aeoid icon indicating copy to clipboard operation
aeoid copied to clipboard

Published 20 hours ago verified publisher icon Arachnid

Support of OpenID Google Apps discovery

Open jeremys opened this issue 14 years ago • 5 comments

It would allow us to use aeoid to build our AppEngine application for Google Apps Marketplace.

See here for more info : http://code.google.com/googleapps/marketplace/sso.html

jeremys avatar Mar 12 '10 10:03 jeremys

Wow, that was FAST. Thanks Nick!

jeremys avatar Mar 13 '10 00:03 jeremys

I'm attempting to use this for my Python AppEngine Marketplace app. If I upload the demo app to my AppEngine app (which is OpenID whitelisted by my Google Apps domain via the manifest file) and visit myapp.appspot.com/apps_login?domain=mydomain.com then the usual Google Apps OpenID allow page is skipped over like it should be but when returning to myapp.appspot.com/_openid/finish?... I get "Login failed or was cancelled". Looking at the AppEngine Logs I see:

03-18 05:27AM 02.067 Error attempting to use stored discovery information: <aeoid.openid.consumer.consumer.TypeURIMismatch: Required type http://specs.openid.net/auth/2.0/signon not found in ['http://specs.openid.net/auth/2.0/server', 'http://openid.net/srv/ax/1.0', 'http://specs.openid.net/extensions/ui/1.0/mode/popup', 'http://specs.openid.net/extensions/ui/1.0/icon', 'http://specs.openid.net/extensions/pape/1.0'] for endpoint <openid.consumer.discover.OpenIDServiceEndpoint server_url='https://www.google.com/a/ascue.pbu.edu/o8/ud?be=o8' claimed_id=None local_id=None canonicalID=None used_yadis=True >> E 03-18 05:27AM 02.068 Attempting discovery to verify endpoint E 03-18 05:27AM 02.068 Performing discovery on http://ascue.pbu.edu/openid?id=111203045301076947035

Looking at the full _openid/finish?.. URL, it looks like openid.ext1.value.email= as well as my name are being sent back by Google, it just seems Aeoid is unhappy with something about the response.

Any clues?

Jay

jlee123 avatar Mar 18 '10 12:03 jlee123

In fact Nick have just started the support for Google Apps OpenID, it's not finished yet. I've done some hack to make it work as I'm not an OpenID specialist, this is really a temporary hack to continue my dev' until there's a full management of Google Apps OpenID.

Here's what I have done : In \aeoid\openid\consumer\consumer.py : comment ALL the if statement around line 1011 "if defragged_claimed_id != endpoint.claimed_id"

In \aeoid\openid\consumer\consumer.py : comment ALL the if statement around line 1018 "if to_match.getLocalID() != endpoint.getLocalID()"

In \aeoid\openid\consumer\consumer.py : in the function def _discoverAndVerify(self, claimed_id, to_match_endpoints): around line 1055 add: import urllib claimed_id = "https://www.google.com/accounts/o8/user-xrds?uri="+urllib.quote(claimed_id)

With this changes, it's working for me, but I repeat this is just to be able to continue my devs, I'll wait to have a full support implemented by someone who know OpenId to push my app in production.

jeremys avatar Mar 18 '10 12:03 jeremys

Hey, what happend? Develpement stopped? :(

botmonster avatar May 14 '10 19:05 botmonster

I second botmonster. Have you stopped working on this? Deprecated?

crsantos avatar Nov 21 '10 01:11 crsantos