| Subject: | fails to find identity server for google openid |
The following semi(?) official google openid thing doesn't work with
this module: http://openid-provider.appspot.com/larrylud
I log in with an openid like
http://openid-provider.appspot.com/joey@kitenet.net , and get back:
"Error: OpenID failure: no_identity_server: The provided URL doesn't
declare its OpenID identity server."
Did some investigation. verified_identity seems to think this is using
Openid V1, so _discover_aendpointscceptable_ gets called with
force_version => 1
However, the page header looks like this, apparently trying to support
openid 1 and 2, with 2 the first one in the rel link:
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8"/>
<title> OpenID for Google Accounts </title>
<link rel="openid2.provider openid.server"
href="http://openid-provider.appspot.com/joey%40kitenet.net" />
<link href="/static/base.css" rel="stylesheet" type="text/css"/>
So, _find_semantic_info parses that to:
semantic info (http://openid-provider.appspot.com/joey@kitenet.net) =
openid.delegate => , openid.server => , foaf => , openid2.provider =>
http://openid-provider.appspot.com/joey%40kitenet.net, atom => ,
foaf.maker => , rss =>
Since version 1 was forced, _discover_acceptable_endpoints ignores
the openid2.provider and returns no endpoints.
The right place to fix this seems to be in the _find_semantic_info
parser. It should probably fill in both openid2.provider and
openid.server in this case.
(BTW, the link rel parser also seems to fail in the case where the href
comes before the rel attribute. Isn't that a valid order that it should
support?)