Current version is unable to authenticate with 1.1 servers (draft Blogger as an example), because it sends unknown fields for 1.1 specification. http://openid.net/specs/openid-authentication-1_1.html#mode_checkid_imme... The patch fixes that.

CommentFileSizeAuthor
openid.module.patch.txt1.32 KBtechtonik

Comments

techtonik’s picture

techtonik commented
Title: Fix authentication with Blogger (OpenID 1.1 server compatibility fix) » [PATCH] Blogger Authentication Fix (OpenID 1.1 server compatibility)
Priority: Normal » Critical

Could somebody with write access add this to some release branch finally?

The specific error displayed by Blogger for unpatched Drupal that sends invalid request to 1.1 server is:
error:Invalid AuthRequest: 768: Invalid value for openid.ns field: http://openid.net/signon/1.0

techtonik’s picture

techtonik commented
Status: Needs review » Reviewed & tested by the community
boxfire’s picture

boxfire commented

Could someone possibly have a patch for version 6 please? People who want to move their blogs from blogger and considering drupal would find this very useful. Thanks

haxney’s picture

haxney commented

Applying this fix to 6.6 worked for me, though I had to enter my OpenID twice, with the login succeeding on the second try. Annoying, but livable.

vacilando’s picture

vacilando commented

Same problem in Drupal 6 :-(

chrono325, could you please post your function openid_authentication_request from openid.module. When I tried to apply the D5 patch in my D6.6, it still did not work for me. But D6 openid.module is a bit different, so I would like to see the code that is working for you.

Russell McOrmond’s picture

Russell McOrmond commented

I would like to confirm that this problem still existed with openid-5.x-1.2 , and that the patch seemed to allow me to add http://mcormond.blogspot.com/ as an OpenID.

Leeteq’s picture

Leeteq commented

Subscribing.

anarcat’s picture

anarcat commented

Subscribing.

For D6, it's probably better to resubmit the patch in the Drupal core project itself, and have it ported to D7. Only then it *may* be backported to D6.

paganwinter’s picture

paganwinter commented

I have used the above patch.
I get this after getting authenticated from Flickr:

    * E-mail address field is required.
    * Accept Terms & Conditions of Use * field is required.
    * OpenID registration failed for the reasons listed. You may register now, or if you already have an account you can log in now and add your OpenID under "My Account"

The Terms of Condition is coming from the Legal module.
And mail id is a mandatory field for Drupal.
But when i proceeded with the Drupal registration form and register myself, I am shown the OpenId I had provided.

So would it be ok if I just suppress the above message and tell the user that the authentication was successful?
If it's only the above stated 2 reasons, then the user should be able to procedd and fill in the Drupal registration form.
But what if there was some other error that occurred while authentication?
Is there some way of finding that out and only then displaying the Failure notification?

paulconolly’s picture

paulconolly commented
Priority: Critical » Minor

I used the patch in v5 and v6. The patch for 6 is slightly different from 5. (see the diff log below)

http://www.heronsoftware.co.uk/trac/projects/logs/drupal6_openid_link1.1...

I made a copy of the core module and worked on that, hence the path in the log is not /modules/openid.

I've tested both versions and they seem to be working fine.

heine’s picture

heine commented
Priority: Minor » Normal
Status: Reviewed & tested by the community » Closed (duplicate)

Duplicate of #222044: Openid login failed with Blogger users

heine’s picture

heine commented
Status: Closed (duplicate) » Needs work

Eh, not a duplicate. Best to repro patch from #222044: Openid login failed with Blogger users though.