📄 consumer.php
字号:
*/ function _createNonce() { $nonce = Auth_OpenID_CryptUtil::randomString($this->nonce_len, $this->nonce_chrs); $this->store->storeNonce($nonce); return $nonce; } /** * @access protected */ function _createDiffieHellman() { return new Auth_OpenID_DiffieHellman(); } /** * @access private */ function _getAssociation($server_url) { if (!$this->_use_assocs) { return null; } $assoc = $this->store->getAssociation($server_url); if (($assoc === null) || ($assoc->getExpiresIn() <= 0)) { $parts = $this->_createAssociateRequest($server_url); if ($parts === null) { return null; } list($assoc_session, $args) = $parts; $response = $this->_makeKVPost($args, $server_url); if ($response === null) { $assoc = null; } else { $assoc = $this->_parseAssociation($response, $assoc_session, $server_url); } } return $assoc; } function _createAssociateRequest($server_url) { $parts = parse_url($server_url); if ($parts === false) { return null; } if (array_key_exists('scheme', $parts)) { $proto = $parts['scheme']; } else { $proto = 'http'; } if ($proto == 'https') { $assoc_session = new Auth_OpenID_PlainTextConsumerSession(); } else { $assoc_session = new Auth_OpenID_DiffieHellmanConsumerSession(); } $args = array( 'openid.mode' => 'associate', 'openid.assoc_type' => 'HMAC-SHA1'); if ($assoc_session->session_type !== null) { $args['openid.session_type'] = $assoc_session->session_type; } $args = array_merge($args, $assoc_session->getRequest()); return array($assoc_session, $args); } /** * @access private */ function _parseAssociation($results, $assoc_session, $server_url) { $required_keys = array('assoc_type', 'assoc_handle', 'expires_in'); foreach ($required_keys as $key) { if (!array_key_exists($key, $results)) { return null; } } $assoc_type = $results['assoc_type']; $assoc_handle = $results['assoc_handle']; $expires_in_str = $results['expires_in']; if ($assoc_type != 'HMAC-SHA1') { return null; } $expires_in = intval($expires_in_str); if ($expires_in <= 0) { return null; } $session_type = Auth_OpenID::arrayGet($results, 'session_type'); if ($session_type != $assoc_session->session_type) { if ($session_type === null) { $assoc_session = new Auth_OpenID_PlainTextConsumerSession(); } else { return null; } } $secret = $assoc_session->extractSecret($results); if (!$secret) { return null; } $assoc = Auth_OpenID_Association::fromExpiresIn( $expires_in, $assoc_handle, $secret, $assoc_type); $this->store->storeAssociation($server_url, $assoc); return $assoc; }}/** * This class represents an authentication request from a consumer to * an OpenID server. * * @package OpenID */class Auth_OpenID_AuthRequest { /** * Initialize an authentication request with the specified token, * association, and endpoint. * * Users of this library should not create instances of this * class. Instances of this class are created by the library when * needed. */ function Auth_OpenID_AuthRequest($assoc, $endpoint) { $this->assoc = $assoc; $this->endpoint = $endpoint; $this->extra_args = array(); $this->return_to_args = array(); } /** * Add an extension argument to this OpenID authentication * request. * * Use caution when adding arguments, because they will be * URL-escaped and appended to the redirect URL, which can easily * get quite long. * * @param string $namespace The namespace for the extension. For * example, the simple registration extension uses the namespace * 'sreg'. * * @param string $key The key within the extension namespace. For * example, the nickname field in the simple registration * extension's key is 'nickname'. * * @param string $value The value to provide to the server for * this argument. */ function addExtensionArg($namespace, $key, $value) { $arg_name = implode('.', array('openid', $namespace, $key)); $this->extra_args[$arg_name] = $value; } /** * Compute the appropriate redirection URL for this request based * on a specified trust root and return-to. * * @param string $trust_root The trust root URI for your * application. * * @param string$ $return_to The return-to URL to be used when the * OpenID server redirects the user back to your site. * * @return string $redirect_url The resulting redirect URL that * you should send to the user agent. */ function redirectURL($trust_root, $return_to, $immediate=false) { if ($immediate) { $mode = 'checkid_immediate'; } else { $mode = 'checkid_setup'; } $return_to = Auth_OpenID::appendArgs($return_to, $this->return_to_args); $redir_args = array( 'openid.mode' => $mode, 'openid.identity' => $this->endpoint->getServerID(), 'openid.return_to' => $return_to, 'openid.trust_root' => $trust_root); if ($this->assoc) { $redir_args['openid.assoc_handle'] = $this->assoc->handle; } $redir_args = array_merge($redir_args, $this->extra_args); return Auth_OpenID::appendArgs($this->endpoint->server_url, $redir_args); }}/** * The base class for responses from the Auth_OpenID_Consumer. * * @package OpenID */class Auth_OpenID_ConsumerResponse { var $status = null;}/** * A response with a status of Auth_OpenID_SUCCESS. Indicates that * this request is a successful acknowledgement from the OpenID server * that the supplied URL is, indeed controlled by the requesting * agent. This has three relevant attributes: * * identity_url - The identity URL that has been authenticated * * signed_args - The arguments in the server's response that were * signed and verified. * * status - Auth_OpenID_SUCCESS. * * @package OpenID */class Auth_OpenID_SuccessResponse extends Auth_OpenID_ConsumerResponse { var $status = Auth_OpenID_SUCCESS; /** * @access private */ function Auth_OpenID_SuccessResponse($endpoint, $signed_args) { $this->endpoint = $endpoint; $this->identity_url = $endpoint->identity_url; $this->signed_args = $signed_args; } /** * @access private */ function fromQuery($endpoint, $query, $signed) { $signed_args = array(); foreach (explode(",", $signed) as $field_name) { $field_name = 'openid.' . $field_name; $signed_args[$field_name] = Auth_OpenID::arrayGet($query, $field_name, ''); } return new Auth_OpenID_SuccessResponse($endpoint, $signed_args); } /** * Extract signed extension data from the server's response. * * @param string $prefix The extension namespace from which to * extract the extension data. */ function extensionResponse($prefix) { $response = array(); $prefix = sprintf('openid.%s.', $prefix); $prefix_len = strlen($prefix); foreach ($this->signed_args as $k => $v) { if (strpos($k, $prefix) === 0) { $response_key = substr($k, $prefix_len); $response[$response_key] = $v; } } return $response; } /** * Get the openid.return_to argument from this response. * * This is useful for verifying that this request was initiated by * this consumer. * * @return string $return_to The return_to URL supplied to the * server on the initial request, or null if the response did not * contain an 'openid.return_to' argument. */ function getReturnTo() { return Auth_OpenID::arrayGet($this->signed_args, 'openid.return_to'); }}/** * A response with a status of Auth_OpenID_FAILURE. Indicates that the * OpenID protocol has failed. This could be locally or remotely * triggered. This has three relevant attributes: * * identity_url - The identity URL for which authentication was * attempted, if it can be determined. Otherwise, null. * * message - A message indicating why the request failed, if one is * supplied. Otherwise, null. * * status - Auth_OpenID_FAILURE. * * @package OpenID */class Auth_OpenID_FailureResponse extends Auth_OpenID_ConsumerResponse { var $status = Auth_OpenID_FAILURE; function Auth_OpenID_FailureResponse($endpoint, $message = null) { $this->endpoint = $endpoint; if ($endpoint !== null) { $this->identity_url = $endpoint->identity_url; } else { $this->identity_url = null; } $this->message = $message; }}/** * A response with a status of Auth_OpenID_CANCEL. Indicates that the * user cancelled the OpenID authentication request. This has two * relevant attributes: * * identity_url - The identity URL for which authentication was * attempted, if it can be determined. Otherwise, null. * * status - Auth_OpenID_SUCCESS. * * @package OpenID */class Auth_OpenID_CancelResponse extends Auth_OpenID_ConsumerResponse { var $status = Auth_OpenID_CANCEL; function Auth_OpenID_CancelResponse($endpoint) { $this->endpoint = $endpoint; $this->identity_url = $endpoint->identity_url; }}/** * A response with a status of Auth_OpenID_SETUP_NEEDED. Indicates * that the request was in immediate mode, and the server is unable to * authenticate the user without further interaction. * * identity_url - The identity URL for which authentication was * attempted. * * setup_url - A URL that can be used to send the user to the server * to set up for authentication. The user should be redirected in to * the setup_url, either in the current window or in a new browser * window. * * status - Auth_OpenID_SETUP_NEEDED. * * @package OpenID */class Auth_OpenID_SetupNeededResponse extends Auth_OpenID_ConsumerResponse { var $status = Auth_OpenID_SETUP_NEEDED; function Auth_OpenID_SetupNeededResponse($endpoint, $setup_url = null) { $this->endpoint = $endpoint; $this->identity_url = $endpoint->identity_url; $this->setup_url = $setup_url; }}?>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -