complete_id_res(Auth_OpenID_Message $message, Auth_OpenID_ServiceEndpoint $endpoint, string $return_to) : Auth_OpenID_FailureResponse|Auth_OpenID_SetupNeededResponse|Auth_OpenID_SuccessResponse|null

Parameters

$message : Auth_OpenID_Message
$endpoint : Auth_OpenID_ServiceEndpoint
$return_to : string

Return values

Auth_OpenID_FailureResponse|Auth_OpenID_SetupNeededResponse|Auth_OpenID_SuccessResponse|null —

_complete_setup_needed()


    public
                    _complete_setup_needed(Auth_OpenID_Message $message, Auth_OpenID_ServiceEndpoint $endpoint) : Auth_OpenID_FailureResponse|Auth_OpenID_SetupNeededResponse

Parameters

$message : Auth_OpenID_Message
$endpoint : Auth_OpenID_ServiceEndpoint

Return values

Auth_OpenID_FailureResponse|Auth_OpenID_SetupNeededResponse —

_completeInvalid()


    public
                    _completeInvalid(Auth_OpenID_Message $message, Auth_OpenID_ServiceEndpoint $endpoint) : Auth_OpenID_FailureResponse

Parameters

$message : Auth_OpenID_Message
$endpoint : Auth_OpenID_ServiceEndpoint

Return values

Auth_OpenID_FailureResponse —

_createAssociateRequest()


    public
                    _createAssociateRequest(Auth_OpenID_ServiceEndpoint $endpoint, string $assoc_type, string $session_type) : array<string|int, mixed>|null

Parameters

$endpoint : Auth_OpenID_ServiceEndpoint
$assoc_type : string
$session_type : string

Return values

array<string|int, mixed>|null —

_createCheckAuthRequest()


    public
                    _createCheckAuthRequest(Auth_OpenID_Message $message) : Auth_OpenID_Message|null

Parameters

$message : Auth_OpenID_Message

Return values

Auth_OpenID_Message|null —

_discoverAndVerify()


    public
                    _discoverAndVerify(string $claimed_id, array<string|int, Auth_OpenID_ServiceEndpoint> $to_match_endpoints) : Auth_OpenID_FailureResponse

Parameters

$claimed_id : string
$to_match_endpoints : array<string|int, Auth_OpenID_ServiceEndpoint>

Return values

Auth_OpenID_FailureResponse —

_doIdRes()


    public
                    _doIdRes(Auth_OpenID_Message $message, Auth_OpenID_ServiceEndpoint $endpoint, string $return_to) : Auth_OpenID_FailureResponse|Auth_OpenID_SuccessResponse|mixed|null|string

Parameters

$message : Auth_OpenID_Message
$endpoint : Auth_OpenID_ServiceEndpoint
$return_to : string

Return values

Auth_OpenID_FailureResponse|Auth_OpenID_SuccessResponse|mixed|null|string —

_extractAssociation()


    public
                    _extractAssociation(Auth_OpenID_Message $assoc_response, Auth_OpenID_PlainTextConsumerSession $assoc_session) : Auth_OpenID_Association|Auth_OpenID_FailureResponse|null

Parameters

$assoc_response : Auth_OpenID_Message
$assoc_session : Auth_OpenID_PlainTextConsumerSession

Return values

Auth_OpenID_Association|Auth_OpenID_FailureResponse|null —

_extractSupportedAssociationType()

Handle ServerErrors resulting from association requests.


    public
                    _extractSupportedAssociationType( $server_error) : array<string|int, mixed>|null

Parameters

$server_error :

Return values

array<string|int, mixed>|null —

$result If server replied with an C{unsupported-type} error, return a tuple of supported C{association_type}, C{session_type}. Otherwise logs the error and returns null.

_getAssociation()


    public
                    _getAssociation(Auth_OpenID_ServiceEndpoint $endpoint) : Auth_OpenID_Association|Auth_OpenID_Message|Auth_OpenID_ServerErrorContainer|null

Parameters

$endpoint : Auth_OpenID_ServiceEndpoint

Return values

Auth_OpenID_Association|Auth_OpenID_Message|Auth_OpenID_ServerErrorContainer|null —

_getOpenID1SessionType()

Given an association response message, extract the OpenID 1.X session type.


    public
                    _getOpenID1SessionType(Auth_OpenID_Message $assoc_response) : string

This function mostly takes care of the 'no-encryption' default behavior in OpenID 1.

If the association type is plain-text, this function will return 'no-encryption'

Parameters

$assoc_response : Auth_OpenID_Message

Return values

string —

The association type for this message

_httpResponseToMessage()

Adapt a POST response to a Message.


    public
            static        _httpResponseToMessage(Auth_Yadis_HTTPResponse $response) : Auth_OpenID_Message|Auth_OpenID_ServerErrorContainer|null

Parameters

$response : Auth_Yadis_HTTPResponse: Result of a POST to an OpenID endpoint.

Return values

Auth_OpenID_Message|Auth_OpenID_ServerErrorContainer|null —

_idResCheckForFields()


    public
                    _idResCheckForFields(Auth_OpenID_Message $message) : Auth_OpenID_FailureResponse|mixed|null|string

Parameters

$message : Auth_OpenID_Message

Return values

Auth_OpenID_FailureResponse|mixed|null|string —

_idResCheckNonce()


    public
                    _idResCheckNonce(Auth_OpenID_Message $message, Auth_OpenID_ServiceEndpoint $endpoint) : Auth_OpenID_FailureResponse|null

Parameters

$message : Auth_OpenID_Message
$endpoint : Auth_OpenID_ServiceEndpoint

Return values

Auth_OpenID_FailureResponse|null —

_idResCheckSignature()


    public
                    _idResCheckSignature(Auth_OpenID_Message $message, string $server_url) : Auth_OpenID_FailureResponse|null

Parameters

$message : Auth_OpenID_Message
$server_url : string

Return values

Auth_OpenID_FailureResponse|null —

_idResGetNonceOpenID1()

Extract the nonce from an OpenID 1 response. Return the nonce from the BARE_NS since we independently check the return_to arguments are the same as those in the response message.


    public
                    _idResGetNonceOpenID1(Auth_OpenID_Message $message) : string

See the openid1_nonce_query_arg_name class variable

Parameters

$message : Auth_OpenID_Message

Return values

string —

The nonce as a string or null

_makeKVPost()


    public
                    _makeKVPost(Auth_OpenID_Message $message, string $server_url) : Auth_OpenID_Message|Auth_OpenID_ServerErrorContainer|null

Parameters

$message : Auth_OpenID_Message
$server_url : string

Return values

Auth_OpenID_Message|Auth_OpenID_ServerErrorContainer|null —

_negotiateAssociation()


    public
                    _negotiateAssociation(Auth_OpenID_ServiceEndpoint $endpoint) : Auth_OpenID_Association|null

Parameters

$endpoint : Auth_OpenID_ServiceEndpoint

Return values

Auth_OpenID_Association|null —

_processCheckAuthResponse()


    public
                    _processCheckAuthResponse(Auth_OpenID_Message $response, string $server_url) : bool

Parameters

$response : Auth_OpenID_Message
$server_url : string

Return values

bool —

_requestAssociation()


    public
                    _requestAssociation(Auth_OpenID_ServiceEndpoint $endpoint, string $assoc_type, string $session_type) : Auth_OpenID_Association|Auth_OpenID_Message|Auth_OpenID_ServerErrorContainer|null

Parameters

$endpoint : Auth_OpenID_ServiceEndpoint
$assoc_type : string
$session_type : string

Return values

Auth_OpenID_Association|Auth_OpenID_Message|Auth_OpenID_ServerErrorContainer|null —

_verifyDiscoveryResults()


    public
                    _verifyDiscoveryResults(Auth_OpenID_Message $message[, Auth_OpenID_ServiceEndpoint|null $endpoint = null ]) : Auth_OpenID_FailureResponse|Auth_OpenID_ServiceEndpoint

Parameters

$message : Auth_OpenID_Message
$endpoint : Auth_OpenID_ServiceEndpoint|null = null

Return values

Auth_OpenID_FailureResponse|Auth_OpenID_ServiceEndpoint —

_verifyDiscoveryResultsOpenID1()


    public
                    _verifyDiscoveryResultsOpenID1(Auth_OpenID_Message $message, Auth_OpenID_ServiceEndpoint $endpoint) : Auth_OpenID_FailureResponse|Auth_OpenID_ServiceEndpoint

Parameters

$message : Auth_OpenID_Message
$endpoint : Auth_OpenID_ServiceEndpoint

Return values

Auth_OpenID_FailureResponse|Auth_OpenID_ServiceEndpoint —

_verifyDiscoveryResultsOpenID2()


    public
                    _verifyDiscoveryResultsOpenID2(Auth_OpenID_Message $message, Auth_OpenID_ServiceEndpoint $endpoint) : Auth_OpenID_FailureResponse|Auth_OpenID_ServiceEndpoint

Parameters

$message : Auth_OpenID_Message
$endpoint : Auth_OpenID_ServiceEndpoint

Return values

Auth_OpenID_FailureResponse|Auth_OpenID_ServiceEndpoint —

_verifyDiscoveryServices()


    public
                    _verifyDiscoveryServices(string $claimed_id, array<string|int, Auth_OpenID_ServiceEndpoint> $services, array<string|int, Auth_OpenID_ServiceEndpoint> $to_match_endpoints) : Auth_OpenID_FailureResponse|Auth_OpenID_ServiceEndpoint

Parameters

$claimed_id : string
$services : array<string|int, Auth_OpenID_ServiceEndpoint>
$to_match_endpoints : array<string|int, Auth_OpenID_ServiceEndpoint>

Return values

Auth_OpenID_FailureResponse|Auth_OpenID_ServiceEndpoint —

_verifyDiscoverySingle()


    public
                    _verifyDiscoverySingle(Auth_OpenID_ServiceEndpoint $endpoint, Auth_OpenID_ServiceEndpoint $to_match) : Auth_OpenID_FailureResponse|null

Parameters

$endpoint : Auth_OpenID_ServiceEndpoint
$to_match : Auth_OpenID_ServiceEndpoint

Return values

Auth_OpenID_FailureResponse|null —

_verifyReturnToArgs()


    public
                    _verifyReturnToArgs(array<string|int, mixed> $query) : Auth_OpenID_FailureResponse|bool

Parameters

$query : array<string|int, mixed>

Return values

Auth_OpenID_FailureResponse|bool —

begin()

Called to begin OpenID authentication using the specified {@link Auth_OpenID_ServiceEndpoint}.


    public
                    begin(Auth_OpenID_ServiceEndpoint $service_endpoint) : Auth_OpenID_AuthRequest

Parameters

$service_endpoint : Auth_OpenID_ServiceEndpoint

Return values

Auth_OpenID_AuthRequest —

complete()

Given an {@link Auth_OpenID_Message}, {@link Auth_OpenID_ServiceEndpoint} and optional return_to URL, complete OpenID authentication.


    public
                    complete(Auth_OpenID_Message $message, Auth_OpenID_ServiceEndpoint $endpoint, string $return_to) : Auth_OpenID_SuccessResponse

Parameters

$message : Auth_OpenID_Message
$endpoint : Auth_OpenID_ServiceEndpoint
$return_to : string

Return values

Auth_OpenID_SuccessResponse —

Auth_OpenID_GenericConsumer in package OpenID

Table of Contents

Properties

$_use_assocs

Tags

$discoverMethod

Tags

$fetcher

$negotiator

$openid1_nonce_query_arg_name

Tags

$openid1_return_to_identifier_name

$session_types

$store

Methods

__construct()

Parameters

Return values

_checkAuth()

Parameters

Tags

Return values

_checkReturnTo()

Parameters

Tags

Return values

_checkSetupNeeded()

Parameters

Tags

Return values

_complete_cancel()

Parameters

Tags

Return values

_complete_error()

Parameters

Tags

Return values

_complete_id_res()

Parameters

Tags

Return values

_complete_setup_needed()

Parameters

Tags

Return values

_completeInvalid()

Parameters

Tags

Return values

_createAssociateRequest()

Parameters

Tags

Return values

_createCheckAuthRequest()

Parameters

Tags

Return values

_discoverAndVerify()

Parameters

Tags

Return values

_doIdRes()

Parameters

Tags

Return values

_extractAssociation()

Parameters

Tags

Return values

_extractSupportedAssociationType()

Parameters

Tags

Return values

_getAssociation()

Parameters

Tags

Return values

_getOpenID1SessionType()

Parameters

Auth_OpenID_GenericConsumer
in package

OpenID