From dd499f6ddc70491efa3e763266e5ce2e837782b7 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Wed, 10 Feb 2010 13:03:50 +0000
Subject: [PATCH] openidProvider: OpenID 2.0 support.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2168 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/openidProvider/lib/Server.php         | 8 +++++---
 modules/openidProvider/templates/user.tpl.php | 6 ++++--
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/modules/openidProvider/lib/Server.php b/modules/openidProvider/lib/Server.php
index 874bb514f..3f95298f4 100644
--- a/modules/openidProvider/lib/Server.php
+++ b/modules/openidProvider/lib/Server.php
@@ -80,7 +80,7 @@ class sspmod_openidProvider_Server {
 		SimpleSAML_Utilities::maskErrors(E_WARNING | E_STRICT);
 		try {
 			$store = new Auth_OpenID_FileStore($config->getString('filestore'));
-			$this->server = new Auth_OpenID_Server($store);
+			$this->server = new Auth_OpenID_Server($store, $this->getServerURL());
 		} catch (Exception $e) {
 			SimpleSAML_Utilities::popErrorMask();
 			throw $e;
@@ -378,7 +378,9 @@ class sspmod_openidProvider_Server {
 		}
 
 		$identity = $this->getIdentity();
-		if ($identity !== $request->identity) {
+		assert('$identity !== FALSE'); /* Should always be logged in here. */
+
+		if (!$request->idSelect() && $identity !== $request->identity) {
 			/* The identity in the request doesn't match the one of the logged in user. */
 			throw new SimpleSAML_Error_Exception('Logged in as different user than the one requested.');
 		}
@@ -403,7 +405,7 @@ class sspmod_openidProvider_Server {
 		}
 
 		/* The user is authenticated, and trusts this site. */
-		$this->sendResponse($request->answer(TRUE));
+		$this->sendResponse($request->answer(TRUE, NULL, $identity));
 	}
 
 
diff --git a/modules/openidProvider/templates/user.tpl.php b/modules/openidProvider/templates/user.tpl.php
index e7c44aa33..863062c6e 100644
--- a/modules/openidProvider/templates/user.tpl.php
+++ b/modules/openidProvider/templates/user.tpl.php
@@ -15,8 +15,10 @@ if ($userId !== FALSE) {
 	$title = $this->t('{openidProvider:openidProvider:title_no_user}');
 }
 
-$serverLink = '<link rel="openid.server" href="' . htmlspecialchars($serverURL) . '" />';
-$delegateLink = '<link rel="openid.delegate" href="' . htmlspecialchars($userIdURL) . '" />';
+$serverLink = '<link rel="openid.server" href="' . htmlspecialchars($serverURL) . '" />' . "\n";
+$serverLink .= '<link rel="openid2.provider" href="' . htmlspecialchars($serverURL) . '" />';
+$delegateLink = '<link rel="openid.delegate" href="' . htmlspecialchars($userIdURL) . '" />' . "\n";
+$delegateLink .= '<link rel="openid2.local_id" href="' . htmlspecialchars($userIdURL) . '" />';
 
 $this->data['header'] = $title;
 $this->data['head'] = $serverLink;
-- 
GitLab