Become Zend Certified

Prepare for the ZCE exam using our quizzes (web or iPad/iPhone). More info...

When you're ready get 7.5% off your exam voucher using voucher CJQNOV23 at the Zend Store

Working with a Claims object

Regardless of whether the Zend_InfoCard component is used as a standalone component or as part of Zend_Auth via Zend_Auth_Adapter_InfoCard, the ultimate result of the processing of an information card is a Zend_InfoCard_Claims object. This object contains the assertions (a.k.a. claims) made by the submitting user based on the data requested by your web site when the user authenticated. As shown in the examples above, the validity of the information card can be ascertained by calling the Zend_InfoCard_Claims::isValid() method. Claims themselves can either be retrieved by simply accessing the identifier desired (i.e. givenname) as a property of the object or through the getClaim() method.

In most cases you will never need to use the getClaim() method. However, if your requiredClaims mandate that you request claims from multiple different sources/namespaces then you will need to extract them explicitly using this method (simply pass it the full URI of the claim to retrieve its value from within the information card). Generally speaking however, the Zend_InfoCard component will set the default URI for claims to be the one used the most frequently within the information card itself and the simplified property-access method can be used.

As part of the validation process, it is the developer's responsibility to examine the issuing source of the claims contained within the information card and to decide if that source is a trusted source of information. To do so, the getIssuer() method is provided within the Zend_InfoCard_Claims object which returns the URI of the issuer of the information card claims.

Zend Framework