diff options
| -rwxr-xr-x | actions/trust.php | 42 |
1 files changed, 16 insertions, 26 deletions
diff --git a/actions/trust.php b/actions/trust.php index 10b83127d..3f882125d 100755 --- a/actions/trust.php +++ b/actions/trust.php @@ -10,7 +10,7 @@ * @link http://elgg.org/
*/
-error_log("in trust.php");
+//error_log("in trust.php");
require_once(dirname(dirname(__FILE__)).'/openid_server_include.php');
@@ -21,7 +21,7 @@ $info = getRequestInfo(); $trusted = get_input('trust');
$remember = get_input('remember');
$trust_root = get_input('trust_root');
-error_log("in trust.php, getting store".$info->trust_root);
+
$store = getOpenIDServerStore();
if ($remember) {
$store->setTrustedSite($info);
@@ -30,14 +30,15 @@ if ($remember) { if (!$info) {
// There is no authentication information, so bail
- error_log("in trust.php, no info");
system_message(elgg_echo("openid_server:cancelled"));
forward();
} else {
if ($idpSelect = $info->idSelect()) {
if ($idpSelect) {
- $req_url = idURL($idpSelect);
+ $identity = getLoggedInUser();
+ //$req_url = idURL($idpSelect);
+ $req_url = $info->identity;
//XXX fixing dirty https stuff
//$req_url = str_replace('http', 'https', $req_url);
} else {
@@ -45,44 +46,32 @@ if (!$info) { }
} else {
$req_url = normaliseUsername($info->identity);
- //XXX fixing dirty https stuff
- //$req_url = str_replace('http', 'https', $req_url);
}
- error_log("in trust.php, getLoggedInUser");
$user = getLoggedInUser();
- error_log("in trust.php, setRequestInfo");
+ $identity = $user;
+
setRequestInfo($info);
- $user = str_replace('https', 'http', $user);
$req_url_path = substr($req_url, strpos($req_url, ":"));
$user_path = substr($user, strpos($user, ":"));
- if ($req_url_path != $user_path) {
+
+ if ($info->message->isOpenID1() && $req_url_path != $user_path) {
register_error(sprintf(elgg_echo("openid_server:loggedin_as_wrong_user"),$req_url, $user));
forward();
} else {
-
$trust_root = $info->trust_root;
- //XXX fixing dirty https stuff
- error_log("in trust.php, trust_root = $trust_root");
-
- $trusted = isset($trusted) ? $trusted : isTrusted($req_url,$trust_root);
+ $trusted = isset($trusted) ? $trusted : isTrusted($identity, $trust_root);
if ($trusted) {
setRequestInfo();
$server =& getServer();
- $response =& $info->answer(true, null, $req_url);
+ if ($info->message->isOpenID1())
+ $response =& $info->answer(true, null, $req_url);
+ else
+ $response =& $info->answer(true, null, getServerURL(), $identity);
- error_log("in trust.php, addSregFields");
-
- //XXX this call gives fatal error: call to a member function isOpenID1()
- //on a non-object (OpenID/Extension.php
- addSregFields($response, $info, $req_url);
-// error_log("in trust.php, response = " . print_r($response));
- error_log("in trust.php, encodeResponse");
- //XXX falla encoding de esta respuesta
+ addSregFields($response, $info, $identity);
$webresponse =& $server->encodeResponse($response);
-
- error_log('in trust.php, webresponse ='.print_r($webresponse,true));
$new_headers = array();
@@ -91,6 +80,7 @@ if (!$info) { }
writeResponse( array($new_headers, $webresponse->body));
+ exit(0);
} elseif ($fail_cancels) {
setRequestInfo();
forward($info->getCancelURL());
|