From: Christian Weiske <cweiske@cweiske.de>
Date: Fri, 17 Oct 2014 23:50:47 +0000 (+0200)
Subject: normalize identifiers when comparing them
X-Git-Url: https://git.cweiske.de/indieauth-openid.git/commitdiff_plain/896b41b80919e300364f9dc7a1d330d2827cf132?hp=c773a629c4d2cc6afecc514358d2e36b9eb3d4f2

normalize identifiers when comparing them
---

diff --git a/www/index.php b/www/index.php
index 496d7d3..c3b7848 100644
--- a/www/index.php
+++ b/www/index.php
@@ -15,6 +15,7 @@
  */
 
 require_once 'Net/URL2.php';
+require_once 'OpenID.php';
 require_once 'OpenID/RelyingParty.php';
 require_once 'OpenID/Message.php';
 require_once 'OpenID/Exception.php';
@@ -139,7 +140,7 @@ if (isset($_GET['openid_mode']) && $_GET['openid_mode'] != '') {
 
     $message = new \OpenID_Message($queryString, \OpenID_Message::FORMAT_HTTP);
     $id      = $message->get('openid.claimed_id');
-    if ($id != $_SESSION['me']) {
+    if (OpenID::normalizeIdentifier($id) != OpenID::normalizeIdentifier($_SESSION['me'])) {
         error(
             sprintf(
                 'Given identity URL "%s" and claimed OpenID "%s" do not match',