Open GoogleCodeExporter opened 9 years ago
According to the OpenID 2.0 spec referenced below, it looks like no 2.0 RPs
should
ever allow positive assertions from this Provider because the discovered OpenID
version is different from the OP endpoints actual supported version.
http://openid.net/specs/openid-authentication-2_0.html#verify_disco
Please consider this a high priority fix!
Original comment by andrewar...@gmail.com
on 13 Feb 2009 at 3:43
Original issue reported on code.google.com by
andrewar...@gmail.com
on 13 Feb 2009 at 3:17