PhpRiot
Become Zend Certified

Prepare for the ZCE exam using our quizzes (web or iPad/iPhone). More info...


When you're ready get 7.5% off your exam voucher using voucher CJQNOV23 at the Zend Store

Using as part of Zend_Auth

In order to use the component as part of the Zend_Auth authentication system, you must use the provided Zend_Auth_Adapter_InfoCard to do so (not available in the standalone Zend_InfoCard distribution). An example of its usage is shown below:


<?php
if (isset($_POST['xmlToken'])) {

    
$adapter = new Zend_Auth_Adapter_InfoCard($_POST['xmlToken']);

    
$adapter->addCertificatePair('/usr/local/Zend/apache2/conf/server.key',
                                 
'/usr/local/Zend/apache2/conf/server.crt');

    
$auth Zend_Auth::getInstance();

    
$result $auth->authenticate($adapter);

    switch (
$result->getCode()) {
        case 
Zend_Auth_Result::SUCCESS:
            
$claims $result->getIdentity();
            print 
"Given Name: {$claims->givenname}<br />";
            print 
"Surname: {$claims->surname}<br />";
            print 
"Email Address: {$claims->emailaddress}<br />";
            print 
"PPI: {$claims->getCardID()}<br />";
            break;
        case 
Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID:
            print 
"The Credential you provided did not pass validation";
            break;
        default:
        case 
Zend_Auth_Result::FAILURE:
            print 
"There was an error processing your credentials.";
            break;
    }

    if (
count($result->getMessages()) > 0) {
        print 
"<pre>";
        
var_dump($result->getMessages());
        print 
"</pre>";
    }

}
?>
<hr />
<div id="login" style="font-family: arial; font-size: 2em;">
<p>Simple Login Demo</p>
 <form method="post">
  <input type="submit" value="Login" />
   <object type="application/x-informationCard" name="xmlToken">
    <param name="tokenType"
          value="urn:oasis:names:tc:SAML:1.0:assertion" />
    <param name="requiredClaims"
          value="http://.../claims/givenname
                 http://.../claims/surname
                 http://.../claims/emailaddress
                 http://.../claims/privatepersonalidentifier" />
  </object>
 </form>
</div>

In the example above, we first create an instance of the Zend_Auth_Adapter_InfoCard and pass the XML data posted by the card selector into it. Once an instance has been created you must then provide at least one SSL certificate public/private key pair used by the web server that received the HTTP POST. These files are used to validate the destination of the information posted to the server and are a requirement when using Information Cards.

Once the adapter has been configured, you can then use the standard Zend_Auth facilities to validate the provided information card token and authenticate the user by examining the identity provided by the getIdentity() method.

Zend Framework