This is a class to encapsulate information that is useful when interacting with a user to determine if an authentication request can be authorized to succeed. This class provides methods to get the identity URL and trust root from the request that failed. Given those, the server can determine what needs to happen in order to allow the request to proceed, and can ask the user to perform the necessary actions.

The user may choose to either perform the actions or not. If they do, the server should try to perform the request OpenID request again. If they choose not to, and inform the server by hitting some form of cancel button, the server should redirect them back to the consumer with a notification of that for the consumer.

This class provides two approaches for each of those actions. The server can either send the user redirects which will cause the user to retry the OpenID request, or it can help perform those actions without involving an extra redirect, producing output that works like that of OpenIDServer.get_openid_response.

Both approaches work equally well, and you should choose the one that fits into your framework better.

The AuthorizationInfo.retry and AuthorizationInfo.cancel methods produce

status,info

arrays that should be handled exactly like the responses

from OpenIDServer.get_openid_response.

The retry_url and cancel_url attributes return URLs to which the user can be redirected to automatically retry or cancel this OpenID request.