Server denied check_authentication

S. Alexandre M. Lemaire saeven at saeven.net
Sun Jan 27 17:52:38 PST 2008 

Ok, 

Having hacked the testcase, I did manage to find the problem.  The store seems to be working properly now passing all tests!

At present, I'm left with a new error after the login process:

> Nonce already used or out of range

What should I check?

Appreciated always.
Alex

-----Original Message-----
From: dev-bounces at lists.openidenabled.com [mailto:dev-bounces at lists.openidenabled.com] On Behalf Of S. Alexandre M. Lemaire
Sent: Sunday, January 27, 2008 2:54 PM
To: 'discuss OpenID libraries and development'
Subject: RE: Server denied check_authentication

Hacking into it a bit, I've found the problem, and it has to do with key size on the MySQL tables in which I am storing the data.

Is the handle always necessarily going to be this massive? Rereading the provided generic store, the key index is absolutely huge by default.  This could be a pretty substantial performance hit on a very busy system.



-----Original Message-----
From: dev-bounces at lists.openidenabled.com [mailto:dev-bounces at lists.openidenabled.com] On Behalf Of S. Alexandre M. Lemaire
Sent: Sunday, January 27, 2008 2:01 PM
To: 'discuss OpenID libraries and development'
Subject: RE: Server denied check_authentication

Hi Kevin,

  First, thanks for the response.  The test unit is failing with:

Fatal error: Call to a member function addFailure() on a non-object in D:\php\PEAR\PHPUnit\TestCase.php on line 252

  Checking my "pear list", I am running these versions of PHPUnit and its requirements:

PHPUnit          1.3.2     stable
PHP_Compat       1.5.0     stable

   Is your test case not compatible with 1.3.2?  Should I be using a different version altogether?  Perhaps I am doing something wrong otherwise?  Here's how I'm setting up my store for the test (based on source, couldn't find any docs...):

define('Auth_OpenID_RAND_SOURCE', null); 
$store 				= new OpenIDStore(); // custom store
$store->connection	= DB;
include( "tests/Auth/OpenID/StoreTest.php" );
$test = new Tests_Auth_OpenID_StoreTest();
$test->setUp();
$test->_testStore( $store );


Appreciate your help!
Alex


-----Original Message-----
From: dev-bounces at lists.openidenabled.com [mailto:dev-bounces at lists.openidenabled.com] On Behalf Of Kevin Turner
Sent: Friday, January 25, 2008 6:05 PM
To: dev at lists.openidenabled.com
Subject: Re: Server denied check_authentication

On Fri, 2008-01-25 at 17:08 -0500, S. Alexandre M. Lemaire wrote:
> I’ve got everything working with the JanRain PHP toolkit for OpenID 2,
> using a custom store that goes straight to MySQL (skipping the
> Pear::DB middleman bloat).  The authentication steps and the nonce are
> working perfectly, the return however is failing with: 
> 
> Server denied check_authentication

Unless you have explicitly chosen to use stateless mode, PHP OpenID
should rarely attempt to use check_authentication, as it prefers to use
a stored association whenever possible.  The fact that it's not doing so
suggests that it failed to retrieve an association from the store.

Can you run your custom store through the tests in
Tests/Auth/OpenID/StoreTest.php ?

When your RP makes checkid_setup requests, does it include an assoc_handle?

If so, does the id_res response include an invalidate_handle parameter?

-- 
keturn on https://pibb.com/go/openid and irc.freenode.net#openid


_______________________________________________
Dev mailing list
Dev at lists.openidenabled.com
http://lists.openidenabled.com/mailman/listinfo/dev


_______________________________________________
Dev mailing list
Dev at lists.openidenabled.com
http://lists.openidenabled.com/mailman/listinfo/dev


_______________________________________________
Dev mailing list
Dev at lists.openidenabled.com
http://lists.openidenabled.com/mailman/listinfo/dev

More information about the Dev mailing list