need help with server based on perl module

Dmitriy MiksIr miksir at maker.ru
Wed Aug 31 01:38:16 PDT 2005 

I am try to create openID server with Net::OpenID::Server module 
(latest), but all clients return naive_verify_failed_return error on 
identify check. Where is my error, except my mind =)?

####################################################################

My code (sure, it's part of code):
# $FORM is ref to hash with form data (GET or POST)
$action = $FORM->{'action'};
if ($action eq 'openIDsetup') {
    unless ($user) {
      $FORM->{action} = 'error';
      return;
    }
    unless ($FORM->{'identity'} =~ 
m{^(http://)?(www\.)?$user\.$SETUP{'domain'}/?}) {
      $FORM->{action} = 'error';
      return;
    }
    unless ($FORM->{'trust_root'} =~ m!^https?://!) {
      $FORM->{action} = 'error';
      return;
    }
}

use Net::OpenID::Server;

my $nos = Net::OpenID::Server->new(
    get_args     => $FORM,
    post_args    => $FORM,
    get_user     => sub {
        	return $user;
    },
    is_identity  => sub {
        	my ($u, $ident) = @_;
        	return 0 unless $u;
        	return 1 if ($ident =~ 
m{^(http://)?(www\.)?$u\.$SETUP{'domain'}/?});
        	return 0;
    },
    is_trusted   => sub {
          my ($u, $trust_root, $is_identity) = @_;
          return 0 unless $u;
          # temporary solution
          return 1;
    },
    setup_url    => "http://$SETUP{'domain'}/?action=openIDsetup",
    server_secret => sub {
          my ($time) = @_;
          return substr(crypt($time, 'Ss'),2);
    },
    compat => 1
);

if ($action eq "openIDsetup") {
     my $sig_return = $nos->signed_return_url(
	identity     => $FORM{'identity'},
	return_to    => $FORM{'return_to'},
	trust_root   => $FORM{'trust_root'},
	assoc_handle => $FORM{'assoc_handle'},
     );
     return "Location: $sig_return\n\n" if $sig_return;
# Example of $sig_return:
# http://openid.net/demo/helper.bml?openid.mode=id_res&
# openid.identity=http://myname.mydomain/
# &openid.return_to=http://openid.net/demo/helper.bml
# &openid.issued=2005-08-30T16:32:30Z
# &openid.valid_to=2005-08-30T17:32:30Z
# &openid.assoc_handle=1125419550:STLS.pUdGIihALdlTzTVAcM0q:8351ded280
# &openid.signed=mode,identity,return_to,issued,valid_to
# &openid.sig=IBq7NICx%2B1bM12kAVCVbHkIt%2B28%3D
#
    $FORM->{action} = 'error';
     return;
}

my ($type, $data) = $nos->handle_page(redirect_for_setup => 1);
if ($type eq "redirect") {
     return "Location: $data\n\n";
} else {
    return "Content-Type: $type\n\n$data";
}

More information about the yadis mailing list