function fromMessage(&$message, $server)
{
$mode = $message->getArg(Auth_OpenID_OPENID_NS, 'mode');
$immediate = null;
if ($mode == "checkid_immediate") {
$immediate = true;
$mode = "checkid_immediate";
} else {
$immediate = false;
$mode = "checkid_setup";
}
$return_to = $message->getArg(Auth_OpenID_OPENID_NS,
'return_to');
if (($message->isOpenID1()) &&
(!$return_to)) {
$fmt = "Missing required field 'return_to' from checkid request";
return new Auth_OpenID_ServerError($message, $fmt);
}
$identity = $message->getArg(Auth_OpenID_OPENID_NS,
'identity');
$claimed_id = $message->getArg(Auth_OpenID_OPENID_NS, 'claimed_id');
if ($message->isOpenID1()) {
if ($identity === null) {
$s = "OpenID 1 message did not contain openid.identity";
return new Auth_OpenID_ServerError($message, $s);
}
} else {
if ($identity && !$claimed_id) {
$s = "OpenID 2.0 message contained openid.identity but not " .
"claimed_id";
return new Auth_OpenID_ServerError($message, $s);
} else if ($claimed_id && !$identity) {
$s = "OpenID 2.0 message contained openid.claimed_id " .
"but not identity";
return new Auth_OpenID_ServerError($message, $s);
}
}
// There's a case for making self.trust_root be a TrustRoot
// here. But if TrustRoot isn't currently part of the
// "public" API, I'm not sure it's worth doing.
if ($message->isOpenID1()) {
$trust_root_param = 'trust_root';
} else {
$trust_root_param = 'realm';
}
$trust_root = $message->getArg(Auth_OpenID_OPENID_NS,
$trust_root_param);
if (! $trust_root) {
$trust_root = $return_to;
}
if (! $message->isOpenID1() &&
($return_to === null) &&
($trust_root === null)) {
return new Auth_OpenID_ServerError($message,
"openid.realm required when openid.return_to absent");
}
$assoc_handle = $message->getArg(Auth_OpenID_OPENID_NS,
'assoc_handle');
$obj = Auth_OpenID_CheckIDRequest::make($message,
$identity,
$return_to,
$trust_root,
$immediate,
$assoc_handle,
$server);
if (is_a($obj, 'Auth_OpenID_ServerError')) {
return $obj;
}
$obj->claimed_id = $claimed_id;
return $obj;
}