public function onCheckAuthentication(ResRequest $request)
{
// the request must contains all parameters from the redirect. We have
// to check whether everything is valid and return true
return $request->isValidSignature(self::$assoc->getSecret(), self::$assoc->getAssocType());
}
public function onCheckAuthentication(ResRequest $request)
{
$sql = <<<SQL
SELECT
\t`assoc`.`id`,
\t`assoc`.`assocHandle`,
\t`assoc`.`assocType`,
\t`assoc`.`sessionType`,
\t`assoc`.`secret`,
\t`assoc`.`expires`,
\t`assoc`.`date`
FROM
\t{$this->registry['table.openid_assoc']} `assoc`
WHERE
\t`assoc`.`assocHandle` = ?
SQL;
$row = $this->sql->getRow($sql, array($request->getAssocHandle()));
if (!empty($row)) {
return $request->isValidSignature($row['secret'], $row['assocType']);
} else {
throw new Exception('Invalid association');
}
}
