/** * Generates an association from an request * * @param PSX\OpenId\Provider\Data\AssociationRequest $request * @return PSX\OpenId\Provider\Association */ public function generate(AssociationRequest $request) { // generate secret switch ($request->getAssocType()) { case 'HMAC-SHA1': $secret = ProviderAbstract::randomBytes(20); $macFunc = 'SHA1'; break; case 'HMAC-SHA256': $secret = ProviderAbstract::randomBytes(32); $macFunc = 'SHA256'; break; default: throw new InvalidDataException('Invalid association type'); break; } // generate dh switch ($request->getSessionType()) { case 'no-encryption': // $secret = base64_encode($secret); // $this->macKey = $secret; throw new InvalidDataException('no-encryption not supported'); break; case 'DH-SHA1': $dh = ProviderAbstract::generateDh($request->getDhGen(), $request->getDhModulus(), $request->getDhConsumerPublic(), $macFunc, $secret); $this->dhServerPublic = $dh['pubKey']; $this->encMacKey = $dh['macKey']; break; case 'DH-SHA256': $dh = ProviderAbstract::generateDh($request->getDhGen(), $request->getDhModulus(), $request->getDhConsumerPublic(), $macFunc, $secret); $this->dhServerPublic = $dh['pubKey']; $this->encMacKey = $dh['macKey']; break; default: throw new InvalidDataException('Invalid association type'); break; } $this->assocHandle = ProviderAbstract::generateHandle(); $this->secret = base64_encode($secret); $this->macFunc = $macFunc; $assoc = new Association(); $assoc->setAssocHandle($this->assocHandle); $assoc->setAssocType($request->getAssocType()); $assoc->setSessionType($request->getSessionType()); $assoc->setSecret($this->secret); return $assoc; }