Serialization of Auth_OpenID_CheckIDRequest with "complex" Stores

[vmattila]

We use serialization of Auth_OpenID_CheckIDRequest to store the original checkid request instance at the session when we can't reply with the proper identity immediately (user needs to log in to our IDP). If the Store associated with the server is something "more complex", the serialization does not work (we'll hit some unserializable objects sooner or later in the object graph).

I think this is due the $server property, set in the _CheckIDRequest's constructor.

In our server implementation, we do currently unset $server whenever the Request is serialized. In turn the $server is reset upon unserialization. I feel this a bit hacky - so just asking if there is any better way to do it? Or should the Auth_OpenID_Request code get refactored to better support storing it externally?

[timcappalli]

This repo is being archived. Closing issue.