I'm trying to implement OpenID consumer with Google App Engine. I used
python-openid 2.x and wrote all needed adaptations for working in App
Engine (user sessions with datastore backend, datastore "store"
interface and urlfetch instead of urlopen). I tested it with developer
server and it works ok!
Than I uploaded project to Google. After trying to login with OpenID
appears page with error code 302:
<HTML><HEAD><meta http-equiv="content-type" content="text/
html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="">here</A>.
</BODY></HTML>
Afer digging my project code I detected that this error occurs while
application tries to redirect to OpenID provider. Python-openid
library successfully generates this url after some discovering. Here
it is (e.g.):
Yes, it's huge. And App Engine can not redirect to this url as I sad
before. It there some restrictions on url length or something else?
When I removed SRE part of query ("&openid.ns.sreg=http%3A%2F
%2Fopenid.net%2Fextensions%2Fsreg%2F1.1&openid.sreg.optional=fullname
%2Cnickname%2Cemail") than redirecting finished well.
I also have encountered this problem. These redirects work find in
local development, but fail on the live appengine server. I'm not
sure what happens within appengine or webapp to cause this, but I get
around it using a a meta redirect:
> I'm trying to implement OpenID consumer with Google App Engine. I used
> python-openid 2.x and wrote all needed adaptations for working in App
> Engine (user sessions with datastore backend, datastore "store"
> interface and urlfetch instead of urlopen). I tested it with developer
> server and it works ok!
> Than I uploaded project to Google. After trying to login with OpenID
> appears page with error code 302:
> <HTML><HEAD><meta http-equiv="content-type" content="text/
> html;charset=utf-8">
> <TITLE>302 Moved</TITLE></HEAD><BODY>
> <H1>302 Moved</H1>
> The document has moved
> <A HREF="">here</A>.
> </BODY></HTML>
> Afer digging my project code I detected that this error occurs while
> application tries toredirectto OpenID provider. Python-openid
> library successfully generates this url after some discovering. Here
> it is (e.g.):
> Yes, it's huge. And App Engine can notredirectto this url as I sad
> before. It there some restrictions on url length or something else?
> When I removed SRE part of query ("&openid.ns.sreg=http%3A%2F
> %2Fopenid.net%2Fextensions%2Fsreg%2F1.1&openid.sreg.optional=fullname
> %2Cnickname%2Cemail") than redirecting finished well.
hi brian, danil. you're absolutely right, we do intercept some
redirects for security reasons, which breaks apps like openid
consumers and providers. this is why http://openid-provider.appspot.com/ currently fails on many consumers.
it's not a high priority, but we do plan to look into this eventually.
feel free to file an issue on the issue tracker and star it; if it
gets enough votes, that will help convince us to prioritize the fix!
(It appears that the conversation on that issue has come round to the
topic on this thread.)
If not, which issue should I be asking people to star?
We're _so_ close to having OpenID support on Google App Engine that I
feel this should be a very high priority for Google (i.e., the
relative work vs. what it will mean in terms of ultimate payoff is
really high!) I know that being able to implement OpenID for the
Singularity web conference application I'm building is very important
for me personally.
And thank you so much for your work in creating the consumer
application. Once we have the redirects working, that should get
developers up and running quickly to consume OpenID in their apps.
Thanks,
Aral
On May 28, 2:24 am, ryan <ryanb+appeng...@google.com> wrote:
> hi brian, danil. you're absolutely right, we do intercept some
> redirects for security reasons, which breaks apps likeopenid
> consumers and providers. this is whyhttp://openid-provider.appspot.com/ > currently fails on many consumers.
> it's not a high priority, but we do plan to look into this eventually.
> feel free to file an issue on the issue tracker and star it; if it
> gets enough votes, that will help convince us to prioritize the fix!
I've been interpreting issue 17 as a feature request to build OpenID
support into App Engine directly, either in the backend or in a Python
library we ship. As I mentioned on that issue, that's not really
necessary, since OpenID libraries can be included by app developers
with their code, As you saw, that's what we did with http://openid-provider.appspot.com/ and http://openid-consumer.appspot.com/. Once the redirect bug is fix,
those existing libraries will work with all other providers and
consumers, not just a few.
Sorry, I misspoke. 404 is a different feature request. It looks like
there's no issue on the public issue tracker for this redirect bug.
We're definitely aware of it, but if you're still encouraging people
to star an issue, feel free to either repurpose issue 17 or create a
new one!
ryan wrote:
> Sorry, I misspoke. 404 is a different feature request. It looks like
> there's no issue on the public issue tracker for this redirect bug.
