My favorites | Sign in
Project Logo
Project Home
  
Downloads
  
Wiki
  
Issues
  
Source
    
Summary | Updates | People
Details: Show all Hide all

Last 30 days

  • Dec 01, 2009
    SRegHowTo (How to transfer attributes using the Simple Registration ext...) Wiki page commented on by ashwanth...@gmail.com   -   its String email = sregResp.getAttributeValue("email");
    its String email = sregResp.getAttributeValue("email");
  • Dec 01, 2009
    issue 102 (IncrementalNonceGenerator in clustered environment) reported by robert.egelnor   -   What steps will reproduce the problem? Run OpenID4Java server-side with rather high load. What is the expected output? What do you see instead? "Nonce already seen" on the client side. What version of the product are you using? On what operating system? openid4java 0.9.3 (I think we have tested 0.9.5 too) Please provide any additional information below. The IncrementalNonceGenerator generates nonces based on current timestamp in seconds and together with a counter. When having a high load (i.e. many calls/second) and two servers the same nonce could be generated (since the counter is only unique to the JVM). The client-side implementation checks for replay attacks with the same nonce, which occurs in the case.
    What steps will reproduce the problem? Run OpenID4Java server-side with rather high load. What is the expected output? What do you see instead? "Nonce already seen" on the client side. What version of the product are you using? On what operating system? openid4java 0.9.3 (I think we have tested 0.9.5 too) Please provide any additional information below. The IncrementalNonceGenerator generates nonces based on current timestamp in seconds and together with a counter. When having a high load (i.e. many calls/second) and two servers the same nonce could be generated (since the counter is only unique to the JVM). The client-side implementation checks for replay attacks with the same nonce, which occurs in the case.
  • Nov 24, 2009
    r631 (Making HTTP client injectable. Adding an example for AppEngi...) committed by dirk.balfanz   -   Making HTTP client injectable. Adding an example for AppEngine-hosted openid relying party.
    Making HTTP client injectable. Adding an example for AppEngine-hosted openid relying party.

Earlier this year

  • Nov 06, 2009
    r630 (Extension namespece declaration are signed when required.) committed by Johnny.Bufu   -   Extension namespece declaration are signed when required.
    Extension namespece declaration are signed when required.
  • Nov 06, 2009
    issue 71 (upgrade HttpClient library: version 3.x --> version 4) Status changed by zhoushuqun   -   Done, many thanks for the patch. And please check the r629.
    Status: Fixed
    Done, many thanks for the patch. And please check the r629.
    Status: Fixed
  • Nov 06, 2009
    r629 (Apply the patch from sean(issue 71) to upgrade httpclient li...) committed by zhoushuqun   -   Apply the patch from sean( issue 71 ) to upgrade httpclient library from commons-httpclient-3.0.1 to httpclient-4.0, many thanks. The "lib/extra/jcip-annotations.jar" is for the bug of httpclient-4.0: h ttps://issues.apache.org/jira/browse/HTTPCLIENT-866?page=com.atlassian.jira.plugin.system.issuetabpa nels:all-tabpanel (and thanks for http://blog.ipsi.net.nz/?p=24), once the httpclient fixes this issue, the jar many be deleted from repository.
    Apply the patch from sean( issue 71 ) to upgrade httpclient library from commons-httpclient-3.0.1 to httpclient-4.0, many thanks. The "lib/extra/jcip-annotations.jar" is for the bug of httpclient-4.0: h ttps://issues.apache.org/jira/browse/HTTPCLIENT-866?page=com.atlassian.jira.plugin.system.issuetabpa nels:all-tabpanel (and thanks for http://blog.ipsi.net.nz/?p=24), once the httpclient fixes this issue, the jar many be deleted from repository.
  • Nov 06, 2009
    issue 71 (upgrade HttpClient library: version 3.x --> version 4) Status changed by zhoushuqun   -  
    Status: Accepted
    Status: Accepted
  • Nov 05, 2009
    r628 (Fix resource settings of source and test source, to match th...) committed by zhoushuqun   -   Fix resource settings of source and test source, to match the ant build script.
    Fix resource settings of source and test source, to match the ant build script.
  • Oct 28, 2009
    issue 71 (upgrade HttpClient library: version 3.x --> version 4) commented on by s...@seansullivan.com   -   Patch file that will update the Openid4java project from HttpClient 3.1 to HttpClient 4.0 (final) This patch should be applied to SVN trunk.
    Patch file that will update the Openid4java project from HttpClient 3.1 to HttpClient 4.0 (final) This patch should be applied to SVN trunk.
  • Oct 26, 2009
    r627 (- tagged revision of recent updates as well as the new getAt...) committed by nei...@mcs.anl.gov   -   - tagged revision of recent updates as well as the new getAttributes extension that allows the client request parameters to be passed to the configured AttributeProviders
    - tagged revision of recent updates as well as the new getAttributes extension that allows the client request parameters to be passed to the configured AttributeProviders
  • Oct 26, 2009
    r626 (- pass ParameterList of client request parameters to the A...) committed by nei...@mcs.anl.gov   -   - pass ParameterList of client request parameters to the AttributeProviders so that they can potentially return only the attributes that were requested by the client (rather than all) - fix a bug that added the Attributes to the auth response after it was signed by making sure they were added before hand (so that they too could be signed if desired)
    - pass ParameterList of client request parameters to the AttributeProviders so that they can potentially return only the attributes that were requested by the client (rather than all) - fix a bug that added the Attributes to the auth response after it was signed by making sure they were added before hand (so that they too could be signed if desired)
  • Oct 19, 2009
    issue 88 (Parsing KeyValue message with trailing newline fails) commented on by tomoinn   -   Actually scratch my last comment - I was doing something brain dead (this happens when coding at five in the morning).
    Actually scratch my last comment - I was doing something brain dead (this happens when coding at five in the morning).
  • Oct 19, 2009
    issue 88 (Parsing KeyValue message with trailing newline fails) commented on by tomoinn   -   I'd shift this to a higher priority, I'm trying to use Google's OpenID endpoint at https://www.google.com/accounts/o8/id and it's displaying this behaviour. If there's a simple fix that makes this work in spite of broken servers please include it, I don't really want to have to fork yet another library because the authors have decided to follow a spec to the letter rather than deal with reality.
    I'd shift this to a higher priority, I'm trying to use Google's OpenID endpoint at https://www.google.com/accounts/o8/id and it's displaying this behaviour. If there's a simple fix that makes this work in spite of broken servers please include it, I don't really want to have to fork yet another library because the authors have decided to follow a spec to the letter rather than deal with reality.
  • Oct 14, 2009
    r625 (- Tagging recent update of branch sync'd to trunk ) committed by nei...@mcs.anl.gov   -   - Tagging recent update of branch sync'd to trunk
    - Tagging recent update of branch sync'd to trunk
  • Oct 14, 2009
    r624 (- Bring OpenID ANL branch up to date with latest OpenID Trun...) committed by nei...@mcs.anl.gov   -   - Bring OpenID ANL branch up to date with latest OpenID Trunk
    - Bring OpenID ANL branch up to date with latest OpenID Trunk
  • Oct 14, 2009
    issue 101 (Server: Invalid signature after adding Simple Registration a...) reported by jakobi.m...@gmx.net   -   What steps will reproduce the problem? 1. Create an AuthSuccess message and add a Simple Registration Extionsion with some attributes according to the documentation and the SRegHowTo What is the expected output? What do you see instead? In the AuthSuccess message the openid.sreg.* parameters are listed in the openid.signed parameter but not contained in the generated signature (openid.sig) What version of the product are you using? OpenID4Java 0.9.5 Solution: Mention in the SRegHowTo that ConsumerManager.sign() has to be invoked after adding the SReg-Extension object to the AuthSuccess message. OR Change the code, so that ConsumerManager.sign() is invoked automatically after an Extension has been added to an AuthSuccess message.
    What steps will reproduce the problem? 1. Create an AuthSuccess message and add a Simple Registration Extionsion with some attributes according to the documentation and the SRegHowTo What is the expected output? What do you see instead? In the AuthSuccess message the openid.sreg.* parameters are listed in the openid.signed parameter but not contained in the generated signature (openid.sig) What version of the product are you using? OpenID4Java 0.9.5 Solution: Mention in the SRegHowTo that ConsumerManager.sign() has to be invoked after adding the SReg-Extension object to the AuthSuccess message. OR Change the code, so that ConsumerManager.sign() is invoked automatically after an Extension has been added to an AuthSuccess message.
  • Oct 09, 2009
    issue 97 (Provide source jar in Maven repository) changed by zhoushuqun   -   Fixed in r623. And here is the snapshot: http://oss.sonatype.org/content/repositories/openid4java-snapshots/
    Status: Fixed
    Owner: zhoushuqun
    Fixed in r623. And here is the snapshot: http://oss.sonatype.org/content/repositories/openid4java-snapshots/
    Status: Fixed
    Owner: zhoushuqun
  • Oct 08, 2009
    r623 (Attach sources when deploy, fix issue #97.) committed by zhoushuqun   -   Attach sources when deploy, fix issue #97 .
    Attach sources when deploy, fix issue #97 .
  • Oct 06, 2009
    SampleServer (Sample code for building an OpenID Provider / Server) Wiki page commented on by zjiaq...@hotmail.com   -   how to run it?
    how to run it?
  • Oct 01, 2009
    issue 71 (upgrade HttpClient library: version 3.x --> version 4) commented on by nikolay.gorylenko   -   http://www.theserverside.com/news/thread.tss?thread_id=55715 - HttpClient 4 released!
    http://www.theserverside.com/news/thread.tss?thread_id=55715 - HttpClient 4 released!
  • Sep 30, 2009
    issue 100 (NullPointerException at org.apache.commons.httpclient.HttpCo...) commented on by a.brassac2   -   Ok, solved I think, it appears it's a tomcat security manager problem... By running it without the security manager, it worked well. I'm not sure exactly what's happening but I suspect a lack of socket permission somewhere. I probably won't be the only one with this problem, you should consider trying to catch that potential null exception!
    Ok, solved I think, it appears it's a tomcat security manager problem... By running it without the security manager, it worked well. I'm not sure exactly what's happening but I suspect a lack of socket permission somewhere. I probably won't be the only one with this problem, you should consider trying to catch that potential null exception!
  • Sep 22, 2009
    issue 100 (NullPointerException at org.apache.commons.httpclient.HttpCo...) commented on by a.brassac2   -   by the way it corresponds to this line in the Servlet code: // perform discovery on the user-supplied identifier List discoveries = manager.discover(userSuppliedString);
    by the way it corresponds to this line in the Servlet code: // perform discovery on the user-supplied identifier List discoveries = manager.discover(userSuppliedString);
  • Sep 22, 2009
    issue 100 (NullPointerException at org.apache.commons.httpclient.HttpCo...) reported by a.brassac2   -   What steps will reproduce the problem? 1. Running the consumer-example with t What is the expected output? What do you see instead? The same as with maven! What version of the product are you using? On what operating system? latest official release 0.9.5.593 Please provide any additional information below. Here's the exception (below), the "userSuppliedString" is correct, I checked it, right before the exception it shows: userSuppliedString = http://myopenidusername.myopenid.com/, returnToUrl = http://localhost:8082/OpenId/consumerServlet?is_return=true This only happens when I try to run the example with tomcat, with maven it works well. Maybe something wrong with my WAR (attached), the exception is too far away from the Servlet code for me to debug it easily... SEVERE: Servlet.service() for servlet ConsumerServlet threw exception java.lang.NullPointerException at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:720) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1321) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:386) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:170) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324) at org.openid4java.util.HttpCache.head(HttpCache.java:296) at org.openid4java.discovery.yadis.YadisResolver.retrieveXrdsLocation(YadisResolver.java:360) at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:229) at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:221) at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:179) at org.openid4java.discovery.Discovery.discover(Discovery.java:134) at org.openid4java.discovery.Discovery.discover(Discovery.java:114) at org.openid4java.consumer.ConsumerManager.discover(ConsumerManager.java:527) at org.openid4java.samples.consumerservlet.ConsumerServlet.authRequest(ConsumerServlet.java:145)
    What steps will reproduce the problem? 1. Running the consumer-example with t What is the expected output? What do you see instead? The same as with maven! What version of the product are you using? On what operating system? latest official release 0.9.5.593 Please provide any additional information below. Here's the exception (below), the "userSuppliedString" is correct, I checked it, right before the exception it shows: userSuppliedString = http://myopenidusername.myopenid.com/, returnToUrl = http://localhost:8082/OpenId/consumerServlet?is_return=true This only happens when I try to run the example with tomcat, with maven it works well. Maybe something wrong with my WAR (attached), the exception is too far away from the Servlet code for me to debug it easily... SEVERE: Servlet.service() for servlet ConsumerServlet threw exception java.lang.NullPointerException at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:720) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1321) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:386) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:170) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324) at org.openid4java.util.HttpCache.head(HttpCache.java:296) at org.openid4java.discovery.yadis.YadisResolver.retrieveXrdsLocation(YadisResolver.java:360) at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:229) at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:221) at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:179) at org.openid4java.discovery.Discovery.discover(Discovery.java:134) at org.openid4java.discovery.Discovery.discover(Discovery.java:114) at org.openid4java.consumer.ConsumerManager.discover(ConsumerManager.java:527) at org.openid4java.samples.consumerservlet.ConsumerServlet.authRequest(ConsumerServlet.java:145)
  • Sep 16, 2009
    issue 99 (Java Heap Space error when using blogspot as openid provider) reported by robicch   -   What steps will reproduce the problem? 1. just pick any blogspot account as openid e.g. http://jblooming.blogspot.com/ 2. it works fine with several other providers (yahoo, google, wordpress etc.) What is the expected output? What do you see instead? Instead of redirecting the response parser never exits and gets "Java heap space error" What version of the product are you using? On what operating system? 0.9.5.593 on windows with jdk 6
    What steps will reproduce the problem? 1. just pick any blogspot account as openid e.g. http://jblooming.blogspot.com/ 2. it works fine with several other providers (yahoo, google, wordpress etc.) What is the expected output? What do you see instead? Instead of redirecting the response parser never exits and gets "Java heap space error" What version of the product are you using? On what operating system? 0.9.5.593 on windows with jdk 6
  • Sep 03, 2009
    issue 96 (Accept AX response with only type.alias when no value is pre...) Status changed by Johnny.Bufu   -   Fixed in rev622. Thanks for finding the bug!
    Status: Fixed
    Fixed in rev622. Thanks for finding the bug!
    Status: Fixed
  • Sep 03, 2009
    r622 (Fixed validation of AX value parameters in combination with ...) committed by Johnny.Bufu   -   Fixed validation of AX value parameters in combination with the presence of count.alias.
    Fixed validation of AX value parameters in combination with the presence of count.alias.
  • Sep 03, 2009
    issue 98 (Claimed_id and identity equality check fail with default por...) Status changed by Johnny.Bufu   -   The normal form for HTTP(S) URLs does not contain the default ports (per RFC3986 Section 6.2.3). URL Claimed Identifiers are, by definition, normalized (http://openid.net/specs/ openid-authentication-2_0.html#terminology) An authentication response containing a claimed_id field with a non-normalized value is thus invalid, and verification failure is expected.
    Status: Invalid
    The normal form for HTTP(S) URLs does not contain the default ports (per RFC3986 Section 6.2.3). URL Claimed Identifiers are, by definition, normalized (http://openid.net/specs/ openid-authentication-2_0.html#terminology) An authentication response containing a claimed_id field with a non-normalized value is thus invalid, and verification failure is expected.
    Status: Invalid
  • Sep 03, 2009
    issue 98 (Claimed_id and identity equality check fail with default por...) reported by wim.vandenhaute   -   Issue being that in case the identity and claimed_id being set in the Authentication Response are both: https://foo.com:443/openid?id=xxx This results in the ConsumerManager.verify failing in verifyDiscovered2. Identifier respClaimed = _discovery.parseIdentifier(authResp.getClaimed(), true); This code will normalized the URI to https://foo.com/openid?id=xxx Whilst the identity has :443 still added.
    Issue being that in case the identity and claimed_id being set in the Authentication Response are both: https://foo.com:443/openid?id=xxx This results in the ConsumerManager.verify failing in verifyDiscovered2. Identifier respClaimed = _discovery.parseIdentifier(authResp.getClaimed(), true); This code will normalized the URI to https://foo.com/openid?id=xxx Whilst the identity has :443 still added.
  • Aug 27, 2009
    issue 97 (Provide source jar in Maven repository) Status changed by zhoushuqun   -  
    Status: Accepted
    Status: Accepted
  • Aug 27, 2009
    issue 97 (Provide source jar in Maven repository) reported by kohsuke.kawaguchi   -   Maven repository should contain *-sources.jar to assist the users of libraries, especially from IDE. If you are deploying releases without using maven-release-plugin, add "source:jar" to the goal list to do this.
    Maven repository should contain *-sources.jar to assist the users of libraries, especially from IDE. If you are deploying releases without using maven-release-plugin, add "source:jar" to the goal list to do this.
  • Aug 22, 2009
    Installation (How to install the package) Wiki page commented on by TanmayaMallik   -   which one to checkout. All the files n folders under trunk ???
    which one to checkout. All the files n folders under trunk ???
  • Aug 04, 2009
    issue 96 (Accept AX response with only type.alias when no value is pre...) reported by chandrika.tripathy   -   What steps will reproduce the problem? 1. Invoke yahoo.com openid flow, asking for AX data: openid.ax.type.Birth.date 2. Yahoo! only returns openid.ax.type.Birth.date:http://axschema.org/birthDate in the response, which causes openid4java to log this error and fail the transaction: org.openid4java.message.ax.AxPayload - Value missing for attribute alias: Birth.date What is the expected output? What do you see instead? It should accept these responses as not having values. What version of the product are you using? On what operating system? Please provide any additional information below.
    What steps will reproduce the problem? 1. Invoke yahoo.com openid flow, asking for AX data: openid.ax.type.Birth.date 2. Yahoo! only returns openid.ax.type.Birth.date:http://axschema.org/birthDate in the response, which causes openid4java to log this error and fail the transaction: org.openid4java.message.ax.AxPayload - Value missing for attribute alias: Birth.date What is the expected output? What do you see instead? It should accept these responses as not having values. What version of the product are you using? On what operating system? Please provide any additional information below.
  • Jul 20, 2009
    r621 (Updated version to 0.9.6-SNAPSHOT.) committed by Johnny.Bufu   -   Updated version to 0.9.6-SNAPSHOT.
    Updated version to 0.9.6-SNAPSHOT.
  • Jul 17, 2009
    r620 (Add method toString.) committed by zhoushuqun   -   Add method toString.
    Add method toString.
  • Jul 17, 2009
    r619 ([No log message]) committed by zhoushuqun   -   [No log message]
    [No log message]
  • Jul 17, 2009
    r618 (Add required options for SReg sample.) committed by zhoushuqun   -   Add required options for SReg sample.
    Add required options for SReg sample.
  • Jul 09, 2009
    ReleaseProcess (Release Process) Wiki page edited by zhoushuqun
  • Jul 09, 2009
    r616 (Move the gpg plugin settings to a profile.) committed by zhoushuqun   -   Move the gpg plugin settings to a profile.
    Move the gpg plugin settings to a profile.
  • Jul 07, 2009
    r615 (Session type is optional in association errors. http://code....) committed by Johnny.Bufu   -   Session type is optional in association errors. http://code.google.com/p/openid4java/issues/detail?id=95
    Session type is optional in association errors. http://code.google.com/p/openid4java/issues/detail?id=95
  • Jul 03, 2009
    issue 95 (Exception in AssociationResponse when Open ID Provider suppo...) commented on by j...@net-v.com   -   I've looked at the code and ConsumerManager assumes that a failed association response has a HttpStatus.SC_BAD_REQUEST as status, but I don't see this requirement in the specifications. According to me, a HttpStatus.SC_OK status is valid for a failed association response. I think the test should be if the error_code parameter is present. Another problem with failed association responses is that the AssociationError class lists session_type as a required field. According to the 2.0 specification, this field isn't required, but optional.
    I've looked at the code and ConsumerManager assumes that a failed association response has a HttpStatus.SC_BAD_REQUEST as status, but I don't see this requirement in the specifications. According to me, a HttpStatus.SC_OK status is valid for a failed association response. I think the test should be if the error_code parameter is present. Another problem with failed association responses is that the AssociationError class lists session_type as a required field. According to the 2.0 specification, this field isn't required, but optional.
  • Jun 24, 2009
    issue 95 (Exception in AssociationResponse when Open ID Provider suppo...) reported by j...@net-v.com   -   What steps will reproduce the problem? 1. Use an Open ID Provider that supports only stateless. 2. Use CustomerManager.associate to try to associate (it is not always known that the Open ID Provider only supports stateless, so trying to associate makes sense). 3. The Open ID Provider returns an error response with error_code and error parameters, see http://openid.net/specs/openid-authentication- 2_0.html 8.2.4 4. Message.validate throws an Exception that assoc_type is a required field because it is listed in the required fields of AssocationResponse What is the expected output? What do you see instead? An exception is thrown an logged, this is unnecessary: assoc_type isn't a required field for association responses, only for successful associations. ConsumerManager will however use stateless and continues. What version of the product are you using? On what operating system? 0.9.5 on Windows XP. Please provide any additional information below. AssociationResponse should be able to accept unsuccessful association responses. It should have a method to check whether or not the response was successful.
    What steps will reproduce the problem? 1. Use an Open ID Provider that supports only stateless. 2. Use CustomerManager.associate to try to associate (it is not always known that the Open ID Provider only supports stateless, so trying to associate makes sense). 3. The Open ID Provider returns an error response with error_code and error parameters, see http://openid.net/specs/openid-authentication- 2_0.html 8.2.4 4. Message.validate throws an Exception that assoc_type is a required field because it is listed in the required fields of AssocationResponse What is the expected output? What do you see instead? An exception is thrown an logged, this is unnecessary: assoc_type isn't a required field for association responses, only for successful associations. ConsumerManager will however use stateless and continues. What version of the product are you using? On what operating system? 0.9.5 on Windows XP. Please provide any additional information below. AssociationResponse should be able to accept unsuccessful association responses. It should have a method to check whether or not the response was successful.
  • Jun 21, 2009
    r614 (Add comment for getCredentials of proxy properties.) committed by zhoushuqun   -   Add comment for getCredentials of proxy properties.
    Add comment for getCredentials of proxy properties.
  • Jun 21, 2009
    r613 (Add NTCredentials authentication for the proxy of httpclient...) committed by zhoushuqun   -   Add NTCredentials authentication for the proxy of httpclient support.
    Add NTCredentials authentication for the proxy of httpclient support.
  • Jun 20, 2009
    LoggingConfiguration (Logging Configuration) Wiki page edited by Johnny.Bufu
  • Jun 18, 2009
    r611 (Merge the distribution management setting from branch.) committed by zhoushuqun   -   Merge the distribution management setting from branch.
    Merge the distribution management setting from branch.
  • Jun 18, 2009
    ReleaseProcess (Release Process) Wiki page edited by zhoushuqun
  • Jun 18, 2009
    ReleaseProcess (Release Process) Wiki page edited by zhoushuqun
  • Jun 18, 2009
    MavenHowTo (This is just for maven2 users) Wiki page edited by zhoushuqun
  • Jun 17, 2009
    issue 88 (Parsing KeyValue message with trailing newline fails) commented on by andrefcruz   -   Yes, the OP is probably to blame here (I have to find out which one it was). I just thought the extra trim wouldn't hurt if it meant working with more OPs.
    Yes, the OP is probably to blame here (I have to find out which one it was). I just thought the extra trim wouldn't hurt if it meant working with more OPs.
  • Jun 17, 2009
    issue 88 (Parsing KeyValue message with trailing newline fails) commented on by FrancoisWang   -   2 years ago, i believed it was a issue and modified the ParameterList class (you applied trim() to the string instead). http://code.google.com/p/openid4java/issues/detail?id=15&can=1#c9 But it was not an issue, and the reason there is an exception with an extra new line is because in the spec : "The line is terminated by a single newline" Spec : http://openid.net/specs/openid-authentication-2_0.html#anchor4 I had this problem because I used println() instead of print() to print the key-value form encoding response and an extra new line was added. So you got this exception because your OP did this mistake.
    2 years ago, i believed it was a issue and modified the ParameterList class (you applied trim() to the string instead). http://code.google.com/p/openid4java/issues/detail?id=15&can=1#c9 But it was not an issue, and the reason there is an exception with an extra new line is because in the spec : "The line is terminated by a single newline" Spec : http://openid.net/specs/openid-authentication-2_0.html#anchor4 I had this problem because I used println() instead of print() to print the key-value form encoding response and an extra new line was added. So you got this exception because your OP did this mistake.
 
Hosted by Google Code