jbe/bsw@20: --[[-- jbe/bsw@20: auth.openid.xrds_header{ jbe/bsw@20: ... -- arguments as used for encode.url{...}, pointing to an XRDS document as explained below jbe/bsw@20: } jbe/bsw@20: jbe/bsw@20: According to the OpenID specification, providers should verify, that jbe/bsw@20: return_to URLs are an OpenID relying party endpoint. To use OpenID jbe/bsw@20: providers following this recommendation, the relying parties can send a jbe/bsw@20: X-XRDS-Location header by calling this function. Its arguments must refer jbe/bsw@20: to an URL returning a document as follows: jbe/bsw@20: jbe/bsw@20: jbe/bsw@20: jbe/bsw@20: jbe/bsw@20: jbe/bsw@20: http://specs.openid.net/auth/2.0/return_to jbe/bsw@20: RETURN_TO_URL jbe/bsw@20: jbe/bsw@20: jbe/bsw@20: jbe/bsw@20: jbe/bsw@20: The placeholder RETURN_TO_URL has to be replaced by the absolute URL of the jbe/bsw@20: given return_to_module and return_to_view. jbe/bsw@20: jbe/bsw@20: jbe/bsw@20: Example application-wide filter, assuming the document above is saved in jbe/bsw@20: "static/openid.xrds": jbe/bsw@20: jbe/bsw@20: auth.openid.xrds_header{ static = "openid.xrds" } jbe/bsw@20: execute.inner() jbe/bsw@20: jbe/bsw@20: jbe/bsw@20: Example applications-wide filter, assuming jbe/bsw@20: - the return_to_module is "openid" jbe/bsw@20: - the return_to_view is "return" jbe/bsw@20: - the module for returning the xrds document is "openid" jbe/bsw@20: - the view for returning the xrds document is "xrds" jbe/bsw@20: jbe/bsw@20: auth.openid.xrds_header{ module = "openid", view = "xrds" } jbe/bsw@20: execute.inner() jbe/bsw@20: jbe/bsw@20: jbe/bsw@20: In the last example the "xrds" view in module "openid" has to make the jbe/bsw@20: following call: jbe/bsw@20: jbe/bsw@20: auth.openid.xrds_document{ jbe/bsw@20: return_to_module = "openid", jbe/bsw@20: return_to_view = "return" jbe/bsw@20: } jbe/bsw@20: jbe/bsw@20: --]]-- jbe/bsw@20: function auth.openid.xrds_header(args) jbe@223: request.add_header("X-XRDS-Location: " .. encode.url(args)) jbe/bsw@20: end