4 * Yadis service manager to be used during yadis-driven authentication
11 * The base session class used by the Auth_Yadis_Manager. This
12 * class wraps the default PHP session machinery and should be
13 * subclassed if your application doesn't use PHP sessioning.
17 class Auth_Yadis_PHPSession {
19 * Set a session key/value pair.
21 * @param string $name The name of the session key to add.
22 * @param string $value The value to add to the session.
24 function set($name, $value)
26 $_SESSION[$name] = $value;
30 * Get a key's value from the session.
32 * @param string $name The name of the key to retrieve.
33 * @param string $default The optional value to return if the key
34 * is not found in the session.
35 * @return string $result The key's value in the session or
36 * $default if it isn't found.
38 function get($name, $default=null)
40 if (isset($_SESSION) && array_key_exists($name, $_SESSION)) {
41 return $_SESSION[$name];
48 * Remove a key/value pair from the session.
50 * @param string $name The name of the key to remove.
54 unset($_SESSION[$name]);
58 * Return the contents of the session in array form.
67 * A session helper class designed to translate between arrays and
68 * objects. Note that the class used must have a constructor that
69 * takes no parameters. This is not a general solution, but it works
70 * for dumb objects that just need to have attributes set. The idea
71 * is that you'll subclass this and override $this->check($data) ->
72 * bool to implement your own session data validation.
76 class Auth_Yadis_SessionLoader {
88 * Given a session data value (an array), this creates an object
89 * (returned by $this->newObject()) whose attributes and values
90 * are those in $data. Returns null if $data lacks keys found in
91 * $this->requiredKeys(). Returns null if $this->check($data)
92 * evaluates to false. Returns null if $this->newObject()
97 function fromSession($data)
103 $required = $this->requiredKeys();
105 foreach ($required as $k) {
106 if (!array_key_exists($k, $data)) {
111 if (!$this->check($data)) {
115 $data = array_merge($data, $this->prepareForLoad($data));
116 $obj = $this->newObject($data);
122 foreach ($required as $k) {
123 $obj->$k = $data[$k];
130 * Prepares the data array by making any necessary changes.
131 * Returns an array whose keys and values will be used to update
132 * the original data array before calling $this->newObject($data).
136 function prepareForLoad($data)
142 * Returns a new instance of this loader's class, using the
143 * session data to construct it if necessary. The object need
144 * only be created; $this->fromSession() will take care of setting
145 * the object's attributes.
149 function newObject($data)
155 * Returns an array of keys and values built from the attributes
156 * of $obj. If $this->prepareForSave($obj) returns an array, its keys
157 * and values are used to update the $data array of attributes
162 function toSession($obj)
165 foreach ($obj as $k => $v) {
169 $extra = $this->prepareForSave($obj);
171 if ($extra && is_array($extra)) {
172 foreach ($extra as $k => $v) {
185 function prepareForSave($obj)
192 * A concrete loader implementation for Auth_OpenID_ServiceEndpoints.
196 class Auth_OpenID_ServiceEndpointLoader extends Auth_Yadis_SessionLoader {
197 function newObject($data)
199 return new Auth_OpenID_ServiceEndpoint();
202 function requiredKeys()
204 $obj = new Auth_OpenID_ServiceEndpoint();
206 foreach ($obj as $k => $v) {
212 function check($data)
214 return is_array($data['type_uris']);
219 * A concrete loader implementation for Auth_Yadis_Managers.
223 class Auth_Yadis_ManagerLoader extends Auth_Yadis_SessionLoader {
224 function requiredKeys()
226 return array('starting_url',
234 function newObject($data)
236 return new Auth_Yadis_Manager($data['starting_url'],
239 $data['session_key']);
242 function check($data)
244 return is_array($data['services']);
247 function prepareForLoad($data)
249 $loader = new Auth_OpenID_ServiceEndpointLoader();
251 foreach ($data['services'] as $s) {
252 $services[] = $loader->fromSession($s);
254 return array('services' => $services);
257 function prepareForSave($obj)
259 $loader = new Auth_OpenID_ServiceEndpointLoader();
261 foreach ($obj->services as $s) {
262 $services[] = $loader->toSession($s);
264 return array('services' => $services);
269 * The Yadis service manager which stores state in a session and
270 * iterates over <Service> elements in a Yadis XRDS document and lets
271 * a caller attempt to use each one. This is used by the Yadis
272 * library internally.
276 class Auth_Yadis_Manager {
279 * Intialize a new yadis service manager.
283 function Auth_Yadis_Manager($starting_url, $yadis_url,
284 $services, $session_key)
286 // The URL that was used to initiate the Yadis protocol
287 $this->starting_url = $starting_url;
289 // The URL after following redirects (the identifier)
290 $this->yadis_url = $yadis_url;
292 // List of service elements
293 $this->services = $services;
295 $this->session_key = $session_key;
297 // Reference to the current service object
298 $this->_current = null;
300 // Stale flag for cleanup if PHP lib has trouble.
301 $this->stale = false;
309 // How many untried services remain?
310 return count($this->services);
314 * Return the next service
316 * $this->current() will continue to return that service until the
317 * next call to this method.
319 function nextService()
322 if ($this->services) {
323 $this->_current = array_shift($this->services);
325 $this->_current = null;
328 return $this->_current;
336 // Return the current service.
337 // Returns None if there are no services left.
338 return $this->_current;
344 function forURL($url)
346 return in_array($url, array($this->starting_url, $this->yadis_url));
354 // Has the first service been returned?
355 return $this->_current !== null;
360 * State management for discovery.
362 * High-level usage pattern is to call .getNextService(discover) in
363 * order to find the next available service for this user for this
364 * session. Once a request completes, call .cleanup() to clean up the
369 class Auth_Yadis_Discovery {
374 var $DEFAULT_SUFFIX = 'auth';
379 var $PREFIX = '_yadis_services_';
382 * Initialize a discovery object.
384 * @param Auth_Yadis_PHPSession $session An object which
385 * implements the Auth_Yadis_PHPSession API.
386 * @param string $url The URL on which to attempt discovery.
387 * @param string $session_key_suffix The optional session key
390 function Auth_Yadis_Discovery($session, $url,
391 $session_key_suffix = null)
393 /// Initialize a discovery object
394 $this->session = $session;
396 if ($session_key_suffix === null) {
397 $session_key_suffix = $this->DEFAULT_SUFFIX;
400 $this->session_key_suffix = $session_key_suffix;
401 $this->session_key = $this->PREFIX . $this->session_key_suffix;
405 * Return the next authentication service for the pair of
406 * user_input and session. This function handles fallback.
408 function getNextService($discover_cb, $fetcher)
410 $manager = $this->getManager();
411 if (!$manager || (!$manager->services)) {
412 $this->destroyManager();
414 list($yadis_url, $services) = call_user_func_array($discover_cb,
420 $manager = $this->createManager($services, $yadis_url);
424 $loader = new Auth_Yadis_ManagerLoader();
425 $service = $manager->nextService();
426 $this->session->set($this->session_key,
427 serialize($loader->toSession($manager)));
436 * Clean up Yadis-related services in the session and return the
437 * most-recently-attempted service from the manager, if one
440 * @param $force True if the manager should be deleted regardless
441 * of whether it's a manager for $this->url.
443 function cleanup($force=false)
445 $manager = $this->getManager($force);
447 $service = $manager->current();
448 $this->destroyManager($force);
459 function getSessionKey()
461 // Get the session key for this starting URL and suffix
462 return $this->PREFIX . $this->session_key_suffix;
468 * @param $force True if the manager should be returned regardless
469 * of whether it's a manager for $this->url.
471 function getManager($force=false)
473 // Extract the YadisServiceManager for this object's URL and
474 // suffix from the session.
476 $manager_str = $this->session->get($this->getSessionKey());
479 if ($manager_str !== null) {
480 $loader = new Auth_Yadis_ManagerLoader();
481 $manager = $loader->fromSession(unserialize($manager_str));
484 if ($manager && ($manager->forURL($this->url) || $force)) {
492 function createManager($services, $yadis_url = null)
494 $key = $this->getSessionKey();
495 if ($this->getManager()) {
496 return $this->getManager();
500 $loader = new Auth_Yadis_ManagerLoader();
501 $manager = new Auth_Yadis_Manager($this->url, $yadis_url,
503 $this->session->set($this->session_key,
504 serialize($loader->toSession($manager)));
512 * @param $force True if the manager should be deleted regardless
513 * of whether it's a manager for $this->url.
515 function destroyManager($force=false)
517 if ($this->getManager($force) !== null) {
518 $key = $this->getSessionKey();
519 $this->session->del($key);