Home » API reference » openid_test.module

_openid_test_endpoint_authenticate

Versions
7
_openid_test_endpoint_authenticate()

OpenID endpoint; handle "authenticate" requests.

All requests result in a successful response. The request is a GET or POST made by the user's browser based on an HTML form or HTTP redirect generated by the Relying Party. The user is redirected back to the Relying Party using a URL containing a signed message in the query string confirming the user's identity.

▸ 1 function calls _openid_test_endpoint_authenticate()

▾ 1 function calls _openid_test_endpoint_authenticate()

openid_test_endpoint in modules/openid/tests/openid_test.module
Menu callback; OpenID Provider Endpoint.

Code

modules/openid/tests/openid_test.module, line 203

<?php
function _openid_test_endpoint_authenticate() {
  global $base_url;

  module_load_include('inc', 'openid');

  // Generate unique identifier for this authentication.
  $nonce = _openid_nonce();

  // Generate response containing the user's identity. The openid.sreg.xxx
  // entries contain profile data stored by the OpenID Provider (see OpenID
  // Simple Registration Extension 1.0).
  $response = variable_get('openid_test_response', array()) + array(
    'openid.ns' => OPENID_NS_2_0,
    'openid.mode' => 'id_res',
    'openid.op_endpoint' => $base_url . url('openid/provider'),
    // openid.claimed_id is not sent by OpenID 1 clients.
    'openid.claimed_id' => isset($_REQUEST['openid_claimed_id']) ? $_REQUEST['openid_claimed_id'] : '',
    'openid.identity' => $_REQUEST['openid_identity'],
    'openid.return_to' => $_REQUEST['openid_return_to'],
    'openid.response_nonce' => $nonce,
    'openid.assoc_handle' => 'openid-test',
    'openid.signed' => 'op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle',
  );

  // Sign the message using the MAC key that was exchanged during association.
  $association = new stdClass;
  $association->mac_key = variable_get('mac_key');
  $keys_to_sign = explode(',', $response['openid.signed']);
  $response['openid.sig'] = _openid_signature($association, $response, $keys_to_sign);

  // Put the signed message into the query string of a URL supplied by the
  // Relying Party, and redirect the user.
  drupal_add_http_header('Content-Type', 'text/plain');
  header('Location: ' . url($_REQUEST['openid_return_to'], array('query' => $response, 'external' => TRUE)));
}
?>
Login or register to post comments
 
 

All source code and documentation on this site is released under the terms of the GNU General Public License, version 2 and later. Drupal is a registered trademark of Dries Buytaert.