Problem with external openid provider #41

Closed
srounet opened this Issue Dec 17, 2010 · 4 comments

Comments

Projects
None yet
4 participants

srounet commented Dec 17, 2010

I'm trying to connect with AppDirect-openid ( www.appdirect.com ) and I'm facing that issue:

provider url : https://www.appdirect.com/AppDirect/openid/id
provider documentation : https://www.appdirect.com/AppDirect/openid/op

Socialauth issue :
Generated checkid_setup request to https://www.appdirect.com/AppDirect/openid/op with assocication a68180c5cbcfaa3d
[16/Dec/2010 21:34:11] "GET /accounts/openid/?action=verify&openid_next=&openid_identifier=https%3A%2F%2Fwww.appdirect.com%2FAppDirect%2Fopenid%2Fid HTTP/1.1" 302 0
Error attempting to use stored discovery information: <openid.consumer.consumer.TypeURIMismatch: Required type http://specs.openid.net/auth/2.0/signon not found in ['http://specs.openid.net/auth/2.0/server', 'http://openid.net/srv/ax/1.0', 'http://openid.net/sreg/1.0', 'http://openid.net/extensions/sreg/1.1'] for endpoint <openid.consumer.discover.OpenIDServiceEndpoint server_url='https://www.appdirect.com/AppDirect/openid/op' claimed_id=None local_id=None canonicalID=None used_yadis=True >>
Attempting discovery to verify endpoint
Performing discovery on https://www.appdirect.com/AppDirect/openid/id/9807cf99-894f-4393-bb22-0d53e71fd1b8
Received id_res response from https://www.appdirect.com/AppDirect/openid/op using association 13cffc990062bdf7
Using OpenID check_authentication
op_endpoint
claimed_id
identity
return_to
response_nonce
assoc_handle
sreg.nickname
sreg.email
sreg.fullname
check_authentication failed: Malformed HTTP header line in response: ''
[16/Dec/2010 21:34:18] "GET /accounts/openid/complete/?janrain_nonce=2010-12-16T20%3A34%3A11Z4sgeHX&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.op_endpoint=https%3A%2F%2Fwww.appdirect.com%2FAppDirect%2Fopenid%2Fop&openid.claimed_id=https%3A%2F%2Fwww.appdirect.com%2FAppDirect%2Fopenid%2Fid%2F9807cf99-894f-4393-bb22-0d53e71fd1b8&openid.response_nonce=2010-12-16T20%3A34%3A15Z0&openid.mode=id_res&openid.identity=https%3A%2F%2Fwww.appdirect.com%2FAppDirect%2Fopenid%2Fid%2F9807cf99-894f-4393-bb22-0d53e71fd1b8&openid.return_to=http%3A%2F%2F192.168.104.209%3A8000%2Faccounts%2Fopenid%2Fcomplete%2F%3Fjanrain_nonce%3D2010-12-16T20%253A34%253A11Z4sgeHX&openid.invalidate_handle=a68180c5cbcfaa3d&openid.assoc_handle=13cffc990062bdf7&openid.signed=op_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle%2Csreg.nickname%2Csreg.email%2Csreg.fullname&openid.sig=ig%2BEPpBDBaXsQB9dMCoqREfgLd9Ky%2BEib02Nr%2FX5Dfs%3D&openid.ns.sreg=http%3A%2F%2Fopenid.net%2Fsreg%2F1.0&openid.sreg.nickname=fabien%40revolunet.com&openid.sreg.email=fabien%40revolunet.com&openid.sreg.fullname=Fabien+xxxx&openid.ns.ext2=http%3A%2F%2Fopenid.net%2Fsrv%2Fax%2F1.0&openid.ext2.mode=fetch_response&openid.ext2.type.ext0=http%3A%2F%2Faxschema.org%2FnamePerson&openid.ext2.value.ext0=Fabien+xxxx&openid.ext2.type.ext2=http%3A%2F%2Faxschema.org%2Fcontact%2Femail&openid.ext2.value.ext2=fabien%40revolunet.com HTTP/1.1" 200 1168

It's well working with yahoo, gmail.

Member

tuxcanfly commented Dec 18, 2010

My guess is this must have something to do with the openid provider (appdirect). I have signed up for an account, but until my account gets activated, I can't debug this.

srounet commented Dec 19, 2010

I traced the code a bit and the Malformated HTTP header is thrown during the process of:
openid_response = consumer.complete(query_dict, url)

in: https://github.com/agiliq/Django-Socialauth/blob/master/openid_consumer/views.py
line: 180

Here is a little more debug.

(u'openid.response_nonce', u'2010-12-19T13:42:36Z0')
(u'openid.ns.sreg', u'http://openid.net/sreg/1.0')
(u'openid.signed', u'op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle,sreg.nickname,sreg.email,sreg.fullname')
(u'openid.sreg.email', u'fabien@xxx.com')
(u'openid.op_endpoint', u'https://www.appdirect.com/AppDirect/openid/op')
(u'openid.ns.ext2', u'http://openid.net/srv/ax/1.0')
(u'openid.identity', u'https://www.appdirect.com/AppDirect/openid/id/9807cf99-894f-4393-bb22-0d53e71fd1b8')
(u'openid.ext2.mode', u'fetch_response')
(u'openid.return_to', u'http://127.0.0.1:8000/accounts/openid/complete/?janrain_nonce=2010-12-19T13%3A42%3A33Zv4XpzV')
(u'janrain_nonce', u'2010-12-19T13:42:33Zv4XpzV')
(u'openid.claimed_id', u'https://www.appdirect.com/AppDirect/openid/id/9807cf99-894f-4393-bb22-0d53e71fd1b8')
(u'openid.sreg.nickname', u'fabien@xxx.com')
(u'openid.ext2.value.ext2', u'fabien@xxx.com')
(u'openid.ext2.value.ext0', u'Fabien xxx')
(u'openid.mode', u'id_res')
(u'openid.sig', u'2HIWUjgiHLb5tZwA7WqXO5NuCpZ09pu5pizGqbis6UA=')
(u'openid.invalidate_handle', u'a68180c5cbcfaa3d')
(u'openid.ns', u'http://specs.openid.net/auth/2.0')
(u'openid.sreg.fullname', u'Fabien xxx')
(u'openid.ext2.type.ext0', u'http://axschema.org/namePerson')
(u'openid.ext2.type.ext2', u'http://axschema.org/contact/email')
(u'openid.assoc_handle', u'94f20ce03046a242')

{'openid.response_nonce': '2010-12-19T13:42:36Z0', 'openid.ns.sreg': 'http://openid.net/sreg/1.0', 'openid.signed': 'op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle,sreg.nickname,sreg.email,sreg.fullname', 'openid.sreg.email': 'fabien@xxx.com', 'openid.op_endpoint': 'https://www.appdirect.com/AppDirect/openid/op', 'openid.ns.ext2': 'http://openid.net/srv/ax/1.0', 'openid.identity': 'https://www.appdirect.com/AppDirect/openid/id/9807cf99-894f-4393-bb22-0d53e71fd1b8', 'openid.ext2.mode': 'fetch_response', 'openid.return_to': 'http://127.0.0.1:8000/accounts/openid/complete/?janrain_nonce=2010-12-19T13%3A42%3A33Zv4XpzV', 'janrain_nonce': '2010-12-19T13:42:33Zv4XpzV', 'openid.claimed_id': 'https://www.appdirect.com/AppDirect/openid/id/9807cf99-894f-4393-bb22-0d53e71fd1b8', 'openid.sreg.nickname': 'fabien@xxx.com', 'openid.ext2.value.ext2': 'fabien@xxx.com', 'openid.ext2.value.ext0': 'Fabien xxx', 'openid.mode': 'id_res', 'openid.sig': '2HIWUjgiHLb5tZwA7WqXO5NuCpZ09pu5pizGqbis6UA=', 'openid.invalidate_handle': 'a68180c5cbcfaa3d', 'openid.ns': 'http://specs.openid.net/auth/2.0', 'openid.sreg.fullname': 'Fabien xxx', 'openid.ext2.type.ext0': 'http://axschema.org/namePerson', 'openid.ext2.type.ext2': 'http://axschema.org/contact/email', 'openid.assoc_handle': '94f20ce03046a242'}
http://127.0.0.1:8000/accounts/openid/complete/
Error attempting to use stored discovery information:     <openid.consumer.consumer.TypeURIMismatch: Required type http://specs.openid.net/auth/2.0/signon not found in ['http://specs.openid.net/auth/2.0/server', 'http://openid.net/srv/ax/1.0', 'http://openid.net/sreg/1.0', 'http://openid.net/extensions/sreg/1.1'] for endpoint     <openid.consumer.discover.OpenIDServiceEndpoint server_url='https://www.appdirect.com/AppDirect/openid/op' claimed_id=None local_id=None canonicalID=None used_yadis=True >>
Attempting discovery to verify endpoint
Performing discovery on https://www.appdirect.com/AppDirect/openid/id/9807cf99-894f-4393-bb22-0d53e71fd1b8
Received id_res response from https://www.appdirect.com/AppDirect/openid/op using association 94f20ce03046a242
Using OpenID check_authentication
op_endpoint
claimed_id
identity
return_to
response_nonce
assoc_handle
sreg.nickname
sreg.email
sreg.fullname
check_authentication failed: Malformed HTTP header line in response: ''
Member

tuxcanfly commented Dec 20, 2010

Hi Fabien.
Thanks for the stacktrace, that was helpful.

I did a little more digging and found this:
openid/php-openid@2370ac1

python-openid raises an error if there's an invalid header, while php-openid does not(?)
Anyway, the offending line is:
https://github.com/openid/python-openid/blob/master/openid/fetchers.py#L270

Maybe you can try fiddling with fetchers.py and debug?

sweis commented Feb 2, 2011

Hello. I think this may have been an issue with the AppDirect openid provider. There was one issue due to the Attribute Exchange fields were not being signed. I was able to get it working with django-socialauth from a local machine.

I am not sure whether this is related to the malformed HTTP header issue. Can anyone verify that they are still having an issue with this?

@shabda shabda closed this Sep 25, 2013

@patrickporto patrickporto referenced this issue in openid/python-openid Aug 13, 2014

Open

Remove unwanted exceptions in fetches #79

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment