Support Joomla!

Joomla! 1.5 Documentation

Packages

Package: OpenID

Developer Network License

The Joomla! Developer Network content is © copyright 2006 by the individual contributors and can be used in accordance with the Creative Commons License, Attribution- NonCommercial- ShareAlike 2.5
Source code for file /openid/Auth/OpenID/SQLStore.php

Documentation is available at SQLStore.php

  1. <?php
  2.  
  3. /**
  4.  * SQL-backed OpenID stores.
  5.  *
  6.  * PHP versions 4 and 5
  7.  *
  8.  * LICENSE: See the COPYING file included in this distribution.
  9.  *
  10.  * @package OpenID
  11.  * @author JanRain, Inc. <[email protected]>
  12.  * @copyright 2005 Janrain, Inc.
  13.  * @license http://www.gnu.org/copyleft/lesser.html LGPL
  14.  */
  15.  
  16. /**
  17.  * Require the PEAR DB module because we'll need it for the SQL-based
  18.  * stores implemented here.  We silence any errors from the inclusion
  19.  * because it might not be present, and a user of the SQL stores may
  20.  * supply an Auth_OpenID_DatabaseConnection instance that implements
  21.  * its own storage.
  22.  */
  23. global $__Auth_OpenID_PEAR_AVAILABLE;
  24. $__Auth_OpenID_PEAR_AVAILABLE @include_once 'DB.php';
  25.  
  26. /**
  27.  * @access private
  28.  */
  29. require_once 'Auth/OpenID/Interface.php';
  30.  
  31. /**
  32.  * This is the parent class for the SQL stores, which contains the
  33.  * logic common to all of the SQL stores.
  34.  *
  35.  * The table names used are determined by the class variables
  36.  * settings_table_name, associations_table_name, and
  37.  * nonces_table_name.  To change the name of the tables used, pass new
  38.  * table names into the constructor.
  39.  *
  40.  * To create the tables with the proper schema, see the createTables
  41.  * method.
  42.  *
  43.  * This class shouldn't be used directly.  Use one of its subclasses
  44.  * instead, as those contain the code necessary to use a specific
  45.  * database.  If you're an OpenID integrator and you'd like to create
  46.  * an SQL-driven store that wraps an application's database
  47.  * abstraction, be sure to create a subclass of
  48.  * {@link Auth_OpenID_DatabaseConnection} that calls the application's
  49.  * database abstraction calls.  Then, pass an instance of your new
  50.  * database connection class to your SQLStore subclass constructor.
  51.  *
  52.  * All methods other than the constructor and createTables should be
  53.  * considered implementation details.
  54.  *
  55.  * @package OpenID
  56.  */
  57. class Auth_OpenID_SQLStore extends Auth_OpenID_OpenIDStore {
  58.  
  59.     /**
  60.      * This creates a new SQLStore instance.  It requires an
  61.      * established database connection be given to it, and it allows
  62.      * overriding the default table names.
  63.      *
  64.      * @param connection $connection This must be an established
  65.      *  connection to a database of the correct type for the SQLStore
  66.      *  subclass you're using.  This must either be an PEAR DB
  67.      *  connection handle or an instance of a subclass of
  68.      *  Auth_OpenID_DatabaseConnection.
  69.      *
  70.      * @param string $settings_table This is an optional parameter to
  71.      *  specify the name of the table used for this store's settings.
  72.      *  The default value is 'oid_settings'.
  73.      *
  74.      * @param associations_table: This is an optional parameter to
  75.      *  specify the name of the table used for storing associations.
  76.      *  The default value is 'oid_associations'.
  77.      *
  78.      * @param nonces_table: This is an optional parameter to specify
  79.      *  the name of the table used for storing nonces.  The default
  80.      *  value is 'oid_nonces'.
  81.      */
  82.     function Auth_OpenID_SQLStore($connection$settings_table null,
  83.                                   $associations_table null,
  84.                                   $nonces_table null)
  85.     {
  86.         global $__Auth_OpenID_PEAR_AVAILABLE;
  87.  
  88.         $this->settings_table_name "oid_settings";
  89.         $this->associations_table_name "oid_associations";
  90.         $this->nonces_table_name "oid_nonces";
  91.  
  92.         // Check the connection object type to be sure it's a PEAR
  93.         // database connection.
  94.         if (!(is_object($connection&&
  95.               (is_subclass_of($connection'db_common'||
  96.                is_subclass_of($connection,
  97.                               'auth_openid_databaseconnection')))) {
  98.             trigger_error("Auth_OpenID_SQLStore expected PEAR connection " .
  99.                           "object (got ".get_class($connection).")",
  100.                           E_USER_ERROR);
  101.             return;
  102.         }
  103.  
  104.         $this->connection $connection;
  105.  
  106.         // Be sure to set the fetch mode so the results are keyed on
  107.         // column name instead of column index.  This is a PEAR
  108.         // constant, so only try to use it if PEAR is present.  Note
  109.         // that Auth_Openid_Databaseconnection instances need not
  110.         // implement ::setFetchMode for this reason.
  111.         if ($__Auth_OpenID_PEAR_AVAILABLE{
  112.             $this->connection->setFetchMode(DB_FETCHMODE_ASSOC);
  113.         }
  114.  
  115.         if ($settings_table{
  116.             $this->settings_table_name $settings_table;
  117.         }
  118.  
  119.         if ($associations_table{
  120.             $this->associations_table_name $associations_table;
  121.         }
  122.  
  123.         if ($nonces_table{
  124.             $this->nonces_table_name $nonces_table;
  125.         }
  126.  
  127.         $this->max_nonce_age 60 60;
  128.  
  129.         // Be sure to run the database queries with auto-commit mode
  130.         // turned OFF, because we want every function to run in a
  131.         // transaction, implicitly.  As a rule, methods named with a
  132.         // leading underscore will NOT control transaction behavior.
  133.         // Callers of these methods will worry about transactions.
  134.         $this->connection->autoCommit(false);
  135.  
  136.         // Create an empty SQL strings array.
  137.         $this->sql array();
  138.  
  139.         // Call this method (which should be overridden by subclasses)
  140.         // to populate the $this->sql array with SQL strings.
  141.         $this->setSQL();
  142.  
  143.         // Verify that all required SQL statements have been set, and
  144.         // raise an error if any expected SQL strings were either
  145.         // absent or empty.
  146.         list($missing$empty$this->_verifySQL();
  147.  
  148.         if ($missing{
  149.             trigger_error("Expected keys in SQL query list: " .
  150.                           implode(", "$missing),
  151.                           E_USER_ERROR);
  152.             return;
  153.         }
  154.  
  155.         if ($empty{
  156.             trigger_error("SQL list keys have no SQL strings: " .
  157.                           implode(", "$empty),
  158.                           E_USER_ERROR);
  159.             return;
  160.         }
  161.  
  162.         // Add table names to queries.
  163.         $this->_fixSQL();
  164.     }
  165.  
  166.     function tableExists($table_name)
  167.     {
  168.         return !$this->isError(
  169.                       $this->connection->query("SELECT * FROM %s LIMIT 0",
  170.                                                $table_name));
  171.     }
  172.  
  173.     /**
  174.      * Returns true if $value constitutes a database error; returns
  175.      * false otherwise.
  176.      */
  177.     function isError($value)
  178.     {
  179.         return PEAR::isError($value);
  180.     }
  181.  
  182.     /**
  183.      * Converts a query result to a boolean.  If the result is a
  184.      * database error according to $this->isError(), this returns
  185.      * false; otherwise, this returns true.
  186.      */
  187.     function resultToBool($obj)
  188.     {
  189.         if ($this->isError($obj)) {
  190.             return false;
  191.         else {
  192.             return true;
  193.         }
  194.     }
  195.  
  196.     /**
  197.      * This method should be overridden by subclasses.  This method is
  198.      * called by the constructor to set values in $this->sql, which is
  199.      * an array keyed on sql name.
  200.      */
  201.     function setSQL()
  202.     {
  203.     }
  204.  
  205.     /**
  206.      * Resets the store by removing all records from the store's
  207.      * tables.
  208.      */
  209.     function reset()
  210.     {
  211.         $this->connection->query(sprintf("DELETE FROM %s",
  212.                                          $this->associations_table_name));
  213.  
  214.         $this->connection->query(sprintf("DELETE FROM %s",
  215.                                          $this->nonces_table_name));
  216.  
  217.         $this->connection->query(sprintf("DELETE FROM %s",
  218.                                          $this->settings_table_name));
  219.     }
  220.  
  221.     /**
  222.      * @access private
  223.      */
  224.     function _verifySQL()
  225.     {
  226.         $missing array();
  227.         $empty array();
  228.  
  229.         $required_sql_keys array(
  230.                                    'nonce_table',
  231.                                    'assoc_table',
  232.                                    'settings_table',
  233.                                    'get_auth',
  234.                                    'create_auth',
  235.                                    'set_assoc',
  236.                                    'get_assoc',
  237.                                    'get_assocs',
  238.                                    'remove_assoc',
  239.                                    'add_nonce',
  240.                                    'get_nonce',
  241.                                    'remove_nonce'
  242.                                    );
  243.  
  244.         foreach ($required_sql_keys as $key{
  245.             if (!array_key_exists($key$this->sql)) {
  246.                 $missing[$key;
  247.             else if (!$this->sql[$key]{
  248.                 $empty[$key;
  249.             }
  250.         }
  251.  
  252.         return array($missing$empty);
  253.     }
  254.  
  255.     /**
  256.      * @access private
  257.      */
  258.     function _fixSQL()
  259.     {
  260.         $replacements array(
  261.                               array(
  262.                                     'value' => $this->nonces_table_name,
  263.                                     'keys' => array('nonce_table',
  264.                                                     'add_nonce',
  265.                                                     'get_nonce',
  266.                                                     'remove_nonce')
  267.                                     ),
  268.                               array(
  269.                                     'value' => $this->associations_table_name,
  270.                                     'keys' => array('assoc_table',
  271.                                                     'set_assoc',
  272.                                                     'get_assoc',
  273.                                                     'get_assocs',
  274.                                                     'remove_assoc')
  275.                                     ),
  276.                               array(
  277.                                     'value' => $this->settings_table_name,
  278.                                     'keys' => array('settings_table',
  279.                                                     'get_auth',
  280.                                                     'create_auth')
  281.                                     )
  282.                               );
  283.  
  284.         foreach ($replacements as $item{
  285.             $value $item['value'];
  286.             $keys $item['keys'];
  287.  
  288.             foreach ($keys as $k{
  289.                 if (is_array($this->sql[$k])) {
  290.                     foreach ($this->sql[$kas $part_key => $part_value{
  291.                         $this->sql[$k][$part_keysprintf($part_value,
  292.                                                             $value);
  293.                     }
  294.                 else {
  295.                     $this->sql[$ksprintf($this->sql[$k]$value);
  296.                 }
  297.             }
  298.         }
  299.     }
  300.  
  301.     function blobDecode($blob)
  302.     {
  303.         return $blob;
  304.     }
  305.  
  306.     function blobEncode($str)
  307.     {
  308.         return $str;
  309.     }
  310.  
  311.     function createTables()
  312.     {
  313.         $this->connection->autoCommit(true);
  314.         $n $this->create_nonce_table();
  315.         $a $this->create_assoc_table();
  316.         $s $this->create_settings_table();
  317.         $this->connection->autoCommit(false);
  318.  
  319.         if ($n && $a && $s{
  320.             return true;
  321.         else {
  322.             return false;
  323.         }
  324.     }
  325.  
  326.     function create_nonce_table()
  327.     {
  328.         if (!$this->tableExists($this->nonces_table_name)) {
  329.             $r $this->connection->query($this->sql['nonce_table']);
  330.             return $this->resultToBool($r);
  331.         }
  332.         return true;
  333.     }
  334.  
  335.     function create_assoc_table()
  336.     {
  337.         if (!$this->tableExists($this->associations_table_name)) {
  338.             $r $this->connection->query($this->sql['assoc_table']);
  339.             return $this->resultToBool($r);
  340.         }
  341.         return true;
  342.     }
  343.  
  344.     function create_settings_table()
  345.     {
  346.         if (!$this->tableExists($this->settings_table_name)) {
  347.             $r $this->connection->query($this->sql['settings_table']);
  348.             return $this->resultToBool($r);
  349.         }
  350.         return true;
  351.     }
  352.  
  353.     /**
  354.      * @access private
  355.      */
  356.     function _get_auth()
  357.     {
  358.         return $this->connection->getOne($this->sql['get_auth']);
  359.     }
  360.  
  361.     /**
  362.      * @access private
  363.      */
  364.     function _create_auth($str)
  365.     {
  366.         return $this->connection->query($this->sql['create_auth'],
  367.                                         array($str));
  368.     }
  369.  
  370.     function getAuthKey()
  371.     {
  372.         $value $this->_get_auth();
  373.         if (!$value{
  374.             $auth_key =
  375.                 Auth_OpenID_CryptUtil::randomString($this->AUTH_KEY_LEN);
  376.  
  377.             $auth_key_s $this->blobEncode($auth_key);
  378.             $this->_create_auth($auth_key_s);
  379.         else {
  380.             $auth_key_s $value;
  381.             $auth_key $this->blobDecode($auth_key_s);
  382.         }
  383.  
  384.         $this->connection->commit();
  385.  
  386.         if (strlen($auth_key!= $this->AUTH_KEY_LEN{
  387.             $fmt "Expected %d-byte string for auth key. Got key of length %d";
  388.             trigger_error(sprintf($fmt$this->AUTH_KEY_LENstrlen($auth_key)),
  389.                           E_USER_WARNING);
  390.             return null;
  391.         }
  392.  
  393.         return $auth_key;
  394.     }
  395.  
  396.     /**
  397.      * @access private
  398.      */
  399.     function _set_assoc($server_url$handle$secret$issued,
  400.                         $lifetime$assoc_type)
  401.     {
  402.         return $this->connection->query($this->sql['set_assoc'],
  403.                                         array(
  404.                                               $server_url,
  405.                                               $handle,
  406.                                               $secret,
  407.                                               $issued,
  408.                                               $lifetime,
  409.                                               $assoc_type));
  410.     }
  411.  
  412.     function storeAssociation($server_url$association)
  413.     {
  414.         if ($this->resultToBool($this->_set_assoc(
  415.                                             $server_url,
  416.                                             $association->handle,
  417.                                             $this->blobEncode(
  418.                                                   $association->secret),
  419.                                             $association->issued,
  420.                                             $association->lifetime,
  421.                                             $association->assoc_type
  422.                                             ))) {
  423.             $this->connection->commit();
  424.         else {
  425.             $this->connection->rollback();
  426.         }
  427.     }
  428.  
  429.     /**
  430.      * @access private
  431.      */
  432.     function _get_assoc($server_url$handle)
  433.     {
  434.         $result $this->connection->getRow($this->sql['get_assoc'],
  435.                                             array($server_url$handle));
  436.         if ($this->isError($result)) {
  437.             return null;
  438.         else {
  439.             return $result;
  440.         }
  441.     }
  442.  
  443.     /**
  444.      * @access private
  445.      */
  446.     function _get_assocs($server_url)
  447.     {
  448.         $result $this->connection->getAll($this->sql['get_assocs'],
  449.                                             array($server_url));
  450.  
  451.         if ($this->isError($result)) {
  452.             return array();
  453.         else {
  454.             return $result;
  455.         }
  456.     }
  457.  
  458.     function removeAssociation($server_url$handle)
  459.     {
  460.         if ($this->_get_assoc($server_url$handle== null{
  461.             return false;
  462.         }
  463.  
  464.         if ($this->resultToBool($this->connection->query(
  465.                               $this->sql['remove_assoc'],
  466.                               array($server_url$handle)))) {
  467.             $this->connection->commit();
  468.         else {
  469.             $this->connection->rollback();
  470.         }
  471.  
  472.         return true;
  473.     }
  474.  
  475.     function getAssociation($server_url$handle null)
  476.     {
  477.         if ($handle !== null{
  478.             $assoc $this->_get_assoc($server_url$handle);
  479.  
  480.             $assocs array();
  481.             if ($assoc{
  482.                 $assocs[$assoc;
  483.             }
  484.         else {
  485.             $assocs $this->_get_assocs($server_url);
  486.         }
  487.  
  488.         if (!$assocs || (count($assocs== 0)) {
  489.             return null;
  490.         else {
  491.             $associations array();
  492.  
  493.             foreach ($assocs as $assoc_row{
  494.                 $assoc new Auth_OpenID_Association($assoc_row['handle'],
  495.                                                      $assoc_row['secret'],
  496.                                                      $assoc_row['issued'],
  497.                                                      $assoc_row['lifetime'],
  498.                                                      $assoc_row['assoc_type']);
  499.  
  500.                 $assoc->secret $this->blobDecode($assoc->secret);
  501.  
  502.                 if ($assoc->getExpiresIn(== 0{
  503.                     $this->removeAssociation($server_url$assoc->handle);
  504.                 else {
  505.                     $associations[array($assoc->issued$assoc);
  506.                 }
  507.             }
  508.  
  509.             if ($associations{
  510.                 $issued array();
  511.                 $assocs array();
  512.                 foreach ($associations as $key => $assoc{
  513.                     $issued[$key$assoc[0];
  514.                     $assocs[$key$assoc[1];
  515.                 }
  516.  
  517.                 array_multisort($issuedSORT_DESC$assocsSORT_DESC,
  518.                                 $associations);
  519.  
  520.                 // return the most recently issued one.
  521.                 list($issued$assoc$associations[0];
  522.                 return $assoc;
  523.             else {
  524.                 return null;
  525.             }
  526.         }
  527.     }
  528.  
  529.     /**
  530.      * @access private
  531.      */
  532.     function _add_nonce($nonce$expires)
  533.     {
  534.         $sql $this->sql['add_nonce'];
  535.         $result $this->connection->query($sqlarray($nonce$expires));
  536.         return $this->resultToBool($result);
  537.     }
  538.  
  539.     /**
  540.      * @access private
  541.      */
  542.     function storeNonce($nonce)
  543.     {
  544.         if ($this->_add_nonce($noncetime())) {
  545.             $this->connection->commit();
  546.         else {
  547.             $this->connection->rollback();
  548.         }
  549.     }
  550.  
  551.     /**
  552.      * @access private
  553.      */
  554.     function _get_nonce($nonce)
  555.     {
  556.         $result $this->connection->getRow($this->sql['get_nonce'],
  557.                                             array($nonce));
  558.  
  559.         if ($this->isError($result)) {
  560.             return null;
  561.         else {
  562.             return $result;
  563.         }
  564.     }
  565.  
  566.     /**
  567.      * @access private
  568.      */
  569.     function _remove_nonce($nonce)
  570.     {
  571.         $this->connection->query($this->sql['remove_nonce'],
  572.                                  array($nonce));
  573.     }
  574.  
  575.     function useNonce($nonce)
  576.     {
  577.         $row $this->_get_nonce($nonce);
  578.  
  579.         if ($row !== null{
  580.             $nonce $row['nonce'];
  581.             $timestamp $row['expires'];
  582.             $nonce_age time($timestamp;
  583.  
  584.             if ($nonce_age $this->max_nonce_age{
  585.                 $present 0;
  586.             else {
  587.                 $present 1;
  588.             }
  589.  
  590.             $this->_remove_nonce($nonce);
  591.         else {
  592.             $present 0;
  593.         }
  594.  
  595.         $this->connection->commit();
  596.  
  597.         return $present;
  598.     }
  599.  
  600.     /**
  601.      * "Octifies" a binary string by returning a string with escaped
  602.      * octal bytes.  This is used for preparing binary data for
  603.      * PostgreSQL BYTEA fields.
  604.      *
  605.      * @access private
  606.      */
  607.     function _octify($str)
  608.     {
  609.         $result "";
  610.         for ($i 0$i strlen($str)$i++{
  611.             $ch substr($str$i1);
  612.             if ($ch == "\\"{
  613.                 $result .= "\\\\\\\\";
  614.             else if (ord($ch== 0{
  615.                 $result .= "\\\\000";
  616.             else {
  617.                 $result .= "\\" strval(decoct(ord($ch)));
  618.             }
  619.         }
  620.         return $result;
  621.     }
  622.  
  623.     /**
  624.      * "Unoctifies" octal-escaped data from PostgreSQL and returns the
  625.      * resulting ASCII (possibly binary) string.
  626.      *
  627.      * @access private
  628.      */
  629.     function _unoctify($str)
  630.     {
  631.         $result "";
  632.         $i 0;
  633.         while ($i strlen($str)) {
  634.             $char $str[$i];
  635.             if ($char == "\\"{
  636.                 // Look to see if the next char is a backslash and
  637.                 // append it.
  638.                 if ($str[$i 1!= "\\"{
  639.                     $octal_digits substr($str$i 13);
  640.                     $dec octdec($octal_digits);
  641.                     $char chr($dec);
  642.                     $i += 4;
  643.                 else {
  644.                     $char "\\";
  645.                     $i += 2;
  646.                 }
  647.             else {
  648.                 $i += 1;
  649.             }
  650.  
  651.             $result .= $char;
  652.         }
  653.  
  654.         return $result;
  655.     }
  656. }
  657.  
  658. ?>
Documentation generated on Mon, 05 Mar 2007 21:26:49 +0000 by phpDocumentor 1.3.1