Public Member Functions
	__construct ($loginUrl=null, $trustUrl=null, Zend_OpenId_Provider_User $user=null, Zend_OpenId_Provider_Storage $storage=null, $sessionTtl=3600)
	Constructs a Zend_OpenId_Provider object with given parameters.

	setOpEndpoint ($url)
	Sets the OP Endpoint URL.

	register ($id, $password)
	Registers a new user with given $id and $password Returns true in case of success and false if user with given $id already exists.

	hasUser ($id)
	Returns true if user with given $id exists and false otherwise.

	login ($id, $password)
	Performs login of user with given $id and $password Returns true in case of success and false otherwise.

	logout ()
	Performs logout.

	getLoggedInUser ()
	Returns identity URL of current logged in user or false.

	getSiteRoot ($params)
	Retrieve consumer's root URL from request query.

	allowSite ($root, $extensions=null)
	Allows consumer with given root URL to authenticate current logged in user.

	denySite ($root)
	Prohibit consumer with given root URL to authenticate current logged in user.

	delSite ($root)
	Delete consumer with given root URL from known sites of current logged in user.

	getTrustedSites ()
	Returns list of known consumers for current logged in user or false if he is not logged in.

	handle ($params=null, $extensions=null, Zend_Controller_Response_Abstract $response=null)
	Handles HTTP request from consumer.

	respondToConsumer ($params, $extensions=null, Zend_Controller_Response_Abstract $response=null)
	Perepares information to send back to consumer's authentication request, signs it using shared secret and send back through HTTP redirection.

Protected Member Functions
	_genSecret ($func)
	Generates a secret key for given hash function, returns RAW key or false if function is not supported.

	_associate ($version, $params)
	Processes association request from OpenID consumerm generates secret shared key and send it back using Diffie-Hellman encruption.

	_checkId ($version, $params, $immediate, $extensions=null, Zend_Controller_Response_Abstract $response=null)
	Performs authentication (or authentication check).

	_respond ($version, $ret, $params, $extensions=null)
	Perepares information to send back to consumer's authentication request and signs it using shared secret.

	_checkAuthentication ($version, $params)
	Performs authentication validation for dumb consumers Returns array of variables to push back to consumer.

	_secureStringCompare ($a, $b)
	Securely compare two strings for equality while avoided C level memcmp() optimisations capable of leaking timing information useful to an attacker attempting to iteratively guess the unknown string (e.g.

Constructor & Destructor Documentation

__construct	(		$loginUrl = `null`,
			$trustUrl = `null`,
		Zend_OpenId_Provider_User	$user = `null`,
		Zend_OpenId_Provider_Storage	$storage = `null`,
			$sessionTtl = `3600`
	)

Constructs a Zend_OpenId_Provider object with given parameters.

Parameters

string	$loginUrl	is an URL that provides login screen for end-user (by default it is the same URL with additional GET variable openid.action=login)
string	$trustUrl	is an URL that shows a question if end-user trust to given consumer (by default it is the same URL with additional GET variable openid.action=trust)
Zend_OpenId_Provider_User	$user	is an object for communication with User-Agent and store information about logged-in user (it is a Zend_OpenId_Provider_User_Session object by default)
Zend_OpenId_Provider_Storage	$storage	is an object for keeping persistent database (it is a Zend_OpenId_Provider_Storage_File object by default)
integer	$sessionTtl	is a default time to live for association session in seconds (1 hour by default). Consumer must reestablish association after that time.

Member Function Documentation

_associate	(	$version,
		$params
	)

protected

Processes association request from OpenID consumerm generates secret shared key and send it back using Diffie-Hellman encruption.

Returns array of variables to push back to consumer.

Parameters

float	$version	OpenID version
array	$params	GET or POST request variables

Returns: array

_checkAuthentication	(	$version,
		$params
	)

protected

Performs authentication validation for dumb consumers Returns array of variables to push back to consumer.

It MUST contain 'is_valid' variable with value 'true' or 'false'.

Parameters

float	$version	OpenID version
array	$params	GET or POST request variables

Returns: array

_checkId	(		$version,
			$params,
			$immediate,
			$extensions = `null`,
		Zend_Controller_Response_Abstract	$response = `null`
	)

protected

Performs authentication (or authentication check).

Parameters

float	$version	OpenID version
array	$params	GET or POST request variables
bool	$immediate	enables or disables interaction with user
mixed	$extensions	extension object or array of extensions objects
Zend_Controller_Response_Abstract	$response

Returns: array

_genSecret ( $func )

protected

Generates a secret key for given hash function, returns RAW key or false if function is not supported.

Parameters

string $func hash function (sha1 or sha256)

Returns: mixed

_respond	(	$version,
		$ret,
		$params,
		$extensions = `null`
	)

protected

Perepares information to send back to consumer's authentication request and signs it using shared secret.

Parameters

float	$version	OpenID protcol version
array	$ret	arguments to be send back to consumer
array	$params	GET or POST request variables
mixed	$extensions	extension object or array of extensions objects

Returns: array

_secureStringCompare	(	$a,
		$b
	)

protected

Securely compare two strings for equality while avoided C level memcmp() optimisations capable of leaking timing information useful to an attacker attempting to iteratively guess the unknown string (e.g.

password) being compared against.

Parameters

string	$a
string	$b

Returns: bool

allowSite	(	$root,
		$extensions = `null`
	)

Allows consumer with given root URL to authenticate current logged in user.

Returns true on success and false on error.

Parameters

string	$root	root URL
mixed	$extensions	extension object or array of extensions objects

Returns: bool

delSite ( $root )

Delete consumer with given root URL from known sites of current logged in user.

Next time this consumer will try to authenticate the user, Provider will ask user's confirmation. Returns true on success and false on error.

Parameters

string $root root URL

Returns: bool

denySite ( $root )

Prohibit consumer with given root URL to authenticate current logged in user.

Returns true on success and false on error.

Parameters

string $root root URL

Returns: bool

getLoggedInUser ( )

Returns identity URL of current logged in user or false.

Returns: mixed

getSiteRoot ( $params )

Retrieve consumer's root URL from request query.

Returns URL or false in case of failure

Parameters

array $params query arguments

Returns: mixed

getTrustedSites ( )

Returns list of known consumers for current logged in user or false if he is not logged in.

Returns: mixed

handle	(		$params = `null`,
			$extensions = `null`,
		Zend_Controller_Response_Abstract	$response = `null`
	)

Handles HTTP request from consumer.

Parameters

array	$params	GET or POST variables. If this parameter is omited or set to null, then $_GET or $_POST superglobal variable is used according to REQUEST_METHOD.
mixed	$extensions	extension object or array of extensions objects
Zend_Controller_Response_Abstract	$response	an optional response object to perform HTTP or HTML form redirection

Returns: mixed

hasUser ( $id )

Returns true if user with given $id exists and false otherwise.

Parameters

string $id user identity URL

Returns: bool

login	(	$id,
		$password
	)

Performs login of user with given $id and $password Returns true in case of success and false otherwise.

Parameters

string	$id	user identity URL
string	$password	user password

Returns: bool

logout ( )

Performs logout.

Clears information about logged in user.

Returns: void

register	(	$id,
		$password
	)

Registers a new user with given $id and $password Returns true in case of success and false if user with given $id already exists.

Parameters

string	$id	user identity URL
string	$password	encoded user password

Returns: bool

respondToConsumer	(		$params,
			$extensions = `null`,
		Zend_Controller_Response_Abstract	$response = `null`
	)

Perepares information to send back to consumer's authentication request, signs it using shared secret and send back through HTTP redirection.

Parameters

array	$params	GET or POST request variables
mixed	$extensions	extension object or array of extensions objects
Zend_Controller_Response_Abstract	$response	an optional response object to perform HTTP or HTML form redirection

Returns: bool

setOpEndpoint ( $url )

Sets the OP Endpoint URL.

Parameters

string $url the OP Endpoint URL

Returns: null

Public Member Functions

Protected Member Functions

Constructor & Destructor Documentation

Member Function Documentation