Bugfix release v2010-12-08 of the OpenID component
There is a new bugfix release of the OpenID component available: https://github.com/cakebaker/openid-component/downloads.
This release fixes a bug in the isOpenIDResponse() method. So far this method only recognized OpenID responses from a GET request. But as I had to learn, there are OpenID providers (e.g. Hyves) responding with a POST request… So, if you use the isOpenIDResponse() method, please upgrade to the new version.
However, this bug not only affected the component itself but also the examples and the example application. They contained code that looked like:
if ($this->RequestHandler->isPost()) {
// make OpenID request
} elseif ($this->Openid->isOpenIDResponse()) {
// handle OpenID response
}
This snippet will fail if the response from an OpenID provider is a POST request. Instead it should look like:
if ($this->RequestHandler->isPost() && !$this->Openid->isOpenIDResponse()) {
// make OpenID request
} elseif ($this->Openid->isOpenIDResponse()) {
// handle OpenID response
}
Please fix this in your code if you followed the examples.
Thanks go to Sam Mousa for reporting this issue.
Similar entries
- Bugfix release for the OpenID component & an example application
- OpenID component v2010-05-19 released
- Support for Google Apps OpenIDs
- OpenID component for CakePHP
- New release of the OpenID component
- Accepting the Google OpenID with PHP OpenID
- Attribute Exchange support for the OpenID component
- openID login in cakePHP
- Reusable code and the import of vendors files
- Cucumber: Switching from Webrat to Capybara
Sponsors
