diff options
author | Dries Buytaert <dries@buytaert.net> | 2011-05-08 16:31:38 -0400 |
---|---|---|
committer | Dries Buytaert <dries@buytaert.net> | 2011-05-08 16:31:38 -0400 |
commit | 98256f2df186f4b7a969862709646308b0784a10 (patch) | |
tree | 5cc24852d5f7094b8cebc0b1925fe7d56da5aa1e /modules/openid | |
parent | 94a137d7a8ea796c33db5dbd44c5494965400bf4 (diff) | |
download | brdo-98256f2df186f4b7a969862709646308b0784a10.tar.gz brdo-98256f2df186f4b7a969862709646308b0784a10.tar.bz2 |
- Patch #1076414 by wojtha, c960657: Openid discovery - OpenID v1 OP service with lower priority is chosen instead OpenID v2 Claimed id service.
Diffstat (limited to 'modules/openid')
-rw-r--r-- | modules/openid/openid.inc | 29 | ||||
-rw-r--r-- | modules/openid/tests/openid_test.module | 6 |
2 files changed, 20 insertions, 15 deletions
diff --git a/modules/openid/openid.inc b/modules/openid/openid.inc index dfa71a95e..6945f34ed 100644 --- a/modules/openid/openid.inc +++ b/modules/openid/openid.inc @@ -188,32 +188,33 @@ function _openid_select_service(array $services) { // Extensible Resource Identifier (XRI) Resolution Version 2.0, section 4.3.3: // Find the service with the highest priority (lowest integer value). If there // is a tie, select a random one, not just the first in the XML document. - $selected_service = NULL; shuffle($services); + $selected_service = NULL; + $selected_type_priority = FALSE; // Search for an OP Identifier Element. foreach ($services as $service) { if (!empty($service['uri'])) { + $type_priority = FALSE; if (in_array('http://specs.openid.net/auth/2.0/server', $service['types'])) { $service['version'] = 2; + $type_priority = 1; + } + elseif (in_array('http://specs.openid.net/auth/2.0/signon', $service['types'])) { + $service['version'] = 2; + $type_priority = 2; } elseif (in_array(OPENID_NS_1_0, $service['types']) || in_array(OPENID_NS_1_1, $service['types'])) { $service['version'] = 1; + $type_priority = 3; } - if (isset($service['version']) && (!$selected_service || $service['priority'] < $selected_service['priority'])) { - $selected_service = $service; - } - } - } - if (!$selected_service) { - // Search for Claimed Identifier Element. - foreach ($services as $service) { - if (!empty($service['uri']) && in_array('http://specs.openid.net/auth/2.0/signon', $service['types'])) { - $service['version'] = 2; - if (!$selected_service || $service['priority'] < $selected_service['priority']) { - $selected_service = $service; - } + if ($type_priority + && (!$selected_service + || $type_priority < $selected_type_priority + || ($type_priority == $selected_type_priority && $service['priority'] < $selected_service['priority']))) { + $selected_service = $service; + $selected_type_priority = $type_priority; } } } diff --git a/modules/openid/tests/openid_test.module b/modules/openid/tests/openid_test.module index d2afa9f59..bad1184a3 100644 --- a/modules/openid/tests/openid_test.module +++ b/modules/openid/tests/openid_test.module @@ -105,6 +105,10 @@ function openid_test_yadis_xrds() { <Service> <Type>http://example.com/this-is-ignored</Type> </Service> + <Service priority="5"> + <Type>http://openid.net/signon/1.0</Type> + <URI>http://example.com/this-is-only-openid-1.0</URI> + </Service> <Service priority="10"> <Type>http://specs.openid.net/auth/2.0/signon</Type> <Type>http://openid.net/srv/ax/1.0</Type> @@ -133,7 +137,7 @@ function openid_test_yadis_xrds() { } elseif (arg(3) == 'delegate') { print ' - <Service priority="5"> + <Service priority="0"> <Type>http://specs.openid.net/auth/2.0/signon</Type> <Type>http://openid.net/srv/ax/1.0</Type> <URI>' . url('openid-test/endpoint', array('absolute' => TRUE)) . '</URI> |