Posted by soconnor on March 13, 2008 at 5:00pm
Jump to:
| Project: | OpenID |
| Version: | 5.x-1.1 |
| Component: | OpenID Client |
| Category: | bug report |
| Priority: | critical |
| Assigned: | Unassigned |
| Status: | active |
Issue Summary
This OpenID module doesn't follow the OpenID spec when using DH association. It should pass up the modulus and the gen used in creating the public key.
http://openid.net/specs/openid-authentication-2_0.html#anchor19
The code just needs to be modified to pass up these parameters when using DH.
$request['openid.dh_modulus'] = OPENID_DH_DEFAULT_MOD;
$request['openid.dh_gen '] = OPENID_DH_DEFAULT_GEN;
In function openid_association_request()
Comments
#1
Whoops should have tested the fix before posting this bug. :-P The values need to be base64_encode'd
$request['openid.dh_modulus'] = base64_encode(OPENID_DH_DEFAULT_MOD);
$request['openid.dh_gen '] = base64_encode(OPENID_DH_DEFAULT_GEN);
#2
Subscribing.