Documentation & API reference
function _openid_signature
Sign certain keys in a message
Parameters
$association - object loaded from openid_association or openid_server_association table:
- important fields are ->assoc_type and ->mac_key
$message_array - array of entire message about to be sent:
$keys_to_sign - keys in the message to include in signature (without: 'openid.' appended)
4 calls to _openid_signature()
- OpenIDFunctionalTestCase::testSignatureValidation in drupal/
modules/ openid/ openid.test - Tests that openid.signed is verified.
- OpenIDTestCase::testOpenidSignature in drupal/
modules/ openid/ openid.test - Test _openid_signature().
- openid_verify_assertion_signature in drupal/
modules/ openid/ openid.module - Verify the signature of the response received from the OpenID provider.
- _openid_test_endpoint_authenticate in drupal/
modules/ openid/ tests/ openid_test.module - OpenID endpoint; handle "authenticate" requests.
File
- drupal/
modules/ openid/ openid.inc, line 436 - OpenID utility functions.
Code
function _openid_signature($association, $message_array, $keys_to_sign) {
$signature = '';
$sign_data = array();
foreach ($keys_to_sign as $key) {
if (isset($message_array['openid.' . $key])) {
$sign_data[$key] = $message_array['openid.' . $key];
}
}
$message = _openid_create_message($sign_data);
$secret = base64_decode($association->mac_key);
$signature = _openid_hmac($secret, $message);
return base64_encode($signature);
}