aboutsummaryrefslogtreecommitdiff
path: root/doc/bugs/openid_postsignin_failure.mdwn
blob: df8f3997dbf73b0fcb7659c5e15784e4d679fd15 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
I tried enabling the openid plugin on my site. I tried to log in but got an 
error when coming back to ikiwiki.cgi: "Error: unknown do parameter". I think
this means that do=postsignin isn't handled by CGI.pm. 

The URI in question is fairly long, but if you want me to add it here, I can do that.

I didn't really know how to debug this so I grepped for "postsignin" in both 
openid.pm and passwordauth.pm and found:

    IkiWiki/Plugin/openid.pm:               return_to => IkiWiki::cgiurl(do => "postsignin"),
    IkiWiki/Plugin/passwordauth.pm:                         IkiWiki::cgi_postsignin($cgi, $session);

Am I barking up the wrong tree? Maybe I'm missing something obvious? 

I'm running 1.38 of ikiwiki and the newest CGI::Session, Net::OpenID::Consumer, 
Crypt::DH, URI-Fetch. --Ethan

> The url must not have a setting for openid.mode or openid_identifier in
> it. So the OpenId plugin didn't know that it was trying to log in. I
> think this points to an issue with the OpenID server. --[[Joey]]

>> I put debugging output in openid.pm and it suggests that the 
>> verification is taking place successfully. I see "openid.mode=id_res" 
>> in the URI. On top of that, it's the same Openid server I use
>> to sign in here on ikiwiki.kitenet.net. --Ethan

>>> Yikes, I don't really have the newest CGI::Session after all.. 
>>> let me try updating that. --Ethan
>>>> Sorry, I'm an idiot -- cookies disabled on my browser. Sorry to 
>>>> waste your time.. --Ethan

>>>>> No problem, the error message could certianly use improvement.
>>>>> Although if I disable cookies, myopenid lets me know. Maybe you
>>>>> should paste the url. --[[Joey]]

I have cookies disabled on my computer, with a bunch of manual
exceptions. This includes myopenid, ikiwiki.kitenet.net, livejournal,
and some others. Unfortunately it didn't include my own domain.
So the URI that myopenid redirected me to was fine, but because
I didn't have cookies set, I didn't have a session, and so 
session->param('postsignin') was undefined, so instead of being
redirected my query fell through CGI.pm to the bottom of cgi(), 
where I got the message above. In a perfect world I'd say that
it would be nice to let the user know that they can't sign in
w/o cookies, but I don't see any easy way of detecting that 
from CGI::Session. Maybe you know a way -- I have never used 
CGI.pm before, this isn't my forte (in case that  wasn't obvious).
--Ethan