all openid signins fail the first time, and then succeed the second
time.
# Store the secret in the session.
my $secret=$session->param("openid_secret");
if (! defined $secret) {
# Store the secret in the session.
my $secret=$session->param("openid_secret");
if (! defined $secret) {
- $secret=$session->param(openid_secret => time);
+ $secret=rand;
+ $session->param(openid_secret => $secret);
}
return Net::OpenID::Consumer->new(
ua => $ua,
args => $q,
}
return Net::OpenID::Consumer->new(
ua => $ua,
args => $q,
- consumer_secret => $secret,
+ consumer_secret => sub { return shift()+$secret },
required_root => $config{cgiurl},
);
} #}}}
required_root => $config{cgiurl},
);
} #}}}
which links to the correct remote page, but is displayed nicely.
* When building the doc wiki, build with LANG=C.
* More gettext fun.
which links to the correct remote page, but is displayed nicely.
* When building the doc wiki, build with LANG=C.
* More gettext fun.
+ * Fix openid signin secret generation code. This fixes the bug that made
+ all openid signins fail the first time, and then succeed the second
+ time.
- -- Joey Hess <joeyh@debian.org> Sat, 27 Jan 2007 21:16:33 -0500
+ -- Joey Hess <joeyh@debian.org> Tue, 30 Jan 2007 02:15:33 -0500
ikiwiki (1.40) unstable; urgency=low
ikiwiki (1.40) unstable; urgency=low
my ($sig_time, $sig) = split(/\-/, $self->args("oic.time") || "");
# complain if more than an hour since we sent them off
return $self->_fail("time_expired") if $sig_time < $now - 3600;
my ($sig_time, $sig) = split(/\-/, $self->args("oic.time") || "");
# complain if more than an hour since we sent them off
return $self->_fail("time_expired") if $sig_time < $now - 3600;
- # also complain if the signature is from the future by more than 30 seconds,
+ also complain if the signature is from the future by more than 30 seconds,
# which compensates for potential clock drift between nodes in a web farm.
return $self->_fail("time_in_future") if $sig_time - 30 > $now;
# and check that the time isn't faked
# which compensates for potential clock drift between nodes in a web farm.
return $self->_fail("time_in_future") if $sig_time - 30 > $now;
# and check that the time isn't faked
I've had this problem too, but with my track record of reporting OpenID bugs
I thought it best if I held my tongue. I usually experience this the first
time I sign in on any ikiwiki installation of {ikiwiki.kitenet, ikidev,
I've had this problem too, but with my track record of reporting OpenID bugs
I thought it best if I held my tongue. I usually experience this the first
time I sign in on any ikiwiki installation of {ikiwiki.kitenet, ikidev,
-betacantrips}, and I think re-logging in always works. --Ethan
\ No newline at end of file
+betacantrips}, and I think re-logging in always works. --Ethan
+
+> Does seem easier to repro than I thought.
+> Ok, fixed it.. [[bugs/done]] --[[Joey]]