+ ArgBuf = NewStrBufPlain(argbuf, -1);
+
+ oiddata->verified = 0;
+ oiddata->claimed_id = NewStrBufPlain(NULL, StrLength(ArgBuf));
+ return_to = NewStrBufPlain(NULL, StrLength(ArgBuf));
+
+ StrBufExtract_NextToken(oiddata->claimed_id, ArgBuf, &Pos, '|');
+ StrBufExtract_NextToken(return_to, ArgBuf, &Pos, '|');
+
+ syslog(LOG_DEBUG, "User-Supplied Identifier is: %s", ChrPtr(oiddata->claimed_id));
+
+ /********** OpenID 2.0 section 7.3 - Discovery **********/
+
+ /* Section 7.3.1 says we have to attempt XRI based discovery.
+ * No one is using this, no one is asking for it, no one wants it.
+ * So we're not even going to bother attempting this mode.
+ */
+
+ /* Attempt section 7.3.2 (Yadis discovery) and section 7.3.3 (HTML discovery);
+ */
+ discovery_succeeded = perform_openid2_discovery(oiddata->claimed_id);
+
+ if (discovery_succeeded == 0) {
+ cprintf("%d There is no OpenID identity provider at this location.\n", ERROR);
+ }
+
+ else {
+ /*
+ * If we get to this point we are in possession of a valid OpenID Provider URL.
+ */
+ syslog(LOG_DEBUG, "OP URI '%s' discovered using method %d",
+ ChrPtr(oiddata->op_url),
+ discovery_succeeded
+ );
+
+ /* We have to "normalize" our Claimed ID otherwise it will cause some OP's to barf */
+ if (cbmstrcasestr(ChrPtr(oiddata->claimed_id), "://") == NULL) {
+ StrBuf *cid = oiddata->claimed_id;
+ oiddata->claimed_id = NewStrBufPlain(HKEY("http://"));
+ StrBufAppendBuf(oiddata->claimed_id, cid, 0);
+ FreeStrBuf(&cid);
+ }
+
+ /*
+ * OpenID 2.0 section 9: request authentication
+ * Assemble a URL to which the user-agent will be redirected.
+ */
+
+ RedirectUrl = NewStrBufDup(oiddata->op_url);
+
+ StrBufAppendBufPlain(RedirectUrl, HKEY("?openid.ns=http:%2F%2Fspecs.openid.net%2Fauth%2F2.0"), 0);
+
+ StrBufAppendBufPlain(RedirectUrl, HKEY("&openid.mode=checkid_setup"), 0);
+
+ StrBufAppendBufPlain(RedirectUrl, HKEY("&openid.claimed_id="), 0);
+ StrBufUrlescAppend(RedirectUrl, oiddata->claimed_id, NULL);
+
+ StrBufAppendBufPlain(RedirectUrl, HKEY("&openid.identity="), 0);
+ StrBufUrlescAppend(RedirectUrl, oiddata->claimed_id, NULL);
+
+ StrBufAppendBufPlain(RedirectUrl, HKEY("&openid.return_to="), 0);
+ StrBufUrlescAppend(RedirectUrl, return_to, NULL);
+
+/*
+ We probably have to do something here to set up Simple Registration
+ StrBufAppendBufPlain(RedirectUrl, HKEY("&openid.sreg.optional="), 0);
+ StrBufUrlescAppend(RedirectUrl, NULL, "nickname,email,fullname,postcode,country,dob,gender");
+*/
+
+ syslog(LOG_DEBUG, "OpenID: redirecting client to %s", ChrPtr(RedirectUrl));
+ cprintf("%d %s\n", CIT_OK, ChrPtr(RedirectUrl));
+ }
+
+ FreeStrBuf(&ArgBuf);
+ FreeStrBuf(&ReplyBuf);
+ FreeStrBuf(&return_to);
+ FreeStrBuf(&RedirectUrl);
+}
+
+
+/*
+ * Finalize an OpenID authentication
+ */
+void cmd_oidf(char *argbuf) {
+ long len;
+ char buf[2048];
+ char thiskey[1024];
+ char thisdata[1024];
+ HashList *keys = NULL;
+ const char *Key;
+ void *Value;
+ ctdl_openid *oiddata = (ctdl_openid *) CC->openid_data;
+
+ if (oiddata == NULL) {
+ cprintf("%d run OIDS first.\n", ERROR + INTERNAL_ERROR);
+ return;
+ }
+ if (StrLength(oiddata->op_url) == 0){
+ cprintf("%d No OpenID Endpoint URL has been obtained.\n", ERROR + ILLEGAL_VALUE);