Errors parsing openid request

[mauritsvanrees]

I tried plone.openid and plone.app.openid on a Plone 5.1.5 site, because we might have a use case for it. It did not work, so we will skip it. But let me list two problems I saw.

For me it goes wrong in the plone.openid authentication plugin. You don't really see anything in the logs, because errors are swallowed in PAS plugins. But with a pdb I can see more.

It always fails in the line that basically checks if the query is valid.

My OpenID provider was a Django site. The query parameters at this point were:

{'extractor': 'openid',
 'janrain_nonce': '2019-03-29T13:49:40ZtStQmm',
 'login': None,
 'openid.assoc_handle': '{HMAC-SHA1}{5c9e21a7}{p5QvEw==}',
 'openid.claimed_id': 'http://localhost:8000/m.van.rees@zestsoftware.nl',
 'openid.identity': 'http://localhost:8000/m.van.rees@zestsoftware.nl',
 'openid.mode': 'id_res',
 'openid.ns': 'http://specs.openid.net/auth/2.0',
 'openid.op_endpoint': 'http://localhost:8000/app/server/',
 'openid.response_nonce': '2019-03-29T13:49:40ZqNZJos',
 'openid.return_to': 'http://localhost:8080/int?janrain_nonce=2019-03-29T13%3A49%3A40ZtStQmm',
 'openid.sig': 'VhU/hmrD/ARRKfFol68ZNrs8U54=',
 'openid.signed': 'assoc_handle,claimed_id,identity,mode,ns,op_endpoint,response_nonce,return_to,signed',
 'openid.source': 'server'}

First failure is because the login key is None, giving an AttributeError: 'NoneType' object has no attribute 'encode'. The login None is there because PAS inserts it, trying to lowercase the existing login key.

I tried setting login to empty string, but then I got a seemingly unrelated failure.

Ah, no, wait: when I remove the login None instead of changing it to an empty string, it actually works. The other error is no longer there.

Okay, I will just fix that. I may still not end up using this package, but this can help others.

[mauritsvanrees]

I have released 2.0.5 with the fix.