Associations are used to agree a shared secret between the RP and the OP. Right now, node-openid stores association information at the end of a successful association with an OP, but it only ever re-uses that information to validate positive assertions. It should also re-use those associations on subsequent authentication requests to the same OP.
Associations are used to agree a shared secret between the RP and the OP. Right now,
node-openid
stores association information at the end of a successful association with an OP, but it only ever re-uses that information to validate positive assertions. It should also re-use those associations on subsequent authentication requests to the same OP.