jbufu / openid4java

Automatically exported from code.google.com/p/openid4java
Apache License 2.0
98 stars 58 forks source link

Associate method always with empty parameters #187

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. Run RP and OP normally, while debugging, I realize that discovery is fine 
(sending request and receiving XRDS)
2. Authentication step is fine too
3. But in my ProviderService.java, never appears "openid.mode=associate"

What is the expected output? What do you see instead?
When I am debugging, I expect that in the ConsumerManager.associate() method, 
RP connect to OP with "openid.mode=associate", BUT always PageParameters are 
empty in these step.

What version of the product are you using? On what operating system?
Openid4java 0.9.6 version
Wicket 1.5.7 version
Netbeans 7.2
Ubuntu

Please provide any additional information below.
When I run my RP, in debug I can see the discovery requesting being sent and 
the XRDS being returned. After that, RP call associate method, but the 
parameters in OP are always empty in the associate step. Following the 
execution, my RP create a authentication request and my OP shows Login page.
User type the credentials and OP tries to return the User Informations, but in 
the RP processReturn() method, especifically in the 
"ConsumerManager.verify(arg1, arg2, arg3)" method, the program shows an error.

I was debugging and seeing the ConsumerManager source code in the site, and 
through the error stacktrace, I realized that the ConsumerManager code enters 
in the line 1797 (ELSE statement). The comment of the line says: "no 
association, verify with the OP".

The error is: "Invalid Key-Value form, colon missing: <?xml version="1.0" 
encoding="UTF-8"?>"

If you pay attention, the error shows "<?xml version="1.0" encoding="UTF-8"?>". 
This means that ConsumerManager code tries to make an ASSOCIATION again, but 
one more time, the OP receives a request with PageParameters (Wicket 1.5.7) 
empty. OP interprets the request like DISCOVERY and send XRDS again. This 
explains why I have a MessageException: "Invalid Key-Value form, colon missing: 
<?xml version="1.0" encoding="UTF-8"?>"

Another guy had the same problem and asked for help in Apache (Wicket) forums 
on 04th April 2012, but he didn't have any answer. Thereat, I have decided ask 
for help in the Openid4java Wiki. Follows the link of the his doubt:
http://mail-archives.apache.org/mod_mbox/wicket-users/201204.mbox/%3C13335589263
78-4532565.post@n4.nabble.com%3E

Thanks in advance.
Regards, Hugo Cunha.

Original issue reported on code.google.com by hugo.ass...@gmail.com on 11 Jan 2013 at 6:01

GoogleCodeExporter commented 9 years ago
Doesn't look like a problem with openid4java necessarily. To confirm, enable 
debug logging on the RP and see what happens when the ConsumerManager is 
initialized:

1) does it attempt to send a POST request with openid.mode=associate to the OP?
2) what response it receives from the OP?

Note that association requests are POSTs with the body using the key-value 
encoding defined by the OpenID protocol (the association parameters are neither 
in the GET query nor in the POST body www-form-encoded). Does PageParameters 
(assume wicket's?) know how to extract OpenID's key-value format from a POST 
body?

Original comment by Johnny.B...@gmail.com on 11 Jan 2013 at 7:50

GoogleCodeExporter commented 9 years ago

Original comment by Johnny.B...@gmail.com on 23 Jan 2013 at 9:51