Class Auth_OpenID_OpenIDStore

Description

This is the interface for the store objects the OpenID library

uses. It is a single class that provides all of the persistence mechanisms that the OpenID library needs, for both servers and consumers. If you want to create an SQL-driven store, please see then Auth_OpenID_SQLStore class.

Change: Version 2.0 removed the storeNonce, getAuthKey, and isDumb methods, and changed the behavior of the useNonce method to support one-way nonces.

Located in /Auth/OpenID/Interface.php (line 30)


	
			
Direct descendents
Class Description
 class Auth_OpenID_DumbStore This is a store for use in the worst case, when you have no way of saving state on the consumer site. Using this store makes the consumer vulnerable to replay attacks, as it's unable to use nonces. Avoid using this store if it is at all possible.
 class Auth_OpenID_FileStore This is a filesystem-based store for OpenID associations and
 class Auth_OpenID_MDB2Store This store uses a PEAR::MDB2 connection to store persistence information.
 class Auth_OpenID_MemcachedStore This is a memcached-based store for OpenID associations and nonces.
 class Auth_OpenID_SQLStore This is the parent class for the SQL stores, which contains the logic common to all of the SQL stores.
 class Tests_Auth_OpenID_MemStore This is the interface for the store objects the OpenID library
Method Summary
 void cleanup ()
 void cleanupNonces ()
 Association getAssociation (string $server_url, [mixed $handle = null])
 mixed removeAssociation (string $server_url, string $handle)
 void reset ()
 void storeAssociation (string $server_url, Association $association)
 void supportsCleanup ()
 bool useNonce ( $server_url,  $timestamp,  $salt, string $nonce)
Methods
cleanup (line 90)
void cleanup ()
getAssociation (line 134)

This method returns an Association object from storage that matches the server URL and, if specified, handle. It returns null if no such association is found or if the matching association is expired.

If no handle is specified, the store may return any association which matches the server URL. If multiple associations are valid, the recommended return value for this method is the one most recently issued.

This method is allowed (and encouraged) to garbage collect expired associations when found. This method must not return expired associations.

  • return: The Association for the given identity server.
Association getAssociation (string $server_url, [mixed $handle = null])
  • string $server_url: The URL of the identity server to get the association for. Because of the way the server portion of the library uses this interface, don't assume there are any limitations on the character set of the input string. In particular, expect to see unescaped non-url-safe characters in the server_url field.
  • mixed $handle: This optional parameter is the handle of the specific association to get. If no specific handle is provided, any valid association matching the server URL is returned.

Redefined in descendants as:
removeAssociation (line 158)

This method removes the matching association if it's found, and returns whether the association was removed or not.

  • return: Returns whether or not the given association existed.
mixed removeAssociation (string $server_url, string $handle)
  • string $server_url: The URL of the identity server the association to remove belongs to. Because of the way the server portion of the library uses this interface, don't assume there are any limitations on the character set of the input string. In particular, expect to see unescaped non-url-safe characters in the server_url field.
  • string $handle: This is the handle of the association to remove. If there isn't an association found that matches both the given URL and handle, then there was no matching handle found.

Redefined in descendants as:
reset (line 192)

Removes all entries from the store; implementation is optional.

void reset ()

Redefined in descendants as:
storeAssociation (line 44)

This method puts an Association object into storage, retrievable by server URL and handle.

void storeAssociation (string $server_url, Association $association)
  • string $server_url: The URL of the identity server that this association is with. Because of the way the server portion of the library uses this interface, don't assume there are any limitations on the character set of the input string. In particular, expect to see unescaped non-url-safe characters in the server_url field.
  • Association $association: The Association to store.

Redefined in descendants as:
supportsCleanup (line 99)

Report whether this storage supports cleanup

void supportsCleanup ()

Redefined in descendants as:
useNonce (line 183)

Called when using a nonce.

This method should return C{True} if the nonce has not been used before, and store it for a while to make sure nobody tries to use the same value again. If the nonce has already been used, return C{False}.

Change: In earlier versions, round-trip nonces were used and a nonce was only valid if it had been previously stored with storeNonce. Version 2.0 uses one-way nonces, requiring a different implementation here that does not depend on a storeNonce call. (storeNonce is no longer part of the interface.

  • return: Whether or not the nonce was valid.
bool useNonce ( $server_url,  $timestamp,  $salt, string $nonce)
  • string $nonce: The nonce to use.
  • $server_url
  • $timestamp
  • $salt

Redefined in descendants as:

Documentation generated on Thu, 29 Jul 2010 13:58:53 -0700 by phpDocumentor 1.4.3