Zend_OpenId_Consumer::login() fails

Question

Hi.

I'm trying to implement OpenID. I've cut my code right back to try and get OpenID to work (as a consumer) but the login() methof just keeps failing! Here's the code:

require 'Zend/Http/Client.php';
require 'Zend/OpenId/Consumer.php';

$client = new Zend_Http_Client(null, array(
    'adapter'    => 'Zend_Http_Client_Adapter_Curl',
));

$consumer = new Zend_OpenId_Consumer();
$consumer->setHttpClient($client);

$url = 'https://www.google.com/accounts/o8/id';

$res = $consumer->login($url, 
                        'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], 
                        '*');

echo '<pre>';
var_dump($res);
echo '</pre>';

return;

$res, is always FALSE.

I'm using PHP 5.2.10, i've got allow_url_fopen ON, cURL enabled and openssl enabled. I've tried the code on my local dev machine and my production environment and nether work!

Can anyone point me in the right direction, i'm really stumped with this one!

Thanks, Jon

Answer 1

UPDATE: the discovery fails here, because Zend_OpenId_Consumer doesn't understand OpenID 2.0 (7.3) XRI as provided by google yet. for a workaround, see How do I implement Direct Identity based OpenID authentication with Zend OpenID. UPDATE END

try printing $consumer->getError() instead of the var_dump(). i get a

Discovery failed: HTTP Request failed: Error in cURL request: SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

this indicates a problem with the verification of google's ssl certificate. there are several solutions for this here on SO.

Answer 2

Don't hack and don't use the OpenID Enabled library (if you want to stick with ZF).

Akeem's developed a great solution here: http://ak33m.com/?p=71&cpage=1