public function onCheckAuthentication(ResRequest $request) { // the request must contains all parameters from the redirect. We have // to check whether everything is valid and return true return $request->isValidSignature(self::$assoc->getSecret(), self::$assoc->getAssocType()); }
public function onCheckAuthentication(ResRequest $request) { $sql = <<<SQL SELECT \t`assoc`.`id`, \t`assoc`.`assocHandle`, \t`assoc`.`assocType`, \t`assoc`.`sessionType`, \t`assoc`.`secret`, \t`assoc`.`expires`, \t`assoc`.`date` FROM \t{$this->registry['table.openid_assoc']} `assoc` WHERE \t`assoc`.`assocHandle` = ? SQL; $row = $this->sql->getRow($sql, array($request->getAssocHandle())); if (!empty($row)) { return $request->isValidSignature($row['secret'], $row['assocType']); } else { throw new Exception('Invalid association'); } }