Updating Janrain OpenID auth library

[quix0rs-gnu-social.git] / extlib / Auth / OpenID / Consumer.php

diff --git a/extlib/Auth/OpenID/Consumer.php b/extlib/Auth/OpenID/Consumer.php
index 021c038988cc3134536c99f0d5da59520afbc6d3..d562e33f354823498e55109b8670256e92672093 100644 (file)
--- a/extlib/Auth/OpenID/Consumer.php
+++ b/extlib/Auth/OpenID/Consumer.php
@@ -957,6 +957,10 @@ class Auth_OpenID_GenericConsumer {
             }
 
             if (!$assoc->checkMessageSignature($message)) {
+                // If we get a "bad signature" here, it means that the association
+                // is unrecoverabley corrupted in some way. Any futher attempts
+                // to login with this association is likely to fail. Drop it.
+                $this->store->removeAssociation($server_url, $assoc_handle);
                 return new Auth_OpenID_FailureResponse(null,
                                                        "Bad signature");
             }
@@ -1179,9 +1183,11 @@ class Auth_OpenID_GenericConsumer {
     function _discoverAndVerify($claimed_id, $to_match_endpoints)
     {
         // oidutil.log('Performing discovery on %s' % (claimed_id,))
-        list($unused, $services) = call_user_func($this->discoverMethod,
-                                                  $claimed_id,
-                                                                                                 &$this->fetcher);
+        list($unused, $services) = call_user_func_array($this->discoverMethod,
+                                                        array(
+                                                            $claimed_id,
+                                                            &$this->fetcher,
+                                                        ));
 
         if (!$services) {
             return new Auth_OpenID_FailureResponse(null,