Extension talk:OpenID/LQT Archive 1

Archive 1

OpenID accounts not appearing in Newuserlog
Accounts create via OpenID login don't seem to appear in the log, when using Newuserlog. I'm not sure which extension needs to be updated OpenID or Newuserlog - anybody have an idea? Jclerner 16:31, 11 July 2007 (UTC)

That extension (Newuserlog) is since 1.14.0 obsolete; it has been included officially in mediawiki. But still the problem remains, it would be nice if accounts created with OpenID login would appear in the Special:Log/newusers. Could this be included in a next version perhaps?Fredd-E 13:45, 26 May 2009 (UTC)

Last night I tried it out by creating accounts on wikis with the OpenID extension instlalled, I found that it was in Recent changes but displayed my IP address. MyrtonosTry liquid theads 22:40, 8 January 2011 (UTC)

SpecialOpenIDLogin.php
So I've installed the OpenID extension following the instructions, but now I get a warning about a missing file (includes/SpecialOpenIDLogin.php) whenever I try to access the login page. I've looked for the file everywhere and I can't find it. Thanks in advance for help on this!

Report: Notable Bugs
I decided to create a list of bugs that are annoying me to no end, in hopes that they may be fixed by the developer.--Saoshyant 03:30, 12 August 2007 (UTC)

Profile erasing
I have tested this several times, and the issue appears to be real. Every time I login through OpenID, my profile is completely erased. Real Name, Signature, E-mail &mdash; it's all gone! This is a serious problem and needs to be fixed.
 * Made it optional so those who want their persona updates to follow them still can benefit it - will do more granular configurations in future releases (email is the mail thing, I believe) --Sergey Chernyshev 23:41, 24 February 2009 (UTC)

Lack of "Remember Me" option
This is just annoying. I have to login again everytime I restart my browser. Why can the extension not mimic the standard login procedure to allow me to stay logged on after verification?

Separated Standard and OpenID login options
Why is this even happening? Most OpenID sites out there put the two login methods in one single page.

AddAccount Hook
Would it be possible to run the AddAccount hook when the user sets up their account so the newly configured/added user shows up in the new user log? That'd be cool, there are a few admins on our site that were wondering where these new users came from when they didn't show up in the log.

--Tderouin 17:16, 7 January 2008 (UTC)

Odd Header behavior
I have two wikis which I put the OpenID extension into recently, and the OpenID extension broke the User Pages for which it was acting as an OpenID server.

The solution that I came to was to comment out line 172 of OpenID.php:

$wgOut->addLink(array('rel' => 'openid.server', 'href' => OpenIDServerUrl)); $rt = Title::makeTitle(NS_SPECIAL, 'OpenIDXRDS/'.$user->getName); $wgOut->addMeta('http:X-XRDS-Location', $rt->getFullURL); // 						header('X-XRDS-Location', $rt->getFullURL);

It appears that MediaWiki 1.11 is outputting something before it reaches the OpenID extension included in the LocalSettings.php. I'm trying to run down exactly where this is happening, but as for now, commenting the header line works.

--NoTea 04:32, 25 January 2008 (UTC)


 * I went through the list of wikis using this extension and these ones are using MediaWiki 1.11.0:
 * http://wiki.creativecommons.org/Special:Version
 * http://wiki.openid.net/Special:Version


 * My CreativeCommons wiki userpage seems fine, but perhaps it's only a problem after it's used as an ID on another site. So I tried using this to login to Wikevent.org, but after the CC wiki asks for confirmation, it just leaves me at an empty page of Search results. I'll do more experimenting later - gotta run now.


 * At Appropedia, we also use this version, and want to make sure there's no problem before we install it. NoTea, after you commented out the line, have you had any problems at all? What is the url of the wiki are you managing? --Chriswaterguy 05:52, 19 February 2008 (UTC)


 * I still can't use my CreativeCommons wiki userpage as an OpenID - when trying to use it to log into another site, it again failed in the same way. At first it looks promising ("Check if you want to share data with http://bmannconsulting.com" but then it just displays the text Search results.


 * I can't test this using wiki.openid.net, as the login is only by OpenID, and it seems like this site isn't set up to work as an identity provider.


 * Any insights? --Chriswaterguy 14:09, 19 February 2008 (UTC)


 * Success - I can login to another wiki (Wikevent) with OpenID, using my userpage on Schwarzes Wiki (German Gothic-Wiki - just posted today on the "list of wikis using this extension" and also using MW 1.11.0).


 * Creating my account there was a slight challenge (but thank you translate.google.com), and when I went to login to Wikevent and was passed to the Schwarzes Wiki, I had to guess that "Suche" ("Search") actually meant to register, and it did.


 * Now to check whether my userpage on the Schwarzes Wiki is broken... nope, looks fine!


 * As Mel Brooks might say, the Schwarzes be with you. --Chriswaterguy 03:47, 20 February 2008 (UTC)


 * Look above for a fix: Extension_talk:OpenID. Sorry me for my last "bad" commt! ;) (sofar|sokai)

Cannot login to OpenID
Hello, I setup my MediaWiki at http://www.khamthai.com/ My login page is at http://khamthai.com/word/Special:OpenIDLoginOpenID

However I could not login with my OpenID either from Yahoo! OpenID or IDProxy.net. I got messages "Sorry! Something is not quite right with the request we received from the website you are trying to use..." from Yahoo! and "500 Error Server error." from IDProxy.net. My OpenID works fine with Wikitravel and Wikihow.

In my /tmp/openid-consumer, I have two files in /associations. Nothing is in /nonces and /temp. In my MySQL, there is a blank OpenID table.

Thank you for any response. Regards --Manop 22:55, 31 January 2008 (UTC)

Verification failed
I'm setting up OpenID for my new wiki. However, whenever I login, I get an error:
 * Verification of the OpenID URL failed. Error message: "return_to does not match return URL. Expected http://15monkeys.com/wiki/shared/index.php?title=Special:OpenIDFinish, got http://15monkeys.com/wiki/shared/index.php?title=Special:OpenIDFinish&janrain_nonce=2008-03-25T18%3A30%3A41ZQVKcHE"

When I login using a remote OpenID, I get even more janrain garbage which it doesn't expect. I'm using version 2.0.1 of php-openid. --BigSmoke 18:39, 25 March 2008 (UTC)

see http://drupal.org/node/320495, from what is called the variable $wgTrustRoot in the LocalSettings.php file, must be in the form:

$WgTrustRoot = "http://*.example.com/";

ps : translate by google --anonymous 04:36, 17 April 2010 (UTC)

OpenID Failed Clamshell Same Server
I am currently running a clamshell openid server on ____/openid my wiki is at ____/w/Main_Page or ____/Wiki:Main_Page when i try to convert my current login "Lenary" to my OpenID on the same server, it gives me this error: "Verification of the OpenID URL failed. Error message: "Not in requested trust domain:____"" with a link. when i click this link, another error comes up: "Invalid openid.mode ''". i have tried changing the $wgTrustRoot to both of the above addresses, but neither work. $wgOpenIDConsumerDenyByDefault = false; me and a friend are working on rectifying this, but nothing is working. The /Auth from the library you asked for a prerequisite is at ____/w/Auth as well as /usr/share/php5 and /usr/?bin?/php5 (i'm not sure of the last one) i have no clue what to do now. I have tried all 3 addresses clamshell lets you use, ____/openid/clamshell.php?u=### ___/openid/?u=### ___/openid/### (sorry, i have obscured all addresses for security... ____ is the server domain name, ### is my clamshell username)

i have just also copied /Auth to ____/w/extensions/OpenID


 * Hi Anonymous. You shouldn't need to do this last step, but rather place Auth in $IP/includes, since it'll be automatically included in the include_path. Regarding the error you are getting, it's probably related with $wgTrustRoot. Try to set it to a value equal to the start of your wiki URL, including the port, if you're using other port than 80. It took me some time to figure that out. I'm using it with: ClamShell 0.6.7 and MediaWiki 1.12.0 (had to upgrade from 1.10 to support the i18n new stuff). Thanks to Evan Prodromou for the great work. Nuno Tavares 00:17, 3 May 2008 (UTC)


 * would that route be something like http://example.com/Wiki: (where http://example.com/Wiki:Main_Page was the main page, but http://example.com/w/ was the actual dir of the wiki? thanks for the help so far Nuno


 * http://example.com/ should be enough, I believe. Nuno Tavares 21:28, 5 May 2008 (UTC)


 * this would be a solution http://ioni2.com/2009/wordpress-openid-login-failed-invalid-openid-mode-no-mode-set-solved-for-both-wordpress-and-drupal/

not under trust_root
Nothing I did in LocalSettings.php helped with this error. Editing OpenID.setup.php and adding my trust_root URL to $wgTrustRoot did the trick.

OpenID.setup.php $wgTrustRoot = "http://www.example.com/wiki/";
 * 1) Defines the trust root for this server
 * 2) If null, we make a guess
 * 3) $wgTrustRoot = null;

--Beagle 17:18, 17 May 2008 (UTC)
 * Hmmm... that's odd. Just for fun, I commented the $wgTrustRoot entry in OpenID.setup.php and now it appears that the entry in LocalSettings.php is being read.
 * Yes, by George, it is reading LocalSettings.php now because if I comment the $wqTrustRoot entry there it fails. You can like see for yourself at tioat dot net slash wiki if ya don't believe me. I'm just so thrilled it works now. ;) --Beagle 09:47, 18 May 2008 (UTC)


 * I can confirm this works. I had the same problem as you, then I commented the line "$wgTrustRoot = null;" in OpenID.setup.php and it works fine now. --Figure002 20:06, 20 April 2010 (UTC)


 * I figured out the problem here. The default OpenID variables are created when OpenID.setup.php is included by the require_once line. By placing the variables in LocalSettings.php before OpenID.setup.php is included, the variables will be overwritten with the default values. So the solution, is to place the OpenID variables after the require_once line (I added a note about this in the article). --Figure002 20:39, 20 April 2010 (UTC)

Install problem with head MW 1.13
We have the most current files (subversion checkout) in phase3/extension/OpenID, executed the sql code to create the necessary table and have require_once("$IP/extensions/OpenID/OpenID.setup.php"); in LocalSettings. We do use symbolic links: /var/www/PWiki/ contains a link extensions to /usr/share/mediawiki/phase3/extensions. All other extensions work that way, so we believe this is not the problem. So far only OpenID does not work with MediaWiki head revision. Showing main pages works ok, but navigating to special pages creates an error. The error is strange to non-experts, because it refers to plenty of paths that simply don't exist:

Warning: AutoLoader::require(/var/www/PWiki/Auth/OpenID/Server.php) [function.AutoLoader-require]: failed to open stream: No such file or directory in  /usr/share/mediawiki/phase3/includes/AutoLoader.php on line 506 Fatal error: AutoLoader::require [function.require]: Failed opening required '/var/www/PWiki/Auth/OpenID/Server.php' (include_path='/var/www/PWiki:/var/www/PWiki/includes: /var/www/PWiki/languages:.:/usr/share/php:/usr/share/pear') in   /usr/share/mediawiki/phase3/includes/AutoLoader.php on line 506

Anyone has an idea or a solution? Many thanks! --Vigilius 18:00, 20 July 2008 (UTC)


 * Hi! Did you install the "PHP OpenID Library" v2 from ? I experienced the same error message (with 1.13.1) and fixed it by copying the "Auth" folder to my Mediawiki-root-folder. Now everything works fine! :) *goodluck* (sofar|sokai)

Where to download
Where do I go to download this?


 * Follow the link in the infobox in the upper right corner, after "download". Easiest is, however, to use subversion to check out the entire extension branch; many extensions are supported in the mediawiki subversion system. At a place where you want the checkout to be downloaded to, run the following commandline:
 * svn checkout http://svn.wikimedia.org/svnroot/mediawiki/trunk/extensions
 * --Vigilius 22:20, 31 July 2008 (UTC)

Bad Content-Type in HTML header (svn: r46704)
Trying to identify on http://openidenabled.com/php-openid/trunk/examples/server/server.php failed due to a possible bug in SpecialOpenIDXRDS.body.php in line 110. Changing header("Content-Type","application/xrds+xml"); into header("Content-Type: application/xrds+xml"); helped then. --217.80.70.52 22:27, 3 February 2009 (UTC)


 * ✅ Fixed in r49250 ^demon 17:33, 6 April 2009 (UTC)

Wrong escaping (svn: r46704)
In SpecialOpenIDXRDS.body.php line 56 it should say ' xmlns:xrds="xri://$xrds"', $xrds gets escaped the right way then. --217.80.70.52 22:57, 3 February 2009 (UTC)

JanRain RPX
I wonder if it might be possible to have JanRain's RPX enabled on MediaWiki. This OpenID extension is already a great feature, but it could be greatly ehanced with the free version of JanRain's RPX which presents the user lots of different user accounts to use in order to log in to a web site. It features: OpenID 1.x, 2.0, FaceBook Connect, MySpaceID,Google,... especially great because it will enable users to use their Facebook login to edit the wiki.

I contacted RPX on their Facebook page and asked them if they would be interested to develop an extension to MediaWiki which uses their RPX. He answered the following: "So, there isn't currently a turn-key plugin for MediaWiki, but if you know of anyone who'd be initerested in working with us to develop one, let us know. That said, as mentioned in a comment below, RPX is agnostic to platform and should be compatible with all web applications."

So, maybe the team of this OpenID extension would be interested to work with JanRain for an official MediaWiki version? --Fredd-E 11:01, 5 June 2009 (UTC)

I'd be very interested in seeing the development of this. I am implementing openid on my wiki, and I am having problems using gmail accounts with it. Alejandro. --129.67.116.109 13:13, 9 June 2009 (UTC)


 * See my RPXnow and MediaWiki. --Michal Jurosz 21:11, 18 May 2010 (UTC)

Realm Verification Failed
I just installed your extension and cannot login with openID. I get the following message when I try to login:

error:Invalid AuthRequest: 769: Realm verification failed for: http://www.iptvwiki.com/wiki/

Using MediaWiki 1.14, tried Extension:OpenID 1.14 and 1.15, and I have OpenID Library 2.1.3 installed. Any help would be greatly appreciated.

Thank you,

--97.112.132.8 14:42, 20 June 2009 (UTC)

Cert Verification
Verification error

An error occurred during verification of the OpenID URL.

I am receiving this error when trying to login using my OpenID account with any https site. Basically I've found out that its trying to verify my CAfile: /etc/pki/tls/certs/ca-bundle.crt

How can I mitigate this? I was thinking I could either setup php.ini to use curl -k? (which I dont know how to)

Or I could setup the ca-bundle.crt cert (which i already have a ca.crt file setup for another site hosted on the same machine) Anyone know how to setup the ca-bundle.crt?

Anyone know how to get around this?

error_log http file:

CURL error (60): error setting certificate verify locations:\n CAfile: /etc/pki/tls/certs/ca-bundle.crt\n  CApath: none\n, referer: http://mysite.net/index.php?title=Special:OpenIDLogin&returnto=Home

FYI I resolved this issue by making /etc/pki/tls/certs/ readable.

does this override?
does this override the default log in system and/or this extension, or does it work with it? - Bud0011 07:39, 5 July 2009 (UTC)
 * It can be used in parallel with any other extension - it just authenticates using OpenID, other methods are not affected. --Sergey Chernyshev 04:49, 6 July 2009 (UTC)
 * Sounds good. Thank you. Bud0011 16:51, 6 July 2009 (UTC)

Warning and Fatal Error clicking OpenID link
Warning: require_once(Auth/OpenID/Consumer.php) [function.require-once]: failed to open stream: No such file or directory in /srv/www/wiki.arklinux.org/html/extensions/OpenID/SpecialOpenIDLogin.body.php on line 28

Fatal error: require_once [function.require]: Failed opening required 'Auth/OpenID/Consumer.php' (include_path='/srv/www/wiki.arklinux.org/html:/srv/www/wiki.arklinux.org/html/includes:/srv/www/wiki.arklinux.org/html/languages:.:/usr/share/pear') in /srv/www/wiki.arklinux.org/html/extensions/OpenID/SpecialOpenIDLogin.body.php on line 28

--163.129.77.75 01:08, 5 August 2009 (UTC)


 * check out the pre-requisites section - basically this extension can't find an OpenID library fro OpenIDEnabled.com --Sergey Chernyshev 14:42, 5 August 2009 (UTC)

Google Friendconnect?
Does the extension also work with Google Friendconnect?


 * FriendConnect is not the same thing, but this extension allows you to log in using Google Account in a similar way --Sergey Chernyshev 17:42, 3 September 2009 (UTC)


 * Thanks for the answer! I'll try it soon then. --138.246.7.158 06:40, 4 September 2009 (UTC)

Installation Notes for WIMP Platform
Since I spent the better part of a weekend getting this extension up and running on Windows IIS MySQ PHP (WIMP), thought I would document to minimize others' future misfortune.

Platform was MW 1.16 with php-openid-2.x.x-snapshot library C:\Program Files\PHP>pear install PHPUnit C:\Program Files\PHP>pear install HTML_Common
 * First, you really want to use PEAR if you can. If you have not loaded it into your PHP environment, find instructions and do so.
 * Download and extract the current php-openid package (I used devl version, 2.x.x-snapshot, but you may want to use the most current stable release) from here
 * To integrate php-openid into your PHP environment, copy the extracted "auth" dir (and all subdirs) into your PEAR directory (default is C:\Program Files\PHP\PEAR . Hopefully in the future there will be a PEAR package for Windows that will do this for us, but for now, this works.
 * You will need to add/enable several PHP extensions using PEAR via the following instructions executed from the command line:
 * You will also need to manually add several extensions. First check to make sure these extensions exist in you PHP environment (they are usually found in the C:\Program Files\PHP\ext directory by editing the php.ini file and adding the following (if they are not already there):


 * I had to manually add the new table and index using the MySQL query tool and using the edited commands from openid_table.sql.
 * If you are using windows, you need to add a configuration definition before you activate OpenID otherwise you'll get an error about having an undefined random source:

Special Note: I spent the majority of the time trying to figure out why I got the following error message:

"An error occurred during verification of the OpenID URL"

It turns out, it was because I had not enabled PHP OpenSSL extensions on that server.

Hope this helps --jdpond 01:18, 23 November 2009 (UTC)

Integrate SpecialOpenIDLogin::createUser with LoginForm::addNewAccount?
The LoginForm from SpecialLogin has many desirable features that help manage new users - most of which are bypassed by the SpecialOpenIDLogin::createUser, including several notifications and other useful hooks. Has the concept of integrating these two functionalities been considered - I might be willing to do it, but don't want to waste my time if someone has already taken a shot at it. --jdpond 01:18, 23 November 2009 (UTC)

Adding OpenID to Acount (Also: user page gone)
I tried to add OpenID login to my user account, but after having already plainly logged in with my OpenID, was told it was taken. Additionally, my normal user pages has disappeared, to be replaced with an internal server error (500).

I confirm that bug because I have the same error in my website

Configuration should be moved to LocalSettings.php
As MediaWiki can be used as a single installation for multiple wikis (by means of symbolic links), requiring the extension configuration to be done in the extension itself is an error, since its then global for all wikis within the same installation.

My suggestion would be to keep the OpenID.setup.php configuration in place, but use it as default values, prefixing each line with an:

if (isset($wgVar))

statement. This way the extension will allow users to move any configuration parameter to the LocalSettings.php file of the specific wiki they want to configure.

--Jaime Pérez 17:16, 15 February 2010 (UTC)
 * The OpenID extension doesn't seem to do this any differently than other extensions. The extension sets up the default values in OpenID.setup.php and then you modify the configuration variables after the inclusion of that file. Reach Out to the Truth 21:10, 15 February 2010 (UTC)


 * The fact that other MediaWiki extensions behave like that does not make this behavior the right one. The file where to place configuration per wiki is the LocalSettings.php file. Moving configuration parameters outside that file makes it painful to manage large installations with several wikis using only one installation of MedaWiki. I don't care about other extensions and neither should you, as we are talking about the OpenID one. Putting configuration parameters outside the LocalSettings.php is wrong.
 * --Jaime Pérez 10:18, 22 February 2010 (UTC)
 * You don't configure the extension outside of LocalSettings.php. You configure the extension in LocalSettings.php after the inclusion of OpenID.setup.php. You should not be modifying any other files. Reach Out to the Truth 18:42, 22 February 2010 (UTC)

Annoying PHP Error Log Messages --jdpond 00:38, 12 March 2010 (UTC)
I'm getting two messages using this extension in my otherwise pristine error logs. They are:

PHP Warning: Call-time pass-by-reference has been deprecated;  If you would like to pass it by reference, modify the declaration of [runtime function name]. If you would like to enable call-time pass-by-reference, you can set allow_call_time_pass_reference to true in your INI file. in PHP\PEAR\Auth\OpenID\AX.php on line 963 (also line 891) and PHP Notice: Uninitialized string offset:  0 in includes\WebRequest.php on line 461

The second is a malformed URI - but I don't know why it's getting passed that way.

The first is obviously in the PHP Auth\OpenID pear package.

Any ideas?


 * The second one. Because you are not able to access to the default $wgOpenIDConsumerStorePath and $wgOpenIDServerStorePath.  Set

$wgOpenIDConsumerStoreType = "file"; $wgOpenIDServerStoreType = "file";
 * and

$wgOpenIDConsumerStorePath $wgOpenIDServerStorePath --Onecountry 16:04, 27 May 2010 (UTC)


 * Any help about the first annoying log-message Call-time pass-by-reference...? Ankostis 16:45, 22 November 2010 (UTC)

Empty 'openid_url'
I've got empty key 'openid_url' in $wgRequest. What does this mean?

P. S. i.e. in SpecialOpenIDLogin.body.php near line 68, after user POST empty ($wgRequest -> getText ('openid_url')) === ""

jQuery creates extension compatibility issues
jQuery included in OpenID extension creates extension compatibility issues, for example, with HaloACL (HaloACL uses Prototype). The issue is that OpenID simply stops working when used together with HaloACL.

Moreover, I think jQuery is unnecessary at all for such a simple javascript. I think you should remove it from your extension. Look at a version of skin/openid.js rewritten without jQuery:

Blank pages?
I have the OpenID extension working most of the time. But for some reason it's causing some pages (including Main_Page) to come up totally blank! No header, nothing. I'm seeing no errors in error.log either. I'm using MW 15.3 and lighttpd. --Sfoskett 01:19, 27 May 2010 (UTC)

database error
hello i am not developer, i have quite some experience in coding.

I think i find a bug in mediawiki. i am a yourwiki.net user, yourwiki supports openid. i am attaching my openIDs to my yourwiki account. i own 2 different openIDs (each from yahoo and google). i want to use both of them. there is a link "add another OpenID URL" point to Special:OpenIDConvert. i open this in two other tabs at one time. when i finish the yahoo one everyting is ok. it showed in the list of openIds associated. then error occured when adding the google openid. it shows a page but i forgot the detail, sorry. maybe something like "key 1 already exist". i know i shouldn't, but then i re-opened the "add another" link. this time when i try to add the google id, there is a different error, i've copied it, which is:

A database query syntax error has occurred. This may indicate a bug in the software. The last attempted database query was:

(SQL query hidden)

from within function "SpecialOpenID::addUserUrl". Database returned error "1062: Duplicate entry '1129' for key 2 (192.168.134.225)". sorry i wrapped the lines myself.

i don't know the detail code inside the wiki software. i guess there may be some bugs. here is my opinion,

the first error, software want to store my google id to the same database entry of my yahoo one, so it failed because that has already one entry. but the value openid from google is saved ,even such value isn't pointed to by any index. so, the second error happen, not allow another openid to be the same as the one already saved. hope someone find it out. thank you for attention. --Caowm 05:19, 4 August 2010 (UTC)

Warning when $ax is null in array_key_exists line 265
Line 265:

should be

to prevent warning message on line 265 when logging in using an OpenID for the first time and $ax is null.

Bad signature
I keep having this error: Verification of the OpenID URL failed. Error message: "Bad signature" on my mediawiki.

Prerequisites are confirmed, update ran, installation instructions followed, GMP is OK. Running on debian. Restarted the webserver, configged $wgTrustRoot. So how to deal with this message?

Config: require_once("$IP/extensions/OpenID/OpenID.setup.php"); $path = "$IP/extensions/OpenID"; set_include_path(get_include_path . PATH_SEPARATOR . $path); $wgOpenIDShowProviderIcons = true; $wgTrustRoot = "http://www.website.com/";

MediaWiki versions
I successfully installed the extension (it says Version 0.10-dev) under MW 1.16.1 and php-openid 2.2.2. Clarified the installation steps on the extension's article page from the lessons learned. --Wikinaut 08:14, 27 January 2011 (UTC)