Hi,
I have some trouble using the openid check_authentication. The answer from the openid providers (I tried with google and myopenid) is always: is_valid:false
I do already get the openid.sig and openid.identity but when I try to verify my data with the check_authentication call it always returns is_valid:false.
What I have done so far (authentication with google openid in this example, but for myopenid it was the same):
I redirect the web user from my page to the following url:
https://www.google.com/accounts/o8/ud ?openid.ns=http://specs.openid.net/auth/2.0 &openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select &openid.identity=http://specs.openid.net/auth/2.0/identifier_select &openid.return_to=http://localhost:104/evalgoogle.aspx &openid.mode=checkid_setup
(Without the line breaks of course, I put them in this post only to keep it readable. localhost:104/evalgoogle.aspx is my local test environment)
I will then get redirected to the google login page where I can sign in and accept that I will login at Localhost. I unchecked the remember checkbox though.
After logging in I will get redirected to the return_to page I set and get the following data in the request:
openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0 &openid.mode=id_res &openid.op_endpoint=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fud &openid.response_nonce=2010-02-12T14%3A46%3A52Z1PDyxBssEN9p5g &openid.return_to=http%3A%2F%2Flocalhost%3A104%2Fevalgoogle.aspx &openid.assoc_handle=AOQobUfpVnBFYzFO15z92rru88nWjEnw0u8ethVscpjDwkssp8GjVc0u &openid.signed=op_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to %2Cresponse_nonce%2Cassoc_handle &openid.sig=24Hetky5HrNwrY3%2B%2B2vtIGnvmnI%3D &openid.identity=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D{SOMEID} &openid.claimed_id=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D{SOMEID}
(where {SOMEID} is my google id)
To verify this signature and google id, I composed a webrequest calling the check_authentication as described in openid.net/specs/openid-authentication-1_1.html#mode_check_authentication
My problem now is that this always returned is_valid:false
To eliminate possible problems in my webrequest, I now create just a html form with the data I get back from google like this:
<form method="post" action="<%=Request.Params["openid.op_endpoint"] %>">
<div>
<input type="text" name="openid.mode" value="check_authentication" />
<input type="text" name="openid.assoc_handle" value="<
%=Request.Params["openid.assoc_handle"] %>" /> " /> " /> " /> " /> " /> " />
But this also just yields the is_valid:false
Does anyone have an idea what is wrong with my approach?
Thank you very much