nathanpbell wrote: > > Is this a known issue? Is it definitely a problem on the OP side? Should > I investigate further? >
I've narrowed this down further. It seems that the ZF OpenId Consumer has a fail fast tendency which is causing it fail on seemingly recoverable errors. I'm a little shakey on the OpenID protocol so hopefully someone will correct me where I err. I've discovered that some OpenID providers do not support the HMAC-SHA256 association type, and will instead fall back to HMAC-SHA1. Here is the response I got back from myvidoop, an OpenID provider when connecting with the ZF component: assoc_type:HMAC-SHA1 error:Association type HMAC-SHA256 is not supported with session type DH-SHA256 error_code:unsupported-type ns:http://specs.openid.net/auth/2.0 session_type:DH-SHA1 Is this an error we can (and should) recover from in Zend_OpenId_Consumer? It seems that the OP is letting us know that while it doesn't support the association type we requested, it does support HMAC-SHA1. Is failing fast in this case desirable? -- View this message in context: http://www.nabble.com/Zend_OpenId_Consumer-only-authenticates-when-%24dumbMode%3Dtrue-tp16547568p16580749.html Sent from the Zend Framework mailing list archive at Nabble.com.
