diff options
| author | tailor <cygnus@janrain.com> | 2007-02-14 22:37:26 +0000 |
|---|---|---|
| committer | tailor <cygnus@janrain.com> | 2007-02-14 22:37:26 +0000 |
| commit | a01e702b8a34ec0b26ff72e2d5954e54b4880dd7 (patch) | |
| tree | e31cc1e022422a51a40ffb1a814bf5a9704e0f00 | |
| parent | da2ec5feccef42c0004bfde3a286d00336a9b052 (diff) | |
| download | php-openid-a01e702b8a34ec0b26ff72e2d5954e54b4880dd7.zip php-openid-a01e702b8a34ec0b26ff72e2d5954e54b4880dd7.tar.gz php-openid-a01e702b8a34ec0b26ff72e2d5954e54b4880dd7.tar.bz2 | |
[project @ Removed settings table and auth key code from stores]
| -rw-r--r-- | Auth/OpenID/FileStore.php | 102 | ||||
| -rw-r--r-- | Auth/OpenID/Interface.php | 22 | ||||
| -rw-r--r-- | Auth/OpenID/MySQLStore.php | 10 | ||||
| -rw-r--r-- | Auth/OpenID/PostgreSQLStore.php | 11 | ||||
| -rw-r--r-- | Auth/OpenID/SQLStore.php | 87 | ||||
| -rw-r--r-- | Auth/OpenID/SQLiteStore.php | 10 | ||||
| -rw-r--r-- | Tests/Auth/OpenID/MemStore.php | 8 | ||||
| -rw-r--r-- | Tests/Auth/OpenID/StoreTest.php | 14 |
8 files changed, 9 insertions, 255 deletions
diff --git a/Auth/OpenID/FileStore.php b/Auth/OpenID/FileStore.php index 84f6332..9a24030 100644 --- a/Auth/OpenID/FileStore.php +++ b/Auth/OpenID/FileStore.php @@ -63,11 +63,9 @@ class Auth_OpenID_FileStore extends Auth_OpenID_OpenIDStore { 'associations'; // Temp dir must be on the same filesystem as the assciations - // $directory and the $directory containing the auth key file. + // $directory. $this->temp_dir = $directory . DIRECTORY_SEPARATOR . 'temp'; - $this->auth_key_name = $directory . DIRECTORY_SEPARATOR . 'auth_key'; - $this->max_nonce_age = 6 * 60 * 60; // Six hours, in seconds if (!$this->_setup()) { @@ -90,15 +88,14 @@ class Auth_OpenID_FileStore extends Auth_OpenID_OpenIDStore { */ function _setup() { - return (Auth_OpenID::ensureDir(dirname($this->auth_key_name)) && - Auth_OpenID::ensureDir($this->nonce_dir) && + return (Auth_OpenID::ensureDir($this->nonce_dir) && Auth_OpenID::ensureDir($this->association_dir) && Auth_OpenID::ensureDir($this->temp_dir)); } /** * Create a temporary file on the same filesystem as - * $this->auth_key_name and $this->association_dir. + * $this->association_dir. * * The temporary directory should not be cleaned if there are any * processes using the store. If there is no active process using @@ -120,99 +117,6 @@ class Auth_OpenID_FileStore extends Auth_OpenID_OpenIDStore { } /** - * Read the auth key from the auth key file. Will return None if - * there is currently no key. - * - * @return mixed - */ - function readAuthKey() - { - if (!$this->active) { - trigger_error("FileStore no longer active", E_USER_ERROR); - return null; - } - - $auth_key_file = @fopen($this->auth_key_name, 'rb'); - if ($auth_key_file === false) { - return null; - } - - $key = fread($auth_key_file, filesize($this->auth_key_name)); - fclose($auth_key_file); - - return $key; - } - - /** - * Generate a new random auth key and safely store it in the - * location specified by $this->auth_key_name. - * - * @return string $key - */ - function createAuthKey() - { - if (!$this->active) { - trigger_error("FileStore no longer active", E_USER_ERROR); - return null; - } - - $auth_key = Auth_OpenID_CryptUtil::randomString($this->AUTH_KEY_LEN); - - list($file_obj, $tmp) = $this->_mktemp(); - - fwrite($file_obj, $auth_key); - fflush($file_obj); - fclose($file_obj); - - if (function_exists('link')) { - // Posix filesystem - $saved = link($tmp, $this->auth_key_name); - Auth_OpenID_FileStore::_removeIfPresent($tmp); - } else { - // Windows filesystem - $saved = rename($tmp, $this->auth_key_name); - } - - if (!$saved) { - // The link failed, either because we lack the permission, - // or because the file already exists; try to read the key - // in case the file already existed. - $auth_key = $this->readAuthKey(); - } - - return $auth_key; - } - - /** - * Retrieve the auth key from the file specified by - * $this->auth_key_name, creating it if it does not exist. - * - * @return string $key - */ - function getAuthKey() - { - if (!$this->active) { - trigger_error("FileStore no longer active", E_USER_ERROR); - return null; - } - - $auth_key = $this->readAuthKey(); - if ($auth_key === null) { - $auth_key = $this->createAuthKey(); - - if (strlen($auth_key) != $this->AUTH_KEY_LEN) { - $fmt = 'Got an invalid auth key from %s. Expected '. - '%d-byte string. Got: %s'; - $msg = sprintf($fmt, $this->auth_key_name, $this->AUTH_KEY_LEN, - $auth_key); - trigger_error($msg, E_USER_WARNING); - return null; - } - } - return $auth_key; - } - - /** * Create a unique filename for a given server url and * handle. This implementation does not assume anything about the * format of the handle. The filename that is returned will diff --git a/Auth/OpenID/Interface.php b/Auth/OpenID/Interface.php index ce9fa1f..bd21251 100644 --- a/Auth/OpenID/Interface.php +++ b/Auth/OpenID/Interface.php @@ -25,12 +25,6 @@ */ class Auth_OpenID_OpenIDStore { /** - * @var integer The length of the auth key that should be returned - * by the getAuthKey method. - */ - var $AUTH_KEY_LEN = 20; - - /** * This method puts an Association object into storage, * retrievable by server URL and handle. * @@ -145,22 +139,6 @@ class Auth_OpenID_OpenIDStore { } /** - * This method returns a key used to sign the tokens, to ensure - * that they haven't been tampered with in transit. It should - * return the same key every time it is called. The key returned - * should be {@link AUTH_KEY_LEN} bytes long. - * - * @return string The key. It should be {@link AUTH_KEY_LEN} bytes in - * length, and use the full range of byte values. That is, it - * should be treated as a lump of binary data stored in a string. - */ - function getAuthKey() - { - trigger_error("Auth_OpenID_OpenIDStore::getAuthKey ". - "not implemented", E_USER_ERROR); - } - - /** * This method must return true if the store is a dumb-mode-style * store. Unlike all other methods in this class, this one * provides a default implementation, which returns false. diff --git a/Auth/OpenID/MySQLStore.php b/Auth/OpenID/MySQLStore.php index 5f2bbc7..14a695c 100644 --- a/Auth/OpenID/MySQLStore.php +++ b/Auth/OpenID/MySQLStore.php @@ -41,16 +41,6 @@ class Auth_OpenID_MySQLStore extends Auth_OpenID_SQLStore { " PRIMARY KEY (server_url(255), handle)\n". ") TYPE=InnoDB"; - $this->sql['settings_table'] = - "CREATE TABLE %s (setting VARCHAR(128) UNIQUE PRIMARY KEY, ". - "value BLOB) TYPE=InnoDB"; - - $this->sql['create_auth'] = - "INSERT INTO %s VALUES ('auth_key', !)"; - - $this->sql['get_auth'] = - "SELECT value FROM %s WHERE setting = 'auth_key'"; - $this->sql['set_assoc'] = "REPLACE INTO %s VALUES (?, ?, !, ?, ?, ?)"; diff --git a/Auth/OpenID/PostgreSQLStore.php b/Auth/OpenID/PostgreSQLStore.php index 71270b7..cf0a5ef 100644 --- a/Auth/OpenID/PostgreSQLStore.php +++ b/Auth/OpenID/PostgreSQLStore.php @@ -33,17 +33,6 @@ class Auth_OpenID_PostgreSQLStore extends Auth_OpenID_SQLStore { "CONSTRAINT secret_length_constraint CHECK ". "(LENGTH(secret) <= 128))"; - $this->sql['settings_table'] = - "CREATE TABLE %s (setting VARCHAR(128) UNIQUE PRIMARY KEY, ". - "value BYTEA, ". - "CONSTRAINT value_length_constraint CHECK (LENGTH(value) <= 20))"; - - $this->sql['create_auth'] = - "INSERT INTO %s VALUES ('auth_key', '!')"; - - $this->sql['get_auth'] = - "SELECT value FROM %s WHERE setting = 'auth_key'"; - $this->sql['set_assoc'] = array( 'insert_assoc' => "INSERT INTO %s (server_url, handle, ". diff --git a/Auth/OpenID/SQLStore.php b/Auth/OpenID/SQLStore.php index 6c23932..2f775a1 100644 --- a/Auth/OpenID/SQLStore.php +++ b/Auth/OpenID/SQLStore.php @@ -33,9 +33,8 @@ require_once 'Auth/OpenID/Interface.php'; * logic common to all of the SQL stores. * * The table names used are determined by the class variables - * settings_table_name, associations_table_name, and - * nonces_table_name. To change the name of the tables used, pass new - * table names into the constructor. + * associations_table_name and nonces_table_name. To change the name + * of the tables used, pass new table names into the constructor. * * To create the tables with the proper schema, see the createTables * method. @@ -67,10 +66,6 @@ class Auth_OpenID_SQLStore extends Auth_OpenID_OpenIDStore { * connection handle or an instance of a subclass of * Auth_OpenID_DatabaseConnection. * - * @param string $settings_table This is an optional parameter to - * specify the name of the table used for this store's settings. - * The default value is 'oid_settings'. - * * @param associations_table: This is an optional parameter to * specify the name of the table used for storing associations. * The default value is 'oid_associations'. @@ -79,13 +74,12 @@ class Auth_OpenID_SQLStore extends Auth_OpenID_OpenIDStore { * the name of the table used for storing nonces. The default * value is 'oid_nonces'. */ - function Auth_OpenID_SQLStore($connection, $settings_table = null, + function Auth_OpenID_SQLStore($connection, $associations_table = null, $nonces_table = null) { global $__Auth_OpenID_PEAR_AVAILABLE; - $this->settings_table_name = "oid_settings"; $this->associations_table_name = "oid_associations"; $this->nonces_table_name = "oid_nonces"; @@ -112,10 +106,6 @@ class Auth_OpenID_SQLStore extends Auth_OpenID_OpenIDStore { $this->connection->setFetchMode(DB_FETCHMODE_ASSOC); } - if ($settings_table) { - $this->settings_table_name = $settings_table; - } - if ($associations_table) { $this->associations_table_name = $associations_table; } @@ -213,9 +203,6 @@ class Auth_OpenID_SQLStore extends Auth_OpenID_OpenIDStore { $this->connection->query(sprintf("DELETE FROM %s", $this->nonces_table_name)); - - $this->connection->query(sprintf("DELETE FROM %s", - $this->settings_table_name)); } /** @@ -229,9 +216,6 @@ class Auth_OpenID_SQLStore extends Auth_OpenID_OpenIDStore { $required_sql_keys = array( 'nonce_table', 'assoc_table', - 'settings_table', - 'get_auth', - 'create_auth', 'set_assoc', 'get_assoc', 'get_assocs', @@ -267,12 +251,6 @@ class Auth_OpenID_SQLStore extends Auth_OpenID_OpenIDStore { 'get_assoc', 'get_assocs', 'remove_assoc') - ), - array( - 'value' => $this->settings_table_name, - 'keys' => array('settings_table', - 'get_auth', - 'create_auth') ) ); @@ -308,10 +286,9 @@ class Auth_OpenID_SQLStore extends Auth_OpenID_OpenIDStore { $this->connection->autoCommit(true); $n = $this->create_nonce_table(); $a = $this->create_assoc_table(); - $s = $this->create_settings_table(); $this->connection->autoCommit(false); - if ($n && $a && $s) { + if ($n && $a) { return true; } else { return false; @@ -336,62 +313,6 @@ class Auth_OpenID_SQLStore extends Auth_OpenID_OpenIDStore { return true; } - function create_settings_table() - { - if (!$this->tableExists($this->settings_table_name)) { - $r = $this->connection->query($this->sql['settings_table']); - return $this->resultToBool($r); - } - return true; - } - - /** - * @access private - */ - function _get_auth() - { - return $this->connection->getOne($this->sql['get_auth']); - } - - /** - * @access private - */ - function _create_auth($str) - { - return $this->connection->query($this->sql['create_auth'], - array($str)); - } - - function getAuthKey() - { - $value = $this->_get_auth(); - if (!$value) { - $auth_key = - Auth_OpenID_CryptUtil::randomString($this->AUTH_KEY_LEN); - - $auth_key_s = $this->blobEncode($auth_key); - $this->_create_auth($auth_key_s); - } elseif ($this->isError($value)) { - trigger_error("Database error: " . $value->userinfo, - E_USER_WARNING); - return null; - } else { - $auth_key_s = $value; - $auth_key = $this->blobDecode($auth_key_s); - } - - $this->connection->commit(); - - if (strlen($auth_key) != $this->AUTH_KEY_LEN) { - $fmt = "Expected %d-byte string for auth key. Got key of length %d"; - trigger_error(sprintf($fmt, $this->AUTH_KEY_LEN, strlen($auth_key)), - E_USER_WARNING); - return null; - } - - return $auth_key; - } - /** * @access private */ diff --git a/Auth/OpenID/SQLiteStore.php b/Auth/OpenID/SQLiteStore.php index 81f7ce9..130f8fa 100644 --- a/Auth/OpenID/SQLiteStore.php +++ b/Auth/OpenID/SQLiteStore.php @@ -28,16 +28,6 @@ class Auth_OpenID_SQLiteStore extends Auth_OpenID_SQLStore { "secret BLOB(128), issued INTEGER, lifetime INTEGER, ". "assoc_type VARCHAR(64), PRIMARY KEY (server_url, handle))"; - $this->sql['settings_table'] = - "CREATE TABLE %s (setting VARCHAR(128) UNIQUE PRIMARY KEY, ". - "value BLOB(20))"; - - $this->sql['create_auth'] = - "INSERT INTO %s VALUES ('auth_key', ?)"; - - $this->sql['get_auth'] = - "SELECT value FROM %s WHERE setting = 'auth_key'"; - $this->sql['set_assoc'] = "INSERT OR REPLACE INTO %s VALUES (?, ?, ?, ?, ?, ?)"; diff --git a/Tests/Auth/OpenID/MemStore.php b/Tests/Auth/OpenID/MemStore.php index bbb056a..c9141f7 100644 --- a/Tests/Auth/OpenID/MemStore.php +++ b/Tests/Auth/OpenID/MemStore.php @@ -9,11 +9,10 @@ class Tests_Auth_OpenID_MemStore extends Auth_OpenID_OpenIDStore { var $assocs = null; var $nonces = null; - function Tests_Auth_OpenID_MemStore($auth_key=null) + function Tests_Auth_OpenID_MemStore() { $this->assocs = array(); $this->nonces = array(); - $this->auth_key = $auth_key; } function getKey($server_url, $handle) @@ -96,9 +95,4 @@ class Tests_Auth_OpenID_MemStore extends Auth_OpenID_OpenIDStore { $this->assocs = array(); $this->nonces = array(); } - - function getAuthKey() - { - return $this->auth_key; - } }
\ No newline at end of file diff --git a/Tests/Auth/OpenID/StoreTest.php b/Tests/Auth/OpenID/StoreTest.php index bbbaa66..32f13d3 100644 --- a/Tests/Auth/OpenID/StoreTest.php +++ b/Tests/Auth/OpenID/StoreTest.php @@ -317,24 +317,12 @@ explicitly'); // And using again has the same effect $this->_checkUseNonce($store, $nonce1, false, $url, 3); } - - // Auth key functions - - // There is no key to start with, so generate a new key and - // return it. - $key = $store->getAuthKey(); - - // The second time around should return the same as last time. - $key2 = $store->getAuthKey(); - $this->assertEquals($key, $key2, "Auth keys differ"); - $this->assertEquals(strlen($key), $store->AUTH_KEY_LEN, - "Key length not equals AUTH_KEY_LEN"); } function test_memstore() { require_once 'Tests/Auth/OpenID/MemStore.php'; - $store = new Tests_Auth_OpenID_MemStore('Bogus auth key '); + $store = new Tests_Auth_OpenID_MemStore(); $this->_testStore(&$store); $this->_testNonce(&$store); } |