function handler_trust($page) { $this->load('openid.inc.php'); $server = new OpenId(); $user = S::user(); // Initializes the OpenId environment from the request. if (!$server->Initialize() || !$server->IsAuthorizationRequest()) { $page->kill("Ta requête OpenID a échoué, merci de réessayer."); } // Prepares the SREG data, if any is required. $sreg_response = $server->GetSRegDataForRequest($user); // Asks the user about her trust level of the current request, if not // done yet. if (!Post::has('trust_accept') && !Post::has('trust_cancel')) { $page->changeTpl('openid/trust.tpl'); $page->assign('openid_query', $server->GetQueryStringForRequest()); $page->assign('relying_party', $server->GetEndpoint()); $page->assign('sreg_data', $sreg_response->contents()); return; } // Interprets the form results, and updates the user whitelist. S::assert_xsrf_token(); $trusted = $server->UpdateEndpointTrust($user, Post::b('trust_accept') && !Post::b('trust_cancel'), Post::b('trust_always')); // Finally answers the request. if ($server->IsUserAuthorized($user) && $trusted) { $server->AnswerRequest(true, Post::b('trust_sreg') ? $sreg_response : null); } else { $server->AnswerRequest(false); } }