File: redirect.go

package info (click to toggle)
golang-github-yohcop-openid-go 0.0~git20170901.0.cfc72ed-3
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, buster, sid
  • size: 184 kB
  • sloc: makefile: 3
file content (55 lines) | stat: -rw-r--r-- 1,914 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
package openid

import (
	"net/url"
	"strings"
)

func RedirectURL(id, callbackURL, realm string) (string, error) {
	return defaultInstance.RedirectURL(id, callbackURL, realm)
}

func (oid *OpenID) RedirectURL(id, callbackURL, realm string) (string, error) {
	opEndpoint, opLocalID, claimedID, err := oid.Discover(id)
	if err != nil {
		return "", err
	}
	return BuildRedirectURL(opEndpoint, opLocalID, claimedID, callbackURL, realm)
}

func BuildRedirectURL(opEndpoint, opLocalID, claimedID, returnTo, realm string) (string, error) {
	values := make(url.Values)
	values.Add("openid.ns", "http://specs.openid.net/auth/2.0")
	values.Add("openid.mode", "checkid_setup")
	values.Add("openid.return_to", returnTo)

	// 9.1.  Request Parameters
	// "openid.claimed_id" and "openid.identity" SHALL be either both present or both absent.
	if len(claimedID) > 0 {
		values.Add("openid.claimed_id", claimedID)
		if len(opLocalID) > 0 {
			values.Add("openid.identity", opLocalID)
		} else {
			// If a different OP-Local Identifier is not specified,
			// the claimed identifier MUST be used as the value for openid.identity.
			values.Add("openid.identity", claimedID)
		}
	} else {
		// 7.3.1.  Discovered Information
		// If the end user entered an OP Identifier, there is no Claimed Identifier.
		// For the purposes of making OpenID Authentication requests, the value
		// "http://specs.openid.net/auth/2.0/identifier_select" MUST be used as both the
		// Claimed Identifier and the OP-Local Identifier when an OP Identifier is entered.
		values.Add("openid.claimed_id", "http://specs.openid.net/auth/2.0/identifier_select")
		values.Add("openid.identity", "http://specs.openid.net/auth/2.0/identifier_select")
	}

	if len(realm) > 0 {
		values.Add("openid.realm", realm)
	}

	if strings.Contains(opEndpoint, "?") {
		return opEndpoint + "&" + values.Encode(), nil
	}
	return opEndpoint + "?" + values.Encode(), nil
}