|
1 <?php |
|
2 /** |
|
3 * Zend Framework |
|
4 * |
|
5 * LICENSE |
|
6 * |
|
7 * This source file is subject to the new BSD license that is bundled |
|
8 * with this package in the file LICENSE.txt. |
|
9 * It is also available through the world-wide-web at this URL: |
|
10 * http://framework.zend.com/license/new-bsd |
|
11 * If you did not receive a copy of the license and are unable to |
|
12 * obtain it through the world-wide-web, please send an email |
|
13 * to license@zend.com so we can send you a copy immediately. |
|
14 * |
|
15 * @category Zend |
|
16 * @package Zend_Auth |
|
17 * @subpackage Zend_Auth_Adapter |
|
18 * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) |
|
19 * @license http://framework.zend.com/license/new-bsd New BSD License |
|
20 * @version $Id: OpenId.php 20096 2010-01-06 02:05:09Z bkarwin $ |
|
21 */ |
|
22 |
|
23 |
|
24 /** |
|
25 * @see Zend_Auth_Adapter_Interface |
|
26 */ |
|
27 require_once 'Zend/Auth/Adapter/Interface.php'; |
|
28 |
|
29 |
|
30 /** |
|
31 * @see Zend_OpenId_Consumer |
|
32 */ |
|
33 require_once 'Zend/OpenId/Consumer.php'; |
|
34 |
|
35 |
|
36 /** |
|
37 * A Zend_Auth Authentication Adapter allowing the use of OpenID protocol as an |
|
38 * authentication mechanism |
|
39 * |
|
40 * @category Zend |
|
41 * @package Zend_Auth |
|
42 * @subpackage Zend_Auth_Adapter |
|
43 * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) |
|
44 * @license http://framework.zend.com/license/new-bsd New BSD License |
|
45 */ |
|
46 class Zend_Auth_Adapter_OpenId implements Zend_Auth_Adapter_Interface |
|
47 { |
|
48 /** |
|
49 * The identity value being authenticated |
|
50 * |
|
51 * @var string |
|
52 */ |
|
53 private $_id = null; |
|
54 |
|
55 /** |
|
56 * Reference to an implementation of a storage object |
|
57 * |
|
58 * @var Zend_OpenId_Consumer_Storage |
|
59 */ |
|
60 private $_storage = null; |
|
61 |
|
62 /** |
|
63 * The URL to redirect response from server to |
|
64 * |
|
65 * @var string |
|
66 */ |
|
67 private $_returnTo = null; |
|
68 |
|
69 /** |
|
70 * The HTTP URL to identify consumer on server |
|
71 * |
|
72 * @var string |
|
73 */ |
|
74 private $_root = null; |
|
75 |
|
76 /** |
|
77 * Extension object or array of extensions objects |
|
78 * |
|
79 * @var string |
|
80 */ |
|
81 private $_extensions = null; |
|
82 |
|
83 /** |
|
84 * The response object to perform HTTP or HTML form redirection |
|
85 * |
|
86 * @var Zend_Controller_Response_Abstract |
|
87 */ |
|
88 private $_response = null; |
|
89 |
|
90 /** |
|
91 * Enables or disables interaction with user during authentication on |
|
92 * OpenID provider. |
|
93 * |
|
94 * @var bool |
|
95 */ |
|
96 private $_check_immediate = false; |
|
97 |
|
98 /** |
|
99 * HTTP client to make HTTP requests |
|
100 * |
|
101 * @var Zend_Http_Client $_httpClient |
|
102 */ |
|
103 private $_httpClient = null; |
|
104 |
|
105 /** |
|
106 * Constructor |
|
107 * |
|
108 * @param string $id the identity value |
|
109 * @param Zend_OpenId_Consumer_Storage $storage an optional implementation |
|
110 * of a storage object |
|
111 * @param string $returnTo HTTP URL to redirect response from server to |
|
112 * @param string $root HTTP URL to identify consumer on server |
|
113 * @param mixed $extensions extension object or array of extensions objects |
|
114 * @param Zend_Controller_Response_Abstract $response an optional response |
|
115 * object to perform HTTP or HTML form redirection |
|
116 * @return void |
|
117 */ |
|
118 public function __construct($id = null, |
|
119 Zend_OpenId_Consumer_Storage $storage = null, |
|
120 $returnTo = null, |
|
121 $root = null, |
|
122 $extensions = null, |
|
123 Zend_Controller_Response_Abstract $response = null) { |
|
124 $this->_id = $id; |
|
125 $this->_storage = $storage; |
|
126 $this->_returnTo = $returnTo; |
|
127 $this->_root = $root; |
|
128 $this->_extensions = $extensions; |
|
129 $this->_response = $response; |
|
130 } |
|
131 |
|
132 /** |
|
133 * Sets the value to be used as the identity |
|
134 * |
|
135 * @param string $id the identity value |
|
136 * @return Zend_Auth_Adapter_OpenId Provides a fluent interface |
|
137 */ |
|
138 public function setIdentity($id) |
|
139 { |
|
140 $this->_id = $id; |
|
141 return $this; |
|
142 } |
|
143 |
|
144 /** |
|
145 * Sets the storage implementation which will be use by OpenId |
|
146 * |
|
147 * @param Zend_OpenId_Consumer_Storage $storage |
|
148 * @return Zend_Auth_Adapter_OpenId Provides a fluent interface |
|
149 */ |
|
150 public function setStorage(Zend_OpenId_Consumer_Storage $storage) |
|
151 { |
|
152 $this->_storage = $storage; |
|
153 return $this; |
|
154 } |
|
155 |
|
156 /** |
|
157 * Sets the HTTP URL to redirect response from server to |
|
158 * |
|
159 * @param string $returnTo |
|
160 * @return Zend_Auth_Adapter_OpenId Provides a fluent interface |
|
161 */ |
|
162 public function setReturnTo($returnTo) |
|
163 { |
|
164 $this->_returnTo = $returnTo; |
|
165 return $this; |
|
166 } |
|
167 |
|
168 /** |
|
169 * Sets HTTP URL to identify consumer on server |
|
170 * |
|
171 * @param string $root |
|
172 * @return Zend_Auth_Adapter_OpenId Provides a fluent interface |
|
173 */ |
|
174 public function setRoot($root) |
|
175 { |
|
176 $this->_root = $root; |
|
177 return $this; |
|
178 } |
|
179 |
|
180 /** |
|
181 * Sets OpenID extension(s) |
|
182 * |
|
183 * @param mixed $extensions |
|
184 * @return Zend_Auth_Adapter_OpenId Provides a fluent interface |
|
185 */ |
|
186 public function setExtensions($extensions) |
|
187 { |
|
188 $this->_extensions = $extensions; |
|
189 return $this; |
|
190 } |
|
191 |
|
192 /** |
|
193 * Sets an optional response object to perform HTTP or HTML form redirection |
|
194 * |
|
195 * @param string $root |
|
196 * @return Zend_Auth_Adapter_OpenId Provides a fluent interface |
|
197 */ |
|
198 public function setResponse($response) |
|
199 { |
|
200 $this->_response = $response; |
|
201 return $this; |
|
202 } |
|
203 |
|
204 /** |
|
205 * Enables or disables interaction with user during authentication on |
|
206 * OpenID provider. |
|
207 * |
|
208 * @param bool $check_immediate |
|
209 * @return Zend_Auth_Adapter_OpenId Provides a fluent interface |
|
210 */ |
|
211 public function setCheckImmediate($check_immediate) |
|
212 { |
|
213 $this->_check_immediate = $check_immediate; |
|
214 return $this; |
|
215 } |
|
216 |
|
217 /** |
|
218 * Sets HTTP client object to make HTTP requests |
|
219 * |
|
220 * @param Zend_Http_Client $client HTTP client object to be used |
|
221 */ |
|
222 public function setHttpClient($client) { |
|
223 $this->_httpClient = $client; |
|
224 } |
|
225 |
|
226 /** |
|
227 * Authenticates the given OpenId identity. |
|
228 * Defined by Zend_Auth_Adapter_Interface. |
|
229 * |
|
230 * @throws Zend_Auth_Adapter_Exception If answering the authentication query is impossible |
|
231 * @return Zend_Auth_Result |
|
232 */ |
|
233 public function authenticate() { |
|
234 $id = $this->_id; |
|
235 if (!empty($id)) { |
|
236 $consumer = new Zend_OpenId_Consumer($this->_storage); |
|
237 $consumer->setHttpClient($this->_httpClient); |
|
238 /* login() is never returns on success */ |
|
239 if (!$this->_check_immediate) { |
|
240 if (!$consumer->login($id, |
|
241 $this->_returnTo, |
|
242 $this->_root, |
|
243 $this->_extensions, |
|
244 $this->_response)) { |
|
245 return new Zend_Auth_Result( |
|
246 Zend_Auth_Result::FAILURE, |
|
247 $id, |
|
248 array("Authentication failed", $consumer->getError())); |
|
249 } |
|
250 } else { |
|
251 if (!$consumer->check($id, |
|
252 $this->_returnTo, |
|
253 $this->_root, |
|
254 $this->_extensions, |
|
255 $this->_response)) { |
|
256 return new Zend_Auth_Result( |
|
257 Zend_Auth_Result::FAILURE, |
|
258 $id, |
|
259 array("Authentication failed", $consumer->getError())); |
|
260 } |
|
261 } |
|
262 } else { |
|
263 $params = (isset($_SERVER['REQUEST_METHOD']) && |
|
264 $_SERVER['REQUEST_METHOD']=='POST') ? $_POST: $_GET; |
|
265 $consumer = new Zend_OpenId_Consumer($this->_storage); |
|
266 $consumer->setHttpClient($this->_httpClient); |
|
267 if ($consumer->verify( |
|
268 $params, |
|
269 $id, |
|
270 $this->_extensions)) { |
|
271 return new Zend_Auth_Result( |
|
272 Zend_Auth_Result::SUCCESS, |
|
273 $id, |
|
274 array("Authentication successful")); |
|
275 } else { |
|
276 return new Zend_Auth_Result( |
|
277 Zend_Auth_Result::FAILURE, |
|
278 $id, |
|
279 array("Authentication failed", $consumer->getError())); |
|
280 } |
|
281 } |
|
282 } |
|
283 |
|
284 } |