Rails + openid-login generator = Parameter action does not match return_to URL
Tick
theaterfire at yahoo.com
Thu Jan 24 08:35:13 PST 2008
I'm working from the OpenID login generator included in the ruby-openid
2.0.3 gem. I'm starting a new Rails 2.0.2 project. The generator
provided me with 'login' and 'complete' actions under my 'openid'
controller. These begin and complete authentication:
openid_url = params[:openid_url]
if request.post?
request = consumer.begin(openid_url)
# CheckIDRequest has no #status; holdover code from old ruby-openid?
#case request.status
#when OpenID::SUCCESS
if request
return_to = url_for(:action=> 'complete')
trust_root = url_for(:controller=>'')
url = request.redirect_url(trust_root, return_to)
redirect_to(url)
.
.
.
def complete
response = consumer.complete(params)
.
.
.
I've configured the rest of the skeletal app, and it almost works. When I
drop in my OpenID I'm redirected to my provider, but after I authorize my
site the 'complete' action tells me that verification failed
(response.status == OpenID::FAILURE), and the response.message is
"Parameter action does not match return_to URL". Inspecting the params
hash before it's sent to consumer.complete() shows what I think are the
relevant values:
"controller" => "openid"
"action" => "complete"
"openid.mode" => "id_res"
"openid.return_to" => "http://192.168.6.12:3000/openid/complete?..."
The message appears to be coming from openid/consumer/idres.rb:172, but my
Rails-fu isn't strong enough to figure out what that section of code is
supposed to be doing. Do I need to make changes to my consumer.begin() or
consumer.complete() calls?
Thanks very much for any help.
____________________________________________________________________________________
Looking for last minute shopping deals?
Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping
More information about the Dev
mailing list