Doesn't work with gmail address #66

jnape opened this Issue Mar 11, 2012 · 4 comments


None yet

4 participants

jnape commented Mar 11, 2012


The exact example code you've provided in the README file fails for my gmail address. After inputting it into the text box and clicking submit, I'm successfully taken to the gmail auth page, where I'm asked if I want to provide access to "Localhost" (which I say yes to), then when I'm redirected back, I get "Failure :(".

Have you tested this with Gmail?

samcoe commented Mar 20, 2012

What was the the error that you are getting? I also got a error using this with a gmail adress. I was able to fix it by changing line 1073 in openid.js.

My Version:
if(!provider.version || provider.version != params['openid.ns'] || !provider.endpoint || provider.endpoint != params['openid.op_endpoint'])

if(!provider.version || provider.version != params['openid.ns'])

Basically what I found is that google was sending back the providers for all of their services and the checks that were being used to pick the correct provider was matching up with the incorrect one. Hopefully that helps you!

havard commented Mar 23, 2012

@samcoe Could you provide a patch?

havard commented Apr 12, 2012

I have tested the fix and found it to only fix part of the problem. Canonicalization of claimed identifiers is needed.

tristau commented Apr 20, 2012

I added a fix myself, although I haven't tried that many openId providers (just myOpenID and google). Also I'm not sure if there is any security concerns. I added a second IF statement in the _verifyAssertionAgainstProvider function:

if(provider.version.indexOf('2.0') !== -1 && provider.endpoint != params['openid.op_endpoint'])
if (provider.endpoint != params['openid.op_endpoint'].substring(0, params['openid.op_endpoint'].indexOf('?', 0))) {
return callback({ message: 'OpenID provider endpoint in assertion response does not match discovered OpenID provider endpoint' });

@havard havard closed this in f40afcc Apr 22, 2012
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment