# File lib/rack/auth/openid.rb, line 151
      def initialize(realm, options={})
        realm = URI(realm)
        raise ArgumentError, "Invalid realm: #{realm}" \
          unless realm.absolute? \
          and realm.fragment.nil? \
          and realm.scheme =~ /^https?$/ \
          and realm.host =~ /^(\*\.)?#{URI::REGEXP::PATTERN::URIC_NO_SLASH}+/
        realm.path = '/' if realm.path.empty?
        @realm = realm.to_s

        if ruri = options[:return_to]
          ruri = URI(ruri)
          raise ArgumentError, "Invalid return_to: #{ruri}" \
            unless ruri.absolute? \
            and ruri.scheme  =~ /^https?$/ \
            and ruri.fragment.nil?
          raise ArgumentError, "return_to #{ruri} not within realm #{realm}" \
            unless self.within_realm?(ruri)
          @return_to = ruri.to_s
        end

        @session_key  = options[:session_key]   || 'rack.session'
        @openid_param = options[:openid_param]  || 'openid_identifier'
        @store        = options[:store]         || ::OpenID::Store::Memory.new
        @immediate    = !!options[:immediate]

        @extensions = {}
        if extensions = options.delete(:extensions)
          extensions.each do |ext, args|
            add_extension ext, *args
          end
        end

        # Undocumented, semi-experimental
        @anonymous    = !!options[:anonymous]
      end