From fb1f0f4a0f1e9acb39ee8afd1fcc6c4f3cd7ac4e Mon Sep 17 00:00:00 2001 From: Julien Faissolle Date: Mon, 25 Nov 2013 14:35:39 +0000 Subject: [PATCH] allow functions for returnURL and realm fixes #21 --- lib/passport-openid/strategy.js | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/lib/passport-openid/strategy.js b/lib/passport-openid/strategy.js index 44ec7ee..8a433aa 100644 --- a/lib/passport-openid/strategy.js +++ b/lib/passport-openid/strategy.js @@ -137,13 +137,19 @@ function Strategy(options, verify) { extensions.push(oauth); } - this._relyingParty = new openid.RelyingParty( - options.returnURL, - options.realm, - (options.stateless === undefined) ? false : options.stateless, - (options.secure === undefined) ? true : options.secure, - extensions); - + this._relyingParty = function(req) { + + var returnURL = options.returnURL instanceof Function ? options.returnURL(req) : options.returnURL; + var realm = options.realm instanceof Function ? options.realm(req) : options.realm; + + return new openid.RelyingParty( + returnURL, + realm, + (options.stateless === undefined) ? false : options.stateless, + (options.secure === undefined) ? true : options.secure, + extensions); + } + this._providerURL = options.providerURL; this._identifierField = options.identifierField || 'openid_identifier'; } @@ -180,7 +186,7 @@ Strategy.prototype.authenticate = function(req) { if (req.query['openid.mode'] === 'cancel') { return this.fail({ message: 'OpenID authentication canceled' }); } var self = this; - this._relyingParty.verifyAssertion(req.url, function(err, result) { + this._relyingParty(req).verifyAssertion(req.url, function(err, result) { if (err) { return self.error(new InternalOpenIDError('Failed to verify assertion', err)); } if (!result.authenticated) { return self.error(new Error('OpenID authentication failed')); } @@ -245,7 +251,7 @@ Strategy.prototype.authenticate = function(req) { if (!identifier) { return this.fail(new BadRequestError('Missing OpenID identifier')); } var self = this; - this._relyingParty.authenticate(identifier, false, function(err, providerUrl) { + this._relyingParty(req).authenticate(identifier, false, function(err, providerUrl) { if (err || !providerUrl) { return self.error(new InternalOpenIDError('Failed to discover OP endpoint URL', err)); } self.redirect(providerUrl); });