Auth_OpenID_DumbStore
This is a store for use in the worst case, when you have no way of saving state on the consumer site. Using this store makes the consumer vulnerable to replay attacks, as it's unable to use nonces. Avoid using this store if it is at all possible.
Most of the methods of this class are implementation details. Users of this class need to worry only about the constructor.
Located in /openid/Auth/OpenID/DumbStore.php (line 34)
Auth_OpenID_OpenIDStore
Creates a new Auth_OpenID_DumbStore instance. For the security of the tokens generated by the library, this class attempts to at least have a secure implementation of getAuthKey.
When you create an instance of this class, pass in a secret phrase. The phrase is hashed with sha1 to make it the correct length and form for an auth key. That allows you to use a long string as the secret phrase, which means you can make it very difficult to guess.
Each Auth_OpenID_DumbStore instance that is created for use by your consumer site needs to use the same $secret_phrase.
- string $secret_phrase: secret_phrase The phrase used to create the auth key returned by getAuthKey
This implementation always returns null.
- $server_url
- $handle
- Auth_OpenID_OpenIDStore::getAssociation()
- This method returns an Association object from storage that matches the server URL and, if specified, handle. It returns null if no such association is found or if the matching association is expired.
This method returns the auth key generated by the constructor.
- Auth_OpenID_OpenIDStore::getAuthKey()
- This method returns a key used to sign the tokens, to ensure that they haven't been tampered with in transit. It should return the same key every time it is called. The key returned should be AUTH_KEY_LEN bytes long.
This store is a dumb mode store, so this method is overridden to return true.
- Auth_OpenID_OpenIDStore::isDumb()
- This method must return true if the store is a dumb-mode-style store. Unlike all other methods in this class, this one provides a default implementation, which returns false.
This implementation always returns false.
- $server_url
- $handle
- Auth_OpenID_OpenIDStore::removeAssociation()
- This method removes the matching association if it's found, and returns whether the association was removed or not.
This implementation does nothing.
- $server_url
- $association
- Auth_OpenID_OpenIDStore::storeAssociation()
- This method puts an Association object into storage, retrievable by server URL and handle.
This implementation does nothing.
- $nonce
- Auth_OpenID_OpenIDStore::storeNonce()
- Stores a nonce. This is used by the consumer to prevent replay attacks.
In a system truly limited to dumb mode, nonces must all be accepted. This therefore always returns true, which makes replay attacks feasible.
- $nonce
- Auth_OpenID_OpenIDStore::useNonce()
- This method is called when the library is attempting to use a nonce. If the nonce is in the store, this method removes it and returns a value which evaluates as true. Otherwise it returns a value which evaluates as false.
Inherited Methods
Inherited From Auth_OpenID_OpenIDStore
Auth_OpenID_OpenIDStore::getAssociation()
Documentation generated on Mon, 05 Mar 2007 20:56:52 +0000 by phpDocumentor 1.3.1