Lightopenid + Google Apps + validate() = No servers found!

Question

I'm using LightOpenID and have a test page that is a near-copy of the example-google.php that came with it (I threw some echo's in to debug). Clicking the 'Login with Google' button takes me to Google. I sign in with a valid Google Apps email address and I get returned to my page. But when it tries to validate the claimed_id, I get a 'No servers found!' message.

I've googled that phrase for guidance but most responses are just links to gitorious checkins. I dove into the code, using fwrites to show that the code is executed in the following order...

(My line numbers might be a little off because of all the debugging code I've put in...)

openid.php:validate() is called. In validate(), around line 568 is this line...

$server = $this->discover($this->data['openid_identity']);

After this line, $server is empty,i.e. ''.

I can show that at the start of discover($url), the variable

$url = http://<my Google Apps domain>.com/openid?id=117665028262121597341  

The problem is that $server is not being set at line 364 (openid.php), when htmlTag() is called. The same $url is scraped for $content but that URL returns a 404, which then fails the pregs in htmlTag()

Is $url incorrect? It is set directly from 'openid_identity', which I think is coming from Google Apps.

Here is the URL that is returned after successfully signing into Google Apps.

http://intranet.&lt;my domain>.com/<my path>/validate.php?openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fwww.google.com%2Fa%2F<my Google App domain>%2Fo8%2Fud%3Fbe%3Do8&openid.response_nonce=2010-10-25T04%3A23%3A26ZFQ4Fq3F3W1b9ug&openid.return_to=http%3A%2F%2Fintranet.<my domain>.com%2F<my path>%2Fvalidate.php&openid.assoc_handle=AOQobUeErcWBdJC6slZm3nCw_BRbvHTjpdtycleA2P89n15QCCr8fRDE&openid.signed=op_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle&openid.sig=yrja2H%2Fvufp2BqezN4NIVGA5wWM%3D&openid.identity=http%3A%2F%2F<my Google App domain>%2Fopenid%3Fid%3D117665028262121597341&openid.claimed_id=http%3A%2F%2F<my Google App domain>%2Fopenid%3Fid%3D117665028262121597341

I'm new to the OpenID thing so a phrase or link to point me in the right direction here would be greatly appreciated.

Thanks, Eric B.

Answer 1

(my second answer) Mewp comes through again. I gotcha. Thank you for the clear explanation. I will take it up with our Google account rep to find out what's up with the URL they are passing back.

take care, Eric B.

(my first answer) Thank you, Mewp, Mr. LightOpenID himself! (although no mention of gender on your site)

If the openid.mode is id_res, is it good/safe enough for me to use the claimed_identity, without having to go through validate()? Skipping something called 'validate' seems wrong but the URL response I got, and pasted in the original post, matches the Google sample response for successful login and confirmation, as shown here: http://code.google.com/apis/accounts/docs/OpenID.html#Samples

Thanks, Eric B.