PHP Class yii\authclient\OpenId

Supports Yadis and HTML discovery. Usage: ~~~ use yii\authclient\OpenId; $client = new OpenId(); $client->authUrl = 'https://open.id.provider.url'; // Setup provider endpoint $url = $client->buildAuthUrl(); // Get authentication URL return Yii::$app->getResponse()->redirect($url); // Redirect to authentication URL After user returns at our site: if ($client->validate()) { // validate response $userAttributes = $client->getUserAttributes(); // get account info ... } ~~~ AX and SREG extensions are supported. To use them, specify [[requiredAttributes]] and/or [[optionalAttributes]].
See also: http://openid.net/
Since: 2.0
Author: Paul Klimov ([email protected])
Inheritance: extends BaseClient, implements yii\authclient\ClientInterface
Datei anzeigen Open project: yiisoft/yii2-authclient Class Usage Examples

Public Properties

Property Type Description
$authUrl authentication base URL, which should be used to compose actual authentication URL by OpenId::buildAuthUrl method.
$axToSregMap map of matches between AX and SREG attribute names in format: axAttributeName => sregAttributeName
$cainfo the name of a file holding one or more certificates to verify the peer with. This value will take effect only if [[verifyPeer]] is set.
$capath directory that holds multiple CA certificates. This value will take effect only if [[verifyPeer]] is set.
$data data, which should be used to retrieve the OpenID response. If not set combination of GET and POST will be used.
$optionalAttributes list of attributes, which could be returned from server. Attribute names should be always specified in AX format. For example: php ['namePerson/first', 'namePerson/last']
$requiredAttributes list of attributes, which always should be returned from server. Attribute names should be always specified in AX format. For example: php ['namePerson/friendly', 'contact/email']
$verifyPeer whether to verify the peer's certificate.

Public Methods

Method Description
buildAuthUrl ( boolean $identifierSelect = null ) : string Returns authentication URL. Usually, you want to redirect your user to it.
discover ( string $url ) : array Performs Yadis and HTML discovery.
fetchAttributes ( ) : array Gets AX/SREG attributes provided by OP. Should be used only after successful validation.
getClaimedId ( ) : string
getReturnUrl ( ) : string
getTrustRoot ( ) : string
hostExists ( string $url ) : boolean Checks if the server specified in the url exists.
init ( )
setClaimedId ( string $claimedId )
setReturnUrl ( string $returnUrl )
setTrustRoot ( string $value )
validate ( boolean $validateRequiredAttributes = true ) : boolean Performs OpenID verification with the OP.

Protected Methods

Method Description
buildAuthUrlV1 ( array $serverInfo ) : string Builds authentication URL for the protocol version 1.
buildAuthUrlV2 ( array $serverInfo ) : string Builds authentication URL for the protocol version 2.
buildAxParams ( ) : array Composes AX request parameters.
buildSregParams ( ) : array Composes SREG request parameters.
buildUrl ( string $baseUrl, string | array $additionalUrl ) : string Combines given URLs into single one.
compareUrl ( string $expectedUrl, string $actualUrl ) : boolean Compares 2 URLs taking in account possible GET parameters order miss match and URL encoding inconsistencies.
defaultRequestOptions ( )
defaultReturnUrl ( ) : string Generates default [[returnUrl]] value.
extractHtmlTagValue ( string $content, string $tag, string $matchAttributeName, string $matchAttributeValue, string $valueAttributeName ) : string | boolean Scans content for / tags and extract information from them.
fetchAxAttributes ( ) : array Gets AX attributes provided by OP.
fetchSregAttributes ( ) : array Gets SREG attributes provided by OP. SREG names will be mapped to AX names.
initUserAttributes ( )
sendRequest ( string $url, string $method = 'GET', array $params = [] ) : array | string Sends request to the server
validateRequiredAttributes ( ) : boolean Checks if all required attributes are present in the server response.

Method Details

buildAuthUrl() public method

Returns authentication URL. Usually, you want to redirect your user to it.
public buildAuthUrl ( boolean $identifierSelect = null ) : string
$identifierSelect boolean whether to request OP to select identity for an user in OpenID 2, does not affect OpenID 1.
return string the authentication URL.

buildAuthUrlV1() protected method

Builds authentication URL for the protocol version 1.
protected buildAuthUrlV1 ( array $serverInfo ) : string
$serverInfo array OpenID server info.
return string authentication URL.

buildAuthUrlV2() protected method

Builds authentication URL for the protocol version 2.
protected buildAuthUrlV2 ( array $serverInfo ) : string
$serverInfo array OpenID server info.
return string authentication URL.

buildAxParams() protected method

Composes AX request parameters.
protected buildAxParams ( ) : array
return array AX parameters.

buildSregParams() protected method

Composes SREG request parameters.
protected buildSregParams ( ) : array
return array SREG parameters.

buildUrl() protected method

Combines given URLs into single one.
protected buildUrl ( string $baseUrl, string | array $additionalUrl ) : string
$baseUrl string base URL.
$additionalUrl string | array additional URL string or information array.
return string composed URL.

compareUrl() protected method

Compares 2 URLs taking in account possible GET parameters order miss match and URL encoding inconsistencies.
protected compareUrl ( string $expectedUrl, string $actualUrl ) : boolean
$expectedUrl string expected URL.
$actualUrl string actual URL.
return boolean whether URLs are equal.

defaultRequestOptions() protected method

protected defaultRequestOptions ( )

defaultReturnUrl() protected method

Generates default [[returnUrl]] value.
protected defaultReturnUrl ( ) : string
return string default authentication return URL.

discover() public method

Performs Yadis and HTML discovery.
public discover ( string $url ) : array
$url string Identity URL.
return array OpenID provider info, following keys will be available: - url: string, OP Endpoint (i.e. OpenID provider address). - version: int, OpenID protocol version used by provider. - identity: string, identity value. - identifier_select: bool, whether to request OP to select identity for an user in OpenID 2, does not affect OpenID 1. - ax: bool, whether AX attributes should be used. - sreg: bool, whether SREG attributes should be used.

extractHtmlTagValue() protected method

Scans content for / tags and extract information from them.
protected extractHtmlTagValue ( string $content, string $tag, string $matchAttributeName, string $matchAttributeValue, string $valueAttributeName ) : string | boolean
$content string HTML content to be be parsed.
$tag string name of the source tag.
$matchAttributeName string name of the source tag attribute, which should contain $matchAttributeValue
$matchAttributeValue string required value of $matchAttributeName
$valueAttributeName string name of the source tag attribute, which should contain searched value.
return string | boolean searched value, "false" on failure.

fetchAttributes() public method

Note that it does not guarantee that any of the required/optional parameters will be present, or that there will be no other attributes besides those specified. In other words. OP may provide whatever information it wants to. SREG names will be mapped to AX names.
See also: http://www.axschema.org/types/
public fetchAttributes ( ) : array
return array array of attributes with keys being the AX schema names, e.g. 'contact/email'

fetchAxAttributes() protected method

Gets AX attributes provided by OP.
protected fetchAxAttributes ( ) : array
return array array of attributes.

fetchSregAttributes() protected method

Gets SREG attributes provided by OP. SREG names will be mapped to AX names.
protected fetchSregAttributes ( ) : array
return array array of attributes with keys being the AX schema names, e.g. 'contact/email'

getClaimedId() public method

public getClaimedId ( ) : string
return string claimed identifier (identity).

getReturnUrl() public method

public getReturnUrl ( ) : string
return string authentication return URL.

getTrustRoot() public method

public getTrustRoot ( ) : string
return string client trust root (realm).

hostExists() public method

Checks if the server specified in the url exists.
public hostExists ( string $url ) : boolean
$url string URL to check
return boolean true, if the server exists; false otherwise

init() public method

public init ( )

initUserAttributes() protected method

protected initUserAttributes ( )

sendRequest() protected method

Sends request to the server
protected sendRequest ( string $url, string $method = 'GET', array $params = [] ) : array | string
$url string request URL.
$method string request method.
$params array request parameters.
return array | string response.

setClaimedId() public method

public setClaimedId ( string $claimedId )
$claimedId string claimed identifier (identity).

setReturnUrl() public method

public setReturnUrl ( string $returnUrl )
$returnUrl string authentication return URL.

setTrustRoot() public method

public setTrustRoot ( string $value )
$value string client trust root (realm).

validate() public method

Performs OpenID verification with the OP.
public validate ( boolean $validateRequiredAttributes = true ) : boolean
$validateRequiredAttributes boolean whether to validate required attributes.
return boolean whether the verification was successful.

validateRequiredAttributes() protected method

Checks if all required attributes are present in the server response.
protected validateRequiredAttributes ( ) : boolean
return boolean whether all required attributes are present.

Property Details

$authUrl public_oe property

authentication base URL, which should be used to compose actual authentication URL by OpenId::buildAuthUrl method.
public $authUrl

$axToSregMap public_oe property

map of matches between AX and SREG attribute names in format: axAttributeName => sregAttributeName
public $axToSregMap

$cainfo public_oe property

the name of a file holding one or more certificates to verify the peer with. This value will take effect only if [[verifyPeer]] is set.
public $cainfo

$capath public_oe property

directory that holds multiple CA certificates. This value will take effect only if [[verifyPeer]] is set.
public $capath

$data public_oe property

data, which should be used to retrieve the OpenID response. If not set combination of GET and POST will be used.
public $data

$optionalAttributes public_oe property

list of attributes, which could be returned from server. Attribute names should be always specified in AX format. For example: php ['namePerson/first', 'namePerson/last']
public $optionalAttributes

$requiredAttributes public_oe property

list of attributes, which always should be returned from server. Attribute names should be always specified in AX format. For example: php ['namePerson/friendly', 'contact/email']
public $requiredAttributes

$verifyPeer public_oe property

whether to verify the peer's certificate.
public $verifyPeer