Thread: Zend OpenID Provider DB Storage

I've cobbled together a basic db storage class. But something seems to go wrong with either the getAssociation() or addAssociation() functions. If I pass on storage of the associations to the file storage class everything works well and I can successfully authenticate on my consumer website. Here's the code, would appreciate it if someone could have a gander:

[PHP]<?php

/**
* External storage of OpenID accounts in a database
*
*/
class Blah_OpenId_Provider_Storage_Db extends Zend_OpenId_Provider_Storage
{
/**
* The table for storing user logins
* @var Zend_Db_Table $_usersTable
*/
private $_usersTable;
/**
* The table for storing trusted/untrusted sites
* @var Zend_Db_Table $_sitesTable
*/
private $_sitesTable;
/**
* The table for storing OpenID associations
* @var Zend_Db_Table $_associationsTable;
*/
private $_associationsTable;
/**
* File storage object being used for debugging
* @var Zend_OpenId_Provider_Storage_File $_fileStorage
*/
private $_fileStorage;

/**
* Creates storage object
*
* @param Zend_Db_Table $usersTable
* @param Zend_Db_Table $sitesTable
* @param Zend_Db_Table $associationsTable
*/
public function __construct($usersTable, $sitesTable, $associationsTable)
{
$this->_usersTable = $usersTable;
$this->_sitesTable = $sitesTable;
$this->_associationsTable = $associationsTable;
$this->_fileStorage = new Zend_OpenId_Provider_Storage_File();
}

/**
* Stores information about session identified by $handle
*
* @param string $handle assiciation handle
* @param string $macFunc HMAC function (sha1 or sha256)
* @param string $secret shared secret
* @param string $expires expiration UNIX time
* @return void
*/
public function addAssociation($handle, $macFunc, $secret, $expires)
{
//return $this->_fileStorage->addAssociation($handle, $macFunc, $secret, $expires); // this works

$row = $this->_associationsTable->createRow();
$row->handle = $handle;
$row->mac_func = $macFunc;
$row->secret = base64_encode($secret);
$row->expires = $expires;
$row->save();
return true;
}

/**
* Gets information about association identified by $handle
* Returns true if given association found and not expired and false
* otherwise
*
* @param string $handle association handle
* @param string &$macFunc HMAC function (sha1 or sha256)
* @param string &$secret shared secret
* @param string &$expires expiration UNIX time
* @return bool
*/
public function getAssociation($handle, &$macFunc, &$secret, &$expires)
{
//return $this->_fileStorage->getAssociation($handle, $macFunc, $secret, $expires); // this works

if($row == null) return false;
if($row->expires < time()) return false;

$macFunc = $row->mac_func;
$secret = base64_decode($row->secret);
$expires = $row->expires;

return true;
}

/**
* Register new user with given $id and $password
* Returns true in case of success and false if user with given $id already
* exists
*
* @param string $id user identity URL
* @param string $password encoded user password
* @return bool
*/
public function addUser($id, $password)
{
$user = array
(
'id' => $id,
'password' => $password
);

if($this->hasUser($id)) return false;
else $this->_usersTable->insert($user);
return true;
}

/**
* Returns true if user with given $id exists and false otherwise
*
* @param string $id user identity URL
* @return bool
*/
public function hasUser($id)
{
$row = $this->_usersTable->find($id)->getRow(0);

return !($row == null);
}

/**
* Verify if user with given $id exists and has specified $password
*
* @param string $id user identity URL
* @param string $password user password
* @return bool
*/
public function checkUser($id, $password)
{
$select = $this->_usersTable->select()
->where('id = ?', $id)
->where('password = ?', $password);

$row = $this->_usersTable->fetchRow($select);

return !($row == null);
}

/**
* Returns array of all trusted/untrusted sites for given user identified
* by $id
*
* @param string $id user identity URL
* @return array
*/
public function getTrustedSites($id)
{
$select = $this->_sitesTable->select()->where('openid = ?', $id);

$rows = $this->_sitesTable->fetchAll($select);

return $rows->toArray();
}

/**
* Stores information about trusted/untrusted site for given user
*
* @param string $id user identity URL
* @param string $site site URL
* @param mixed $trusted trust data from extensions or just a boolean value
* @return bool
*/
public function addSite($id, $site, $trusted)
{
$row = $this->_sitesTable->createRow();
$row->openid = $id;
$row->site = $site;
$row->time = date('Y-m-d H:i:s O');
$row->trusted = $trusted;
$row->save();
return true;
}
}
[/PHP]

The associations table is in PostgreSQL and is set up like so:

Code:

CREATE TABLE associations
(
  handle character varying(255) NOT NULL,
  secret character varying(255) NOT NULL,
  mac_func character(16) NOT NULL,
  expires integer NOT NULL,
  CONSTRAINT associations_primary PRIMARY KEY (handle)
)

Thanks in advance for any suggestions.

I realize the post is quite old, but I'm wondering if you had any luck or just gave up?

If I remember correctly, the problem was some extra spaces around $macFunc which I fixed by trimming it.

The full class is here: https://github.com/lboynton/Zend-Fra...Storage/Db.php