Filter to authenticate against TypeKey.
The filter deals with the validation of information returned by the TypeKey server in response to a login command.
Specifications: http://www.sixapart.com/typekey/api
In order to access a protected page, user logs in by using a request like:
The application link (eg. http://example.com) must be registered in the TypeKey preferences page (https://www.typekey.com/t/typekey/prefs) in one of the 5 lines from "Your Weblog Preferences", otherwise TypeKey will not accept the login request.
The link returned by TypeKey after user logs in with his TypeKey username and password looks like this:
Example of use (authentication + input form):
Another method, which doesn't use JavaScript, is using an intermediary page which saves the token in the session, then calls the TypeKey login page:
To be able to get the email address of the user, need_email must be set to a value different than 0 in the initial request sent to the TypeKey server (along with the t and _return values). Example:
The $data array contains name (TypeKey username), nick (TypeKey display name) and optionally email (if the user allowed the sharing of his email address in the TypeKey profile page; otherwise it is not set).
Source for this file: /Authentication/src/filters/typekey/typekey_filter.php
ezcAuthenticationFilter | --ezcAuthenticationTypekeyFilter
Version: | //autogen// |
STATUS_SIGNATURE_EXPIRED
= 3
|
Login is outside of the timeframe. |
STATUS_SIGNATURE_INCORRECT
= 2
|
Signature verification was incorect. |
STATUS_SIGNATURE_MISSING
= 1
|
The request does not contain the needed information (like $_GET['sig']). |
From ezcAuthenticationFilter: | |
---|---|
ezcAuthenticationFilter::STATUS_OK
|
Successful authentication. |
ezcAuthenticationBignumLibrary | read/write |
$lib
The wrapper for the PHP extension to use for big number operations. This will be autodetected in the constructor, but you can specify your own wrapper before calling run(). |
protected array(string=>mixed) |
$data
= array()
Holds the extra data fetched during the authentication process. Contains name (TypeKey username), nick (TypeKey display name) and optionally email (if the user allowed the sharing of his email address in the TypeKey profile page; otherwise it is not set). Usually it has this structure:
|
From ezcAuthenticationFilter | |
---|---|
protected |
ezcAuthenticationFilter::$options
|
public ezcAuthenticationTypekeyFilter |
__construct(
[ $options
= null] )
Creates a new object of this class. |
protected bool |
checkSignature(
$msg
, $r
, $s
, $keys
)
Checks the information returned by the TypeKey server. |
public array(string=>mixed) |
fetchData(
)
Returns the extra data which was fetched during the authentication process. |
protected array(string=>string) |
fetchPublicKeys(
$file
)
Fetches the public keys from the specified file or URL $file. |
public void |
registerFetchData(
[ $data
= array()] )
Registers the extra data which will be fetched by the filter during the authentication process. |
public int |
run(
$credentials
)
Runs the filter and returns a status code when finished. |
From ezcAuthenticationFilter | |
---|---|
public ezcAuthenticationFilterOptions |
ezcAuthenticationFilter::getOptions()
Returns the options of this class. |
public abstract int |
ezcAuthenticationFilter::run()
Runs the filter and returns a status code when finished. |
public void |
ezcAuthenticationFilter::setOptions()
Sets the options of this class to $options. |
Creates a new object of this class.
Name | Type | Description |
---|---|---|
$options |
ezcAuthenticationTypekeyOptions | Options for this class |
Type | Description |
---|---|
ezcBaseExtensionNotFoundException |
if neither of the PHP gmp and bcmath extensions are installed |
Checks the information returned by the TypeKey server.
Name | Type | Description |
---|---|---|
$msg |
string | Plain text signature which needs to be verified |
$r |
string | First part of the signature retrieved from TypeKey |
$s |
string | Second part of the signature retrieved from TypeKey |
$keys |
array(string=>string) | Public keys retrieved from TypeKey |
Returns the extra data which was fetched during the authentication process.
The TypeKey extra data is an array containing the values for name (the TypeKey username), nick (the TypeKey display name) and email (the email address of the user, fetched only if the initial request to the TypeKey server contains need_email, and the user allowed the sharing of his email address).
Example of returned array:
Method | Description |
---|---|
ezcAuthenticationDataFetch::fetchData() |
Returns the extra data fetched during the authentication process. |
Fetches the public keys from the specified file or URL $file.
The file must be composed of space-separated values for p, g, q, and pub_key, like this: p=<value> g=<value> q=<value> pub_key=<value>
The format of the returned array is:
Name | Type | Description |
---|---|---|
$file |
string | The public keys file or URL |
Type | Description |
---|---|
ezcAuthenticationTypekeyPublicKeysInvalidException |
if the keys fetched from the TypeKey public keys file are invalid |
ezcAuthenticationTypekeyPublicKeysMissingException |
if the keys from the TypeKey public keys file could not be fetched |
Registers the extra data which will be fetched by the filter during the authentication process.
For TypeKey there is no registration needed, because all the possible extra data is available in the response sent by the TypeKey server. So a call to this function is not needed.
To be able to get the email address of the user, need_email must be set to a value different than 0 in the initial request sent to the TypeKey server (along with the t and _return values).
Name | Type | Description |
---|---|---|
$data |
array(string) | A list of attributes to fetch during authentication |
Method | Description |
---|---|
ezcAuthenticationDataFetch::registerFetchData() |
Registers which extra data to fetch during the authentication process. |
Runs the filter and returns a status code when finished.
Name | Type | Description |
---|---|---|
$credentials |
ezcAuthenticationIdCredentials | Authentication credentials |
Type | Description |
---|---|
ezcAuthenticationTypekeyException |
if the keys from the TypeKey public keys file could not be fetched |
Method | Description |
---|---|
ezcAuthenticationFilter::run() |
Runs the filter and returns a status code when finished. |