? 501704-4-openid_provider_ax_update_url.patch
? 501704-5-openid_provider_ax_update_url.patch
Index: openid_provider_ax.install
===================================================================
RCS file: openid_provider_ax.install
diff -N openid_provider_ax.install
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ openid_provider_ax.install	25 Oct 2010 15:30:27 -0000
@@ -0,0 +1,69 @@
+<?php
+// $Id$
+
+/**
+ * Implementation of hook_schema().
+ */
+function openid_provider_ax_schema() {
+  $schema['openid_provider_ax'] = array(
+    'description' => t('Connect profiles to the relying parties.'),
+    'fields' => array(
+      'uid' => array(
+        'description' => t('The user identifier.'),
+        'type' => 'int',
+        'unsigned' => TRUE,
+        'not null' => TRUE,
+      ),
+      'claimed_id' => array(
+        'description' => t('The OpenID the user claimed.'),
+        'type' => 'varchar',
+        'length' => '256',
+        'not null' => TRUE,
+        'default' => '',
+      ),
+      'request' => array(
+        'description' => t('The attributes that were requested by the relying party.'),
+        'type' => 'text',
+        'not null' => TRUE,
+      ),
+      'response' => array(
+        'description' => t('The attributes that were the response to the relying party.'),
+        'type' => 'text',
+        'not null' => TRUE,
+      ),
+      'update_url' => array(
+        'description' => t('The URL of the relying party where the updated attributes should be sent to.'),
+        'type' => 'varchar',
+        'length' => '256',
+        'not null' => TRUE,
+      ),
+    ),
+    'indexes' => array(
+      'uid' => array('uid'),
+      'claimed_id' => array('claimed_id'),
+      'update_url' => array('update_url'),
+    ),
+  );
+  return $schema;
+}
+
+/**
+ * Implementation of hook_install().
+ */
+function openid_provider_ax_install() {
+  drupal_install_schema('openid_provider_ax');
+}
+
+/**
+ * Implementation of hook_uninstall().
+ */
+function openid_provider_ax_uninstall() {
+  drupal_uninstall_schema('openid_provider_ax');
+}
+
+/**
+ * Implementation of hook_update_N().
+ */
+function openid_provider_ax_update_6001() {
+  return drupal_install_schema('openid_provider_ax');
+}
+
Index: openid_provider_ax.module
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/openid_provider_ax/openid_provider_ax.module,v
retrieving revision 1.3.2.6
diff -u -p -r1.3.2.6 openid_provider_ax.module
--- openid_provider_ax.module	8 Jul 2009 12:51:46 -0000	1.3.2.6
+++ openid_provider_ax.module	25 Oct 2010 15:30:28 -0000
@@ -23,11 +23,51 @@ function openid_provider_ax_xrds($accoun
 /**
  * Implementation of hook_openid_provider()
  */
-function openid_provider_ax_openid_provider($op = 'response', $response = array(), $request = array()) {
+function openid_provider_ax_openid_provider($op = 'response') {
+  $args = func_get_args();
   switch ($op) {
     case 'response':
-      return openid_provider_ax_response_process($response, $request);
+      if (count($args) < 3) {
+        return FALSE;
+      }
+      return openid_provider_ax_response_process($args[1], $args[2]);
       break;
+    case 'update':
+      module_load_include('inc', 'openid_provider', 'openid_provider');
+
+      $uid = array_pop($args);
+
+      //TODO: refactor into own function
+      $result = db_query("SELECT * FROM {openid_provider_ax} WHERE uid = %d", $uid);
+      $relying_parties = array();
+      while ($relying_party = db_fetch_array($result)) {
+        $relying_party['request'] = unserialize($relying_party['request']);
+        $relying_party['response'] = unserialize($relying_party['response']);
+        $relying_parties[] = $relying_party;
+      }
+
+      foreach ($relying_parties as $rp) {
+        $update_url = $rp['request']['openid.ax.update_url'];
+        unset($rp['request']['openid.ax.update_url']);
+        $response = openid_provider_ax_response_process($rp['response'], $rp['request'], $uid);
+        $response['openid.response_nonce'] = _openid_provider_nonce();
+        $response['openid.return_to'] = $update_url;
+        $response = array_merge($rp['response'], $response);
+
+        //FIXME: Workaround till better solution is found
+        if (isset($response['openid.sreg.nickname']) && isset($response['openid.ax.value.friendly'])) {
+          $response['openid.sreg.nickname'] = $response['openid.ax.value.friendly'];
+        }
+        if (isset($response['openid.sreg.email']) && isset($response['openid.ax.value.email'])) {
+          $response['openid.sreg.email'] = $response['openid.ax.value.email'];
+        }
+
+        if (!openid_provider_unsolicited_assertion($response, $update_url)) {
+          // We got a 404 and need to remove the update_url
+          // TODO: Implement some kind of threshold (e.g. 5 times 404, then remove)
+          db_query("DELETE FROM {openid_provider_ax} WHERE update_url = '%s'", $update_url);
+        }
+      }
     case 'signed':
       break;
   }
@@ -41,7 +73,12 @@ function openid_provider_ax_openid_provi
  * @param $request
  *      Keyed array holding the request that was received
  */
-function openid_provider_ax_response_process($response = array(), $request = array()) {
+function openid_provider_ax_response_process($response = array(), $request = array(), $uid = FALSE) {
+  if (!$uid) {
+    global $user;
+    $uid = $user->uid;
+  }
+
   $processed = array();
   // OPENID Attribute Exchange was requested hence get the alias per
   // OPENID specification and then determine the type of request it was
@@ -55,8 +92,32 @@ function openid_provider_ax_response_pro
     $attributes = openid_provider_ax_parse_request($request, $alias);
     switch ($request_type) {
       case 'fetch_request':
-        $processed = array_merge($processed, module_invoke_all('openid_provider_ax', 'load', $attributes, $request));
+        $processed = array_merge($processed, module_invoke_all('openid_provider_ax', 'load', $attributes, $uid));
         $processed = array_merge($processed, array($alias_key => OPENID_PROVIDER_AX, sprintf('openid%smode', $alias) => 'fetch_response'));
+
+        // Relying Party asks for updates.
+        if (isset($request['openid.ax.update_url']) && valid_url($request['openid.ax.update_url'])) {
+          // Verify realm with update_url
+          $realm_verified = ($request['openid.realm'] == substr($request[sprintf('openid%supdate_url', $alias)], 0, strlen($request['openid.realm']))) ? TRUE : FALSE;
+
+          if ($realm_verified) {
+            $claimed_id = $request['openid.claimed_id'];
+            $update_url = $request['openid.ax.update_url'];
+
+            $processed = array_merge($processed, array($alias_key => OPENID_PROVIDER_AX, sprintf('openid%supdate_url', $alias) => $update_url));
+            $update = array();
+            if (db_result(db_query("SELECT COUNT(uid) FROM {openid_provider_ax} WHERE update_url = '%s' AND uid = %d", $update_url, $uid))) {
+              $update = array('update_url', 'uid');
+            }
+            $record = new stdClass();
+            $record->uid = $uid;
+            $record->claimed_id = $claimed_id;
+            $record->request = serialize($request);
+            $record->response = serialize($response);
+            $record->update_url = $update_url;
+            drupal_write_record('openid_provider_ax', $record, $update);
+          }
+        }
         break;
       case 'store_request':
         break;