[project @ Auth_OpenID_CheckIDRequest::fromMessage: return Auth_OpenID_ServerError if claimed_id is provided without identity]

author: Kevin Turner <kevin@janrain.com> 2008-06-04 22:45:48 +0000
committer: Kevin Turner <kevin@janrain.com> 2008-06-04 22:45:48 +0000
commit: 628e0bcda99f997a1ffe2b1f983a705efcbdadca (patch)
tree: c4182f4bf3166d507d5182a95000e38d8aab6879 /Auth
parent: fe580046be183271d74a2286b5f67a9507944600 (diff)
download: php-openid-628e0bcda99f997a1ffe2b1f983a705efcbdadca.zip
php-openid-628e0bcda99f997a1ffe2b1f983a705efcbdadca.tar.gz
php-openid-628e0bcda99f997a1ffe2b1f983a705efcbdadca.tar.bz2
1 files changed, 14 insertions, 15 deletions
diff --git a/Auth/OpenID/Server.php b/Auth/OpenID/Server.php
index 7c56805..5f9d52d 100644
--- a/Auth/OpenID/Server.php
+++ b/Auth/OpenID/Server.php
@@ -836,23 +836,22 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request {
 
         $identity = $message->getArg(Auth_OpenID_OPENID_NS,
                                      'identity');
-
-        if ($identity && $message->isOpenID2()) {
-            $claimed_id = $message->getArg(Auth_OpenID_OPENID_NS,
-                                           'claimed_id');
-            if (!$claimed_id) {
-                return new Auth_OpenID_ServerError($message,
-                  "OpenID 2.0 message contained openid.identity " .
-                  "but not claimed_id");
+        $claimed_id = $message->getArg(Auth_OpenID_OPENID_NS, 'claimed_id');
+        if ($message->isOpenID1()) {
+            if ($identity === null) {
+                $s = "OpenID 1 message did not contain openid.identity";
+                return new Auth_OpenID_ServerError($message, $s);
             }
         } else {
-            $claimed_id = null;
-        }
-
-        if (($identity === null) &&
-            ($namespace == Auth_OpenID_OPENID1_NS)) {
-            return new Auth_OpenID_ServerError($message,
-              "OpenID 1 message did not contain openid.identity");
+            if ($identity && !$claimed_id) {
+                $s = "OpenID 2.0 message contained openid.identity but not " .
+                  "claimed_id";
+                return new Auth_OpenID_ServerError($message, $s);
+            } else if ($claimed_id && !$identity) {
+                $s = "OpenID 2.0 message contained openid.claimed_id " .
+                  "but not identity";
+                return new Auth_OpenID_ServerError($message, $s);
+            }
         }
 
         // There's a case for making self.trust_root be a TrustRoot
author	Kevin Turner <kevin@janrain.com>	2008-06-04 22:45:48 +0000
committer	Kevin Turner <kevin@janrain.com>	2008-06-04 22:45:48 +0000
commit	628e0bcda99f997a1ffe2b1f983a705efcbdadca (patch)
tree	c4182f4bf3166d507d5182a95000e38d8aab6879 /Auth
parent	fe580046be183271d74a2286b5f67a9507944600 (diff)
download	php-openid-628e0bcda99f997a1ffe2b1f983a705efcbdadca.zip php-openid-628e0bcda99f997a1ffe2b1f983a705efcbdadca.tar.gz php-openid-628e0bcda99f997a1ffe2b1f983a705efcbdadca.tar.bz2