/**
* check_authentication mode request
**/
private function checkAuthentication(array $parameters, $manager = null)
{
$credentials = new OpenIdCredentials(HttpUrl::create()->parse($parameters['openid.identity']), $this->httpClient);
$request = HttpRequest::create()->setMethod(HttpMethod::post())->setUrl($credentials->getServer());
if (isset($parameters['openid.invalidate_handle']) && $manager) {
$request->setPostVar('openid.invalidate_handle', $parameters['openid.invalidate_handle']);
}
foreach (explode(',', $parameters['openid.signed']) as $key) {
$key = 'openid.' . $key;
$request->setPostVar($key, $parameters[$key]);
}
$request->setPostVar('openid.mode', 'check_authentication')->setPostVar('openid.assoc_handle', $parameters['openid.assoc_handle'])->setPostVar('openid.sig', $parameters['openid.sig'])->setPostVar('openid.signed', $parameters['openid.signed']);
$response = $this->httpClient->send($request);
if ($response->getStatus()->getId() != HttpStatus::CODE_200) {
throw new OpenIdException('bad response code from server');
}
$result = $this->parseKeyValueFormat($response->getBody());
if (!isset($result['is_valid']) || $result['is_valid'] !== 'true' && $result['is_valid'] !== 'false') {
throw new OpenIdException('strange response given');
}
if ($result['is_valid'] === 'true') {
if (isset($result['invalidate_handle']) && $manager) {
$manager->purgeByHandle($result['invalidate_handle']);
}
return true;
} elseif ($result['is_valid'] === 'false') {
return false;
}
Assert::isUnreachable();
}
