[ Index ]

PHP Cross Reference of Joomla 1.5.26 DE

title

Body

[close]

/libraries/openid/Auth/OpenID/ -> Association.php (summary)

[Source view] [Print] [Project Stats]

This module contains code for dealing with associations between consumers and servers. PHP versions 4 and 5

Author: JanRain, Inc. <openid@janrain.com>
Copyright: 2005-2008 Janrain, Inc.
License: http://www.apache.org/licenses/LICENSE-2.0 Apache
File Size: 616 lines (18 kb)
Included or required:0 times
Referenced: 0 times
Includes or requires: 0 files

Defines 2 classes

Auth_OpenID_Association:: (20 methods):
  fromExpiresIn()
  Auth_OpenID_Association()
  getExpiresIn()
  equal()
  serialize()
  deserialize()
  sign()
  signMessage()
  _makePairs()
  getMessageSignature()
  checkMessageSignature()
  Auth_OpenID_getSecretSize()
  Auth_OpenID_getAllAssociationTypes()
  Auth_OpenID_getSupportedAssociationTypes()
  Auth_OpenID_getSessionTypes()
  Auth_OpenID_checkSessionType()
  Auth_OpenID_getDefaultAssociationOrder()
  Auth_OpenID_getOnlyEncryptedOrder()
  Auth_OpenID_getDefaultNegotiator()
  Auth_OpenID_getEncryptedNegotiator()

Auth_OpenID_SessionNegotiator:: (5 methods):
  Auth_OpenID_SessionNegotiator()
  setAllowedTypes()
  addAllowedType()
  isAllowed()
  getAllowedType()


Class: Auth_OpenID_Association  - X-Ref

This class represents an association between a server and a
consumer.  In general, users of this library will never see
instances of this object.  The only exception is if you implement a
custom {@link Auth_OpenID_OpenIDStore}.

If you do implement such a store, it will need to store the values
of the handle, secret, issued, lifetime, and assoc_type instance
variables.

fromExpiresIn($expires_in, $handle, $secret, $assoc_type)   X-Ref
This is an alternate constructor (factory method) used by the
OpenID consumer library to create associations.  OpenID store
implementations shouldn't use this constructor.

param: integer $expires_in This is the amount of time this
param: string $handle This is the handle the server gave this
param: string secret This is the shared secret the server
param: assoc_type This is the type of association this
return: association An {@link Auth_OpenID_Association}

Auth_OpenID_Association($handle, $secret, $issued, $lifetime, $assoc_type)   X-Ref
This is the standard constructor for creating an association.
The library should create all of the necessary associations, so
this constructor is not part of the external API.

param: string $handle This is the handle the server gave this
param: string $secret This is the shared secret the server
param: integer $issued This is the time this association was
param: integer $lifetime This is the amount of time this
param: string $assoc_type This is the type of association this

getExpiresIn($now = null)   X-Ref
This returns the number of seconds this association is still
valid for, or 0 if the association is no longer valid.

return: integer $seconds The number of seconds this association

equal($other)   X-Ref
This checks to see if two {@link Auth_OpenID_Association}
instances represent the same association.

return: bool $result true if the two instances represent the

serialize()   X-Ref
Convert an association to KV form.

return: string $result String in KV form suitable for

deserialize($class_name, $assoc_s)   X-Ref
Parse an association as stored by serialize().  This is the
inverse of serialize.

param: string $assoc_s Association as serialized by serialize()
return: Auth_OpenID_Association $result instance of this class

sign($pairs)   X-Ref
Generate a signature for a sequence of (key, value) pairs

param: array $pairs The pairs to sign, in order.  This is an
return: string $signature The binary signature of this sequence

signMessage($message)   X-Ref
Generate a signature for some fields in a dictionary

param: array $fields The fields to sign, in order; this is an
param: array $data Dictionary of values to sign (an array of
return: string $signature The signature, base64 encoded

_makePairs(&$message)   X-Ref
Given a {@link Auth_OpenID_Message}, return the key/value pairs
to be signed according to the signed list in the message.  If
the message lacks a signed list, return null.


getMessageSignature(&$message)   X-Ref
Given an {@link Auth_OpenID_Message}, return the signature for
the signed list in the message.


checkMessageSignature(&$message)   X-Ref
Confirm that the signature of these fields matches the
signature contained in the data.


Auth_OpenID_getSecretSize($assoc_type)   X-Ref
No description

Auth_OpenID_getAllAssociationTypes()   X-Ref
No description

Auth_OpenID_getSupportedAssociationTypes()   X-Ref
No description

Auth_OpenID_getSessionTypes($assoc_type)   X-Ref
No description

Auth_OpenID_checkSessionType($assoc_type, $session_type)   X-Ref
No description

Auth_OpenID_getDefaultAssociationOrder()   X-Ref
No description

Auth_OpenID_getOnlyEncryptedOrder()   X-Ref
No description

Auth_OpenID_getDefaultNegotiator()   X-Ref
No description

Auth_OpenID_getEncryptedNegotiator()   X-Ref
No description

Class: Auth_OpenID_SessionNegotiator  - X-Ref

A session negotiator controls the allowed and preferred association
types and association session types. Both the {@link
Auth_OpenID_Consumer} and {@link Auth_OpenID_Server} use
negotiators when creating associations.

You can create and use negotiators if you:
- Do not want to do Diffie-Hellman key exchange because you use
transport-layer encryption (e.g. SSL)

- Want to use only SHA-256 associations

- Do not want to support plain-text associations over a non-secure
channel

It is up to you to set a policy for what kinds of associations to
accept. By default, the library will make any kind of association
that is allowed in the OpenID 2.0 specification.

Use of negotiators in the library
=================================

When a consumer makes an association request, it calls {@link
getAllowedType} to get the preferred association type and
association session type.

The server gets a request for a particular association/session type
and calls {@link isAllowed} to determine if it should create an
association. If it is supported, negotiation is complete. If it is
not, the server calls {@link getAllowedType} to get an allowed
association type to return to the consumer.

If the consumer gets an error response indicating that the
requested association/session type is not supported by the server
that contains an assocation/session type to try, it calls {@link
isAllowed} to determine if it should try again with the given
combination of association/session type.

Auth_OpenID_SessionNegotiator($allowed_types)   X-Ref
No description

setAllowedTypes($allowed_types)   X-Ref
Set the allowed association types, checking to make sure each
combination is valid.


addAllowedType($assoc_type, $session_type = null)   X-Ref
Add an association type and session type to the allowed types
list. The assocation/session pairs are tried in the order that
they are added.


isAllowed($assoc_type, $session_type)   X-Ref
No description

getAllowedType()   X-Ref
Get a pair of assocation type and session type that are
supported.



Generated: Wed Mar 28 15:54:07 2012 Cross-referenced by PHPXref 0.7.1