\LightOpenID
This class provides a simple interface for OpenID (1.1 and 2.0) authentication.
Supports Yadis discovery.
The authentication process is stateless/dumb.
Usage:
Sign-on with OpenID is a two step process:
Step one is authentication with the provider:
<code>
$openid = new LightOpenID('my-host.example.org');
$openid->identity = 'ID supplied by user';
header('Location: ' . $openid->authUrl());
</code>
The provider then sends various parameters via GET, one of them is openid_mode.
Step two is verification:
<code>
$openid = new LightOpenID('my-host.example.org');
if ($openid->mode) {
echo $openid->validate() ? 'Logged in.' : 'Failed';
}
</code>
Change the 'my-host.example.org' to your domain name. Do NOT use $_SERVER['HTTP_HOST']
for that, unless you know what you are doing.
Optionally, you can set $returnUrl and $realm (or $trustRoot, which is an alias).
The default values for those are:
$openid->realm = (!empty($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'];
$openid->returnUrl = $openid->realm . $_SERVER['REQUEST_URI'];
If you don't know their meaning, refer to any openid tutorial, or specification. Or just guess.
AX and SREG extensions are supported.
To use them, specify $openid->required and/or $openid->optional before calling $openid->authUrl().
These are arrays, with values being AX schema paths (the 'path' part of the URL).
For example:
$openid->required = array('namePerson/friendly', 'contact/email');
$openid->optional = array('namePerson/first');
If the server supports only SREG or OpenID 1.1, these are automaticaly
mapped to SREG names, so that user doesn't have to know anything about the server.
To get the values, use $openid->getAttributes().
The library requires PHP >= 5.1.2 with curl or http/https stream wrappers enabled.
- Author: Mewp
- Copyright: Copyright (c) 2010, Mewp
- License: http://www.opensource.org/licenses/mit-license.php MIT
Synopsis
- // members
- public $returnUrl;
- private $identity;
- protected $server;
- protected static array $ax_to_sreg = ;
- // methods
- public void __construct()
- public void __set()
- public void __get()
- public true hostExists()
- protected void request_curl()
- protected void parse_header_array()
- protected void request_streams()
- protected void request()
- protected void build_url()
- protected void htmlTag()
- public String discover()
- protected void sregParams()
- protected void axParams()
- protected void langParams()
- protected void authUrl_v1()
- protected void authUrl_v2()
- public String authUrl()
- public Bool validate()
- protected void getAxAttributes()
- protected void getSregAttributes()
- public void getAttributes()
Members
private
- $identity
protected
- $ax_to_sreg
- $server
public
- $returnUrl
Methods
protected
- authUrl_v1()
- authUrl_v2()
- axParams()
- build_url()
- getAxAttributes()
- getSregAttributes()
- htmlTag() — Helper function used to scan for <meta>/<link> tags and extract information from them
- langParams()
- parse_header_array()
- request()
- request_curl()
- request_streams()
- sregParams()
public
- __construct()
- __get()
- __set()
- authUrl() — Returns authentication url. Usually, you want to redirect your user to it.
- discover() — Performs Yadis and HTML discovery. Normally not used.
- getAttributes() — Gets AX/SREG attributes provided by OP. should be used only after successful validaton.
- hostExists() — Checks if the server specified in the url exists.
- validate() — Performs OpenID verification with the OP.