webmcp
view framework/env/auth/openid/xrds_header.lua @ 211:9d3d11cf1bf6
Changes in mcp.lua regarding configuration management (only single application allowed)
author | jbe |
---|---|
date | Sat Jan 10 00:36:05 2015 +0100 (2015-01-10) |
parents | 47ddf0f86009 |
children | 32ec28229bb5 |
line source
1 --[[--
2 auth.openid.xrds_header{
3 ... -- arguments as used for encode.url{...}, pointing to an XRDS document as explained below
4 }
6 According to the OpenID specification, providers should verify, that
7 return_to URLs are an OpenID relying party endpoint. To use OpenID
8 providers following this recommendation, the relying parties can send a
9 X-XRDS-Location header by calling this function. Its arguments must refer
10 to an URL returning a document as follows:
12 <?xml version="1.0" encoding="UTF-8"?>
13 <xrds:XRDS xmlns:xrds="xri://$xrds" xmlns="xri://$xrd*($v*2.0)">
14 <XRD>
15 <Service>
16 <Type>http://specs.openid.net/auth/2.0/return_to</Type>
17 <URI>RETURN_TO_URL</URI>
18 </Service>
19 </XRD>
20 </xrds:XRDS>
22 The placeholder RETURN_TO_URL has to be replaced by the absolute URL of the
23 given return_to_module and return_to_view.
26 Example application-wide filter, assuming the document above is saved in
27 "static/openid.xrds":
29 auth.openid.xrds_header{ static = "openid.xrds" }
30 execute.inner()
33 Example applications-wide filter, assuming
34 - the return_to_module is "openid"
35 - the return_to_view is "return"
36 - the module for returning the xrds document is "openid"
37 - the view for returning the xrds document is "xrds"
39 auth.openid.xrds_header{ module = "openid", view = "xrds" }
40 execute.inner()
43 In the last example the "xrds" view in module "openid" has to make the
44 following call:
46 auth.openid.xrds_document{
47 return_to_module = "openid",
48 return_to_view = "return"
49 }
51 --]]--
52 function auth.openid.xrds_header(args)
53 cgi.add_header("X-XRDS-Location: " .. encode.url(args))
54 end