Source code for file /openid/Auth/OpenID/Association.php
Documentation is available at Association.php
* This module contains code for dealing with associations between * LICENSE: See the COPYING file included in this distribution. * @copyright 2005 Janrain, Inc. * @license http://www.gnu.org/copyleft/lesser.html LGPL require_once 'Auth/OpenID/CryptUtil.php'; require_once 'Auth/OpenID/KVForm.php'; * This class represents an association between a server and a * consumer. In general, users of this library will never see * instances of this object. The only exception is if you implement a * custom {@link Auth_OpenID_OpenIDStore}. * If you do implement such a store, it will need to store the values * of the handle, secret, issued, lifetime, and assoc_type instance * This is a HMAC-SHA1 specific value. * The ordering and name of keys as stored by serialize. * This is an alternate constructor (factory method) used by the * OpenID consumer library to create associations. OpenID store * implementations shouldn't use this constructor. * @param integer $expires_in This is the amount of time this * association is good for, measured in seconds since the * association was issued. * @param string $handle This is the handle the server gave this * @param string secret This is the shared secret the server * generated for this association. * @param assoc_type This is the type of association this * instance represents. The only valid value of this field at * this time is 'HMAC-SHA1', but new types may be defined in the * @return association An {@link Auth_OpenID_Association} function fromExpiresIn($expires_in, $handle, $secret, $assoc_type) $issued, $lifetime, $assoc_type); * This is the standard constructor for creating an association. * The library should create all of the necessary associations, so * this constructor is not part of the external API. * @param string $handle This is the handle the server gave this * @param string $secret This is the shared secret the server * generated for this association. * @param integer $issued This is the time this association was * issued, in seconds since 00:00 GMT, January 1, 1970. (ie, a * @param integer $lifetime This is the amount of time this * association is good for, measured in seconds since the * association was issued. * @param string $assoc_type This is the type of association this * instance represents. The only valid value of this field at * this time is 'HMAC-SHA1', but new types may be defined in the function Auth_OpenID_Association( $handle, $secret, $issued, $lifetime, $assoc_type) if ($assoc_type !=
'HMAC-SHA1') { $fmt =
'HMAC-SHA1 is the only supported association type (got %s)'; $this->lifetime =
$lifetime; $this->assoc_type =
$assoc_type; * This returns the number of seconds this association is still * valid for, or 0 if the association is no longer valid. * @return integer $seconds The number of seconds this association * is still valid for, or 0 if the association is no longer valid. return max(0, $this->issued +
$this->lifetime -
$now); * This checks to see if two {@link Auth_OpenID_Association} * instances represent the same association. * @return bool $result true if the two instances represent the * same association, false otherwise. &&
($this->handle ==
$other->handle) &&
($this->secret ==
$other->secret) &&
($this->issued ==
$other->issued) &&
($this->lifetime ==
$other->lifetime) &&
($this->assoc_type ==
$other->assoc_type)); * Convert an association to KV form. * @return string $result String in KV form suitable for * deserialization by deserialize. 'handle' =>
$this->handle, 'assoc_type' =>
$this->assoc_type * Parse an association as stored by serialize(). This is the * @param string $assoc_s Association as serialized by serialize() * @return Auth_OpenID_Association $result instance of this class foreach ($pairs as $key =>
$value) { list
($key, $value) =
$value; $class_assoc_keys =
$class_vars['assoc_keys']; if ($keys !=
$class_assoc_keys) { $version =
$pairs['version']; $handle =
$pairs['handle']; $secret =
$pairs['secret']; $issued =
$pairs['issued']; $lifetime =
$pairs['lifetime']; $assoc_type =
$pairs['assoc_type']; $lifetime =
intval($lifetime); $handle, $secret, $issued, $lifetime, $assoc_type); * Generate a signature for a sequence of (key, value) pairs * @param array $pairs The pairs to sign, in order. This is an * @return string $signature The binary signature of this sequence return Auth_OpenID_HMACSHA1($this->secret, $kv); * Generate a signature for some fields in a dictionary * @param array $fields The fields to sign, in order; this is an * @param array $data Dictionary of values to sign (an array of * string => string pairs). * @return string $signature The signature, base64 encoded function signDict($fields, $data, $prefix =
'openid.') foreach ($fields as $field) { $pairs[] =
array($field, $data[$prefix .
$field]); * Add a signature to an array of fields function addSignature($fields, &$data, $prefix =
'openid.') $sig =
$this->signDict($fields, $data, $prefix); $data[$prefix .
'sig'] =
$sig; $data[$prefix .
'signed'] =
$signed; * Confirm that the signature of these fields matches the * signature contained in the data function checkSignature($data, $prefix =
'openid.') $signed =
$data[$prefix .
'signed']; $expected_sig =
$this->signDict($fields, $data, $prefix); $request_sig =
$data[$prefix .
'sig']; return ($request_sig ==
$expected_sig);
