Class Auth_OpenID_DumbStore
This is a store for use in the worst case, when you have no way of
saving state on the consumer site. Using this store makes the
consumer vulnerable to replay attacks, as it's unable to use
nonces. Avoid using this store if it is at all possible.
Most of the methods of this class are implementation details.
Users of this class need to worry only about the constructor.
-
Auth_OpenID_OpenIDStore
-
Auth_OpenID_DumbStore
Methods summary
public
|
#
Auth_OpenID_DumbStore( string $secret_phrase )
Creates a new Auth_OpenID_DumbStore instance. For the security
of the tokens generated by the library, this class attempts to
at least have a secure implementation of getAuthKey.
Creates a new Auth_OpenID_DumbStore instance. For the security
of the tokens generated by the library, this class attempts to
at least have a secure implementation of getAuthKey.
When you create an instance of this class, pass in a secret
phrase. The phrase is hashed with sha1 to make it the correct
length and form for an auth key. That allows you to use a long
string as the secret phrase, which means you can make it very
difficult to guess.
Each Auth_OpenID_DumbStore instance that is created for use by
your consumer site needs to use the same $secret_phrase.
Parameters
- $secret_phrase
The phrase used to create the auth
key returned by getAuthKey
|
public
|
#
storeAssociation( string $server_url, Association $association )
This implementation does nothing.
This implementation does nothing.
Parameters
- $server_url
The URL of the identity server that
this association is with. Because of the way the server portion
of the library uses this interface, don't assume there are any
limitations on the character set of the input string. In
particular, expect to see unescaped non-url-safe characters in
the server_url field. - $association
- The Association to store.
Overrides
|
public
Association
|
#
getAssociation( string $server_url, mixed $handle = null )
This implementation always returns null.
This implementation always returns null.
Parameters
- $server_url
The URL of the identity server to get
the association for. Because of the way the server portion of
the library uses this interface, don't assume there are any
limitations on the character set of the input string. In
particular, expect to see unescaped non-url-safe characters in
the server_url field. - $handle
This optional parameter is the handle of
the specific association to get. If no specific handle is
provided, any valid association matching the server URL is
returned. Returns
Association The Association for the given identity
server.
Overrides
|
public
mixed
|
#
removeAssociation( string $server_url, string $handle )
This implementation always returns false.
This implementation always returns false.
Parameters
- $server_url
The URL of the identity server the
association to remove belongs to. Because of the way the server
portion of the library uses this interface, don't assume there
are any limitations on the character set of the input
string. In particular, expect to see unescaped non-url-safe
characters in the server_url field. - $handle
This is the handle of the association to
remove. If there isn't an association found that matches both
the given URL and handle, then there was no matching handle
found. Returns
mixed
Returns whether or not the given association existed.
Overrides
|
public
boolean
|
#
useNonce( string $server_url, $timestamp, $salt )
In a system truly limited to dumb mode, nonces must all be
accepted. This therefore always returns true, which makes
replay attacks feasible.
In a system truly limited to dumb mode, nonces must all be
accepted. This therefore always returns true, which makes
replay attacks feasible.
Parameters
- $server_url
- $nonce The nonce to use.
- $timestamp
- $salt
Returns
boolean
Whether or not the nonce was valid.
Overrides
|
public
|
#
getAuthKey( )
This method returns the auth key generated by the constructor.
This method returns the auth key generated by the constructor.
|