Hello,

Hopefully this is just something I'm missing, but I can't for the life of me get OpenID to work. The situation is as follows:

1. Created a test user. User can log into Drupal as normal.
2. As uid:1, I edit the test user and add an OpenID identity. When I add the URL, as expected, Drupal redirects me to my OpenID provider and I authenticate. Once authenticated, the OpenID URL shows up under that users OpenID identities.
3. I go to the login page at user/login, and click Log in using Open ID.
4. I type in the URL I used in step 2 and press Log in.

At this point, Drupal redirects back to user/login without an error: it's as if I never logged in at all. It also occurs if I use a login block: it just redirects back to the page I used the login block on without error. Nothing shows up in the access log, either.

What am I doing wrong?

Thanks,

Mark Trapp

Comments

alexey.gorb’s picture

I've beeing redirected back to login page. But. It seemed to work at the beginning. I think some modules could be conflicting with OpenId module.

I also tried to debug this module, but it didn't had a good result. Just some waste of time, because I'm not really sure what's going wrong.
It seems like failing in some SESSION variable check right here:

function openid_complete($response = array()) {
  module_load_include('inc', 'openid');

  if (count($response) == 0) {
    $response = _openid_response();
  }
  
  // Default to failed response
  $response['status'] = 'failed';
  if (isset($_SESSION['openid']['service']['uri']) && isset($_SESSION['openid']['claimed_id'])) {
    $service = $_SESSION['openid']['service'];
    $claimed_id = $_SESSION['openid']['claimed_id'];
    unset($_SESSION['openid']['service']);
    unset($_SESSION['openid']['claimed_id']);
    if (isset($response['openid.mode'])) {
      if ($response['openid.mode'] == 'cancel') {
        $response['status'] = 'cancel';
      }
      else {
        if (openid_verify_assertion($service['uri'], $response)) {
          // If the returned claimed_id is different from the session claimed_id,
          // then we need to do discovery and make sure the op_endpoint matches.
          if ($service['version'] == 2 && $response['openid.claimed_id'] != $claimed_id) {
            $disco = openid_discovery($response['openid.claimed_id']);
            if ($disco[0]['uri'] != $service['uri']) {
              return $response;
            }
          }
          else {
            $response['openid.claimed_id'] = $claimed_id;
          }
          $response['status'] = 'success';
        }
      }
    }
  }
  return $response;
}

at this check if (isset($_SESSION['openid']['service']['uri']) && isset($_SESSION['openid']['claimed_id'])) { there is an empty array $_SESSION var if you'd try to var_dump it. If you try to view the contents of $response - it'll be ok - it's full of info. Because the previous check fails function returns array with status = failed.

I also tried to figure out why session is empty. At first I thought something's unsetting it, but it's not.

alexey.gorb’s picture

Status: Active » Fixed

Hey, Hey, Hey!!
I solved the problem!

To fix this problem you have to make sure if in DB in table users (or drupal_users, whatever the prefix is) the row with id 0 is present. In case it's not there you'll have to add it. That's a row about anonymous user, it has to have all columns empty.

I just thought about that while having a breakfast =))) so when I made a backup , I removed that row because it didn't want to backup like that (stopped in the middle, because of wrong or duplicate id or smth.)

I think that's all )

Mark Trapp’s picture

Status: Fixed » Active

I'm glad that fixed it for you, but I still have this problem with a row 0 in the users table (I don't imagine why you'd want to remove it).

alexey.gorb’s picture

Are you sure user number 0 is present in {users} table?

Heine’s picture

Status: Active » Fixed

@ Mark Trapp, please open a new issue with sufficient details.

Mark Trapp’s picture

Status: Fixed » Active

Heine, I've provided details in the original post: I still have this problem. What additional details do you need?

gorb.alexey: yes, I am sure user number 0 is present.

febbraro’s picture

Version: 6.11 » 6.14

I had the same problem, OpenID login sending back to /user not logged in. Turns out my Anonymous user (uid=0) was missing. Actually it just wound up having a uid other than 0. Changing the uid back to 0 fixed the problem.

-enzo-’s picture

Hey guys

I added the row with id = 0 in {users} table and now openid auth is working

thanks gord.alexey

enzo

Kars-T’s picture

Status: Active » Fixed

Hi

I am closing this issue to clean up the issue queue. Feel free to reopen the issue if there is new information and the problem still resides. If not please make sure you close your issues that you don't need any more.

Maybe you can get support from the local user group. Please take a look at this list at groups.drupal.org.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.