Posted by Chris Johnson on November 16, 2008 at 3:42am
Jump to:
| Project: | OpenID Provider |
| Version: | 6.x-1.x-dev |
| Component: | Code |
| Category: | task |
| Priority: | normal |
| Assigned: | walkah |
| Status: | active |
Issue Summary
The POSTed data in this kind of request looks like this:
openid.assoc_type=HMAC-SHA1
openid.mode=associateIn a 2.x request, the request would contain these 2 additional key-value pairs:
openid.ns=http://specs.openid.net/auth/2.0
openid.session_type=no-encryptionThe lack of those 2 pairs appear to cause the provider code to return invalid responses to the RP.
Comments
#1
More specifically, if this module does not intend to support compatibility mode or the 1.x protocol (a reasonable decision), it should return sane values for requests made using compatibility mode, since the RP using it almost surely supports both 1.x and 2.x, or it would simply use the only version it supports. :-)
#2
yeah, there's nothing implementing compat mode (yet)... marking this as a task and claiming.