Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

try_login + google provider = Invalid openid on some machines #11

Closed
pythonmobile opened this issue Aug 10, 2012 · 4 comments
Closed

try_login + google provider = Invalid openid on some machines #11

pythonmobile opened this issue Aug 10, 2012 · 4 comments

Comments

@pythonmobile
Copy link

The example.py - oid.try_login line - gives me openid invalid when i enter a gmail id (yahoo ids do get me to the yahoo webpage). I am on a windows box, and I inserted some print statements in the try_login function -- and found that "except discover.DiscoveryFailure:" was being triggered with this particular exception: <class 'openid.yadis.discover.DiscoveryFailure'>.

Any ideas what is going wrong or how to debug this?

=================> pip freeze on this win box.

flask==0.9
flask-babel==0.8
flask-cache==0.4.0
flask-mail==0.6.1
flask-principal==0.2
flask-script==0.3.1
flask-sqlalchemy==0.15
flask-testing==0.3
flask-themes==0.1.3
flask-wtf==0.5.2
Flask-OpenID==1.0.1
python-openid==2.2.5
pyOpenSSL==0.13
@pythonmobile
Copy link
Author

If I try python-openid\examples\consumer.py on this box, and feed it google id url =

https://www.google.com/accounts/o8/id

I get the following error:

Error in discovery: Error fetching XRDS document: (60, 'SSL certificate problem, verify that the CA cert is OK. Details:\nerror:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed')

I tried reinstalling pyopenssl just in case. Did not help.

@dhandeo
Copy link

dhandeo commented Mar 5, 2013

I started getting same error this week

DiscoveryFailure: Error fetching XRDS document: (60, 'SSL certificate problem: unable to get local issuer certificate')

File "C:\Python27\lib\site-packages\flask_openid.py", line 478, in try_login
auth_request = consumer.begin(identity_url)

Please someone help

Update

I traced down the error to fetcher.fetch(), my fetcher for CurlFetcher which was generating this error. Uninstalling pycurl (which was not official build) solved the problem

@alexandersimoes
Copy link

I was also getting a similar issue when trying to login from my live server setup but not locally and only when trying to login with google, other providers worked fine. What I needed to do to get this to work was remove some of the items in the "ask_for" parameter of my try_login function.

@puiterwijk
Copy link
Collaborator

This looks like they might have had some issues with their certificates, or perhaps that your local trusted CA list did not incorporate their CA.
If you see this happening again, please reopen the ticket.

@EpocDotFr EpocDotFr mentioned this issue Jul 17, 2018
Closed
@pythonmobile pythonmobile mentioned this issue Jul 24, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@alexandersimoes @dhandeo @puiterwijk @pythonmobile