webmcp
view framework/env/auth/openid/initiate.lua @ 23:3a6fe8663b26
Code cleanup and documentation added; Year in copyright notice changed to 2009-2010
Details:
- Changed quoting style in auth.openid.xrds_document{...}
- Fixed documentation for auth.openid.initiate{...}
- Added documentation for mondelefant
- Code-cleanup in mondelefant:
-- removed unneccessary lines "rows = PQntuples(res); cols = PQnfields(res);"
-- avoided extra copy of first argument (self) in mondelefant_conn_query
-- no rawget in meta-method "__index" of database result lists and objects
-- removed unreachable "return 0;" in meta-method "__newindex" of database result lists and objects
- Year in copyright notice changed to 2009-2010
- Version string changed to "1.1.1"
Details:
- Changed quoting style in auth.openid.xrds_document{...}
- Fixed documentation for auth.openid.initiate{...}
- Added documentation for mondelefant
- Code-cleanup in mondelefant:
-- removed unneccessary lines "rows = PQntuples(res); cols = PQnfields(res);"
-- avoided extra copy of first argument (self) in mondelefant_conn_query
-- no rawget in meta-method "__index" of database result lists and objects
-- removed unreachable "return 0;" in meta-method "__newindex" of database result lists and objects
- Year in copyright notice changed to 2009-2010
- Version string changed to "1.1.1"
| author | jbe |
|---|---|
| date | Fri Jun 04 19:00:34 2010 +0200 (2010-06-04) |
| parents | 47ddf0f86009 |
| children | 32ec28229bb5 |
line source
1 --[[--
2 success, -- boolean indicating success or failure
3 errmsg, -- error message in case of failure
4 errcode = -- error code in case of failure (TODO: not implemented yet)
5 auth.openid.initiate{
6 user_supplied_identifier = user_supplied_identifier, -- string given by user
7 https_as_default = https_as_default, -- default to https
8 curl_options = curl_options, -- additional options passed to "curl" binary, when performing discovery
9 return_to_module = return_to_module, -- module of the verifying view, the user shall return to after authentication
10 return_to_view = return_to_view, -- verifying view, the user shall return to after authentication
11 realm = realm -- URL the user should authenticate for, defaults to application base
12 }
14 In order to authenticate using OpenID the user should enter an identifier.
15 It is recommended that the form field element for this identifier is named
16 "openid_identifier", so that User-Agents can automatically determine the
17 given field should contain an OpenID identifier. The entered identifier is
18 then passed as "user_supplied_identifier" argument to this function. It
19 returns false on error and currently never returns on success. However in
20 future this function shall return true on success. After the user has
21 authenticated successfully, he/she is forwarded to the URL given by the
22 "return_to" argument. Under this URL the application has to verify the
23 result by calling auth.openid.verify{...}.
25 --]]--
27 function auth.openid.initiate(args)
28 local dd, errmsg, errcode = auth.openid.discover(args)
29 if not dd then
30 return nil, errmsg, errcode
31 end
32 -- TODO: Use request.redirect once it supports external URLs
33 cgi.set_status("303 See Other")
34 cgi.add_header(
35 "Location: " ..
36 encode.url{
37 external = dd.op_endpoint,
38 params = {
39 ["openid.ns"] = "http://specs.openid.net/auth/2.0",
40 ["openid.mode"] = "checkid_setup",
41 ["openid.claimed_id"] = dd.claimed_identifier or
42 "http://specs.openid.net/auth/2.0/identifier_select",
43 ["openid.identity"] = dd.op_local_identifier or dd.claimed_identifier or
44 "http://specs.openid.net/auth/2.0/identifier_select",
45 ["openid.return_to"] = encode.url{
46 base = request.get_absolute_baseurl(),
47 module = args.return_to_module,
48 view = args.return_to_view
49 },
50 ["openid.realm"] = args.realm or request.get_absolute_baseurl()
51 }
52 }
53 )
54 cgi.send_data()
55 exit()
56 end