Succeeds if Request comes from the OpenID server and confirms
that User is a verified OpenID user. ReturnTo provides the URL
to return to.
After openid_verify/2 has redirected the browser to the OpenID
server, and the OpenID server did its magic, it redirects the
browser back to this address. The work is fairly trivial. If
mode is cancel, the OpenId server denied. If id_res, the
OpenId server replied positive, but we must verify what the
server told us by checking the HMAC-SHA signature.
This call fails silently if their is no openid.mode field in
the request.
- throws
- -
openid(cancel)
if request was cancelled by the OpenId server - -
openid(signature_mismatch)
if the HMAC signature check failed
