Auth_OpenID_DumbStore Class Reference

Inheritance diagram for Auth_OpenID_DumbStore:

[legend]

Collaboration diagram for Auth_OpenID_DumbStore:

[legend]

List of all members.

---

Detailed Description

This file supplies a dumb store backend for OpenID servers and consumers.

PHP versions 4 and 5

LICENSE: See the COPYING file included in this distribution.

Author:

JanRain, Inc. <[email protected]> 2005-2008 Janrain, Inc. http://www.apache.org/licenses/LICENSE-2.0 Apache Import the interface for creating a new store class. This is a store for use in the worst case, when you have no way of saving state on the consumer site. Using this store makes the consumer vulnerable to replay attacks, as it's unable to use nonces. Avoid using this store if it is at all possible.

Most of the methods of this class are implementation details. Users of this class need to worry only about the constructor.

Definition at line 34 of file DumbStore.php.

Public Member Functions
	Auth_OpenID_DumbStore ($secret_phrase)
	storeAssociation ($server_url, $association)
	getAssociation ($server_url, $handle=null)
	removeAssociation ($server_url, $handle)
	useNonce ($server_url, $timestamp, $salt)
	getAuthKey ()

---

Member Function Documentation

Auth_OpenID_DumbStore.Auth_OpenID_DumbStore

(

$

secret_phrase

)

Creates a new Auth_OpenID_DumbStore instance. For the security of the tokens generated by the library, this class attempts to at least have a secure implementation of getAuthKey.

When you create an instance of this class, pass in a secret phrase. The phrase is hashed with sha1 to make it the correct length and form for an auth key. That allows you to use a long string as the secret phrase, which means you can make it very difficult to guess.

Each Auth_OpenID_DumbStore instance that is created for use by your consumer site needs to use the same $secret_phrase.

Parameters:

string

secret_phrase The phrase used to create the auth key returned by getAuthKey

Definition at line 53 of file DumbStore.php.

Auth_OpenID_DumbStore.storeAssociation	(	$	server_url,
		$	association
	)

This implementation does nothing.

Reimplemented from Auth_OpenID_OpenIDStore.

Definition at line 61 of file DumbStore.php.

Auth_OpenID_DumbStore.getAssociation	(	$	server_url,
		$	handle = null
	)

This implementation always returns null.

Reimplemented from Auth_OpenID_OpenIDStore.

Definition at line 68 of file DumbStore.php.

Auth_OpenID_DumbStore.removeAssociation	(	$	server_url,
		$	handle
	)

This implementation always returns false.

Reimplemented from Auth_OpenID_OpenIDStore.

Definition at line 76 of file DumbStore.php.

Auth_OpenID_DumbStore.useNonce	(	$	server_url,
		$	timestamp,
		$	salt
	)

In a system truly limited to dumb mode, nonces must all be accepted. This therefore always returns true, which makes replay attacks feasible.

Reimplemented from Auth_OpenID_OpenIDStore.

Definition at line 86 of file DumbStore.php.

Auth_OpenID_DumbStore.getAuthKey

(

)

This method returns the auth key generated by the constructor.

Definition at line 94 of file DumbStore.php.

---

The documentation for this class was generated from the following file:

• core/openid/Auth/OpenID/DumbStore.php