- // Recover request in session
- $request = S::v('openid_request');
- if (is_null($request)) {
- // There is no authentication information, something went wrong
- pl_redirect('/');
- return;
- } else {
- // Unserialize the request
- require_once 'Auth/OpenID/Server.php';
- $request = unserialize($request);
- }
-
- $server = init_openid_server();
- $user = S::user();
-
- // Check that the identity matches the user currently logged in
- if ($request->identity != get_user_openid_url($user)) {
- $response =& $request->answer(false);
- $webresponse =& $server->encodeResponse($response);
- $this->render_openid_response($webresponse);
- return;
- }
-
- // Prepare Simple Registration response fields
- require_once 'Auth/OpenID/SReg.php';
- $sreg_request = Auth_OpenID_SRegRequest::fromOpenIDRequest($request);
- $sreg_response = Auth_OpenID_SRegResponse::extractResponse($sreg_request, get_sreg_data($user));
-
-
- // Ask the user for confirmation
- if ($_SERVER['REQUEST_METHOD'] != 'POST') {
- $page->changeTpl('openid/trust.tpl');
- $page->assign('relying_party', $request->trust_root);
- $page->assign_by_ref('sreg_data', $sreg_response->data);
- return;
- }
-
- // At this point $_SERVER['REQUEST_METHOD'] == 'POST'
- // Answer to the Relying Party based on the user's choice
- if (isset($_POST['trust'])) {
- S::kill('openid_request');
- $response =& $request->answer(true, null, $request->identity);