You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I tried to implement an openid provider using lightopenid. It is accepted by an
lightopenid consumer, but not by sourceforge or test-id.org
I tried to understand the issue but I am lost, this may be a bug in the way we
use lightopenid-provider.
To reproduce
------------
1. Go to: http://test-id.org/OP/Sreg.aspx
2. Enter: https://stendhalgame.org
3. Login using ttttt / ttttt
Error message
-------------
Login failed: The OpenID Provider issued an assertion for an Identifier whose
discovery information did not match.
Assertion endpoint info:
ClaimedIdentifier: https://stendhalgame.org/a/ttttt
ProviderLocalIdentifier: https://stendhalgame.org/a/ttttt
ProviderEndpoint: https://stendhalgame.org/?id=content/account/openid-provider
OpenID version: 2.0 Service Type URIs:
Discovered endpoint info: [{
ClaimedIdentifier: http://specs.openid.net/auth/2.0/identifier_select
ProviderLocalIdentifier: http://specs.openid.net/auth/2.0/identifier_select
ProviderEndpoint: https://stendhalgame.org/?id=content/account/openid-provider
OpenID version: 2.0 Service Type URIs: http://specs.openid.net/auth/2.0/server },]
Our code
--------
Our code is at
http://arianne.cvs.sf.net/viewvc/arianne/stendhal_website/scripts/openid-provide
r.php?revision=1.7&view=markup (Note: the functions showConfirmationForm and
getUserData are not used, yet).
The xrds document is declared by: header('X-XRDS-Location:
'.STENDHAL_LOGIN_TARGET.'/?id=content/account/openid-provider&xrds');
The identifier points to an URL which simply displays a text:
http://arianne.cvs.sf.net/viewvc/arianne/stendhal_website/content/account/a.php?
revision=1.1&view=markup
The OpenidProvider is configured at
http://arianne.cvs.sf.net/viewvc/arianne/stendhal_website/content/account/openid
-provider.php?revision=1.2&view=markup
Original issue reported on code.google.com by HendrikU...@nexgo.de on 17 Jul 2011 at 11:27
The text was updated successfully, but these errors were encountered:
When the authentication process is complete, your provider returns claimed_id =
https://stendhalgame.org/a/ttttt, which is fine. However, this url, when
discovered, doesn't return a proper xrds (it returns server, instead of signon).
In order to fix it, set select_id to false when
https://stendhalgame.org/a/ttttt is accessed, and preferably, xrdsLocation to
something that will also return an xrds with select_id disabled (otherwise it
might not work in some clients).
In other words: don't set select_id to true when an user's identity url is
accessed.
It is documented in example.php (which uses select_id), by the way.
Anyway, thanks for the detailed bug report -- I've been able to (re-)discover
the cause thanks to it.
And thanks for pointing me to a game I didn't play yet.
As usual, report any further problems.
Original comment by mewp...@gmail.com on 17 Jul 2011 at 12:25
Original issue reported on code.google.com by
HendrikU...@nexgo.de
on 17 Jul 2011 at 11:27The text was updated successfully, but these errors were encountered: