problem with 'check_authentication'
Torbjörn Törnkvist
tobbe at tornkvist.org
Fri Apr 11 04:47:16 PDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I'm implementing the Relaying Part of OpenID in Erlang.
I have some problem getting the last, verification step,
to work (OpenID-2.0, Ch.3 "Protocol Overview", step 7).
The thing is: it do work whith the myvidoop.com provider
but not with myopenid.com or claimid.com.
I'm trying to get the non-association method to work where
in the last step, I send a 'check_authentication' request to
the OP server. The problem is that I get a HTTP 501 return code
back from myopenid.com.
Please see the excerpt from my log below.
### I'm using my own OpenID identifyer: etnt.myopenid.com
=ERROR REPORT==== 11-Apr-2008::09:15:44 ===
logmein.yaws: OpenId="etnt.myopenid.com"
### This is the data I get back from the discovery reply
=ERROR REPORT==== 11-Apr-2008::09:15:45 ===
lazy_bob: ParsedReply =
[{"pavatar","http://www.myopenid.com/image?id=38503"},
{"avatar","http://www.myopenid.com/image?id=38503"},
{"openid.server","http://www.myopenid.com/server"},
{"openid2.provider","http://www.myopenid.com/server"},
{"stylesheet",
"https://www.myopenid.com/static/skins/myopenid.css"}]
### This is what I send in the 'checkid_setup'
=ERROR REPORT==== 11-Apr-2008::09:15:45 ===
CheckIdUrl =
"http://www.myopenid.com/server?openid.ns=http://specs.openid.net/auth/2.0&openid.mode=checkid_setup&openid.claimed_id=http://etnt.myopenid.com/&openid.identity=http://etnt.myopenid.com/&openid.return_to=http://openid.tornkvist.org/lazy_bob.yaws%3Fsession_id%3Dtobbe%26nonce%3D1207898145142297"
### This is the data I get back
=ERROR REPORT==== 11-Apr-2008::09:15:54 ===
lazy_bob.yaws: VerifyResponse = [{"session_id","tobbe"},
{"nonce","1207898145142297"},
{"openid.assoc_handle",
"{HMAC-SHA1}{47ff1029}{7RgFuQ==}"},
{"openid.claimed_id",
"http://etnt.myopenid.com/"},
{"openid.identity",
"http://etnt.myopenid.com/"},
{"openid.mode","id_res"},
{"openid.ns",
"http://specs.openid.net/auth/2.0"},
{"openid.op_endpoint",
"http://www.myopenid.com/server"},
{"openid.response_nonce",
"2008-04-11T07:15:51ZMeRyg4"},
{"openid.return_to",
"http://openid.tornkvist.org/lazy_bob.yaws?session_id=tobbe&nonce=1207898145142297"},
{"openid.sig","wR2q2ruLvChPWGLFt4FzmOssffE="},
{"openid.signed",
"assoc_handle,claimed_id,identity,mode,ns,op_endpoint,response_nonce,return_to,signed"}]
### This is what I send in the 'check_authentication' reuest.
=ERROR REPORT==== 11-Apr-2008::09:15:54 ===
lazy_bob: VerifyReqBody =
"openid.mode=check_authentication&session_id=tobbe&nonce=1207898145142297&openid.assoc_handle={HMAC-SHA1}{47ff1029}{7RgFuQ==}&openid.claimed_id=http://etnt.myopenid.com/&openid.identity=http://etnt.myopenid.com/&openid.ns=http://specs.openid.net/auth/2.0&openid.op_endpoint=http://www.myopenid.com/server&openid.response_nonce=2008-04-11T07:15:51ZMeRyg4&openid.return_to=http://openid.tornkvist.org/lazy_bob.yaws?session_id=tobbe&nonce=1207898145142297&openid.sig=wR2q2ruLvChPWGLFt4FzmOssffE=&openid.signed=assoc_handle,claimed_id,identity,mode,ns,op_endpoint,response_nonce,return_to,signed"
### And here is the reply, which also is causing me my problem
=ERROR REPORT==== 11-Apr-2008::09:15:54 ===
lazy_bob.yaws: VerifyResult = {ok,{{"HTTP/1.1",501,"Method Not
Implemented"},
[{"connection","close"},
{"date","Fri, 11 Apr 2008 07:15:54
GMT"},
{"server","Apache/2.2"},
{"content-length","1292"},
{"content-type",
"text/html; charset=UTF-8"}],
"\n<!DOCTYPE html PUBLIC
\"-//W3C//DTD XHTML 1.0 Transitional//EN\"
\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n<html>\n<head>\n<base
href='https://www.myopenid.com/' />\n<title>myOpenID.com
Error\n</title>\n<style>\nbody {\n font: 80%/1.5em 'Lucida Grande',
'Trebuchet MS', Arial, Helvetica, sans-serif;\n color:
#000;}\n#container {\n width:647px;\n margin: 0 auto;\n background:
#FFF;\n}\n#content {\n padding: 10px;\n text-align: center;\n
border: 4px solid #90d536;;\n}\n#content h1 {\n font-size;
1.5em;\n}\n#footer {\n text-align: right;\n}\n/* links */\na:link
{color: #246c98;}\na:visited {color: #809aab;}\na:hover, a:active,
a.current {color: #FFF; background-color: #246c98; text-decoration:
none;}\n</style>\n</head>\n<body>\n <div id='container'>\n <div
id='content'>\n <h1>myOpenID.com Error\n</h1>\n\n<p>\n An error
has occured while attempting to fulfill your request.\n</p>\n\n<p>\n
A log of this issue has been sent to the software engineering team,
and \n they will address it shortly.\n</p>\n\n<p>\n Thank you, <br
/>\n <a href=\"mailto:support at myopenid.com\">The myOpenID Support
Team</a>\n</p>\n <div>\n <img src=\"/images/logo.gif\">\n
</div>\n </div>\n <div id=\"footer\">\n <a
href=\"http://janrain.com/about/\">About Us</a> |\n © 2008
Janrain, Inc.\n </div>\n</body>\n</html>\n"}}
So, am I doing something wrong, or is myopenid.com broken ?
And if I'm doing something wrong, why does it work with myvidoop.com ?
Best Regards, Toby
(OpenId: http://etnt.myopenid.com or: http://etnt.myvidoop.com )
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFH/0/EbIgXByq3rCMRAiMFAJ9PknWCQ7cPsUJeaIHcilmph0eJsQCfWdHP
KqRmFxNhspH90wdJ3EiR+gM=
=D0aG
-----END PGP SIGNATURE-----
More information about the Dev
mailing list