function openid_begin in Drupal 6
Same name and namespace in other branches
- 7 modules/openid/openid.module \openid_begin()
The initial step of OpenID authentication responsible for the following:
- Perform discovery on the claimed OpenID.
- If possible, create an association with the Provider's endpoint.
- Create the authentication request.
- Perform the appropriate redirect.
Parameters
$claimed_id The OpenID to authenticate:
$return_to The endpoint to return to from the OpenID Provider:
2 calls to openid_begin()
- openid_login_validate in modules/
openid/ openid.module - Login form _validate hook
- openid_user_add_submit in modules/
openid/ openid.pages.inc
File
- modules/
openid/ openid.module, line 159 - Implement OpenID Relying Party support for Drupal
Code
function openid_begin($claimed_id, $return_to = '', $form_values = array()) {
module_load_include('inc', 'openid');
$claimed_id = _openid_normalize($claimed_id);
$services = openid_discovery($claimed_id);
if (count($services) == 0) {
form_set_error('openid_identifier', t('Sorry, that is not a valid OpenID. Please ensure you have spelled your ID correctly.'));
return;
}
// Store discovered information in the users' session so we don't have to rediscover.
$_SESSION['openid']['service'] = $services[0];
// Store the claimed id
$_SESSION['openid']['claimed_id'] = $claimed_id;
// Store the login form values so we can pass them to
// user_exteral_login later.
$_SESSION['openid']['user_login_values'] = $form_values;
$op_endpoint = $services[0]['uri'];
// If bcmath is present, then create an association
$assoc_handle = '';
if (function_exists('bcadd')) {
$assoc_handle = openid_association($op_endpoint);
}
// Now that there is an association created, move on
// to request authentication from the IdP
// First check for LocalID. If not found, check for Delegate. Fall
// back to $claimed_id if neither is found.
if (!empty($services[0]['localid'])) {
$identity = $services[0]['localid'];
}
else {
if (!empty($services[0]['delegate'])) {
$identity = $services[0]['delegate'];
}
else {
$identity = $claimed_id;
}
}
if (isset($services[0]['types']) && is_array($services[0]['types']) && in_array(OPENID_NS_2_0 . '/server', $services[0]['types'])) {
$claimed_id = $identity = 'http://specs.openid.net/auth/2.0/identifier_select';
}
$authn_request = openid_authentication_request($claimed_id, $identity, $return_to, $assoc_handle, $services[0]['version']);
if ($services[0]['version'] == 2) {
openid_redirect($op_endpoint, $authn_request);
}
else {
openid_redirect_http($op_endpoint, $authn_request);
}
}