8
* This source file is subject to the new BSD license that is bundled
9
* with this package in the file LICENSE.txt.
10
* It is also available through the world-wide-web at this URL:
11
* http://framework.zend.com/license/new-bsd
12
* If you did not receive a copy of the license and are unable to
13
* obtain it through the world-wide-web, please send an email
14
* to license@zend.com so we can send you a copy immediately.
17
* @package Zend_OpenId
18
* @subpackage Zend_OpenId_Consumer
19
* @copyright Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
20
* @license http://framework.zend.com/license/new-bsd New BSD License
21
* @version $Id: File.php 9250 2008-04-18 21:00:13Z darby $
25
* @see Zend_OpenId_Consumer_Storage
27
require_once "Zend/OpenId/Consumer/Storage.php";
30
* External storage implemmentation using serialized files
33
* @package Zend_OpenId
34
* @subpackage Zend_OpenId_Consumer
35
* @copyright Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
36
* @license http://framework.zend.com/license/new-bsd New BSD License
38
class Zend_OpenId_Consumer_Storage_File extends Zend_OpenId_Consumer_Storage
42
* Directory name to store data files in
49
* Constructs storage object and creates storage directory
51
* @param string $dir directory name to store data files in
52
* @throws Zend_OpenId_Exception
54
public function __construct($dir = null)
59
$tmp = getenv('TEMP');
64
$user = get_current_user();
65
if (is_string($user) && !empty($user)) {
68
$dir = $tmp . '/openid/consumer';
71
if (!is_dir($this->_dir)) {
72
if (!@mkdir($this->_dir, 0700, 1)) {
74
* @see Zend_OpenId_Exception
76
require_once 'Zend/OpenId/Exception.php';
77
throw new Zend_OpenId_Exception(
78
'Cannot access storage directory ' . $dir,
79
Zend_OpenId_Exception::ERROR_STORAGE);
82
if (($f = fopen($this->_dir.'/assoc.lock', 'w+')) === null) {
84
* @see Zend_OpenId_Exception
86
require_once 'Zend/OpenId/Exception.php';
87
throw new Zend_OpenId_Exception(
88
'Cannot create a lock file in the directory ' . $dir,
89
Zend_OpenId_Exception::ERROR_STORAGE);
92
if (($f = fopen($this->_dir.'/discovery.lock', 'w+')) === null) {
94
* @see Zend_OpenId_Exception
96
require_once 'Zend/OpenId/Exception.php';
97
throw new Zend_OpenId_Exception(
98
'Cannot create a lock file in the directory ' . $dir,
99
Zend_OpenId_Exception::ERROR_STORAGE);
102
if (($f = fopen($this->_dir.'/nonce.lock', 'w+')) === null) {
104
* @see Zend_OpenId_Exception
106
require_once 'Zend/OpenId/Exception.php';
107
throw new Zend_OpenId_Exception(
108
'Cannot create a lock file in the directory ' . $dir,
109
Zend_OpenId_Exception::ERROR_STORAGE);
115
* Stores information about association identified by $url/$handle
117
* @param string $url OpenID server URL
118
* @param string $handle assiciation handle
119
* @param string $macFunc HMAC function (sha1 or sha256)
120
* @param string $secret shared secret
121
* @param long $expires expiration UNIX time
124
public function addAssociation($url, $handle, $macFunc, $secret, $expires)
126
$name1 = $this->_dir . '/assoc_url_' . md5($url);
127
$name2 = $this->_dir . '/assoc_handle_' . md5($handle);
128
$lock = @fopen($this->_dir . '/assoc.lock', 'w+');
129
if ($lock === false) {
132
if (!flock($lock, LOCK_EX)) {
136
$f = @fopen($name1, 'w+');
141
$data = serialize(array($url, $handle, $macFunc, $secret, $expires));
143
if (function_exists('symlink')) {
145
symlink($name1, $name2);
147
$f2 = @fopen($name2, 'w+');
159
* Gets information about association identified by $url
160
* Returns true if given association found and not expired and false
163
* @param string $url OpenID server URL
164
* @param string &$handle assiciation handle
165
* @param string &$macFunc HMAC function (sha1 or sha256)
166
* @param string &$secret shared secret
167
* @param long &$expires expiration UNIX time
170
public function getAssociation($url, &$handle, &$macFunc, &$secret, &$expires)
172
$name1 = $this->_dir . '/assoc_url_' . md5($url);
173
$lock = @fopen($this->_dir . '/assoc.lock', 'w+');
174
if ($lock === false) {
177
if (!flock($lock, LOCK_EX)) {
181
$f = @fopen($name1, 'r');
187
$data = stream_get_contents($f);
189
list($storedUrl, $handle, $macFunc, $secret, $expires) = unserialize($data);
190
if ($url === $storedUrl && $expires > time()) {
193
$name2 = $this->_dir . '/assoc_handle_' . md5($handle);
207
* Gets information about association identified by $handle
208
* Returns true if given association found and not expired and false
211
* @param string $handle assiciation handle
212
* @param string &$url OpenID server URL
213
* @param string &$macFunc HMAC function (sha1 or sha256)
214
* @param string &$secret shared secret
215
* @param long &$expires expiration UNIX time
218
public function getAssociationByHandle($handle, &$url, &$macFunc, &$secret, &$expires)
220
$name2 = $this->_dir . '/assoc_handle_' . md5($handle);
221
$lock = @fopen($this->_dir . '/assoc.lock', 'w+');
222
if ($lock === false) {
225
if (!flock($lock, LOCK_EX)) {
229
$f = @fopen($name2, 'r');
235
$data = stream_get_contents($f);
237
list($url, $storedHandle, $macFunc, $secret, $expires) = unserialize($data);
238
if ($handle === $storedHandle && $expires > time()) {
243
$name1 = $this->_dir . '/assoc_url_' . md5($url);
255
* Deletes association identified by $url
257
* @param string $url OpenID server URL
260
public function delAssociation($url)
262
$name1 = $this->_dir . '/assoc_url_' . md5($url);
263
$lock = @fopen($this->_dir . '/assoc.lock', 'w+');
264
if ($lock === false) {
267
if (!flock($lock, LOCK_EX)) {
271
$f = @fopen($name1, 'r');
276
$data = stream_get_contents($f);
278
list($storedUrl, $handle, $macFunc, $secret, $expires) = unserialize($data);
279
if ($url === $storedUrl) {
280
$name2 = $this->_dir . '/assoc_handle_' . md5($handle);
294
* Stores information discovered from identity $id
296
* @param string $id identity
297
* @param string $realId discovered real identity URL
298
* @param string $server discovered OpenID server URL
299
* @param float $version discovered OpenID protocol version
300
* @param long $expires expiration UNIX time
303
public function addDiscoveryInfo($id, $realId, $server, $version, $expires)
305
$name = $this->_dir . '/discovery_' . md5($id);
306
$lock = @fopen($this->_dir . '/discovery.lock', 'w+');
307
if ($lock === false) {
310
if (!flock($lock, LOCK_EX)) {
314
$f = @fopen($name, 'w+');
319
$data = serialize(array($id, $realId, $server, $version, $expires));
327
* Gets information discovered from identity $id
328
* Returns true if such information exists and false otherwise
330
* @param string $id identity
331
* @param string &$realId discovered real identity URL
332
* @param string &$server discovered OpenID server URL
333
* @param float &$version discovered OpenID protocol version
334
* @param long &$expires expiration UNIX time
337
public function getDiscoveryInfo($id, &$realId, &$server, &$version, &$expires)
339
$name = $this->_dir . '/discovery_' . md5($id);
340
$lock = @fopen($this->_dir . '/discovery.lock', 'w+');
341
if ($lock === false) {
344
if (!flock($lock, LOCK_EX)) {
348
$f = @fopen($name, 'r');
354
$data = stream_get_contents($f);
356
list($storedId, $realId, $server, $version, $expires) = unserialize($data);
357
if ($id === $storedId && $expires > time()) {
372
* Removes cached information discovered from identity $id
374
* @param string $id identity
377
public function delDiscoveryInfo($id)
379
$name = $this->_dir . '/discovery_' . md5($id);
380
$lock = @fopen($this->_dir . '/discovery.lock', 'w+');
381
if ($lock === false) {
384
if (!flock($lock, LOCK_EX)) {
394
* The function checks the uniqueness of openid.response_nonce
396
* @param string $provider openid.openid_op_endpoint field from authentication response
397
* @param string $nonce openid.response_nonce field from authentication response
400
public function isUniqueNonce($provider, $nonce)
402
$name = $this->_dir . '/nonce_' . md5($provider.';'.$nonce);
403
$lock = @fopen($this->_dir . '/nonce.lock', 'w+');
404
if ($lock === false) {
407
if (!flock($lock, LOCK_EX)) {
411
$f = @fopen($name, 'x');
416
fwrite($f, $provider.';'.$nonce);
423
* Removes data from the uniqueness database that is older then given date
425
* @param mixed $date date of expired data
427
public function purgeNonces($date=null)
429
$lock = @fopen($this->_dir . '/nonce.lock', 'w+');
430
if ($lock !== false) {
431
flock($lock, LOCK_EX);
433
if (!is_int($date) && !is_string($date)) {
434
foreach (glob($this->_dir . '/nonce_*') as $name) {
438
if (is_string($date)) {
443
foreach (glob($this->_dir . '/nonce_*') as $name) {
444
if (filemtime($name) < $time) {
449
if ($lock !== false) {