From dd499f6ddc70491efa3e763266e5ce2e837782b7 Mon Sep 17 00:00:00 2001 From: Olav Morken <olav.morken@uninett.no> Date: Wed, 10 Feb 2010 13:03:50 +0000 Subject: [PATCH] openidProvider: OpenID 2.0 support. git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2168 44740490-163a-0410-bde0-09ae8108e29a --- modules/openidProvider/lib/Server.php | 8 +++++--- modules/openidProvider/templates/user.tpl.php | 6 ++++-- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/modules/openidProvider/lib/Server.php b/modules/openidProvider/lib/Server.php index 874bb514f..3f95298f4 100644 --- a/modules/openidProvider/lib/Server.php +++ b/modules/openidProvider/lib/Server.php @@ -80,7 +80,7 @@ class sspmod_openidProvider_Server { SimpleSAML_Utilities::maskErrors(E_WARNING | E_STRICT); try { $store = new Auth_OpenID_FileStore($config->getString('filestore')); - $this->server = new Auth_OpenID_Server($store); + $this->server = new Auth_OpenID_Server($store, $this->getServerURL()); } catch (Exception $e) { SimpleSAML_Utilities::popErrorMask(); throw $e; @@ -378,7 +378,9 @@ class sspmod_openidProvider_Server { } $identity = $this->getIdentity(); - if ($identity !== $request->identity) { + assert('$identity !== FALSE'); /* Should always be logged in here. */ + + if (!$request->idSelect() && $identity !== $request->identity) { /* The identity in the request doesn't match the one of the logged in user. */ throw new SimpleSAML_Error_Exception('Logged in as different user than the one requested.'); } @@ -403,7 +405,7 @@ class sspmod_openidProvider_Server { } /* The user is authenticated, and trusts this site. */ - $this->sendResponse($request->answer(TRUE)); + $this->sendResponse($request->answer(TRUE, NULL, $identity)); } diff --git a/modules/openidProvider/templates/user.tpl.php b/modules/openidProvider/templates/user.tpl.php index e7c44aa33..863062c6e 100644 --- a/modules/openidProvider/templates/user.tpl.php +++ b/modules/openidProvider/templates/user.tpl.php @@ -15,8 +15,10 @@ if ($userId !== FALSE) { $title = $this->t('{openidProvider:openidProvider:title_no_user}'); } -$serverLink = '<link rel="openid.server" href="' . htmlspecialchars($serverURL) . '" />'; -$delegateLink = '<link rel="openid.delegate" href="' . htmlspecialchars($userIdURL) . '" />'; +$serverLink = '<link rel="openid.server" href="' . htmlspecialchars($serverURL) . '" />' . "\n"; +$serverLink .= '<link rel="openid2.provider" href="' . htmlspecialchars($serverURL) . '" />'; +$delegateLink = '<link rel="openid.delegate" href="' . htmlspecialchars($userIdURL) . '" />' . "\n"; +$delegateLink .= '<link rel="openid2.local_id" href="' . htmlspecialchars($userIdURL) . '" />'; $this->data['header'] = $title; $this->data['head'] = $serverLink; -- GitLab