From ff3bf28a038edd72b7d67bd9f6476c369e49140e Mon Sep 17 00:00:00 2001 From: webchick Date: Wed, 18 May 2011 00:31:07 -0500 Subject: Rollback of #1076366. This is not quite ready to go yet, because it depends on another issue (#1120290). --- modules/openid/openid.module | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) (limited to 'modules/openid/openid.module') diff --git a/modules/openid/openid.module b/modules/openid/openid.module index 6d4b1d7ff..7673de886 100644 --- a/modules/openid/openid.module +++ b/modules/openid/openid.module @@ -341,18 +341,14 @@ function openid_complete($response = array()) { $response['openid.claimed_id'] = $service['claimed_id']; } elseif ($service['version'] == 2) { - // Returned Claimed Identifier could contain unique fragment - // identifier to allow identifier recycling so we need to preserve - // it in the response. - $response_claimed_id = openid_normalize($response['openid.claimed_id']); - + $response['openid.claimed_id'] = openid_normalize($response['openid.claimed_id']); // OpenID Authentication, section 11.2: // If the returned Claimed Identifier is different from the one sent // to the OpenID Provider, we need to do discovery on the returned // identififer to make sure that the provider is authorized to // respond on behalf of this. - if ($response_claimed_id != $claimed_id) { - $services = openid_discovery($response_claimed_id); + if ($response['openid.claimed_id'] != $claimed_id) { + $services = openid_discovery($response['openid.claimed_id']); $uris = array(); foreach ($services as $discovered_service) { if (in_array('http://specs.openid.net/auth/2.0/server', $discovered_service['types']) || in_array('http://specs.openid.net/auth/2.0/signon', $discovered_service['types'])) { -- cgit v1.2.3