search

Arachnid / aeoid

Easy OpenID support for App Engine
46 stars 3 forks source link

Support of OpenID Google Apps discovery #11

Open jeremys opened 14 years ago

jeremys commented 14 years ago

It would allow us to use aeoid to build our AppEngine application for Google Apps Marketplace.

See here for more info : http://code.google.com/googleapps/marketplace/sso.html

jeremys commented 14 years ago

Wow, that was FAST. Thanks Nick!

jlee123 commented 14 years ago

I'm attempting to use this for my Python AppEngine Marketplace app. If I upload the demo app to my AppEngine app (which is OpenID whitelisted by my Google Apps domain via the manifest file) and visit myapp.appspot.com/apps_login?domain=mydomain.com then the usual Google Apps OpenID allow page is skipped over like it should be but when returning to myapp.appspot.com/_openid/finish?... I get "Login failed or was cancelled". Looking at the AppEngine Logs I see:

03-18 05:27AM 02.067 Error attempting to use stored discovery information: <aeoid.openid.consumer.consumer.TypeURIMismatch: Required type http://specs.openid.net/auth/2.0/signon not found in ['http://specs.openid.net/auth/2.0/server', 'http://openid.net/srv/ax/1.0', 'http://specs.openid.net/extensions/ui/1.0/mode/popup', 'http://specs.openid.net/extensions/ui/1.0/icon', 'http://specs.openid.net/extensions/pape/1.0'] for endpoint > E 03-18 05:27AM 02.068 Attempting discovery to verify endpoint E 03-18 05:27AM 02.068 Performing discovery on http://ascue.pbu.edu/openid?id=111203045301076947035

Looking at the full _openid/finish?.. URL, it looks like openid.ext1.value.email= as well as my name are being sent back by Google, it just seems Aeoid is unhappy with something about the response.

Any clues?

Jay

jeremys commented 14 years ago

In fact Nick have just started the support for Google Apps OpenID, it's not finished yet. I've done some hack to make it work as I'm not an OpenID specialist, this is really a temporary hack to continue my dev' until there's a full management of Google Apps OpenID.

Here's what I have done : In \aeoid\openid\consumer\consumer.py : comment ALL the if statement around line 1011 "if defragged_claimed_id != endpoint.claimed_id"

In \aeoid\openid\consumer\consumer.py : comment ALL the if statement around line 1018 "if to_match.getLocalID() != endpoint.getLocalID()"

In \aeoid\openid\consumer\consumer.py : in the function def _discoverAndVerify(self, claimed_id, to_match_endpoints): around line 1055 add: import urllib claimed_id = "https://www.google.com/accounts/o8/user-xrds?uri="+urllib.quote(claimed_id)

With this changes, it's working for me, but I repeat this is just to be able to continue my devs, I'll wait to have a full support implemented by someone who know OpenId to push my app in production.

botmonster commented 14 years ago

Hey, what happend? Develpement stopped? :(

crsantos commented 13 years ago

I second botmonster. Have you stopped working on this? Deprecated?