strk
commented
7 years ago I tried considering openid.server as a provider, but then it looks like the callback gets no signature:
op_endpoint must be signed but isn't
Open strk opened 7 years ago
strk
commented
7 years ago I tried considering openid.server as a provider, but then it looks like the callback gets no signature:
op_endpoint must be signed but isn't
strk
commented
7 years ago Still, the callback has openid.sig=9xxxxx&openid.signed=mode%2Cidentity which does look lke a signature, maybe openid-go just doesn't look for that one, lacking "openid2" ?
xStrom
commented
7 years ago Yes the current code is only for OpenID 2.0. Supporting OpenID 1.1 (or older) would most likely require code changes. I don't know from the top of my head what those changes are and I have no plans to implement this myself.
strk
commented
7 years ago Do you know of another Go library doing OpenID 1.0 ?
xStrom
commented
7 years ago Nope.
yohcop
commented
7 years ago Hi, Unfortunately, I'll have the same answers as @xStrom for you: no intention to implement OpenID 1.0 myself, and I don't know of any other libraries supporting this (I haven't searched, there could be one). Sorry this is not more useful.
But are you sure Wordpress does not support OpenID 2.0 at all?
With a simple google search I found something showing code with openid2.provider ?
strk
commented
7 years ago Self hosted wordpress sites can probably be made to support oid2 but check this out: https://strklog.wordpress.com/ - I only see openid.server in there
wordpress.com exposes
openid.serverandopenid.delegaterel links, and openid-go complains withLINK with rel=openid2.provider not found-- is there any plan to support the old version ?I've read somewhere that new wordpress.com blogs will NOT support OpenID at all, but there are many old blogs that will continue to work with the old openid version.