Docs For Class Auth_OpenID

Auth_OpenID_OpenIDStore

Description

This is the interface for the store objects the OpenID library

uses. It is a single class that provides all of the persistence mechanisms that the OpenID library needs, for both servers and consumers. If you want to create an SQL-driven store, please see then Auth_OpenID_SQLStore class.

Change: Version 2.0 removed the storeNonce, getAuthKey, and isDumb methods, and changed the behavior of the useNonce method to support one-way nonces.

author: JanRain, Inc. <openid@janrain.com>

Located in /Auth/OpenID/Interface.php (line 30)

Direct descendents

Class	Description
Auth_OpenID_DumbStore	This is a store for use in the worst case, when you have no way of saving state on the consumer site. Using this store makes the consumer vulnerable to replay attacks, as it's unable to use nonces. Avoid using this store if it is at all possible.
Auth_OpenID_FileStore	This is a filesystem-based store for OpenID associations and
Auth_OpenID_MDB2Store	This store uses a PEAR::MDB2 connection to store persistence information.
Auth_OpenID_MemcachedStore	This is a memcached-based store for OpenID associations and nonces.
Auth_OpenID_SQLStore	This is the parent class for the SQL stores, which contains the logic common to all of the SQL stores.
Tests_Auth_OpenID_MemStore	This is the interface for the store objects the OpenID library

Method Summary

void cleanup ()

void cleanupAssociations ()

void cleanupNonces ()

Association getAssociation (string $server_url, [mixed $handle = null])

mixed removeAssociation (string $server_url, string $handle)

void reset ()

void storeAssociation (string $server_url, Association $association)

void supportsCleanup ()

bool useNonce ( $server_url, $timestamp, $salt, string $nonce)

Methods

cleanup (line 90)

void cleanup ()

cleanupAssociations (line 77)

void cleanupAssociations ()

Redefined in descendants as:

cleanupNonces (line 62)

void cleanupNonces ()

Redefined in descendants as:

getAssociation (line 134)

This method returns an Association object from storage that matches the server URL and, if specified, handle. It returns null if no such association is found or if the matching association is expired.

If no handle is specified, the store may return any association which matches the server URL. If multiple associations are valid, the recommended return value for this method is the one most recently issued.

This method is allowed (and encouraged) to garbage collect expired associations when found. This method must not return expired associations.

return: The Association for the given identity server.

Association getAssociation (string $server_url, [mixed $handle = null])

string $server_url: The URL of the identity server to get the association for. Because of the way the server portion of the library uses this interface, don't assume there are any limitations on the character set of the input string. In particular, expect to see unescaped non-url-safe characters in the server_url field.
mixed $handle: This optional parameter is the handle of the specific association to get. If no specific handle is provided, any valid association matching the server URL is returned.

Redefined in descendants as:

Auth_OpenID_DumbStore::getAssociation() : This implementation always returns null.
Auth_OpenID_FileStore::getAssociation() : Retrieve an association. If no handle is specified, return the association with the most recent issue time.
Auth_OpenID_MDB2Store::getAssociation()
Auth_OpenID_MemcachedStore::getAssociation() : Read association from memcached. If no handle given
Auth_OpenID_SQLStore::getAssociation()
Tests_Auth_OpenID_MemStore::getAssociation()
GoodAssocStore::getAssociation()

removeAssociation (line 158)

This method removes the matching association if it's found, and returns whether the association was removed or not.

return: Returns whether or not the given association existed.

mixed removeAssociation (string $server_url, string $handle)

string $server_url: The URL of the identity server the association to remove belongs to. Because of the way the server portion of the library uses this interface, don't assume there are any limitations on the character set of the input string. In particular, expect to see unescaped non-url-safe characters in the server_url field.
string $handle: This is the handle of the association to remove. If there isn't an association found that matches both the given URL and handle, then there was no matching handle found.

Redefined in descendants as:

Auth_OpenID_DumbStore::removeAssociation() : This implementation always returns false.
Auth_OpenID_FileStore::removeAssociation() : Remove an association if it exists. Do nothing if it does not.
Auth_OpenID_MDB2Store::removeAssociation()
Auth_OpenID_MemcachedStore::removeAssociation() : Immediately delete association from memcache.
Auth_OpenID_SQLStore::removeAssociation()
Tests_Auth_OpenID_MemStore::removeAssociation()

reset (line 192)

Removes all entries from the store; implementation is optional.

void reset ()

Redefined in descendants as:

Auth_OpenID_MDB2Store::reset() : Resets the store by removing all records from the store's tables.
Auth_OpenID_SQLStore::reset() : Resets the store by removing all records from the store's tables.

storeAssociation (line 44)

This method puts an Association object into storage, retrievable by server URL and handle.

void storeAssociation (string $server_url, Association $association)

string $server_url: The URL of the identity server that this association is with. Because of the way the server portion of the library uses this interface, don't assume there are any limitations on the character set of the input string. In particular, expect to see unescaped non-url-safe characters in the server_url field.
Association $association: The Association to store.

Redefined in descendants as:

Auth_OpenID_DumbStore::storeAssociation() : This implementation does nothing.
Auth_OpenID_FileStore::storeAssociation() : Store an association in the association directory.
Auth_OpenID_MDB2Store::storeAssociation()
Auth_OpenID_MemcachedStore::storeAssociation() : Store association until its expiration time in memcached.
Auth_OpenID_SQLStore::storeAssociation()
Tests_Auth_OpenID_MemStore::storeAssociation()

supportsCleanup (line 99)

Report whether this storage supports cleanup

void supportsCleanup ()

Redefined in descendants as:

Auth_OpenID_MemcachedStore::supportsCleanup() : Report that this storage doesn't support cleanup

useNonce (line 183)

Called when using a nonce.

This method should return C{True} if the nonce has not been used before, and store it for a while to make sure nobody tries to use the same value again. If the nonce has already been used, return C{False}.

Change: In earlier versions, round-trip nonces were used and a nonce was only valid if it had been previously stored with storeNonce. Version 2.0 uses one-way nonces, requiring a different implementation here that does not depend on a storeNonce call. (storeNonce is no longer part of the interface.

return: Whether or not the nonce was valid.

bool useNonce ( $server_url, $timestamp, $salt, string $nonce)

string $nonce: The nonce to use.
$server_url
$timestamp
$salt

Redefined in descendants as:

Auth_OpenID_DumbStore::useNonce() : In a system truly limited to dumb mode, nonces must all be accepted. This therefore always returns true, which makes replay attacks feasible.
Auth_OpenID_FileStore::useNonce() : Return whether this nonce is present. As a side effect, mark it as no longer present.
Auth_OpenID_MDB2Store::useNonce()
Auth_OpenID_MemcachedStore::useNonce() : Create nonce for server and salt, expiring after $Auth_OpenID_SKEW seconds.
Auth_OpenID_SQLStore::useNonce()
Tests_Auth_OpenID_MemStore::useNonce()

Documentation generated on Thu, 29 Jul 2010 13:58:53 -0700 by phpDocumentor 1.4.3