summaryrefslogtreecommitdiff
path: root/plugins/OpenID/openidserver.php
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/OpenID/openidserver.php')
-rw-r--r--plugins/OpenID/openidserver.php15
1 files changed, 13 insertions, 2 deletions
diff --git a/plugins/OpenID/openidserver.php b/plugins/OpenID/openidserver.php
index f7e3a45f2..b2cf1f8ac 100644
--- a/plugins/OpenID/openidserver.php
+++ b/plugins/OpenID/openidserver.php
@@ -23,6 +23,7 @@
* @package StatusNet
* @author Craig Andrews <candrews@integralblue.com>
* @copyright 2008-2009 StatusNet, Inc.
+ * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
@@ -43,6 +44,7 @@ require_once(INSTALLDIR.'/plugins/OpenID/User_openid_trustroot.php');
* @category Settings
* @package StatusNet
* @author Craig Andrews <candrews@integralblue.com>
+ * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
@@ -69,7 +71,11 @@ class OpenidserverAction extends Action
//cannot prompt the user to login in immediate mode, so answer false
$response = $this->generateDenyResponse($request);
}else{
- /* Go log in, and then come back. */
+ // Go log in, and then come back.
+ //
+ // Note: 303 redirect rather than 307 to avoid
+ // prompting user for form resubmission if we
+ // were POSTed here.
common_set_returnto($_SERVER['REQUEST_URI']);
common_redirect(common_local_url('login'), 303);
return;
@@ -90,7 +96,12 @@ class OpenidserverAction extends Action
$this->oserver->encodeResponse($denyResponse); //sign the response
$_SESSION['openid_allow_url'] = $allowResponse->encodeToUrl();
$_SESSION['openid_deny_url'] = $denyResponse->encodeToUrl();
- //ask the user to trust this trust root
+
+ // Ask the user to trust this trust root...
+ //
+ // Note: 303 redirect rather than 307 to avoid
+ // prompting user for form resubmission if we
+ // were POSTed here.
common_redirect(common_local_url('openidtrust'), 303);
return;
}
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-11-17 08:56:59 +0000