JanRain OpenID Library

Auth_OpenID_TrustRoot
in package

A wrapper for trust-root related functions

Table of Contents

_parse()  : mixed
Parse a URL into its trust_root parts.
buildDiscoveryURL()  : mixed
isSane()  : bool
Is this trust root sane?
match()  : bool
Does this URL match the given trust root?

Methods

_parse()

Parse a URL into its trust_root parts.

public static _parse(string $trust_root) : mixed
Parameters
$trust_root : string

The url to parse

Tags
static
access

private

Return values
mixed

$parsed Either an associative array of trust root parts or false if parsing failed.

buildDiscoveryURL()

public static buildDiscoveryURL(mixed $realm) : mixed
Parameters
$realm : mixed
Return values
mixed

isSane()

Is this trust root sane?

public static isSane(string $trust_root) : bool

A trust root is sane if it is syntactically valid and it has a reasonable domain name. Specifically, the domain name must be more than one level below a standard TLD or more than two levels below a two-letter tld.

For example, '.com' is not a sane trust root, but '.foo.com' is. '.co.uk' is not sane, but '.bbc.co.uk' is.

This check is not always correct, but it attempts to err on the side of marking sane trust roots insane instead of marking insane trust roots sane. For example, 'kink.fm' is marked as insane even though it "should" (for some meaning of should) be marked sane.

This function should be used when creating OpenID servers to alert the users of the server when a consumer attempts to get the user to accept a suspicious trust root.

Parameters
$trust_root : string

The trust root to check

Tags
static
Return values
bool

$sanity Whether the trust root looks OK

match()

Does this URL match the given trust root?

public static match(string $trust_root, string $url) : bool

Return whether the URL falls under the given trust root. This does not check whether the trust root is sane. If the URL or trust root do not parse, this function will return false.

Parameters
$trust_root : string

The trust root to match against

$url : string

The URL to check

Return values
bool

$matches Whether the URL matches against the trust root

Search results