Errors parsing openid request
Closed this issue · 1 comments
I tried plone.openid and plone.app.openid on a Plone 5.1.5 site, because we might have a use case for it. It did not work, so we will skip it. But let me list two problems I saw.
For me it goes wrong in the plone.openid
authentication plugin. You don't really see anything in the logs, because errors are swallowed in PAS plugins. But with a pdb I can see more.
It always fails in the line that basically checks if the query is valid.
My OpenID provider was a Django site. The query parameters at this point were:
{'extractor': 'openid',
'janrain_nonce': '2019-03-29T13:49:40ZtStQmm',
'login': None,
'openid.assoc_handle': '{HMAC-SHA1}{5c9e21a7}{p5QvEw==}',
'openid.claimed_id': 'http://localhost:8000/m.van.rees@zestsoftware.nl',
'openid.identity': 'http://localhost:8000/m.van.rees@zestsoftware.nl',
'openid.mode': 'id_res',
'openid.ns': 'http://specs.openid.net/auth/2.0',
'openid.op_endpoint': 'http://localhost:8000/app/server/',
'openid.response_nonce': '2019-03-29T13:49:40ZqNZJos',
'openid.return_to': 'http://localhost:8080/int?janrain_nonce=2019-03-29T13%3A49%3A40ZtStQmm',
'openid.sig': 'VhU/hmrD/ARRKfFol68ZNrs8U54=',
'openid.signed': 'assoc_handle,claimed_id,identity,mode,ns,op_endpoint,response_nonce,return_to,signed',
'openid.source': 'server'}
First failure is because the login
key is None, giving an AttributeError: 'NoneType' object has no attribute 'encode'
. The login None is there because PAS inserts it, trying to lowercase the existing login key.
I tried setting login to empty string, but then I got a seemingly unrelated failure.
Ah, no, wait: when I remove the login None instead of changing it to an empty string, it actually works. The other error is no longer there.
Okay, I will just fix that. I may still not end up using this package, but this can help others.
I have released 2.0.5 with the fix.