brad at danga.com
Tue Jun 28 16:37:58 PDT 2005
On Wed, 29 Jun 2005, Martin Atkins wrote:
> * For some reason, the second signature validation is failing with that
> naive_verify_failed_return error. The first validation seems to be
> working okay. I'm not sure what's differing. The form submission
> includes all of the openid.* fields from the request, so they should all
> be replicated in the final request and thus I'd expect the verification
> step to work exactly the same as it did the first time.
There's a time component. You only have a certain amount of time to check
the signature, iirc.
> Am I right in thinking that the "dumb" mode verification actually works
> once? Do I really have to go through all that redirecting stuff again a
> second time?
No, you just get the signature, then check_authentiction it. This should
all be hidden by the verified_identity method
> * The Consumer library doesn't seem to be doing delegate right, or I'm
> just calling it wrong. If I enter a URL which delegates to my
> LiveJournal URL, everything goes through as normal but the library tells
> my code that the identity is my LiveJournal URL, not the one I entered.
Really? You using the newest library? Sprinkle some debug around... I've
been using delegated and normal identities fine.
> This seems like something the library should be handling for me, as it's
> part of the spec. I see some code in there that looks like it wants to
> get the real identity from oic.identity, but no code to actually add it
> in the first place.
They're in different files.
More information about the yadis