PhpRiot
Follow phpriot on Twitter
Sponsored Link
Become Zend Certified

Prepare for the ZCE exam using our quizzes (web or iPad/iPhone). More info...

When you're ready get 7.5% off your exam voucher using voucher CJQNOV23 at the Zend Store
Reference Material
Free iPad/iPhone App
Available on the App Store
  • PHP manual
  • Zend Framework manual
  • Smarty manual
  • PHP articles
  • PHP training
Latest Articles

Using as part of Zend_Auth

In order to use the component as part of the Zend_Auth authentication system, you must use the provided Zend_Auth_Adapter_InfoCard to do so (not available in the standalone Zend_InfoCard distribution). An example of its usage is shown below:


<?php
if (isset($_POST['xmlToken'])) {

    $adapter = new Zend_Auth_Adapter_InfoCard($_POST['xmlToken']);

    $adapter->addCertificatePair('/usr/local/Zend/apache2/conf/server.key',
                                 '/usr/local/Zend/apache2/conf/server.crt');

    $auth Zend_Auth::getInstance();

    $result $auth->authenticate($adapter);

    switch ($result->getCode()) {
        case Zend_Auth_Result::SUCCESS:
            $claims $result->getIdentity();
            print "Given Name: {$claims->givenname}<br />";
            print "Surname: {$claims->surname}<br />";
            print "Email Address: {$claims->emailaddress}<br />";
            print "PPI: {$claims->getCardID()}<br />";
            break;
        case Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID:
            print "The Credential you provided did not pass validation";
            break;
        default:
        case Zend_Auth_Result::FAILURE:
            print "There was an error processing your credentials.";
            break;
    }

    if (count($result->getMessages()) > 0) {
        print "<pre>";
        var_dump($result->getMessages());
        print "</pre>";
    }

}
?>
<hr />
<div id="login" style="font-family: arial; font-size: 2em;">
<p>Simple Login Demo</p>
 <form method="post">
  <input type="submit" value="Login" />
   <object type="application/x-informationCard" name="xmlToken">
    <param name="tokenType"
          value="urn:oasis:names:tc:SAML:1.0:assertion" />
    <param name="requiredClaims"
          value="http://.../claims/givenname
                 http://.../claims/surname
                 http://.../claims/emailaddress
                 http://.../claims/privatepersonalidentifier" />
  </object>
 </form>
</div>

In the example above, we first create an instance of the Zend_Auth_Adapter_InfoCard and pass the XML data posted by the card selector into it. Once an instance has been created you must then provide at least one SSL certificate public/private key pair used by the web server that received the HTTP POST. These files are used to validate the destination of the information posted to the server and are a requirement when using Information Cards.

Once the adapter has been configured, you can then use the standard Zend_Auth facilities to validate the provided information card token and authenticate the user by examining the identity provided by the getIdentity() method.

Basic Theory of Usage
Using the Zend_InfoCard...

Zend Framework

Introduction: