| Subject: | OpenID server immediately redirects my browser to return_to |
$ uname -a
Linux tux 2.6.16.29-xen #3 SMP Sun Oct 15 13:15:34 BST 2006 x86_64 Dual
Core AMD Opteron(tm) Processor 265 AuthenticAMD GNU/Linux
$ perl -v
This is perl, v5.8.8 built for x86_64-linux
Distribution name and version: Net::OpenID::Consumer, v0.14
I'm using *exactly* the same example as in the POD, with the following
differences:
- cache is Cache::FileCache->new
- args is Jifty->handler->cgi->Vars
- required_root is http://www.mysite.org:8888/
- return_to is http://www.mysite.org:8888/auth_openid
- when I call $csr->claimed_identity(), I pass it a hard-coded value.
This value is either myurl.myopenid.com or myurl.livejournal.com (I'm
testing it with more than one OpenID server to make sure the server
isn't the problem).
- $check_url is set to this URI (I've placed it on several lines for
readability):
http://www.livejournal.com/openid/server.bml?openid.mode=checkid_immediate
&openid.identity=http://myurl.livejournal.com/
&openid.return_to=http://www.mysite.org:8888/auth_openid%3Foic.time%3D1204430854-d1b994dfb54a0a68cc67
&openid.trust_root=http://www.mysite.org:8888/
&openid.assoc_handle=1204421318:22pqszAOC5malzGWHkBu:38f5ba2e3b
The only difference in the output above is I changed
{my_real_domain}.org to mysite.org, and
{my_real_identity}.livejournal.com to myurl.livejournal.com (both of
these are irrelevant here).
The problem is, when I redirect the browser to $check_url, it does go to
the OpenID server, but returns immediately to the return_to page without
giving me a chance to actually login. I do not have any sort of
automatic login feature enabled (neither in my browser nor in my OpenID
account settings). I cleared out all cookies and cache. The problem
persists.
Thanks,
Yousef
Show quoted text
---BEGIN CODE---
my $csr = Net::OpenID::Consumer->new(
ua => LWPx::ParanoidAgent->new,
cache => Cache::FileCache->new,
args => scalar Jifty->handler->cgi->Vars,
consumer_secret => 'foobar',
required_root => "http://www.mysite.org:8888/",
);
# a user entered, say, "bradfitz.com" as their identity. The first
# step is to fetch that page, parse it, and get a
# Net::OpenID::ClaimedIdentity object:
my $claimed_identity = $csr->claimed_identity("myurl.livejournal.com");
# now your app has to send them at their identity server's endpoint
# to get redirected to either a positive assertion that they own
# that identity, or where they need to go to login/setup trust/etc.
my $check_url = $claimed_identity->check_url(
return_to => "http://www.mysite.org:8888/auth_openid",
trust_root => "http://www.mysite.org:8888/",
);
print STDERR $check_url; # prints the URI I listed above.
# now I redirect the user to $check_url. In Jifty, this is how it's
# done:
Jifty->web->_redirect($check_url);
# The rest of the code (checking the user's identity after they return
# from the OpenID server) is irrelevant here.
---END CODE---