| 1: | <?php |
| 2: | /* |
| 3: | * SimpleID |
| 4: | * |
| 5: | * Copyright (C) Kelvin Mo 2021-2025 |
| 6: | * |
| 7: | * This program is free software; you can redistribute it and/or |
| 8: | * modify it under the terms of the GNU General Public |
| 9: | * License as published by the Free Software Foundation; either |
| 10: | * version 2 of the License, or (at your option) any later version. |
| 11: | * |
| 12: | * This program is distributed in the hope that it will be useful, |
| 13: | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 14: | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| 15: | * General Public License for more details. |
| 16: | * |
| 17: | * You should have received a copy of the GNU General Public |
| 18: | * License along with this program; if not, write to the Free |
| 19: | * Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
| 20: | * |
| 21: | */ |
| 22: | |
| 23: | namespace SimpleID\Protocols\OpenID; |
| 24: | |
| 25: | use SimpleID\Protocols\ProtocolResult; |
| 26: | use SimpleID\Protocols\ProtocolResultTrait; |
| 27: | use SimpleID\Util\Events\BaseEvent; |
| 28: | |
| 29: | /** |
| 30: | * An event to process an OpenID authentication request. |
| 31: | * |
| 32: | * There are two kinds of OpenID authentication requests: |
| 33: | * |
| 34: | * - **Identifier requests.** These are standard authentication requests |
| 35: | * provided by the OpenID specifications. SimpleID processes these |
| 36: | * using the {@link SimpleID\Protocols\OpenID\OpenIDModule::openIDCheckIdentity()} |
| 37: | * methods, but listeners can modify the assertion result. |
| 38: | * - **Extension requests** The OpenID specifications also provides a mechanism |
| 39: | * for extensions to process authentication requests that are not about an identifier. |
| 40: | * |
| 41: | * Listeners can identify whether a request is an identifier request or an extension |
| 42: | * request by calling the {@link isExtensionRequest()} method. |
| 43: | * |
| 44: | * Listeners can examine the contents of the request, and whether a request |
| 45: | * is immediate (i.e. whether `openid.mode` is `checkid_immediate`) using |
| 46: | * the {@link getRequest()} and {@link isImmediate()} methods respectively. |
| 47: | * |
| 48: | * For identifier requests, the identifier that is subject to the request can |
| 49: | * be obtained from the {@link getRequestedIdentity()} method. |
| 50: | * |
| 51: | * The assertion result can be set using the {@link setResult()} method. |
| 52: | * The result must be one of the constants defined in |
| 53: | * {@link SimpleID\Protocols\ProtocolResult}. |
| 54: | * |
| 55: | * Note that for identifier requests, the standard processing |
| 56: | * (by {@link SimpleID\Protocols\OpenID\OpenIDModule::openIDCheckIdentity()}) |
| 57: | * occurs *after* these listeners are called. Therefore, attempts to retrieve |
| 58: | * the assertion result may return CHECKID_PROTOCOL_ERROR. |
| 59: | * |
| 60: | */ |
| 61: | class OpenIDCheckEvent extends BaseEvent implements ProtocolResult { |
| 62: | use ProtocolResultTrait; |
| 63: | |
| 64: | /** @var Request */ |
| 65: | protected $request; |
| 66: | |
| 67: | /** @var bool */ |
| 68: | protected $immediate; |
| 69: | |
| 70: | /** @var string|null */ |
| 71: | protected $identity = null; |
| 72: | |
| 73: | public function __construct(Request $request, bool $immediate, ?string $identity = null) { |
| 74: | $this->request = $request; |
| 75: | $this->immediate = $immediate; |
| 76: | $this->identity = $identity; |
| 77: | } |
| 78: | |
| 79: | /** |
| 80: | * Returns the OpenID request. |
| 81: | * |
| 82: | * @return \SimpleID\Protocols\OpenID\Request the OpenID request |
| 83: | */ |
| 84: | public function getRequest() { |
| 85: | return $this->request; |
| 86: | } |
| 87: | |
| 88: | /** |
| 89: | * Returns whether the request is immediate |
| 90: | * (i.e. whether `openid.mode` is `checkid_immediate`) |
| 91: | * |
| 92: | * @return bool true if the request is immediate |
| 93: | */ |
| 94: | public function isImmediate() { |
| 95: | return $this->immediate; |
| 96: | } |
| 97: | |
| 98: | /** |
| 99: | * Returns whether the request is an extension request. |
| 100: | * If the request is not an extension request, it is a standard |
| 101: | * identifier request. |
| 102: | * |
| 103: | * @return bool true if the request is an extension request |
| 104: | */ |
| 105: | public function isExtensionRequest() { |
| 106: | return ($this->identity == null); |
| 107: | } |
| 108: | |
| 109: | /** |
| 110: | * Returns the identifier that is subject to the request. |
| 111: | * If the request is an extension request, this method returns |
| 112: | * null |
| 113: | * |
| 114: | * @return string the OpenID identifier |
| 115: | */ |
| 116: | public function getRequestedIdentity() { |
| 117: | return $this->identity; |
| 118: | } |
| 119: | } |
| 120: | |
| 121: | ?> |