You are here

function openid_begin in Drupal 6

Same name and namespace in other branches
  1. 7 modules/openid/openid.module \openid_begin()

The initial step of OpenID authentication responsible for the following:

  • Perform discovery on the claimed OpenID.
  • If possible, create an association with the Provider's endpoint.
  • Create the authentication request.
  • Perform the appropriate redirect.

Parameters

$claimed_id The OpenID to authenticate:

$return_to The endpoint to return to from the OpenID Provider:

2 calls to openid_begin()
openid_login_validate in modules/openid/openid.module
Login form _validate hook
openid_user_add_submit in modules/openid/openid.pages.inc

File

modules/openid/openid.module, line 159
Implement OpenID Relying Party support for Drupal

Code

function openid_begin($claimed_id, $return_to = '', $form_values = array()) {
  module_load_include('inc', 'openid');
  $claimed_id = _openid_normalize($claimed_id);
  $services = openid_discovery($claimed_id);
  if (count($services) == 0) {
    form_set_error('openid_identifier', t('Sorry, that is not a valid OpenID. Please ensure you have spelled your ID correctly.'));
    return;
  }

  // Store discovered information in the users' session so we don't have to rediscover.
  $_SESSION['openid']['service'] = $services[0];

  // Store the claimed id
  $_SESSION['openid']['claimed_id'] = $claimed_id;

  // Store the login form values so we can pass them to
  // user_exteral_login later.
  $_SESSION['openid']['user_login_values'] = $form_values;
  $op_endpoint = $services[0]['uri'];

  // If bcmath is present, then create an association
  $assoc_handle = '';
  if (function_exists('bcadd')) {
    $assoc_handle = openid_association($op_endpoint);
  }

  // Now that there is an association created, move on
  // to request authentication from the IdP
  // First check for LocalID. If not found, check for Delegate. Fall
  // back to $claimed_id if neither is found.
  if (!empty($services[0]['localid'])) {
    $identity = $services[0]['localid'];
  }
  else {
    if (!empty($services[0]['delegate'])) {
      $identity = $services[0]['delegate'];
    }
    else {
      $identity = $claimed_id;
    }
  }
  if (isset($services[0]['types']) && is_array($services[0]['types']) && in_array(OPENID_NS_2_0 . '/server', $services[0]['types'])) {
    $claimed_id = $identity = 'http://specs.openid.net/auth/2.0/identifier_select';
  }
  $authn_request = openid_authentication_request($claimed_id, $identity, $return_to, $assoc_handle, $services[0]['version']);
  if ($services[0]['version'] == 2) {
    openid_redirect($op_endpoint, $authn_request);
  }
  else {
    openid_redirect_http($op_endpoint, $authn_request);
  }
}