interpret this request in any way it pleases. Values must be URL,
the AX object provides a shortcut notation for common attributes.
+.. function:: verify(response, discovery_cache, find_association, nonce_seen) -> signed, claimed_id
+ Process an authentication response. *response* is the query string as
+ given in the original URL (i.e. as the CGI variable QUERY_STRING).
+ *discovery_cache* is a function taking an URI and returning the
+ same result as discover would; applications should use it to cache
+ the discovery result between the start of the login process until
+ the user completes the login. If no cache information is found,
+ None shall be returned.
+ *find_association* is a function taking an assoc_handle, and returning
+ a session dictionary or None. The dictionary must minimally contain
+ the assoc_handle and the mac_key.
+ *nonce_seen* is a function taking a nonce, returning a boolean that
+ indicates whether the nonce has been seen. It may also store the
+ nonce as a side-effect; alternatively, the application can
+ separately store it when it successfully processed the
+ authentication request. Nonces older than one hour can be deleted
.. function:: authenticate(session, response) -> None
Process an authentication response. session must be the established
Callers must check openid.response_nonce for replay attacks.
+ Use :func:`verify` instead.
Discovery Utility Functions