What steps will reproduce the problem?
1. Attempt to handle a 1.x check_auth request in which openid_signed refers
to a field that is not included in the request
What is the expected output? What do you see instead?
Expected output is an error response message indicating a protocol error.
Instead an OpenIdException is thrown.
Please use labels and text to provide additional information.
Ideally the CheckAuthenticationResponse would be an error response if the
sign method throws the OpenIdException; something like:
// catch signature creation errors
catch (OpenIdException e) {
log.debug("Caught exception in check_auth response", e);
map.put(AuthenticationResponse.OPENID_ERROR, e.getMessage());
map.put(OPENID_MODE, "error");
}
Not sure if this is the correct approach though, or if this is the correct
context to handle the error.
Original issue reported on code.google.com by barryf...@gmail.com on 5 Sep 2007 at 8:07
Original issue reported on code.google.com by
barryf...@gmail.comon 5 Sep 2007 at 8:07