def check_auth(nonce, query, server_url)
check_args = OpenID::Util.get_openid_params(query)
check_args["openid.mode"] = "check_authentication"
post_data = OpenID::Util.urlencode(check_args)
ret = @fetcher.post(server_url, post_data)
if ret.nil?
return FAILURE, "unable to post to #{server_url}"
else
url, body = ret
end
results = OpenID::Util.parsekv(body)
is_valid = results.fetch("is_valid", "false")
if is_valid == "true"
invalidate_handle = results["invalidate_handle"]
if invalidate_handle
@store.remove_association(server_url, invalidate_handle)
end
unless @store.use_nonce(nonce)
return FAILURE, "#{server_url}, nonce #{nonce} already used"
end
return SUCCESS, nil
end
error = results["error"]
if error
msg = "error from server: #{error}"
else
msg = "is_valid was false"
end
return FAILURE, msg
end