Quite honestly, this is my first time developing openID app so I'm unclear on terms and what nots but here it goes... I'm trying to use openID with nodeJS openID plugin but I'm having below error.
OpenID provider endpoint in assertion response does not match discovered OpenID provider endpoint
After digging through the source code I believe this is because I have
https://www.google.com/accounts/o8/ud?source=gmail.com&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns....
as authentication URL but response come back with out source=gmail.com as below
https://www.google.com/accounts/o8/ud?&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns....
I'm simply using posted sample code in the plugin's website so I believe my implementation is correct, however I'm not so confident in openID identifier "gmail.com" in below code. Am I suppose to pass in another string for Goggle which does not set source URL attribute? if that is the case where can I find list of other openID providers' identifiers?
relyingParty.authenticate(identifier, false, function(error, authUrl) { if (error) { res.writeHead(200); res.end('Authentication failed: ' + error.message); } else if (!authUrl) { res.writeHead(200); res.end('Authentication failed'); } else { res.writeHead(302, { Location: authUrl }); res.end(); } });
Thanks for the help,
This was a bug in node-openid which has been fixed. Version 0.5.6 (or later) is available on npm and does not have this bug.