Class yii\authclient\OpenId
Inheritance | yii\authclient\OpenId » yii\authclient\BaseClient » yii\base\Component » yii\base\BaseObject |
---|---|
Implements | yii\authclient\ClientInterface, yii\base\Configurable |
Available since version | 2.0 |
Source Code | https://github.com/yiisoft/yii2-authclient/blob/master/OpenId.php |
OpenId provides a simple interface for OpenID (1.1 and 2.0) authentication.
Supports Yadis and HTML discovery.
Usage:
use yii\authclient\OpenId;
$client = new OpenId();
$client->authUrl = 'https://open.id.provider.url'; // Setup provider endpoint
$url = $client->buildAuthUrl(); // Get authentication URL
return Yii::$app->getResponse()->redirect($url); // Redirect to authentication URL
// After user returns at our site:
if ($client->validate()) { // validate response
$userAttributes = $client->getUserAttributes(); // get account info
...
}
AX and SREG extensions are supported. To use them, specify $requiredAttributes and/or $optionalAttributes.
See also http://openid.net/.
Public Properties
Property | Type | Description | Defined By |
---|---|---|---|
$authUrl | string | Authentication base URL, which should be used to compose actual authentication URL by buildAuthUrl() method. | yii\authclient\OpenId |
$axToSregMap | array | Map of matches between AX and SREG attribute names in format: axAttributeName => sregAttributeName | yii\authclient\OpenId |
$behaviors | yii\base\Behavior[] | List of behaviors attached to this component. | yii\base\Component |
$cainfo | string | The name of a file holding one or more certificates to verify the peer with. | yii\authclient\OpenId |
$capath | string | Directory that holds multiple CA certificates. | yii\authclient\OpenId |
$claimedId | string | Claimed identifier (identity). | yii\authclient\OpenId |
$data | array | Data, which should be used to retrieve the OpenID response. | yii\authclient\OpenId |
$httpClient | yii\httpclient\Client | Internal HTTP client. Note that the type of this property differs in getter and setter. See getHttpClient() and setHttpClient() for details. | yii\authclient\BaseClient |
$id | string | Service id. | yii\authclient\BaseClient |
$name | string | Service name. | yii\authclient\BaseClient |
$normalizeUserAttributeMap | array | Normalize user attribute map. | yii\authclient\BaseClient |
$optionalAttributes | array | List of attributes, which could be returned from server. | yii\authclient\OpenId |
$requestOptions | array | HTTP request options. | yii\authclient\BaseClient |
$requiredAttributes | array | List of attributes, which always should be returned from server. | yii\authclient\OpenId |
$returnUrl | string | Authentication return URL. | yii\authclient\OpenId |
$stateStorage | yii\authclient\StateStorageInterface | Stage storage. Note that the type of this property differs in getter and setter. See getStateStorage() and setStateStorage() for details. | yii\authclient\BaseClient |
$title | string | Service title. | yii\authclient\BaseClient |
$trustRoot | string | Client trust root (realm). | yii\authclient\OpenId |
$userAttributes | array | List of user attributes. | yii\authclient\BaseClient |
$verifyPeer | boolean | Whether to verify the peer's certificate. | yii\authclient\OpenId |
$viewOptions | array | View options in format: optionName => optionValue. | yii\authclient\BaseClient |
Public Methods
Protected Methods
Method | Description | Defined By |
---|---|---|
buildAuthUrlV1() | Builds authentication URL for the protocol version 1. | yii\authclient\OpenId |
buildAuthUrlV2() | Builds authentication URL for the protocol version 2. | yii\authclient\OpenId |
buildAxParams() | Composes AX request parameters. | yii\authclient\OpenId |
buildSregParams() | Composes SREG request parameters. | yii\authclient\OpenId |
buildUrl() | Combines given URLs into single one. | yii\authclient\OpenId |
compareUrl() | Compares 2 URLs taking in account possible GET parameters order miss match and URL encoding inconsistencies. | yii\authclient\OpenId |
createHttpClient() | Creates HTTP client instance from reference or configuration. | yii\authclient\BaseClient |
defaultName() | Generates service name. | yii\authclient\BaseClient |
defaultNormalizeUserAttributeMap() | Returns the default $normalizeUserAttributeMap value. | yii\authclient\BaseClient |
defaultRequestOptions() | Returns default HTTP request options. | yii\authclient\OpenId |
defaultReturnUrl() | Generates default $returnUrl value. | yii\authclient\OpenId |
defaultTitle() | Generates service title. | yii\authclient\BaseClient |
defaultViewOptions() | Returns the default $viewOptions value. | yii\authclient\BaseClient |
extractHtmlTagValue() | Scans content for / tags and extract information from them. | yii\authclient\OpenId |
fetchAxAttributes() | Gets AX attributes provided by OP. | yii\authclient\OpenId |
fetchSregAttributes() | Gets SREG attributes provided by OP. SREG names will be mapped to AX names. | yii\authclient\OpenId |
getState() | Returns persistent state value. | yii\authclient\BaseClient |
getStateKeyPrefix() | Returns session key prefix, which is used to store internal states. | yii\authclient\BaseClient |
initUserAttributes() | Initializes authenticated user attributes. | yii\authclient\OpenId |
normalizeUserAttributes() | Normalize given user attributes according to $normalizeUserAttributeMap. | yii\authclient\BaseClient |
removeState() | Removes persistent state value. | yii\authclient\BaseClient |
sendRequest() | Sends request to the server | yii\authclient\OpenId |
setState() | Sets persistent state. | yii\authclient\BaseClient |
validateRequiredAttributes() | Checks if all required attributes are present in the server response. | yii\authclient\OpenId |
Property Details
Authentication base URL, which should be used to compose actual authentication URL by buildAuthUrl() method.
Map of matches between AX and SREG attribute names in format: axAttributeName => sregAttributeName
'namePerson/friendly' => 'nickname', 'contact/email' => 'email', 'namePerson' => 'fullname', 'birthDate' => 'dob', 'person/gender' => 'gender', 'contact/postalCode/home' => 'postcode', 'contact/country/home' => 'country', 'pref/language' => 'language', 'pref/timezone' => 'timezone'
]
The name of a file holding one or more certificates to verify the peer with. This value will take effect only if $verifyPeer is set.
Directory that holds multiple CA certificates. This value will take effect only if $verifyPeer is set.
Claimed identifier (identity).
Data, which should be used to retrieve the OpenID response. If not set combination of GET and POST will be used.
List of attributes, which could be returned from server. Attribute names should be always specified in AX format. For example:
['namePerson/first', 'namePerson/last']
List of attributes, which always should be returned from server. Attribute names should be always specified in AX format. For example:
['namePerson/friendly', 'contact/email']
Authentication return URL.
Client trust root (realm).
Whether to verify the peer's certificate.
Method Details
Returns authentication URL. Usually, you want to redirect your user to it.
public string buildAuthUrl ( $identifierSelect = null ) | ||
$identifierSelect | boolean | Whether to request OP to select identity for an user in OpenID 2, does not affect OpenID 1. |
return | string | The authentication URL. |
---|---|---|
throws | yii\base\Exception | on failure. |
Builds authentication URL for the protocol version 1.
protected string buildAuthUrlV1 ( $serverInfo ) | ||
$serverInfo | array | OpenID server info. |
return | string | Authentication URL. |
---|
Builds authentication URL for the protocol version 2.
protected string buildAuthUrlV2 ( $serverInfo ) | ||
$serverInfo | array | OpenID server info. |
return | string | Authentication URL. |
---|
Composes AX request parameters.
protected array buildAxParams ( ) | ||
return | array | AX parameters. |
---|
Composes SREG request parameters.
protected array buildSregParams ( ) | ||
return | array | SREG parameters. |
---|
Combines given URLs into single one.
protected string buildUrl ( $baseUrl, $additionalUrl ) | ||
$baseUrl | string | Base URL. |
$additionalUrl | string|array | Additional URL string or information array. |
return | string | Composed URL. |
---|
Compares 2 URLs taking in account possible GET parameters order miss match and URL encoding inconsistencies.
protected boolean compareUrl ( $expectedUrl, $actualUrl ) | ||
$expectedUrl | string | Expected URL. |
$actualUrl | string | Actual URL. |
return | boolean | Whether URLs are equal. |
---|
Returns default HTTP request options.
protected array defaultRequestOptions ( ) | ||
return | array | HTTP request options. |
---|
Generates default $returnUrl value.
protected string defaultReturnUrl ( ) | ||
return | string | Default authentication return URL. |
---|
Performs Yadis and HTML discovery.
public array discover ( $url ) | ||
$url | string | Identity URL. |
return | array | OpenID provider info, following keys will be available:
|
---|---|---|
throws | yii\base\Exception | on failure. |
Scans content for / tags and extract information from them.
protected string|boolean extractHtmlTagValue ( $content, $tag, $matchAttributeName, $matchAttributeValue, $valueAttributeName ) | ||
$content | string | HTML content to be be parsed. |
$tag | string | Name of the source tag. |
$matchAttributeName | string | Name of the source tag attribute, which should contain $matchAttributeValue |
$matchAttributeValue | string | Required value of $matchAttributeName |
$valueAttributeName | string | Name of the source tag attribute, which should contain searched value. |
return | string|boolean | Searched value, "false" on failure. |
---|
Gets AX/SREG attributes provided by OP. Should be used only after successful validation.
Note that it does not guarantee that any of the required/optional parameters will be present, or that there will be no other attributes besides those specified. In other words. OP may provide whatever information it wants to. SREG names will be mapped to AX names.
See also http://www.axschema.org/types/.
public array fetchAttributes ( ) | ||
return | array | Array of attributes with keys being the AX schema names, e.g. 'contact/email' |
---|
Gets AX attributes provided by OP.
protected array fetchAxAttributes ( ) | ||
return | array | Array of attributes. |
---|
Gets SREG attributes provided by OP. SREG names will be mapped to AX names.
protected array fetchSregAttributes ( ) | ||
return | array | Array of attributes with keys being the AX schema names, e.g. 'contact/email' |
---|
public string getClaimedId ( ) | ||
return | string | Claimed identifier (identity). |
---|
public string getReturnUrl ( ) | ||
return | string | Authentication return URL. |
---|
public string getTrustRoot ( ) | ||
return | string | Client trust root (realm). |
---|
Checks if the server specified in the url exists.
public boolean hostExists ( $url ) | ||
$url | string | URL to check |
return | boolean | True, if the server exists; false otherwise |
---|
Initializes the object.
This method is invoked at the end of the constructor after the object is initialized with the given configuration.
public void init ( ) |
Initializes authenticated user attributes.
protected array initUserAttributes ( ) | ||
return | array | Auth user attributes. |
---|
Sends request to the server
protected array|string sendRequest ( $url, $method = 'GET', $params = [] ) | ||
$url | string | Request URL. |
$method | string | Request method. |
$params | array | Request parameters. |
return | array|string | Response. |
---|---|---|
throws | yii\base\Exception | on failure. |
public void setClaimedId ( $claimedId ) | ||
$claimedId | string | Claimed identifier (identity). |
public void setReturnUrl ( $returnUrl ) | ||
$returnUrl | string | Authentication return URL. |
public void setTrustRoot ( $value ) | ||
$value | string | Client trust root (realm). |
Performs OpenID verification with the OP.
public boolean validate ( $validateRequiredAttributes = true ) | ||
$validateRequiredAttributes | boolean | Whether to validate required attributes. |
return | boolean | Whether the verification was successful. |
---|
Checks if all required attributes are present in the server response.
protected boolean validateRequiredAttributes ( ) | ||
return | boolean | Whether all required attributes are present. |
---|