| 42 |
aurelien |
1 |
<?php
|
|
|
2 |
|
|
|
3 |
/**
|
|
|
4 |
* This file specifies the interface for PHP OpenID store implementations.
|
|
|
5 |
*
|
|
|
6 |
* PHP versions 4 and 5
|
|
|
7 |
*
|
|
|
8 |
* LICENSE: See the COPYING file included in this distribution.
|
|
|
9 |
*
|
|
|
10 |
* @package OpenID
|
|
|
11 |
* @author JanRain, Inc. <openid@janrain.com>
|
|
|
12 |
* @copyright 2005 Janrain, Inc.
|
|
|
13 |
* @license http://www.gnu.org/copyleft/lesser.html LGPL
|
|
|
14 |
*/
|
|
|
15 |
|
|
|
16 |
/**
|
|
|
17 |
* This is the interface for the store objects the OpenID library
|
|
|
18 |
* uses. It is a single class that provides all of the persistence
|
|
|
19 |
* mechanisms that the OpenID library needs, for both servers and
|
|
|
20 |
* consumers. If you want to create an SQL-driven store, please see
|
|
|
21 |
* then {@link Auth_OpenID_SQLStore} class.
|
|
|
22 |
*
|
|
|
23 |
* @package OpenID
|
|
|
24 |
* @author JanRain, Inc. <openid@janrain.com>
|
|
|
25 |
*/
|
|
|
26 |
class Auth_OpenID_OpenIDStore {
|
|
|
27 |
/**
|
|
|
28 |
* @var integer The length of the auth key that should be returned
|
|
|
29 |
* by the getAuthKey method.
|
|
|
30 |
*/
|
|
|
31 |
var $AUTH_KEY_LEN = 20;
|
|
|
32 |
|
|
|
33 |
/**
|
|
|
34 |
* This method puts an Association object into storage,
|
|
|
35 |
* retrievable by server URL and handle.
|
|
|
36 |
*
|
|
|
37 |
* @param string $server_url The URL of the identity server that
|
|
|
38 |
* this association is with. Because of the way the server portion
|
|
|
39 |
* of the library uses this interface, don't assume there are any
|
|
|
40 |
* limitations on the character set of the input string. In
|
|
|
41 |
* particular, expect to see unescaped non-url-safe characters in
|
|
|
42 |
* the server_url field.
|
|
|
43 |
*
|
|
|
44 |
* @param Association $association The Association to store.
|
|
|
45 |
*/
|
|
|
46 |
function storeAssociation($server_url, $association)
|
|
|
47 |
{
|
|
|
48 |
trigger_error("Auth_OpenID_OpenIDStore::storeAssociation ".
|
|
|
49 |
"not implemented", E_USER_ERROR);
|
|
|
50 |
}
|
|
|
51 |
|
|
|
52 |
/**
|
|
|
53 |
* This method returns an Association object from storage that
|
|
|
54 |
* matches the server URL and, if specified, handle. It returns
|
|
|
55 |
* null if no such association is found or if the matching
|
|
|
56 |
* association is expired.
|
|
|
57 |
*
|
|
|
58 |
* If no handle is specified, the store may return any association
|
|
|
59 |
* which matches the server URL. If multiple associations are
|
|
|
60 |
* valid, the recommended return value for this method is the one
|
|
|
61 |
* that will remain valid for the longest duration.
|
|
|
62 |
*
|
|
|
63 |
* This method is allowed (and encouraged) to garbage collect
|
|
|
64 |
* expired associations when found. This method must not return
|
|
|
65 |
* expired associations.
|
|
|
66 |
*
|
|
|
67 |
* @param string $server_url The URL of the identity server to get
|
|
|
68 |
* the association for. Because of the way the server portion of
|
|
|
69 |
* the library uses this interface, don't assume there are any
|
|
|
70 |
* limitations on the character set of the input string. In
|
|
|
71 |
* particular, expect to see unescaped non-url-safe characters in
|
|
|
72 |
* the server_url field.
|
|
|
73 |
*
|
|
|
74 |
* @param mixed $handle This optional parameter is the handle of
|
|
|
75 |
* the specific association to get. If no specific handle is
|
|
|
76 |
* provided, any valid association matching the server URL is
|
|
|
77 |
* returned.
|
|
|
78 |
*
|
|
|
79 |
* @return Association The Association for the given identity
|
|
|
80 |
* server.
|
|
|
81 |
*/
|
|
|
82 |
function getAssociation($server_url, $handle = null)
|
|
|
83 |
{
|
|
|
84 |
trigger_error("Auth_OpenID_OpenIDStore::getAssociation ".
|
|
|
85 |
"not implemented", E_USER_ERROR);
|
|
|
86 |
}
|
|
|
87 |
|
|
|
88 |
/**
|
|
|
89 |
* This method removes the matching association if it's found, and
|
|
|
90 |
* returns whether the association was removed or not.
|
|
|
91 |
*
|
|
|
92 |
* @param string $server_url The URL of the identity server the
|
|
|
93 |
* association to remove belongs to. Because of the way the server
|
|
|
94 |
* portion of the library uses this interface, don't assume there
|
|
|
95 |
* are any limitations on the character set of the input
|
|
|
96 |
* string. In particular, expect to see unescaped non-url-safe
|
|
|
97 |
* characters in the server_url field.
|
|
|
98 |
*
|
|
|
99 |
* @param string $handle This is the handle of the association to
|
|
|
100 |
* remove. If there isn't an association found that matches both
|
|
|
101 |
* the given URL and handle, then there was no matching handle
|
|
|
102 |
* found.
|
|
|
103 |
*
|
|
|
104 |
* @return mixed Returns whether or not the given association existed.
|
|
|
105 |
*/
|
|
|
106 |
function removeAssociation($server_url, $handle)
|
|
|
107 |
{
|
|
|
108 |
trigger_error("Auth_OpenID_OpenIDStore::removeAssociation ".
|
|
|
109 |
"not implemented", E_USER_ERROR);
|
|
|
110 |
}
|
|
|
111 |
|
|
|
112 |
/**
|
|
|
113 |
* Stores a nonce. This is used by the consumer to prevent replay
|
|
|
114 |
* attacks.
|
|
|
115 |
*
|
|
|
116 |
* @param string $nonce The nonce to store.
|
|
|
117 |
*
|
|
|
118 |
* @return null
|
|
|
119 |
*/
|
|
|
120 |
function storeNonce($nonce)
|
|
|
121 |
{
|
|
|
122 |
trigger_error("Auth_OpenID_OpenIDStore::storeNonce ".
|
|
|
123 |
"not implemented", E_USER_ERROR);
|
|
|
124 |
}
|
|
|
125 |
|
|
|
126 |
/**
|
|
|
127 |
* This method is called when the library is attempting to use a
|
|
|
128 |
* nonce. If the nonce is in the store, this method removes it and
|
|
|
129 |
* returns a value which evaluates as true. Otherwise it returns a
|
|
|
130 |
* value which evaluates as false.
|
|
|
131 |
*
|
|
|
132 |
* This method is allowed and encouraged to treat nonces older
|
|
|
133 |
* than some period (a very conservative window would be 6 hours,
|
|
|
134 |
* for example) as no longer existing, and return False and remove
|
|
|
135 |
* them.
|
|
|
136 |
*
|
|
|
137 |
* @param string $nonce The nonce to use.
|
|
|
138 |
*
|
|
|
139 |
* @return bool Whether or not the nonce was valid.
|
|
|
140 |
*/
|
|
|
141 |
function useNonce($nonce)
|
|
|
142 |
{
|
|
|
143 |
trigger_error("Auth_OpenID_OpenIDStore::useNonce ".
|
|
|
144 |
"not implemented", E_USER_ERROR);
|
|
|
145 |
}
|
|
|
146 |
|
|
|
147 |
/**
|
|
|
148 |
* This method returns a key used to sign the tokens, to ensure
|
|
|
149 |
* that they haven't been tampered with in transit. It should
|
|
|
150 |
* return the same key every time it is called. The key returned
|
|
|
151 |
* should be {@link AUTH_KEY_LEN} bytes long.
|
|
|
152 |
*
|
|
|
153 |
* @return string The key. It should be {@link AUTH_KEY_LEN} bytes in
|
|
|
154 |
* length, and use the full range of byte values. That is, it
|
|
|
155 |
* should be treated as a lump of binary data stored in a string.
|
|
|
156 |
*/
|
|
|
157 |
function getAuthKey()
|
|
|
158 |
{
|
|
|
159 |
trigger_error("Auth_OpenID_OpenIDStore::getAuthKey ".
|
|
|
160 |
"not implemented", E_USER_ERROR);
|
|
|
161 |
}
|
|
|
162 |
|
|
|
163 |
/**
|
|
|
164 |
* This method must return true if the store is a dumb-mode-style
|
|
|
165 |
* store. Unlike all other methods in this class, this one
|
|
|
166 |
* provides a default implementation, which returns false.
|
|
|
167 |
*
|
|
|
168 |
* In general, any custom subclass of {@link Auth_OpenID_OpenIDStore}
|
|
|
169 |
* won't override this method, as custom subclasses are only likely to
|
|
|
170 |
* be created when the store is fully functional.
|
|
|
171 |
*
|
|
|
172 |
* @return bool true if the store works fully, false if the
|
|
|
173 |
* consumer will have to use dumb mode to use this store.
|
|
|
174 |
*/
|
|
|
175 |
function isDumb()
|
|
|
176 |
{
|
|
|
177 |
return false;
|
|
|
178 |
}
|
|
|
179 |
|
|
|
180 |
/**
|
|
|
181 |
* Removes all entries from the store; implementation is optional.
|
|
|
182 |
*/
|
|
|
183 |
function reset()
|
|
|
184 |
{
|
|
|
185 |
}
|
|
|
186 |
|
|
|
187 |
}
|
|
|
188 |
?>
|