Zend Framework Community › Zend Auth

Doesn't OpenId Provider support DH-SHA1

Classic

List

Threaded

7 messages Options

Marko Gräßlin

Doesn't OpenId Provider support DH-SHA1

Hello,

I'm trying to implement a OpenId Server, but already the association
fails. The call to Zend_OpenId_Provider::handle()
returns:

assoc_type:HMAC-SHA1
error:Wrong "openid.session_type"
error-code:unsupported-type

The Client was:
http://openidenabled.com/resources/openid-test/diagnose-server The HTTP
call has the following Parameters:

parameters array ( 'openid_mode' => 'associate',
'openid_dh_consumer_public' =>
'ANqviBO6KLCTjxseYywsMcM29s5GDkQ/VTx2uniOXfNIBkFLNxoE3xQEwmx3bvFQfiY/TphxnCojbFPDOp8mDZIVHwmVPGTYw9GgV8y84PTkKBkjriWXfNVO9AnB7xyHzGm4Euxdm+veU7ozNCpcaeART88WTGngn8IksukH36xa',
'openid_assoc_type' => 'HMAC-SHA1', 'openid_session_type' => 'DH-SHA1',)

Does that mean DH-SHA1 is not supported ? Do I need some additional libs ?
At this time there is not much to find about Zend OpenId Provider in the
Web, so I hope somebody here can help me.

Regards

Marko

--

------------------------------------------------
ekaabo GmbH
Marko Graesslin
Senior Software Engineer
[hidden email]
Grundelbachstr. 84
69469 Weinheim
tel: +49-(0)6201-84520-0 (Zentrale)
fax: +49-(0)6201-84520-29
www.ekaabo.de
Amtsgericht Mannheim / HRB 701542
Geschäftsführer: Marco Ripanti
------------------------------------------------

padraicb

Re: Doesn't OpenId Provider support DH-SHA1

Hi Marko,

What you haven't clarified is whether you're using OpenID 1.1 or 2.0. You should be aware the Zend component is not currently completely OpenID 2.0 compliant which is possibly why the test is failing. Now that I'm back on the PHP scene, I'll look into what's left for that compliance. I had some subversion commit issues a while back its about time I resolved...

Dmitry is the primary Zend_OpenId contact - perhaps you could open an issue for the failed test so it's immortalised and documented for resolution.

Paddy

Marko Gräßlin wrote

Hello,

I'm trying to implement a OpenId Server, but already the association
fails. The call to Zend_OpenId_Provider::handle()
returns:

assoc_type:HMAC-SHA1
error:Wrong "openid.session_type"
error-code:unsupported-type

The Client was:
http://openidenabled.com/resources/openid-test/diagnose-server The HTTP
call has the following Parameters:

parameters array ( 'openid_mode' => 'associate',
'openid_dh_consumer_public' =>
'ANqviBO6KLCTjxseYywsMcM29s5GDkQ/VTx2uniOXfNIBkFLNxoE3xQEwmx3bvFQfiY/TphxnCojbFPDOp8mDZIVHwmVPGTYw9GgV8y84PTkKBkjriWXfNVO9AnB7xyHzGm4Euxdm+veU7ozNCpcaeART88WTGngn8IksukH36xa',
'openid_assoc_type' => 'HMAC-SHA1', 'openid_session_type' => 'DH-SHA1',)

Does that mean DH-SHA1 is not supported ? Do I need some additional libs ?
At this time there is not much to find about Zend OpenId Provider in the
Web, so I hope somebody here can help me.

Regards

Marko

--

------------------------------------------------
ekaabo GmbH
Marko Graesslin
Senior Software Engineer
marko@ekaabo.de
Grundelbachstr. 84
69469 Weinheim
tel: +49-(0)6201-84520-0 (Zentrale)
fax: +49-(0)6201-84520-29
www.ekaabo.de
Amtsgericht Mannheim / HRB 701542
Geschäftsführer: Marco Ripanti
------------------------------------------------

Marko Gräßlin

Re: Doesn't OpenId Provider support DH-SHA1

Hi Paddy,

thanks for your Answer. OpenId 2.0 Compliance and Attribute Exchange
would be very appreciated.
At this time I'm not so sure if the problem is in Zend Framework or in
my understanding of Zend
OpenId Provider and the OpenId standard ;-) The biggest problem might be
the lack of documentation
on how to integrate the provider in my own application.

I will work further on it, if I think the problem is in Zend Framework
I'm going to open a ticket.

Marko

Pádraic Brady schrieb:

> Hi Marko,
>
> What you haven't clarified is whether you're using OpenID 1.1 or 2.0. You
> should be aware the Zend component is not currently completely OpenID 2.0
> compliant which is possibly why the test is failing. Now that I'm back on
> the PHP scene, I'll look into what's left for that compliance. I had some
> subversion commit issues a while back its about time I resolved...
>
> Dmitry is the primary Zend_OpenId contact - perhaps you could open an issue
> for the failed test so it's immortalised and documented for resolution.
>
> Paddy
>
>
>
> -----
> Pádraic Brady
>
> http://blog.astrumfutura.com
> http://www.patternsforphp.com
> OpenID Europe Foundation - Irish Representative
>

--

------------------------------------------------
ekaabo GmbH
Marko Graesslin
Senior Software Engineer
[hidden email]
Grundelbachstr. 84
69469 Weinheim
tel: +49-(0)6201-84520-0 (Zentrale)
fax: +49-(0)6201-84520-29
www.ekaabo.de
Amtsgericht Mannheim / HRB 701542
Geschäftsführer: Marco Ripanti
------------------------------------------------

Dmitry Stogov

Re: Doesn't OpenId Provider support DH-SHA1

In reply to this post by Marko Gräßlin

Hi Marko,

Thank you for your report and sorry for long delay.
I've just committed the fix for this bug into SVN trunk.

Thanks. Dmitry.

Marko Gräßlin wrote:

> Hello,
>
> I'm trying to implement a OpenId Server, but already the association
> fails. The call to Zend_OpenId_Provider::handle()
> returns:
>
> assoc_type:HMAC-SHA1
> error:Wrong "openid.session_type"
> error-code:unsupported-type
>
> The Client was:
> http://openidenabled.com/resources/openid-test/diagnose-server The HTTP
> call has the following Parameters:
>
> parameters array ( 'openid_mode' => 'associate',
> 'openid_dh_consumer_public' =>
> 'ANqviBO6KLCTjxseYywsMcM29s5GDkQ/VTx2uniOXfNIBkFLNxoE3xQEwmx3bvFQfiY/TphxnCojbFPDOp8mDZIVHwmVPGTYw9GgV8y84PTkKBkjriWXfNVO9AnB7xyHzGm4Euxdm+veU7ozNCpcaeART88WTGngn8IksukH36xa',
> 'openid_assoc_type' => 'HMAC-SHA1', 'openid_session_type' => 'DH-SHA1',)
>
> Does that mean DH-SHA1 is not supported ? Do I need some additional libs ?
> At this time there is not much to find about Zend OpenId Provider in the
> Web, so I hope somebody here can help me.
>
>
> Regards
>
>
> Marko
>

Marko Gräßlin

Re: Doesn't OpenId Provider support DH-SHA1

Hi Dmitry,

thanks for the fix, I will try it. Do you know if somebody is working on
the implementation of the attribute exchange extension ?

Regards

Marko

Dmitry Stogov schrieb:
> Hi Marko,
>
> Thank you for your report and sorry for long delay.
> I've just committed the fix for this bug into SVN trunk.
>
> Thanks. Dmitry.
>
>

--

------------------------------------------------
ekaabo GmbH
Marko Graesslin
Senior Software Engineer
[hidden email]
Grundelbachstr. 84
69469 Weinheim
tel: +49-(0)6201-84520-0 (Zentrale)
fax: +49-(0)6201-84520-29
www.ekaabo.de
Amtsgericht Mannheim / HRB 701542
Geschäftsführer: Marco Ripanti
------------------------------------------------

help_poor

Re: Doesn't OpenId Provider support DH-SHA1

Hello Marko,

Is ZF openid working for you ? 1.0 or 2.0 what ever ZF openid does it work with Yahoo/Google/Aol/Facebook/etc etc in 2011 ??????

Thanks & Regards

Ferenc Kovacs-3

Re: Doesn't OpenId Provider support DH-SHA1

STFU

Regards

On Wed, Jan 5, 2011 at 12:47 AM, help_poor <[hidden email]> wrote:

>
> Hello Marko,
>
> Is ZF openid working for you ? 1.0 or 2.0 what ever ZF openid does it work
> with Yahoo/Google/Aol/Facebook/etc etc in 2011 ??????
>
>
> Thanks & Regards
>
> --
> View this message in context:
> http://zend-framework-community.634137.n4.nabble.com/Doesn-t-OpenId-Provider-support-DH-SHA1-tp676815p3174646.html
> Sent from the Zend Auth mailing list archive at Nabble.com.
>
>