Don't spoof the HTTP method for OpenID, that's just a bad idea.

omniauth · Jan 12, 2011 · 96ca2e6 · 96ca2e6
1 parent dd4e375
commit 96ca2e6
Showing 1 changed file with 0 additions and 7 deletions.
diff --git a/oa-openid/lib/omniauth/strategies/open_id.rb b/oa-openid/lib/omniauth/strategies/open_id.rb
@@ -55,12 +55,6 @@ def dummy_app
         )}, []]}
       end
 
-      def callback_url
-        uri = URI.parse(request.url)
-        uri.path += '/callback'
-        uri.to_s
-      end
-
       def identifier
         options[:identifier] || request[IDENTIFIER_URL_PARAMETER]
       end
@@ -88,7 +82,6 @@ def get_identifier
       end
 
       def callback_phase
-        env['REQUEST_METHOD'] = 'GET'
         openid = Rack::OpenID.new(lambda{|env| [200,{},[]]}, @store)
         openid.call(env)
         @openid_response = env.delete('rack.openid.response')