Better error messages for `openid.authenticate` provider filtering

[jmlane]

Hello and thanks for implementing OpenID in Node.js!

I'm relatively inexperienced with the specifications, but I did look over the 2.0 spec while trying to get things working with a poorly documented provider, so keep that in mind if my critique is unfounded.

In the openid.authenticate method, the provider validation/filtering code does not seem to give sufficient feedback to the consumer in terms of why a provider is unsuitable. As a result, I had to step through the source in my implementation to figure out what was causing my provider to be discarded.

PS. In turns out I needed to be using stateless mode but I had no way of knowing that was required of me prior to my debugging session.

[havard]

Hi, thanks for the feedback. I am sure the error messages can be improved so that situations such as the one you describe can be solved. Would you be willing to put some work in to improving them? I'd be happy to review patches on the topic. :)