News:

Join the Facebook Fan Page.

Main Menu

OpenID Critical Error

Started by Ilu, March 18, 2011, 04:55:43 PM

Previous topic - Next topic

Ilu

Hello! Before I begin, I'd like to mention I'm a little derpy (well, a lot really) when it comes to SMF. So forgive my ignorance. >_<

Anyway, after many searches here, I've noticed there were a lot of people having OpenID problems, but the topics I found were either very old or unresolved, so I'm not sure if my issue is a simple fix or if I need to wait on a fix.

I'm running 2.0 RC4, and trying to authenticate a pre-existing user account with OpenID gives the following error:

Apply Filter: Only show the error messages of this URL
http://www.knightsofhyrule.org/forum/index.php?action=openidreturn&amp;sa=change_uri&amp;t=1300480882&amp;openid.assoc_handle={HMAC-SHA1}{4d83c370}{ci2ZTg==}&amp;openid.identity=http://iluvu.myopenid.com/&amp;openid.mode=id_res&amp;openid.op_endpoint=http://www.myopenid.com/server&amp;openid.response_nonce=2011-03-18T20:41:28ZoUZWo0&amp;openid.return_to=http://www.knightsofhyrule.org/forum/index.php?action=openidreturn&amp;sa=change_uri&amp;t=1300480882&amp;openid.sig=GlxlEcbPRBCTKn1MFrM2HmXpYu4=&amp;openid.signed=assoc_handle,identity,mode,op_endpoint,response_nonce,return_to,signed
Apply Filter: Only show the errors with the same message

The signature from the identity provider is invalid.


This issue came up in the searches results here, but I didn't find a solution. I'm not sure if the same issue comes up with new accounts or not. What are the necessary steps to fixing this, or is it still being worked on? Many thanks in advance.

kat

Just a suggestion...

RC5 is an upgrade.

Maybe, just maybe, this was one of things that was fixed?

Ilu

Quote from: K@ on March 18, 2011, 05:21:03 PM
Just a suggestion...

RC5 is an upgrade.

Maybe, just maybe, this was one of things that was fixed?
I don't have the ability (or permission) to upgrade the forums. I'm not the owner of the site, so I'm only allowed to edit certain things... We recently upgraded from 1.1.12 to 2.0RC4 (with security patch).

So, is there a manual edit I can make without upgrading to RC5?

Arantor

Sources/Subs-OpenID.php

Code (find) Select
$parameters[] = 'openid_assoc_type=HMAC-SHA1';

Code (replace) Select
$parameters[] = 'openid.assoc_type=HMAC-SHA1';

It's literally the only code changed in the OpenID stack between RC4 and RC5.

Ilu

Quote from: Arantor on March 18, 2011, 06:44:26 PM
Sources/Subs-OpenID.php

Code (find) Select
$parameters[] = 'openid_assoc_type=HMAC-SHA1';

Code (replace) Select
$parameters[] = 'openid.assoc_type=HMAC-SHA1';

It's literally the only code changed in the OpenID stack between RC4 and RC5.
I made the edit, but I'm still getting a similar error, though it's one line shorter:

Apply Filter: Only show the error messages of this URL
http://www.knightsofhyrule.org/forum/index.php?action=openidreturn&amp;sa=change_uri&amp;t=1300488714&amp;openid.assoc_handle={HMAC-SHA1}{4d83e1d6}{1UTyww==}&amp;openid.identity=http://iluvu.myopenid.com/&amp;openid.mode=id_res&amp;openid.op_endpoint=http://www.myopenid.com/server&amp;openid.response_nonce=2011-03-18T22:51:55ZZbc04c&amp;openid.return_to=http://www.knightsofhyrule.org/forum/index.php?action=openidreturn&amp;sa=change_uri&amp;t=1300488714&amp;openid.sig=SH+zkKFNoaaivtgJcV+RkvIxa2E=&amp;openid.signed=assoc_handle,identity,mode,op_endpoint,response_nonce,return_to,signed
Apply Filter: Only show the errors with the same message

The signature from the identity provider is invalid.

Arantor

Then maybe OpenID support is still buggy.

Ilu

Quote from: Arantor on March 18, 2011, 06:56:37 PM
Then maybe OpenID support is still buggy.

Ah, I was afraid that was the issue... :/ I guess I'll just have to keep an eye out for fixes.

Ilu

Very sorry to bump this topic, but after a few days of searching I've come to wonder if it's maybe because the account is a pre-existing account? I did try to authenticate it in the Profile section, but still received that "The signature from the identity provider is invalid." message. The user account isn't an admin account, either. I read that some people suggested manually changing this in the openid_uri. Do you think this would work? What should I choose from the dropdown list, and what do I enter in the text field next to it?

Additionally, I've noticed that the other reports of this problem were found in earlier versions of 2.0, but I never found any solutions for them... though I'm not sure that's at all relevant, as I'm using RC4 w/Security Patch (and the fix mentioned above).

Advertisement: