ZF-3348 - Issues - Zend Framework

ZF-3348: OpenId check_immediate without log in shouldn't return cancel

Issue Type:

Bug

Created:

2008-05-29T04:29:23.000+0000

Last Updated:

2008-09-02T10:39:34.000+0000

Status:

Resolved

Fix version(s):

1.6.0 (02/Sep/08)

Reporter:

Marko Gräßlin (marko_ekaabo)

Assignee:

Dmitry Stogov (dmitry)

Tags:

Zend_OpenId

Related issues:

Attachments:

Description

OpenId check_Immediate with logged out User returns "openid.mode cancel" instead "openid.mode setup_needed" . The dump of the validator on http://openidenabled.com/resources/openid-test/… returns:

*
  Redirecting to <a rel="nofollow" href="http://www.communipedia.com/openid/provide?openid.identity=http%3A%2F%2Fmarko.yiid.net%2F&openid.mode=checkid_immediate&openid.return_to=http%3A%2F%2Fopenidenabled.com%2Fresources%2Fopenid-test%2Fdiagnose-server%2FTestDumbCheckidImmediateSetupNeeded%2F%3Faction%3Dresponse%26attempt%3D1%26nonce%3DYW7sK1df&openid.trust_root=http%3A%2F%2Fopenidenabled.com%2Fresources%2Fopenid-test%2Fdiagnose-server%2FTestDumbCheckidImmediateSetupNeeded%2F">http://communipedia.com/openid/provide/&hellip;</a>
  openid.identity   <a rel="nofollow" href="http://marko.yiid.net/">http://marko.yiid.net/</a>
  openid.mode   checkid_immediate
  openid.return_to  <a rel="nofollow" href="http://openidenabled.com/resources/openid-test/diagnose-server/TestDumbCheckidImmediateSetupNeeded/?action=response&attempt=1&nonce=YW7sK1df">http://openidenabled.com/resources/openid-test/&hellip;</a>
  openid.trust_root <a rel="nofollow" href="http://openidenabled.com/resources/openid-test/diagnose-server/TestDumbCheckidImmediateSetupNeeded/">http://openidenabled.com/resources/openid-test/&hellip;</a>
*
  Response received:
  action    response
  attempt   1
  nonce YW7sK1df
  openid.mode   cancel
  openid.user_setup_url <a rel="nofollow" href="http://www.communipedia.com/auth/login?openid.identity=http%3A%2F%2Fmarko.yiid.net%2F&openid.mode=checkid_setup&openid.return_to=http%3A%2F%2Fopenidenabled.com%2Fresources%2Fopenid-test%2Fdiagnose-server%2FTestDumbCheckidImmediateSetupNeeded%2F%3Faction%3Dresponse%26attempt%3D1%26nonce%3DYW7sK1df&openid.trust_root=http%3A%2F%2Fopenidenabled.com%2Fresources%2Fopenid-test%2Fdiagnose-server%2FTestDumbCheckidImmediateSetupNeeded%2F">http://communipedia.com/auth/login/&hellip;</a>
* Operation Cancelled.

Comments

Posted by Wil Sinclair (wil) on 2008-06-01T12:56:28.000+0000

Please assign and categorize as necessary. I've preliminarily targeted a release.

Posted by Dmitry Stogov (dmitry) on 2008-07-15T10:01:25.000+0000

Fixed only for OpenID 2.0, because OpenID 1.1 specification says nothing about "setup_needed" response.

Posted by Wil Sinclair (wil) on 2008-09-02T10:39:34.000+0000

Updating for the 1.6.0 release.