Hi,
I am having huge problems getting Zend OpenID working with different
providers, I keep getting strange errors for some of them. First
things first - here is my code:
$status = "";
/**
* Includes and loads
*/
ini_set('include_path', ini_get('include_path') . ':/usr/home/www/domain.com/');
require_once('Zend/Loader.php');
Zend_Loader::registerAutoload();
Zend_Loader::loadClass('Zend_OpenId');
$sreg = new Zend_OpenId_Extension_Sreg (
array (
'nickname' => true ,
'email' => true ,
'fullname' => false
), null, 1.1);
/**
* Are we posting - i.e. initial post?
*/
if (isset ($_POST['openid_action']) && $_POST['openid_action'] ==
"Register" && ! empty ($_POST['openid_url']))
{
$consumer = new Zend_OpenId_Consumer ();
if (! $consumer->login ($_POST['openid_url'],
'http://domain.com/register/openid.php',
'http://domain.com/register/', $sreg))
$status = "OpenID login failed.<br>";
}
/**
* We are on our way back from openid!
*/
else if (isset ($_GET['openid_mode']))
{
if ($_GET['openid_mode'] == "id_res")
{
$consumer = new Zend_OpenId_Consumer ();
if ($consumer->verify ($_GET, $id, $sreg))
{
$data = $sreg->getProperties();
$status = "VALID " . htmlspecialchars ($id);
}
else
$status = "INVALID " . htmlspecialchars ($id). "::::".
$consumer->getError();
}
else if ($_GET['openid_mode'] == "cancel")
$status = "CANCELED";
}
Then some HTML below that to display errors etc. This is basically a
copy from the Zend OpenID manual - but here are my problems. If I use
myopenid.com it works fine and this is whats in $_GET (I get a VALID:
MY NAME):
Array
(
[openid_assoc_handle] => {HMAC-SHA256}{4911faf5}{l7eVqQ==}
[openid_claimed_id] => http://myname.myopenid.com/
[openid_identity] => http://myname.myopenid.com/
[openid_mode] => id_res
[openid_ns] => http://specs.openid.net/auth/2.0
[openid_ns_sreg] => http://openid.net/extensions/sreg/1.1
[openid_op_endpoint] => http://www.myopenid.com/server
[openid_response_nonce] => 2008-11-19T13:49:23ZS6e6YZ
[openid_return_to] => http://domain.com/register/openid.php
[openid_sig] => cfYueopSnApXabnFmvTVioIjZGtHiGlfRLMR//qgkv0=
[openid_signed] =>
assoc_handle,claimed_id,identity,mode,ns,ns.sreg,op_endpoint,response_nonce,return_to,signed,sreg.email,sreg.fullname,sreg.nickname
[openid_sreg_email] => [EMAIL PROTECTED]
[openid_sreg_fullname] => Ian Barnes
[openid_sreg_nickname] => MyNickname
)
Fine - so that works. Now if I use yahoo it doesnt work - I get
INVALID: MY NAME and the error is: Extension::prepareResponse failure
and this is the output from $_GET:
Array
(
[openid_ns] => http://specs.openid.net/auth/2.0
[openid_mode] => id_res
[openid_return_to] => http://domain.com/register/openid.php
[openid_claimed_id] => https://me.yahoo.com/username#a4a7e
[openid_identity] => https://me.yahoo.com/username
[openid_assoc_handle] =>
eXncxRXNH4wDdDamIbv3BtuAZF0EKJ7wLSONTDJ4KmZWzA6roD6165GfRgpbcTS86aaCJLhdYHNC5fcMHxOd7M9ZyUnPLisioKB9MTZiBvBP7MLuroRHqqVa3S36Ca.c
[openid_realm] => http://domain.com/register/
[openid_response_nonce] =>
2008-11-19T13:54:29ZfrIgw42XFBnGXmjHgD4rL69Eq0vS8byb2w--
[openid_signed] =>
assoc_handle,claimed_id,identity,mode,ns,ns.pape,op_endpoint,pape.auth_policies,pape.nist_auth_level,response_nonce,return_to,signed
[openid_op_endpoint] => https://open.login.yahooapis.com/openid/op/auth
[openid_ns_pape] => http://specs.openid.net/extensions/pape/1.0
[openid_pape_auth_policies] => none
[openid_pape_nist_auth_level] => 0
[openid_sig] => vHXcHwsszQDSki/fNRIixrWS6u4=
)
So it appears to have worked, except claimed_id has the #a4e7e part
extra after the username??
Now for wordpress I go through the motions, come back and get the
following error: Extension::prepareResponse failure (same as Yahoo).
Here is $_GET:
Array
(
[openid_assoc_handle] => {HMAC-SHA1}{4923e2f0}{Wm/HzQ==}
[openid_identity] => http://myusername.wordpress.com/
[openid_mode] => id_res
[openid_return_to] => http://domain.com/register/openid.php
[openid_sig] => BHvUkkAToOKNvU3+3K+OWPTL9l0=
[openid_signed] => mode,identity,return_to
)
Im using Zend Framework 1.7 (latest) with no customisations. Anyone
have any ideas as to why some work and some dont ?
Thanks
Ian
