Class yii\authclient\OpenId
Inheritance | yii\authclient\OpenId » yii\authclient\BaseClient » yii\base\Component » yii\base\BaseObject |
---|---|
Implements | yii\authclient\ClientInterface, yii\base\Configurable |
Available since version | 2.0 |
Source Code | https://github.com/yiisoft/yii2-authclient/blob/master/OpenId.php |
OpenId provides a simple interface for OpenID (1.1 and 2.0) authentication.
Supports Yadis and HTML discovery.
Usage:
use yii\authclient\OpenId;
$client = new OpenId();
$client->authUrl = 'https://open.id.provider.url'; // Setup provider endpoint
$url = $client->buildAuthUrl(); // Get authentication URL
return Yii::$app->getResponse()->redirect($url); // Redirect to authentication URL
// After user returns at our site:
if ($client->validate()) { // validate response
$userAttributes = $client->getUserAttributes(); // get account info
...
}
AX and SREG extensions are supported. To use them, specify $requiredAttributes and/or $optionalAttributes.
See also http://openid.net/.
Public Properties
Property | Type | Description | Defined By |
---|---|---|---|
$authUrl | string | Authentication base URL, which should be used to compose actual authentication URL by buildAuthUrl() method. | yii\authclient\OpenId |
$axToSregMap | array | Map of matches between AX and SREG attribute names in format: axAttributeName => sregAttributeName | yii\authclient\OpenId |
$cainfo | string | The name of a file holding one or more certificates to verify the peer with. | yii\authclient\OpenId |
$capath | string | Directory that holds multiple CA certificates. | yii\authclient\OpenId |
$data | array | Data, which should be used to retrieve the OpenID response. | yii\authclient\OpenId |
$optionalAttributes | array | List of attributes, which could be returned from server. | yii\authclient\OpenId |
$requiredAttributes | array | List of attributes, which always should be returned from server. | yii\authclient\OpenId |
$verifyPeer | boolean | Whether to verify the peer's certificate. | yii\authclient\OpenId |
Public Methods
Protected Methods
Method | Description | Defined By |
---|---|---|
buildAuthUrlV1() | Builds authentication URL for the protocol version 1. | yii\authclient\OpenId |
buildAuthUrlV2() | Builds authentication URL for the protocol version 2. | yii\authclient\OpenId |
buildAxParams() | Composes AX request parameters. | yii\authclient\OpenId |
buildSregParams() | Composes SREG request parameters. | yii\authclient\OpenId |
buildUrl() | Combines given URLs into single one. | yii\authclient\OpenId |
compareUrl() | Compares 2 URLs taking in account possible GET parameters order miss match and URL encoding inconsistencies. | yii\authclient\OpenId |
createHttpClient() | Creates HTTP client instance from reference or configuration. | yii\authclient\BaseClient |
defaultName() | Generates service name. | yii\authclient\BaseClient |
defaultNormalizeUserAttributeMap() | Returns the default \yii\authclient\normalizeUserAttributeMap value. | yii\authclient\BaseClient |
defaultRequestOptions() | {@inheritdoc} | yii\authclient\OpenId |
defaultReturnUrl() | Generates default \yii\authclient\returnUrl value. | yii\authclient\OpenId |
defaultTitle() | Generates service title. | yii\authclient\BaseClient |
defaultViewOptions() | Returns the default \yii\authclient\viewOptions value. | yii\authclient\BaseClient |
extractHtmlTagValue() | Scans content for / tags and extract information from them. | yii\authclient\OpenId |
fetchAxAttributes() | Gets AX attributes provided by OP. | yii\authclient\OpenId |
fetchSregAttributes() | Gets SREG attributes provided by OP. SREG names will be mapped to AX names. | yii\authclient\OpenId |
getState() | Returns persistent state value. | yii\authclient\BaseClient |
getStateKeyPrefix() | Returns session key prefix, which is used to store internal states. | yii\authclient\BaseClient |
initUserAttributes() | {@inheritdoc} | yii\authclient\OpenId |
normalizeUserAttributes() | Normalize given user attributes according to \yii\authclient\normalizeUserAttributeMap. | yii\authclient\BaseClient |
removeState() | Removes persistent state value. | yii\authclient\BaseClient |
sendRequest() | Sends request to the server | yii\authclient\OpenId |
setState() | Sets persistent state. | yii\authclient\BaseClient |
validateRequiredAttributes() | Checks if all required attributes are present in the server response. | yii\authclient\OpenId |
Property Details
Authentication base URL, which should be used to compose actual authentication URL by buildAuthUrl() method.
Map of matches between AX and SREG attribute names in format: axAttributeName => sregAttributeName
The name of a file holding one or more certificates to verify the peer with. This value will take effect only if $verifyPeer is set.
Directory that holds multiple CA certificates. This value will take effect only if $verifyPeer is set.
Data, which should be used to retrieve the OpenID response. If not set combination of GET and POST will be used.
List of attributes, which could be returned from server. Attribute names should be always specified in AX format. For example:
['namePerson/first', 'namePerson/last']
List of attributes, which always should be returned from server. Attribute names should be always specified in AX format. For example:
['namePerson/friendly', 'contact/email']
Whether to verify the peer's certificate.
Method Details
Returns authentication URL. Usually, you want to redirect your user to it.
public string buildAuthUrl ( $identifierSelect = null ) | ||
$identifierSelect | boolean | Whether to request OP to select identity for an user in OpenID 2, does not affect OpenID 1. |
return | string | The authentication URL. |
---|---|---|
throws | yii\base\Exception | on failure. |
Builds authentication URL for the protocol version 1.
protected string buildAuthUrlV1 ( $serverInfo ) | ||
$serverInfo | array | OpenID server info. |
return | string | Authentication URL. |
---|
Builds authentication URL for the protocol version 2.
protected string buildAuthUrlV2 ( $serverInfo ) | ||
$serverInfo | array | OpenID server info. |
return | string | Authentication URL. |
---|
Composes AX request parameters.
protected array buildAxParams ( ) | ||
return | array | AX parameters. |
---|
Composes SREG request parameters.
protected array buildSregParams ( ) | ||
return | array | SREG parameters. |
---|
Combines given URLs into single one.
protected string buildUrl ( $baseUrl, $additionalUrl ) | ||
$baseUrl | string | Base URL. |
$additionalUrl | string|array | Additional URL string or information array. |
return | string | Composed URL. |
---|
Compares 2 URLs taking in account possible GET parameters order miss match and URL encoding inconsistencies.
protected boolean compareUrl ( $expectedUrl, $actualUrl ) | ||
$expectedUrl | string | Expected URL. |
$actualUrl | string | Actual URL. |
return | boolean | Whether URLs are equal. |
---|
{@inheritdoc}
protected void defaultRequestOptions ( ) |
Generates default \yii\authclient\returnUrl value.
protected string defaultReturnUrl ( ) | ||
return | string | Default authentication return URL. |
---|
Performs Yadis and HTML discovery.
public array discover ( $url ) | ||
$url | string | Identity URL. |
return | array | OpenID provider info, following keys will be available:
|
---|---|---|
throws | yii\base\Exception | on failure. |
Scans content for / tags and extract information from them.
protected string|boolean extractHtmlTagValue ( $content, $tag, $matchAttributeName, $matchAttributeValue, $valueAttributeName ) | ||
$content | string | HTML content to be be parsed. |
$tag | string | Name of the source tag. |
$matchAttributeName | string | Name of the source tag attribute, which should contain $matchAttributeValue |
$matchAttributeValue | string | Required value of $matchAttributeName |
$valueAttributeName | string | Name of the source tag attribute, which should contain searched value. |
return | string|boolean | Searched value, "false" on failure. |
---|
Gets AX/SREG attributes provided by OP. Should be used only after successful validation.
Note that it does not guarantee that any of the required/optional parameters will be present, or that there will be no other attributes besides those specified. In other words. OP may provide whatever information it wants to. SREG names will be mapped to AX names.
See also http://www.axschema.org/types/.
public array fetchAttributes ( ) | ||
return | array | Array of attributes with keys being the AX schema names, e.g. 'contact/email' |
---|
Gets AX attributes provided by OP.
protected array fetchAxAttributes ( ) | ||
return | array | Array of attributes. |
---|
Gets SREG attributes provided by OP. SREG names will be mapped to AX names.
protected array fetchSregAttributes ( ) | ||
return | array | Array of attributes with keys being the AX schema names, e.g. 'contact/email' |
---|
public string getClaimedId ( ) | ||
return | string | Claimed identifier (identity). |
---|
public string getReturnUrl ( ) | ||
return | string | Authentication return URL. |
---|
public string getTrustRoot ( ) | ||
return | string | Client trust root (realm). |
---|
Checks if the server specified in the url exists.
public boolean hostExists ( $url ) | ||
$url | string | URL to check |
return | boolean | True, if the server exists; false otherwise |
---|
{@inheritdoc}
public void init ( ) |
{@inheritdoc}
protected void initUserAttributes ( ) |
Sends request to the server
protected array|string sendRequest ( $url, $method = 'GET', $params = [] ) | ||
$url | string | Request URL. |
$method | string | Request method. |
$params | array | Request parameters. |
return | array|string | Response. |
---|---|---|
throws | yii\base\Exception | on failure. |
public void setClaimedId ( $claimedId ) | ||
$claimedId | string | Claimed identifier (identity). |
public void setReturnUrl ( $returnUrl ) | ||
$returnUrl | string | Authentication return URL. |
public void setTrustRoot ( $value ) | ||
$value | string | Client trust root (realm). |
Performs OpenID verification with the OP.
public boolean validate ( $validateRequiredAttributes = true ) | ||
$validateRequiredAttributes | boolean | Whether to validate required attributes. |
return | boolean | Whether the verification was successful. |
---|
Checks if all required attributes are present in the server response.
protected boolean validateRequiredAttributes ( ) | ||
return | boolean | Whether all required attributes are present. |
---|