Source for file Request.php

Documentation is available at Request.php

  1. <?php
  2. /**
  3.  * OpenID_Association_Request
  4.  * 
  5.  * PHP Version 5.2.0+
  6.  * 
  7.  * @uses      OpenID
  8.  * @category  Auth
  9.  * @package   OpenID
  10.  * @author    Bill Shupp <hostmaster@shupp.org>
  11.  * @copyright 2009 Bill Shupp
  12.  * @license   http://www.opensource.org/licenses/bsd-license.php FreeBSD
  13.  * @link      http://pearopenid.googlecode.com
  14.  */
  15.  
  16. /**
  17.  * Required files
  18.  */
  19. require_once 'OpenID.php';
  20. require_once 'OpenID/Association/Exception.php';
  21. require_once 'OpenID/Association.php';
  22. require_once 'OpenID/Message.php';
  23. require_once 'OpenID/Association/DiffieHellman.php';
  24.  
  25. /**
  26.  * OpenID_Association_Request
  27.  * 
  28.  * Request object for establishing OpenID Associations.
  29.  * 
  30.  * @uses      OpenID
  31.  * @category  Auth
  32.  * @package   OpenID
  33.  * @author    Bill Shupp <hostmaster@shupp.org>
  34.  * @copyright 2009 Bill Shupp
  35.  * @license   http://www.opensource.org/licenses/bsd-license.php FreeBSD
  36.  * @link      http://pearopenid.googlecode.com
  37.  */
  38. class OpenID_Association_Request extends OpenID
  39. {
  40.     /**
  41.      * OpenID provider endpoint URL
  42.      * 
  43.      * @var string 
  44.      */
  45.     protected $opEndpointURL = null;
  46.  
  47.     /**
  48.      * Contains contents of the association request
  49.      * 
  50.      * @var OpenID_Message 
  51.      */
  52.     protected $message = null;
  53.  
  54.     /**
  55.      * Version of OpenID in use.  This determines which algorithms we can use.
  56.      * 
  57.      * @var string 
  58.      */
  59.     protected $version = null;
  60.  
  61.     /**
  62.      * The association request response in array format
  63.      * 
  64.      * @var array 
  65.      * @see getResponse()
  66.      */
  67.     protected $response = array();
  68.  
  69.     /**
  70.      * Optional instance of Crypt_DiffieHellman
  71.      * 
  72.      * @var Crypt_DiffieHellman 
  73.      */
  74.     protected $cdh = null;
  75.  
  76.     /**
  77.      * OpenID_Association_DiffieHellman instance
  78.      * 
  79.      * @var OpenID_Association_DiffieHellman 
  80.      */
  81.     protected $dh = null;
  82.  
  83.     /**
  84.      * Sets the arguments passed in, as well as creates the request message.
  85.      * 
  86.      * @param string              $opEndpointURL URL of OP Endpoint
  87.      * @param string              $version       Version of OpenID in use
  88.      * @param Crypt_DiffieHellman $cdh           Custom Crypt_DiffieHellman
  89.      *                                            instance
  90.      * 
  91.      * @return void 
  92.      */
  93.     public function __construct($opEndpointURL,
  94.                                 $version,
  95.                                 Crypt_DiffieHellman $cdh null)
  96.     {
  97.         if (!array_key_exists($versionOpenID::$versionMap)) {
  98.             throw new OpenID_Association_Exception(
  99.                 'Invalid version'
  100.             );
  101.         }
  102.         $this->version       = $version;
  103.         $this->opEndpointURL = $opEndpointURL;
  104.         $this->message       = new OpenID_Message;
  105.  
  106.         if ($cdh{
  107.             $this->cdh = $cdh;
  108.         }
  109.  
  110.         // Set defaults
  111.         $this->message->set('openid.mode'OpenID::MODE_ASSOCIATE);
  112.         if (OpenID::$versionMap[$version== OpenID::NS_2_0{
  113.             $this->message->set('openid.ns'OpenID::NS_2_0);
  114.             $this->message->set('openid.assoc_type'self::ASSOC_TYPE_HMAC_SHA256);
  115.             $this->message->set('openid.session_type'self::SESSION_TYPE_DH_SHA256);
  116.         else {
  117.             $this->message->set('openid.assoc_type'self::ASSOC_TYPE_HMAC_SHA1);
  118.             $this->message->set('openid.session_type'self::SESSION_TYPE_DH_SHA1);
  119.         }
  120.     }
  121.  
  122.     /**
  123.      * Sends the association request.  Loops over errors and adapts to
  124.      * 'unsupported-type' responses.
  125.      * 
  126.      * @return mixed OpenID_Association on success, false on failure
  127.      * @see buildAssociation()
  128.      * @see sendAssociationRequest()
  129.      */
  130.     public function associate()
  131.     {
  132.         $count 0;
  133.         while ($count 2{
  134.             // Easier to operate on array format here
  135.             $response $this->sendAssociationRequest()->getArrayFormat();
  136.  
  137.             if (isset($response['assoc_handle'])) {
  138.                 $this->response = $response;
  139.                 return $this->buildAssociation($response);
  140.             }
  141.  
  142.             if (isset($response['mode'])
  143.                 && $response['mode'== OpenID::MODE_ERROR
  144.                 && isset($response['error_code'])
  145.                 && $response['error_code'== 'unsupported-type'{
  146.     
  147.                 if (isset($response['assoc_type'])) {
  148.                     $this->setAssociationType($response['assoc_type']);
  149.                 }
  150.                 if (isset($response['session_type'])) {
  151.                     $this->setSessionType($response['session_type']);
  152.                 }
  153.             }
  154.             $count++;
  155.         }
  156.         return false;
  157.     }
  158.  
  159.     /**
  160.      * Build the OpenID_Association class based on the association response
  161.      * 
  162.      * @param array $response Association response in array format
  163.      * 
  164.      * @return OpenID_Association 
  165.      * @see associate()
  166.      */
  167.     protected function buildAssociation(array $response)
  168.     {
  169.         $params                array();
  170.         $params['created']     time();
  171.         $params['expiresIn']   $response['expires_in'];
  172.         $params['uri']         $this->opEndpointURL;
  173.         $params['assocType']   $this->getAssociationType();
  174.         $params['assocHandle'$response['assoc_handle'];
  175.  
  176.         if ($this->getSessionType(=== self::SESSION_TYPE_NO_ENCRYPTION{
  177.             if (!isset($response['mac_key'])) {
  178.                 throw new OpenID_Association_Exception(
  179.                     'Missing mac_key in association response'
  180.                 );
  181.             }
  182.             $params['sharedSecret'$response['mac_key'];
  183.         else {
  184.             $this->getDH()->getSharedSecret($response$params);
  185.         }
  186.  
  187.         return new OpenID_Association($params);
  188.     }
  189.  
  190.     /**
  191.      * Actually sends the assocition request to the OP Endpoing URL.
  192.      * 
  193.      * @return OpenID_Message 
  194.      * @see associate()
  195.      */
  196.     protected function sendAssociationRequest()
  197.     {
  198.         if ($this->message->get('openid.session_type')
  199.             == self::SESSION_TYPE_NO_ENCRYPTION{
  200.  
  201.             $this->message->delete('openid.dh_consumer_public');
  202.             $this->message->delete('openid.dh_modulus');
  203.             $this->message->delete('openid.dh_gen');
  204.         else {
  205.             $this->initDH();
  206.         }
  207.  
  208.         $response $this->directRequest($this->opEndpointURL$this->message);
  209.         $message  new OpenID_Message($response->getBody(),
  210.                                        OpenID_Message::FORMAT_KV);
  211.  
  212.         OpenID::setLastEvent(__METHOD__print_r($message->getArrayFormat()true));
  213.  
  214.         return $message;
  215.     }
  216.  
  217.     /**
  218.      * Gets the last association response
  219.      * 
  220.      * @return void 
  221.      */
  222.     public function getResponse()
  223.     {
  224.         return $this->response;
  225.     }
  226.  
  227.     /**
  228.      * Initialize the diffie-hellman parameters for the association request.
  229.      * 
  230.      * @return void 
  231.      */
  232.     protected function initDH()
  233.     {
  234.         $this->getDH()->init();
  235.     }
  236.  
  237.     /**
  238.      * Gets an instance of OpenID_Association_DiffieHellman.  If one is not already
  239.      * instanciated, a new one is returned.
  240.      * 
  241.      * @return OpenID_Association_DiffieHellman 
  242.      */
  243.     protected function getDH()
  244.     {
  245.         if (!$this->dh{
  246.             $this->dh new OpenID_Association_DiffieHellman($this->message,
  247.                                                              $this->cdh);
  248.         }
  249.         return $this->dh;
  250.     }
  251.  
  252.     /**
  253.      * Sets he association type for the request.  Can be sha1 or sha256.
  254.      * 
  255.      * @param string $type sha1 or sha256
  256.      * 
  257.      * @throws OpenID_Association_Exception on invalid type
  258.      * @return void 
  259.      */
  260.     public function setAssociationType($type)
  261.     {
  262.         switch ($type{
  263.         case self::ASSOC_TYPE_HMAC_SHA1:
  264.         case self::ASSOC_TYPE_HMAC_SHA256:
  265.             $this->message->set('openid.assoc_type'$type);
  266.             break;
  267.         default:
  268.             throw new OpenID_Association_Exception("Invalid assoc_type: $type");
  269.         }
  270.     }
  271.  
  272.     /**
  273.      * Gets the current association type
  274.      * 
  275.      * @return void 
  276.      */
  277.     public function getAssociationType()
  278.     {
  279.         return $this->message->get('openid.assoc_type');
  280.     }
  281.  
  282.     /**
  283.      * Sets the session type.  Can be sha1, sha256, or no-encryption
  284.      * 
  285.      * @param string $type sha1, sha256, or no-encryption
  286.      * 
  287.      * @throws OpenID_Association_Exception on invalid type, or if you set
  288.      *          no-encryption for an OP URL that doesn't support HTTPS
  289.      * @return void 
  290.      */
  291.     public function setSessionType($type)
  292.     {
  293.         switch ($type{
  294.         case self::SESSION_TYPE_NO_ENCRYPTION:
  295.             // Make sure we're using SSL
  296.             if (!preg_match('@^https://@i'$this->opEndpointURL)) {
  297.                 throw new OpenID_Association_Exception(
  298.                     'Un-encrypted sessions require HTTPS'
  299.                 );
  300.             }
  301.             $this->message->set('openid.session_type',
  302.                                 self::SESSION_TYPE_NO_ENCRYPTION);
  303.             break;
  304.         case self::SESSION_TYPE_DH_SHA1:
  305.         case self::SESSION_TYPE_DH_SHA256:
  306.             $this->message->set('openid.session_type'$type);
  307.             break;
  308.         default:
  309.             throw new OpenID_Association_Exception("Invalid session_type: $type");
  310.         }
  311.     }
  312.  
  313.     /**
  314.      * Gets the current session type
  315.      * 
  316.      * @return string Current session type (sha1, sha256, or no-encryption)
  317.      */
  318.     public function getSessionType()
  319.     {
  320.         return $this->message->get('openid.session_type');
  321.     }
  322.  
  323.     /**
  324.      * Gets the OP Endpoint URL
  325.      * 
  326.      * @return string OP Endpoint URL
  327.      */
  328.     public function getEndpointURL()
  329.     {
  330.         return $this->opEndpointURL;
  331.     }
  332. }
  333. ?>

Documentation generated on Tue, 15 Dec 2009 19:00:58 -0800 by phpDocumentor 1.4.3