[ Index ]

PHP Cross Reference of Joomla 1.5.25

title

Body

[close]

/libraries/openid/Auth/OpenID/ -> DumbStore.php (summary)

[Source view] [Print] [Project Stats]

This file supplies a dumb store backend for OpenID servers and consumers. PHP versions 4 and 5

Author: JanRain, Inc. <openid@janrain.com>
Copyright: 2005-2008 Janrain, Inc.
License: http://www.apache.org/licenses/LICENSE-2.0 Apache
File Size: 103 lines (3 kb)
Included or required:0 times
Referenced: 0 times
Includes or requires: 0 files

Defines 1 class

Auth_OpenID_DumbStore:: (6 methods):
  Auth_OpenID_DumbStore()
  storeAssociation()
  getAssociation()
  removeAssociation()
  useNonce()
  getAuthKey()


Class: Auth_OpenID_DumbStore  - X-Ref

This is a store for use in the worst case, when you have no way of
saving state on the consumer site. Using this store makes the
consumer vulnerable to replay attacks, as it's unable to use
nonces. Avoid using this store if it is at all possible.

Most of the methods of this class are implementation details.
Users of this class need to worry only about the constructor.

Auth_OpenID_DumbStore($secret_phrase)   X-Ref
Creates a new {@link Auth_OpenID_DumbStore} instance. For the security
of the tokens generated by the library, this class attempts to
at least have a secure implementation of getAuthKey.

When you create an instance of this class, pass in a secret
phrase. The phrase is hashed with sha1 to make it the correct
length and form for an auth key. That allows you to use a long
string as the secret phrase, which means you can make it very
difficult to guess.

Each {@link Auth_OpenID_DumbStore} instance that is created for use by
your consumer site needs to use the same $secret_phrase.

param: string secret_phrase The phrase used to create the auth

storeAssociation($server_url, $association)   X-Ref
This implementation does nothing.


getAssociation($server_url, $handle = null)   X-Ref
This implementation always returns null.


removeAssociation($server_url, $handle)   X-Ref
This implementation always returns false.


useNonce($server_url, $timestamp, $salt)   X-Ref
In a system truly limited to dumb mode, nonces must all be
accepted. This therefore always returns true, which makes
replay attacks feasible.


getAuthKey()   X-Ref
This method returns the auth key generated by the constructor.



Generated: Mon Nov 14 16:47:20 2011 Cross-referenced by PHPXref 0.7.1