Fix on OpenId 2.0 User Discovery

https://openid.net/specs/openid-authentication-2_0.html#verify_disco
implementation has a bug, on X-XRDS-Location on user profile page
was publishing the wrong XRDS DOC, was issuing the doc for IDP, but
it needed the doc for the claimed identifier

Change-Id: I394a2517f771cc31340e0891dffc007279038d63
This commit is contained in:
Sebastian Marcet 2016-05-10 00:08:02 -03:00
parent ad3eb0207e
commit a842c9c0e7
3 changed files with 15 additions and 9 deletions

View File

@ -14,8 +14,8 @@ class DiscoveryController extends OpenIdController
public function __construct(IOpenIdProtocol $openid_protocol, IAuthService $auth_service, IServerConfigurationService $server_config_service)
{
$this->openid_protocol = $openid_protocol;
$this->auth_service = $auth_service;
$this->openid_protocol = $openid_protocol;
$this->auth_service = $auth_service;
$this->server_config_service = $server_config_service;
}
@ -46,12 +46,8 @@ class DiscoveryController extends OpenIdController
return View::make("404");
$local_identifier = $this->server_config_service->getUserIdentityEndpointURL($identifier);
if ($this->isDiscoveryRequest()) {
$response = Response::make($this->openid_protocol->getXRDSDiscovery(IOpenIdProtocol::OpenIdXRDSModeUser, $local_identifier), 200);
$this->setDiscoveryResponseType($response);
} else {
$response = View::make("identity");
}
$response = Response::make($this->openid_protocol->getXRDSDiscovery(IOpenIdProtocol::OpenIdXRDSModeUser, $local_identifier), 200);
$this->setDiscoveryResponseType($response);
return $response;
}

View File

@ -3,7 +3,7 @@
<title>Welcome to OpenStackId</title>
@stop
@section('meta')
<meta http-equiv="X-XRDS-Location" content="{{ URL::action("DiscoveryController@idp")}}" />
<meta http-equiv="X-XRDS-Location" content="{{ URL::action("DiscoveryController@user", ['identifier'=> $identifier ])}}" />
@append
@section('content')
<div class="container">

10
other-requirements.txt Normal file
View File

@ -0,0 +1,10 @@
mcrypt
php5
php5-common
php5-cli
php5-mcrypt
php5-curl
php5-gd
php5-json
php5-mysql
php5-gmp