ZF-3086: Zend_OpenId_Consumer doesn't properly handle delegation

Description

When you use the Zend_OpenId_Consumer class to authenticate against an OpenID URL that uses delegation, it always passes back the delegated identity instead of the original identity.

For example, if I delegate http://mysite.com to http://myaccount.myopenid.com, the Zend_OpenId_Consumer class will return http://myaccount.myopenid.com as the identity instead of http://mysite.com.


<?php
require_once "Zend/OpenId/Consumer.php";
$consumer = new Zend_OpenId_Consumer();

// First call
$identifier = 'http://mysite.com';
$consumer->login($identifier);

// On return, call
$consumer->verify($_GET, $identifier);
echo $identifier;
    // Echoes http://myaccount.myopenid.com
    // Instead of http://mysite.com
?>

Comments

This also affects the OpenId adapter of Zend_Auth

Fixed in SVN trunk

Marking as fixed for next minor release pending merge of changes to release-1.5 branch.

Updating for the 1.6.0 release.