private function allowAccess() { // delete session $_SESSION['amun_openid_request'] = null; // build redirect $nonce = gmdate('Y-m-d\\TH:i:s\\Z') . Security::generateToken(15); $redirect = new Redirect(); $redirect->setOpEndpoint($this->config['psx_url'] . '/' . $this->config['psx_dispatch'] . 'api/openid/signon'); $redirect->setClaimedId($this->claimedId); $redirect->setIdentity($this->identity); $redirect->setReturnTo($this->returnTo); $redirect->setResponseNonce($nonce); $redirect->setAssocHandle($this->assoc['assocHandle']); $redirect->setParams($this->request->getParams()); if (!empty($this->sreg)) { $redirect->addExtension($this->handleSregExt()); } if (!empty($this->oauth)) { $redirect->addExtension($this->handleOauthExt()); } // insert or update connect $now = new DateTime('NOW', $this->registry['core.default_timezone']); $data = array('userId' => $this->user->getId(), 'assocId' => $this->assoc['id'], 'claimedId' => $this->claimedId, 'identity' => $this->identity, 'returnTo' => (string) $this->returnTo, 'responseNonce' => $nonce, 'date' => $now->format(DateTime::SQL)); if (isset($_POST['remember']) && $_POST['remember'] === '1') { $data['status'] = Openid\Record::APPROVED; } $this->hm->getTable('AmunService\\Openid')->replace($data); // redirect to rp $redirect->redirect($this->assoc['secret'], $this->assoc['assocType']); }