| public getMessage ( string $realm, string $return_to = null, boolean $immediate = false ) | ||
| $realm | string | The URL (or URL pattern) that identifies your web site to the user when she is authorizing it. |
| $return_to | string | The URL that the OpenID provider will send the user back to after attempting to verify her identity. Not specifying a return_to URL means that the user will not be returned to the site issuing the request upon its completion. |
| $immediate | boolean | If true, the OpenID provider is to send back a response immediately, useful for behind-the-scenes authentication attempts. Otherwise the OpenID provider may engage the user before providing a response. This is the default case, as the user may need to provide credentials or approve the request before a positive response can be sent. |
function getMessage($realm, $return_to = null, $immediate = false)
{
if ($return_to) {
$return_to = Auth_OpenID::appendArgs($return_to, $this->return_to_args);
} else {
if ($immediate) {
// raise ValueError(
// '"return_to" is mandatory when
//using "checkid_immediate"')
return new Auth_OpenID_FailureResponse(null, "'return_to' is mandatory when using checkid_immediate");
} else {
if ($this->message->isOpenID1()) {
// raise ValueError('"return_to" is
// mandatory for OpenID 1 requests')
return new Auth_OpenID_FailureResponse(null, "'return_to' is mandatory for OpenID 1 requests");
} else {
if ($this->return_to_args) {
// raise ValueError('extra "return_to" arguments
// were specified, but no return_to was specified')
return new Auth_OpenID_FailureResponse(null, "extra 'return_to' arguments where specified, " . "but no return_to was specified");
}
}
}
}
if ($immediate) {
$mode = 'checkid_immediate';
} else {
$mode = 'checkid_setup';
}
$message = $this->message->copy();
if ($message->isOpenID1()) {
$realm_key = 'trust_root';
} else {
$realm_key = 'realm';
}
$message->updateArgs(Auth_OpenID_OPENID_NS, array($realm_key => $realm, 'mode' => $mode, 'return_to' => $return_to));
if (!$this->_anonymous) {
if ($this->endpoint->isOPIdentifier()) {
// This will never happen when we're in compatibility
// mode, as long as isOPIdentifier() returns False
// whenever preferredNamespace() returns OPENID1_NS.
$claimed_id = $request_identity = Auth_OpenID_IDENTIFIER_SELECT;
} else {
$request_identity = $this->endpoint->getLocalID();
$claimed_id = $this->endpoint->claimed_id;
}
// This is true for both OpenID 1 and 2
$message->setArg(Auth_OpenID_OPENID_NS, 'identity', $request_identity);
if ($message->isOpenID2()) {
$message->setArg(Auth_OpenID_OPENID2_NS, 'claimed_id', $claimed_id);
}
}
if ($this->assoc) {
$message->setArg(Auth_OpenID_OPENID_NS, 'assoc_handle', $this->assoc->handle);
}
return $message;
} /**
* Build auth request
*
* @return mixed
*/
function buildRedirect()
{
$sreg_request = Auth_OpenID_SRegRequest::build(null, $this->sregFields);
if ($sreg_request) {
$this->_auth_request->addExtension($sreg_request);
}
$pape_request = new Auth_OpenID_PAPE_Request($this->pape_policy_uris);
if ($pape_request) {
$this->_auth_request->addExtension($pape_request);
}
$this->_message = $this->_auth_request->getMessage($this->getTrustRoot(), $this->getReturnTo());
if (Auth_OpenID::isFailure($this->_message)) {
$this->_error = "Could not redirect to server: " . $this->_message->message;
return false;
} else {
return true;
}
}
