allow functions for returnURL and realm

fixes jaredhanson#21
jfaissolle · Nov 25, 2013 · fb1f0f4 · fb1f0f4
1 parent 23b3a55
commit fb1f0f4
Showing 1 changed file with 15 additions and 9 deletions.
diff --git a/lib/passport-openid/strategy.js b/lib/passport-openid/strategy.js
@@ -137,13 +137,19 @@ function Strategy(options, verify) {
     extensions.push(oauth);
   }
 
-  this._relyingParty = new openid.RelyingParty(
-    options.returnURL,
-    options.realm,
-    (options.stateless === undefined) ? false : options.stateless,
-    (options.secure === undefined) ? true : options.secure,
-    extensions);
-
+  this._relyingParty = function(req) {
+
+    var returnURL = options.returnURL instanceof Function ? options.returnURL(req) : options.returnURL;
+    var realm = options.realm instanceof Function ? options.realm(req) : options.realm;
+
+    return new openid.RelyingParty(
+      returnURL,
+      realm,
+      (options.stateless === undefined) ? false : options.stateless,
+      (options.secure === undefined) ? true : options.secure,
+      extensions);
+  }
+
   this._providerURL = options.providerURL;
   this._identifierField = options.identifierField || 'openid_identifier';
 }
@@ -180,7 +186,7 @@ Strategy.prototype.authenticate = function(req) {
     if (req.query['openid.mode'] === 'cancel') { return this.fail({ message: 'OpenID authentication canceled' }); }
 
     var self = this;
-    this._relyingParty.verifyAssertion(req.url, function(err, result) {
+    this._relyingParty(req).verifyAssertion(req.url, function(err, result) {
       if (err) { return self.error(new InternalOpenIDError('Failed to verify assertion', err)); }
       if (!result.authenticated) { return self.error(new Error('OpenID authentication failed')); }
 
@@ -245,7 +251,7 @@ Strategy.prototype.authenticate = function(req) {
     if (!identifier) { return this.fail(new BadRequestError('Missing OpenID identifier')); }
 
     var self = this;
-    this._relyingParty.authenticate(identifier, false, function(err, providerUrl) {
+    this._relyingParty(req).authenticate(identifier, false, function(err, providerUrl) {
       if (err || !providerUrl) { return self.error(new InternalOpenIDError('Failed to discover OP endpoint URL', err)); }
       self.redirect(providerUrl);
     });