summaryrefslogtreecommitdiff
path: root/doc/forum/google_openid_broken__63__.mdwn
blob: 68b44f2c1e94252a040ebd6f0b5f4b0836d87e63 (plain) 
Now that google supports using thier profiles as OpenIDs, that can be used
directly to sign into ikiwiki. Just use, for example,
http://www.google.com/profiles/joeyhess . Tested and it works. --[[Joey]]




This seems to work fine if you use the profile directly as an OpenID.  It doesn't seem to work with delegation.  From that I can see, this is a deliberate decision by Google for security reasons.  See the response here. -- [[Will]]




historical discussion


when I login via to this wiki (or ours) via Google's OpenID, I get this error:


Error: OpenID failure: no_identity_server: The provided URL doesn't declare its OpenID identity server.


Any idea how to fix this??




Google is doing things with openid that are not in the spec
and it's not clear to me that they intend regular openid to work at all.
What is your google openid URL so I can take a look at the data they are
providing? --[[Joey]]




http://openid-provider.appspot.com/larrylud




I've debugged this some and filed
https://rt.cpan.org/Ticket/Display.html?id=48728 on the Openid perl
module. It's a pretty easy fix, so I hope upstream will fix it quickly.
--[[Joey]]








A little more information here:  I'm using that same openid provider at the moment.  Note that
that provider isn't google - it is someone using the google API to authenticate.  I normally have it
set up as a redirect from my home page (which means I can change providers easily).






<link rel="openid.server" href="http://openid-provider.appspot.com/will.uther">
<link rel="openid.delegate" href="http://openid-provider.appspot.com/will.uther">







In that mode it works (I used it to log in to make this edit).  However, when I try the openid
URL directly, it doesn't work.  I think there is something weird with re-direction.  I hope this
isn't a more general security hole.
-- [[Will]]








So, while the above bug will probably get fixed sooner or later,
the best approach for those of you needing a google openid now is
to use gmail.


Just a note that someone has apparently figured out how to use a google
openid, and not a third-party provider either, to edit this site.
The openid is
https://www.google.com/accounts/o8/id?id=AItOawltlTwUCL_Fr1siQn94GV65-XwQH5XSku4
(what a mouthfull!), and I don't know who that is or how to use it since it
points to a fairly useless xml document, rather than a web page. --[[Joey]]
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-09 16:52:19 +0000