Closed GoogleCodeExporter closed 9 years ago
Typos, under "Technical Details" section:
and instead sendback*
Clarification, "Technical Details" section:
the "authentication failed" response referred to follows the same procedures as
a
successful one but only uses the following 2 attributes:
openid.ns=http://specs.openid.net/auth/2.0
openid.mode=cancel
Original comment by mcbain....@gmail.com
on 22 Feb 2010 at 12:58
More clarifications:
All URLs passed around should have proper URL encoding, so the really long URL
would
really be the following, for example:
http://www.example.com/accounts/login?openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0&openid.mode=checkid_setup&openid.claimed_id=http%3a%2f%2fwww.example.com%2fdemovibes&openid.identity=http%3a%2f%2fwww.example.com%2fdemovibes&openid.return_to=http%3a%2f%2fwww.example2.com%2fwelcome&openid.realm=http%3a%2f%2fwww.example2.com%2f*
For our purposes, the only URL we have to worry about encoding is the final
return-to
URL we give the browser via 307/redirect.
Original comment by mcbain....@gmail.com
on 22 Feb 2010 at 1:04
Original comment by mcbain....@gmail.com
on 22 Feb 2010 at 2:17
There is some code at http://github.com/simonw/django-openid - maybe we can use
some of
that
Original comment by TheTerra...@gmail.com
on 22 Feb 2010 at 6:58
And just because I stumbled over it:
http://blogs.gnome.org/jamesh/2009/04/14/django-openid-auth/
A supposedly very simple to add django openid client part.
Original comment by TheTerra...@gmail.com
on 22 Feb 2010 at 6:59
I think both of those are for making a "relyer", which would enable demovibes to
consume OpenIDs (that is, people could create accounts with an OpenID) but
unless I
missed something, they don't allow demovibes/django to be a *provider* (allow
it to
be an OpenID source for other OpenID consumers).
Original comment by mcbain....@gmail.com
on 23 Feb 2010 at 7:53
http://www.djangosnippets.org/snippets/310/
http://www.romke.net/django/openid_provider/ - this one actually looks usable
Original comment by TheTerra...@gmail.com
on 23 Feb 2010 at 8:58
As far as they go, the second one looks promising. The snippet you linked to is
quite
old, and the project it claims would eventually have OpenID support seems to be
abandoned. So I guess we just have to check out the romke project and see if it
does
what we need. If not ... then I guess I have to learn django and python
(learning
python will be the easy part :)
Original comment by mcbain....@gmail.com
on 23 Feb 2010 at 9:17
Already implented it, testing it to find the kinks and see if it actually works
Original comment by TheTerra...@gmail.com
on 23 Feb 2010 at 10:58
(lightly) tested and committed.
Original comment by TheTerra...@gmail.com
on 23 Feb 2010 at 12:00
hehe. awesome. I'm going to CC FishGuy8765 because if/when he gets this pushed
to
CVGM, I can test it with a simple local webapp.
Original comment by mcbain....@gmail.com
on 23 Feb 2010 at 12:15
http://demovibes.thelazy.net/demovibes/ have it running already :)
Original comment by TheTerra...@gmail.com
on 23 Feb 2010 at 12:38
Okay, I was able to log into StackOverflow with the OpenID listed in my user
profile.
There is one issue though, somewhat annoying. When an OpenID request is
received by
demovibes and the user is not logged in, they're presented a login form (which
is
fine), however, after they log in, the OpenID request is forgotten entirely and
they
remain on the demovibes site.
I also tested it with my web framework of choice, and it didn't work. I think
their
framework's OpenID class can't find the URI, due to some sort of XPath parser
issue.
Anyway, that's not our problem.
I'd call this done :)
Original comment by mcbain....@gmail.com
on 23 Feb 2010 at 1:18
CVGM will hold off on applying this patch for a while until I can scrape some
time
together to sit and play with it properly, and work on any changes needed etc.
Original comment by FishGuy8765@gmail.com
on 23 Feb 2010 at 1:49
Original issue reported on code.google.com by
mcbain....@gmail.com
on 22 Feb 2010 at 12:34