Class yii\authclient\OpenId

Inheritanceyii\authclient\OpenId » yii\authclient\BaseClient » yii\base\Component
Implementsyii\authclient\ClientInterface
Available since version2.0

OpenId provides a simple interface for OpenID (1.1 and 2.0) authentication.

Supports Yadis and HTML discovery.

Usage:

use yii\authclient\OpenId;

$client = new OpenId();
$client->authUrl = 'https://open.id.provider.url'; // Setup provider endpoint
$url = $client->buildAuthUrl(); // Get authentication URL
return Yii::$app->getResponse()->redirect($url); // Redirect to authentication URL
// After user returns at our site:
if ($client->validate()) { // validate response
    $userAttributes = $client->getUserAttributes(); // get account info
    ...
}

AX and SREG extensions are supported. To use them, specify $requiredAttributes and/or $optionalAttributes.

See also http://openid.net/.

Public Properties

Hide inherited properties

PropertyTypeDescriptionDefined By
$authUrl string Authentication base URL, which should be used to compose actual authentication URL by buildAuthUrl() method. yii\authclient\OpenId
$axToSregMap array Map of matches between AX and SREG attribute names in format: axAttributeName => sregAttributeName yii\authclient\OpenId
$cainfo string The name of a file holding one or more certificates to verify the peer with. yii\authclient\OpenId
$capath string Directory that holds multiple CA certificates. yii\authclient\OpenId
$data array Data, which should be used to retrieve the OpenID response. yii\authclient\OpenId
$optionalAttributes array List of attributes, which could be returned from server. yii\authclient\OpenId
$requiredAttributes array List of attributes, which always should be returned from server. yii\authclient\OpenId
$verifyPeer boolean Whether to verify the peer's certificate. yii\authclient\OpenId

Public Methods

Hide inherited methods

MethodDescriptionDefined By
buildAuthUrl() Returns authentication URL. Usually, you want to redirect your user to it. yii\authclient\OpenId
createRequest() Creates HTTP request instance. yii\authclient\BaseClient
discover() Performs Yadis and HTML discovery. yii\authclient\OpenId
fetchAttributes() Gets AX/SREG attributes provided by OP. Should be used only after successful validation. yii\authclient\OpenId
getClaimedId() yii\authclient\OpenId
getHttpClient() Returns HTTP client. yii\authclient\BaseClient
getId() yii\authclient\BaseClient
getName() yii\authclient\BaseClient
getNormalizeUserAttributeMap() yii\authclient\BaseClient
getRequestOptions() yii\authclient\BaseClient
getReturnUrl() yii\authclient\OpenId
getStateStorage() yii\authclient\BaseClient
getTitle() yii\authclient\BaseClient
getTrustRoot() yii\authclient\OpenId
getUserAttributes() yii\authclient\BaseClient
getViewOptions() yii\authclient\BaseClient
hostExists() Checks if the server specified in the url exists. yii\authclient\OpenId
init() yii\authclient\OpenId
setClaimedId() yii\authclient\OpenId
setHttpClient() Sets HTTP client to be used. yii\authclient\BaseClient
setId() yii\authclient\BaseClient
setName() yii\authclient\BaseClient
setNormalizeUserAttributeMap() yii\authclient\BaseClient
setRequestOptions() yii\authclient\BaseClient
setReturnUrl() yii\authclient\OpenId
setStateStorage() yii\authclient\BaseClient
setTitle() yii\authclient\BaseClient
setTrustRoot() yii\authclient\OpenId
setUserAttributes() yii\authclient\BaseClient
setViewOptions() yii\authclient\BaseClient
validate() Performs OpenID verification with the OP. yii\authclient\OpenId

Protected Methods

Hide inherited methods

MethodDescriptionDefined By
buildAuthUrlV1() Builds authentication URL for the protocol version 1. yii\authclient\OpenId
buildAuthUrlV2() Builds authentication URL for the protocol version 2. yii\authclient\OpenId
buildAxParams() Composes AX request parameters. yii\authclient\OpenId
buildSregParams() Composes SREG request parameters. yii\authclient\OpenId
buildUrl() Combines given URLs into single one. yii\authclient\OpenId
compareUrl() Compares 2 URLs taking in account possible GET parameters order miss match and URL encoding inconsistencies. yii\authclient\OpenId
createHttpClient() Creates HTTP client instance from reference or configuration. yii\authclient\BaseClient
defaultName() Generates service name. yii\authclient\BaseClient
defaultNormalizeUserAttributeMap() Returns the default \yii\authclient\normalizeUserAttributeMap value. yii\authclient\BaseClient
defaultRequestOptions() Returns default HTTP request options. yii\authclient\OpenId
defaultReturnUrl() Generates default \yii\authclient\returnUrl value. yii\authclient\OpenId
defaultTitle() Generates service title. yii\authclient\BaseClient
defaultViewOptions() Returns the default \yii\authclient\viewOptions value. yii\authclient\BaseClient
extractHtmlTagValue() Scans content for / tags and extract information from them. yii\authclient\OpenId
fetchAxAttributes() Gets AX attributes provided by OP. yii\authclient\OpenId
fetchSregAttributes() Gets SREG attributes provided by OP. SREG names will be mapped to AX names. yii\authclient\OpenId
getState() Returns persistent state value. yii\authclient\BaseClient
getStateKeyPrefix() Returns session key prefix, which is used to store internal states. yii\authclient\BaseClient
initUserAttributes() Initializes authenticated user attributes. yii\authclient\OpenId
normalizeUserAttributes() Normalize given user attributes according to \yii\authclient\normalizeUserAttributeMap. yii\authclient\BaseClient
removeState() Removes persistent state value. yii\authclient\BaseClient
sendRequest() Sends request to the server yii\authclient\OpenId
setState() Sets persistent state. yii\authclient\BaseClient
validateRequiredAttributes() Checks if all required attributes are present in the server response. yii\authclient\OpenId

Property Details

$authUrl public property

Authentication base URL, which should be used to compose actual authentication URL by buildAuthUrl() method.

public string $authUrl null
$axToSregMap public property

Map of matches between AX and SREG attribute names in format: axAttributeName => sregAttributeName

public array $axToSregMap = ['namePerson/friendly' => 'nickname''contact/email' => 'email''namePerson' => 'fullname''birthDate' => 'dob''person/gender' => 'gender''contact/postalCode/home' => 'postcode''contact/country/home' => 'country''pref/language' => 'language''pref/timezone' => 'timezone']
$cainfo public property

The name of a file holding one or more certificates to verify the peer with. This value will take effect only if $verifyPeer is set.

public string $cainfo null
$capath public property

Directory that holds multiple CA certificates. This value will take effect only if $verifyPeer is set.

public string $capath null
$data public property

Data, which should be used to retrieve the OpenID response. If not set combination of GET and POST will be used.

public array $data null
$optionalAttributes public property

List of attributes, which could be returned from server. Attribute names should be always specified in AX format. For example:

['namePerson/first', 'namePerson/last']
$requiredAttributes public property

List of attributes, which always should be returned from server. Attribute names should be always specified in AX format. For example:

['namePerson/friendly', 'contact/email']
$verifyPeer public property

Whether to verify the peer's certificate.

public boolean $verifyPeer null

Method Details

buildAuthUrl() public method

Returns authentication URL. Usually, you want to redirect your user to it.

public string buildAuthUrl ( $identifierSelect null )
$identifierSelect boolean

Whether to request OP to select identity for an user in OpenID 2, does not affect OpenID 1.

return string

The authentication URL.

throws \yii\base\Exception

on failure.

buildAuthUrlV1() protected method

Builds authentication URL for the protocol version 1.

protected string buildAuthUrlV1 ( $serverInfo )
$serverInfo array

OpenID server info.

return string

Authentication URL.

buildAuthUrlV2() protected method

Builds authentication URL for the protocol version 2.

protected string buildAuthUrlV2 ( $serverInfo )
$serverInfo array

OpenID server info.

return string

Authentication URL.

buildAxParams() protected method

Composes AX request parameters.

protected array buildAxParams ( )
return array

AX parameters.

buildSregParams() protected method

Composes SREG request parameters.

protected array buildSregParams ( )
return array

SREG parameters.

buildUrl() protected method

Combines given URLs into single one.

protected string buildUrl ( $baseUrl, $additionalUrl )
$baseUrl string

Base URL.

$additionalUrl string|array

Additional URL string or information array.

return string

Composed URL.

compareUrl() protected method

Compares 2 URLs taking in account possible GET parameters order miss match and URL encoding inconsistencies.

protected boolean compareUrl ( $expectedUrl, $actualUrl )
$expectedUrl string

Expected URL.

$actualUrl string

Actual URL.

return boolean

Whether URLs are equal.

defaultRequestOptions() protected method

Returns default HTTP request options.

protected array defaultRequestOptions ( )
return array

HTTP request options.

defaultReturnUrl() protected method

Generates default \yii\authclient\returnUrl value.

protected string defaultReturnUrl ( )
return string

Default authentication return URL.

discover() public method

Performs Yadis and HTML discovery.

public array discover ( $url )
$url string

Identity URL.

return array

OpenID provider info, following keys will be available:

  • url: string, OP Endpoint (i.e. OpenID provider address).
  • version: int, OpenID protocol version used by provider.
  • identity: string, identity value.
  • identifier_select: bool, whether to request OP to select identity for an user in OpenID 2, does not affect OpenID 1.
  • ax: bool, whether AX attributes should be used.
  • sreg: bool, whether SREG attributes should be used.
throws \yii\base\Exception

on failure.

extractHtmlTagValue() protected method

Scans content for / tags and extract information from them.

protected string|boolean extractHtmlTagValue ( $content, $tag, $matchAttributeName, $matchAttributeValue, $valueAttributeName )
$content string

HTML content to be be parsed.

$tag string

Name of the source tag.

$matchAttributeName string

Name of the source tag attribute, which should contain $matchAttributeValue

$matchAttributeValue string

Required value of $matchAttributeName

$valueAttributeName string

Name of the source tag attribute, which should contain searched value.

return string|boolean

Searched value, "false" on failure.

fetchAttributes() public method

Gets AX/SREG attributes provided by OP. Should be used only after successful validation.

Note that it does not guarantee that any of the required/optional parameters will be present, or that there will be no other attributes besides those specified. In other words. OP may provide whatever information it wants to. SREG names will be mapped to AX names.

See also http://www.axschema.org/types/.

public array fetchAttributes ( )
return array

Array of attributes with keys being the AX schema names, e.g. 'contact/email'

fetchAxAttributes() protected method

Gets AX attributes provided by OP.

protected array fetchAxAttributes ( )
return array

Array of attributes.

fetchSregAttributes() protected method

Gets SREG attributes provided by OP. SREG names will be mapped to AX names.

protected array fetchSregAttributes ( )
return array

Array of attributes with keys being the AX schema names, e.g. 'contact/email'

getClaimedId() public method

public string getClaimedId ( )
return string

Claimed identifier (identity).

getReturnUrl() public method

public string getReturnUrl ( )
return string

Authentication return URL.

getTrustRoot() public method

public string getTrustRoot ( )
return string

Client trust root (realm).

hostExists() public method

Checks if the server specified in the url exists.

public boolean hostExists ( $url )
$url string

URL to check

return boolean

True, if the server exists; false otherwise

init() public method

public void init ( )
initUserAttributes() protected method

Initializes authenticated user attributes.

protected array initUserAttributes ( )
return array

Auth user attributes.

sendRequest() protected method

Sends request to the server

protected array|string sendRequest ( $url, $method 'GET', $params = [] )
$url string

Request URL.

$method string

Request method.

$params array

Request parameters.

return array|string

Response.

throws \yii\base\Exception

on failure.

setClaimedId() public method

public void setClaimedId ( $claimedId )
$claimedId string

Claimed identifier (identity).

setReturnUrl() public method

public void setReturnUrl ( $returnUrl )
$returnUrl string

Authentication return URL.

setTrustRoot() public method

public void setTrustRoot ( $value )
$value string

Client trust root (realm).

validate() public method

Performs OpenID verification with the OP.

public boolean validate ( $validateRequiredAttributes true )
$validateRequiredAttributes boolean

Whether to validate required attributes.

return boolean

Whether the verification was successful.

validateRequiredAttributes() protected method

Checks if all required attributes are present in the server response.

protected boolean validateRequiredAttributes ( )
return boolean

Whether all required attributes are present.