ZF-3086: Zend_OpenId_Consumer doesn't properly handle delegation

Issue Type: Bug Created: 2008-04-09T14:09:29.000+0000 Last Updated: 2008-09-02T10:39:03.000+0000 Status: Resolved Fix version(s): - 1.6.0 (02/Sep/08)

Reporter: Chris Morrell (inxilpro) Assignee: Dmitry Stogov (dmitry) Tags: - Zend_OpenId

Related issues: Attachments:


When you use the Zend_OpenId_Consumer class to authenticate against an OpenID URL that uses delegation, it always passes back the delegated identity instead of the original identity.

For example, if I delegate to, the Zend_OpenId_Consumer class will return as the identity instead of

<pre class="highlight">
require_once "Zend/OpenId/Consumer.php";
$consumer = new Zend_OpenId_Consumer();

// First call
$identifier = '<a href=""></a>';

// On return, call
$consumer->verify($_GET, $identifier);
echo $identifier;
    // Echoes <a href=""></a>
    // Instead of <a href=""></a>


Posted by Chris Morrell (inxilpro) on 2008-04-09T14:10:14.000+0000

This also affects the OpenId adapter of Zend_Auth

Posted by Dmitry Stogov (dmitry) on 2008-04-10T08:43:11.000+0000

Fixed in SVN trunk

Posted by Darby Felton (darby) on 2008-04-21T13:51:34.000+0000

Marking as fixed for next minor release pending merge of changes to release-1.5 branch.

Posted by Wil Sinclair (wil) on 2008-09-02T10:39:03.000+0000

Updating for the 1.6.0 release.

Have you found an issue?

See the Overview section for more details.


© 2006-2018 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.