Hi,
I'm working on OpenID authentication in my Rails app.
Because Authlogic seems to be received well by the community, I gave it a try.
I got to the point where I can register a new user with an OpenID URL. However, when I tried logging in with the URL I signed up with, I keep receiving a message: "Openid identifier did not match any users in our database, have you set up your account to use OpenID?"
In the rails log, I can see it finds the user record and it gets authenticated by myopenid.com.
I went into Authlogic OpenID plugin code, and saw this snippet for Session.rb. (authlogic_openid/lib/authlogic_openid/session.rb)
def validate_by_openid
self.remember_me = controller.params[:remember_me] == "true" if controller.params.key?(:remember_me)
self.attempted_record = klass.send(find_by_openid_identifier_method, openid_identifier)
if !attempted_record
if auto_register?
self.attempted_record = klass.new :openid_identifier=>openid_identifier
attempted_record.save do |result|
if result
true
else
false
end
end
else
errors.add(:openid_identifier, "did not match any users in our database, have you set up your account to use OpenID?")
end
return
end
controller.send(:authenticate_with_open_id, openid_identifier, :return_to => controller.url_for(:for_session => "1", :remember_me => remember_me?)) do |result, openid_identifier|
if result.unsuccessful?
errors.add_to_base(result.message)
return
end
end
end
I do not want to allow auto registration. My question is why does it return the "not match" error when !auto_register?
I must be missing something as login should be something very basic.
EDITED: added log output
Processing UserSessionsController#new (for 127.0.0.1 at 2010-07-10 23:20:45) [GET]
User Columns (2.3ms) SHOW FIELDS FROM `users`
Rendering template within layouts/global
Rendering user_sessions/new
Completed in 62ms (View: 6, DB: 2) | 200 OK [http://myapp/login]
SQL (0.1ms) SET SQL_AUTO_IS_NULL=0
Processing UserSessionsController#create (for 127.0.0.1 at 2010-07-10 23:20:52) [POST]
Parameters: {"commit"=>"Sign in", "user_session"=>{"openid_identifier"=>"http://grnbeagle.myopenid.com"}, "authenticity_token"=>"rJVhWJORj5ArpM5v7dSPHEG278e3eApYu4w3XYPcVqs=", "openid_identifier"=>"http://"}
User Columns (2.3ms) SHOW FIELDS FROM `users`
User Load (0.9ms) SELECT * FROM `users` WHERE (`users`.`openid_identifier` = 'http://grnbeagle.myopenid.com/') LIMIT 1
OpenIdAuthentication::Association Load (0.7ms) SELECT * FROM `open_id_authentication_associations` WHERE (`open_id_authentication_associations`.`server_url` = 'http://www.myopenid.com/server')
Generated checkid_setup request to http://www.myopenid.com/server with assocication {HMAC-SHA1}{4c38f9ea}{ecFuTQ==}
Redirected to http://www.myopenid.com/server?openid.assoc_handle=%7BHMAC-SHA1%7D%7B4c38f9ea%7D%7BecFuTQ%3D%3D%7D&openid.ax.mode=fetch_request&openid.claimed_id=http%3A%2F%2Fgrnbeagle.myopenid.com%2F&openid.identity=http%3A%2F%2Fgrnbeagle.myopenid.com%2F&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.ax=http%3A%2F%2Fopenid.net%2Fsrv%2Fax%2F1.0&openid.ns.sreg=http%3A%2F%2Fopenid.net%2Fextensions%2Fsreg%2F1.1&openid.realm=http%3A%2F%2Fmyapp%2F&openid.return_to=http%3A%2F%2Fmyapp%2Fuser_sessions%3Ffor_session%3D1%26_method%3Dpost%26open_id_complete%3D1
Completed in 436ms (DB: 4) | 302 Found [http://myapp/user_sessions]
SQL (0.1ms) SET SQL_AUTO_IS_NULL=0
Processing UserSessionsController#create (for 127.0.0.1 at 2010-07-10 23:20:53) [POST]
Parameters: {"openid.claimed_id"=>"http://grnbeagle.myopenid.com/", "openid.mode"=>"id_res", "openid.return_to"=>"http://myapp/user_sessions?for_session=1&_method=post&open_id_complete=1", "openid.sig"=>"5AcC93XhY5oa+SNjeTqIj9t1IiE=", "openid.ns"=>"http://specs.openid.net/auth/2.0", "openid.op_endpoint"=>"http://www.myopenid.com/server", "for_session"=>"1", "openid.response_nonce"=>"2010-07-11T03:20:53Zuj3AFP", "openid.identity"=>"http://grnbeagle.myopenid.com/", "open_id_complete"=>"1", "openid.assoc_handle"=>"{HMAC-SHA1}{4c38f9ea}{ecFuTQ==}", "openid.signed"=>"assoc_handle,claimed_id,identity,mode,ns,op_endpoint,response_nonce,return_to,signed"}
User Columns (2.3ms) SHOW FIELDS FROM `users`
User Load (0.8ms) SELECT * FROM `users` WHERE (`users`.`openid_identifier` IS NULL) LIMIT 1
Rendering template within layouts/global
Rendering user_sessions/new
Completed in 105ms (View: 6, DB: 3) | 200 OK [http://myapp/user_sessions?for_session=1&_method=post&open_id_complete=1&openid.assoc_handle=%7BHMAC-SHA1%7D%7B4c38f9ea%7D%7BecFuTQ%3D%3D%7D&openid.claimed_id=http%3A%2F%2Fgrnbeagle.myopenid.com%2F&openid.identity=http%3A%2F%2Fgrnbeagle.myopenid.com%2F&openid.mode=id_res&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.op_endpoint=http%3A%2F%2Fwww.myopenid.com%2Fserver&openid.response_nonce=2010-07-11T03%3A20%3A53Zuj3AFP&openid.return_to=http%3A%2F%2Fmyapp%2Fuser_sessions%3Ffor_session%3D1%26_method%3Dpost%26open_id_complete%3D1&openid.sig=5AcC93XhY5oa%2BSNjeTqIj9t1IiE%3D&openid.signed=assoc_handle%2Cclaimed_id%2Cidentity%2Cmode%2Cns%2Cop_endpoint%2Cresponse_nonce%2Creturn_to%2Csigned]
SQL (0.1ms) SET SQL_AUTO_IS_NULL=0
Thanks in advance!
UPDATE: with auto_register enabled, I was able to authenticate. I still don't get why Authlogic requires auto_register. At the end, I went with restful authentication. It's old and its code is generated, but I have more control over what's being done, and got it working fairly quickly.