Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
if (req.query && req.query['openid.mode']) {
// The request being authenticated contains an `openid.mode` parameter in
// the query portion of the URL. This indicates that the OpenID Provider
// is responding to a prior authentication request with either a positive or
// negative assertion. If a positive assertion is received, it will be
// verified according to the rules outlined in the OpenID 2.0 specification.
// NOTE: node-openid (0.3.1), which is used internally, will treat a cancel
// response as an error, setting `err` in the verifyAssertion
// callback. However, for consistency with Passport semantics, a
// cancel response should be treated as an authentication failure,
// rather than an exceptional error. As such, this condition is
// trapped and handled prior to being given to node-openid.
if (req.query['openid.mode'] === 'cancel') { return this.fail(); }
var self = this;
this._relyingParty.verifyAssertion(req.url, function(err, result) {
console.log(err, result, req.query)
if (err) { return self.error(err); }
if (!result.authenticated) { return self.error(new Error('OpenID authentication error')); }
var profile = self._parseProfileExt(result);
function validated(err, user) {
if (err) { return self.error(err); }
if (!user) { return self.fail(); }
self.success(user);
}
var arity = self._validate.length;
if (req.query && req.query['openid.mode']) {
// The request being authenticated contains an `openid.mode` parameter in
// the query portion of the URL. This indicates that the OpenID Provider
// is responding to a prior authentication request with either a positive or
// negative assertion. If a positive assertion is received, it will be
// verified according to the rules outlined in the OpenID 2.0 specification.
// NOTE: node-openid (0.3.1), which is used internally, will treat a cancel
// response as an error, setting `err` in the verifyAssertion
// callback. However, for consistency with Passport semantics, a
// cancel response should be treated as an authentication failure,
// rather than an exceptional error. As such, this condition is
// trapped and handled prior to being given to node-openid.
if (req.query['openid.mode'] === 'cancel') { return this.fail({ message: 'OpenID authentication canceled' }); }
var self = this;
this._relyingParty.verifyAssertion(req.url, function(err, result) {
if (err) { return self.error(new InternalOpenIDError('Failed to verify assertion', err)); }
if (!result.authenticated) { return self.error(new Error('OpenID authentication failed')); }
var profile = self._parseProfileExt(result);
var pape = self._parsePAPEExt(result);
var oauth = self._parseOAuthExt(result);
function verified(err, user, info) {
if (err) { return self.error(err); }
if (!user) { return self.fail(info); }
self.success(user, info);
}
}
x(uriParams, 'openid.identity', data, 'openid_url');
x(uriParams, 'oid-srv', data, 'openid_server');
$('rf_openId').value = uriParams['openid.identity'];
$('rf_is_agreed').checked = true;
hiddenCreate('oid-data', null, OAT.JSON.stringify(data));
var tbl = $('rf_table_1');
addProfileRowInput(tbl, 'Login Name', 'rf_uid_1', {value: data['nick'], width: '150px'});
addProfileRowInput(tbl, 'E-Mail', 'rf_email_1', {value: data['mbox'], width: '300px'});
if (data['name'])
addProfileRowValue(tbl, 'Full Name', data['name']);
rfCheckUpdate(1);
}
else if (typeof (uriParams['openid.mode']) != 'undefined' && uriParams['openid.mode'] == 'cancel')
{
alert('OpenID Authentication Failed');
}
}
}
}
if (($v('mode') == 'html') && typeof (uriParams['form']) != 'undefined' && uriParams['form'] == 'register')
lfRegisterSubmit(null, true);
if (($("lf") && regData.loginSslEnable) || ($("rf") && regData.sslEnable)) {
var x = function(data) {
var x2 = function(prefix) {
OAT.Dom.show(prefix+"_tab_3");
var tbl = $(prefix+'_table_3');
if (tbl) {
OAT.Dom.unlink(prefix+'_table_3_throbber');
var _getAssertionError = function(params)
{
if(!_isDef(params))
{
return 'Assertion request is malformed';
}
else if(params['openid.mode'] == 'error')
{
return params['openid.error'];
}
else if(params['openid.mode'] == 'cancel')
{
return 'Authentication cancelled';
}
return null;
}
var _getAssertionError = function(params)
{
if(!_isDef(params))
{
return 'Assertion request is malformed';
}
else if(params['openid.mode'] == 'error')
{
return params['openid.error'];
}
else if(params['openid.mode'] == 'cancel')
{
return 'Authentication cancelled';
}
return null;
}
var _getAssertionError = function(params)
{
if(!_isDef(params))
{
return 'Assertion request is malformed';
}
else if(params['openid.mode'] == 'error')
{
return params['openid.error'];
}
else if(params['openid.mode'] == 'cancel')
{
return 'Authentication cancelled';
}
return null;
}
$('rf_openId').value = uriParams['openid.identity'];
$('rf_is_agreed').checked = true;
if (!data['nick'] || !data['mbox']) {
hiddenCreate('oid-data', null, OAT.JSON.stringify(data));
var tbl = $('rf_table_1');
rfRowInput(tbl, 'Login Name', 'rf_uid_1', {value: data['nick'], width: '150px'});
rfRowInput(tbl, 'E-Mail', 'rf_email_1', {value: data['mbox'], width: '300px'});
if (data['name'])
rfRowValue(tbl, 'Full Name', data['name']);
rfCheckUpdate(1);
} else {
var q = 'mode=1&data=' + encodeURIComponent(OAT.JSON.stringify(data));
OAT.AJAX.POST ("/ods/api/user.register", q, rfAfterSignup);
}
}
else if (typeof (uriParams['openid.mode']) != 'undefined' && uriParams['openid.mode'] == 'cancel')
{
alert('OpenID Authentication Failed');
}
}
}
if (regData.sslEnable) {
var x = function(data) {
try {
rfSslData = OAT.JSON.parse(data);
} catch (e) {
rfSslData = null;
}
if (rfSslData && rfSslData.iri) {
var prefix = 'rf';
OAT.Dom.show(prefix+"_tab_3");
relyingParty.verifyAssertion(request, function(error, result) {
var isGood = !error && result.authenticated ? '<h1>Success!</h1>' : '<h1>Failed</h1>';
res.writeHead(200, {
'Content-Type': 'text/html'
});
res.write(isGood);
res.write('<p>' + query['openid.assoc_handle'] + '</p>');
res.write('<p>' + query['openid.claimed_id'] + '</p>');
res.write('<p>' + query['openid.identity'] + '</p>');
res.write('<p>' + query['openid.mode'] + '</p>');
res.write('<p>' + query['openid.ns'] + '</p>');
res.write('<p>' + query['openid.op_endpoint'] + '</p>');
res.write('<p>' + query['openid.response_nonce'] + '</p>');
res.write('<p>' + query['openid.return_to'] + '</p>');
res.write('<p>' + query['openid.sig'] + '</p>');
res.write('<p>' + query['openid.signed'] + '</p>');
res.end('bye');
});
});