webmcp
view framework/env/auth/openid/initiate.lua @ 480:e09654c4a042
Allow main handlers to use a poll function that indicates when process termination is requested
| author | jbe |
|---|---|
| date | Tue Jun 06 16:14:33 2017 +0200 (2017-06-06) |
| parents | 32ec28229bb5 |
| children |
line source
1 --[[--
2 success, -- boolean indicating success or failure
3 errmsg, -- error message in case of failure
4 errcode = -- error code in case of failure (TODO: not implemented yet)
5 auth.openid.initiate{
6 user_supplied_identifier = user_supplied_identifier, -- string given by user
7 https_as_default = https_as_default, -- default to https
8 curl_options = curl_options, -- additional options passed to "curl" binary, when performing discovery
9 return_to_module = return_to_module, -- module of the verifying view, the user shall return to after authentication
10 return_to_view = return_to_view, -- verifying view, the user shall return to after authentication
11 realm = realm -- URL the user should authenticate for, defaults to application base
12 }
14 In order to authenticate using OpenID the user should enter an identifier.
15 It is recommended that the form field element for this identifier is named
16 "openid_identifier", so that User-Agents can automatically determine the
17 given field should contain an OpenID identifier. The entered identifier is
18 then passed as "user_supplied_identifier" argument to this function. It
19 returns false on error and currently never returns on success. However in
20 future this function shall return true on success. After the user has
21 authenticated successfully, he/she is forwarded to the URL given by the
22 "return_to" argument. Under this URL the application has to verify the
23 result by calling auth.openid.verify{...}.
25 --]]--
27 function auth.openid.initiate(args)
28 local dd, errmsg, errcode = auth.openid.discover(args)
29 if not dd then
30 return nil, errmsg, errcode
31 end
32 -- TODO: Use request.redirect once it supports external URLs
33 request.set_status("303 See Other")
34 request.add_header(
35 "Location: " ..
36 encode.url{
37 external = dd.op_endpoint,
38 params = {
39 ["openid.ns"] = "http://specs.openid.net/auth/2.0",
40 ["openid.mode"] = "checkid_setup",
41 ["openid.claimed_id"] = dd.claimed_identifier or
42 "http://specs.openid.net/auth/2.0/identifier_select",
43 ["openid.identity"] = dd.op_local_identifier or dd.claimed_identifier or
44 "http://specs.openid.net/auth/2.0/identifier_select",
45 ["openid.return_to"] = encode.url{
46 base = request.get_absolute_baseurl(),
47 module = args.return_to_module,
48 view = args.return_to_view
49 },
50 ["openid.realm"] = args.realm or request.get_absolute_baseurl()
51 }
52 }
53 )
54 error("Not implemented") -- TODO
55 --cgi.send_data()
56 --exit()
57 end