Oh, and regarding the personal data from Yahoo! that you're not getting and the #fragment suffix... The fragment is part of the legal ClaimedIdentifier and you should store it with your user's data along with the rest of the URL. <br>
<br>Yahoo! doesn't currently support the Sreg or Attribute Exchange extensions, so it doesn't ever provide personal data on its users.<br clear="all"><br>Andrew Arnott
<br><br><div class="gmail_quote">On Wed, Jun 11, 2008 at 6:58 PM, Andrew Arnott <<a href="mailto:andrewarnott@gmail.com">andrewarnott@gmail.com</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Hi Scott,<br><br>You're missing an XRDS document advertised from your Realm URL. Add that (properly filled out) and Yahoo will stop complaining about your site's identity. Nothing has to be done regarding your php-openid library here... it's all just a static XRDS doc. <br>
<br>Here is a sample XRDS doc. Just change the URI tag contents to point at the URL of your login page. <br><br><?xml version="1.0" encoding="UTF-8"?><br><xrds:XRDS<br> xmlns:xrds="xri://$xrds"<br>
xmlns:openid="<a href="http://openid.net/xmlns/1.0" target="_blank">http://openid.net/xmlns/1.0</a>"<br> xmlns="xri://$xrd*($v*2.0)"><br> <XRD><br> <Service priority="1"><br>
<Type><a href="http://specs.openid.net/auth/2.0/return_to" target="_blank">http://specs.openid.net/auth/2.0/return_to</a></Type><br>
<URI><a href="http://nerdbank.org/RP/login.aspx" target="_blank">http://nerdbank.org/RP/login.aspx</a></URI><br> </Service><br> </XRD><br></xrds:XRDS><br><br clear="all">
Store this XRDS doc on your site somewhere, and point to it from your realm URL (home page, probably) using a meta tag:<br>
<meta http-equiv="X-XRDS-Location" content="<your XRDS URL HERE>" /><br><br>That should do it.<br><br>Andrew Arnott
<br><br><div class="gmail_quote">2008/6/11 Scott Gelb <<a href="mailto:scotthg@hotmail.com" target="_blank">scotthg@hotmail.com</a>>:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div><div></div><div class="Wj3C7c">
<div>Hi,<br>
<br>
I'm new to this list. If there's a way to look at past conversations I'd appreciate someone letting me know. I haven't seen an explanation.<br>
<br>
But here's the problem I'm experiencing. I've incorporated php-openid version 2.0.1 into my site. It works just fine for a variety of openIDs, but when I try a Yahoo openID the Yahoo server page shows the warning:<br>
<br>
<b>Warning: This website has not confirmed its identity with Yahoo! and might be fraudulent. Do not share any personal information with this website unless you are certain it is legitimate.</b><br>
<br>
It allows me to continue with the login and returns to my site, but there are two problems.<br>
<br>
1. No personal data is returned<br>
2. The characters "#f19b8" are appended to the openid URL.<br>
<br>
I have found some explanations for the warning via Google but they made no sense to me. I was wondering whether any of you have encountered this issue and found a solution specific to the php-openid library.<br>
<br>
Thanks for your assistance.<br>
<br>
Scott<br></div>
<br></div></div>_______________________________________________<br>
Dev mailing list<br>
<a href="mailto:Dev@lists.openidenabled.com" target="_blank">Dev@lists.openidenabled.com</a><br>
<a href="http://lists.openidenabled.com/mailman/listinfo/dev" target="_blank">http://lists.openidenabled.com/mailman/listinfo/dev</a><br>
<br></blockquote></div><br>
</blockquote></div><br>