By janeri on

I have an OpenID from myopenid.com that works well with for instance Plaxo, and I have added this OpenID to my account in my fresh Drupal 6 site, but I still cannot log in.

I select "Log in using OpenID", enter my OpenID and click "log in", it then interacts with myopenid.com as expected and I do my bit, but I am still presented with "User login" when I am returned to my site.

Anyone understand what am I doing wrong?

Categories: Drupal 6.x

Comments

janeri’s picture

janeri commented

seems like I am completely alone with this problem?

dpalfan’s picture

dpalfan commented

I'm currently trying to learn more about this same problem.
On some hosts Drupal6 and OpenId work fine; On at least one 'big-name' host I'm having the same problem as you.

Anyone have ideas on a common setting which needs to be changed?

duckpuppy’s picture

duckpuppy commented

You're not completely alone - I just tried to use my OpenID (Verisign) to log into my own site (after adding it to my user profile while logged in normally) and just keep getting redirected back to the front page not logged in. I use this OpenID on many other sites, and I was able to successfully authenticate with it when I was adding it to my user profile, but I can't log into my site with it.

alexey.gorb’s picture

alexey.gorb commented

I've beeing redirected back to login page. But. It seemed to work at the beginning. I think some modules could be conflicting with OpenId module.

I also tried to debug this module, but it didn't had a good result. Just some waste of time, because I'm not really sure what's gone wrong.
It seems like failing in some SESSION variable check right here:

function openid_complete($response = array()) {
  module_load_include('inc', 'openid');

  if (count($response) == 0) {
    $response = _openid_response();
  }
  
  // Default to failed response
  $response['status'] = 'failed';
  if (isset($_SESSION['openid']['service']['uri']) && isset($_SESSION['openid']['claimed_id'])) {
    $service = $_SESSION['openid']['service'];
    $claimed_id = $_SESSION['openid']['claimed_id'];
    unset($_SESSION['openid']['service']);
    unset($_SESSION['openid']['claimed_id']);
    if (isset($response['openid.mode'])) {
      if ($response['openid.mode'] == 'cancel') {
        $response['status'] = 'cancel';
      }
      else {
        if (openid_verify_assertion($service['uri'], $response)) {
          // If the returned claimed_id is different from the session claimed_id,
          // then we need to do discovery and make sure the op_endpoint matches.
          if ($service['version'] == 2 && $response['openid.claimed_id'] != $claimed_id) {
            $disco = openid_discovery($response['openid.claimed_id']);
            if ($disco[0]['uri'] != $service['uri']) {
              return $response;
            }
          }
          else {
            $response['openid.claimed_id'] = $claimed_id;
          }
          $response['status'] = 'success';
        }
      }
    }
  }
  return $response;
}

at this check if (isset($_SESSION['openid']['service']['uri']) && isset($_SESSION['openid']['claimed_id'])) { there is an empty array $_SESSION var if you'd try to var_dump it. If you try to view the contents of $response - it'll be ok - it's full of info. Because the previous check fails function returns array with status = failed.

I also try to figure out why session is empty. At first I thought something's unsetting it, but it's not.

nilsja’s picture

nilsja commented

on other drupal installations openid login works fine with an openid provider. but not with the 6.16 version i want to login...