This queue is for tickets about the Net-OpenID-Consumer CPAN distribution.

Report information
The Basics
Id:
33745
Status:
resolved
Priority:
Low/Low

People
Owner:
Nobody in particular
Requestors:
yousef.alhashemi [...] gmail.com
Cc:
AdminCc:

BugTracker
Severity:
Normal
Broken in:
0.14
Fixed in:
(no value)



Subject: OpenID server immediately redirects my browser to return_to
$ uname -a Linux tux 2.6.16.29-xen #3 SMP Sun Oct 15 13:15:34 BST 2006 x86_64 Dual Core AMD Opteron(tm) Processor 265 AuthenticAMD GNU/Linux $ perl -v This is perl, v5.8.8 built for x86_64-linux Distribution name and version: Net::OpenID::Consumer, v0.14 I'm using *exactly* the same example as in the POD, with the following differences: - cache is Cache::FileCache->new - args is Jifty->handler->cgi->Vars - required_root is http://www.mysite.org:8888/ - return_to is http://www.mysite.org:8888/auth_openid - when I call $csr->claimed_identity(), I pass it a hard-coded value. This value is either myurl.myopenid.com or myurl.livejournal.com (I'm testing it with more than one OpenID server to make sure the server isn't the problem). - $check_url is set to this URI (I've placed it on several lines for readability): http://www.livejournal.com/openid/server.bml?openid.mode=checkid_immediate &openid.identity=http://myurl.livejournal.com/ &openid.return_to=http://www.mysite.org:8888/auth_openid%3Foic.time%3D1204430854-d1b994dfb54a0a68cc67 &openid.trust_root=http://www.mysite.org:8888/ &openid.assoc_handle=1204421318:22pqszAOC5malzGWHkBu:38f5ba2e3b The only difference in the output above is I changed {my_real_domain}.org to mysite.org, and {my_real_identity}.livejournal.com to myurl.livejournal.com (both of these are irrelevant here). The problem is, when I redirect the browser to $check_url, it does go to the OpenID server, but returns immediately to the return_to page without giving me a chance to actually login. I do not have any sort of automatic login feature enabled (neither in my browser nor in my OpenID account settings). I cleared out all cookies and cache. The problem persists. Thanks, Yousef
Show quoted text
---BEGIN CODE--- my $csr = Net::OpenID::Consumer->new( ua => LWPx::ParanoidAgent->new, cache => Cache::FileCache->new, args => scalar Jifty->handler->cgi->Vars, consumer_secret => 'foobar', required_root => "http://www.mysite.org:8888/", ); # a user entered, say, "bradfitz.com" as their identity. The first # step is to fetch that page, parse it, and get a # Net::OpenID::ClaimedIdentity object: my $claimed_identity = $csr->claimed_identity("myurl.livejournal.com"); # now your app has to send them at their identity server's endpoint # to get redirected to either a positive assertion that they own # that identity, or where they need to go to login/setup trust/etc. my $check_url = $claimed_identity->check_url( return_to => "http://www.mysite.org:8888/auth_openid", trust_root => "http://www.mysite.org:8888/", ); print STDERR $check_url; # prints the URI I listed above. # now I redirect the user to $check_url. In Jifty, this is how it's # done: Jifty->web->_redirect($check_url); # The rest of the code (checking the user's identity after they return # from the OpenID server) is irrelevant here.
---END CODE---
From: maletin@cpan.org
On Sa. 01. Mär. 2008, 23:52:40, yousef wrote:
Show quoted text
> - $check_url is set to this URI (I've placed it on several lines for > readability): > http://www.livejournal.com/openid/
server.bml?openid.mode=checkid_immediate
Show quoted text
> &openid.identity=http://myurl.livejournal.com/ > &openid.return_to=http://www.mysite.org:8888/
auth_openid%3Foic.time%3D1204430854-
Show quoted text
> d1b994dfb54a0a68cc67 > &openid.trust_root=http://www.mysite.org:8888/ > &openid.assoc_handle=1204421318:22pqszAOC5malzGWHkBu:38f5ba2e3b
The server www.livejournal.com will at first check, if it can reach http://www.mysite.org:8888/. Can you find a request from livejournal.com at your Server-Log?
I expect that what's happening here is that LiveJournal is returning a response telling you that setup is needed. This would normally be handled by the following case in the example: if (my $setup_url = $csr->user_setup_url) { # redirect/link/popup user to $setup_url } You can avoid this extra round-trip by setting delayed_return to true when you get the check URL: my $check_url = $cident->check_url( delayed_return => 1, return_to => "http://example.com/get-identity.app", trust_root => "http://*.example.com/", ); However you should still make sure you're handling the setup case since some providers may return the setup request in all cases, regardless of what you set here. If you've already got a case handling user_setup_url then please reply here with the rest of your code. Thanks for taking the time to report this bug. I apologise for taking half a year to get back to you.
From: crew@cs.stanford.edu
On Sat Mar 01 23:52:40 2008, yousef wrote:
Show quoted text
> The problem is, when I redirect the browser to $check_url, > it does go to the OpenID server, but returns immediately > to the return_to page without giving me a chance to > actually login.
...
Show quoted text
> my $check_url = $claimed_identity->check_url( > return_to => "http://www.mysite.org:8888/auth_openid", > trust_root => "http://www.mysite.org:8888/", > );
seems to me this needs to be my $check_url = $claimed_identity->check_url( delayed_return => 1, return_to => "http://www.mysite.org:8888/auth_openid", trust_root => "http://www.mysite.org:8888/", ); if you want to have an actual opportunity to login at the OP
I edited the Consumer POD text a bit to mention delayed_return and say something about when/whether you need to use it; this is now in Net- OpenID-Consumer-1.12. Beyond that, there doesn't seem to be anything to do, so I'm closing this. Thanks for the report.


This service runs on Request Tracker, is sponsored by The Perl Foundation, and maintained by Best Practical Solutions.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.