Topic on Extension talk:OpenID

CAVEAT: Google's OpenIDs are Unique Per-Domain

2
Pigpen (talkcontribs)

Hi, we're using version 0.9.0 patched (as described here) to work with MediaWiki 1.17.2. Using Google as OpenID provider it worked like a charm until we changed subdomains on the Wiki server (foo.example.com --> bar.example.com). The login itself succeeded but the user was presented with a form where he should choose his user name. We found out that $user = self::getUser( $openid ); in SpecialOpenIDLogin.body.php failed to return a valid user object since $openid was not found in the user_openid table! After switching back to foo.example.com the login worked again as expected. A bit of googling revealed the reason: Google's OpenIDs are Unique Per-Domain. We implemented a rather hackish way to update OpenIDs in the database for the time of the migration. Basically: Be very careful when changing domains when using Google as OpenID provider. Is the SVN version able to work with Google's changing OpenIDs?

Wikinaut (talkcontribs)

Thanks for reporting this issue. I already knew the problem, for example from this report https://drupal.org/node/1223386 .

You asked "Is the SVN version able to work with Google's changing OpenIDs?". Answer: no, currently not, but the SVN version allows users with an OpenID account to associate a normal password to the account, which was not possible in older OpenID versions. This can at least help to overcome (wiki) domain move problems.

Reply to "CAVEAT: Google's OpenIDs are Unique Per-Domain"