Class OpenID_RelyingParty

Description
Description | Vars (details) | Methods (details) Constants

OpenID_RelyingParty

OpenID_RelyingParty implements all the steps required to verify a claim in two step interface: prepare and verify.

prepare sets up the request, which includes performing discovery on the identifier, establishing an association with the OpenID Provider (optional), and then building an OpenID_Auth_Request object. With this object, you can optionally add OpenID_Extension(s), and then perform the request.

verify takes a Net_URL2 object as an argument, which represents the URL that the end user was redirected to after communicating with the the OpenID Provider. It processes the URL, and if it was a positive response from the OP, tries to verify that assertion.

Example:

  1.  // First set up some things about your relying party:
  2.  $realm    'http://examplerp.com';
  3.  $returnTo $realm '/relyingparty.php';
  4.  
  5.  // Here is an example user supplied identifier
  6.  $identifier $_POST['identifier'];
  7.  
  8.  // You might want to store it in session for use in verify()
  9.  $_SESSION['identifier'$identifier;
  10.  
  11.  // Fire up the OpenID_RelyingParty object
  12.  $rp new OpenID_RelyingParty($returnTo$realm$identifier);
  13.  
  14.  // Here's an example of prepare() usage ...
  15.  // First, grab your Auth_Request_Object
  16.  $authRequest $rp->prepare();
  17.  
  18.  // Then, optionally add an extension
  19.   $sreg new OpenID_Extension_SREG11(OpenID_Extension::REQUEST);
  20.   $sreg->set('required''email');
  21.   $sreg->set('optional''nickname,gender,dob');
  22.  
  23.   // You'll need to add it to OpenID_Auth_Request
  24.   $authRequest->addExtension($sreg);
  25.  // Optionally get association (from cache in this example)
  26.  
  27.  // Optionally make this a checkid_immediate request
  28.  $auth->setMode(OpenID::MODE_CHECKID_IMMEDIATE);
  29.  
  30.  // Send user to the OP
  31.  header('Location: ' $auth->getAuthorizeURL());
  32.  exit;
  33.  
  34.  
  35.  
  36.  
  37.  // Now, when they come back, you'll want to verify the claim ...
  38.  
  39.  // Assuming your $realm is the host which they came in to, build a Net_URL2
  40.  // object from this request:
  41.  $request new Net_URL2($realm $_SERVER['REQUEST_URI']);
  42.  
  43.  // Now verify:
  44.  $result $rp->verify($request);
  45.  if ($result->success()) {
  46.      echo "success! :)";
  47.  else {
  48.      echo "failure :(";
  49.  }

Located in /OpenID/RelyingParty.php (line 105) 

OpenID
   |
   --OpenID_RelyingParty
Variable Summary
Description | Vars (details) | Methods (details) Constants
int $clockSkew
string $normalizedID
string $realm
string $returnTo
mixed $useAssociations
Method Summary
Description | Constants Vars (details) | Methods (details)
void __construct (mixed $returnTo, mixed $realm, [mixed $identifier = null])
void disableAssociations ()
void enableAssociations ()
OpenID_Assertion getAssertionObject (OpenID_Message $message, Net_URL2 $requestedURL)
OpenID_Association getAssociation (string $opEndpointURL, string $version)
OpenID_Association_Request getAssociationRequestObject (string $opEndpointURL, string $version)
OpenID_Discover getDiscover ()
OpenID_Auth_Request prepare ()
void setClockSkew (int $skew)
OpenID_Assertion_Response verify ( $requestedURL, OpenID_Message $message)
Variables
Description | Vars (details) Constants | Methods (details)
int $clockSkew = null (line 145)

How far off of the current time to allow for nonce checking

string $normalizedID = null (line 114)

The user supplied identifier, normalized

string $realm = null (line 130)

The URI used for the openid.realm paramater

string $returnTo = null (line 122)

The URI used for the openid.return_to parameter

mixed $useAssociations = true (line 137)

Whether or not to use associations

Inherited Variables

Inherited from OpenID

OpenID::$lastEvent
 OpenID::$observers
 OpenID::$store
 OpenID::$versionMap
Methods
Description | Vars (details) Constants Methods (details)
Constructor __construct (line 158)

Sets the identifier, returnTo, and realm to be used for messages. The identifier is normalized before being set.

  • see: OpenID::normalizeIdentifier
  • access: public
void __construct (mixed $returnTo, mixed $realm, [mixed $identifier = null])
  • mixed $returnTo: The openid.return_to paramater value
  • mixed $realm: The openid.realm paramater value
  • mixed $identifier: The user supplied identifier, defaults to null
disableAssociations (line 182)

Disables the use if associations

  • access: public
void disableAssociations ()
enableAssociations (line 172)

Enables the use of associations (default)

  • access: public
void enableAssociations ()
getAssertionObject (line 402)

Gets an instance of OpenID_Assertion. Abstracted for testing purposes.

OpenID_Assertion getAssertionObject (OpenID_Message $message, Net_URL2 $requestedURL)
  • OpenID_Message $message: The message passed to verify()
  • Net_URL2 $requestedURL: The URL requested (redirect from OP)
getAssociation (line 359)

Gets an association from cache if it exists, otherwise, creates one.

  • return: on success, false on failure
  • access: protected
OpenID_Association getAssociation (string $opEndpointURL, string $version)
  • string $opEndpointURL: The OP Endpoint URL to communicate with
  • string $version: The version of OpenID being used
getAssociationRequestObject (line 388)

Gets a new OpenID_Association_Request object. Abstracted for testing.

OpenID_Association_Request getAssociationRequestObject (string $opEndpointURL, string $version)
  • string $opEndpointURL: The OP endpoint URL to communicate with
  • string $version: The OpenID version being used
getDiscover (line 338)

Gets discovered information from cache if it exists, otherwise performs discovery.

OpenID_Discover getDiscover ()
prepare (line 213)

Prepares an OpenID_Auth_Request and returns it. This process includes performing discovery and optionally creating an association before preparing the OpenID_Auth_Request object.

  • throws: OpenID_Exception if no identifier was passed to the constructor
  • access: public
OpenID_Auth_Request prepare ()
setClockSkew (line 195)

Sets the clock skew for nonce checking

  • throws: OpenID_Exception if $skew is not numeric
  • access: public
void setClockSkew (int $skew)
  • int $skew: Skew (or timeout) in seconds
verify (line 255)

Verifies an assertion response from the OP. If the openid.mode is error, an exception is thrown.

  • throws: OpenID_Exception on error or invalid openid.mode
  • access: public
OpenID_Assertion_Response verify ( $requestedURL, OpenID_Message $message)
  • Net_URL2 $requestedURL: The requested URL (that the user was directed to by the OP) as a Net_URL2 object
  • OpenID_Message $message: The OpenID_Message instance, as extractd from the input (GET or POST)

Inherited Methods

Inherited From OpenID

OpenID::attach()
OpenID::detach()
OpenID::directRequest()
OpenID::getHTTPRequest2Instance()
OpenID::getLastEvent()
OpenID::getStore()
OpenID::getXRIGlobalSymbols()
OpenID::normalizeIdentifier()
OpenID::notify()
OpenID::setLastEvent()
OpenID::setStore()
Class Constants
Description | Constants (details) Vars (details) | Methods (details)

Inherited Constants

Inherited from OpenID

OpenID::ASSOC_TYPE_HMAC_SHA1
 OpenID::ASSOC_TYPE_HMAC_SHA256
 OpenID::HASH_ALGORITHM_1_1
 OpenID::HASH_ALGORITHM_2_0
 OpenID::MODE_ASSOCIATE
 OpenID::MODE_CANCEL
 OpenID::MODE_CHECKID_IMMEDIATE
 OpenID::MODE_CHECKID_SETUP
 OpenID::MODE_CHECK_AUTHENTICATION
 OpenID::MODE_ERROR
 OpenID::MODE_ID_RES
 OpenID::MODE_SETUP_NEEDED
 OpenID::NS_1_1
 OpenID::NS_2_0
 OpenID::NS_2_0_ID_SELECT
 OpenID::SERVICE_1_0_SIGNON
 OpenID::SERVICE_1_1_SIGNON
 OpenID::SERVICE_2_0_SERVER
 OpenID::SERVICE_2_0_SIGNON
 OpenID::SESSION_TYPE_DH_SHA1
 OpenID::SESSION_TYPE_DH_SHA256
 OpenID::SESSION_TYPE_NO_ENCRYPTION

Documentation generated on Tue, 15 Dec 2009 19:00:57 -0800 by phpDocumentor 1.4.3