openid controller - This is the controller for the openid service
this is the controller for doing the openid stuffhttps://server/openid/<functionname>
This sets up a association (encryption key) bewtween the ID Provider and the consumer
This function is used to login
- user - user to login realm - in which realm the user should login pass - password
- JSON response
This function is called, when the used needs to verify that he is willing to authenticate for a relying party
This is called when the user accepts - hit the submit button - that he will login to the consumer
This method is used by the consumer to authenticate like this: https://server/openid/id/<user>
- The request flow is:
- -> GET /openid/id -> GET /openid/yadis -> POST /openid/openidserver -> assocication -> POST /openid/openidserver -> checkid setup
This is the redirect of the first template
This action deletes the cookie and redirects to the /openid/status to show the login status
If the logout is called in the context of an openid authentication, the user is already logged in as a different user. In this case we forward to the /openid/login page after the logout was made.
Another option for the openid authentication context would be to redirect to the return_to url by settingredirect_to = params[“openid.return_to”] p[“openid.mode”] = “setup_needed”
which advises the openid relying party to restart the login process.
This is the so called server endpoint, that decides, if the user is authenticated or not. and returns to the given “openid.” either directly or after authenticating the user openid.claimed_id.
This shows the login status.