Net::OpenID::Consumer with Google OpenID 2?
MM
Open ID implementation, and am having trouble wrapping my head around
what the correct procedure for doing this is.
The usage of Net::OpenID::Consumer must be slightly different?
I'm doing:
my $csr = Net::OpenID::Consumer->new(
'ua' => LWPx::ParanoidAgent->new,
'cache' => $HTML::Mason::Commands::memcached,
'consumer_secret' => "stuff",
'args' => $cgi,
'required_root' => "http://stuff.com/"
);
and then
my $claimed_identity = $csr->claimed_identity("https://www.google.com/
accounts/o8/id");
print STDERR $csr->err;
prints out
no_identity_server: The provided URL doesn't declare its OpenID
identity server.
I've tried going to the url and parsing out the "https://
www.google.com/accounts/o8/ud" and trying that, but that doesn't seem
to work either.
I'm guessing I'm missing something fundamental, as https://www.google.com/accounts/o8/ud
isn't a "claimed" identity, but an endpoint for starting this
dialogue, and I must just be missing how to use the library?
Thanks for any help in the right direction.
Martin Atkins
It looks like you're doing it right.
Unfortunately the current release of Net::OpenID::Consumer has a known
bug which prevents it from correctly parsing Google's discovery
information. We do have a patch in the trunk which will be included in
the next release, and I hope to make a new release once I've rolled in a
couple other minor patches and bug reports we've recieved since
releasing 1.01.
Does it work if you use http://yahoo.com/ instead of Google's URL?
Matt Mankins
I just tried from the trunk--assuming the repository url is, http://code.sixapart.com/svn/openid/trunk/perl/Net-OpenID-Consumer/?
my $VERSION in Consumer.pm says 1.02. ... And the Google problem
persisted.
It looks like it's going to Google in the web browser, then coming
back with
&openid.mode=setup_needed&openid.ns=http%3A%2F%2Fspecs.openid.net
%2Fauth%2F2.0
but the module has an error:
bad_mode: The openid.mode argument is not correct
Let me know if I can help figure this out.
Thanks.
Matt
Martin Atkins
It's probably best to use the maintenance branch here rather than the trunk:
http://code.sixapart.com/svn/openid/branches/1.0/perl/Net-OpenID-Consumer/
There's some refactoring and redesign going on right now in trunk that
has not been extensively tested.
The problem you describe here is a new problem I've not seen before, but
I'd be interested to see if you still encounter it in the 1.0 branch
since that could point to a regression in trunk.
Thanks,
Martin
Igor Gariev
works ok.
LiveJournal uses the latest version too, and I've successfully logged
in (http://www.livejournal.com/openid/) with ID https://www.google.com/accounts/o8/id
Below is a simple check script
#!/usr/bin/perl
use strict;
use warnings;
use CGI;
use Net::OpenID::Consumer;
use LWPx::ParanoidAgent;
my $csr = Net::OpenID::Consumer->new(
'ua' => LWPx::ParanoidAgent->new,
'args' => CGI->new,
'required_root' => "http://stuff.com/",
);
or die $csr->err;
my $check_url = $claimed_identity->check_url(
return_to => "http://example.com/opeid",
trust_root => "http://example.com",
delayed_return => 1,
);
print $check_url, "\n";
and here is the $check_url I've got:
https://www.google.com/accounts/o8/ud?openid.ns=http://specs.openid.net/auth/2.0&openid.return_to=http://example.com/opeid%3Foic.time%3D1227964169-6e9ecc07c1fee5077954&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.mode=checkid_setup&openid.realm=http://example.com
Igor Gariev
http://code.sixapart.com/svn/openid/trunk/perl/Net-OpenID-Consumer/
and http://code.sixapart.com/svn/openid/trunk/perl/Net-OpenID-Common/:
the Net::OpenID::Yadis library is in the second repository now.
Martin Atkins
This particular fix is actually in the 1.0 maintenence branch, which is
probably a less risky thing to be running in production:
http://code.sixapart.com/svn/openid/branches/1.0/perl/
Trunk right now has some half-finished work on higher-level extension
support along with the refactoring you noticed; it hasn't been
extensively tested yet.
Matt Mankins
delayed_return => 1,
in the call to check_url.
After adding it, I was able to make it function with Google.
This is with the svn versions you mentioned in the previous post. I
have not tried it with other versions.
Hopefully I don't need to turn on or off the delayed return per
provider.
Thanks for everyone's help!
Martin Atkins
> Thanks for the script--I found that my script was missing this:
>
> delayed_return => 1,
>
> in the call to check_url.
>
> After adding it, I was able to make it function with Google.
>
> This is with the svn versions you mentioned in the previous post. I
> have not tried it with other versions.
>
> Hopefully I don't need to turn on or off the delayed return per
> provider.
>
Does the new version work with Google without delayed_return?
Your original report seemed to be a discovery failure, but if you had to
set delayed_return then this suggests a different issue. What error do
you get in this case?
Matt Mankins
On Nov 29, 2008, at 11:34 PM, Martin Atkins wrote:
>
> Does the new version work with Google without delayed_return?
I just installed the latest from svn, and it did not work without
delayed return.
> Your original report seemed to be a discovery failure, but if you
> had to
> set delayed_return then this suggests a different issue. What error do
> you get in this case?
It seems to happen when the user isn't already logged into Google, and
then attempts to authenticate. But if you haven't successfully logged
in before, my debug output is:
[DEBUG Net::OpenID::Consumer] fail(bad_mode)
The openid.mode argument is not correct validate errorbad_mode: The
openid.mode argument is not correct
Hope this helps, let me know how to get more/better information. I'm
still a little fuzzy on exactly what's happening behind the scenes, so
sorry if I'm missing some information.