Can someone please respond to this post. I am unable to make Zend_OpenID work
with both Yahoo and Vidoop providers. It works great with MyOpenID though.
Thanks!
Jerry
sgrobins wrote:
>
> I used to use a library called Auth_OpenID for my consumer which worked
> for all providers including yahoo. I switched to using Zend_OpenId and now
> it doesn't work for yahoo as a provider. Has anyone gotten this to work?
>
> After looking at the code, I was able to get it to work, but I had to do
> the following (which seems not good, but it works)...
>
> In Zend_OpenId_Consumer::_checkId(), I had to remove these lines:
>
> if (!$this->_associate($server, $version)) {
> return false;
> }
>
> Inside the _associate() function it ends up making a call to yahoo servers
> which returns a status 400 (Bad Request). After doing some more debugging
> it looks like yahoo doesn't support this:
> 'openid.mode' => 'associate',
> 'openid.assoc_type' => 'HMAC-SHA256',
> 'openid.session_type' => 'DH-SHA256',
>
> In Zend_OpenId_Consumer::verify() I had to remove this line as well:
> if ((isset($params['openid_identity']) &&
> $params["openid_identity"] != $id) ||
> (isset($params['openid_op_endpoint']) &&
> $params['openid_op_endpoint'] != $server) ||
> $discovered_version != $version) {
> //return false;
> }
>
> This is because openid_identity and openid_claimed_id are *almost* the
> same, but openid_claimed_id as an extra #XXXX at the end. Not sure if
> yahoo is doing somewhere weird. So that check then fails and returns
> false (cause $id got set to openid_claimed_id 20 or so lines above in the
> file.
>
> Any ideas?
>
--
View this message in context:
http://www.nabble.com/Zend_OpenId-fails-for-yahoo-openid-tp15910120p18055593.html
Sent from the Zend Framework mailing list archive at Nabble.com.
