function _openid_signature

Sign certain keys in a message

Parameters

$association - object loaded from openid_association or openid_server_association table:

  • important fields are ->assoc_type and ->mac_key

$message_array - array of entire message about to be sent:

$keys_to_sign - keys in the message to include in signature (without: 'openid.' appended)

4 calls to _openid_signature()
OpenIDFunctionalTestCase::testSignatureValidation in modules/openid/openid.test
Tests that openid.signed is verified.
OpenIDTestCase::testOpenidSignature in modules/openid/openid.test
Test _openid_signature().
openid_verify_assertion_signature in modules/openid/openid.module
Verify the signature of the response received from the OpenID provider.
_openid_test_endpoint_authenticate in modules/openid/tests/openid_test.module
OpenID endpoint; handle "authenticate" requests.

File

modules/openid/openid.inc, line 437

Code

function _openid_signature($association, $message_array, $keys_to_sign) {
    $signature = '';
    $sign_data = array();
    foreach ($keys_to_sign as $key) {
        if (isset($message_array['openid.' . $key])) {
            $sign_data[$key] = $message_array['openid.' . $key];
        }
    }
    $message = _openid_create_message($sign_data);
    $secret = base64_decode((string) $association->mac_key);
    $signature = _openid_hmac($secret, $message);
    return base64_encode($signature);
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.