diff options
| author | tailor <cygnus@janrain.com> | 2007-03-02 22:05:01 +0000 |
|---|---|---|
| committer | tailor <cygnus@janrain.com> | 2007-03-02 22:05:01 +0000 |
| commit | 2b5aa0514a134bb1d369b0af466ec9591d5c679d (patch) | |
| tree | c2679b8229a80326829ae14684cb2f2252c243b6 /Auth | |
| parent | 02553fb670e86d7310328e85fcd4e122403117cc (diff) | |
| download | php-openid-2b5aa0514a134bb1d369b0af466ec9591d5c679d.zip php-openid-2b5aa0514a134bb1d369b0af466ec9591d5c679d.tar.gz php-openid-2b5aa0514a134bb1d369b0af466ec9591d5c679d.tar.bz2 | |
[project @ Make check_authentication handle signed ns field properly]
Diffstat (limited to 'Auth')
| -rw-r--r-- | Auth/OpenID/Consumer.php | 34 |
1 files changed, 27 insertions, 7 deletions
diff --git a/Auth/OpenID/Consumer.php b/Auth/OpenID/Consumer.php index b944252..76f2ae2 100644 --- a/Auth/OpenID/Consumer.php +++ b/Auth/OpenID/Consumer.php @@ -1126,18 +1126,38 @@ class Auth_OpenID_GenericConsumer { $whitelist = array('assoc_handle', 'sig', 'signed', 'invalidate_handle'); - $signed = array_merge(explode(",", $signed), $whitelist); - $check_args = array(); - foreach ($message->toPostArgs() as $key => $value) { - if (in_array(substr($key, 7), $signed)) { - $check_args[$key] = $value; + foreach ($whitelist as $k) { + $val = $message->getArg(Auth_OpenID_OPENID_NS, $k); + if ($val !== null) { + $check_args[$k] = $val; + } + } + + $signed = $message->getArg(Auth_OpenID_OPENID_NS, + 'signed'); + + if ($signed) { + foreach (explode(',', $signed) as $k) { + if ($k == 'ns') { + $check_args['ns'] = $message->getOpenIDNamespace(); + continue; + } + + if (!$message->hasKey(Auth_OpenID_OPENID_NS, + $k)) { + return null; + } + + $val = $message->getArg(Auth_OpenID_OPENID_NS, + $k); + $check_args[$k] = $val; } } - $check_args['openid.mode'] = 'check_authentication'; - return Auth_OpenID_Message::fromPostArgs($check_args); + $check_args['mode'] = 'check_authentication'; + return Auth_OpenID_Message::fromOpenIDArgs($check_args); } /** |