/**
* Produce a {@link Auth_OpenID_Message} representing this
* request.
*
* @param string $realm The URL (or URL pattern) that identifies
* your web site to the user when she is authorizing it.
*
* @param string $return_to The URL that the OpenID provider will
* send the user back to after attempting to verify her identity.
*
* Not specifying a return_to URL means that the user will not be
* returned to the site issuing the request upon its completion.
*
* @param bool $immediate If true, the OpenID provider is to send
* back a response immediately, useful for behind-the-scenes
* authentication attempts. Otherwise the OpenID provider may
* engage the user before providing a response. This is the
* default case, as the user may need to provide credentials or
* approve the request before a positive response can be sent.
*/
function getMessage($realm, $return_to = null, $immediate = false)
{
if ($return_to) {
$return_to = Auth_OpenID::appendArgs($return_to, $this->return_to_args);
} else {
if ($immediate) {
// raise ValueError(
// '"return_to" is mandatory when
//using "checkid_immediate"')
return new Auth_OpenID_FailureResponse(null, "'return_to' is mandatory when using checkid_immediate");
} else {
if ($this->message->isOpenID1()) {
// raise ValueError('"return_to" is
// mandatory for OpenID 1 requests')
return new Auth_OpenID_FailureResponse(null, "'return_to' is mandatory for OpenID 1 requests");
} else {
if ($this->return_to_args) {
// raise ValueError('extra "return_to" arguments
// were specified, but no return_to was specified')
return new Auth_OpenID_FailureResponse(null, "extra 'return_to' arguments where specified, " . "but no return_to was specified");
}
}
}
}
if ($immediate) {
$mode = 'checkid_immediate';
} else {
$mode = 'checkid_setup';
}
$message = $this->message->copy();
if ($message->isOpenID1()) {
$realm_key = 'trust_root';
} else {
$realm_key = 'realm';
}
$message->updateArgs(Auth_OpenID_OPENID_NS, array($realm_key => $realm, 'mode' => $mode, 'return_to' => $return_to));
if (!$this->_anonymous) {
if ($this->endpoint->isOPIdentifier()) {
// This will never happen when we're in compatibility
// mode, as long as isOPIdentifier() returns False
// whenever preferredNamespace() returns OPENID1_NS.
$claimed_id = $request_identity = Auth_OpenID_IDENTIFIER_SELECT;
} else {
$request_identity = $this->endpoint->getLocalID();
$claimed_id = $this->endpoint->claimed_id;
}
// This is true for both OpenID 1 and 2
$message->setArg(Auth_OpenID_OPENID_NS, 'identity', $request_identity);
if ($message->isOpenID2()) {
$message->setArg(Auth_OpenID_OPENID2_NS, 'claimed_id', $claimed_id);
}
}
if ($this->assoc) {
$message->setArg(Auth_OpenID_OPENID_NS, 'assoc_handle', $this->assoc->handle);
}
return $message;
}
function toURL($base_url)
{
// Generate a GET URL with the parameters in this message
// attached as query parameters.
return Auth_OpenID::appendArgs($base_url, $this->toPostArgs());
}
function test_appendArgs()
{
$simple = 'http://www.example.com/';
$cases = array(array('empty list', array($simple, array()), $simple), array('empty dict', array($simple, array()), $simple), array('one list', array($simple, array(array('a', 'b'))), $simple . '?a=b'), array('one dict', array($simple, array('a' => 'b')), $simple . '?a=b'), array('two list (same)', array($simple, array(array('a', 'b'), array('a', 'c'))), $simple . '?a=b&a=c'), array('two list', array($simple, array(array('a', 'b'), array('b', 'c'))), $simple . '?a=b&b=c'), array('two list (order)', array($simple, array(array('b', 'c'), array('a', 'b'))), $simple . '?b=c&a=b'), array('two dict (order)', array($simple, array('b' => 'c', 'a' => 'b')), $simple . '?a=b&b=c'), array('escape', array($simple, array(array('=', '='))), $simple . '?%3D=%3D'), array('escape (URL)', array($simple, array(array('this_url', $simple))), $simple . '?this_url=http%3A%2F%2Fwww.example.com%2F'), array('use dots', array($simple, array(array('openid.stuff', 'bother'))), $simple . '?openid.stuff=bother'), array('args exist (empty)', array($simple . '?stuff=bother', array()), $simple . '?stuff=bother'), array('args exist', array($simple . '?stuff=bother', array(array('ack', 'ack'))), $simple . '?stuff=bother&ack=ack'), array('args exist', array($simple . '?stuff=bother', array(array('ack', 'ack'))), $simple . '?stuff=bother&ack=ack'), array('args exist (dict)', array($simple . '?stuff=bother', array('ack' => 'ack')), $simple . '?stuff=bother&ack=ack'), array('args exist (dict 2)', array($simple . '?stuff=bother', array('ack' => 'ack', 'zebra' => 'lion')), $simple . '?stuff=bother&ack=ack&zebra=lion'), array('three args (dict)', array($simple, array('stuff' => 'bother', 'ack' => 'ack', 'zebra' => 'lion')), $simple . '?ack=ack&stuff=bother&zebra=lion'), array('three args (list)', array($simple, array(array('stuff', 'bother'), array('ack', 'ack'), array('zebra', 'lion'))), $simple . '?stuff=bother&ack=ack&zebra=lion'));
// Tests.
foreach ($cases as $case) {
list($desc, $data, $expected) = $case;
list($url, $query) = $data;
$this->assertEquals($expected, Auth_OpenID::appendArgs($url, $query));
}
}
function encodeToURL()
{
global $_Auth_OpenID_OpenID_Prefix;
$fields = array();
foreach ($this->fields as $k => $v) {
$fields[$_Auth_OpenID_OpenID_Prefix . $k] = $v;
}
return Auth_OpenID::appendArgs($this->request->return_to, $fields);
}
/**
* Compute the appropriate redirection URL for this request based
* on a specified trust root and return-to.
*
* @param string $trust_root The trust root URI for your
* application.
*
* @param string$ $return_to The return-to URL to be used when the
* OpenID server redirects the user back to your site.
*
* @return string $redirect_url The resulting redirect URL that
* you should send to the user agent.
*/
function redirectURL($trust_root, $return_to, $immediate = false)
{
if ($immediate) {
$mode = 'checkid_immediate';
} else {
$mode = 'checkid_setup';
}
$return_to = Auth_OpenID::appendArgs($return_to, $this->return_to_args);
$redir_args = array('openid.mode' => $mode, 'openid.identity' => $this->endpoint->getServerID(), 'openid.return_to' => $return_to, 'openid.trust_root' => $trust_root);
if ($this->assoc) {
$redir_args['openid.assoc_handle'] = $this->assoc->handle;
}
$redir_args = array_merge($redir_args, $this->extra_args);
return Auth_OpenID::appendArgs($this->endpoint->server_url, $redir_args);
}
/**
* Encodes this error's response as a URL suitable for
* redirection. If the response has no return_to, another
* Auth_OpenID_ServerError is returned.
*/
function encodeToURL()
{
if (!$this->message) {
return null;
}
$return_to = $this->message->getArg(Auth_OpenID_OPENID_NS, 'return_to');
if (!$return_to) {
return null;
}
return Auth_OpenID::appendArgs($return_to, array('openid.mode' => 'error', 'openid.error' => $this->toString()));
}
