Source code for file /openid/Auth/OpenID/SReg.php
Documentation is available at SReg.php
* Simple registration request and response parsing and object * This module contains objects representing simple registration * requests and responses that can be used with both OpenID relying * parties and OpenID providers. * 1. The relying party creates a request object and adds it to the * {@link Auth_OpenID_AuthRequest} object before making the * checkid request to the OpenID provider: * $sreg_req = Auth_OpenID_SRegRequest::build(array('email')); * $auth_request->addExtension($sreg_req); * 2. The OpenID provider extracts the simple registration request * from the OpenID request using {@link } * Auth_OpenID_SRegRequest::fromOpenIDRequest}, gets the user's * approval and data, creates an {@link Auth_OpenID_SRegResponse} * object and adds it to the id_res response: * $sreg_req = Auth_OpenID_SRegRequest::fromOpenIDRequest( * // [ get the user's approval and data, informing the user that * // the fields in sreg_response were requested ] * $sreg_resp = Auth_OpenID_SRegResponse::extractResponse( * $sreg_req, $user_data); * $sreg_resp->toMessage($openid_response->fields); * 3. The relying party uses {@link } * Auth_OpenID_SRegResponse::fromSuccessResponse} to extract the data * from the OpenID response: * $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse( // Do not allow direct access defined( '_JEXEC' ) or die( 'Restricted access' ); * Import message and extension internals. require_once 'Auth/OpenID/Message.php'; require_once 'Auth/OpenID/Extension.php'; // The data fields that are listed in the sreg spec global $Auth_OpenID_sreg_data_fields; $Auth_OpenID_sreg_data_fields =
array( 'fullname' =>
'Full Name', 'nickname' =>
'Nickname', 'dob' =>
'Date of Birth', 'email' =>
'E-mail Address', 'postcode' =>
'Postal Code', 'language' =>
'Language', 'timezone' =>
'Time Zone'); * Check to see that the given value is a valid simple registration * data field name. Return true if so, false if not. global $Auth_OpenID_sreg_data_fields; // URI used in the wild for Yadis documents advertising simple define('Auth_OpenID_SREG_NS_URI_1_0', 'http://openid.net/sreg/1.0'); // URI in the draft specification for simple registration 1.1 // <http://openid.net/specs/openid-simple-registration-extension-1_1-01.html> define('Auth_OpenID_SREG_NS_URI_1_1', 'http://openid.net/extensions/sreg/1.1'); // This attribute will always hold the preferred URI to use when // adding sreg support to an XRDS file or in an OpenID namespace define('Auth_OpenID_SREG_NS_URI', Auth_OpenID_SREG_NS_URI_1_1); * Does the given endpoint advertise support for simple * $endpoint: The endpoint object as returned by OpenID discovery. * returns whether an sreg type was advertised by the endpoint * A base class for classes dealing with Simple Registration protocol * Extract the simple registration namespace URI from the given * OpenID message. Handles OpenID 1 and 2, as well as both sreg * namespace URIs found in the wild, as well as missing namespace * definitions (for OpenID 1) * $message: The OpenID message from which to parse simple * registration fields. This may be a request or response message. * Returns the sreg namespace URI for the supplied message. The * message may be modified to define a simple registration function _getSRegNS(&$message) // See if there exists an alias for one of the two defined // simple registration types. $alias =
$message->namespaces->getAlias($sreg_ns_uri); $found_ns_uri =
$sreg_ns_uri; // There is no alias for either of the types, so try to // add one. We default to using the modern value (1.1) // An alias for the string 'sreg' already exists, but // it's defined for something other than simple * An object to hold the state of a simple registration request. * required: A list of the required fields in this simple registration * optional: A list of the optional fields in this simple registration * Initialize an empty simple registration request. function build($required=
null, $optional=
null, $sreg_ns_uri=
Auth_OpenID_SREG_NS_URI, $cls=
'Auth_OpenID_SRegRequest') $obj->required =
array(); $obj->optional =
array(); $obj->policy_url =
$policy_url; $obj->ns_uri =
$sreg_ns_uri; if (!$obj->requestFields($required, true, true)) { if (!$obj->requestFields($optional, false, true)) { * Create a simple registration request that contains the fields * that were requested in the OpenID request with the given * $request: The OpenID authentication request from which to * extract an sreg request. * $cls: name of class to use when creating sreg request object. * Returns the newly created simple registration request // Since we're going to mess with namespace URI mapping, don't // mutate the object that was passed in. $obj->ns_uri =
$obj->_getSRegNS($m); $args =
$m->getArgs($obj->ns_uri); if ($args ===
null ||
Auth_OpenID::isFailure($args)) { $obj->parseExtensionArgs($args); * Parse the unqualified simple registration request parameters * and add them to this object. * This method is essentially the inverse of * getExtensionArgs. This method restores the serialized simple * registration request fields. * If you are extracting arguments from a standard OpenID * checkid_* request, you probably want to use fromOpenIDRequest, * which will extract the sreg namespace and arguments from the * OpenID request. This method is intended for cases where the * OpenID server needs more control over how the arguments are * parsed than that method provides. * $args == $message->getArgs($ns_uri); * $request->parseExtensionArgs($args); * $args: The unqualified simple registration arguments * strict: Whether requests with fields that are not defined in * the simple registration specification should be tolerated (and foreach (array('required', 'optional') as $list_name) { $required =
($list_name ==
'required'); $items =
Auth_OpenID::arrayGet($args, $list_name); foreach (explode(',', $items) as $field_name) { if (!$this->requestField($field_name, $required, $strict)) { $this->policy_url =
Auth_OpenID::arrayGet($args, 'policy_url'); * A list of all of the simple registration fields that were * requested, whether they were required or optional. * Have any simple registration fields been requested? * Was this field in the request? return (in_array($field_name, $this->required) ||
in_array($field_name, $this->optional)); * Request the specified field from the OpenID user * $field_name: the unqualified simple registration field name * required: whether the given field should be presented to the * user as being a required to successfully complete the request * strict: whether to raise an exception when a field is added to * a request more than once $required=
false, $strict=
false) if (in_array($field_name, $this->required)) { if (in_array($field_name, $this->optional)) { $this->required[] =
$field_name; $this->optional[] =
$field_name; * Add the given list of fields to the request * field_names: The simple registration data fields to request * required: Whether these values should be presented to the user * strict: whether to raise an exception when a field is added to * a request more than once function requestFields($field_names, $required=
false, $strict=
false) foreach ($field_names as $field_name) { if (!$this->requestField($field_name, $required, $strict=
$strict)) { * Get a dictionary of unqualified simple registration arguments * representing this request. * This method is essentially the inverse of * C{L{parseExtensionArgs}}. This method serializes the simple * registration request fields. $args['required'] =
implode(',', $this->required); $args['optional'] =
implode(',', $this->optional); $args['policy_url'] =
$this->policy_url; * Represents the data returned in a simple registration response * inside of an OpenID C{id_res} response. This object will be created * by the OpenID server, added to the C{id_res} response object, and * then extracted from the C{id_res} message by the Consumer. $sreg_ns_uri=
Auth_OpenID_SREG_NS_URI) * Take a C{L{SRegRequest}} and a dictionary of simple * registration values and create a C{L{SRegResponse}} object * request: The simple registration request object * data: The simple registration data for this response, as a * dictionary from unqualified simple registration field name to * string (unicode) value. For instance, the nickname should be * stored under the key 'nickname'. $obj->ns_uri =
$request->ns_uri; foreach ($request->allRequestedFields() as $field) { $value =
Auth_OpenID::arrayGet($data, $field); $obj->data[$field] =
$value; * Create a C{L{SRegResponse}} object from a successful OpenID * (C{L{openid.consumer.consumer.SuccessResponse}}) response * success_response: A SuccessResponse from consumer.complete() * signed_only: Whether to process only data that was * signed in the id_res message from the server. * Returns a simple registration response containing the data that * was supplied with the C{id_res} response. global $Auth_OpenID_sreg_data_fields; $obj->ns_uri =
$obj->_getSRegNS($success_response->message); $args =
$success_response->getSignedNS($obj->ns_uri); $args =
$success_response->message->getArgs($obj->ns_uri); if ($args ===
null ||
Auth_OpenID::isFailure($args)) { foreach ($Auth_OpenID_sreg_data_fields as $field_name =>
$desc) { $obj->data[$field_name] =
$args[$field_name]; // Read-only dictionary interface function get($field_name, $default=
null) return Auth_OpenID::arrayGet($this->data, $field_name, $default);
