diff options
Diffstat (limited to 'lib/PAUSE')
-rw-r--r-- | lib/PAUSE/OpenID/Controller/Root.pm | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/lib/PAUSE/OpenID/Controller/Root.pm b/lib/PAUSE/OpenID/Controller/Root.pm index e0575b8..387429e 100644 --- a/lib/PAUSE/OpenID/Controller/Root.pm +++ b/lib/PAUSE/OpenID/Controller/Root.pm @@ -31,14 +31,19 @@ PAUSE::OpenID::Controller::Root - Root Controller for PAUSE::OpenID sub index :Path :Args(0) { my ( $self, $c ) = @_; - if ( not defined $c->req->param('openid.return_to') ) { + # 5.2.3 + # If the malformed or invalid message is received by the Relying Party, or "openid.return_to" + # is not present or its value is not a valid URL, the server SHOULD return a response to the end user + # indicating the error and that it is unable to continue. + my $return_to = $c->req->param('openid.return_to'); + # TODO: check if its a valid URL + if ( not defined $return_to ) { #$c->flash->{xml} = '<document><error_message>Missing parameter</error_message></document>'; $c->res->redirect($c->uri_for('/error')); } -$c->stash->{xml} =<<XML; -<document/> -XML + # TODO: generate XML programatically + $c->stash->{xml} = sprintf('<document><config key="url" value="%s"/></document>', $c->config->{'PAUSE::OpenID'}{'baseurl'}); # Pass through parameters (unchecked for now) foreach my $key ( keys %{$c->req->params} ) { @@ -57,6 +62,7 @@ sub error :Local { sub default :Path { my ( $self, $c ) = @_; + $c->response->content_type('text/plain'); $c->response->body( 'Page not found' ); $c->response->status(404); @@ -77,6 +83,7 @@ sub login :Local { $ua->credentials('pause.perl.org:443', 'PAUSE', $username, $password); my $res = $ua->request($req); + # but this is bad as the certificate is checked AFTER the credentials are send :-( die 'pause server certificate validation failed' if exists $res->headers->{'client-ssl-warning'}; |