| Issue 101: | OpenID authentication with Google Accounts fails | |
| Back to list |
Reported by Shawn Pearce <sop@google.com> on Tue Mar 10 15:17:14 PDT 2009 Source: JIRA GERRIT-101 Affected Version: 2.0.7 From http://groups.google.com/group/repo-discuss/browse_thread/thread/f7c01def834d86d6 Clicking "Sign-in with Google Accounts" at review.source.android.com is busted. It comes up with The page you requested is invalid. This appears to be true for all Gerrit installations using OpenID authentication. After much investigation today I learned that our Relying Party implementation, dyuproject, does not conform to the OpenID 2.0 draft specification. When performing discovery against an XRDS service such as Google Accounts, it fails to recognize the "server" type of service and does not send the magic "identifier_select" claimed identity. Last night or sometime this morning Google Accounts must have pushed a more strict version of their provider implementation, rejecting the requests we were sending.
Sep 24, 2009
#1
code-rev...@gtempaccount.com
Sep 24, 2009
Update by Shawn Pearce <sop@google.com> on Tue Mar 10 17:06:41 PDT 2009 Fixed in version 2.0.7.
Status:
Fixed
Sep 24, 2009
Comment by Shawn Pearce <sop@google.com> on Tue Mar 10 17:17:46 PDT 2009 Use https://code.google.com/p/gerrit/downloads/detail?name=gerrit-2.0.6-7-gdd95666.war (or later) if you still need OpenID authentication against Google Accounts and Gerrit 2.0.7 hasn't been released yet.
Sep 25, 2009
(No comment was entered for this change.)
Labels:
FixedIn-2.0.7
|
|
| ► Sign in to add a comment |