Issue openid#125 - Addressing missing server url in check_signature m…

…ethod
rbebersole · May 27, 2020 · ba2f31c · ba2f31c
1 parent 13a88ad
commit ba2f31c
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/lib/openid/consumer/idres.rb b/lib/openid/consumer/idres.rb
@@ -203,6 +203,21 @@ def verify_return_to_base(msg_return_to)
 
       # Raises ProtocolError if the signature is bad
       def check_signature
+        # ----------------------------------------------------------------------
+        # The server url must be defined within the endpoint instance for the
+        # OpenID2 namespace in order for the signature check to complete
+        # successfully.
+        #
+        # This fix corrects issue #125 - Unable to complete OpenID login
+        #                                with ruby-openid 2.9.0/2.9.1
+        # ---------------------------------------------------------------------
+        set_endpoint_flag = false
+        if @endpoint.nil? && openid_namespace == OPENID2_NS
+          @endpoint = OpenIDServiceEndpoint.new
+          @endpoint.server_url = fetch('op_endpoint')
+          set_endpoint_flag = true
+        end
+
         if @store.nil?
           assoc = nil
         else
@@ -223,6 +238,7 @@ def check_signature
             raise ProtocolError, "Bad signature in response from #{server_url}"
           end
         end
+        @endpoint = nil if set_endpoint_flag  # Clear endpoint if we defined it.
       end
 
       def check_auth