openid_verify_assertion
| Versionen | |
|---|---|
| drupal6 | openid_verify_assertion( |
| drupal7 | openid_verify_assertion($op_endpoint, $response) |
Attempt to verify the response received from the OpenID Provider.
Übergabeparameter
$service Array describing the OpenID provider.
$response Array of response values from the provider.
Rückgabewert
boolean
Code
modules/
<?php
function openid_verify_assertion($service, $response) {
module_load_include('inc', 'openid');
// http://openid.net/specs/openid-authentication-2_0.html#rfc.section.11.3
// Check the Nonce to protect against replay attacks.
if (!openid_verify_assertion_nonce($service, $response)) {
return FALSE;
}
// http://openid.net/specs/openid-authentication-2_0.html#rfc.section.11.4
// Verify the signatures.
$valid = FALSE;
$association = db_fetch_object(db_query("SELECT * FROM {openid_association} WHERE assoc_handle = '%s'", $response['openid.assoc_handle']));
if ($association && isset($association->session_type)) {
// http://openid.net/specs/openid-authentication-2_0.html#rfc.section.11.4.2
// Verification using an association.
$valid = openid_verify_assertion_signature($service, $association, $response);
}
else {
// http://openid.net/specs/openid-authentication-2_0.html#rfc.section.11.4.3
// Direct verification.
$request = $response;
$request['openid.mode'] = 'check_authentication';
$message = _openid_create_message($request);
$headers = array('Content-Type' => 'application/x-www-form-urlencoded; charset=utf-8');
$result = drupal_http_request($service['uri'], $headers, 'POST', _openid_encode_message($message));
if (!isset($result->error)) {
$response = _openid_parse_message($result->data);
if (strtolower(trim($response['is_valid'])) == 'true') {
$valid = TRUE;
}
else {
$valid = FALSE;
}
}
}
return $valid;
}
?>Kommentar hinzufügen
DrupalAPI.de steht in keinerlei Verbindung mit api.drupal.org | Drupal ist eine eingetragene Marke von Dries Buytaert
Kommentare
Kommentar hinzufügen