Skittish Eclipse (foxfirefey) wrote in lj_dev,
Skittish Eclipse

OpenID Woes

I've been trying to set up some fun and nifty things for some communities I manage, and my plans include getting OpenID to work. But for some reason, some LJ names work and some LJ names don't. And it seems that they'll work on PHP 4.4.4, but not PHP 5.2.0. I'm using version 1.2.1 of this PHP OpenID library . Has anybody else ever tried to get OpenID working on a site with LJ and run into this problem?

Edit: Problem found? omnifarious is all kinds of observant and clever. It looks like opening and closing script tags in front of the OpenID server and Yadis links make the parser the Yadis library uses choke--I can replicate this by turning the NavStrip to show all, which puts JS before those links in my journal and makes it fail for my journal. But when I turn it off, it works again. This pattern is holding so far for all of the journals that have trouble.

Double edit: _arty has SAVED me! It looks like increasing the pcre.recursion_limit and pcre.backtrack_limit does the trick and fixes the problem!

Triple edit: I was wrong about the previous--some of the journals were still erroring out, and I wasn't entirely comfortable with raising those limits anyway, so I rolled up my sleeves and got my hands a bit dirty. I think I might have found two gotchas in the ParseHTML.php file in the Yadis library. After I make those changes, all the journals that had previously errored out start working again.

A name that works includes my own (Identity URL:, names that don't work include somerled (Identity URL: and missbabyblue (Identity URL: and 5/13 of the people on the beginning of my friends list.

When I try to verify some of the fluke names like somerled in PHP 5.2 setups, it doesn't even get as far as LJ asking me whether I will approve this request or telling me I'm trying to verify an identity I can't provide. It just says:
Authentication error.
as the warning and I'm still stuck at try_auth.php. (It gives an authentication error to somerled when he tries to log in on his own setup, as well.) When I try to verify a name that does work but that I'm not signed into, it takes me to the expected "The site you just came from seems to want to verify an identity that you, as foxfirefey, cannot provide." page on LiveJournal.

Names include the links to the OpenID server and Yadis on their main pages, like so:
<link rel="openid.server" href="" />
<meta http-equiv="X-XRDS-Location" content="" />
But for some reason the $endpoint in Auth/OpenID/Consumer.php is getting null returned, and I've yet to figure out exactly why:
319:  $endpoint = $disco->getNextService($discoverMethod,
320:                         $this->consumer->fetcher);
And I'm not sure how to best go about debugging it to find out what difference between the two names is making it choke.

I've gone and set up a few examples to try and see what might be the problem. The only thing I have changed from their default example code is in detect.php so that everyone can see what it says, because I get this error when I run the original file:
Fatal error: Class 'Services_Yadis_Yadis' not found in /home/.malossi/skittisheclipse/ on line 385
So I added the line in bold to the file at about line 445, which stops the error by including the file with that class:
$_file1 = include 'Auth/OpenID.php';
$_file2 = include 'Auth/OpenID/BigMath.php';
include 'Services/Yadis/Yadis.php';

But that doesn't even affect the example consumer code in question.

I've tried this both with the $store_path set to the default in common.php and set to a non-web accessible directory in my hosting's home directory. All of the examples I set up right now are set to the default, however, in /tmp/. I don't think that's the problem, since I can verify myself in all of the examples.

Does anybody know whether the PHP 5.2 I have set up is wrong somehow? I have made a table of all the test setups I currently have, including a phpinfo() page and the detect.php run from the examples folder. In order to work with any of these examples, cookies should be enabled for the domains.

Index pageDetect.phpPhp Info"Works" for the trouble names
Index Setup Complete w/ bcmath support PHP 4.4.4 Yes
Index Setup Complete w/ bcmath support PHP 5.2.0 No
Index Setup Complete w/ gmp support PHP 5.2.0 No

So if anybody has run into this before and knows how to fix it, or has an OpenID implementation that works with the above mentioned names in PHP 5.2.0 I could sneak hintful peeks at, I'd really love to know!
  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded