Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
The URL in the function openid_provider_unsolicited_assertion()
is getting formed badly. The arguments for the function strpos() are mixed up, as well as the result of the conditional statement are wrong.
Further I saw some notices in the comments of this function:
* It is unclear what this function is for. It is not used anywhere,
* and looks like a "10.1. Positive Assertions", but that's what
* openid_provider_authentication_response() does...
* @todo figure out what this does or get rid of it.
Trying to explain: This function is getting used when a OpenID provider wants to do an unsolicited assertion. This happens for example in the OpenID Provider AX module in order to exchange attributes from a OP that had been changed to relying parties.
Comment | File | Size | Author |
---|---|---|---|
#1 | fixing_unsolicited_assertion_function-1913154-1.patch | 1.14 KB | xamanu |
Comments
Comment #1
xamanu CreditAttribution: xamanu commentedHere is the patch. Removing the comments and fixing the strpos() function call.
Comment #2
anarcat CreditAttribution: anarcat commentedFix committed to 6.x and 7.x, thanks.