Php OpenID consumer in dumb mode
Sébastien Brault
please.no.more.spam at gmail.com
Wed Jul 9 15:31:46 PDT 2008
Hi all,
I have always a problem trying to run the Janrain library in dumb
mode. I add some logs in the library to best understand what's wrong.
I use the 2.1.1 version of the php library and use the sample client
code provided with the library.
In the sample code I just replaced the file store by a dumb store, the
code of the getStore method became :
function getStore() {
return new
Auth_OpenID_DumbStore('qsfdf5876q56f46sfffsf0709csff09870994dfqqs84df6iz56s4f64s4q4f');
}
When I try to authenticate, the library starts with and association
request (strange in dumb mode, no ?)
- request parameters:
openid.assoc_type : HMAC-SHA1
openid.dh_consumer_public :
f1qFEK5UOlCPwDjs3vFaw10FM69Iz+FBNSHa11lvBHv94h4cWVZMlXZKqBdJls2/7Odevh62tTR7PJ/rIsxEUHw4vxJaICMVQgHk5mHrQd4xaeAVfACt0epP8XempjPsEjeFgwqBHghjVNk+lfBVB5Ffr0mMKBmV4Z91RCLK6oI=
openid.dh_gen : Ag==
openid.dh_modulus :
ANz5OguIOXLsDhmYmsWizjEOHTdxfo2Vcbt2I3MYZuYe91ouJ4mLBX+YkcLiemOcPym2CBRYHNOyyjmG0mg3BVd9RcLn5S3IHHoXGHblzqdLFEi/368Ygo79JRnxTkXjgmY0rxlJ5bU1zIKaSDuKdiI+XUkKJX8Fvf8W8vsixYOr
openid.mode : associate
openid.session_type : DH-SHA1
response parameters:
assoc_handle :
{HMAC-SHA1}{4874d64d}{HtI3sA==}
assoc_type : HMAC-SHA1
dh_server_public :
bNCiNRWXtFI6Ppyz9BYytkL0Clx6TcHq9jpfkJwuiBoiYXuOhS2wxzPH1cjQkmgzEuTDDmfHNFkqOsGibMIvICBINxbSP8U7fWyD3VxFdrxlWNlJhB6TUp9TIDkrJ7yu6rreRz+LRmtbcBLpbFWQK+Bf3zqAJzwn0yJ68kSlq+U=
enc_mac_key :
nR7MsWf2g9Ifwjn8C110ZZwuMVw=
expires_in : 1209600
session_type : DH-SHA1
:
- Then the openid request is launched :
Request parameters:
openid.assoc_handle :
{HMAC-SHA1}{4874d64d}{HtI3sA==}
openid.identity :
http://openid.orange.fr/sebastien
openid.mode : checkid_setup
openid.pape.preferred_auth_policies :
openid.return_to :
http://openid-dev.rd.francetelecom.fr:80/consumer/finish_auth.php?janrain_nonce=2008-07-09T15%3A16%3A29ZfPm6sb
openid1_claimed_id :
http%3A%2F%2Fopenid.orange.fr%2Fsebastien
openid.sreg.optional : fullname,email
openid.sreg.required : nickname
openid.trust_root :
http://openid-dev.rd.francetelecom.fr:80/consumer/
Response parameters:
janrain_nonce : 2008-07-09T15:16:29ZfPm6sb
openid1_claimed_id :
http://openid.orange.fr/sebastien
openid.assoc_handle :
{HMAC-SHA1}{4874d64d}{HtI3sA==}
openid.identity :
http://openid.orange.fr/sebastien
openid.mode : id_res
openid.return_to :
http://openid-dev.rd.francetelecom.fr:80/consumer/finish_auth.php?janrain_nonce=2008-07-09T15%3A16%3A29ZfPm6sb
openid1_claimed_id :
http%3A%2F%2Fopenid.orange.fr%2Fsebastien
openid.sig :
1neypKiihccr+fmcNyyofnQNooY=
openid.signed :
mode,identity,return_to,sreg.nickname,sreg.email,sreg.fullname
openid.sreg.email : noe.brault at orange.fr
openid.sreg.fullname : SÃ(c)bastien Brault
openid.sreg.nickname : SÃ(c)bastien Brault
- Then the last check_authetication request :
janrain_nonce : 2008-07-09T15:16:29ZfPm6sb
openid.assoc_handle :
{HMAC-SHA1}{4874d64d}{HtI3sA==}
openid.identity :
http://openid.orange.fr/sebastien
openid.mode : check_authentication
openid.return_to :
http://openid-dev.rd.francetelecom.fr:80/consumer/finish_auth.php?janrain_nonce=2008-07-09T15%3A16%3A29ZfPm6sb
openid1_claimed_id :
http%3A%2F%2Fopenid.orange.fr%2Fsebastien
openid.sig :
1neypKiihccr+fmcNyyofnQNooY=
openid.signed :
mode,identity,return_to,sreg.nickname,sreg.email,sreg.fullname
openid.sreg.email : noe.brault at orange.fr
openid.sreg.fullname : SÃ(c)bastien Brault
openid.sreg.nickname : SÃ(c)bastien Brault
openid1_claimed_id :
http://openid.orange.fr/sebastien
and the response :
is_valid : false
Here the tests are done with the Orange OpenID server, but the result
is the same with myopenid.com server.
It's seems like all input and output parameters are correct. So I
think there is a bug in Janrain lib for dumb mode. Or has anybody been
successful in running in dumb mode with this library ? And can he
provide his client code ?
Best regards.
Sébastien Brault.
More information about the Dev
mailing list