[project @ If we're generating user_setup_urls, let's at least do it correctly]

Author: tailor

Auth/OpenID/Server.php

@@ -765,12 +765,17 @@ function make(&$message, $identity, $return_to, $trust_root = null,
 
     function Auth_OpenID_CheckIDRequest($identity, $return_to,
                                         $trust_root = null, $immediate = false,
-                                        $assoc_handle = null, $server = null)
+                                        $assoc_handle = null, $server = null,
+                                        $claimed_id = null)
     {
         $this->namespace = Auth_OpenID_OPENID2_NS;
         $this->assoc_handle = $assoc_handle;
         $this->identity = $identity;
-        $this->claimed_id = $identity;
+        if ($claimed_id === null) {
+            $this->claimed_id = $identity;
+        } else {
+            $this->claimed_id = $claimed_id;
+        }
         $this->return_to = $return_to;
         $this->trust_root = $trust_root;
         $this->server =& $server;
@@ -1098,7 +1103,8 @@ function answer($allow, $server_url = null, $identity = null,
                                                 $this->trust_root,
                                                 false,
                                                 $this->assoc_handle,
-                                                $this->server);
+                                                $this->server,
+                                                $this->claimed_id);
                 $setup_request->message = $this->message;
 
                 $setup_url = $setup_request->encodeToURL($server_url);

Tests/Auth/OpenID/Server.php

@@ -1419,6 +1419,7 @@ function test_answerImmediateDenyOpenID1()
         $this->request->message = $msg;
         $this->request->namespace = $msg->getOpenIDNamespace();
         $this->request->mode = 'checkid_immediate';
+        $this->request->claimed_id = 'http://claimed-id.test/';
         $this->request->immediate = true;
         $server_url = "http://setup-url.unittest/";
         $answer = $this->request->answer(false, $server_url);
@@ -1431,9 +1432,11 @@ function test_answerImmediateDenyOpenID1()
                           $answer->fields->namespaces->isImplicit(Auth_OpenID_OPENID1_NS));
         $this->assertEquals($answer->fields->getArg(Auth_OpenID_OPENID_NS, 'mode'),
                             'id_res');
-        $this->assertTrue(strpos($answer->fields->getArg(Auth_OpenID_OPENID_NS,
-                                                         'user_setup_url'),
-                                 $server_url) == 0);
+
+        $usu = $answer->fields->getArg(Auth_OpenID_OPENID_NS,'user_setup_url');
+        $this->assertTrue(strpos($usu, $server_url) == 0);
+        $expected_substr = 'openid.claimed_id=http%3A%2F%2Fclaimed-id.test%2F';
+        $this->assertTrue(strpos($usu, $expected_substr), $usu);
     }
 
     function test_answerImmediateDenyOpenID2()