PhpRiot
Become Zend Certified

Prepare for the ZCE exam using our quizzes (web or iPad/iPhone). More info...


When you're ready get 7.5% off your exam voucher using voucher CJQNOV23 at the Zend Store

Simple Registration Extension

Again, the code before the <html> tag is just a trick to demonstrate functionality. It creates a new user account and associates it with a profile (nickname and password). Such tricks aren't needed in deployed providers where end users register on OpenID servers and fill in their profiles. Implementing this GUI is out of scope for this manual.

Example 655. Identity with Profile


<?php
define
("TEST_SERVER"Zend_OpenId::absoluteURL("example-10.php"));
define("TEST_ID"Zend_OpenId::selfURL());
define("TEST_PASSWORD""123");
$server = new Zend_OpenId_Provider();
if (!
$server->hasUser(TEST_ID)) {
    
$server->register(TEST_IDTEST_PASSWORD);
    
$server->login(TEST_IDTEST_PASSWORD);
    
$sreg = new Zend_OpenId_Extension_Sreg(array(
        
'nickname' =>'test',
        
'email' => 'test@test.com'
    
));
    
$root Zend_OpenId::absoluteURL(".");
    
Zend_OpenId::normalizeUrl($root);
    
$server->allowSite($root$sreg);
    
$server->logout();
}
?>
<html>
<head>
<link rel="openid.server" href="<?php echo TEST_SERVER;?>" />
</head>
<body>
<?php echo TEST_ID;?>
</body>
</html>

You should now pass this identity to the OpenID-enabled web site (use the Simple Registration Extension example from the previous section), and it should use the following OpenID server script.

This script is a variation of the script in the "Everything Together" example. It uses the same automatic login mechanism, but doesn't contain any code for a trust page. The user already trusts the example scripts forever. This trust was established by calling the Zend_OpenId_Provider::allowSite() method in the identity script. The same method associates the profile with the trusted URL. This profile will be returned automatically for a request from the trusted URL.

To make Simple Registration Extension work, you must simply pass an instance of Zend_OpenId_Extension_Sreg as the second argument to the Zend_OpenId_Provider::handle() method.

Example 656. Provider with SREG

<?php
$server 
= new Zend_OpenId_Provider();
$sreg = new Zend_OpenId_Extension_Sreg();

define("TEST_ID"Zend_OpenId::absoluteURL("example-10-id.php"));
define("TEST_PASSWORD""123");

if (
$_SERVER['REQUEST_METHOD'] == 'GET' &&
    isset(
$_GET['openid_action']) &&
    
$_GET['openid_action'] === 'login') {
    
$server->login(TEST_IDTEST_PASSWORD);
    unset(
$_GET['openid_action']);
    
Zend_OpenId::redirect(Zend_OpenId::selfUrl(), $_GET);
} else if (
$_SERVER['REQUEST_METHOD'] == 'GET' &&
    isset(
$_GET['openid_action']) &&
    
$_GET['openid_action'] === 'trust') {
   echo 
"UNTRUSTED DATA" ;
} else {
    
$ret $server->handle(null$sreg);
    if (
is_string($ret)) {
        echo 
$ret;
    } else if (
$ret !== true) {
        
header('HTTP/1.0 403 Forbidden');
        echo 
'Forbidden';
    }
}

Zend Framework