<?php /** * Zend Framework * * LICENSE * * This source file is subject to the new BSD license that is bundled * with this package in the file LICENSE.txt. * It is also available through the world-wide-web at this URL: * http://framework.zend.com/license/new-bsd * If you did not receive a copy of the license and are unable to * obtain it through the world-wide-web, please send an email * to license@zend.com so we can send you a copy immediately. * * @category Zend * @package Zend_Auth * @subpackage Zend_Auth_Adapter * @copyright Copyright (c) 2005-2011 Zend Technologies USA Inc. (http://www.zend.com) * @license http://framework.zend.com/license/new-bsd New BSD License * @version $Id$ */ /** * @see Zend_Auth_Adapter_Interface */ require_once 'Zend/Auth/Adapter/Interface.php'; /** * @see Zend_OpenId_Consumer */ require_once 'Zend/OpenId/Consumer.php'; /** * A Zend_Auth Authentication Adapter allowing the use of OpenID protocol as an * authentication mechanism * * @category Zend * @package Zend_Auth * @subpackage Zend_Auth_Adapter * @copyright Copyright (c) 2005-2011 Zend Technologies USA Inc. (http://www.zend.com) * @license http://framework.zend.com/license/new-bsd New BSD License */ class Zend_Auth_Adapter_OpenId implements Zend_Auth_Adapter_Interface { /** * The identity value being authenticated * * @var string */ private $_id = null; /** * Reference to an implementation of a storage object * * @var Zend_OpenId_Consumer_Storage */ private $_storage = null; /** * The URL to redirect response from server to * * @var string */ private $_returnTo = null; /** * The HTTP URL to identify consumer on server * * @var string */ private $_root = null; /** * Extension object or array of extensions objects * * @var string */ private $_extensions = null; /** * The response object to perform HTTP or HTML form redirection * * @var Zend_Controller_Response_Abstract */ private $_response = null; /** * Enables or disables interaction with user during authentication on * OpenID provider. * * @var bool */ private $_check_immediate = false; /** * HTTP client to make HTTP requests * * @var Zend_Http_Client $_httpClient */ private $_httpClient = null; /** * Constructor * * @param string $id the identity value * @param Zend_OpenId_Consumer_Storage $storage an optional implementation * of a storage object * @param string $returnTo HTTP URL to redirect response from server to * @param string $root HTTP URL to identify consumer on server * @param mixed $extensions extension object or array of extensions objects * @param Zend_Controller_Response_Abstract $response an optional response * object to perform HTTP or HTML form redirection * @return void */ public function __construct($id = null, Zend_OpenId_Consumer_Storage $storage = null, $returnTo = null, $root = null, $extensions = null, Zend_Controller_Response_Abstract $response = null) { $this->_id = $id; $this->_storage = $storage; $this->_returnTo = $returnTo; $this->_root = $root; $this->_extensions = $extensions; $this->_response = $response; } /** * Sets the value to be used as the identity * * @param string $id the identity value * @return Zend_Auth_Adapter_OpenId Provides a fluent interface */ public function setIdentity($id) { $this->_id = $id; return $this; } /** * Sets the storage implementation which will be use by OpenId * * @param Zend_OpenId_Consumer_Storage $storage * @return Zend_Auth_Adapter_OpenId Provides a fluent interface */ public function setStorage(Zend_OpenId_Consumer_Storage $storage) { $this->_storage = $storage; return $this; } /** * Sets the HTTP URL to redirect response from server to * * @param string $returnTo * @return Zend_Auth_Adapter_OpenId Provides a fluent interface */ public function setReturnTo($returnTo) { $this->_returnTo = $returnTo; return $this; } /** * Sets HTTP URL to identify consumer on server * * @param string $root * @return Zend_Auth_Adapter_OpenId Provides a fluent interface */ public function setRoot($root) { $this->_root = $root; return $this; } /** * Sets OpenID extension(s) * * @param mixed $extensions * @return Zend_Auth_Adapter_OpenId Provides a fluent interface */ public function setExtensions($extensions) { $this->_extensions = $extensions; return $this; } /** * Sets an optional response object to perform HTTP or HTML form redirection * * @param string $root * @return Zend_Auth_Adapter_OpenId Provides a fluent interface */ public function setResponse($response) { $this->_response = $response; return $this; } /** * Enables or disables interaction with user during authentication on * OpenID provider. * * @param bool $check_immediate * @return Zend_Auth_Adapter_OpenId Provides a fluent interface */ public function setCheckImmediate($check_immediate) { $this->_check_immediate = $check_immediate; return $this; } /** * Sets HTTP client object to make HTTP requests * * @param Zend_Http_Client $client HTTP client object to be used */ public function setHttpClient($client) { $this->_httpClient = $client; } /** * Authenticates the given OpenId identity. * Defined by Zend_Auth_Adapter_Interface. * * @throws Zend_Auth_Adapter_Exception If answering the authentication query is impossible * @return Zend_Auth_Result */ public function authenticate() { $id = $this->_id; if (!empty($id)) { $consumer = new Zend_OpenId_Consumer($this->_storage); $consumer->setHttpClient($this->_httpClient); /* login() is never returns on success */ if (!$this->_check_immediate) { if (!$consumer->login($id, $this->_returnTo, $this->_root, $this->_extensions, $this->_response)) { return new Zend_Auth_Result( Zend_Auth_Result::FAILURE, $id, array("Authentication failed", $consumer->getError())); } } else { if (!$consumer->check($id, $this->_returnTo, $this->_root, $this->_extensions, $this->_response)) { return new Zend_Auth_Result( Zend_Auth_Result::FAILURE, $id, array("Authentication failed", $consumer->getError())); } } } else { $params = (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD']=='POST') ? $_POST: $_GET; $consumer = new Zend_OpenId_Consumer($this->_storage); $consumer->setHttpClient($this->_httpClient); if ($consumer->verify( $params, $id, $this->_extensions)) { return new Zend_Auth_Result( Zend_Auth_Result::SUCCESS, $id, array("Authentication successful")); } else { return new Zend_Auth_Result( Zend_Auth_Result::FAILURE, $id, array("Authentication failed", $consumer->getError())); } } } }