lookupAssociation returns a redirect on MySpace

[Marco]

I have the Yahoo and Google openId providers working! JOpenId is very
promising and easy to use.

I'm trying to add another OP.

I did send an Http GET request to the MySpace provider
with a request header: Accept: application/xrds+xml

MySpace returned with the URI http://api.myspace.com/openid

But when I configure this for JOpenId the request
'manager.lookupAssocation(endpoint) results in a MySpace redirect
(302)
This could be MySpace specific and I'm talking to the developer of the
OP, but they seem to request some additional openId attributes on the
request. The odd thing is that with Fiddler I don't see any
attributes, also not to Google or Yahoo.

My question is, can I set these attributes manually with JOpenId ? And
what is the protocol between RP and OP to obtain the endpoint
association. Is that a simple 'GET' request?

Thanks for your help.

Regards,

Marco

[Marco]

After reading the openId spec on establishing the association:

I changed the URI to

MySpace = http://api.myspace.com/openid?openid.mode=associate

No more redirect, a more concrete error::

URI to mode:error
error:An encrypted session using either HTTPS or Diffie-Hellman is
required when establishing associations between relying parties and
providers.

On Dec 13, 4:00 pm, Marco <ens...@gmail.com> wrote:
> I have the Yahoo and Google openId providers working! JOpenId is very
> promising and easy to use.
>
> I'm trying to add another OP.
>
> I did send an Http GET request to the MySpace provider
> with a request header:  Accept: application/xrds+xml
>

> MySpace returned with the URIhttp://api.myspace.com/openid

[Marco]

After that last message I switched to HTTPS, but that is returning me
a 400 bad response on the endpoint association.

org.expressme.openid.OpenIdException: Bad response code: 400
at org.expressme.openid.Utils.httpRequest(Utils.java:48)
at org.expressme.openid.OpenIdManager.requestEndpoint
(OpenIdManager.java:237)
at org.expressme.openid.OpenIdManager.lookupEndpoint
(OpenIdManager.java:204)
at openid.consumerservlet.MainServlet.doGet(MainServlet.java:58)

On Dec 13, 4:43 pm, Marco <ens...@gmail.com> wrote:
> After reading the openId spec on establishing the association:
>
> I changed the URI to
>

> MySpace =http://api.myspace.com/openid?openid.mode=associate

[Michael Liao]

Hi Macro

JOpenId only needs an endpoint url that contains OP's url. you can find google and yahoo's endpoint url in openid-providers.properties

Send a GET request to google's endpoint url you got:

<?xml version="1.0" encoding="UTF-8"?>

<xrds:XRDS xmlns:xrds="xri://$xrds" xmlns="xri://$xrd*($v*2.0)">

  <XRD>

  <Service priority="0">

  <Type>http://specs.openid.net/auth/2.0/server</Type>

  <Type>http://openid.net/srv/ax/1.0</Type>

  <Type>http://specs.openid.net/extensions/ui/1.0/mode/popup</Type>

  <Type>http://specs.openid.net/extensions/ui/1.0/icon</Type>

  <Type>http://specs.openid.net/extensions/pape/1.0</Type>

  <URI>https://www.google.com/accounts/o8/ud</URI>

  </Service>

  </XRD>

</xrds:XRDS>

And the <URI> is what jopenid used to do authentication.

I searched mypace developer site and found no information about that.

--

 Best regards,

Michael Liao

[Marco]

Michael,

The OpenID OP endpoint is http://api.myspace.com/openid?openid.mode=associate

If you don't create a valid request, you will be redirected.

But I don't think JOpenId is creating valid requests. What kind of
encryption does JOpenId support?
(error:An encrypted session using either HTTPS or Diffie-Hellman is

required when establishing associations between relying parties and

providers.)
And how can I specify to use DH1 or DH256?

Thanks for your help

Marco