TYPO3 API  SVNRelease
DumbStore.php
Go to the documentation of this file.
00001 <?php
00002 
00003 /**
00004  * This file supplies a dumb store backend for OpenID servers and
00005  * consumers.
00006  *
00007  * PHP versions 4 and 5
00008  *
00009  * LICENSE: See the COPYING file included in this distribution.
00010  *
00011  * @package OpenID
00012  * @author JanRain, Inc. <openid@janrain.com>
00013  * @copyright 2005-2008 Janrain, Inc.
00014  * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
00015  */
00016 
00017 /**
00018  * Import the interface for creating a new store class.
00019  */
00020 require_once 'Auth/OpenID/Interface.php';
00021 require_once 'Auth/OpenID/HMAC.php';
00022 
00023 /**
00024  * This is a store for use in the worst case, when you have no way of
00025  * saving state on the consumer site. Using this store makes the
00026  * consumer vulnerable to replay attacks, as it's unable to use
00027  * nonces. Avoid using this store if it is at all possible.
00028  *
00029  * Most of the methods of this class are implementation details.
00030  * Users of this class need to worry only about the constructor.
00031  *
00032  * @package OpenID
00033  */
00034 class Auth_OpenID_DumbStore extends Auth_OpenID_OpenIDStore {
00035 
00036     /**
00037      * Creates a new {@link Auth_OpenID_DumbStore} instance. For the security
00038      * of the tokens generated by the library, this class attempts to
00039      * at least have a secure implementation of getAuthKey.
00040      *
00041      * When you create an instance of this class, pass in a secret
00042      * phrase. The phrase is hashed with sha1 to make it the correct
00043      * length and form for an auth key. That allows you to use a long
00044      * string as the secret phrase, which means you can make it very
00045      * difficult to guess.
00046      *
00047      * Each {@link Auth_OpenID_DumbStore} instance that is created for use by
00048      * your consumer site needs to use the same $secret_phrase.
00049      *
00050      * @param string secret_phrase The phrase used to create the auth
00051      * key returned by getAuthKey
00052      */
00053     function Auth_OpenID_DumbStore($secret_phrase)
00054     {
00055         $this->auth_key = Auth_OpenID_SHA1($secret_phrase);
00056     }
00057 
00058     /**
00059      * This implementation does nothing.
00060      */
00061     function storeAssociation($server_url, $association)
00062     {
00063     }
00064 
00065     /**
00066      * This implementation always returns null.
00067      */
00068     function getAssociation($server_url, $handle = null)
00069     {
00070         return null;
00071     }
00072 
00073     /**
00074      * This implementation always returns false.
00075      */
00076     function removeAssociation($server_url, $handle)
00077     {
00078         return false;
00079     }
00080 
00081     /**
00082      * In a system truly limited to dumb mode, nonces must all be
00083      * accepted. This therefore always returns true, which makes
00084      * replay attacks feasible.
00085      */
00086     function useNonce($server_url, $timestamp, $salt)
00087     {
00088         return true;
00089     }
00090 
00091     /**
00092      * This method returns the auth key generated by the constructor.
00093      */
00094     function getAuthKey()
00095     {
00096         return $this->auth_key;
00097     }
00098 }
00099 
00100 ?>
Generated on Sat May 19 2012 04:21:01 for TYPO3 API by   doxygen 1.8.0