File zp-extensions/federated_logon/Auth/OpenID/DumbStore.php

Packages

admin
classes
- media
CodeIgniter
- Libraries
core
functions
JSMin
None
OpenID
PHP
PHPMailer
plugins
- admin
- development
- feed
- mail
- media
- misc
- seo
- spam
- uploader
- users
- zenpage
- zenphoto
  - news
Services
- JSON
Classes

Exceptions

Functions

  1: <?php
  2: 
  3: /**
  4:  * This file supplies a dumb store backend for OpenID servers and
  5:  * consumers.
  6:  *
  7:  * PHP versions 4 and 5
  8:  *
  9:  * LICENSE: See the COPYING file included in this distribution.
 10:  *
 11:  * @package OpenID
 12:  * @author JanRain, Inc. <openid@janrain.com>
 13:  * @copyright 2005-2008 Janrain, Inc.
 14:  * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
 15:  */
 16: 
 17: /**
 18:  * Import the interface for creating a new store class.
 19:  */
 20: require_once 'Auth/OpenID/Interface.php';
 21: require_once 'Auth/OpenID/HMAC.php';
 22: 
 23: /**
 24:  * This is a store for use in the worst case, when you have no way of
 25:  * saving state on the consumer site. Using this store makes the
 26:  * consumer vulnerable to replay attacks, as it's unable to use
 27:  * nonces. Avoid using this store if it is at all possible.
 28:  *
 29:  * Most of the methods of this class are implementation details.
 30:  * Users of this class need to worry only about the constructor.
 31:  *
 32:  * @package OpenID
 33:  */
 34: class Auth_OpenID_DumbStore extends Auth_OpenID_OpenIDStore {
 35: 
 36:     /**
 37:      * Creates a new {@link Auth_OpenID_DumbStore} instance. For the security
 38:      * of the tokens generated by the library, this class attempts to
 39:      * at least have a secure implementation of getAuthKey.
 40:      *
 41:      * When you create an instance of this class, pass in a secret
 42:      * phrase. The phrase is hashed with sha1 to make it the correct
 43:      * length and form for an auth key. That allows you to use a long
 44:      * string as the secret phrase, which means you can make it very
 45:      * difficult to guess.
 46:      *
 47:      * Each {@link Auth_OpenID_DumbStore} instance that is created for use by
 48:      * your consumer site needs to use the same $secret_phrase.
 49:      *
 50:      * @param string secret_phrase The phrase used to create the auth
 51:      * key returned by getAuthKey
 52:      */
 53:     function Auth_OpenID_DumbStore($secret_phrase)
 54:     {
 55:         $this->auth_key = Auth_OpenID_SHA1($secret_phrase);
 56:     }
 57: 
 58:     /**
 59:      * This implementation does nothing.
 60:      */
 61:     function storeAssociation($server_url, $association)
 62:     {
 63:     }
 64: 
 65:     /**
 66:      * This implementation always returns null.
 67:      */
 68:     function getAssociation($server_url, $handle = null)
 69:     {
 70:         return null;
 71:     }
 72: 
 73:     /**
 74:      * This implementation always returns false.
 75:      */
 76:     function removeAssociation($server_url, $handle)
 77:     {
 78:         return false;
 79:     }
 80: 
 81:     /**
 82:      * In a system truly limited to dumb mode, nonces must all be
 83:      * accepted. This therefore always returns true, which makes
 84:      * replay attacks feasible.
 85:      */
 86:     function useNonce($server_url, $timestamp, $salt)
 87:     {
 88:         return true;
 89:     }
 90: 
 91:     /**
 92:      * This method returns the auth key generated by the constructor.
 93:      */
 94:     function getAuthKey()
 95:     {
 96:         return $this->auth_key;
 97:     }
 98: }
 99: 
100: