OpenId.php
inherited
Classes
Zend Framework
LICENSE
This source file is subject to the new BSD license that is bundled with this package in the file LICENSE.txt. It is also available through the world-wide-web at this URL: http://framework.zend.com/license/new-bsd If you did not receive a copy of the license and are unable to obtain it through the world-wide-web, please send an email to [email protected] so we can send you a copy immediately.
- Category
- Zend
- Copyright
- Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
- License
- New BSD License
- Package
- Zend_OpenId
- Version
- $Id: OpenId.php 24842 2012-05-31 18:31:28Z rob $
\Zend_OpenId
Static class that contains common utility functions for {@link Zend_OpenId_Consumer} and {@link Zend_OpenId_Provider}.
This class implements common utility functions that are used by both Consumer and Provider. They include functions for Diffie-Hellman keys generation and exchange, URL normalization, HTTP redirection and some others.
- Category
- Zend
- Copyright
- Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
- License
- New BSD License
Constants
DH_P
= 'dcf93a0b883972ec0e19989ac5a2ce310e1d37717e8d9571bb7623731866e61ef75a2e27898b057f9891c2e27a639c3f29b60814581cd3b2ca3986d2683705577d45c2e7e52dc81c7a171876e5cea74b1448bfdfaf18828efd2519f14e45e3826634af1949e5b535cc829a483b8a76223e5d490a257f05bdff16f2fb22c583ab'Default Diffie-Hellman key generator (1024 bit)
DH_G
= '02'Default Diffie-Hellman prime number (should be 2 or 5)
NS_2_0
= 'http://specs.openid.net/auth/2.0'OpenID 2.0 namespace.
All OpenID 2.0 messages MUST contain variable openid.ns with its value.
Properties
$exitOnRedirect = trueAllows enable/disable stoping execution of PHP script after redirect()
trueDetails- Type
- n/a
$selfUrl = nullAlternative request URL that can be used to override the default selfUrl() response
nullDetails- Type
- n/a
Methods
absoluteUrl(string $url) : stringReturns an absolute URL for the given one
| Name | Type | Description |
|---|---|---|
| $url | string | absilute or relative URL |
| Type | Description |
|---|---|
| string |
bigNumToBin(mixed $bn) : stringConverts internal ext/gmp or ext/bcmath big integer representation into binary string.
| Name | Type | Description |
|---|---|---|
| $bn | mixed | big number |
| Type | Description |
|---|---|
| string |
| Exception | Description |
|---|---|
| \Zend_OpenId_Exception |
binToBigNum(string $bin) : mixedConverts binary representation into ext/gmp or ext/bcmath big integer representation.
| Name | Type | Description |
|---|---|---|
| $bin | string | binary representation of big number |
| Type | Description |
|---|---|
| mixed |
| Exception | Description |
|---|---|
| \Zend_OpenId_Exception |
btwoc(string $str) : stringTakes an arbitrary precision integer and returns its shortest big-endian two's complement representation.
Arbitrary precision integers MUST be encoded as big-endian signed two's complement binary strings. Henceforth, "btwoc" is a function that takes an arbitrary precision integer and returns its shortest big-endian two's complement representation. All integers that are used with Diffie-Hellman Key Exchange are positive. This means that the left-most bit of the two's complement representation MUST be zero. If it is not, implementations MUST add a zero byte at the front of the string.
| Name | Type | Description |
|---|---|---|
| $str | string | binary representation of arbitrary precision integer |
| Type | Description |
|---|---|
| string | big-endian signed representation |
computeDhSecret(string $pub_key, mixed $dh) : stringComputes the shared secret from the private DH value $dh and the other party's public value in $pub_key
| Name | Type | Description |
|---|---|---|
| $pub_key | string | other party's public value |
| $dh | mixed | Diffie-Hellman key |
| Type | Description |
|---|---|
| string |
| Exception | Description |
|---|---|
| \Zend_OpenId_Exception |
createDhKey(string $p, string $g, string $priv_key = null) : mixedPerforms the first step of a Diffie-Hellman key exchange by generating private and public DH values based on given prime number $p and generator $g.
Both sides of key exchange MUST have the same prime number and generator. In this case they will able to create a random shared secret that is never send from one to the other.
| Name | Type | Description |
|---|---|---|
| $p | string | prime number in binary representation |
| $g | string | generator in binary representation |
| $priv_key | string | private key in binary representation |
| Type | Description |
|---|---|
| mixed |
digest(string $func, string $data) : stringGenerates a hash value (message digest) according to given algorithm.
It returns RAW binary string.
This is a wrapper function that uses one of available internal function dependent on given PHP configuration. It may use various functions from ext/openssl, ext/hash, ext/mhash or ext/standard.
| Name | Type | Description |
|---|---|---|
| $func | string | digest algorithm |
| $data | string | data to sign |
| Type | Description |
|---|---|
| string | RAW digital signature |
| Exception | Description |
|---|---|
| \Zend_OpenId_Exception |
getDhKeyDetails(mixed $dh) : arrayReturns an associative array with Diffie-Hellman key components in binary representation.
The array includes original prime number 'p' and generator 'g', random private key 'priv_key' and corresponding public key 'pub_key'.
| Name | Type | Description |
|---|---|---|
| $dh | mixed | Diffie-Hellman key |
| Type | Description |
|---|---|
| array |
hashHmac(string $macFunc, string $data, string $secret) : stringGenerates a keyed hash value using the HMAC method.
It uses ext/hash if available or user-level PHP implementation, that is not significantly slower.
| Name | Type | Description |
|---|---|---|
| $macFunc | string | name of selected hashing algorithm (sha1, sha256) |
| $data | string | data to sign |
| $secret | string | shared secret key used for generating the HMAC variant of the message digest |
| Type | Description |
|---|---|
| string | RAW HMAC value |
normalize(string $id) : boolNormalizes OpenID identifier that can be URL or XRI name.
Returns true on success and false of failure.
Normalization is performed according to the following rules: 1. If the user's input starts with one of the "xri://", "xri://$ip", or "xri://$dns" prefixes, they MUST be stripped off, so that XRIs are used in the canonical form, and URI-authority XRIs are further considered URL identifiers. 2. If the first character of the resulting string is an XRI Global Context Symbol ("=", "@", "+", "$", "!"), then the input SHOULD be treated as an XRI. 3. Otherwise, the input SHOULD be treated as an http URL; if it does not include a "http" or "https" scheme, the Identifier MUST be prefixed with the string "http://". 4. URL identifiers MUST then be further normalized by both following redirects when retrieving their content and finally applying the rules in Section 6 of [RFC3986] to the final destination URL.
| Name | Type | Description |
|---|---|---|
| $id | string | &$id identifier to be normalized |
| Type | Description |
|---|---|
| bool |
normalizeUrl(string $id) : boolNormalizes URL according to RFC 3986 to use it in comparison operations.
The function gets URL argument by reference and modifies it. It returns true on success and false of failure.
| Name | Type | Description |
|---|---|---|
| $id | string | &$id url to be normalized |
| Type | Description |
|---|---|
| bool |
paramsToQuery(array $params) : stringConverts variable/value pairs into URL encoded query string
| Name | Type | Description |
|---|---|---|
| $params | array | variable/value pairs |
| Type | Description |
|---|---|
| string | URL encoded query string |
randomBytes(integer $len) : stringProduces string of random byte of given length.
| Name | Type | Description |
|---|---|---|
| $len | integer | length of requested string |
| Type | Description |
|---|---|
| string | RAW random binary string |
redirect(string $url, array $params = null, \Zend_Controller_Response_Abstract $response = null, string $method = 'GET') : voidPerforms a HTTP redirection to specified URL with additional data.
It may generate redirected request using GET or POST HTTP method. The function never returns.
| Name | Type | Description |
|---|---|---|
| $url | string | URL to redirect to |
| $params | array | additional variable/value pairs to send |
| $response | \Zend_Controller_Response_Abstract | |
| $method | string | redirection method ('GET' or 'POST') |
selfUrl() : stringReturns a full URL that was requested on current HTTP request.
| Type | Description |
|---|---|
| string |
setSelfUrl(string $selfUrl = null) : stringSets alternative request URL that can be used to override the default selfUrl() response
| Name | Type | Description |
|---|---|---|
| $selfUrl | string | the URL to be set |
| Type | Description |
|---|---|
| string | the old value of overriding URL |
strlen(string $str) : intReturns lenght of binary string in bytes
| Name | Type | Description |
|---|---|---|
| $str | string |
| Type | Description |
|---|---|
| int | the string lenght |